last executing test programs:

2.745072267s ago: executing program 2 (id=795):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000080)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000400)=""/106, 0x6a}], 0x1}}], 0x1, 0x40000041, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000240)=@x86={0x10, 0x8, 0x5, 0x0, 0x3, 0x2, 0x6, 0x1, 0x0, 0xca, 0x6, 0x1, 0x0, 0x278a, 0x4, 0x3, 0x7, 0x5, 0x10, '\x00', 0x28, 0x480000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000000000070000040"])

2.735091158s ago: executing program 0 (id=796):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f00000002c0)="9e", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback, 0xe}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000300)={0x0, 0x200002, 0x30}, 0xc)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000340)={0x0, 0x1}, 0x8)
sendmsg$inet6(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000380)='d', 0x1}], 0x1}, 0x8000)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000140)={0x0, 0x1, 0x20}, 0xc)
writev(r0, &(0x7f0000000100)=[{&(0x7f0000000240)=',', 0x34000}], 0x1)

2.420070832s ago: executing program 2 (id=798):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x1000c16, &(0x7f0000000500), 0xff, 0x260, &(0x7f0000000980)="$eJzs3U9IHFccB/DfzO7Wqkux7aVQ+gdKKa0g9lboxV5aEIpIKYW2YCmllxYtWKU37SmXHJJjSIKnXCTkFpNj8CK5JARyMokHcwkkkkMkhySwYXcU/LOJxl13gvP5wDoz+ub93jDzfSPiMAEUVl9EDEVEKSL6I6ISEcnWBh9nn76NzbnupbGIWu2Hh0mjXbad2dyvNyJmI+KriFhMk/irHDG98Mvq4+XvPjs+Vfn03MLP3R09yA1rqyvfr58dOXZx+Mvp6zfvjyQxFNVtx9V+SZPvlZOIdw6j2GsiKec9AvZj9L8Lt+q5fzciPmnkvxJpZCfvxOQbi5X44syL9j354Mb7nRwr0H61WqV+D5ytAYWTRkQ1knQgIrL1NB0YyH6Hv13qSf+emPy3/8+JqfE/8p6pgHapRqx8e7nrUu+O/N8rZfkHjqjsj1IrP47O36mvrJfyHhDQER9ki/r9v/+3mc9D/qFw5B+KS/6huOQfikv+4ehp9v+mzcg/FJf8Q3HJPxSX/ENxHTj/p54d3qCAjtiafwCgWGpdB3pquP0PIgMdl/f8AwAAAAAAAAAAAAAAAAAA7DbXvTS2+WlPj+U9W1w9HbH2TdZ0d/1S433EEW82vvY8Srb1mOyrwsv9+lGLHbTofM5PX791N9/61z7Mt/7MeMTs/xExWC43rr1tF1Sycf0d3Nt7/Lzye4sFXtHOdwN8/VNn6+/0dD7f+sPLEVfq889gs/knjfcay+bzT7V+/lqs/8+TFjsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgY54HAAD//7UiauA=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x101042, 0xf4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000140))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
ioctl$EXT4_IOC_MIGRATE(r0, 0x6609)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)

2.188058236s ago: executing program 3 (id=799):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_GET_WOWLAN(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x28}}, 0x0)
getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=@newlink={0x34, 0x10, 0x439, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r2, 0x10681, 0x20280}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}}, 0x20044002)
r3 = socket(0x10, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000180)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@ipv6_newaddr={0x2c, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r4}, [@IFA_LOCAL={0x14, 0x2, @ipv4}]}, 0x2c}}, 0x0)

1.92545588s ago: executing program 3 (id=802):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x0, 0x3}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x1}, 0x10)
sendmsg$tipc(r1, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x80)
r2 = dup3(r0, r1, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r2, 0x0, 0x0)

1.92055365s ago: executing program 2 (id=803):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0a000000070000000300000001"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r1, <r2=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)=r0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000020d0039000000000000b4a518110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r3}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x7, 0x3, &(0x7f0000000000)=@framed={{0x62, 0xa, 0x0, 0xffc4, 0x0, 0x71, 0x10, 0xb3}}, &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

1.712413193s ago: executing program 2 (id=804):
socket$inet_udp(0x2, 0x2, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00')
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socket$inet6(0x10, 0x2, 0x6)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0xc, 0x0, 0x9, 0x7ffffffd, 0xffffffffffffffff}, 0x0, 0x0)

1.591476685s ago: executing program 0 (id=813):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffb, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r2, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.434594747s ago: executing program 0 (id=815):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000feffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x15, 0x0, 0x0, 0x80ffffff}]})

1.338289789s ago: executing program 1 (id=807):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x54c, &(0x7f0000000fc0)="$eJzs3c9vI1cdAPDvTH443W6bXSgSVMAuUFjQau3E20ZVL+1eQKiqhKg4IA7bkHijEDsOsVOaEIlU/AkgFYkT/AkckDgg9cSBG0ckDgipHJAWiEAbJJCMZuxkvVmHdWvXZuPPR5qdefM8831vveP35tk7L4CJdTUiDiJiNiLeiIj5zv6ks8Qr7SV73b3D/ZWjw/2VJFqt1/+W5PnZvug6JvNk55xzEfH1r0R8O3k4bmN3b2O5Wq1sd9KlZm2r1Njdu7FeW16rrFU2y+WlxaWFF2++UB5aXa/UfnH3y+uvfuPXv/rUe787+NL3s2Jd7OR112MghQeT7arPnMTJTEfEq0MJNn5TnfXsmMvBB5NGxEci4rP59T8fU/m/TgDgPGu15qM1350GAM67NB8DS9JiRKRp/PBjWSeg2B7DeyYupNV6o3n9Tn1nc7U9VnYpZtI769XKwuXCH76b9xhmkiy9mOfl+Xm6fCp9MyIuR8SPC0/k6eJKvbo6tl4PAEy2J7vb/4j4ZyFNi8W+Du3xrR4A8NiYG3cBAICR0/4DwOTR/gPA5Omj/e982X/woZcFABgN9/8AMHneb/vvYU8A8Phz/w8AE+Vrr72WLa2jzvOvV9/c3dmov3ljtdLYKNZ2Voor9e2t4lq9vpY/s6f2qPNV6/Wtxedj561Ss9Jolhq7e7dr9Z3N5u38ud63KzMjqRUA8L9cvvLu75OIOHjpiXyJruF9bTWcb+m4CwCMzdQgB+sgwGPNbF8wufpqwvNOwm8/9LIA49HzYd5zPTcf9JP3EcTvjOD/yrVP9D/+72f/cL4Y/4fJ9cHG/18eejmA0TP+D5Or1UpOz/k/e5IFAJxLA/yEr/WDYXVCgLF61GTeQ/n+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM6ZixHxnUjSYj4XeJr9mRaLEU9FxKWYSe6sVysLEfF0XImImUKWXhx3oQGAAaV/STrzf12bf+7i6dzZ5F+FfB0R3/vp6++8tdxsbi9m+/9+sr9wPH1Y+f5xA8wrCAAMWd5+lzvrrhv5e4f7K8fLKMtz91b8pzMV8crR4X6+tHOmI9sZMZf3JS78I4npzjFzEfFsREwNIf7B2xHx8V71T/KxkUudmU+740cn9lMjjZ8+ED/N89rrrPP10SGUBSbNu7ci4pVe118aV/N17+t/Lv+EGtzdW+2THX/2HXXFn+5EmuoRP7vmr/Yb4/nffPWhna35dt7bEc9O94qfnMRPzoj/XJ/x//jJT//o5TPyWj+LuBa943fHKjVrW6XG7t6N9dryWmWtslkuLy0uLbx484VyKR+jLh2PVD/sry9df/qssmX1v3BG/Lme9Z89Ofbzfdb/5/9+41ufuZ8snI7/xc/1fv+f6Rm/LWsTv9Bn/OULvzxz+u4s/uoZ9X/U+3+9z/jv/Xlvtc+XAgAj0Njd21iuVivbA21kd6H9H/XOxb7PnBWxvxcfdxcHq86fYgh/G8PamBm4OuPamD7pKw73zN/Mzjji6qRDr8VAG/dGFWt8n0nAaNy/6MddEgAAAAAAAAAAAAAA4Cyj+K9L464jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA59d/AwAA///dAs1L")
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
setns(r2, 0x24020000)
umount2(&(0x7f0000000040)='.\x00', 0x2)
close_range(r0, 0xffffffffffffffff, 0x0)

1.183630992s ago: executing program 0 (id=808):
r0 = inotify_init1(0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000840)={0x2, 0x0, [{0x1, 0xba, &(0x7f0000000580)=""/186}, {0x8000000, 0x3c, &(0x7f0000000180)=""/60}]})
close_range(r0, 0xffffffffffffffff, 0x0)

1.036881903s ago: executing program 0 (id=809):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xe)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18}, '\x00'})
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r2, 0x0)
ioctl$PPPIOCSMRU1(r1, 0x40047452, &(0x7f0000000000)=0xfffffff7)

949.935475ms ago: executing program 3 (id=810):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0))
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000007c0)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r2}, &(0x7f0000000000), &(0x7f00000002c0)=r0}, 0x20)
close(0x3)

894.857056ms ago: executing program 1 (id=811):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x1000c16, &(0x7f0000000500), 0xff, 0x260, &(0x7f0000000980)="$eJzs3U9IHFccB/DfzO7Wqkux7aVQ+gdKKa0g9lboxV5aEIpIKYW2YCmllxYtWKU37SmXHJJjSIKnXCTkFpNj8CK5JARyMokHcwkkkkMkhySwYXcU/LOJxl13gvP5wDoz+ub93jDzfSPiMAEUVl9EDEVEKSL6I6ISEcnWBh9nn76NzbnupbGIWu2Hh0mjXbad2dyvNyJmI+KriFhMk/irHDG98Mvq4+XvPjs+Vfn03MLP3R09yA1rqyvfr58dOXZx+Mvp6zfvjyQxFNVtx9V+SZPvlZOIdw6j2GsiKec9AvZj9L8Lt+q5fzciPmnkvxJpZCfvxOQbi5X44syL9j354Mb7nRwr0H61WqV+D5ytAYWTRkQ1knQgIrL1NB0YyH6Hv13qSf+emPy3/8+JqfE/8p6pgHapRqx8e7nrUu+O/N8rZfkHjqjsj1IrP47O36mvrJfyHhDQER9ki/r9v/+3mc9D/qFw5B+KS/6huOQfikv+4ehp9v+mzcg/FJf8Q3HJPxSX/ENxHTj/p54d3qCAjtiafwCgWGpdB3pquP0PIgMdl/f8AwAAAAAAAAAAAAAAAAAA7DbXvTS2+WlPj+U9W1w9HbH2TdZ0d/1S433EEW82vvY8Srb1mOyrwsv9+lGLHbTofM5PX791N9/61z7Mt/7MeMTs/xExWC43rr1tF1Sycf0d3Nt7/Lzye4sFXtHOdwN8/VNn6+/0dD7f+sPLEVfq889gs/knjfcay+bzT7V+/lqs/8+TFjsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgY54HAAD//7UiauA=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x101042, 0xf4)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000140))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
ioctl$EXT4_IOC_MIGRATE(r0, 0x6609)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)

881.653236ms ago: executing program 0 (id=812):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000280)='./file1\x00', 0x8c0, &(0x7f0000000380)={[{@acl}, {@heartbeat_none}, {@data_writeback}, {@preferred_slot}, {@acl}, {@localflocks}, {@intr}, {@noacl}]}, 0x1, 0x442a, &(0x7f0000008940)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZM3cRObaNQQ6EmliZTSUmixptrGeNkusG3RhW1gMR56wFsTTyYejIdGE2+cGg5e65/gxWM9N9GDFxOTRszuzgIz7IaVsGDr53NgmOc3+5159pnD8MSJyp25pdzcUq6wkCvP3Fo6k/u4XFqeL4Z4nzTt/9D+9U97OnGdHPS190929fzFd2+cCeH72R+frK+vr4eq7tDU0Jbff/v13szWY0OcqVNtt3lre+WDEMLJbeOq6gohvP9dCFEI4VySNpoce0MIx0I978a9z27m9mg0Dx8Xz+afTt1fGz49ufpgrfXfHoXwVel/r92e//nFruGfXtmj7gEAAAAAAAAAAAAAAAAAeMaNX7t6/Z3BofAoCt2r0fb3dceTY6v3Y9f3zAud/2MBAAAAAAAAAAAAAAAAAADgb2rz/f9cdKLJ+/9jyXGkRf31tzo/Rjpn4u2rYxcGh5L936Nt+a8nSb+c6wr9TfZ9z+7/fi5Tv/n+79v72a3G+Br99oUoHkidx/HAQAjfJBu/n4qOxKXyUuXVW+Xlhdk9G8YzKx3/+u79qegkG/q3G//RTPud3///v9uupur5zb27xJ5r6fh3tSz37adRW/E/n6m3H/Fn99Lx766l9W4tMFKfAKrx/7x75/iPZdrvVPyPhxByUXWsudQMUF3DVNNbrVdIS8f/UC0tNXUmH2Sr+//3TPwvZNo/qPl/JftFRFPp+P+rltaTKrF5//fHO9//FzPtH0T8q+Nf8f3flnT8D9cTu1NFap9ku/P/eKb9TsX/epyM83iUugJWo3p6q/9XR1o6/j3b8jef/+K21n+XMvX36/mv0W/j+a8x/b8c1Z//aC4d/96W5dq9/ycy9To9/4/U1n/sVjr+R2pp6bVzX+1nu/GfzLTfqfjXViU9jfhvzid/HK6nf23915Z0/P9dT4y3llip/ayt/6Kd1/+XM+0fxPqvOv6VuLO9Pi/S8T/aslw1/j+08f1/JVOv8/EPYdBaf9fS8T/Wslzt/u/ZOf5TmXqdjv9LnWwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Bkwmhz7QhQPpM7jeGAghPPJ+alwJJouzOanS+WZj5ZCGEvSc+FEdLtUni6U8nML5dlivlAqlWdCuJDknww90VKpXMnPF+5e3GirN7pTLCxWpouFSghhPEn/fzjWaGt6rjJfuBtCuLSR95+4vHj3TmEhPzu3+Obg4OBgmNgYQ39U/KRSXKjUe6/nhjC5Ubcv2jK4WvbljbEcjT4sLy8uFEq19Ctb6pTKM4XSljpTSd4XoT+qLC4vzBQqxXypfLvR30EaSY5jE9feu3ZlaFv+zah+HN3fYQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFz0afuPLEEJ3/SwOIYw0fomalX/4uHg2/3Tq/trw6cnVB2tPWpUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+JMdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7NIxSgNBFAbgN2Ohdh7DatntbFcU0cIVwRPoMTyMHsVLeIcUKdKmCIFkFsJmF7ZJqu9rHszPzHswDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHme3ruPt7qJSHG1uYz4+/pfHOYvpf7cj9+/OMOMnM7za/fwWDfl39NRfleOlm3epevV92eM1N7vYE+G+7TX97menGtq36bm6/veRMpVRLQlv005V9W8twAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgyw4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRR9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD///4CHxA=")
r0 = open(&(0x7f0000002200)='./bus\x00', 0x60142, 0x0)
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
pwrite64(r1, &(0x7f0000000280)='+', 0x1, 0x0)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
copy_file_range(r2, 0x0, r0, &(0x7f00000000c0)=0x10000, 0x6, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8042, 0x0)
fallocate(r3, 0x0, 0x5, 0x3)

798.697867ms ago: executing program 1 (id=814):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, 0x0)
ioctl$IOMMU_DESTROY$stdev(r0, 0x3b80, 0x0)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000980)={0x48, 0x5, r1, 0x0, <r2=>0x0, 0x1})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000a00)={0x28, 0x7, r1, 0x0, &(0x7f00000a0000)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL', 0x1000})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES(r0, 0x3ba0, &(0x7f0000000a40)={0x48, 0x7, r2, 0x0, 0x0, 0x0, 0x0, 0x1000})
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000c00)={0x18, r1})

782.156707ms ago: executing program 3 (id=816):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000400), &(0x7f0000000040)='%+9llu \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = semget$private(0x0, 0x4, 0x589)
semtimedop(r2, &(0x7f0000000300)=[{0x3, 0xfff7, 0x1000}], 0x1, 0x0)
semctl$SETVAL(r2, 0x3, 0x10, &(0x7f0000000040)=0x4)

617.134891ms ago: executing program 2 (id=817):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback, 0x8000000}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000001c0)=@gcm_256={{0x304}, "1cc7b5f1bb6035fb", "2bcf95816f4c7b2c897beac0871b2cabcfd3c545646ccedfd3f3cb223c9180b8", "02a3cf23", "7f7fee182fd263c5"}, 0x38)
sendto$inet6(r0, &(0x7f00000001c0), 0xfffffffffffffede, 0x0, 0x0, 0x3000137)

616.17644ms ago: executing program 1 (id=825):
r0 = open(&(0x7f0000000180)='./file1\x00', 0xc8940, 0x58)
ftruncate(r0, 0x8002007ffb)
setfsgid(0xee01)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r1}, 0x10)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)

510.542572ms ago: executing program 3 (id=818):
ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r1 = syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace(0x8, r1)

