last executing test programs:

22.979859451s ago: executing program 2 (id=968):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = syz_io_uring_setup(0xcaf, &(0x7f0000000100)={0x0, 0xb601, 0x1, 0x5, 0x17a}, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000000)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0xc000000, 0x0, 0x0, 0x1e})
io_uring_enter(r1, 0x847ba, 0x20000000, 0xe, 0x0, 0x0)

22.286468265s ago: executing program 2 (id=975):
r0 = syz_io_uring_setup(0x23c, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r4, 0x0, &(0x7f0000000240)="352f1938d141676d9b6c59065f664735c08b9d697a645f85b19ba9030648cd046d1f26aad0196458046b81", 0xfffffffffffffe08, 0xebec93e830f96115})
io_uring_enter(r0, 0x7f5f, 0x4000000, 0x0, 0x0, 0x0)
shutdown(r3, 0x0)

21.823118816s ago: executing program 2 (id=979):
getuid()
syz_usb_connect(0x2, 0x52, &(0x7f0000000140)=ANY=[@ANYBLOB="120100036ffa680863070120ff2c0102030109024000021109400c0904080601ff8bbd020a240107000d02010205240503"], &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0})
close(0x3)
r0 = socket(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e20, 0xfb61, @loopback, 0x2}, 0x1c)

19.885519768s ago: executing program 2 (id=995):
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x88, &(0x7f0000000240)={[{@nogrpid}, {@min_batch_time}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@nobarrier}, {@nodiscard}, {@test_dummy_encryption}]}, 0x3, 0x45c, &(0x7f0000000580)="$eJzs282PU1UbAPDndlq+eWdegh98qKNoJH7MMAMiCzcaTVxoYqILdDfODAQpjGHGRAjR0RhcGhIX7ojuTPwLXOnGKCsTt7o3JMSwAVnV3PbeoS1tKbW0YH+/pPSc3nNznod7T++590wDGFmT6T9JxJaI+D0ixmvVxgaTtbdrV87O/33l7HwSlcqbfyXVdlevnJ3Pm+b7bc4rxYjCZ0nsatHv8ukzx+fK5cVTWX165cT708unzzx77MTc0cWjiydnDx06sH/m+YOzz/UlzzSvqzs/Wtq949W3z78+f/j8u798l+T5N+XRJ5OdNj5RqfS5u+HaWldOivHNV0OMhe6N1YZplKrjfzzGqrWa8Xjl06EGB9xRlUqlcn/7zasV4D8siWFHAAxHfqFP73/z14CmHneFyy/WboDSvK9lr9qWYhSyNqWm+9t+moyIw6vXL6SvuDPPIQAAGvyQzn+eaTX/K0T9c6H/ZWsoExHx/4jYFhEHI2J7RNwXUW37QEQ8eJv9Ny+S3Dz/KVzqKbEupfO/F7K1rcb5Xz77i4mxrLa1mn8pOXKsvLgv+z/ZG6X1aX2mQx8/vvzbF+22Ved/payyev1C2n8+F8ziuFRc37jPwtzKXK/5Nrv8ScTOYqv8k7WVgCQidkTEzh77OPbUt7vbbauf/x5umX8HxR4DqlP5OuLJ2vFfjab8c0nn9cnpDVFe3DednxU3u/jruTfa9f+v8u+D9Phvann+r5lI6tdrl2+/j3N/fN72nubW+bc+/9clb1XL+VH6cG5l5dRMxLrktVrQ9Z/P3tg3r+ft0/z37mk9/rdl+6R97IqI9CR+KCIejohHstgfjYjHImJPh/x/funx93rPv8GGDt30JM1/oeXxXzv/m47/jcK6aP6kdWHs+E/fN3Q6cTv5p8f/QLW0N/ukm++/buLq7WwGAACAe08hIrZEUphaKxcKU1O1v+HfHpsK5aXllaePLH1wcqH2G4GJKBXyJ13jdc9DZ7Lb+rw+21Tfnz03/nJsY7U+Nb9UXhh28jDiNrcZ/6k/x4YdHXDH9WEdDbhHGf8wuox/GF3GP4yuFuN/Y/Z+cdCxAIPV6vr/8RDiAAavafxb9oMR4v4fRlc34/+dAcQBDJ7rP4yk5Y1x6x/JKyjcVIhCN42T7Npyd8Ss0H1h2N9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/fFPAAAA//8eWuDl")
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f0000020240)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000040)='./file0\x00')
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3813009, 0x0, 0x1, 0x0, 0x0)