203.713976ms ago: executing program 3 (id=819):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
syz_mount_image$xfs(&(0x7f0000009680), &(0x7f00000096c0)='./file0\x00', 0x0, &(0x7f00000000c0), 0x1, 0x96a4, &(0x7f0000012d80)="$eJzs3QW4ZXXBeP87TNBDS8gIEtLdodLdJYggXVICKp2iCChlYJCClAoioCAigoogSIiJCiIo0t3xf4aZkXFcoL7/9/2hrrWe5865Z5+99/2e72efve+MPuxNV9lwhYGBCQZGNfPAuJ12whFzL7PfyteesttDE1+32CH3jF48+aiHEaOfjhg0+nG8gYGB8UbvZ/Sy4Xtecul4A0NeXf5aE0840aBJBwYWHv10udGPS4x6mGLrMeu9Mk7jDnTUDzl05HdHj/p6tclG/oiR32y9y9Ujl00+1vYjN7n6796otE2XX3WV16z+6jbSaujo78f+Gjbqa4rNBwam2HSAj4+x1x30JrylkT9zuX1PvfrKN+Fn/8e16fKrrj6O/8jP4uDRy5YY+Rkf9zNobNzj/JkTrzxh9BQOGj1nQ8b5rPxHtOnyq6w18Prn+YFJj91y8CujzpvjD4y6UEw4MDAw0ejz6yRvtkv9/2vDjdfebOT5fszz0exDxpwL6LiYfdUbDxt5aIw6Tww/d8y1oKqqqv4zWn6FRVaE6/8EY36vpev/Uuftd13X/6qqqv/cVl9+hUVGXuvHuf5P8kbX//1uW3PLUf/2v9wSo7Z6+c19E1VVVfUvtcrqeP2f/I2u/8ses/bxXf+rqqr+c9tg7Vev/5OMc/2f+o2u/7M+sPulo9cb83vDS2PtctBY/3vCC2MtHzzW8ufHWj50rP2Mvf6wsZY/O9by8Ue+ButPPjAwfM/Ry198bfHwQwcGBmYevfy5sZaf/tr/T2fEkLGWnzHW8mFjLT9z9FhHLh9/rOXnjLX+BG8w1VVVVf82bbDIKisOjPX/sx+9eLoxr9P1/8DLb5rhzRpvVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXVf2IvP3TFVa/d8/3ggbHuXf3Xe1iP/u8CDrro6ltuedMG+u/RoL//7yEe+maP6f9vI50nOH/mgYHdN36zh1JvQv8x96qv/5Pyd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn9xr3P//+XGPG5x185bjF51qRWuGXr3a1uOGNh59HennXDE3Du/CWN/E/pvvf//wM6DBgZG+04+0nKd5TfYaM6BgYG7h16zwuIDf31tyZGvLTPl4IHBr24656t/Dh3xOnteetTDyINpYOq/7uOiV/e/+itnDB40ziDGaorLzj57p02fWXTcxzle/32MN+ab5+844KFXXnnllb9ZOLoJXmfjMfsf817GdR499jlHjn2BfXbbc4G999t/vp1323rH7XfcfveFF118icUXXnKpRRZbYIedd91+wVF/vs6czfzqn4P/mTmbZNw5e2j5seds3Pf2enM28xvP2at7nOCGBeYbM2dD/sU5G/zGczbzzqN/0IiBoQNbvTo1gwYGRgwZOrDvyCcLjT8wMGLo6HWnG7nuslOONzBw/GtvdOR34//1GBx06Mh1Nl1lwxVeG9nfv8O//5y+2uSjHsZM/ojRP2TEeKOGOPPAa4fi8D0vuXS8kXPxN9M88YQTDZp0YGDh0U+XG/241KiHySYds94r4zTuQEf9kJHnjkFHj/oatYORP2LkN09Pdd9sI8c7zvb/F/2Prv9/57XkoL9O1KDRX6PXGeW1/Kqrv/azXp2GkXM3ePSyJUaajDtn/5v93XhnHjLmYMDxrrL6CouMXDzO/I/ZBI+vow+Y6/pRx9ZyS4za6uX/MQqNd5I3GO/qy+N4J3mj8d48ywLjj9rV/9p4xznXrTXqxX/mXDfwxue6wbT99jeNGPdct+brD/FvPsdj5mj8cVZ6vXPd5DNddcjI/Q+88blurZFjH/o357rxBgZGDB5zrht54hs2dOD4kU8WHvlk/KED5458ssirTyYcuHrkk/m33WPX7UYumGDMnCw4cr/LTTnoVfc55zvunFdOeuWVIaPHcvrwvx3r6ONj5rGv58tPOWoyx2w7Zr8jVx2z3+WmGfXasNH7PeNf2O+YbWm8q0066rXxR+/3zHH2O/QN9jtm27/7PMw56K8nrtc536wyzvlm9O+4Y37c33wNG/U1xeYDA1NsSr7jrPsPz5n0+Z3gDca7/AqLrDhyfON8fv96ONLnd+g2ix40MDAw6aiPx/Bzx4z9X2zQ6413yBuPdwUY75A3Gu/0xx62zP/CeAfGGu/fHGdLjhh1rEww+jg75184fsdsO+55bOirr4467U/wz5zHZv6789hhg8cbZ7LH6vV+Z9sO1h/1/XR/3dvDw9e+f8zcDx1nv//od7ax3ssgOI9NPs7f5wbdftfAIJrzBc8etM3L/2DOhw787d8txsz5mG3faM7H/2fmfMY3nvN/9vfkOWcd9frQccY/9pxvtdie84yZ82Hj7Pcfzfn4b3zt+Ps5X25gKM35ekeOmrc3Op++3pyP2XbMnL/qP+WQgZUHBgZmGz3nw/6ZOZ/uf+c4nwjWH/X99n9ddNSGj8w7Zs7HneN/NOfD/tU5n/mvx/lsr742y3gDw4YN7Lv1PvvstdCoP8c8XXjUn3wuOvfwUfP8RtfS1zMas+0bfS6G/DNGk/9TRoP+kdEMQ17P6LWP1pZ3Prn///RcNORfNRrgc9EtF46atzf6vej15nzMtnQdnHqs7cf9e+gGa7/6e/ck41wHx2yC18Hb1p592zG7HL3ZS+MMc8x19YWxlg8ea/nzYy0fOtZ+xl5/2FjLnx1r+ci3MGys9cewTj7y77yjl7/42urDR/4ldebRy58ba/npr207Yqx/Mhh+xljLxzpFDj/ztUNjxFi/dg8/Z6z1X+9Qed3G/JvkzuOe5OufrX//d5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3Gvc///Q0c/Lnfe1ltuO/p2ckPvPXb4yW/2eN/k/qvv/z/a92/u/3/y8GPvHW/gr6+94f3ZR63zb3l/9iVGPUyx9Zj1xr0/+LgDHfVDXv/+7DvefNVu/4/uz/4/asxn9Z+4L17nf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+417n//9WjHw89fspLho2+EfrQ6W6Z4vk3e7xvcv/V9/8f7fs39/9/fopbphtv4K+vveH9/0et47j//9GnzTD83/n+/2M+q93/v/5B+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3kdAOrid5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3lL47v/z9o9OPA1asOu/jWkY8jn1+w14tnv9njfZP7b73//wTnzzwwsPvGb/ZQ6k2o87+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8tf3Oj7/w+Muv//mAYt13GBwf3//7N7Hf/l88cs/ivkj1n8V8wfs/ivlD9m8V85f8ziv0r+mMV/1fwxi/9q+WMW/9Xzxyz+a+SPWfzXzB+z+K+VP2bxXzt/zOK/Tv6YxX/d/DGL/3r5Yxb/9fPHLP4b5I9Z/DfMH7P4b5Q/ZvHfOH/M4r9J/pjF/z35Yxb/TfPHLP6b5Y9Z/N+bP2bx3zx/zOL/vvwxi/8W+WMW/y3zxyz+788fs/hvlT9m8d86f8ziv03+mMV/2/wxi/92+WMW/+3zxyz+O+SPWfx3zB+z+O+UP2bx3zl/zOK/S/6Yxf8D+WMW/13zxyz+u+WPWfx3zx+z+O+RP2bx3zN/zOL/wfwxi/9e+WMW/73zxyz+++SPWfw/lD9m8f9w/pjF/yP5Yxb/ffPHLP775Y9Z/PfPH7P4H5A/ZvE/MH/M4n9Q/pjF/+D8MYv/IfljFv9D88cs/oflj1n8D88fs/gfkT9m8f9o/pjF/8j8MYv/x/LHLP4fzx+z+B+VP2bx/0T+mMX/6Pwxi/8x+WMW/2Pzxyz+n8wfs/h/Kn/M4n9c/pjF//j8MYv/CfljFv8T88cs/iflj1n8P50/ZvH/TP6Yxf+z+WMW/8/lj1n8T84fs/h/Pn/M4v+F/DGL/xfzxyz+X8ofs/ifkj9m8T81f8zif1r+mMX/9Pwxi/8Z+WMW/zPzxyz+X84fs/iflT9m8T87f8zi/5X8MYv/OfljFv9z88cs/uflj1n8z88fs/hfkD9m8f9q/pjF/2v5Yxb/r+ePWfwvzB+z+F+UP2bx/0b+mMX/4vwxi/8388cs/pfkj1n8L80fs/hflj9m8f9W/pjF/9v5Yxb/y/PHLP5X5I9Z/L+TP2bxvzJ/zOL/3fwxi/9V+WMW/+/lj1n8r84fs/h/P3/M4n9N/pjF/9r8MYv/D/LHLP4/zB+z+P8of8zif13+mMX/x/ljFv/r88cs/jfkj1n8f5I/ZvG/MX/M4n9T/pjF/6f5Yxb/m/PHLP635I9Z/G/NH7P435Y/ZvH/Wf6Yxf/2/DGL/8/zxyz+v8gfs/j/Mn/M4v+r/DGL/6/zxyz+v8kfs/jfkT9m8f9t/pjF/3f5Yxb/3+ePWfzvzB+z+N+VP2bx/0P+mMX/7vwxi/8f88cs/vfkj1n8780fs/j/KX/M4v/n/DGL/335Yxb/v+SPWfzvzx+z+D+QP2bxfzB/zOL/UP6Yxf/h/DGL/yP5Yxb/R/PHLP6P5Y9Z/B/PH7P4P5E/ZvF/Mn/M4v9U/pjF/+n8MYv/M/ljFv9n88cs/s/lj1n8n88fs/i/kD9m8X8xf8zi/1L+mMX/5fwxi/8r+WMS/1e/zf/vs/gPyh+z+I+XP2bxH5w/ZvEfkj9m8R+aP2bxH5Y/ZvEfP3/M4j9B/pjFf8L8MYv/RPljFv+J88cs/pPkj1n8J80fs/gPzx+z+E+WP2bxnzx/zOI/Rf6YxX/K/DGL/1T5Yxb/qfPHLP7T5I9Z/N+SP2bxnzZ/zOI/Xf6YxX/6/DGL/wz5Yxb/t+aPWfxnzB+z+I/IH7P4vy1/zOI/U/6YxX/m/DGL/9vzxyz+s+SPWfxnzR+z+M+WP2bxnz1/zOL/jvwxi/8c+WMW/znzxyz+c+WPWfznzh+z+M+TP2bxnzd/zOI/X/6YxX/+/DGL/wL5Yxb/BfPHLP4L5Y9Z/BfOH7P4L5I/ZvFfNH/M4r9Y/pjFf/H8MYv/EvljFv8l88cs/kvlj1n8l84fs/gvkz9m8V82f8zi/878MYv/u/LHLP7vzh+z+C+XP2bxXz5/zOK/Qv6YxX/F/DGL/0r5Yxb/lfPHLP6r5I9Z/FfNH7P4r5Y/ZvFfPX/M4r9G/pjFf838MYv/WvljFv+188cs/uvkj1n8180fs/ivlz9m8V9/5Hsd+mYN6t83i/8Gff4xi/+G+WMW/43+kf+Q/+Nx/Ztm8d+4zz9m8d8kf8zi/578MYv/pvljFv/N8scs/u/NH7P4b54/ZvF/X/6YxX+L/DGL/5b5Yxb/9+ePWfy3yh+z+G+dP2bx3yZ/zOK/bf6YxX+7/DGL//b5Yxb/HfLHLP475o9Z/HfKH7P475w/ZvHfJX/M4v+B/DGL/675Yxb/3fLHLP67549Z/PfIH7P475k/ZvH/YP6YxX+v/DGL/975Yxb/ffLHLP4fyh+z+H84f8zi/5H8MYv/vvljFv/98scs/vvnj1n8D8gfs/gfmD9m8T8of8zif3D+mMX/kPwxi/+h+WMW/8Pyxyz+h+ePWfyPyB+z+H80f8zif2T+mMX/Y/ljFv+P549Z/I/KH7P4fyJ/zOJ/dP6Yxf+Y/DGL/7H5Yxb/T+aPWfw/lT9m8T8uf8zif3z+mMX/hPwxi/+J+WMW/5Pyxyz+n84fs/h/Jn/M4v/Z/DGL/+fyxyz+J+ePWfw/nz9m8f9C/pjF/4v5Yxb/L+WPWfxPyR+z+J+aP2bxPy1/zOJ/ev6Yxf+M/DGL/5n5Yxb/L+ePWfzPyh+z+J+dP2bx/0r+mMX/nPwxi/+5+WMW//Pyxyz+5+ePWfwvyB+z+H81f8zi/7X8MYv/1/PHLP4X5o9Z/C/KH7P4fyN/zOJ/cf6Yxf+b+WMW/0vyxyz+l+aPWfwvyx+z+H8rf8zi/+38MYv/5fljFv8r8scs/t/JH7P4X5k/ZvH/bv6Yxf+q/DGL//fyxyz+V+ePWfy/nz9m8b8mf8zif23+mMX/B/lj4/j/50/R6/j/MH/M8vn/Uf6Yxf+6/DGL/4/zxyz+1+ePWfxvyB+z+P8kf8zif2P+mMX/pvwxi/9P88cs/jfnj1n8b8kfs/jfmj9m8b8tf8zi/7P8MYv/7fljFv+f549Z/H+RP2bx/2X+mMX/V/ljFv9f549Z/H+TP2bxvyN/zOL/2/wxi//v8scs/r/PH7P435k/ZvG/K3/M4v+H/DGL/935Yxb/P+aPWfzvyR+z+N+bP2bx/1P+mMX/z/ljFv/78scs/n/JH7P4358/ZvF/IH/M4v9g/pjF/6H8MYv/w/ljFv9H8scs/o/mj1n8H8sfs/g/nj9m8X8if8zi/2T+mMX/qfwxi//T+WMW/2fyxyz+z+aPWfyfyx+z+D+fP2bxfyF/zOL/Yv6Yxf+l/DGL/8v5Yxb/V/LHJP6DB/LHLP6D8scs/uPlj1n8B+ePWfyH5I9Z/Ifmj1n8h+WPWfzHzx+z+E+QP2bxnzB/zOI/Uf6YxX/i/DGL/yT5Yxb/SfPHLP7D88cs/pPlj1n8J88fs/hPkT9m8Z8yf8ziP1X+mMV/6vwxi/80+WMW/7fkj1n8p80fs/hPlz9m8Z8+f8ziP0P+mMX/rfljFv8Z88cs/iPyxyz+b8sfs/jPlD9m8Z85f8zi//b8MYv/LPljFv9Z88cs/rPlj1n8Z88fs/i/I3/M4j9H/pjFf878MYv/XPljFv+588cs/vPkj1n8580fs/jPlz9m8Z8/f8ziv0D+mMV/wfwxi/9C+WMW/4Xzxyz+i+SPWfwXzR+z+C+WP2bxXzx/zOK/RP6YxX/J/DGL/1L5Yxb/pfPHLP7L5I9Z/JfNH7P4vzN/zOL/rvwxi/+788cs/svlj1n8l88fs/ivkD9m8V8xf8ziv1L+mMV/5fwxi/8q+WMW/1Xzxyz+q+WPWfxXzx+z+K+RP2bxXzN/zOK/Vv6YxX/t/DGL/zr5Yxb/dfPHLP7r5Y9Z/NfPH7P4b5A/ZvHfMH/M4r9R/pjFf+P8MYv/JvljFv/35I9Z/DfNH7P4b5Y/ZvF/b/6YxX/z/DGL//vyxyz+W+SPWfy3zB+z+L8/f8ziv1X+mMV/6/wxi/82+WMW/23zxyz+2+WPWfy3zx+z+O+QP2bx3zF/zOK/U/6YxX/n/DGL/y75Yxb/D+SPWfx3zR+z+O+WP2bx3z1/zOK/R/6YxX/P/DGL/wfzxyz+e+WPWfz3zh+z+O+TP2bx/1D+mMX/w/ljFv+P5I9Z/PfNH7P475c/ZvHfP3/M4n9A/pjF/8D8MYv/QfljFv+D88cs/ofkj1n8D80fs/gflj9m8T88f8zif0T+mMX/o/ljFv8j88cs/h/LH7P4fzx/zOJ/VP6Yxf8T+WMW/6Pzxyz+x+SPWfyPzR+z+H8yf8zi/6n8MYv/cfljFv/j88cs/ifkj1n8T8wfs/iflD9m8f90/pjF/zP5Yxb/z+aPWfw/lz9m8T85f8zi//n8MYv/F/LHLP5fzB+z+H8pf8zif0r+mMX/1Pwxi/9p+WMW/9Pzxyz+Z+SPWfzPzB+z+H85f8zif1b+mMX/7Pwxi/9X8scs/ufkj1n8z80fs/iflz9m8T8/f8zif0H+mMX/q/ljFv+v5Y9Z/L+eP2bxvzB/zOJ/Uf6Yxf8b+WMW/4vzxyz+38wfs/hfkj9m8b80f8zif1n+mMX/W/ljFv9v549Z/C/PH7P4X5E/ZvH/Tv6Yxf/K/DGL/3fzxyz+V+WPWfy/lz9m8b86f8zi//38MYv/NfljFv9r88cs/j/IH7P4/zB/zOL/o/wxi/91+WMW/x/nj1n8r88fs/jfkD9m8f9J/pjF/8b8MYv/TfljFv+f5o9Z/G/OH7P435I/ZvG/NX/M4n9b/pjF/2f5Yxb/2/PHLP4/zx+z+P8if8zi/8v8MYv/r/LHLP6/zh+z+P8mf8zif0f+mMX/t/ljFv/f5Y9Z/H+fP2bxvzN/zOJ/V/6Yxf8P+WMW/7vzxyz+f8wfs/jfkz9m8b83f8zi/6f8MYv/n/PHLP735Y9Z/P+SP2bxvz9/zOL/QP6Yxf/B/DGL/0P5Yxb/h/PHLP6P5I9Z/B/NH7P4P5Y/ZvF/PH/M4v9E/pjF/8n8MYv/U/ljFv+n88cs/s/kj1n8n80fs/g/lz9m8X8+f8zi/0L+mMX/xfwxi/9L+WMW/5fzxyz+r+SPSfyHDOSPWfwH5Y9Z/MfLH7P4D84fs/gPyR+z+A/NH7P4D8sfs/iPnz9m8Z8gf8ziP2H+mMV/ovwxi//E+WMW/0nyxyz+k+aPWfyH549Z/CfLH7P4T54/ZvGfIn/M4j9l/pjFf6r8MYv/1PljFv9p8scs/m/JH7P4T5s/ZvGfLn/M4j99/pjFf4b8MYv/W/PHLP4z5o9Z/Efkj1n835Y/ZvGfKX/M4j9z/pjF/+35Yxb/WfLHLP6z5o9Z/GfLH7P4z54/ZvF/R/6YxX+O/DGL/5z5Yxb/ufLHLP5z549Z/OfJH7P4z5s/ZvGfL3/M4j9//pjFf4H8MYv/gvljFv+F8scs/gvnj1n8F8kfs/gvmj9m8V8sf8ziv3j+mMV/ifwxi/+S+WMW/6Xyxyz+S+ePWfyXyR+z+C+bP2bxf2f+mMX/XfljFv93549Z/JfLH7P4L58/ZvFfIX/M4r9i/pjFf6X8MYv/yvljFv9V8scs/qvmj1n8V8sfs/ivnj9m8V8jf8ziv2b+mMV/rfwxi//a+WMW/3Xyxyz+6+aPWfzXyx+z+K+fP2bx3yB/zOK/Yf6YxX+j/DGL/8b5Yxb/TfLHLP7vyR+z+G+aP2bx3yx/zOL/3vwxi//m+WMW//flj1n8t8gfs/hvmT9m8X9//pjFf6v8MYv/1vljFv9t8scs/tvmj1n8t8sfs/hvnz9m8d8hf8ziv2P+mMV/p/wxi//O+WMW/13yxyz+H8gfs/jvmj9m8d8tf8ziv3v+mMV/j/wxi/+e+WMW/w/mj1n898ofs/jvnT9m8d8nf8zi/6H8MYv/h/PHLP4fyR+z+O+bP2bx3y9/zOK/f/6Yxf+A/DGL/4H5Yxb/g/LHLP4H549Z/A/JH7P4H5o/ZvE/LH/M4n94/pjF/4j8MYv/R/PHLP5H5o9Z/D+WP2bx/3j+mMX/qPwxi/8n8scs/kfnj1n8j8kfs/gfmz9m8f9k/pjF/1P5Yxb/4/LHLP7H549Z/E/IH7P4n5g/ZvE/KX/M4v/p/DGL/2fyxyz+n80fs/h/Ln/M4n9y/pjF//P5Yxb/L+SPWfy/mD9m8f9S/pjF/5T8MYv/qfljFv/T8scs/qfnj1n8z8gfs/ifmT9m8f9y/pjF/6z8MYv/2fljFv+v5I9Z/M/JH7P4n5s/ZvE/L3/M4n9+/pjF/4L8MYv/V/PHLP5fyx+z+H89f8zif2H+mMX/ovwxi/838scs/hfnj1n8v5k/ZvG/JH/M4n9p/pjF/7L8MYv/t/LHLP7fzh+z+F+eP2bxvyJ/zOL/nfwxi/+V+WMW/+/mj1n8r8ofs/h/L3/M4n91/pjF//v5Yxb/a/LHLP7X5o9Z/H+QP2bx/2H+mMX/R/ljFv/r8scs/j/OH7P4X58/ZvG/IX/M4v+T/DGL/435Yxb/m/LHLP4/zR+z+N+cP2bxvyV/zOJ/a/6Yxf+2/DGL/8/yxyz+t+ePWfx/nj9m8f9F/pjF/5f5Yxb/X+WPWfx/nT9m8f9N/pjF/478MYv/b/PHLP6/yx+z+P8+f8zif2f+mMX/rvwxi/8f8scs/nfnj1n8/5g/ZvG/J3/M4n9v/pjF/0/5Yxb/P+ePWfzvyx+z+P8lf8zif3/+mMX/gfwxi/+D+WMW/4fyxyz+D+ePWfwfyR+z+D+aP2bxfyx/zOL/eP6Yxf+J/DGL/5P5Yxb/p/LHLP5P549Z/J/JH7P4P5s/ZvF/Ln/M4v98/pjF/4X8MYv/i/ljFv+X8scs/i/nj1n8X8kfk/gPHcgfs/gPyh+z+I+XP2bxH5w/ZvEfkj9m8R+aP2bxH5Y/ZvEfP3/M4j9B/pjFf8L8MYv/RPljFv+J88cs/pPkj1n8J80fs/gPzx+z+E+WP2bxn1zkP+2/sK7FfwqR/7+SxX/K/DGL/1T5Yxb/qfPHLP7T5I9Z/N+SP2bxnzZ/zOI/Xf6YxX/6/DGL/wz5Yxb/t+aPWfxnzB+z+I/IH7P4vy1/zOI/U/6YxX/m/DGL/9vzxyz+s+SPWfxnzR+z+M+WP2bxnz1/zOL/jvwxi/8c+WMW/znzxyz+c+WPWfznzh+z+M+TP2bxnzd/zOI/X/6YxX/+/DGL/wL5Yxb/BfPHLP4L5Y9Z/BfOH7P4L5I/ZvFfNH/M4r9Y/pjFf/H8MYv/EvljFv8l88cs/kvlj1n8l84fs/gvkz9m8V82f8zi/878MYv/u/LHLP7vzh+z+C+XP2bxXz5/zOK/Qv6YxX/F/DGL/0r5Yxb/lfPHLP6r5I9Z/FfNH7P4r5Y/ZvFfPX/M4r9G/pjFf838MYv/WvljFv+188cs/uvkj1n8180fs/ivlz9m8V8/f8ziv0H+mMV/w/wxi/9G+WMW/43zxyz+m+SPWfzfkz9m8d80f8ziv1n+mMX/vfljFv/N88cs/u/LH7P4b5E/ZvHfMn/M4v/+/DGL/1b5Yxb/rfPHLP7b5I9Z/LfNH7P4b5c/ZvHfPn/M4r9D/pjFf8f8MYv/TvljFv+d88cs/rvkj1n8P5A/ZvHfNX/M4r9b/pjFf/f8MYv/HvljFv8988cs/h/MH7P475U/ZvHfO3/M4r9P/pjF/0P5Yxb/D+ePWfw/kj9m8d83f8ziv1/+mMV///wxi/8B+WMW/wPzxyz+B+WPWfwPzh+z+B+SP2bxPzR/zOJ/WP6Yxf/w/DGL/xH5Yxb/j+aPWfyPzB+z+H8sf8zi//H8MYv/UfljFv9P5I9Z/I/OH7P4H5M/ZvE/Nn/M4v/J/DGL/6fyxyz+x+WPWfyPzx+z+J+QP2bxPzH/v+tQkf9J+WMW/0/nj1n8P5M/ZvH/bP6Yxf9z+WMW/5Pzxyz+n88fs/h/IX/M4v/F/DGL/5fyxyz+p+SPWfxPzR+z+J+WP2bxPz1/zOJ/Rv6Yxf/M/DGL/5fzxyz+Z+WPWfzPzh+z+H8lf8zif07+mMX/3Pwxi/95+WMW//Pzxyz+F+SPWfy/mj9m8f9a/pjF/+v5Yxb/C/PHLP4X5Y9Z/L+RP2bxvzh/zOL/zfwxi/8l+WMW/0vzxyz+l+WPWfy/lT9m8f92/pjF//L8MYv/FfljFv/v5I9Z/K/MH7P4fzd/zOJ/Vf6Yxf97+WMW/6vzxyz+388fs/hfkz9m8b82f8zi/4P8MYv/D/PHLP4/yh+z+F+XP2bx/3H+mMX/+vwxi/8N+WMW/5/kj1n8b8wfs/jflD9m8f9p/pjF/+b8MYv/LfljFv9b88cs/rflj1n8f5Y/ZvG/PX/M4v/z/DGL/y/yxyz+v8wfs/j/Kn/M4v/r/DGL/2/yxyz+d+SPWfx/mz9m8f9d/pjF//f5Yxb/O/PHLP535Y9Z/P+QP2bxvzt/zOL/x/wxi/89+WMW/3vzxyz+f8ofs/j/OX/M4n9f/pjF/y/5Yxb/+/PHLP4P5I9Z/B/MH7P4P5Q/ZvF/OH/M4v9I/pjF/9H8MYv/Y/ljFv/H88cs/k/kj1n8n8wfs/g/lT9m8X86f8zi/0z+mMX/2fwxi/9z+WMW/+fzxyz+L+SPWfxfzB+z+L+UP2bxfzl/zOL/Sv6YxH/YQP6YxX9Q/pjFf7z8MYv/4Pwxi/+Q/DGL/9D8MYv/sPwxi//4+WMW/wnyxyz+E+aPWfwnyh+z+E+cP2bxnyR/zOI/af6YxX94/pjFf7L8MYv/5PljFv8p8scs/lPmj1n8p8ofs/hPnT9m8Z8mf8zi/5b8MYv/tPljFv/p8scs/tPnj1n8Z8gfs/i/NX/M4j9j/pjFf0T+mMX/bfljFv+Z8scs/jPnj1n8354/ZvGfJX/M4j9r/pjFf7b8MYv/7PljFv935I9Z/OfIH7P4z5k/ZvGfK3/M4j93/pjFf578MYv/vPljFv/58scs/vPnj1n8F8gfs/gvmD9m8V8of8ziv3D+mMV/kfyx/1L/8QfG8V80f+y/1P/VxvZfLH/M4r94/pjFf4n8MYv/kvljFv+l8scs/kvnj1n8l8kfs/gvmz9m8X9n/pjF/135Yxb/d+ePWfyXyx+z+C+fP2bxXyF/zOK/Yv6YxX+l/DGL/8r5Yxb/VfLHLP6r5o9Z/FfLH7P4r54/ZvFfI3/M4r9m/pjFf638MYv/2vljFv918scs/uvmj1n818sfs/ivnz9m8d8gf8ziv2H+mMV/o/wxi//G+WMW/03yxyz+78kfs/hvmj9m8d8sf8zi/978MYv/5vljFv/35Y9Z/LfIH7P4b5k/ZvF/f/6YxX+r/DGL/9b5Yxb/bfLHLP7b5o9Z/LfLH7P4b58/ZvHfIX/M4r9j/pjFf6f8MYv/zvljFv9d8scs/h/IH7P475o/ZvHfLX/M4r97/pjFf4/8MYv/nvljFv8P5o9Z/PfKH7P4750/ZvHfJ3/M4v+h/DGL/4fzxyz+H8kfs/jvmz9m8d8vf8ziv3/+mMX/gPwxi/+B+WMW/4Pyxyz+B+ePWfwPyR+z+B+aP2bxPyx/zOJ/eP6Yxf+I/DGL/0fzxyz+R+aPWfw/lj9m8f94/pjF/6j8MYv/J/LHLP5H549Z/I/JH7P4H5s/ZvH/ZP6Yxf9T+WMW/+Pyxyz+x+ePWfxPyB+z+J+YP2bxPyl/zOL/6fwxi/9n8scs/p/NH7P4fy5/zOJ/cv6Yxf/z+WMW/y/kj1n8v5g/ZvH/Uv6Yxf+U/DGL/6n5Yxb/0/LHLP6n549Z/M/IH7P4n5k/ZvH/cv6Yxf+s/DGL/9n5Yxb/r+SPWfzPyR+z+J+bP2bxPy9/zOJ/fv6Yxf+C/DGL/1fzxyz+X8sfs/h/PX/M4n9h/pjF/6L8MYv/N/LHLP4X549Z/L+ZP2bxvyR/zOJ/af6Yxf+y/DGL/7fyxyz+384fs/hfnj9m8b8if8zi/538MYv/lfljFv/v5o9Z/K/KH7P4fy9/zOJ/df6Yxf/7+WMW/2vyxyz+1+aPWfx/kD9m8f9h/pjF/0f5Yxb/6/LHLP4/zh+z+F+fP2bxvyF/zOL/k/wxi/+N+WMW/5vyxyz+P80fs/jfnD9m8b8lf8zif2v+mMX/tvwxi//P8scs/rfnj1n8f54/ZvH/Rf6Yxf+X+WMW/1/lj1n8f50/ZvH/Tf6Yxf+O/DGL/2/zxyz+v8sfs/j/Pn/M4n9n/pjF/678MYv/H/LHLP53549Z/P+YP2bxvyd/zOJ/b/6Yxf9P+WMW/z/nj1n878sfs/j/JX/M4n9//pjF/4H8MYv/g/ljFv+H8scs/g/nj1n8H8kfs/g/mj9m8X8sf8zi/3j+mMX/ifwxi/+T+WMW/6fyxyz+T+ePWfyfyR+z+D+bP2bxfy5/zOL/fP6Yxf+F/DGL/4v5Yxb/l/LHLP4v549Z/F/JH5P4jz+QP2bxH5Q/ZvEfL3/M4j84f8ziPyR/zOI/NH/M4j8sf8ziP37+mMV/gvwxi/+E+WMW/4nyxyz+E+ePWfwnyR+z+E+aP2bxH54/ZvGfLH/M4j95/pjFf4r8MYv/lPljFv+p8scs/lPnj1n8p8kfs/i/JX/M4j9t/pjFf7r8MYv/9PljFv8Z8scs/m/NH7P4z5g/ZvEfkT9m8X9b/pjFf6b8MYv/zPljFv+3549Z/GfJH7P4z5o/ZvGfLX/M4j97/pjF/x35Yxb/OfLHLP5z5o9Z/OfKH7P4z50/ZvGfJ3/M4j9v/pjFf778MYv//PljFv8F8scs/gvmj1n8F8ofs/gvnD9m8V8kf8ziv2j+mMV/sfwxi//i+WMW/yXyxyz+S+aPWfyXyh+z+C+dP2bxXyZ/zOK/bP6Yxf+d+WMW/3flj1n8350/ZvFfLn/M4r98/pjFf4X8MYv/ivljFv+V8scs/ivnj1n8V8kfs/ivmj9m8V8tf8ziv3r+mMV/jfwxi/+a+WMW/7Xyxyz+a+ePWfzXyR+z+K+bP2bxXy9/zOK/fv6YxX+D/DGL/4b5Yxb/jfLHLP4b549Z/DfJH7P4vyd/zOK/af6YxX+z/DGL/3vzxyz+m+ePWfzflz9m8d8if8ziv2X+mMX//fljFv+t8scs/lvnj1n8t8kfs/hvmz9m8d8uf8ziv33+mMV/h/wxi/+O+WMW/53yxyz+O+ePWfx3yR+z+H8gf8ziv2v+mMV/t/wxi//u+WMW/z3yxyz+e+aPWfw/mD9m8d8rf8ziv3f+mMV/n/wxi/+H8scs/h/OH7P4fyR/zOK/b/6YxX+//DGL//75Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/h/NH7P4H5k/ZvH/WP6Yxf/j+WMW/6Pyxyz+n8gfs/gfnT9m8T8mf8zif2z+mMX/k/ljFv9P5Y9Z/I/LH7P4H58/ZvE/IX/M4n9i/pjF/6T8MYv/p/PHLP6fyR+z+H82f8zi/7n8MYv/yfljFv/P549Z/L+QP2bx/2L+mMX/S/ljFv9T8scs/qfmj1n8T8sfs/ifnj9m8T8jf8zif2b+mMX/y/ljFv+z8scs/mfnj1n8v5I/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/l/NH7P4fy1/zOL/9fwxi/+F+WMW/4vyxyz+38gfs/hfnD9m8f9m/pjF/5L8MYv/pfljFv/L8scs/t/KH7P4fzt/zOJ/ef6Yxf+K/DGL/3fyxyz+V+aPWfy/mz9m8b8qf8zi/738MYv/1fljFv/v549Z/K/JH7P4X5s/ZvH/Qf6Yxf+H+WMW/x/lj1n8r8sfs/j/OH/M4n99/pjF/4b8MYv/T/LHLP435o9Z/G/KH7P4/zR/zOJ/c/6Yxf+W/DGL/635Yxb/2/LHLP4/yx+z+N+eP2bx/3n+mMX/F/ljFv9f5o9Z/H+VP2bx/3X+mMX/N/ljFv878scs/r/NH7P4/y5/zOL/+/wxi/+d+WMW/7vyxyz+f8gfs/jfnT9m8f9j/pjF/578MYv/vfljFv8/5Y9Z/P+cP2bxvy9/zOL/l/wxi//9+WMW/wfyxyz+D+aPWfwfyh+z+D+cP2bxfyR/zOL/aP6Yxf+x/DGL/+P5Yxb/J/LHLP5P5o9Z/J/KH7P4P50/ZvF/Jn/M4v9s/pjF/7n8MYv/8/ljFv8X8scs/i/mj1n8X8ofs/i/nD9m8X8lf0ziP8FA/pjFf1D+mMV/vPwxi//g/DGL/5D8MYv/0Pwxi/+w/DGL//j5Yxb/CfLHLP4T5o9Z/CfKH7P4T5w/ZvGfJH/M4j9p/pjFf3j+mMV/svwxi//k+WMW/ynyxyz+U+aPWfynyh+z+E+dP2bxnyZ/zOL/lvwxi/+0+WMW/+nyxyz+0+ePWfxnyB+z+L81f8ziP2P+mMV/RP6Yxf9t+WMW/5nyxyz+M+ePWfzfnj9m8Z8lf8ziP2v+mMV/tvwxi//s+WMW/3fkj1n858gfs/jPmT9m8Z8rf8ziP3f+mMV/nvwxi/+8+WMW//nyxyz+8+ePWfwXyB+z+C+YP2bxXyh/zOK/cP6YxX+R/DGL/6L5Yxb/xfLHLP6L549Z/JfIH7P4L5k/ZvFfKn/M4r90/pjFf5n8MYv/svljFv935o9Z/N+VP2bxf3f+mMV/ufwxi//y+WMW/xXyxyz+K+aPWfxXyh+z+K+cP2bxXyV/zOK/av6YxX+1/DGL/+r5Yxb/NfLHLP5r5o9Z/NfKH7P4r50/ZvFfJ3/M4r9u/pjFf738MYv/+vljFv8N8scs/hvmj1n8N8ofs/hvnD9m8d8kf8zi/578MYv/pvljFv/N8scs/u/NH7P4b54/ZvF/X/6YxX+L/DGL/5b5Yxb/9+ePWfy3yh+z+G+dP2bx3yZ/zOK/bf6YxX+7/DGL//b5Yxb/HfLHLP475o9Z/HfKH7P475w/ZvHfJX/M4v+B/DGL/675Yxb/3fLHLP67549Z/PfIH7P475k/ZvH/YP6YxX+v/DGL/975Yxb/ffLHLP4fyh+z+H84f8zi/5H8MYv/vvljFv/98scs/vvnj1n8D8gfs/gfmD9m8T8of8zif3D+mMX/kPwxi/+h+WMW/8Pyxyz+h+ePWfyPyB+z+H80f8zif2T+mMX/Y/ljFv+P549Z/I/KH7P4fyJ/zOJ/dP6Yxf+Y/DGL/7H5Yxb/T+aPWfw/lT9m8T8uf8zif3z+mMX/hPwxi/+J+WMW/5Pyxyz+n84fs/h/Jn/M4v/Z/DGL/+fyxyz+J+ePWfw/nz9m8f9C/pjF/4v5Yxb/L+WPWfxPyR+z+J+aP2bxPy1/zOJ/ev6Yxf+M/DGL/5n5Yxb/L+ePWfzPyh+z+J+dP2bx/0r+mMX/nPwxi/+5+WMW//Pyxyz+5+ePWfwvyB+z+H81f8zi/7X8MYv/1/PHLP4X5o9Z/C/KH7P4fyN/zOJ/cf6Yxf+b+WMW/0vyxyz+l+aPWfwvyx+z+H8rf8zi/+38MYv/5fljFv8r8scs/t/JH7P4X5k/ZvH/bv6Yxf+q/DGL//fyxyz+V+ePWfy/nz9m8b8mf8zif23+mMX/B/ljFv8f5o9Z/H+UP2bxvy5/zOL/4/wxi//1+WMW/xvyxyz+P8kfs/jfmD9m8b8pf8zi/9P8MYv/zfljFv9b8scs/rfmj1n8b8sfs/j/LH/M4n97/pjF/+f5Yxb/X+SPWfx/mT9m8f9V/pjF/9f5Yxb/3+SPWfzvyB+z+P82f8zi/7v8MYv/7/PHLP535o9Z/O/KH7P4/yF/zOJ/d/6Yxf+P+WMW/3vyxyz+9+aPWfz/lD9m8f9z/pjF/778MYv/X/LHLP73549Z/B/IH7P4P5g/ZvF/KH/M4v9w/pjF/5H8MYv/o/ljFv/H8scs/o/nj1n8n8gfs/g/mT9m8X8qf8zi/3T+mMX/mfwxi/+z+WMW/+fyxyz+z+ePWfxfyB+z+L+YP2bxfyl/zOL/cv6Yxf+V/DGJ/4QD+WMW/0H5Yxb/8fLHLP6D88cs/kPyxyz+Q/PHLP7D8scs/uPnj1n8J8gfs/hPmD9m8Z8of8ziP3H+mMV/kvwxi/+k+WMW/+H5Yxb/yfLHLP6T549Z/KfIH7P4T5k/ZvGfKn/M4j91/pjFf5r8MYv/W/LHLP7T5o9Z/KfLH7P4T58/ZvGfIX/M4v/W/DGL/4z5Yxb/EfljFv+35Y9Z/GfKH7P4z5w/ZvF/e/6YxX+W/DGL/6z5Yxb/2fLHLP6z549Z/N+RP2bxnyN/zOI/Z/6YxX+u/DGL/9z5Yxb/efLHLP7z5o9Z/OfLH7P4z58/ZvFfIH/M4r9g/pjFf6H8MYv/wvljFv9F8scs/ovmj1n8F8sfs/gvnj9m8V8if8ziv2T+mMV/qfwxi//S+WMW/2Xyxyz+y+aPWfzfmT9m8X9X/pjF/935Yxb/5fLHLP7L549Z/FfIH7P4r5g/ZvFfKX/M4r9y/pjFf5X8MYv/qvljFv/V8scs/qvnj1n818gfs/ivmT9m8V8rf8ziv3b+mMV/nfwxi/+6+WMW//Xyxyz+6+ePWfw3yB+z+G+YP2bx3yh/zOK/cf6YxX+T/DGL/3vyxyz+m+aPWfw3yx+z+L83f8ziv3n+mMX/ffljFv8t8scs/lvmj1n8358/ZvHfKn/M4r91/pjFf5v8MYv/tvljFv/t8scs/tvnj1n8d8gfs/jvmD9m8d8pf8ziv3P+mMV/l/wxi/8H8scs/rvmj1n8d8sfs/jvnj9m8d8jf8ziv2f+mMX/g/ljFv+98scs/nvnj1n898kfs/h/KH/M4v/h/DGL/0fyxyz+++aPWfz3yx+z+O+fP2bxPyB/zOJ/YP6Yxf+g/DGL/8H5Yxb/Q/LHLP6H5o9Z/A/LH7P4H54/ZvE/In/M4v/R/DGL/5H5Yxb/j+WPWfw/nj9m8T8qf8zi/4n8MYv/0fljFv9j8scs/sfmj1n8P5k/ZvH/VP6Yxf+4/DGL//H5Yxb/E/LHLP4n5o9Z/E/KH7P4fzp/zOL/mfwxi/9n88cs/p/LH7P4n5w/ZvH/fP6Yxf8L+WMW/y/mj1n8v5Q/ZvE/JX/M4n9q/pjF/7T8MYv/6fljFv8z8scs/mfmj1n8v5w/ZvE/K3/M4n92/pjF/yv5Yxb/c/LHLP7n5o9Z/M/LH7P4n58/ZvG/IH/M4v/V/DGL/9fyxyz+X88fs/hfmD9m8b8of8zi/438MYv/xfljFv9v5o9Z/C/JH7P4X5o/ZvG/LH/M4v+t/DGL/7fzxyz+l+ePWfyvyB+z+H8nf8zif2X+mMX/u/ljFv+r8scs/t/LH7P4X50/ZvH/fv6Yxf+a/DGL/7X5Yxb/H+SPWfx/mD9m8f9R/pjF/7r8MYv/j/PHLP7X549Z/G/IH7P4/yR/zOJ/Y/6Yxf+m/DGL/0/zxyz+N+ePWfxvyR+z+N+aP2bxvy1/zOL/s/wxi//t+WMW/5/nj1n8f5E/ZvH/Zf6Yxf9X+WMW/1/nj1n8f5M/ZvG/I3/M4v/b/DGL/+/yxyz+v88fs/jfmT9m8b8rf8zi/4f8MYv/3fljFv8/5o9Z/O/JH7P435s/ZvH/U/6Yxf/P+WMW//vyxyz+f8kfs/jfnz9m8X8gf8zi/2D+mMX/ofwxi//D+WMW/0fyxyz+j+aPWfwfyx+z+D+eP2bxfyJ/zOL/ZP6Yxf+p/DGL/9P5Yxb/Z/LHLP7P5o9Z/J/LH7P4P58/ZvF/IX/M4v9i/pjF/6X8MYv/y/ljFv9X8sck/hMN5I9Z/Aflj1n8x8sfs/gPzh+z+A/JH7P4D80fs/gPyx+z+I+fP2bxnyB/zOI/Yf6YxX+i/DGL/8T5Yxb/SfLHLP6T5o9Z/Ifnj1n8J8sfs/hPnj9m8Z8if8ziP2X+mMV/qvwxi//U+WMW/2nyxyz+b8kfs/hPmz9m8Z8uf8ziP33+mMV/hvwxi/9b88cs/jPmj1n8R+SPWfzflj9m8Z8pf8ziP3P+mMX/7fljFv9Z8scs/rPmj1n8Z8sfs/jPnj9m8X9H/pjFf478MYv/nPljFv+58scs/nPnj1n858kfs/jPmz9m8Z8vf8ziP3/+mMV/gfwxi/+C+WMW/4Xyxyz+C+ePWfwXyR+z+C+aP2bxXyx/zOK/eP6YxX+J/DGL/5L5Yxb/pfLHLP5L549Z/JfJH7P4L5s/ZvF/Z/6Yxf9d+WMW/3fnj1n8l8sfs/gvnz9m8V8hf8ziv2L+mMV/pfwxi//K+WMW/1Xyxyz+q+aPWfxXyx+z+K+eP2bxXyN/zOK/Zv6YxX+t/DGL/9r5Yxb/dfLHLP7r5o9Z/NfLH7P4r58/ZvHfIH/M4r9h/pjFf6P8MYv/xvljFv9N8scs/u/JH7P4b5o/ZvHfLH/M4v/e/DGL/+b5Yxb/9+WPWfy3yB+z+G+ZP2bxf3/+mMV/q/wxi//W+WMW/23yxyz+2+aPWfy3yx+z+G+fP2bx3yF/zOK/Y/6YxX+n/DGL/875Yxb/XfLHLP4fyB+z+O+aP2bx3y1/zOK/e/6YxX+P/DGL/575Yxb/D+aPWfz3yh+z+O+dP2bx3yd/zOL/ofwxi/+H88cs/h/JH7P475s/ZvHfL3/M4r9//pjF/4D8MYv/gfljFv+D8scs/gfnj1n8D8kfs/gfmj9m8T8sf8zif3j+mMX/iPwxi/9H88cs/kfmj1n8P5Y/ZvH/eP6Yxf+o/DGL/yfyxyz+R+ePWfyPyR+z+B+bP2bx/2T+mMX/U/ljFv/j8scs/sfnj1n8T8gfs/ifmD9m8T8pf8zi/+n8MYv/Z/LHLP6fzR+z+H8uf8zif3L+mMX/8/ljFv8v5I9Z/L+YP2bx/1L+mMX/lPwxi/+p+WMW/9Pyxyz+p+ePWfzPyB+z+J+ZP2bx/3L+mMX/rPwxi//Z+WMW/6/kj1n8z8kfs/ifmz9m8T8vf8zif37+mMX/gvwxi/9X88cs/l/LH7P4fz1/zOJ/Yf6Yxf+i/DGL/zfyxyz+F+ePWfy/mT9m8b8kf8zif2n+mMX/svwxi/+38scs/t/OH7P4X54/ZvG/In/M4v+d/DGL/5X5Yxb/7+aPWfyvyh+z+H8vf8zif3X+mMX/+/ljFv9r8scs/tfmj1n8f5A/ZvH/Yf6Yxf9H+WMW/+vyxyz+P84fs/hfnz9m8b8hf8zi/5P8MYv/jfljFv+b8scs/j/NH7P435w/ZvG/JX/M4n9r/pjF/7b8MYv/z/LHLP63549Z/H+eP2bx/0X+mMX/l/ljFv9f5Y9Z/H+dP2bx/03+mMX/jvwxi/9v88cs/r/LH7P4/z5/zOJ/Z/6Yxf+u/DGL/x/yxyz+d+ePWfz/mD9m8b8nf8zif2/+mMX/T/ljFv8/549Z/O/LH7P4/yV/zOJ/f/6Yxf+B/DGL/4P5Yxb/h/LHLP4P549Z/B/JH7P4P5o/ZvF/LH/M4v94/pjF/4n8MYv/k/ljFv+n8scs/k/nj1n8n8kfs/g/mz9m8X8uf8zi/3z+mMX/hfwxi/+L+WMW/5fyxyz+L+ePWfxfyR+T+E88kD9m8R+UP2bxHy9/zOI/OH/M4j8kf8ziPzR/zOI/LH/M4j9+/pjFf4L8MYv/hPljFv+J8scs/hPnj1n8J8kfs/hPmj9m8R+eP2bxnyx/zOI/ef6YxX+K/DGL/5T5Yxb/qfLHLP5T549Z/KfJH7P4vyV/zOI/bf6YxX+6/DGL//T5Yxb/GfLHLP5vfV3/rf7fjOvfNIv/jH3+MYv/iPwxi//b8scs/jPlj1n8Z84fs/i/PX/M4j9L/pjFf9b8MYv/bPljFv/Z88cs/u/IH7P4z5E/ZvGfM3/M4j9X/pjFf+78MYv/PPljFv9588cs/vPlj1n8588fs/gvkD9m8V8wf8ziv1D+mMV/4fwxi/8i+WMW/0Xzxyz+i+WPWfwXzx+z+C+RP2bxXzJ/zOK/VP6YxX/p/DGL/zL5Yxb/ZfPHLP7vzB+z+L8rf8zi/+78MYv/cvljFv/l88cs/ivkj1n8V8wfs/ivlD9m8V85f8ziv0r+mMV/1fwxi/9q+WMW/9Xzxyz+a+SPWfzXzB+z+K+VP2bxXzt/zOK/Tv6YxX/d/DGL/3r5Yxb/9fPHLP4b5I9Z/DfMH7P4b5Q/ZvHfOH/M4r9J/pjF/z35Yxb/TfPHLP6b5Y9Z/N+bP2bx3zx/zOL/vvwxi/8W+WMW/y3zxyz+788fs/hvlT9m8d86f8ziv03+mMV/2/wxi/92+WMW/+3zxyz+O+SPWfx3zB+z+O+UP2bx3zl/zOK/S/6Yxf8D+WMW/13zxyz+u+WPWfx3zx+z+O+RP2bx3zN/zOL/wfwxi/9e+WMW/73zxyz+++SPWfw/lD9m8f9w/pjF/yP5Yxb/ffPHLP775Y9Z/PfPH7P4H5A/ZvE/MH/M4n9Q/pjF/+D8MYv/IfljFv9D88cs/oflj1n8D88fs/gfkT9m8f9o/pjF/8j8MYv/x/LHLP4fzx+z+B+VP2bx/0T+mMX/6Pwxi/8x+WMW/2Pzxyz+n8wfs/h/Kn/M4n9c/pjF//j8MYv/CfljFv8T88cs/iflj1n8P50/ZvH/TP6Yxf+z+WMW/8/lj1n8T84fs/h/Pn/M4v+F/DGL/xfzxyz+X8ofs/ifkj9m8T81f8zif1r+mMX/9Pwxi/8Z+WMW/zPzxyz+X84fs/iflT9m8T87f8zi/5X8MYv/OfljFv9z88cs/uflj1n8z88fs/hfkD9m8f9q/pjF/2v5Yxb/r+ePWfwvzB+z+F+UP2bx/0b+mMX/4vwxi/8388cs/pfkj1n8L80fs/hflj9m8f9W/pjF/9v5Yxb/y/PHLP5X5I9Z/L+TP2bxvzJ/zOL/3fwxi/9V+WMW/+/lj1n8r84fs/h/P3/M4n9N/pjF/9r8MYv/D/LHLP4/zB+z+P8of8zif13+mMX/x/ljFv/r88cs/jfkj1n8f5I/ZvG/MX/M4n9T/pjF/6f5Yxb/m/PHLP635I9Z/G/NH7P435Y/ZvH/Wf6Yxf/2/DGL/8/zxyz+v8gfs/j/Mn/M4v+r/DGL/6/zxyz+v8kfs/jfkT9m8f9t/pjF/3f5Yxb/3+ePWfzvzB+z+N+VP2bx/0P+mMX/7vwxi/8f88cs/vfkj1n8780fs/j/KX/M4v/n/DGL/335Yxb/v+SPWfzvzx+z+D+QP2bxfzB/zOL/UP6Yxf/h/DGL/yP5Yxb/R/PHLP6P5Y9Z/B/PH7P4P5E/ZvF/Mn/M4v9U/pjF/+n8MYv/M/ljFv9n88cs/s/lj1n8n88fs/i/kD9m8X8xf8zi/1L+mMX/5fwxi/8r+WMS/0kG8scs/oPyxyz+4+WPWfwH549Z/Ifkj1n8h+aPWfyH5Y9Z/MfPH7P4T5A/ZvGfMH/M4j9R/pjFf+L8MYv/JPljFv9J88cs/sPzxyz+k+WPWfwnzx+z+E+RP2bxnzJ/zOI/Vf6YxX/q/DGL/zT5Yxb/t+SPWfynzR+z+E+XP2bxnz5/zOI/Q/6Yxf+t+WMW/xnzxyz+I/LHLP5vyx+z+M+UP2bxnzl/zOL/9vwxi/8s+WMW/1nzxyz+s+WPWfxnzx+z+L8jf8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+M+XP2bxnz9/zOK/QP6YxX/B/DGL/0L5Yxb/hfPHLP6L5I9Z/BfNH7P4L5Y/ZvFfPH/M4r9E/pjFf8n8MYv/UvljFv+l88cs/svkj1n8l80fs/i/M3/M4v+u/DGL/7vzxyz+y+WPWfyXzx+z+K+QP2bxXzF/zOK/Uv6YxX/l/DGL/yr5Yxb/VfPHLP6r5Y9Z/FfPH7P4r5E/ZvFfM3/M4r9W/pjFf+38MYv/OvljFv9188cs/uvlj1n8188fs/hvkD9m8d8wf8ziv1H+mMV/4/wxi/8m+WMW//fkj1n8N80fs/hvlj9m8X9v/pjFf/P8MYv/+/LHLP5b5I9Z/LfMH7P4vz9/zOK/Vf6YxX/r/DGL/zb5Yxb/bfPHLP7b5Y9Z/LfPH7P475A/ZvHfMX/M4r9T/pjFf+f8MYv/LvljFv8P5I9Z/HfNH7P475Y/ZvHfPX/M4r9H/pjFf8/8MYv/B/PHLP575Y9Z/PfOH7P475M/ZvH/UP6Yxf/D+WMW/4/kj1n8980fs/jvlz9m8d8/f8zif0D+mMX/wPwxi/9B+WMW/4Pzxyz+h+SPWfwPzR+z+B+WP2bxPzx/zOJ/RP6Yxf+j+WMW/yPzxyz+H8sfs/h/PH/M4n9U/pjF/xP5Yxb/o/PHLP7H5I9Z/I/NH7P4fzJ/zOL/qfwxi/9x+WMW/+Pzxyz+J+SPWfxPzB+z+J+UP2bx/3T+mMX/M/ljFv/P5o9Z/D+XP2bxPzl/zOL/+fwxi/8X8scs/l/MH7P4fyl/zOJ/Sv6Yxf/U/DGL/2n5Yxb/0/PHLP5n5I9Z/M/MH7P4fzl/zOJ/Vv6Yxf/s/DGL/1fyxyz+5+SPWfzPzR+z+J+XP2bxPz9/zOJ/Qf6Yxf+r+WMW/6/lj1n8v54/ZvG/MH/M4n9R/pjF/xv5Yxb/i/PHLP7fzB+z+F+SP2bxvzR/zOJ/Wf6Yxf9b+WMW/2/nj1n8L88fs/hfkT9m8f9O/pjF/8r8MYv/d/PHLP5X5Y9Z/L+XP2bxvzp/zOL//fwxi/81+WMW/2vzxyz+P8gfs/j/MH/M4v+j/DGL/3X5Yxb/H+ePWfyvzx+z+N+QP2bx/0n+mMX/xvwxi/9N+WMW/5/mj1n8b84fs/jfkj9m8b81f8zif1v+mMX/Z/ljFv/b88cs/j/PH7P4/yJ/zOL/y/wxi/+v8scs/r/OH7P4/yZ/zOJ/R/6Yxf+3+WMW/9/lj1n8f58/ZvG/M3/M4n9X/pjF/w/5Yxb/u/PHLP5/zB+z+N+TP2bxvzd/zOL/p/wxi/+f88cs/vflj1n8/5I/ZvG/P3/M4v9A/pjF/8H8MYv/Q/ljFv+H88cs/o/kj1n8H80fs/g/lj9m8X88f8zi/0T+mMX/yfwxi/9T+WMW/6fzxyz+z+SPWfyfzR+z+D+XP2bxfz5/zOL/Qv6Yxf/F/DGL/0v5Yxb/l/PHLP6v5I9J/CcdyB+z+A/KH7P4j5c/ZvEfnD9m8R+SP2bxH5o/ZvEflj9m8R8/f8ziP0H+mMV/wvwxi/9E+WMW/4nzxyz+k+SPWfwnzR+z+A//h/6T/d+O6980i/9kff4xi//k+WMW/ynyxyz+U+aPWfynyh+z+E+dP2bxnyZ/zOL/lvwxi/+0+WMW/+nyxyz+0+ePWfxnyB+z+L81f8ziP2P+mMV/RP6Yxf9t+WMW/5nyxyz+M+ePWfzfnj9m8Z8lf8ziP2v+mMV/tvwxi//s+WMW/3fkj1n858gfs/jPmT9m8Z8rf8ziP3f+mMV/nvwxi/+8+WMW//nyxyz+8+ePWfwXyB+z+C+YP2bxXyh/zOK/cP6YxX+R/DGL/6L5Yxb/xfLHLP6L549Z/JfIH7P4L5k/ZvFfKn/M4r90/pjFf5n8MYv/svljFv935o9Z/N+VP2bxf3f+mMV/ufwxi//y+WMW/xXyxyz+K+aPWfxXyh+z+K+cP2bxXyV/zOK/av6YxX+1/DGL/+r5Yxb/NfLHLP5r5o9Z/NfKH7P4r50/ZvFfJ3/M4r9u/pjFf738MYv/+vljFv8N8scs/hvmj1n8N8ofs/hvnD9m8d8kf8zi/578MYv/pvljFv/N8scs/u/NH7P4b54/ZvF/X/6YxX+L/DGL/5b5Yxb/9+ePWfy3yh+z+G+dP2bx3yZ/zOK/bf6YxX+7/DGL//b5Yxb/HfLHLP475o9Z/HfKH7P475w/ZvHfJX/M4v+B/DGL/675Yxb/3fLHLP67549Z/PfIH7P475k/ZvH/YP6YxX+v/DGL/975Yxb/ffLHLP4fyh+z+H84f8zi/5H8MYv/vvljFv/98scs/vvnj1n8D8gfs/gfmD9m8T8of8zif3D+mMX/kPwxi/+h+WMW/8Pyxyz+h+ePWfyPyB+z+H80f8zif2T+mMX/Y/ljFv+P549Z/I/KH7P4fyJ/zOJ/dP6Yxf+Y/DGL/7H5Yxb/T+aP/df7nzXyN7+BST+VP/Zf7z+qSY/LH7P4H58/ZvE/IX/M4n9i/pjF/6T8MYv/p/PHLP6fyR+z+H82f8zi/7n8MYv/yfljFv/P549Z/L+QP2bx/2L+mMX/S/ljFv9T8scs/qfmj1n8T8sfs/ifnj9m8T8jf8zif2b+mMX/y/ljFv+z8scs/mfnj1n8v5I/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/l/NH7P4fy1/zOL/9fwxi/+F+WMW/4vyxyz+38gfs/hfnD9m8f9m/pjF/5L8MYv/pfljFv/L8scs/t/KH7P4fzt/zOJ/ef6Yxf+K/DGL/3fyxyz+V+aPWfy/mz9m8b8qf8zi/738MYv/1fljFv/v549Z/K/JH7P4X5s/ZvH/Qf6Yxf+H+WMW/x/lj1n8r8sfs/j/OH/M4n99/pjF/4b8MYv/T/LHLP435o9Z/G/KH7P4/zR/zOJ/c/6Yxf+W/DGL/635Yxb/2/LHLP4/yx+z+N+eP2bx/3n+mMX/F/ljFv9f5o9Z/H+VP2bx/3X+mMX/N/ljFv878scs/r/NH7P4/y5/zOL/+/wxi/+d+WMW/7vyxyz+f8gfs/jfnT9m8f9j/pjF/578MYv/vfljFv8/5Y9Z/P+cP2bxvy9/zOL/l/wxi//9+WMW/wfyxyz+D+aPWfwfyh+z+D+cP2bxfyR/zOL/aP6Yxf+x/DGL/+P5Yxb/J/LHLP5P5o9Z/J/KH7P4P50/ZvF/Jn/M4v9s/pjF/7n8MYv/8/ljFv8X8scs/i/mj1n8X8ofs/i/nD9m8X8lf0ziP3wgf8ziPyh/zOI/Xv6YxX9w/pjFf0j+mMV/aP6YxX9Y/pjFf/z8MYv/BPljFv8J88cs/hPlj1n8J84fs/hPkj9m8Z80f8ziPzx/zOI/Wf6YxX/y/DGL/xT5Yxb/KfPHLP5T5Y9Z/KfOH7P4T5M/ZvF/S/6YxX/a/DGL/3T5Yxb/6fPHLP4z5I9Z/N+aP2bxnzF/zOI/In/M4v+2/DGL/0z5Yxb/mfPHLP5vzx+z+M+SP2bxnzV/zOI/W/6YxX/2/DGL/zvyxyz+c+SPWfznzB+z+M+VP2bxnzt/zOI/T/6YxX/e/DGL/3z5Yxb/+fPHLP4L5I9Z/BfMH7P4L5Q/ZvFfOH/M4r9I/pjFf9H8MYv/YvljFv/F88cs/kvkj1n8l8wfs/gvlT9m8V86f8ziv0z+mMV/2fwxi/8788cs/u/KH7P4vzt/zOK/XP6YxX/5/DGL/wr5Yxb/FfPHLP4r5Y9Z/FfOH7P4r5I/ZvFfNX/M4r9a/pjFf/X8MYv/GvljFv8188cs/mvlj1n8184fs/ivkz9m8V83f8ziv17+mMV//fwxi/8G+WMW/w3zxyz+G+WPWfw3zh+z+G+SP2bxf0/+mMV/0/wxi/9m+WMW//fmj1n8N88fs/i/L3/M4r9F/pjFf8v8MYv/+/PHLP5b5Y9Z/LfOH7P4b5M/ZvHfNn/M4r9d/pjFf/v8MYv/DvljFv8d88cs/jvlj1n8d84fs/jvkj9m8f9A/pjFf9f8MYv/bvljFv/d88cs/nvkj1n898wfs/h/MH/M4r9X/pjFf+/8MYv/PvljFv8P5Y9Z/D+cP2bx/0j+mMV/3/wxi/9++WMW//3zxyz+B+SPWfwPzB+z+B+UP2bxPzh/zOJ/SP6Yxf/Q/DGL/2H5Yxb/w/PHLP5H5I9Z/D+aP2bxPzJ/zOL/sfwxi//H88cs/kflj1n8P5E/ZvE/On/M4n9M/pjF/9j8MYv/J/PHLP6fyh+z+B+XP2bxPz5/zOJ/Qv6Yxf/E/DGL/0n5Yxb/T+ePWfw/kz9m8f9s/pjF/3P5Yxb/k/PHLP6fzx+z+H8hf8zi/8X8MYv/l/LHLP6n5I9Z/E/NH7P4n5Y/ZvE/PX/M4n9G/pjF/8z8MYv/l/PHLP5n5Y9Z/M/OH7P4fyV/zOJ/Tv6Yxf/c/DGL/3n5Yxb/8/PHLP4X5I9Z/L+aP2bx/1r+mMX/6/ljFv8L88cs/hflj1n8v5E/ZvG/OH/M4v/N/DGL/yX5Yxb/S/PHLP6X5Y9Z/L+VP2bx/3b+mMX/8vwxi/8V+WMW/+/kj1n8r8wfs/h/N3/M4n9V/pjF/3v5Yxb/q/PHLP7fzx+z+F+TP2bxvzZ/zOL/g/wxi/8P88cs/j/KH7P4X5c/ZvH/cf6Yxf/6/DGL/w35Yxb/n+SPWfxvzB+z+N+UP2bx/2n+mMX/5vwxi/8t+WMW/1vzxyz+t+WPWfx/lj9m8b89f8zi//P8MYv/L/LHLP6/zB+z+P8qf8zi/+v8MYv/b/LHLP535I9Z/H+bP2bx/13+mMX/9/ljFv8788cs/nflj1n8/5A/ZvG/O3/M4v/H/DGL/z35Yxb/e/PHLP5/yh+z+P85f8zif1/+mMX/L/ljFv/788cs/g/kj1n8H8wfs/g/lD9m8X84f8zi/0j+mMX/0fwxi/9j+WMW/8fzxyz+T+SPWfyfzB+z+D+VP2bxfzp/zOL/TP6Yxf/Z/DGL/3P5Yxb/5/PHLP4v5I9Z/F/MH7P4v5Q/ZvF/OX/M4v9K/pjEf7KB/DGL/6D8MYv/ePljFv/B+WMW/yH5Yxb/ofljFv9h+WMW//Hzxyz+E+SPWfwnzB+z+E+UP2bxnzh/zOI/Sf6YxX/S/DGL//D8MYv/ZPljFv/J88cs/lPkj1n8p8wfs/hPlT9m8Z86f8ziP03+mMX/LfljFv9p88cs/tPlj1n8p88fs/jPkD9m8X9r/pjFf8b8MYv/iPwxi//b8scs/jPlj1n8Z84fs/i/PX/M4j9L/pjFf9b8MYv/bPljFv/Z88cs/u/IH7P4z5E/ZvGfM3/M4j9X/pjFf+78MYv/PPljFv9588cs/vPlj1n8588fs/gvkD9m8V8wf8ziv1D+mMV/4fwxi/8i+WMW/0Xzxyz+i+WPWfwXzx+z+C+RP2bxXzJ/zOK/VP6YxX/p/DGL/zL5Yxb/ZfPHLP7vzB+z+L8rf8zi/+78MYv/cvljFv/l88cs/ivkj1n8V8wfs/ivlD9m8V85f8ziv0r+mMV/1fwxi/9q+WMW/9Xzxyz+a+SPWfzXzB+z+K+VP2bxXzt/zOK/Tv6YxX/d/DGL/3r5Yxb/9fPHLP4b5I9Z/DfMH7P4b5Q/ZvHfOH/M4r9J/tj/xx49GApiAFAAq41f27atMWrbtm3btm3btu32bC3wJriXrJCW/839Ry3/W/iPWv639B+1/G/lP2r539p/1PK/jf+o5X9b/1HL/3b+o5b/7f1HLf87+I9a/nf0H7X87+Q/avnf2X/U8r+L/6jlf1f/Ucv/bv6jlv/d/Uct/3v4j1r+9/Qftfzv5T9q+d/bf9Tyv4//qOV/X/9Ry/9+/qOW//39Ry3/B/iPWv4P9B+1/B/kP2r5P9h/1PJ/iP+o5f9Q/1HL/2H+o5b/w/1HLf9H+I9a/o/0H7X8H+U/avk/2n/U8n+M/6jl/1j/Ucv/cf6jlv/j/Uct/yf4j1r+T/Qftfyf5D9q+T/Zf9Tyf4r/qOX/VP9Ry/9p/qOW/9P9Ry3/Z/iPWv7P9B+1/J/lP2r5P9t/1PJ/jv+o5f9c/1HL/3n+o5b/8/1HLf8X+I9a/i/0H7X8X+Q/avm/2H/U8n+J/6jl/1L/Ucv/Zf6jlv/L/Uct/1f4j1r+r/Qftfxf5T9q+b/af9Tyf43/qOX/Wv9Ry/91/qOW/+v9Ry3/N/iPWv5v9B+1/N/kP2r5v9l/1PJ/i/+o5f9W/1HL/23+o5b/2/1HLf93+I9a/u/0H7X83+U/avm/23/U8n+P/6jl/17/Ucv/ff6jlv/7/Uct/w/4j1r+H/Qftfw/5D9q+X/Yf9Ty/4j/qOX/Uf9Ry/9j/qOW/8f9Ry3/T/iPWv6f9B+1/D/lP2r5f9p/1PL/jP+o5f9Z/1HL/3P+o5b/5/1HLf8v+I9a/l/0H7X8v+Q/avl/2X/U8v+K/6jl/1X/Ucv/a/6jlv/X/Uct/2/4j1r+3/Qftfy/5T9q+X/bf9Ty/47/qOX/Xf9Ry/97/qOW//f9Ry3/H/iPWv4/9B+1/H/kP2r5/9h/1PL/if+o5f9T/1HL/2f+o5b/z/1HLf9f+I9a/r/0H7X8f+U/avn/2n/U8v+N/6jl/1v/Ucv/d/6jlv/v/Uct/z/4j1r+f/Qftfz/5D9q+f/Zf9Ty/4v/qOX/V/9Ry/9v/qOW/9/9Ry3/f/iPWv7/9B+1/P/lP2r5/9t/1PL/j/+o5f9f/1HL/3/+o5b///1HLf+D/Ect/4P9Ry3/Q/xHLf9D/Uct/8P8Ry3/w/1HLf8j/Ect/yP9Ry3/o/xHLf+j/Uct/2P8Ry3/Y/1HLf/j/Ect/+P9Ry3/E/xHLf8T/Ucl/wNT+I9a/qf0H7X8T+U/avmf2n/U8j+N/6jlf1r/Ucv/dP6jlv/p/Uct/zP4j1r+Z/QftfzP5D9q+Z/Zf9TyP4v/qOV/Vv9Ry/9s/qOW/9n9Ry3/A/6jlv85/Ect/3P6j1r+5/IftfzP7T9q+Z/Hf9TyP6//qOV/Pv9Ry//8/qOW/wX8Ry3/C/qPWv4X8h+1/C/sP2r5X8R/1PK/qP+o5X8x/1HL/+L+o5b/JfxHLf9L+o9a/pfyH7X8L+0/avlfxn/U8r+s/6jlfzn/Ucv/8v6jlv8V/Ect/yv6j1r+V/Iftfyv7D9q+V/Ff9Tyv6r/qOV/Nf9Ry//q/qOW/zX8Ry3/a/qPWv7X8h+1/K/tP2r5X8d/1PK/rv+o5X89/1HL//r+o5b/DfxHLf8b+o9a/jfyH7X8b+w/avnfxH/U8r+p/6jlfzP/0WT3DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACT2Ln/GK/rAo7jnzu4O4QCESOk3kBQgeBxcscvQUUrmmfjrLD1axJMToGOVLwZIAtKLWpu6WTLWqT+QVqrNTZjrSZltsVsRU374dyCkn6MdWpFtsg694Xv97z7etz8vs/3mz94PP64+34+x+tzwPa8z+c7fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw2mnvuLxnRN2AUyP6H4Sfd574PP/fH1q3Z8++8ZXP5S+/Z5BL1vc/6O3t7d024Re3lA+biqIofbfLysejqsel62/fP/Xs8ncv7rv7ttlLtyx/bPfGnjE/XbD9SMOJsw3F6uvWd3VeWF8UYURDsbl0MK+uKEJjQ3FX6aC1dNDUUDxUOmg7cXBW8aPSwdxrb+haWzrxim8NZ5z2jh3FiAHFFgN+GvTvf/v+S99b+TzEJStXG1mU+7/i+080VX2t4hT9V64f6qr7r/kPCJxSbf2veL7yeYhLvuL+3/q3jx0e7Gun7r9y/VCvf0hnkOf/AY1WP/dXPf9PG+SSffvmlsdHlfpfsvi+DeVTI1/N8//L1w8jqvuvH/D8X3qOH1l5/m8qitAwzL8OOKO0d3y6Z6j7/9D9j5xctanr3//WY4dWlfpv3vDJ58qnGmrsf+QQ9/+6J6t+r0Bt2jse6K26/9fQfzFzkEv29d9z69PHS/3/af8z5/f7Wi39N1T339K98caWm7dsbV6/cc31ndd3fqJ1/sJFC1sXX9S2oOXEI8HJj8P8W4Ezw/Du/8Xoqk1dUXT27S94buXOUv/T16/8bPnUqBr7bxzy/j/N/R8GNb2+aGwsNq/p7t407+THymHryY8nf9kg/dfw/n/GrPIvq7zvriuKSX37OTcuWF3q/8Fjn3u8fKqxxv6bhuz/ssL7fRiGYd7/11ZtBvR/dMXYZ0v9f+nhWd3lU7W+/x81ZP+H3f9hONo7qv6Fn9dYqf9Lxu7+e9w6nOWf/0E6Ofoff/zOq+LWYbT+IZ0c/X/k9plPxa3DGP1DOjn6/97ady6MW4fX6R/SydH/Pyf/9f64dXi9/iGdHP0fevY/U+LWYaz+IZ0c/e+66/0749ZhnP4hnRz9z9h25I64dThb/5BOjv7X1V81IW4dxusf0snR/7teWPXtuHU4R/+QTo7+x+3819K4dZigf0gnR/896+5+Mm4dztU/pJOj/69PXPKOuHV4g/4hnRz9f+GPc16MW4eJ+od0cvT/6Fd3bIhbhzfqH9LJ0f8PPzB2sP9P2KsQJukf0snR/7E5e/bGrcN5+od0cvT/u0MPj4tbh8n6h3Ry9H/PA1O/HLcOb9I/pJOj/5suv/WWuHV4s/4hnRz9L1n2y8Nx6xD0D+nk6H/izx5dFbcOU/QP6eTo/5rvbjgQtw5T9Q/p5Oh/8znfWh63DtP0D+nk6L+tq+mJuHV4i/4hnRz9T7134sa4dZiuf0gnR/9X//mR/8atwwz9Qzo5+t/X+NS5cevwVv1DOjn6/9/mTZ+JW4e36R/SydH/r+689uK4dXi7/iGdHP1/5R8Hvhm3DjP1D+nk6P/I0nf/JW4dZukf0snR/3eW99wUtw7n6x/SydH/bXtfPBi3DrP1D+nk6P/AwQ9+OG4d5ugf0snR/+yWtn1x63CB/iGdHP2ved+90+LWoVn/kE6O/lfs+fzX4tZhrv4hnRz9Nz49fVTcOrToH9LJ0f/eRbsa4tbhQv1DOjn6P96+7J64dZinf0gnR/+/eWRuc9w6tOof0snR/+7H7vhB3Dq06R/SydH/9hl/uDpuHebrH9LJ0f/8a678cdw6LNA/pJOj/0nf+Oi2uHVYqH9IJ0f/K3/7/NG4dVikf0gnR//NUz71YNw6LNY/pJOj/+tW/3pe3DpcpH9IJ0f/V+76yRfj1mGJ/iGdHP3XHb3hvLh1WKp/SCdH/8+MHvNC3DpcrH9IJ0f/D3XfvzpuHS7RP6STo//bd+z9fdw6XKp/SCdH/wf/P/mKuHVYpn9I5+YtWz++pqurc5MXXnjhRd+L0/2TCUjt5ehP9+8EAAAAAAAAAAAAAAA4lRz/OdHp/jMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8BI7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDEgAAAABB/1+3I1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgqAAD//1xCIEM=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)