19.089143279s ago: executing program 2 (id=1002):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0xfffffd9d)
r1 = socket(0x1e, 0x4, 0x0)
connect$tipc(r1, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x1, 0x4}}, 0x10)
sendfile(r1, r0, 0x0, 0x8010002b)

17.975816932s ago: executing program 2 (id=1011):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x6, 0x8, 0x8}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040), &(0x7f00000004c0), 0xce, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000600)="c9f7b98600"/14, 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

16.944305314s ago: executing program 32 (id=1011):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x6, 0x8, 0x8}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040), &(0x7f00000004c0), 0xce, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000600)="c9f7b98600"/14, 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

9.785276537s ago: executing program 5 (id=1054):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r0}, &(0x7f00000000c0), &(0x7f0000000100)}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000300)={r0, <r1=>0xffffffffffffffff}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x11, 0x10, &(0x7f00000003c0)=@framed={{}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}]}, &(0x7f0000000240)='GPL\x00', 0x4, 0x1003, &(0x7f0000002500)=""/4099, 0x0, 0x68}, 0x94)

9.469503646s ago: executing program 5 (id=1057):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mkdirat(0xffffffffffffffff, &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000004600)='map_files\x00')
fchdir(r1)
sendmmsg$unix(r0, &(0x7f0000002d80)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@abs={0x1, 0x30, 0x4e30}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x20000000}}], 0x2, 0x40008004)

9.408186259s ago: executing program 5 (id=1058):
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000140)={'ip6_vti0\x00', &(0x7f00000000c0)={'syztnl1\x00', 0x0, 0x2f, 0x0, 0x0, 0xa7a, 0x22, @private1, @private0, 0x80, 0x20, 0x1ff, 0x1}})
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000001d00070f000000000000000007000000", @ANYRES32=r2, @ANYBLOB="40002700060010"], 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x0)

5.355525589s ago: executing program 5 (id=1073):
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card2/oss_mixer\x00', 0x0, 0x0)
r2 = fcntl$dupfd(r1, 0x2, 0xffffffffffffffff)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e22, 0x6, @rand_addr=' \x01\x00', 0xfaf}, {0xa, 0x4e22, 0x9, @loopback, 0xc}, 0xffffffffffffffff, 0xb}}, 0x48)
splice(r0, 0x0, r2, 0x0, 0x2000, 0x8)

5.274767284s ago: executing program 5 (id=1075):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x150d, 0x103)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3813009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000680)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
removexattr(&(0x7f00000002c0)='./file0/file1\x00', &(0x7f00000008c0)=@random={'osx.', '/dev/kvm\x00'})

5.141877751s ago: executing program 5 (id=1076):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x14d802, 0x0)
r1 = dup(r0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40081271, &(0x7f0000000040)=0x10000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x28011, r0, 0x783f7000)
madvise(&(0x7f0000082000/0x1000)=nil, 0x1000, 0x9)

4.969604249s ago: executing program 1 (id=1078):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
io_setup(0x1, &(0x7f0000002500)=<r1=>0x0)
close(r0)
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
io_submit(r1, 0x1, &(0x7f0000002680)=[&(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, 0x1000, r0, 0x0}])

4.4585799s ago: executing program 1 (id=1081):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a500000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000040)={r1}, 0xc)

4.296845659s ago: executing program 1 (id=1082):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="2400000070000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="0c000280", @ANYRES64=r0], 0x24}}, 0x0)

3.898098634s ago: executing program 1 (id=1084):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000140)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1000}, 0x50)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000080)='./file0\x00', 0x1000801, &(0x7f0000000000)=ANY=[@ANYRES16=0x0, @ANYRES32=0x0, @ANYRESDEC], 0x8, 0x1d1, &(0x7f0000000440)="$eJzsmD/r00AYx793yS/9gwguDi4KFqzQpkmq4uJQX4FQ/24WG0s1baXN0BYciouLL8O34NBBHNzcXHVQQXCwo5PDySWX5Ow/LVgs+nzg9/y+d/fc5bmn4TsEBEH8t3z6+O3Ds6uXr1cAHEMJOTX/xchyuJb/Pq/Eu+ev+8cfz5fPYzs+3wTwqmEgVGMhhNDXS+r/S03fAMd5pW+BwVb6LjhuKu2D4Y7SDzQ9KCgR+Pa9QdC+3w18RwZXBk+G+nJ9ixlDG4C8ujB+rn80mT5sBYE/XBZHInnOytKu4hf9MxcNjita/+Tvdfvpk5kcJ71xwNP+ueBwla6DoZn0BDnYtp21RLv/KTM73/id+x+COFHdllPZvv3736nZUo09lB7+g4JpMwUppGmlMycX8zeruz7/6TIEy2bO7PfKUJ69svS2uMd3NfNPaS/nNH8yYab+UQt7j2qjybTa7bU6fsfve179knPBcS56tciI4rjF//KRPxW184825FrMwrgVhkN3DIRDNx17cdQct/li8DXawyP/4yifjc+Qr4oVW+VamPrjhWRUNjYWTxAEQRAEQRAEQRAEQRAEsROnwaKvoEIIpj6IrsO7FmX/CAAA//+jtF1P")
gettid()
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000140)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)