201.959577ms ago: executing program 1 (id=828):
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000096d132478102268d00", @ANYRES32, @ANYBLOB="0000000000000000b7080000002000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SURVEY(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r3, 0x3a9, 0x3, 0x0, {{}, {@val={0x8, 0x140}, @void}}}, 0x1c}}, 0x0)

201.259746ms ago: executing program 2 (id=820):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000feffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x15, 0x0, 0x0, 0x80ffffff}]})

0s ago: executing program 1 (id=821):
r0 = socket$tipc(0x1e, 0x5, 0x0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000080)={0x42, 0x80000009, 0x2}, 0x10)
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000300)={0x42, 0x3}, 0x10)
bind$tipc(r0, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x2, {0x42, 0x4, 0x10000000}}, 0x10)
sendmsg$tipc(r1, &(0x7f0000000180)={&(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x1, {0x1, 0x4, 0x4}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x40040}, 0x4)
close(r0)

kernel console output (not intermixed with test programs):

ref verification
[   89.264997][ T6135] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   89.275028][ T6123] BTRFS info (device loop2): disabling tree log
[   89.290723][ T6123] BTRFS info (device loop2): enabling tree log
[   89.302148][ T6135] EXT4-fs (loop3): bad geometry: block count 204800 exceeds size of device (64 blocks)
[   89.314789][ T6123] BTRFS info (device loop2): enabling ssd optimizations
[   89.359050][ T6123] BTRFS info (device loop2): using spread ssd allocation scheme
[   89.366728][ T6135] IPVS: set_ctl: invalid protocol: 51 172.20.20.187:20003
[   89.425384][ T6123] BTRFS info (device loop2): not using ssd optimizations
[   89.468468][ T6123] BTRFS info (device loop2): not using spread ssd allocation scheme
[   89.493029][ T6123] BTRFS info (device loop2): using free space tree
[   89.567998][ T6141] loop3: detected capacity change from 0 to 1024
[   89.993478][ T6141] hfsplus: request for non-existent node 33423360 in B*Tree
[   90.030122][ T6141] hfsplus: request for non-existent node 33423360 in B*Tree
[   90.045054][   T28] audit: type=1800 audit(1750193158.661:3): pid=6123 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.97" name="bus" dev="loop2" ino=263 res=0 errno=0
[   90.077001][ T6162] hfsplus: request for non-existent node 33423360 in B*Tree
[   90.143236][ T6162] hfsplus: request for non-existent node 33423360 in B*Tree
[   90.186192][ T6141] hfsplus: request for non-existent node 33423360 in B*Tree
[   90.263149][ T6141] hfsplus: request for non-existent node 33423360 in B*Tree
[   90.286740][ T6162] hfsplus: request for non-existent node 33423360 in B*Tree
[   90.320308][ T6162] hfsplus: request for non-existent node 33423360 in B*Tree
[   90.681235][ T5768] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[   91.154066][ T6177] loop3: detected capacity change from 0 to 512
[   91.570038][ T6177] EXT4-fs (loop3): unsupported inode size: 4096
[   91.589054][ T6177] EXT4-fs (loop3): blocksize: 1024
[   91.761795][ T6177] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check.
[   93.874889][ T6221] loop2: detected capacity change from 0 to 512
[   93.950115][ T6221] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.116: invalid indirect mapped block 256 (level 2)
[   93.989601][ T6221] EXT4-fs (loop2): 2 truncates cleaned up
[   93.997019][ T6221] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   94.403023][    T9] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   94.557970][ T6221] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.612997][    T9] usb 4-1: Using ep0 maxpacket: 32
[   94.624983][    T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   94.662924][    T9] usb 4-1: config 0 has no interfaces?
[   94.668883][    T9] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[   94.680389][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   94.707355][    T9] usb 4-1: config 0 descriptor??
[   94.712580][ T6103] Set syz1 is full, maxelem 65536 reached
[   94.924326][ T6236] syz_tun: entered allmulticast mode
[   94.956909][ T6238] syzkaller1: entered promiscuous mode
[   94.962842][ T6238] syzkaller1: entered allmulticast mode
[   95.003197][    T9] usb 4-1: USB disconnect, device number 2
[   95.025742][ T6235] syz_tun: left allmulticast mode
[   95.541753][ T6247] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4290638775 (549201763200 ns) > initial count (439443453440 ns). Using initial count to start timer.
[   96.423361][ T6251] loop3: detected capacity change from 0 to 32768
[   96.520873][ T6241] loop0: detected capacity change from 0 to 65536
[   96.585094][ T6241] XFS (loop0): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[   96.672539][ T6241] XFS (loop0): Ending clean mount
[   96.788899][ T6241] overlayfs: missing 'lowerdir'
[   96.855660][  T787] XFS (loop0): Metadata CRC error detected at xfs_agf_read_verify+0x191/0x250, xfs_agf block 0x1 
[   96.892144][  T787] XFS (loop0): Unmount and run xfs_repair
[   96.914161][  T787] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[   96.921712][  T787] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[   96.943765][  T787] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[   96.952690][  T787] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[   97.002025][  T787] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[   97.031806][  T787] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[   97.076191][  T787] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[   97.086174][    T8] IPVS: starting estimator thread 0...
[   97.095409][  T787] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[   97.140076][  T787] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[   97.171048][ T6241] XFS (loop0): metadata I/O error in "xfs_read_agf+0x27e/0x590" at daddr 0x1 len 1 error 74
[   97.207584][ T6241] XFS (loop0): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x518/0x8a0 (fs/xfs/xfs_trans_buf.c:296).  Shutting down filesystem.
[   97.243217][ T6275] IPVS: using max 16 ests per chain, 38400 per kthread
[   97.264452][ T6241] XFS (loop0): Please unmount the filesystem and rectify the problem(s)
[   97.350797][ T6278] netlink: 20 bytes leftover after parsing attributes in process `syz.3.134'.
[   97.423482][ T6278] netlink: 20 bytes leftover after parsing attributes in process `syz.3.134'.
[   97.460230][ T5766] XFS (loop0): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[   98.419730][ T6276] loop2: detected capacity change from 0 to 32768
[   98.448999][ T6276] JFS: remount-r� is an invalid error handler
[   98.687972][ T6299] binder: 6298:6299 ioctl 4018620d 0 returned -22
[   98.773588][ T6300] binder: 6298:6300 ioctl c018620c 0 returned -14
[   99.214246][    T9] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   99.286780][ T6311] netlink: 8 bytes leftover after parsing attributes in process `syz.0.147'.
[   99.425820][    T9] usb 4-1: too many configurations: 13, using maximum allowed: 8
[   99.436193][    T9] usb 4-1: config 0 has no interfaces?
[   99.442539][    T9] usb 4-1: config 0 has no interfaces?
[   99.456023][    T9] usb 4-1: config 0 has no interfaces?
[   99.464006][    T9] usb 4-1: config 0 has no interfaces?
[   99.470737][    T9] usb 4-1: config 0 has no interfaces?
[   99.479455][    T9] usb 4-1: config 0 has no interfaces?
[   99.489099][    T9] usb 4-1: config 0 has no interfaces?
[   99.506525][    T9] usb 4-1: config 0 has no interfaces?
[   99.520376][    T9] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   99.546614][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.572944][    T9] usb 4-1: Product: syz
[   99.603875][    T9] usb 4-1: Manufacturer: syz
[   99.613215][    T9] usb 4-1: SerialNumber: syz
[   99.644909][    T9] usb 4-1: config 0 descriptor??
[   99.950731][    T9] usb 4-1: USB disconnect, device number 3
[   99.995023][ T6324] mmap: syz.2.152 (6324) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  100.378949][ T6332] netlink: 8 bytes leftover after parsing attributes in process `syz.0.155'.
[  100.408597][ T6332] netlink: 16 bytes leftover after parsing attributes in process `syz.0.155'.
[  100.427795][ T6332] Zero length message leads to an empty skb
[  100.633195][ T5802] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  100.711953][   T28] audit: type=1326 audit(1750193169.321:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6333 comm="syz.0.156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe813f8e929 code=0x7fc00000
[  100.846765][ T5802] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  100.858156][ T5802] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  100.879701][ T5802] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 48, changing to 9
[  100.908606][ T5802] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 8240, setting to 1024
[  100.934294][ T5802] usb 4-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  100.944695][ T5802] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  100.952949][ T5802] usb 4-1: Product: syz
[  100.957214][ T5802] usb 4-1: Manufacturer: syz
[  100.962483][ T5802] usb 4-1: SerialNumber: syz
[  100.973867][ T5802] usb 4-1: config 0 descriptor??
[  101.235156][ T5802] adutux 4-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[  101.376126][   T28] audit: type=1326 audit(1750193169.991:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6333 comm="syz.0.156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fe813f8e929 code=0x7fc00000
[  101.394720][ T6342] loop1: detected capacity change from 0 to 32768
[  101.421628][ T6342] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.159 (6342)
[  101.437999][   T28] audit: type=1326 audit(1750193169.991:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6333 comm="syz.0.156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe813f8e929 code=0x7fc00000
[  101.473610][ T6342] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  101.508923][ T6342] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  101.530614][ T6342] BTRFS info (device loop1): force clearing of disk cache
[  101.560885][ T6342] BTRFS info (device loop1): enabling auto defrag
[  101.587525][    T9] usb 4-1: USB disconnect, device number 4
[  101.588930][ T6342] BTRFS info (device loop1): max_inline at 0
[  101.625442][ T6342] BTRFS info (device loop1): enabling disk space caching
[  101.645734][ T6342] BTRFS info (device loop1): disk space caching is enabled
[  101.876742][ T6342] BTRFS info (device loop1): enabling ssd optimizations
[  101.878639][ T6363] af_packet: tpacket_rcv: packet too big, clamped from 65232 to 3952. macoff=96
[  101.912420][ T6342] BTRFS info (device loop1): rebuilding free space tree
[  102.004302][ T6342] BTRFS info (device loop1): disabling free space tree
[  102.011955][ T6342] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  102.033293][ T6342] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  102.366008][   T59] BTRFS info (device loop1): qgroup scan completed (inconsistency flag cleared)
[  102.614735][ T5763] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  103.241500][ T6390] loop3: detected capacity change from 0 to 512
[  103.344952][ T6390] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.422779][ T6390] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  103.496236][ T6390] EXT4-fs error (device loop3): ext4_do_update_inode:5224: inode #2: comm syz.3.173: corrupted inode contents
[  103.534304][ T6390] EXT4-fs error (device loop3): ext4_dirty_inode:6100: inode #2: comm syz.3.173: mark_inode_dirty error
[  103.564064][ T6390] EXT4-fs error (device loop3): ext4_do_update_inode:5224: inode #2: comm syz.3.173: corrupted inode contents
[  103.598348][ T6390] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.173: mark_inode_dirty error
[  103.727087][ T6402] loop1: detected capacity change from 0 to 512
[  103.793617][ T6402] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  103.817303][ T6402] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  103.828768][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.897034][ T6402] EXT4-fs (loop1): 1 truncate cleaned up
[  103.912813][ T6402] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.146333][ T5763] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.072392][ T6434] netlink: 'syz.1.185': attribute type 4 has an invalid length.
[  105.274097][ T6441] netlink: 'syz.1.185': attribute type 4 has an invalid length.
[  105.359878][ T6440] loop2: detected capacity change from 0 to 2048
[  105.464344][ T6440] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.733886][ T6468] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  105.837968][   T28] audit: type=1800 audit(1750193174.441:7): pid=6440 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.186" name="file2" dev="loop2" ino=16 res=0 errno=0
[  106.061494][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.885163][ T6497] netlink: 'syz.3.197': attribute type 4 has an invalid length.
[  106.911341][ T6485] loop2: detected capacity change from 0 to 32768
[  106.946047][ T6485] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.190 (6485)
[  107.008223][ T6485] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  107.044769][ T6485] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  107.063285][ T6485] BTRFS warning (device loop2): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  107.113156][ T6485] BTRFS info (device loop2): trying to use backup root at mount time
[  107.133541][ T6485] BTRFS info (device loop2): setting nodatasum
[  107.139125][ T6497] netlink: 'syz.3.197': attribute type 4 has an invalid length.
[  107.140950][ T6485] BTRFS info (device loop2): force zlib compression, level 3
[  107.161827][ T6485] BTRFS info (device loop2): doing ref verification
[  107.169596][ T6485] BTRFS info (device loop2): turning on flush-on-commit
[  107.179072][ T6485] BTRFS info (device loop2): allowing degraded mounts
[  107.193329][ T6485] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_LZO (0x8)
[  107.232996][ T6485] BTRFS info (device loop2): use lzo compression, level 0
[  107.247317][ T6485] BTRFS info (device loop2): enabling ssd optimizations
[  107.263019][ T6485] BTRFS info (device loop2): using spread ssd allocation scheme
[  107.273369][ T6485] BTRFS info (device loop2): using free space tree
[  107.454604][ T6485] BTRFS info (device loop2): auto enabling async discard
[  108.070969][ T6537] capability: warning: `syz.1.206' uses deprecated v2 capabilities in a way that may be insecure
[  108.108817][ T6537] loop1: detected capacity change from 0 to 128
[  108.187504][ T5758] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  108.571957][ T5768] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  108.833414][    T8] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  109.023770][    T8] usb 2-1: too many configurations: 13, using maximum allowed: 8
[  109.040844][ T6557] loop2: detected capacity change from 0 to 64
[  109.051137][    T8] usb 2-1: config 0 has no interfaces?
[  109.063465][    T8] usb 2-1: config 0 has no interfaces?
[  109.072285][    T8] usb 2-1: config 0 has no interfaces?
[  109.084657][    T8] usb 2-1: config 0 has no interfaces?
[  109.093277][    T8] usb 2-1: config 0 has no interfaces?
[  109.109715][    T8] usb 2-1: config 0 has no interfaces?
[  109.120025][    T8] usb 2-1: config 0 has no interfaces?
[  109.144172][    T8] usb 2-1: config 0 has no interfaces?
[  109.150155][ T6557] hfs: request for non-existent node 24 in B*Tree
[  109.166394][    T8] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  109.178533][ T6557] hfs: request for non-existent node 24 in B*Tree
[  109.193022][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  109.208785][ T6560] hfs: request for non-existent node 25 in B*Tree
[  109.223067][    T8] usb 2-1: Product: syz
[  109.227957][ T6560] hfs: request for non-existent node 25 in B*Tree
[  109.235040][    T8] usb 2-1: Manufacturer: syz
[  109.249790][    T8] usb 2-1: SerialNumber: syz
[  109.264431][    T8] usb 2-1: config 0 descriptor??
[  109.275046][ T6557] hfs: request for non-existent node 26 in B*Tree
[  109.279537][ T6562] loop3: detected capacity change from 0 to 16
[  109.295490][ T6557] hfs: request for non-existent node 26 in B*Tree
[  109.327491][ T6562] erofs: (device loop3): mounted with root inode @ nid 36.
[  109.334180][ T6557] hfs: request for non-existent node 27 in B*Tree
[  109.341739][ T6557] hfs: request for non-existent node 27 in B*Tree
[  109.362560][ T6557] hfs: request for non-existent node 28 in B*Tree
[  109.396475][ T6557] hfs: request for non-existent node 28 in B*Tree
[  109.597857][    T8] usb 2-1: USB disconnect, device number 3
[  109.774737][ T6571] loop2: detected capacity change from 0 to 64
[  110.068579][ T6573] loop3: detected capacity change from 0 to 8192
[  110.113547][ T6573] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  110.186944][ T6573] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  110.201373][ T6573] REISERFS (device loop3): using ordered data mode
[  110.210190][ T6573] reiserfs: using flush barriers
[  110.220984][ T6573] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  110.258651][ T6573] REISERFS (device loop3): checking transaction log (loop3)
[  110.280458][ T6573] REISERFS (device loop3): Using r5 hash to sort names
[  110.293182][    T8] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  110.317342][ T6573] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  110.426982][ T6583] loop2: detected capacity change from 0 to 512
[  110.492235][ T6583] EXT4-fs error (device loop2): ext4_orphan_get:1425: comm syz.2.224: bad orphan inode 11
[  110.512086][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  110.553078][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  110.577312][ T6583] ext4_test_bit(bit=10, block=4) = 1
[  110.582683][ T6583] is_bad_inode(inode)=0
[  110.593128][ T6583] NEXT_ORPHAN(inode)=2080374784
[  110.599797][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 48, changing to 9
[  110.616924][ T6583] max_ino=32
[  110.618491][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 8240, setting to 1024
[  110.626380][ T6583] i_nlink=0
[  110.639775][    T8] usb 2-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  110.649118][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  110.652218][ T6583] EXT4-fs (loop2): 1 truncate cleaned up
[  110.666418][    T8] usb 2-1: Product: syz
[  110.670646][    T8] usb 2-1: Manufacturer: syz
[  110.683480][    T8] usb 2-1: SerialNumber: syz
[  110.691635][    T8] usb 2-1: config 0 descriptor??
[  110.724922][ T6583] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.964219][    T8] adutux 2-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[  110.979790][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.214672][    T8] usb 2-1: USB disconnect, device number 4
[  111.410595][ T6600] kvm: emulating exchange as write
[  111.465716][   T28] audit: type=1326 audit(1750193180.081:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6602 comm="syz.0.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe813f8e929 code=0x7ffc0000
[  111.490184][   T28] audit: type=1326 audit(1750193180.101:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6602 comm="syz.0.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=117 compat=0 ip=0x7fe813f8e929 code=0x7ffc0000
[  111.514023][   T28] audit: type=1326 audit(1750193180.101:10): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=unconfined pid=6602 comm="syz.0.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe813f8e929 code=0x7ffc0000
[  111.546762][   T28] audit: type=1326 audit(1750193180.101:11): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=unconfined pid=6602 comm="syz.0.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe813f8e929 code=0x7ffc0000
[  111.569706][   T28] audit: type=1326 audit(1750193180.101:12): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=unconfined pid=6602 comm="syz.0.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7fe813f8e929 code=0x7ffc0000
[  111.592468][   T28] audit: type=1326 audit(1750193180.101:13): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=6602 comm="syz.0.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe813f8e929 code=0x7ffc0000
[  111.624472][   T28] audit: type=1326 audit(1750193180.101:14): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=6602 comm="syz.0.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe813f8e929 code=0x7ffc0000
[  111.839548][ T6611] loop3: detected capacity change from 0 to 128
[  112.286861][   T28] audit: type=1326 audit(1750193180.901:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6617 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff96f98e929 code=0x7fc00000
[  112.334648][ T6626] ksmbd: Unknown IPC event: 0, ignore.
[  112.454500][ T6628] loop1: detected capacity change from 0 to 512
[  112.529419][ T6628] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  112.556091][ T6628] ext4 filesystem being mounted at /56/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  112.592502][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  112.816762][ T6636] netlink: 4 bytes leftover after parsing attributes in process `syz.0.243'.
[  112.837267][ T6638] loop3: detected capacity change from 0 to 1024
[  112.849355][ T6636] 8021q: adding VLAN 0 to HW filter on device team1
[  112.854071][ T6638] EXT4-fs: Ignoring removed nobh option
[  112.864282][ T6638] EXT4-fs: Ignoring removed bh option
[  112.875300][ T6638] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  112.910346][ T6638] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.934440][ T5823] usb 2-1: new full-speed USB device number 5 using dummy_hcd
[  112.949477][   T28] audit: type=1326 audit(1750193181.561:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6617 comm="syz.2.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7ff96f98e929 code=0x7fc00000
[  113.010385][ T6638] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4036: comm syz.3.244: Allocating blocks 257-513 which overlap fs metadata
[  113.083103][ T6644] EXT4-fs (loop3): shut down requested (0)
[  113.126602][ T5823] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  113.153132][ T5823] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 255, setting to 64
[  113.156937][ T6647] loop2: detected capacity change from 0 to 512
[  113.168084][ T5823] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  113.189238][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.200249][ T5823] usb 2-1: New USB device found, idVendor=05ac, idProduct=0264, bcdDevice= 0.00
[  113.233261][ T5823] usb 2-1: New USB device strings: Mfr=128, Product=0, SerialNumber=0
[  113.241554][ T5823] usb 2-1: Manufacturer: syz
[  113.243606][ T6647] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities
[  113.318505][ T5823] usb 2-1: config 0 descriptor??
[  113.347932][ T6628] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  113.638985][   T28] audit: type=1326 audit(1750193182.251:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6654 comm="syz.2.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff96f98e929 code=0x7ffc0000
[  113.810691][ T5823] apple 0003:05AC:0264.0003: ignoring exceeding usage max
[  113.859197][ T5823] apple 0003:05AC:0264.0003: hidraw0: USB HID vff.fa Device [syz] on usb-dummy_hcd.1-1/input0
[  114.137233][ T5823] usb 2-1: USB disconnect, device number 5
[  114.676884][ T6681] loop0: detected capacity change from 0 to 1024
[  114.707000][ T6681] EXT4-fs: Ignoring removed nobh option
[  114.760414][ T6681] EXT4-fs: Ignoring removed bh option
[  114.797277][ T6681] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  114.835919][ T5763] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  114.886656][ T6681] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.089664][ T6681] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4036: comm syz.0.258: Allocating blocks 257-513 which overlap fs metadata
[  115.163525][ T6687] EXT4-fs (loop0): shut down requested (0)
[  115.172592][ T6686] netlink: 8 bytes leftover after parsing attributes in process `syz.2.262'.
[  115.172880][    C0] sched: RT throttling activated
[  115.191205][ T6686] netlink: 20 bytes leftover after parsing attributes in process `syz.2.262'.
[  115.488467][ T6673] loop3: detected capacity change from 0 to 131072
[  115.493448][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.560111][ T6673] F2FS-fs (loop3): Found nat_bits in checkpoint
[  115.616985][ T6673] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  115.687454][ T6673] F2FS-fs (loop3): lookup inode (7) has corrupted xattr
[  115.707763][ T6673] F2FS-fs (loop3): lookup inode (7) has corrupted xattr
[  115.909212][ T6698] loop0: detected capacity change from 0 to 2048
[  116.015571][ T6698] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  116.226219][ T6701] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  116.371382][ T6698] UDF-fs: warning (device loop0): udf_truncate_tail_extent: Too long extent after EOF in inode 1436: i_size: 147456 lbcount: 151552 extent 129+150528
[  116.830319][ T6692] loop2: detected capacity change from 0 to 32768
[  116.876744][ T6710] loop0: detected capacity change from 0 to 8
[  116.892047][ T6692] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  117.046827][ T6692] XFS (loop2): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  117.159752][ T6692] XFS (loop2): Starting recovery (logdev: internal)
[  117.270853][ T6692] XFS (loop2): Ending recovery (logdev: internal)
[  117.338526][ T6703] loop1: detected capacity change from 0 to 32768
[  117.436755][ T6722] loop0: detected capacity change from 0 to 128
[  117.443126][   T28] kauditd_printk_skb: 7 callbacks suppressed
[  117.443144][   T28] audit: type=1800 audit(1750193186.051:25): pid=6692 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.263" name="file1" dev="loop2" ino=4426 res=0 errno=0
[  117.447164][ T6703] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  117.524628][ T6722] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  117.589081][ T6722] ext4 filesystem being mounted at /65/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  117.638075][ T6729] loop3: detected capacity change from 0 to 512
[  117.676833][ T6729] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.719718][ T6703] XFS (loop1): Ending clean mount
[  117.723526][ T6729] ext4 filesystem being mounted at /66/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  117.754522][ T5768] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  117.869518][ T5763] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  118.037730][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.139730][ T5766] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  120.392036][ T6761] loop1: detected capacity change from 0 to 32768
[  120.523200][ T6761] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  120.754943][ T6761] XFS (loop1): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  120.788055][ T6787] wg2: entered promiscuous mode
[  120.793582][ T6787] wg2: entered allmulticast mode
[  120.825479][ T6761] XFS (loop1): Starting recovery (logdev: internal)
[  120.929469][ T6761] XFS (loop1): Ending recovery (logdev: internal)
[  121.156670][   T28] audit: type=1800 audit(1750193189.771:26): pid=6761 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.280" name="file1" dev="loop1" ino=4422 res=0 errno=0
[  121.385354][ T5763] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  122.329946][ T6800] loop2: detected capacity change from 0 to 32768
[  122.379799][ T6811] loop3: detected capacity change from 0 to 1024
[  122.391546][ T6811] EXT4-fs: Ignoring removed bh option
[  122.399947][ T6811] EXT4-fs: inline encryption not supported
[  122.437149][ T6811] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  122.450881][ T6800] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  122.496529][ T6811] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000]
[  122.591758][ T6811] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 2: comm syz.3.296: lblock 2 mapped to illegal pblock 2 (length 1)
[  122.603068][ T6800] XFS (loop2): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  122.610000][ T6811] Quota error (device loop3): qtree_write_dquot: dquota write failed
[  122.658782][ T6811] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 48: comm syz.3.296: lblock 0 mapped to illegal pblock 48 (length 1)
[  122.688556][ T6811] Quota error (device loop3): v2_write_file_info: Can't write info structure
[  122.713850][ T6800] XFS (loop2): Starting recovery (logdev: internal)
[  122.720773][ T6811] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.296: Failed to acquire dquot type 0
[  122.754259][ T6811] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5896: Corrupt filesystem
[  122.774669][ T6800] XFS (loop2): Ending recovery (logdev: internal)
[  122.785783][ T6811] EXT4-fs error (device loop3): ext4_evict_inode:252: inode #11: comm syz.3.296: mark_inode_dirty error
[  122.823280][ T6811] EXT4-fs warning (device loop3): ext4_evict_inode:255: couldn't mark inode dirty (err -117)
[  122.853161][ T6811] EXT4-fs (loop3): 1 orphan inode deleted
[  122.860469][ T6811] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  122.913157][ T6474] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:13: lblock 1 mapped to illegal pblock 1 (length 1)
[  122.951968][ T6474] Quota error (device loop3): remove_tree: Can't read quota data block 1
[  122.981259][ T6474] EXT4-fs error (device loop3): ext4_release_dquot:6974: comm kworker/u4:13: Failed to release dquot type 0
[  123.014682][ T6811] ext4: Bad value for 'resuid'
[  123.117845][ T5768] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  123.121105][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.244036][ T5767] EXT4-fs error (device loop3): __ext4_get_inode_loc:4478: comm syz-executor: Invalid inode table block 1 in block_group 0
[  123.286077][ T5767] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5896: Corrupt filesystem
[  123.314036][ T5767] EXT4-fs error (device loop3): ext4_quota_off:7222: inode #3: comm syz-executor: mark_inode_dirty error
[  124.610382][ T6843] loop3: detected capacity change from 0 to 512
[  124.700365][ T6843] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.305: casefold flag without casefold feature
[  124.805076][ T6843] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.305: couldn't read orphan inode 15 (err -117)
[  124.876091][ T6843] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  125.187210][ T6854] loop1: detected capacity change from 0 to 512
[  125.202292][ T6854] ext4: Unknown parameter 'delalloc.dax'
[  125.216608][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.414262][ T6856] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  125.518425][ T6860] bridge0: port 3(syz_tun) entered blocking state
[  125.571092][ T6860] bridge0: port 3(syz_tun) entered disabled state
[  125.590156][ T6860] syz_tun: entered allmulticast mode