3.609257238s ago: executing program 3 (id=1087):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_udp_int(r0, 0x11, 0xb, &(0x7f0000000200)=0x7f, 0x4)
setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000180)=0x3, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e24, @empty}, 0x10)
syz_emit_ethernet(0x6f, &(0x7f0000001800)={@local, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x61, 0x68, 0x0, 0x0, 0x88, 0x0, @remote, @local}, {0xfffe, 0x4e24, 0x4d, 0x0, @gue={{0x1, 0x1, 0x1, 0x4, 0x100, @void}, "219a15a9733517574ea022c2b6f1d2a620272bec4244a15a53654ddfcf5f0eb5b194b93c0b756f692a98cfd4aa27063b9135a28b24c7a20bf4237b36ca9693561b"}}}}}}, 0x0)

3.530136415s ago: executing program 1 (id=1088):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={<r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x3a6}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000200)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000000c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000100000001"], 0x18}, 0x0, 0x20040000})
io_uring_enter(r1, 0x47f6, 0x80ffff, 0x0, 0x0, 0x0)

3.453191934s ago: executing program 3 (id=1089):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x3}], 0x1c)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000000)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000840)='{', 0x1}], 0x1}, 0x20048843)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x85, &(0x7f00000005c0)={0x0, @in={{0x2, 0x4e24, @loopback}}, 0x6, 0x6}, 0x90)