[  125.616572][ T6860] syz_tun: entered promiscuous mode
[  125.623109][ T6860] bridge0: port 3(syz_tun) entered blocking state
[  125.630206][ T6860] bridge0: port 3(syz_tun) entered forwarding state
[  125.766413][ T6866] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  125.924365][ T5802] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  126.122924][ T5802] usb 3-1: Using ep0 maxpacket: 16
[  126.133367][ T5802] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  126.154423][ T5802] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  126.173540][ T5802] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  126.206385][ T5802] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  126.222914][ T5802] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.241147][ T5802] usb 3-1: Product: syz
[  126.245694][ T5802] usb 3-1: Manufacturer: syz
[  126.250317][ T5802] usb 3-1: SerialNumber: syz
[  126.733510][ T5802] usb 3-1: 2:1 : format type 0 is detected, processed as PCM
[  126.742232][ T6764] Set syz1 is full, maxelem 65536 reached
[  126.744633][ T6870] loop3: detected capacity change from 0 to 32768
[  126.779091][ T6870] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.317 (6870)
[  126.892811][ T6870] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  126.920299][ T6870] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  126.949716][ T6870] BTRFS info (device loop3): use zlib compression, level 3
[  126.973079][ T6870] BTRFS info (device loop3): turning on sync discard
[  126.979881][ T6870] BTRFS info (device loop3): doing ref verification
[  126.993264][ T6870] BTRFS info (device loop3): disabling tree log
[  127.003277][ T6870] BTRFS info (device loop3): enabling tree log
[  127.009517][ T6870] BTRFS info (device loop3): enabling ssd optimizations
[  127.019322][ T6872] loop1: detected capacity change from 0 to 40427
[  127.043100][ T6872] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  127.055885][ T6870] BTRFS info (device loop3): using spread ssd allocation scheme
[  127.066644][ T6872] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  127.083359][ T6870] BTRFS info (device loop3): not using ssd optimizations
[  127.109492][ T6870] BTRFS info (device loop3): not using spread ssd allocation scheme
[  127.123514][ T6872] F2FS-fs (loop1): invalid crc value
[  127.129702][ T6870] BTRFS info (device loop3): using free space tree
[  127.168120][ T6872] F2FS-fs (loop1): Found nat_bits in checkpoint
[  127.462910][ T6872] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  127.500590][ T6872] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  127.532023][   T28] audit: type=1800 audit(1750193196.141:27): pid=6870 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.317" name="bus" dev="loop3" ino=263 res=0 errno=0
[  127.802600][ T5767] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  127.912650][ T5802] usb 3-1: USB disconnect, device number 3
[  128.699748][ T6905] Bluetooth: MGMT ver 1.22
[  129.413521][ T6920] netlink: 277 bytes leftover after parsing attributes in process `syz.0.329'.
[  129.664289][   T55] usb 4-1: new full-speed USB device number 5 using dummy_hcd
[  129.851510][ T6928] sch_tbf: burst 32855 is lower than device lo mtu (11337746) !
[  129.866277][   T55] usb 4-1: config 1 interface 0 has no altsetting 0
[  129.891568][   T55] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  129.912307][   T55] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  129.926862][   T55] usb 4-1: Product: syz
[  129.931135][   T55] usb 4-1: Manufacturer: syz
[  129.940281][   T55] usb 4-1: SerialNumber: syz
[  130.157406][   T28] audit: type=1326 audit(1750193198.771:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6931 comm="syz.1.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef0d8e929 code=0x7ffc0000
[  130.221409][   T28] audit: type=1326 audit(1750193198.771:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6931 comm="syz.1.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=312 compat=0 ip=0x7f6ef0d8e929 code=0x7ffc0000
[  130.300013][   T28] audit: type=1326 audit(1750193198.771:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6931 comm="syz.1.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef0d8e929 code=0x7ffc0000
[  130.329582][   T28] audit: type=1326 audit(1750193198.771:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6931 comm="syz.1.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef0d8e929 code=0x7ffc0000
[  130.358056][   T28] audit: type=1326 audit(1750193198.771:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6931 comm="syz.1.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f6ef0d8e929 code=0x7ffc0000
[  130.390035][   T28] audit: type=1326 audit(1750193198.771:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6931 comm="syz.1.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef0d8e929 code=0x7ffc0000
[  130.419852][   T28] audit: type=1326 audit(1750193198.771:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6931 comm="syz.1.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef0d8e929 code=0x7ffc0000
[  130.447237][   T28] audit: type=1326 audit(1750193198.771:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6931 comm="syz.1.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7f6ef0d8e929 code=0x7ffc0000
[  130.513686][   T28] audit: type=1326 audit(1750193198.771:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6931 comm="syz.1.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef0d8e929 code=0x7ffc0000
[  130.536028][   T28] audit: type=1326 audit(1750193198.791:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6931 comm="syz.1.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef0d8e929 code=0x7ffc0000
[  130.628652][   T55] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 5 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[  130.684410][   T55] usb 4-1: USB disconnect, device number 5
[  130.718673][   T55] usblp0: removed
[  131.183238][ T5801] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[  131.375689][ T6956] loop0: detected capacity change from 0 to 8
[  131.405810][ T5801] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  131.430435][ T6956] SQUASHFS error: zstd decompression error: 10
[  131.442142][ T6956] SQUASHFS error: zstd decompression failed, data probably corrupt
[  131.442209][ T5801] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  131.442270][ T5801] usb 2-1: New USB device found, idVendor=0461, idProduct=4e72, bcdDevice= 0.00
[  131.463650][ T6956] SQUASHFS error: Failed to read block 0x62b: -5
[  131.484920][ T5801] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.506971][ T6956] SQUASHFS error: Unable to read metadata cache entry [629]
[  131.508347][ T5801] usb 2-1: config 0 descriptor??
[  131.525527][ T6956] SQUASHFS error: Unable to read directory block [629:ff26]
[  131.531115][ T6944] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  131.763370][ T5801] usbhid 2-1:0.0: can't add hid device: -71
[  131.823049][ T5801] usbhid: probe of 2-1:0.0 failed with error -71
[  131.879151][ T5801] usb 2-1: USB disconnect, device number 6
[  132.482330][ T6978] loop2: detected capacity change from 0 to 256
[  132.569769][ T6978] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  132.731823][ T6978] exFAT-fs (loop2): error, broken FAT chain.
[  132.738652][ T6978] exFAT-fs (loop2): Filesystem has been set read-only
[  132.750915][ T6978] exFAT-fs (loop2): error, failed to bmap (inode : ffff88806b1b8e60 iblock : 8, err : -5)
[  132.785576][ T6975] loop1: detected capacity change from 0 to 32768
[  132.802410][ T6975] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.352 (6975)
[  132.806515][ T6978] syz.2.354 (6978) used greatest stack depth: 20720 bytes left
[  132.827531][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  132.834981][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  132.854894][ T6975] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  132.868479][ T6975] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  132.911839][ T6975] BTRFS info (device loop1): use zlib compression, level 3
[  132.932293][ T6975] BTRFS info (device loop1): turning on sync discard
[  132.946348][ T6975] BTRFS info (device loop1): doing ref verification
[  132.954810][ T6975] BTRFS info (device loop1): disabling tree log
[  132.961209][ T6975] BTRFS info (device loop1): enabling tree log
[  132.971592][ T6975] BTRFS info (device loop1): enabling ssd optimizations
[  132.992923][ T6975] BTRFS info (device loop1): using spread ssd allocation scheme
[  133.007706][ T6975] BTRFS info (device loop1): not using ssd optimizations
[  133.016502][ T6975] BTRFS info (device loop1): not using spread ssd allocation scheme
[  133.047177][ T6975] BTRFS info (device loop1): using free space tree
[  133.508097][ T5763] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  133.741281][ T6980] loop2: detected capacity change from 0 to 32768
[  133.766471][ T6980] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.355 (6980)
[  133.804642][ T6980] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  133.826544][ T6980] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  133.852802][ T6980] BTRFS info (device loop2): turning off barriers
[  133.867877][ T6980] BTRFS info (device loop2): setting nodatasum
[  133.901100][ T6980] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  133.910904][ T6980] BTRFS info (device loop2): use zstd compression, level 3
[  133.918443][ T6980] BTRFS info (device loop2): using free space tree
[  134.458033][ T5768] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  134.481286][ T7019] loop1: detected capacity change from 0 to 32768
[  134.519282][ T7019] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  134.715108][ T7019] XFS (loop1): Ending clean mount
[  134.744997][ T7019] XFS (loop1): Quotacheck needed: Please wait.
[  134.873568][ T7019] XFS (loop1): Quotacheck: Done.
[  135.104755][ T5763] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  135.679949][ T7045] loop0: detected capacity change from 0 to 128
[  135.747918][ T7045] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  135.791469][ T7045] ext4 filesystem being mounted at /83/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  135.961452][ T5766] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  136.640442][ T7053] loop0: detected capacity change from 0 to 32768
[  136.666830][ T7053] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.366 (7053)
[  136.759124][ T7053] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  136.784923][ T7053] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  136.806330][ T7053] BTRFS info (device loop0): use zlib compression, level 3
[  136.824161][ T7053] BTRFS info (device loop0): turning on sync discard
[  136.838502][ T7053] BTRFS info (device loop0): doing ref verification
[  136.849878][ T7053] BTRFS info (device loop0): disabling tree log
[  136.869567][ T7053] BTRFS info (device loop0): enabling tree log
[  136.884841][ T7053] BTRFS info (device loop0): enabling ssd optimizations
[  136.902471][ T7053] BTRFS info (device loop0): using spread ssd allocation scheme
[  136.922729][ T7053] BTRFS info (device loop0): not using ssd optimizations
[  136.953076][ T7053] BTRFS info (device loop0): not using spread ssd allocation scheme
[  136.983125][ T7053] BTRFS info (device loop0): using free space tree
[  137.306665][   T28] kauditd_printk_skb: 1 callbacks suppressed
[  137.306682][   T28] audit: type=1800 audit(1750193205.921:39): pid=7053 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.366" name="bus" dev="loop0" ino=263 res=0 errno=0
[  137.476475][ T5766] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  138.096017][ T7095] loop3: detected capacity change from 0 to 1024
[  138.207871][ T7095] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.223112][ T7095] ext4 filesystem being mounted at /95/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.310462][ T7095] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  138.595469][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.863057][  T787] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  139.069898][  T787] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  139.113037][  T787] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  139.132416][  T787] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.142529][  T787] usb 2-1: Product: syz
[  139.150796][  T787] usb 2-1: Manufacturer: syz
[  139.151518][ T7121] macsec1: entered allmulticast mode
[  139.160913][  T787] usb 2-1: SerialNumber: syz
[  139.634357][ T7115] loop3: detected capacity change from 0 to 32768
[  139.669849][ T7115] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.384 (7115)
[  139.721060][ T7115] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  139.749359][ T7115] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  139.770358][ T7115] BTRFS info (device loop3): use zlib compression, level 3
[  139.789188][ T7115] BTRFS info (device loop3): turning on sync discard
[  139.807683][ T7115] BTRFS info (device loop3): doing ref verification
[  139.819323][ T7115] BTRFS info (device loop3): disabling tree log
[  139.862406][ T7115] BTRFS info (device loop3): enabling tree log
[  139.873113][ T7115] BTRFS info (device loop3): enabling ssd optimizations
[  139.892926][ T7115] BTRFS info (device loop3): using spread ssd allocation scheme
[  139.909734][ T7115] BTRFS info (device loop3): not using ssd optimizations
[  139.953229][ T7115] BTRFS info (device loop3): not using spread ssd allocation scheme
[  139.961332][ T7115] BTRFS info (device loop3): using free space tree
[  139.967454][ T7121] syz.0.386 (7121) used greatest stack depth: 20616 bytes left
[  140.230309][  T787] cdc_ncm 2-1:1.0: MAC-Address: 42:42:42:42:42:42
[  140.243029][  T787] cdc_ncm 2-1:1.0: dwNtbInMaxSize=16 is too small. Using 2048
[  140.253100][  T787] cdc_ncm 2-1:1.0: setting rx_max = 2048
[  140.316337][   T28] audit: type=1800 audit(1750193208.921:40): pid=7115 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.384" name="bus" dev="loop3" ino=263 res=0 errno=0
[  140.499692][ T5767] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  140.639170][  T787] cdc_ncm 2-1:1.0: setting tx_max = 88
[  140.701827][  T787] cdc_ncm 2-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.1-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  140.713201][ T5823] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  140.778889][  T787] usb 2-1: USB disconnect, device number 7
[  140.807796][  T787] cdc_ncm 2-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.1-1, CDC NCM (NO ZLP)
[  140.930162][ T5823] usb 1-1: config 0 has an invalid interface number: 32 but max is 0
[  140.944374][ T5823] usb 1-1: config 0 has no interface number 0
[  140.950554][ T5823] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  140.982965][ T5823] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.028969][ T5823] usb 1-1: config 0 descriptor??
[  141.048422][ T5823] cp210x 1-1:0.32: cp210x converter detected
[  141.454707][ T5823] cp210x 1-1:0.32: failed to get vendor val 0x000e size 3: -32
[  141.684672][ T5823] cp210x 1-1:0.32: GPIO initialisation failed: -19
[  141.717584][ T5823] usb 1-1: cp210x converter now attached to ttyUSB0
[  141.868216][ T7149] loop3: detected capacity change from 0 to 40427
[  141.899341][ T7149] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  141.907027][ T5823] usb 1-1: USB disconnect, device number 2
[  141.909614][ T7149] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  141.950616][ T5823] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  141.972150][ T7149] F2FS-fs (loop3): invalid crc value
[  141.980769][ T5823] cp210x 1-1:0.32: device disconnected
[  142.004352][ T7149] F2FS-fs (loop3): Found nat_bits in checkpoint
[  142.122115][ T7149] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  142.143437][ T7149] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  142.795790][ T7179] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  142.813420][ T7179] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  142.869686][ T7179] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  142.892705][ T7176] loop1: detected capacity change from 0 to 32768
[  142.903640][ T7176] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.399 (7176)
[  142.913068][ T7179] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  142.927218][ T7176] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  142.937631][ T7176] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  142.946058][ T7179] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  142.946479][ T7176] BTRFS info (device loop1): use zlib compression, level 3
[  142.959628][ T7176] BTRFS info (device loop1): turning on sync discard
[  142.966608][ T7176] BTRFS info (device loop1): doing ref verification
[  142.975618][ T7176] BTRFS info (device loop1): disabling tree log
[  142.982045][ T7176] BTRFS info (device loop1): enabling tree log
[  142.993706][ T7179] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  142.999817][ T7176] BTRFS info (device loop1): enabling ssd optimizations
[  143.007288][ T7176] BTRFS info (device loop1): using spread ssd allocation scheme
[  143.023208][ T7176] BTRFS info (device loop1): not using ssd optimizations
[  143.035866][ T7179] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  143.052780][ T7176] BTRFS info (device loop1): not using spread ssd allocation scheme
[  143.061985][ T7179] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  143.073652][ T7176] BTRFS info (device loop1): using free space tree
[  143.100141][ T7179] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  143.147234][ T7179] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  143.174850][ T7179] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  143.201319][ T7179] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  143.414264][   T28] audit: type=1800 audit(1750193212.031:41): pid=7176 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.399" name="bus" dev="loop1" ino=263 res=0 errno=0
[  143.540695][ T7202] netlink: 88 bytes leftover after parsing attributes in process `syz.2.403'.
[  143.576407][ T7202] netlink: 16 bytes leftover after parsing attributes in process `syz.2.403'.
[  143.726459][ T5763] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  144.209772][ T7206] loop2: detected capacity change from 0 to 8192
[  144.245857][ T7216] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  144.285880][ T7206] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  144.370983][ T7206] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal
[  144.380591][ T7206] REISERFS (device loop2): using ordered data mode
[  144.387897][ T7206] reiserfs: using flush barriers
[  144.395605][ T7206] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  144.426566][ T7206] REISERFS (device loop2): checking transaction log (loop2)
[  144.668533][   T55] IPVS: starting estimator thread 0...
[  144.748308][ T7226] loop1: detected capacity change from 0 to 1024
[  144.770610][ T7206] REISERFS (device loop2): Using tea hash to sort names
[  144.782162][ T7206] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  144.788704][ T7226] EXT4-fs: Ignoring removed nobh option
[  144.797150][ T7228] IPVS: using max 16 ests per chain, 38400 per kthread
[  144.813072][ T5765] Bluetooth: hci0: command 0x0c1a tx timeout
[  144.826981][ T7226] EXT4-fs: Ignoring removed bh option
[  144.892550][ T7226] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.973737][ T5765] Bluetooth: hci1: command 0x0c1a tx timeout
[  145.053332][ T5765] Bluetooth: hci2: command 0x0c1a tx timeout
[  145.172311][ T5763] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.213026][ T5765] Bluetooth: hci3: command 0x0405 tx timeout
[  146.142086][ T7255] loop1: detected capacity change from 0 to 1024
[  146.277852][ T7255] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.353968][ T7245] loop2: detected capacity change from 0 to 32768
[  146.370136][ T7245] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.414 (7245)
[  146.402376][ T7254] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  146.405637][ T7245] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  146.440934][ T7245] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  146.451007][ T7245] BTRFS info (device loop2): use zlib compression, level 3
[  146.460194][ T7245] BTRFS info (device loop2): turning on sync discard
[  146.467787][ T7245] BTRFS info (device loop2): doing ref verification
[  146.474955][ T7245] BTRFS info (device loop2): disabling tree log
[  146.481560][ T7245] BTRFS info (device loop2): enabling tree log
[  146.488456][ T7245] BTRFS info (device loop2): enabling ssd optimizations
[  146.496458][ T7245] BTRFS info (device loop2): using spread ssd allocation scheme
[  146.508360][ T7245] BTRFS info (device loop2): not using ssd optimizations
[  146.513623][ T5763] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.516456][ T7245] BTRFS info (device loop2): not using spread ssd allocation scheme
[  146.533078][ T7245] BTRFS info (device loop2): using free space tree
[  146.718467][   T28] audit: type=1800 audit(1750193215.331:42): pid=7245 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.414" name="bus" dev="loop2" ino=263 res=0 errno=0
[  146.898600][ T5765] Bluetooth: hci0: command 0x0c1a tx timeout
[  146.935883][ T5768] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  147.057741][ T5765] Bluetooth: hci1: command 0x0c1a tx timeout
[  147.143703][ T5765] Bluetooth: hci2: command 0x0c1a tx timeout
[  147.293705][ T5765] Bluetooth: hci3: command 0x0405 tx timeout
[  147.972957][  T787] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  148.173243][  T787] usb 4-1: Using ep0 maxpacket: 16
[  148.196969][  T787] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  148.218237][  T787] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  148.231480][  T787] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  148.246022][  T787] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  148.262974][  T787] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.281336][  T787] usb 4-1: Product: syz
[  148.285693][  T787] usb 4-1: Manufacturer: syz
[  148.290440][  T787] usb 4-1: SerialNumber: syz
[  148.290617][ T7305] loop2: detected capacity change from 0 to 40427
[  148.315900][ T7305] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  148.343007][ T7305] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  148.356451][ T7305] F2FS-fs (loop2): invalid crc value
[  148.385124][ T7305] F2FS-fs (loop2): Found nat_bits in checkpoint
[  148.505052][ T7305] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  148.512976][ T7305] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  148.771632][  T787] usb 4-1: 2:1 : format type 0 is detected, processed as PCM
[  148.973051][ T5765] Bluetooth: hci0: command 0x0c1a tx timeout
[  149.133122][ T5765] Bluetooth: hci1: command 0x0c1a tx timeout
[  149.213345][ T5765] Bluetooth: hci2: command 0x0c1a tx timeout
[  149.247968][ T7317] loop1: detected capacity change from 0 to 32768
[  149.257467][ T7317] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.436 (7317)
[  149.300947][ T7317] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  149.313755][ T7317] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  149.351092][ T7317] BTRFS info (device loop1): use zlib compression, level 3
[  149.373093][ T5765] Bluetooth: hci3: command 0x0405 tx timeout
[  149.381334][ T7317] BTRFS info (device loop1): turning on sync discard
[  149.411213][ T7317] BTRFS info (device loop1): doing ref verification
[  149.419654][ T7317] BTRFS info (device loop1): disabling tree log
[  149.427452][ T7317] BTRFS info (device loop1): enabling tree log
[  149.435062][ T7317] BTRFS info (device loop1): enabling ssd optimizations
[  149.442105][ T7317] BTRFS info (device loop1): using spread ssd allocation scheme
[  149.450143][ T7317] BTRFS info (device loop1): not using ssd optimizations
[  149.459592][ T7317] BTRFS info (device loop1): not using spread ssd allocation scheme
[  149.467917][ T7317] BTRFS info (device loop1): using free space tree
[  149.795362][   T28] audit: type=1800 audit(1750193218.401:43): pid=7317 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.436" name="bus" dev="loop1" ino=263 res=0 errno=0
[  149.893390][  T787] usb 4-1: USB disconnect, device number 6
[  150.045679][ T5865] udevd[5865]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  150.070776][    T8] IPVS: starting estimator thread 0...
[  150.103993][ T5763] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  150.115906][ T7342] loop0: detected capacity change from 0 to 1024
[  150.124215][ T7342] EXT4-fs: Ignoring removed nobh option
[  150.138919][ T7342] EXT4-fs: Ignoring removed bh option
[  150.173167][ T7343] IPVS: using max 18 ests per chain, 43200 per kthread
[  150.266064][ T7342] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  150.443945][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.090958][ T7363] netlink: 12 bytes leftover after parsing attributes in process `syz.0.447'.
[  151.453038][ T5765] Bluetooth: hci3: command 0x0405 tx timeout
[  151.552981][  T787] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  151.742991][  T787] usb 1-1: Using ep0 maxpacket: 8
[  151.767150][  T787] usb 1-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2
[  151.797845][  T787] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.811720][  T787] usb 1-1: Product: syz
[  151.816795][  T787] usb 1-1: Manufacturer: syz
[  151.821651][  T787] usb 1-1: SerialNumber: syz
[  151.832612][  T787] usb 1-1: config 0 descriptor??
[  151.840880][ T7374] loop3: detected capacity change from 0 to 256
[  151.870731][ T7374] FAT-fs (loop3): Unrecognized mount option "fsuuid=31c86ea8-406a-a5Qc-f314-2f4" or missing value
[  151.935910][ T7344] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  152.062154][ T7374] loop3: detected capacity change from 0 to 2048
[  152.101605][  T787] usb 1-1: dvb_usb_v2: found a 'Terratec H7' in warm state
[  152.140253][ T7374] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  152.298940][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.010552][ T7397] loop3: detected capacity change from 0 to 8192
[  153.042566][ T7397] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  153.056609][ T7397] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal
[  153.066986][ T7397] REISERFS (device loop3): using ordered data mode
[  153.074143][ T7397] reiserfs: using flush barriers
[  153.084165][ T7397] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  153.101442][ T7397] REISERFS (device loop3): checking transaction log (loop3)
[  153.292560][ T7397] REISERFS (device loop3): Using tea hash to sort names
[  153.309197][ T7397] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  153.568462][  T787] usb write operation failed. (-71)
[  153.604856][  T787] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  153.633775][  T787] dvbdev: DVB: registering new adapter (Terratec H7)
[  153.666992][  T787] usb 1-1: media controller created
[  153.679764][  T787] usb read operation failed. (-71)
[  153.693002][ T5823] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  153.704437][  T787] usb write operation failed. (-71)
[  153.729781][  T787] dvb_usb_az6007: probe of 1-1:0.0 failed with error -5
[  153.755007][  T787] usb 1-1: USB disconnect, device number 3
[  153.882955][ T5823] usb 2-1: Using ep0 maxpacket: 32
[  153.892263][ T5823] usb 2-1: unable to get BOS descriptor or descriptor too short
[  153.902762][ T5823] usb 2-1: config 2 has an invalid interface number: 140 but max is 0
[  153.921839][ T5823] usb 2-1: config 2 has no interface number 0
[  153.931484][ T5823] usb 2-1: config 2 interface 140 altsetting 9 endpoint 0x6 has invalid maxpacket 1024, setting to 64
[  153.951635][ T5823] usb 2-1: config 2 interface 140 altsetting 9 endpoint 0x7 has invalid maxpacket 1023, setting to 64
[  153.968845][ T5823] usb 2-1: config 2 interface 140 has no altsetting 0
[  153.982495][ T5823] usb 2-1: New USB device found, idVendor=0eef, idProduct=0001, bcdDevice=15.b8
[  153.992315][ T5823] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  154.001826][ T7409] netlink: 32 bytes leftover after parsing attributes in process `syz.3.465'.
[  154.003620][ T5823] usb 2-1: Product: syz
[  154.011086][ T7409] netlink: 30 bytes leftover after parsing attributes in process `syz.3.465'.
[  154.015423][ T5823] usb 2-1: Manufacturer: syz
[  154.029648][ T5823] usb 2-1: SerialNumber: syz
[  154.308027][ T5823] usbhid 2-1:2.140: couldn't find an input interrupt endpoint
[  154.311993][ T7413] loop0: detected capacity change from 0 to 1024
[  154.365121][ T5823] usb 2-1: USB disconnect, device number 8
[  154.391028][ T6899] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  154.467144][   T28] audit: type=1804 audit(1750193223.071:44): pid=7413 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.467" name="/newroot/103/bus/file1" dev="overlay" ino=576 res=1 errno=0
[  154.491209][ T7417] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  154.597052][ T7416] loop2: detected capacity change from 0 to 1024
[  154.614191][ T7416] EXT4-fs: Ignoring removed nobh option
[  154.633102][ T7416] EXT4-fs: Ignoring removed bh option
[  154.694754][ T7416] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.805048][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.118893][ T7432] netlink: 32 bytes leftover after parsing attributes in process `syz.1.474'.
[  155.128408][ T7432] netlink: 30 bytes leftover after parsing attributes in process `syz.1.474'.
[  155.303009][   T55] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  155.503046][   T55] usb 4-1: Using ep0 maxpacket: 16
[  155.519865][   T55] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  155.541547][   T55] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  155.547453][ T7426] loop2: detected capacity change from 0 to 32768
[  155.566488][   T55] usb 4-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00
[  155.594577][   T55] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.633153][   T55] usb 4-1: config 0 descriptor??
[  155.646622][ T7426] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  155.853599][ T7426] XFS (loop2): Ending clean mount
[  156.091684][ T5768] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  156.495231][   T55] letsketch 0003:6161:4D15.0004: Device info: ¥
[  156.702592][   T55] letsketch 0003:6161:4D15.0004: Device info: ᑔ
[  156.711002][ T7454] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  156.717275][ T7454] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  156.727555][ T7454] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  156.736501][ T7454] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  156.903839][   T55] letsketch 0003:6161:4D15.0004: Device info: ఁ
[  157.140844][   T55] usb 4-1: Max retries (5) exceeded reading string descriptor 1
[  157.152992][   T55] letsketch: probe of 0003:6161:4D15.0004 failed with error -71
[  157.175752][   T55] usb 4-1: USB disconnect, device number 7
[  157.432048][ T7458] loop0: detected capacity change from 0 to 32768
[  157.454495][ T7458] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.480 (7458)
[  157.488641][ T7458] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  157.506157][ T7458] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  157.518371][ T7458] BTRFS info (device loop0): turning off barriers
[  157.525647][ T7458] BTRFS info (device loop0): setting nodatasum
[  157.532012][ T7458] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  157.548789][ T7458] BTRFS info (device loop0): use zstd compression, level 3
[  157.570318][ T7458] BTRFS info (device loop0): using free space tree
[  157.912709][ T5766] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  158.024068][   T55] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  158.145876][ T7344] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 10 /dev/loop0 scanned by udevd (7344)
[  158.253362][   T55] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  158.281151][   T55] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  158.303277][   T55] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.333065][   T55] usb 3-1: Product: syz
[  158.339815][   T55] usb 3-1: Manufacturer: syz
[  158.349813][   T55] usb 3-1: SerialNumber: syz
[  158.371389][ T7464] loop1: detected capacity change from 0 to 32768
[  158.423443][ T7464] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.484 (7464)
[  158.504106][ T7464] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  158.528933][ T7464] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  158.552228][ T7464] BTRFS info (device loop1): use zlib compression, level 3
[  158.559508][ T7495] netlink: 220 bytes leftover after parsing attributes in process `syz.0.489'.
[  158.608105][ T7464] BTRFS info (device loop1): turning on sync discard
[  158.625709][ T7464] BTRFS info (device loop1): doing ref verification
[  158.641906][ T7464] BTRFS info (device loop1): disabling tree log
[  158.658994][ T5765] Bluetooth: hci0: command 0x0c1a tx timeout
[  158.665382][ T7464] BTRFS info (device loop1): enabling tree log
[  158.673738][ T7464] BTRFS info (device loop1): enabling ssd optimizations
[  158.703044][ T7464] BTRFS info (device loop1): using spread ssd allocation scheme
[  158.710884][ T7464] BTRFS info (device loop1): not using ssd optimizations
[  158.718487][ T7464] BTRFS info (device loop1): not using spread ssd allocation scheme
[  158.726911][ T7464] BTRFS info (device loop1): using free space tree
[  158.734028][ T5765] Bluetooth: hci2: command 0x0c1a tx timeout
[  158.740139][ T5765] Bluetooth: hci1: command 0x0c1a tx timeout
[  158.813162][ T5765] Bluetooth: hci3: command 0x0405 tx timeout
[  158.943464][   T28] audit: type=1800 audit(1750193227.561:45): pid=7464 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.484" name="bus" dev="loop1" ino=263 res=0 errno=0
[  159.313396][ T5763] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  159.412805][   T55] cdc_ncm 3-1:1.0: MAC-Address: 42:42:42:42:42:42
[  159.443362][   T55] cdc_ncm 3-1:1.0: dwNtbInMaxSize=16 is too small. Using 2048
[  159.455296][   T55] cdc_ncm 3-1:1.0: setting rx_max = 2048
[  159.618777][ T7519] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  159.635518][ T7519] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  159.653476][ T7519] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  159.697231][ T7519] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  159.823160][   T55] cdc_ncm 3-1:1.0: setting tx_max = 88
[  159.858005][   T55] cdc_ncm 3-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.2-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  159.908223][   T55] usb 3-1: USB disconnect, device number 4
[  159.933665][   T55] cdc_ncm 3-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.2-1, CDC NCM (NO ZLP)
[  160.832631][ T7554] binder: 7552:7554 ioctl 4018620d 0 returned -22
[  160.885738][ T7551] netlink: 'syz.2.501': attribute type 1 has an invalid length.
[  160.924820][ T7556] binder: 7552:7556 ioctl c018620c 0 returned -14
[  161.623827][ T5765] Bluetooth: hci0: command 0x0c1a tx timeout
[  161.633289][   T55] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  161.695473][ T5774] Bluetooth: hci1: command 0x0c1a tx timeout
[  161.701642][ T5765] Bluetooth: hci2: command 0x0c1a tx timeout
[  161.773300][ T5765] Bluetooth: hci3: command 0x0405 tx timeout
[  161.833420][   T55] usb 4-1: Using ep0 maxpacket: 32
[  161.856387][   T55] usb 4-1: unable to get BOS descriptor or descriptor too short
[  161.866460][   T55] usb 4-1: config 2 has an invalid interface number: 140 but max is 0
[  161.882956][   T55] usb 4-1: config 2 has no interface number 0
[  161.889270][   T55] usb 4-1: config 2 interface 140 altsetting 9 endpoint 0x6 has invalid maxpacket 1024, setting to 64
[  161.910728][   T55] usb 4-1: config 2 interface 140 altsetting 9 endpoint 0x7 has invalid maxpacket 1023, setting to 64
[  161.937049][   T55] usb 4-1: config 2 interface 140 has no altsetting 0
[  161.980736][   T55] usb 4-1: New USB device found, idVendor=0eef, idProduct=0001, bcdDevice=15.b8
[  161.995058][   T55] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.010529][   T55] usb 4-1: Product: syz
[  162.020060][   T55] usb 4-1: Manufacturer: syz
[  162.037965][   T55] usb 4-1: SerialNumber: syz
[  162.291775][   T55] usbhid 4-1:2.140: couldn't find an input interrupt endpoint
[  162.319990][   T55] usb 4-1: USB disconnect, device number 8
[  162.802086][ T7595] netlink: 96 bytes leftover after parsing attributes in process `syz.2.509'.
[  162.893279][ T5823] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  163.089841][ T5823] usb 1-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  163.101709][ T5823] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.118924][ T5823] usb 1-1: config 0 descriptor??
[  163.133905][ T5823] gspca_main: cpia1-2.14.0 probing 0813:0001
[  163.216524][ T7601] loop3: detected capacity change from 0 to 512
[  163.244470][ T7601] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.511: invalid indirect mapped block 256 (level 2)
[  163.277349][ T7601] EXT4-fs (loop3): 2 truncates cleaned up
[  163.348990][ T7601] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.538635][ T5823] cpia1 1-1:0.0: unexpected state after lo power cmd: 00
[  163.853123][ T5765] Bluetooth: hci3: command 0x0405 tx timeout
[  163.939928][ T5823] gspca_cpia1: usb_control_msg 02, error -71
[  163.956100][ T5823] gspca_cpia1: usb_control_msg 05, error -71
[  163.962162][ T5823] cpia1 1-1:0.0: unexpected systemstate: 00
[  163.995306][ T5823] usb 1-1: USB disconnect, device number 4
[  164.088140][ T7601] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.280783][   T28] audit: type=1326 audit(1750193232.891:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7612 comm="syz.1.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef0d8e929 code=0x7fc00000
[  164.572711][ T7615] loop2: detected capacity change from 0 to 32768
[  164.590966][ T7615] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.517 (7615)
[  164.614551][ T7625] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  164.627713][ T7615] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  164.655694][ T7615] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  164.669041][ T7615] BTRFS info (device loop2): force clearing of disk cache
[  164.678095][ T7615] BTRFS info (device loop2): enabling auto defrag
[  164.691177][ T7615] BTRFS info (device loop2): max_inline at 0
[  164.706847][ T7615] BTRFS info (device loop2): enabling disk space caching
[  164.729871][ T7615] BTRFS info (device loop2): disk space caching is enabled
[  164.831265][ T7615] BTRFS info (device loop2): enabling ssd optimizations
[  164.856683][ T7615] BTRFS info (device loop2): rebuilding free space tree
[  164.897809][ T7615] BTRFS info (device loop2): disabling free space tree
[  164.916248][ T7615] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  164.936764][ T7615] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  164.948110][   T28] audit: type=1326 audit(1750193233.561:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7612 comm="syz.1.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f6ef0d8e929 code=0x7fc00000
[  165.269872][   T42] BTRFS info (device loop2): qgroup scan completed (inconsistency flag cleared)
[  165.420251][ T5768] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  165.943025][ T5765] Bluetooth: hci3: command 0x0405 tx timeout
[  166.356410][ T7659] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  166.376432][ T7659] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  166.403683][ T7659] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  166.409851][ T7659] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  166.851250][   T28] audit: type=1326 audit(1750193235.461:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7671 comm="syz.3.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f698418e929 code=0x7fc00000
[  167.293927][ T7688] loop1: detected capacity change from 0 to 256
[  167.316916][ T7688] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  167.348436][ T7688] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  167.385922][ T7688] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  167.513101][   T28] audit: type=1326 audit(1750193236.121:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7671 comm="syz.3.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f698418e929 code=0x7fc00000
[  167.620733][ T7688] exFAT-fs (loop1): invalid start cluster (2155889475)
[  167.910240][ T7694] netlink: 4 bytes leftover after parsing attributes in process `syz.3.547'.
[  167.958996][ T7677] loop2: detected capacity change from 0 to 65536
[  168.028308][ T7677] XFS (loop2): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  168.089877][ T7677] XFS (loop2): Ending clean mount
[  168.162362][ T7677] overlayfs: missing 'lowerdir'
[  168.208923][ T5802] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x191/0x250, xfs_agf block 0x1 
[  168.241527][ T5802] XFS (loop2): Unmount and run xfs_repair
[  168.251965][ T5802] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  168.259547][ T5774] Bluetooth: hci0: command 0x0c1a tx timeout
[  168.284136][ T5802] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  168.307333][ T5802] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  168.332591][ T5802] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  168.360022][ T5802] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  168.370548][ T5802] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  168.386110][ T5802] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  168.397119][ T5802] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  168.406221][ T5802] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  168.415253][ T5774] Bluetooth: hci1: command 0x0c1a tx timeout
[  168.426498][ T7677] XFS (loop2): metadata I/O error in "xfs_read_agf+0x27e/0x590" at daddr 0x1 len 1 error 74
[  168.443050][ T7677] XFS (loop2): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x518/0x8a0 (fs/xfs/xfs_trans_buf.c:296).  Shutting down filesystem.
[  168.458601][ T7677] XFS (loop2): Please unmount the filesystem and rectify the problem(s)
[  168.493146][ T5774] Bluetooth: hci3: command 0x0405 tx timeout
[  168.493567][ T5765] Bluetooth: hci2: command 0x0c1a tx timeout
[  168.597847][ T7714] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  168.636893][ T5768] XFS (loop2): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  168.882514][ T7716] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  168.889354][ T7716] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  168.918374][ T7716] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  168.929771][ T7716] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  168.935362][ T7721] loop3: detected capacity change from 0 to 256
[  168.996622][ T7721] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  169.008196][ T7721] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  169.020207][ T7721] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  169.079200][ T7721] exFAT-fs (loop3): invalid start cluster (2155889475)
[  169.243240][ T5802] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  169.431318][ T5802] usb 2-1: Using ep0 maxpacket: 16
[  169.439608][ T5802] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  169.455163][ T5802] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  169.471257][ T5802] usb 2-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00
[  169.480813][ T5802] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.499691][ T5802] usb 2-1: config 0 descriptor??
[  169.762276][ T7736] netlink: 96 bytes leftover after parsing attributes in process `syz.3.553'.
[  170.284741][ T5802] letsketch 0003:6161:4D15.0005: Device info: ¥
[  170.342562][ T7732] loop0: detected capacity change from 0 to 32768
[  170.421233][ T7732] XFS (loop0): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  170.426854][ T7747] loop2: detected capacity change from 0 to 4096
[  170.438882][ T7747] EXT4-fs: Ignoring removed mblk_io_submit option
[  170.488187][ T5802] letsketch 0003:6161:4D15.0005: Device info: ᑔ
[  170.500931][   T28] audit: type=1326 audit(1750193239.162:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7749 comm="syz.3.559" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f698418e929 code=0x0
[  170.524682][ T7747] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.671184][ T7732] XFS (loop0): Starting recovery (logdev: internal)
[  170.684388][ T5802] letsketch 0003:6161:4D15.0005: Device info: ఁ
[  170.744604][ T5774] Bluetooth: hci0: command 0x0c1a tx timeout
[  170.764174][ T7732] XFS (loop0): Ending recovery (logdev: internal)
[  170.794608][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.824376][ T5774] Bluetooth: hci1: command 0x0c1a tx timeout
[  170.900496][ T5765] Bluetooth: hci2: command 0x0c1a tx timeout
[  170.906617][ T5774] Bluetooth: hci3: command 0x0405 tx timeout
[  170.923433][ T5802] usb 2-1: Max retries (5) exceeded reading string descriptor 1
[  170.973553][ T5802] letsketch: probe of 0003:6161:4D15.0005 failed with error -71
[  171.008981][ T5802] usb 2-1: USB disconnect, device number 9
[  171.163861][ T5766] XFS (loop0): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  171.569632][ T7771] loop3: detected capacity change from 0 to 64
[  171.653335][ T7771] hfs: request for non-existent node 24 in B*Tree
[  171.661258][ T7771] hfs: request for non-existent node 24 in B*Tree
[  171.684022][ T7771] hfs: request for non-existent node 25 in B*Tree
[  171.693783][ T7771] hfs: request for non-existent node 25 in B*Tree
[  171.711157][ T7771] hfs: request for non-existent node 26 in B*Tree
[  171.718712][ T7771] hfs: request for non-existent node 26 in B*Tree
[  171.727511][ T7771] hfs: request for non-existent node 27 in B*Tree
[  171.734281][ T7771] hfs: request for non-existent node 27 in B*Tree
[  171.743388][ T7771] hfs: request for non-existent node 28 in B*Tree
[  171.750073][ T7771] hfs: request for non-existent node 28 in B*Tree
[  171.871607][   T28] audit: type=1326 audit(1750193240.569:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7774 comm="syz.1.574" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6ef0d8e929 code=0x0
[  172.283835][ T7789] loop0: detected capacity change from 0 to 2048
[  172.350466][ T7789] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  172.548457][ T7794] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  172.634168][   T28] audit: type=1800 audit(1750193241.337:52): pid=7789 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.568" name="file2" dev="loop0" ino=16 res=0 errno=0
[  172.826679][ T7798] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4290638775 (549201763200 ns) > initial count (439443453440 ns). Using initial count to start timer.
[  172.898093][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.970819][ T5774] Bluetooth: hci3: command 0x0405 tx timeout
[  173.090050][ T7791] loop2: detected capacity change from 0 to 32768
[  173.136902][ T7791] XFS (loop2): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  173.189499][ T7818] loop1: detected capacity change from 0 to 64
[  173.266439][ T7791] XFS (loop2): Starting recovery (logdev: internal)
[  173.302893][ T7791] XFS (loop2): Ending recovery (logdev: internal)
[  173.327665][ T7818] hfs: request for non-existent node 24 in B*Tree
[  173.334369][ T7818] hfs: request for non-existent node 24 in B*Tree
[  173.346387][ T7818] hfs: request for non-existent node 25 in B*Tree
[  173.353077][ T7818] hfs: request for non-existent node 25 in B*Tree
[  173.391529][ T7818] hfs: request for non-existent node 26 in B*Tree
[  173.409587][ T7818] hfs: request for non-existent node 26 in B*Tree
[  173.437548][ T7818] hfs: request for non-existent node 27 in B*Tree
[  173.460650][ T7818] hfs: request for non-existent node 27 in B*Tree
[  173.482493][ T7818] hfs: request for non-existent node 28 in B*Tree
[  173.505293][ T7818] hfs: request for non-existent node 28 in B*Tree
[  173.795058][ T5768] XFS (loop2): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  173.901484][ T7814] loop3: detected capacity change from 0 to 32768
[  173.916632][ T7814] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.578 (7814)
[  173.946964][ T7814] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  173.971643][ T7814] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  173.980404][ T7814] BTRFS info (device loop3): force clearing of disk cache
[  174.006774][ T7814] BTRFS info (device loop3): enabling auto defrag
[  174.014946][ T7814] BTRFS info (device loop3): max_inline at 0
[  174.021001][ T7814] BTRFS info (device loop3): enabling disk space caching
[  174.043424][ T7814] BTRFS info (device loop3): disk space caching is enabled
[  174.155289][ T7814] BTRFS info (device loop3): enabling ssd optimizations
[  174.218068][ T7814] BTRFS info (device loop3): rebuilding free space tree
[  174.283865][ T7814] BTRFS info (device loop3): disabling free space tree
[  174.300479][ T7814] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  174.328602][ T7814] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  174.596190][ T6474] BTRFS info (device loop3): qgroup scan completed (inconsistency flag cleared)
[  174.751330][ T5767] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  175.123081][ T5774] Bluetooth: hci3: command 0x0405 tx timeout
[  175.984013][ T7860] loop3: detected capacity change from 0 to 2048
[  176.078253][ T7860] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.092095][ T7851] loop1: detected capacity change from 0 to 32768
[  176.108807][ T7851] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 10
[  176.304104][ T7344] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 10
[  176.319950][ T7869] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  176.430513][   T28] audit: type=1800 audit(1750193245.024:53): pid=7860 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.586" name="file2" dev="loop3" ino=16 res=0 errno=0
[  176.566743][ T7875] loop0: detected capacity change from 0 to 64
[  176.695612][ T7875] hfs: request for non-existent node 24 in B*Tree
[  176.702113][ T7875] hfs: request for non-existent node 24 in B*Tree
[  176.728284][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.759411][ T7875] hfs: request for non-existent node 25 in B*Tree
[  176.781424][ T7875] hfs: request for non-existent node 25 in B*Tree
[  176.821873][ T7875] hfs: request for non-existent node 26 in B*Tree
[  176.831089][ T7875] hfs: request for non-existent node 26 in B*Tree
[  176.841760][ T7875] hfs: request for non-existent node 27 in B*Tree
[  176.848761][ T7875] hfs: request for non-existent node 27 in B*Tree
[  176.859054][ T7875] hfs: request for non-existent node 28 in B*Tree
[  176.866766][ T7875] hfs: request for non-existent node 28 in B*Tree
[  177.059581][ T7885] netlink: 96 bytes leftover after parsing attributes in process `syz.0.592'.
[  177.077245][ T7887] Illegal XDP return value 4294967294 on prog  (id 131) dev N/A, expect packet loss!
[  177.234575][ T6474] Bluetooth: hci4: Frame reassembly failed (-84)
[  177.350968][ T7893] loop0: detected capacity change from 0 to 8192
[  177.376013][ T7893] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  177.389752][ T7893] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  177.404255][ T7893] REISERFS (device loop0): using ordered data mode
[  177.422835][ T7893] reiserfs: using flush barriers
[  177.432104][ T7893] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  177.459022][ T7893] REISERFS (device loop0): checking transaction log (loop0)
[  177.472736][ T7893] REISERFS (device loop0): Using r5 hash to sort names
[  177.492763][ T7893] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  178.173748][ T7900] loop1: detected capacity change from 0 to 32768
[  178.210243][ T7898] loop2: detected capacity change from 0 to 32768
[  178.220659][ T7898] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.601 (7898)
[  178.249452][ T7898] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  178.261778][ T7898] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  178.265404][ T7900] XFS (loop1): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  178.280056][ T7898] BTRFS info (device loop2): using free space tree
[  178.432265][ T7898] BTRFS info (device loop2): enabling ssd optimizations
[  178.457019][ T7898] BTRFS info (device loop2): auto enabling async discard
[  178.499680][ T7900] XFS (loop1): Starting recovery (logdev: internal)
[  178.564121][ T7900] XFS (loop1): Ending recovery (logdev: internal)
[  178.841386][ T7900] syz.1.600 (7900) used greatest stack depth: 20136 bytes left
[  178.878448][ T5768] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  178.957205][ T5763] XFS (loop1): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  179.234967][ T5774] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  179.241996][ T5765] Bluetooth: hci4: command 0x1003 tx timeout
[  179.410377][ T7929] loop1: detected capacity change from 0 to 2048
[  179.557724][ T7929] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  179.738573][ T7940] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  179.806022][   T28] audit: type=1800 audit(1750193248.479:54): pid=7929 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.602" name="file2" dev="loop1" ino=16 res=0 errno=0
[  179.845104][ T7943] loop3: detected capacity change from 0 to 128
[  179.907095][ T7943] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  179.945261][ T7927] loop0: detected capacity change from 0 to 32768
[  179.958054][ T7927] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.610 (7927)
[  179.991014][ T7943] ext4 filesystem being mounted at /152/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  180.054708][ T7927] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  180.065516][ T7927] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  180.070259][ T5763] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.074408][ T7927] BTRFS info (device loop0): using free space tree
[  180.205854][ T7927] BTRFS info (device loop0): enabling ssd optimizations
[  180.223498][ T7927] BTRFS info (device loop0): auto enabling async discard
[  180.333926][ T7964] netlink: 96 bytes leftover after parsing attributes in process `syz.1.606'.
[  180.352309][ T7943] fscrypt: Adiantum using implementation "adiantum(xchacha12-simd,aes-aesni,nhpoly1305-avx2)"
[  180.472554][ T5767] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  180.722586][ T5766] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  181.382804][ T7980] loop2: detected capacity change from 0 to 256
[  181.448969][ T7980] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  181.548129][ T7984] loop1: detected capacity change from 0 to 128
[  181.589339][ T7980] exFAT-fs (loop2): error, broken FAT chain.
[  181.598292][ T7980] exFAT-fs (loop2): Filesystem has been set read-only
[  181.605117][ T7980] exFAT-fs (loop2): error, failed to bmap (inode : ffff88805d758160 iblock : 8, err : -5)
[  181.665083][ T7984] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  181.682622][ T7984] ext4 filesystem being mounted at /149/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  181.810498][ T7984] syz.1.617 (pid 7984) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  181.853176][ T7978] loop0: detected capacity change from 0 to 32768
[  181.872285][ T7978] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.611 (7978)
[  181.923509][ T7978] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  181.950639][ T7978] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  181.976797][ T5763] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  181.996593][ T7990] loop2: detected capacity change from 0 to 2048
[  181.996733][ T7978] BTRFS info (device loop0): force clearing of disk cache
[  182.040205][ T7978] BTRFS info (device loop0): enabling auto defrag
[  182.058337][ T7978] BTRFS info (device loop0): max_inline at 0
[  182.066449][ T7978] BTRFS info (device loop0): enabling disk space caching
[  182.085995][ T7978] BTRFS info (device loop0): disk space caching is enabled
[  182.115072][ T7990] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  182.222333][ T7978] BTRFS info (device loop0): enabling ssd optimizations
[  182.240423][ T7978] BTRFS info (device loop0): rebuilding free space tree
[  182.287010][ T8009] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  182.322726][ T7978] BTRFS info (device loop0): disabling free space tree
[  182.352084][ T7978] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  182.372392][ T7978] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  182.386104][   T28] audit: type=1800 audit(1750193250.991:55): pid=7990 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.619" name="file2" dev="loop2" ino=16 res=0 errno=0
[  182.512637][ T6474] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  182.615251][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.647476][ T5766] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  182.842510][ T5765] Bluetooth: hci4: command 0x1003 tx timeout
[  182.849849][ T5774] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  183.087521][ T8015] loop2: detected capacity change from 0 to 512
[  183.160116][ T8015] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  183.197832][ T8015] ext4 filesystem being mounted at /169/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  183.268850][ T8011] loop1: detected capacity change from 0 to 32768
[  183.310429][ T8011] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.628 (8011)
[  183.416821][ T8011] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  183.460048][ T8011] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  183.480556][ T8011] BTRFS info (device loop1): using free space tree
[  183.590497][ T8011] BTRFS info (device loop1): enabling ssd optimizations
[  183.612046][ T8011] BTRFS info (device loop1): auto enabling async discard
[  183.679307][  T787] usb 3-1: new full-speed USB device number 5 using dummy_hcd
[  183.895738][  T787] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  183.911043][  T787] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 255, setting to 64
[  183.951028][  T787] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  183.965670][ T5763] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  183.979887][  T787] usb 3-1: New USB device found, idVendor=05ac, idProduct=0264, bcdDevice= 0.00
[  183.989638][  T787] usb 3-1: New USB device strings: Mfr=128, Product=0, SerialNumber=0
[  184.011004][  T787] usb 3-1: Manufacturer: syz
[  184.048306][  T787] usb 3-1: config 0 descriptor??
[  184.067830][ T8015] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  184.558873][  T787] apple 0003:05AC:0264.0006: ignoring exceeding usage max
[  184.587067][  T787] apple 0003:05AC:0264.0006: hidraw0: USB HID vff.fa Device [syz] on usb-dummy_hcd.2-1/input0
[  184.863705][ T8062] netlink: 24 bytes leftover after parsing attributes in process `syz.1.631'.
[  184.933041][    T8] usb 3-1: USB disconnect, device number 5
[  185.174440][ T5802] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[  185.410259][ T5802] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  185.431014][ T5802] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  185.452356][ T5802] usb 4-1: New USB device found, idVendor=0461, idProduct=4e72, bcdDevice= 0.00
[  185.477629][ T5802] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.499597][ T5802] usb 4-1: config 0 descriptor??
[  185.511955][ T8063] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  185.579759][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  186.009818][ T5802] hid-rmi 0003:0461:4E72.0007: item fetching failed at offset 2/5
[  186.026660][ T5802] hid-rmi 0003:0461:4E72.0007: parse failed
[  186.038608][ T5802] hid-rmi: probe of 0003:0461:4E72.0007 failed with error -22
[  186.282837][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  186.285489][ T8096] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  186.727518][ T8098] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  186.740884][    T9] usb 4-1: USB disconnect, device number 9
[  186.981758][ T8106] netlink: 'syz.1.648': attribute type 10 has an invalid length.
[  187.015485][ T8106] team0: Port device dummy0 added
[  187.055850][ T8106] netlink: 'syz.1.648': attribute type 10 has an invalid length.
[  187.066416][ T8106] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  187.096579][ T8106] team0: Failed to send options change via netlink (err -105)
[  187.105047][ T8106] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  187.115693][ T8106] team0: Port device dummy0 removed
[  187.126655][ T8106] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  187.378067][ T8110] loop1: detected capacity change from 0 to 4096
[  187.407236][ T8110] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512).
[  187.716999][ T8108] loop2: detected capacity change from 0 to 8
[  187.769611][ T8108] unable to read inode lookup table
[  188.311559][ T8127] loop1: detected capacity change from 0 to 512
[  188.404306][ T8127] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  188.448815][ T8127] ext4 filesystem being mounted at /162/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  188.680469][ T5763] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.915503][ T8140] netlink: 4 bytes leftover after parsing attributes in process `syz.3.661'.
[  189.011121][   T28] audit: type=1326 audit(1750193257.243:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8141 comm="syz.1.659" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6ef0d8e929 code=0x0
[  189.234805][ T8153] loop0: detected capacity change from 0 to 512
[  189.263203][ T8153] ext4: Unknown parameter 'delalloc.dax'
[  189.433282][ T8155] process 'syz.3.665' launched './file0' with NULL argv: empty string added
[  189.716858][ T8165] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  189.725105][ T8163] loop0: detected capacity change from 0 to 1024
[  189.741592][ T8163] EXT4-fs: Ignoring removed nobh option
[  189.762560][ T8163] EXT4-fs: inline encryption not supported
[  189.779823][ T8163] EXT4-fs: Ignoring removed bh option
[  189.803440][ T8163] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  189.862762][ T8163] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.936102][ T8163] EXT4-fs error (device loop0): mb_free_blocks:1943: group 0, inode 13: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[  190.117331][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.165018][ T8173] loop1: detected capacity change from 0 to 1024
[  190.174866][ T8173] EXT4-fs: Ignoring removed bh option
[  190.180499][ T8173] EXT4-fs: inline encryption not supported
[  190.235467][ T8173] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  190.281871][ T8173] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000]
[  190.347844][ T8173] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 2: comm syz.1.672: lblock 2 mapped to illegal pblock 2 (length 1)
[  190.397784][ T8173] Quota error (device loop1): qtree_write_dquot: dquota write failed
[  190.406071][ T8173] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 48: comm syz.1.672: lblock 0 mapped to illegal pblock 48 (length 1)
[  190.433381][ T8173] Quota error (device loop1): v2_write_file_info: Can't write info structure
[  190.444164][ T8173] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.672: Failed to acquire dquot type 0
[  190.462250][ T8173] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5896: Corrupt filesystem
[  190.494971][ T8173] EXT4-fs error (device loop1): ext4_evict_inode:252: inode #11: comm syz.1.672: mark_inode_dirty error
[  190.507530][ T8173] EXT4-fs warning (device loop1): ext4_evict_inode:255: couldn't mark inode dirty (err -117)
[  190.546796][ T8173] EXT4-fs (loop1): 1 orphan inode deleted
[  190.554051][ T8173] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.579440][ T6472] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:12: lblock 1 mapped to illegal pblock 1 (length 1)
[  190.606077][ T6472] Quota error (device loop1): remove_tree: Can't read quota data block 1
[  190.619037][ T6472] EXT4-fs error (device loop1): ext4_release_dquot:6974: comm kworker/u4:12: Failed to release dquot type 0
[  190.719077][ T8173] ext4: Bad value for 'resuid'
[  190.888550][ T5763] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.910024][ T5763] EXT4-fs error (device loop1): __ext4_get_inode_loc:4478: comm syz-executor: Invalid inode table block 1 in block_group 0
[  190.941720][ T5763] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5896: Corrupt filesystem
[  190.962856][ T5763] EXT4-fs error (device loop1): ext4_quota_off:7222: inode #3: comm syz-executor: mark_inode_dirty error
[  191.877804][ T8213] loop2: detected capacity change from 0 to 512
[  191.963913][ T8213] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.990740][ T8213] ext4 filesystem being mounted at /180/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  192.054142][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.333320][ T8229] loop2: detected capacity change from 0 to 512
[  192.336279][ T8231] netlink: 4 bytes leftover after parsing attributes in process `syz.3.691'.
[  192.423402][ T8232] loop0: detected capacity change from 0 to 128
[  192.480118][ T8229] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.562586][ T8229] ext4 filesystem being mounted at /181/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  192.583097][ T8232] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  192.615396][ T8229] EXT4-fs error (device loop2): ext4_do_update_inode:5224: inode #2: comm syz.2.690: corrupted inode contents
[  192.637187][ T8232] FAT-fs (loop0): Filesystem has been set read-only
[  192.672563][ T8229] EXT4-fs error (device loop2): ext4_dirty_inode:6100: inode #2: comm syz.2.690: mark_inode_dirty error
[  192.690904][ T8232] syz.0.692: attempt to access beyond end of device
[  192.690904][ T8232] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  192.734268][ T8229] EXT4-fs error (device loop2): ext4_do_update_inode:5224: inode #2: comm syz.2.690: corrupted inode contents
[  192.748909][ T8232] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  192.773942][ T8232] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  192.808887][ T8229] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #2: comm syz.2.690: mark_inode_dirty error
[  192.814686][ T8232] syz.0.692: attempt to access beyond end of device
[  192.814686][ T8232] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[  192.871096][   T28] audit: type=1800 audit(1750193260.883:57): pid=8232 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.692" name="file2" dev="loop0" ino=1048607 res=0 errno=0
[  192.898291][ T8232] syz.0.692 (8232) used greatest stack depth: 19440 bytes left
[  193.069399][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.411897][ T8258] loop2: detected capacity change from 0 to 128
[  193.561402][ T8258] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  193.592991][ T8258] ext4 filesystem being mounted at /182/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  193.916275][ T5768] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  194.731291][ T8282] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  194.776747][ T8282] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  195.007545][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  195.014672][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  195.109043][ T8284] loop1: detected capacity change from 0 to 8
[  195.132859][ T8284] unable to read inode lookup table
[  195.573201][ T8292] ksmbd: Unknown IPC event: 0, ignore.
[  196.138228][ T8299] loop1: detected capacity change from 0 to 256
[  196.217915][ T8299] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  196.399379][ T8299] exFAT-fs (loop1): error, broken FAT chain.
[  196.416377][ T8299] exFAT-fs (loop1): Filesystem has been set read-only
[  196.436327][ T8299] exFAT-fs (loop1): error, failed to bmap (inode : ffff88806b1b8160 iblock : 8, err : -5)
[  197.539684][ T5802] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  197.674184][ T8321] macsec1: entered allmulticast mode
[  197.763936][ T5802] usb 2-1: Using ep0 maxpacket: 16
[  197.784367][ T5802] usb 2-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  197.794338][ T5802] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  197.802834][ T5802] usb 2-1: Product: syz
[  197.808141][ T5802] usb 2-1: Manufacturer: syz
[  197.812785][ T5802] usb 2-1: SerialNumber: syz
[  197.834899][ T5802] usb 2-1: config 0 descriptor??
[  198.256390][ T8323] loop3: detected capacity change from 0 to 512
[  198.305265][ T5802] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[  198.340213][ T5802] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  198.341686][ T8323] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.727: bad orphan inode 11
[  198.360393][ T5802] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[  198.379280][ T8323] ext4_test_bit(bit=10, block=4) = 1
[  198.409480][ T8323] is_bad_inode(inode)=0
[  198.413719][ T8323] NEXT_ORPHAN(inode)=2080374784
[  198.437594][ T5802] usb 2-1: media controller created
[  198.473940][ T8323] max_ino=32
[  198.477262][ T8323] i_nlink=0
[  198.486392][ T8323] EXT4-fs (loop3): 1 truncate cleaned up
[  198.494359][ T8323] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.522425][ T8314] dtv5100: wlen = 0, aborting.
[  198.543741][ T5802] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  198.678204][ T5802] zl10353_read_register: readreg error (reg=127, ret==0)
[  198.688396][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.693638][ T5802] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[  198.714974][ T5802] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[  198.768959][ T5802] usb 2-1: USB disconnect, device number 10
[  198.849821][ T5802] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[  198.891969][ T8334] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  198.953875][ T8334] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  199.059824][ T8329] loop0: detected capacity change from 0 to 32768
[  199.082661][ T8329] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.728 (8329)
[  199.108274][ T8329] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  199.118884][ T8329] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  199.132542][ T8329] BTRFS info (device loop0): using free space tree
[  199.211412][ T8329] BTRFS info (device loop0): enabling ssd optimizations
[  199.226627][ T8329] BTRFS info (device loop0): auto enabling async discard
[  199.422973][ T5766] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  200.241692][ T8352] loop1: detected capacity change from 0 to 32768
[  200.290025][ T8355] loop0: detected capacity change from 0 to 32768
[  200.301488][ T8352] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  200.313112][ T8355] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.731 (8355)
[  200.372500][ T8355] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  200.404650][ T8355] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  200.413465][ T8355] BTRFS info (device loop0): allowing degraded mounts
[  200.489598][ T8355] BTRFS info (device loop0): force zlib compression, level 3
[  200.497072][ T8355] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  200.524244][ T8352] XFS (loop1): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  200.542687][ T8355] BTRFS info (device loop0): use zstd compression, level 3
[  200.549992][ T8355] BTRFS info (device loop0): force clearing of disk cache
[  200.588134][ T8352] XFS (loop1): Starting recovery (logdev: internal)
[  200.600076][ T8355] BTRFS info (device loop0): max_inline at 0
[  200.606152][ T8355] BTRFS info (device loop0): using free space tree
[  200.664366][ T8352] XFS (loop1): Ending recovery (logdev: internal)
[  200.788528][ T8355] BTRFS info (device loop0): enabling ssd optimizations
[  200.819631][ T8355] BTRFS info (device loop0): rebuilding free space tree
[  200.882392][ T8355] BTRFS info (device loop0): checking UUID tree
[  200.941473][ T5763] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  201.024479][ T8382] loop3: detected capacity change from 0 to 8
[  201.183233][ T8382] SQUASHFS error: zstd decompression error: 10
[  201.216443][ T8382] SQUASHFS error: zstd decompression failed, data probably corrupt
[  201.247105][ T8382] SQUASHFS error: Failed to read block 0x62b: -5
[  201.280147][ T8382] SQUASHFS error: Unable to read metadata cache entry [629]
[  201.312126][ T8382] SQUASHFS error: Unable to read directory block [629:ff26]
[  201.769522][ T8390] ksmbd: Unknown IPC event: 0, ignore.
[  201.881967][ T5766] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  203.398451][ T8406] loop2: detected capacity change from 0 to 8192
[  203.417122][ T8406] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  203.432217][ T8406] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal
[  203.446751][ T8406] REISERFS (device loop2): using ordered data mode
[  203.461195][ T8406] reiserfs: using flush barriers
[  203.469933][ T8406] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  203.509633][ T8406] REISERFS (device loop2): checking transaction log (loop2)
[  203.531315][ T8406] REISERFS (device loop2): Using r5 hash to sort names
[  203.589903][ T8406] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  204.961940][ T8446] netlink: 'syz.3.756': attribute type 1 has an invalid length.
[  205.034866][ T8446] 8021q: adding VLAN 0 to HW filter on device bond1
[  205.062351][ T8450] bond1: (slave geneve2): making interface the new active one
[  205.084164][ T8450] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  205.232811][ T8446] bond1: entered promiscuous mode
[  205.238371][ T8446] geneve2: entered promiscuous mode
[  205.627713][ T8462] warning: `syz.3.763' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  206.357339][ T8467] loop3: detected capacity change from 0 to 32768
[  206.412321][ T8467] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  206.512006][ T8480] loop1: detected capacity change from 0 to 1024
[  206.524881][ T8480] EXT4-fs: Ignoring removed nobh option
[  206.533812][ T8480] EXT4-fs: inline encryption not supported
[  206.540892][ T8480] EXT4-fs: Ignoring removed bh option
[  206.545927][ T8467] XFS (loop3): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  206.570452][ T8480] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  206.634671][ T8467] XFS (loop3): Starting recovery (logdev: internal)
[  206.654373][ T8480] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  206.699318][ T8467] XFS (loop3): Ending recovery (logdev: internal)
[  206.729181][ T8480] EXT4-fs error (device loop1): mb_free_blocks:1943: group 0, inode 13: block 113:freeing already freed block (bit 7); block bitmap corrupt.
[  206.822969][ T5763] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.854713][ T5767] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  207.155640][ T8491] loop3: detected capacity change from 0 to 256
[  207.192158][ T8491] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  207.315200][ T8491] exFAT-fs (loop3): error, broken FAT chain.
[  207.332082][ T8491] exFAT-fs (loop3): Filesystem has been set read-only
[  207.343014][ T8491] exFAT-fs (loop3): error, failed to bmap (inode : ffff88805d758e60 iblock : 8, err : -5)
[  207.437478][   T28] audit: type=1326 audit(1750193274.517:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8495 comm="syz.1.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef0d8e929 code=0x7ffc0000
[  207.471749][   T28] audit: type=1326 audit(1750193274.517:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8495 comm="syz.1.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef0d8e929 code=0x7ffc0000
[  207.552626][   T28] audit: type=1326 audit(1750193274.545:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8495 comm="syz.1.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6ef0d8e929 code=0x7ffc0000
[  207.619533][   T28] audit: type=1326 audit(1750193274.545:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8495 comm="syz.1.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef0d8e929 code=0x7ffc0000
[  207.643663][   T28] audit: type=1326 audit(1750193274.545:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8495 comm="syz.1.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef0d8e929 code=0x7ffc0000
[  207.666933][   T28] audit: type=1326 audit(1750193274.545:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8495 comm="syz.1.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6ef0d8e929 code=0x7ffc0000
[  207.707925][   T28] audit: type=1326 audit(1750193274.545:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8495 comm="syz.1.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef0d8e929 code=0x7ffc0000
[  207.789167][   T28] audit: type=1326 audit(1750193274.545:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8495 comm="syz.1.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6ef0d8e929 code=0x7ffc0000
[  207.856955][   T28] audit: type=1326 audit(1750193274.545:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8495 comm="syz.1.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef0d8e929 code=0x7ffc0000
[  207.895950][   T28] audit: type=1326 audit(1750193274.545:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8495 comm="syz.1.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef0d8e929 code=0x7ffc0000
[  208.153550][ T8511] loop1: detected capacity change from 0 to 512
[  208.170055][ T8511] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  208.211144][ T8511] EXT4-fs (loop1): 1 truncate cleaned up
[  208.220633][ T8511] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  208.467527][ T5763] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.952309][  T986] Bluetooth: hci4: Frame reassembly failed (-84)
[  209.008967][ T5802] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  209.058887][ T8525] loop1: detected capacity change from 0 to 32768
[  209.154027][ T8525] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  209.222807][ T5802] usb 4-1: Using ep0 maxpacket: 16
[  209.233871][ T5802] usb 4-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  209.246305][ T5802] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  209.258232][ T5802] usb 4-1: Product: syz
[  209.262693][ T5802] usb 4-1: Manufacturer: syz
[  209.270082][ T5802] usb 4-1: SerialNumber: syz
[  209.278469][ T5802] usb 4-1: config 0 descriptor??
[  209.410262][ T8525] syz.1.783 (8525) used greatest stack depth: 17712 bytes left
[  209.523368][ T5763] ocfs2: Unmounting device (7,1) on (node local)
[  209.730261][ T5802] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[  209.741953][ T5802] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  209.752594][ T5802] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[  209.761472][ T5802] usb 4-1: media controller created
[  209.791464][ T5802] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  210.461213][ T8530] dtv5100: wlen = 0, aborting.
[  210.467685][ T5802] zl10353_read_register: readreg error (reg=127, ret==0)
[  210.476640][ T5802] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[  210.494491][ T5802] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[  210.511485][ T5802] usb 4-1: USB disconnect, device number 10
[  210.576914][ T5802] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[  211.147240][ T5774] Bluetooth: hci4: command 0x1003 tx timeout
[  211.147303][ T5765] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  211.468793][ T8559] block nbd1: NBD_DISCONNECT
[  211.509780][ T8559] block nbd1: Send disconnect failed -22
[  211.535966][ T8559] block nbd1: Send disconnect failed -22
[  211.551897][ T8559] block nbd1: Disconnected due to user request.
[  211.574797][ T8559] block nbd1: shutting down sockets
[  211.785645][ T8568] loop2: detected capacity change from 0 to 128
[  211.856856][ T8568] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  211.896252][ T8568] ext4 filesystem being mounted at /209/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  212.078601][ T8577] loop1: detected capacity change from 0 to 512
[  212.083880][ T8575] bridge2: entered allmulticast mode
[  212.086947][ T8577] EXT4-fs: Ignoring removed nomblk_io_submit option
[  212.110460][ T8577] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  212.133198][ T8577] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e802e02c, mo2=0003]
[  212.153466][ T8577] System zones: 1-12
[  212.169100][ T8577] EXT4-fs (loop1): orphan cleanup on readonly fs
[  212.221023][ T5768] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  212.234579][ T8577] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #11: comm syz.1.801: attempt to clear invalid blocks 1024 len 1
[  212.257935][ T8577] EXT4-fs (loop1): Remounting filesystem read-only
[  212.271106][ T8577] EXT4-fs (loop1): 1 truncate cleaned up
[  212.278516][ T8577] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  212.486644][ T8584] EXT4-fs warning (device loop1): dx_probe:823: inode #2: lblock 0: comm syz.1.801: error -117 reading directory block
[  212.542540][ T5763] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  212.862781][ T8596] loop1: detected capacity change from 0 to 512
[  212.930784][ T8596] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  212.978792][ T8596] ext4 filesystem being mounted at /197/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  213.037134][ T8596] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  213.062978][ T8596] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.007490][ T8609] loop0: detected capacity change from 0 to 32768
[  214.080520][ T8609] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  214.188509][ T8609] 
[  214.190899][ T8609] ======================================================
[  214.197932][ T8609] WARNING: possible circular locking dependency detected
[  214.204975][ T8609] 6.6.93-syzkaller #0 Not tainted
[  214.210099][ T8609] ------------------------------------------------------
[  214.217215][ T8609] syz.0.812/8609 is trying to acquire lock:
[  214.223131][ T8609] ffff88805d7f22e0 (&oi->ip_alloc_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xb7/0x320
[  214.233815][ T8609] 
[  214.233815][ T8609] but task is already holding lock:
[  214.241205][ T8609] ffff88805d7f2378 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xa5/0x320
[  214.251874][ T8609] 
[  214.251874][ T8609] which lock already depends on the new lock.
[  214.251874][ T8609] 
[  214.262311][ T8609] 
[  214.262311][ T8609] the existing dependency chain (in reverse order) is:
[  214.271352][ T8609] 
[  214.271352][ T8609] -> #4 (&oi->ip_xattr_sem){++++}-{3:3}:
[  214.279221][ T8609]        down_read+0x46/0x2e0
[  214.283949][ T8609]        ocfs2_init_acl+0x2fa/0x720
[  214.289186][ T8609]        ocfs2_mknod+0x12e5/0x20f0
[  214.294344][ T8609]        ocfs2_create+0x196/0x410
[  214.299405][ T8609]        path_openat+0x1277/0x3190
[  214.304552][ T8609]        do_filp_open+0x1c5/0x3d0
[  214.309612][ T8609]        do_sys_openat2+0x12c/0x1c0
[  214.314851][ T8609]        __x64_sys_openat+0x139/0x160
[  214.320265][ T8609]        do_syscall_64+0x55/0xb0
[  214.325245][ T8609]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  214.331714][ T8609] 
[  214.331714][ T8609] -> #3 (jbd2_handle){++++}-{0:0}:
[  214.339056][ T8609]        start_this_handle+0x1e9d/0x20c0
[  214.344828][ T8609]        jbd2__journal_start+0x2bb/0x5b0
[  214.350497][ T8609]        jbd2_journal_start+0x2a/0x40
[  214.353126][ T8627] loop3: detected capacity change from 0 to 32768
[  214.355971][ T8609]        ocfs2_start_trans+0x376/0x6c0
[  214.355994][ T8609]        ocfs2_mknod+0xe47/0x20f0
[  214.356015][ T8609]        ocfs2_create+0x196/0x410
[  214.356034][ T8609]        path_openat+0x1277/0x3190
[  214.356049][ T8609]        do_filp_open+0x1c5/0x3d0
[  214.356066][ T8609]        do_sys_openat2+0x12c/0x1c0
[  214.393477][ T8609]        __x64_sys_openat+0x139/0x160
[  214.398902][ T8609]        do_syscall_64+0x55/0xb0
[  214.403886][ T8609]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  214.410354][ T8609] 
[  214.410354][ T8609] -> #2 (&journal->j_trans_barrier){.+.+}-{3:3}:
[  214.418908][ T8609]        down_read+0x46/0x2e0
[  214.423617][ T8609]        ocfs2_start_trans+0x36a/0x6c0
[  214.429103][ T8609]        ocfs2_mknod+0xe47/0x20f0
[  214.434165][ T8609]        ocfs2_create+0x196/0x410
[  214.439221][ T8609]        path_openat+0x1277/0x3190
[  214.444369][ T8609]        do_filp_open+0x1c5/0x3d0
[  214.449426][ T8609]        do_sys_openat2+0x12c/0x1c0
[  214.454684][ T8609]        __x64_sys_openat+0x139/0x160
[  214.460044][ T8609]        do_syscall_64+0x55/0xb0
[  214.464965][ T8609]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  214.471377][ T8609] 
[  214.471377][ T8609] -> #1 (sb_internal#5){.+.+}-{0:0}:
[  214.478854][ T8609]        ocfs2_start_trans+0x26b/0x6c0
[  214.484295][ T8609]        ocfs2_write_begin_nolock+0x1c91/0x4190
[  214.490513][ T8609]        ocfs2_write_begin+0x1bc/0x310
[  214.495954][ T8609]        generic_perform_write+0x2fb/0x5b0
[  214.501826][ T8609]        ocfs2_file_write_iter+0x1582/0x1d00
[  214.507800][ T8609]        vfs_write+0x43b/0x940
[  214.512546][ T8609]        ksys_write+0x147/0x250
[  214.517404][ T8609]        do_syscall_64+0x55/0xb0
[  214.522388][ T8609]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  214.528850][ T8609] 
[  214.528850][ T8609] -> #0 (&oi->ip_alloc_sem){++++}-{3:3}:
[  214.536728][ T8609]        __lock_acquire+0x2ddb/0x7c80
[  214.542149][ T8609]        lock_acquire+0x197/0x410
[  214.547217][ T8609]        down_write+0x97/0x1f0
[  214.552043][ T8609]        ocfs2_try_remove_refcount_tree+0xb7/0x320
[  214.558586][ T8609]        ocfs2_truncate_file+0xd84/0x13a0
[  214.564350][ T8609]        ocfs2_setattr+0x150d/0x1b20
[  214.569688][ T8609]        notify_change+0xb0d/0xe10
[  214.574841][ T8609]        do_truncate+0x19b/0x220
[  214.579816][ T8609]        path_openat+0x298c/0x3190
[  214.584957][ T8609]        do_filp_open+0x1c5/0x3d0
[  214.590014][ T8609]        do_sys_openat2+0x12c/0x1c0
[  214.595263][ T8609]        __x64_sys_creat+0x90/0xb0
[  214.600452][ T8609]        do_syscall_64+0x55/0xb0
[  214.605479][ T8609]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  214.611931][ T8609] 
[  214.611931][ T8609] other info that might help us debug this:
[  214.611931][ T8609] 
[  214.622164][ T8609] Chain exists of:
[  214.622164][ T8609]   &oi->ip_alloc_sem --> jbd2_handle --> &oi->ip_xattr_sem
[  214.622164][ T8609] 
[  214.635251][ T8609]  Possible unsafe locking scenario:
[  214.635251][ T8609] 
[  214.642690][ T8609]        CPU0                    CPU1
[  214.648044][ T8609]        ----                    ----
[  214.653400][ T8609]   lock(&oi->ip_xattr_sem);
[  214.657986][ T8609]                                lock(jbd2_handle);
[  214.664636][ T8609]                                lock(&oi->ip_xattr_sem);
[  214.671768][ T8609]   lock(&oi->ip_alloc_sem);
[  214.676361][ T8609] 
[  214.676361][ T8609]  *** DEADLOCK ***
[  214.676361][ T8609] 
[  214.684518][ T8609] 3 locks held by syz.0.812/8609:
[  214.689535][ T8609]  #0: ffff888021b7e418 (sb_writers#33){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  214.698777][ T8609]  #1: ffff88805d7f2658 (&sb->s_type->i_mutex_key#39){+.+.}-{3:3}, at: do_truncate+0x187/0x220
[  214.709106][ T8609]  #2: ffff88805d7f2378 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_try_remove_refcount_tree+0xa5/0x320
[  214.720131][ T8609] 
[  214.720131][ T8609] stack backtrace:
[  214.726087][ T8609] CPU: 0 PID: 8609 Comm: syz.0.812 Not tainted 6.6.93-syzkaller #0
[  214.733988][ T8609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  214.744074][ T8609] Call Trace:
[  214.747357][ T8609]  <TASK>
[  214.750295][ T8609]  dump_stack_lvl+0x16c/0x230
[  214.754960][ T8609]  ? load_image+0x3b0/0x3b0
[  214.759446][ T8609]  ? show_regs_print_info+0x20/0x20
[  214.764640][ T8609]  ? print_circular_bug+0x12b/0x1a0
[  214.769842][ T8609]  check_noncircular+0x2bd/0x3c0
[  214.774768][ T8609]  ? print_deadlock_bug+0x5d0/0x5d0
[  214.779943][ T8609]  ? lockdep_lock+0xe0/0x220
[  214.784541][ T8609]  ? lockdep_unlock+0x137/0x2d0
[  214.789399][ T8609]  ? _find_first_zero_bit+0xd3/0x100
[  214.794714][ T8609]  __lock_acquire+0x2ddb/0x7c80
[  214.799612][ T8609]  ? verify_lock_unused+0x140/0x140
[  214.804821][ T8609]  lock_acquire+0x197/0x410
[  214.809312][ T8609]  ? ocfs2_try_remove_refcount_tree+0xb7/0x320
[  214.815495][ T8609]  ? __might_sleep+0xe0/0xe0
[  214.820084][ T8609]  ? read_lock_is_recursive+0x20/0x20
[  214.825458][ T8609]  down_write+0x97/0x1f0
[  214.829707][ T8609]  ? ocfs2_try_remove_refcount_tree+0xb7/0x320
[  214.835897][ T8609]  ? down_read_killable+0x340/0x340
[  214.841104][ T8609]  ? ocfs2_truncate_file+0xcaa/0x13a0
[  214.846508][ T8609]  ? __lock_acquire+0x7c80/0x7c80
[  214.851545][ T8609]  ocfs2_try_remove_refcount_tree+0xb7/0x320
[  214.857528][ T8609]  ? ocfs2_remove_refcount_tree+0xd50/0xd50
[  214.863418][ T8609]  ? up_write+0x1c3/0x410
[  214.867737][ T8609]  ocfs2_truncate_file+0xd84/0x13a0
[  214.872934][ T8609]  ? ocfs2_inode_lock_tracker+0x3ec/0x660
[  214.878647][ T8609]  ? ocfs2_simple_size_update+0x470/0x470
[  214.884350][ T8609]  ? do_raw_spin_unlock+0x121/0x230
[  214.889558][ T8609]  ? _raw_spin_unlock+0x28/0x40
[  214.894434][ T8609]  ? ocfs2_inode_lock_tracker+0x3ec/0x660
[  214.900160][ T8609]  ? ocfs2_inode_lock_atime+0x4e0/0x4e0
[  214.905686][ T8609]  ? ocfs2_rw_lock+0x138/0x240
[  214.910432][ T8609]  ? dquot_initialize+0x20/0x20
[  214.915264][ T8609]  ? ocfs2_create_new_inode_locks+0x640/0x640
[  214.921313][ T8609]  ? setattr_prepare+0x1e6/0xac0
[  214.926330][ T8609]  ? inode_newsize_ok+0x116/0x1b0
[  214.931366][ T8609]  ocfs2_setattr+0x150d/0x1b20
[  214.936167][ T8609]  ? ocfs2_extend_allocation+0x1760/0x1760
[  214.942010][ T8609]  ? ktime_get_coarse_real_ts64+0x3a/0x120
[  214.947850][ T8609]  ? seqcount_lockdep_reader_access+0x176/0x1c0
[  214.954146][ T8609]  ? ktime_get_coarse_real_ts64+0x110/0x120
[  214.960101][ T8609]  ? current_time+0x18e/0x270
[  214.964807][ T8609]  ? inode_set_ctime_current+0x2d0/0x2d0
[  214.970441][ T8609]  ? evm_inode_setattr+0x94/0x6a0
[  214.975463][ T8609]  ? bpf_lsm_inode_setattr+0x9/0x10
[  214.980650][ T8609]  ? try_break_deleg+0x79/0x120
[  214.985583][ T8609]  ? ocfs2_extend_allocation+0x1760/0x1760
[  214.991558][ T8609]  notify_change+0xb0d/0xe10
[  214.996174][ T8609]  do_truncate+0x19b/0x220
[  214.997223][ T8627] XFS (loop3): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  215.000645][ T8609]  ? put_page_bootmem+0x2c0/0x2c0
[  215.000676][ T8609]  ? apparmor_file_truncate+0x23f/0x2d0
[  215.019839][ T8609]  ? ima_bprm_check+0x1f0/0x1f0
[  215.024732][ T8609]  path_openat+0x298c/0x3190
[  215.029347][ T8609]  ? do_filp_open+0x3d0/0x3d0
[  215.034019][ T8609]  do_filp_open+0x1c5/0x3d0
[  215.038558][ T8609]  ? vfs_tmpfile+0x490/0x490
[  215.043253][ T8609]  ? _raw_spin_unlock+0x28/0x40
[  215.048098][ T8609]  ? alloc_fd+0x58f/0x630
[  215.052432][ T8609]  do_sys_openat2+0x12c/0x1c0
[  215.057140][ T8609]  ? do_sys_open+0xe0/0xe0
[  215.061539][ T8609]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  215.067505][ T8609]  ? lock_chain_count+0x20/0x20
[  215.072354][ T8609]  __x64_sys_creat+0x90/0xb0
[  215.076926][ T8609]  do_syscall_64+0x55/0xb0
[  215.081325][ T8609]  ? clear_bhb_loop+0x40/0x90
[  215.086000][ T8609]  ? clear_bhb_loop+0x40/0x90
[  215.090742][ T8609]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  215.096620][ T8609] RIP: 0033:0x7fe813f8e929
[  215.101014][ T8609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.120615][ T8609] RSP: 002b:00007fe814ece038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[  215.129012][ T8609] RAX: ffffffffffffffda RBX: 00007fe8141b5fa0 RCX: 00007fe813f8e929
[  215.136974][ T8609] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040
[  215.144928][ T8609] RBP: 00007fe814010b39 R08: 0000000000000000 R09: 0000000000000000
[  215.152901][ T8609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  215.160859][ T8609] R13: 0000000000000000 R14: 00007fe8141b5fa0 R15: 00007ffe1e76e628
[  215.168819][ T8609]  </TASK>
[  215.206567][   T28] kauditd_printk_skb: 22 callbacks suppressed
[  215.206581][   T28] audit: type=1804 audit(1750193281.785:90): pid=8609 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.812" name="/newroot/199/file1/bus" dev="loop0" ino=17058 res=1 errno=0
[  215.286058][ T5766] ocfs2: Unmounting device (7,0) on (node local)
[  215.313755][ T8627] XFS (loop3): Starting recovery (logdev: internal)
[  215.375682][ T8627] XFS (loop3): Ending recovery (logdev: internal)
[  215.513324][ T5767] XFS (loop3): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4