3.10098486s ago: executing program 1 (id=1091):
syz_mount_image$btrfs(&(0x7f0000000180), &(0x7f0000005140)='./file1\x00', 0x0, &(0x7f0000000140)={[{}, {@nossd}, {@nodatasum}, {@barrier}, {@notreelog}]}, 0x1, 0x50ed, &(0x7f000000a2c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTsT3573JENYvrOR3E/wmHm5XUpgfKxQ6WkmPbbFHXpgfLxQ65pIemydDeHBhZX9S+H8stJPClbV54UhSOB0L+fnQLRxLCifimfb52ny6aeH7WMgvsJiPV1Cs6V4SkfS42q/HQuGGPc52Dw4AAHBPieE5z7Jjvc2QRtn52qAdVg/aYWTQDvVBO4wmO6Q79tseZnsLcXv7zMalPf//yHD5P74Vq7JFv+v/Q7z+P3+uYff6/9lYaCSF+VhopXcMaMVjZGH343iMRivvcWV9twAAAAB3tfi9QH2F5wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP+zda4xc1X0A8LPP8T68XkiqEBolm6TGcROv1zaQqKXKmlI1IqVZNxRURRQbe00WL9ixTYlRiIxNRCMEpQ1S8qEIoyiq+QC1AhFJAeEixREqj4iqKIBAoTVEQaSUJCJNkEI1e++ZvXPuzsOPNV76+0neOTP/87zz8Jx775wLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/w8GvXPO3zeKP/va8Z1+4ePyKPWsvfvW68059MoSJmcc7snBH/423j//87nPv2fPA6jvuO3z+R3vzcnk8DFT/dOZ3boi1Hl4cwv0dIXSngRWDWaAnvz8Y63vfYAinhNlArcRkf1YibTh8vy+EfWE2UKvqe30hDBYCFz71yMM3VxO39YWwNIRQSdt4vpK10ZcGzujNAv1pYGt3FvjVW5la4LudWQCOWXwz1F70BybqMwzPXa7B66/nuHXs7ZUOrysmhhvn+9naee5UQW/6wMQxPW2l6pgXpbfHQe+2BfBuK23nWz1txS9S+TeUt2ZDldC5aXLzhqund8ZHOsPoaFejmubpeX7m9S9tPJL0gnkdxg4MH5fX4S1PLL27a/kFj9+3YunL+z+295Vj7eaPCpu0mJ5vlZC/5hbM8xiN+zxZAG+/0rekEV+6QgibP/97n2kWL83/h5vP/+PLOd521uWOtb45lM3N4yODMfHaUDY3BwAAgAVjIew13Tr60Cea1Vea/4+0d/w/HvLPJ/PZaA+GMD6T2LskhNNmHs8Cd8XmLlsSwgdnUhP1gbVJ4GAI751JLK9VlZRYFEuMJIGfDOWB8SRwKAYmksC3YuDWJHBDDBxIAhtj4GASODcGwlT9OH5/KB9H24G+GFifbcQD8SyEXwzF1pJt9VytKgAAgOMknx321N8tnOtwrBni9PJAX6sM8QzshhkqSQ3pDLY2rWpYQ3erGjpb1VAb9+7mwy/V3NGq5tJpGB31GW7/5d98NjRRmv+PNZ//V+boSEfp+H8I62b+xtydeWS6Fl8/UZcBAAAAOAYD//viN5vFS/P/8fbO/4/7RLoKmcNjcTfEliUhjNUHsmr/sBzIjnoP5AEAAABYCGrH42vHwqfy2+wU7XQ+Xc4/cYT544H/8Tnz9x58cH2z/pbm/xPtnf/fX3+bdeJQ7MXXloSwqBD4QexlNTBjJAZ+/Mn6QD7+Q3ED3BSryk9MqFV1UyyxPgbGksC+RiV+WCtxWn0gf7Jqje+tjWMqL1EIAAAAwAkXdwfE4/Lx/P8P/Wb1Nc3Kleb/64/s/P+ZeXDp9P7pgRBWdofQlf4w4LH+bGHAGBjsyBMP9Wd1daVVXd8fwjnVgaVVvZiv/9+drjH4VF9WVQyc9qH9r59RTXyzL4SVxcDTn7vzrGpiZxKoNf6XfSF8oDratPHvLMoa70kb//qiEN5fCNSqumxRCNXGetOqHqnk1zFIq/rnSgjvKgRqVZ1dCWFXAGCBiv+Vbio+uGPXtVs2TE9Pbp/HRNyH3xc2T01Pjm7cOr2p0qBPm5I+1y1jdH15TO1e+ea5fImii+5dN9hOuvY7wbFiW/l+/NKJg/n9+F2oZ2acq3vq7q5Jh/yRD5ebCIVvUo2G3DnPQ+4vVjL7JJbqj/l7w0BYdPWOye2jX9ywc+f2VdnfdrOvzv7Gw0zZtlqVbqv+ufrWxsuj4WpZiaPdVsuKlazceeW2lTt2Xbti6soNl09ePnnVqrNXj505tmbs42eurI5qLPvbYqjL5qo6Gepbd7Y5ruM41NO7C5WciE8NCQmJhZbYOrCs6f/Jpfn/tubz//ipEz/58/UZGh3/H46H+bPHZw/zr4+Bfe0e/x9udDS/dmLASBLYHQO7HeYHAADgnSFO8uPezLhX+qfLv/Nys3Kl+f/u9n7/f5zW/68tXX9+o2X+l8cSY43W/0+X+a+t/7+70fr/6TL/tfX/970N6/9fXQskm+QX1v8HAADeCU7c+v8tl/dPLxBQytByef/0AgGlDC2X8W/3AgFHvP7/8//5V/8dmijN/29tb/5v4X4AAAA4eXz5z675nWbx0vx/X3vz/xO//l9odP7/SKPARKOFAa3/BwAAwALVaP2/4Rv7L21WrjT/P9De/D+edtFZlzvW+uZQtqZdSNe0e22o9pMBAAAAWBg6w+hoT5t561ZGXXv0bT6TLwXaLF304p8cPrLz/w+2N/+v+13GLU8svbtr+QWPv3nfiqUv7//Y3ldmj/8DAAAA86fd/RIAAAAAAAAAAAAAAMDb78X/2LOmWbz0+/+wbubxRr//j9f9i78veHdd7lhr6/X/8vsXfvqeXTNLFj42FMKHi4Ete7acEvJr8y8rBh6+ZPl7qok9aYkHXzj3pWri0jTwqRWnvlFNnJME1sdFEt+bBuJVFd9YnATi8or/ngbi9jiQBnrzwFcXZ+PoSLfVTwezbdWRbqtnB0NYUgjUttX9g1kbHekAb0sCtQF+IQ3EAf55HuhMe3XPQNarGBiMRe8YyHoFAMBJK34L7Ambp6Ynx+JX+Hh7enf9bVS3ZNn15Wo72mz+uXxpsovuXTfYTror/S46e63xnlCpDmFV6etqMUvHzCiPTy0tNt27Gwy51WpvnQ3KpY500/U2HlFfNqLRjVunN/W0HPia1llWd7fMsqo02Slm6ZzZpG3U0kZf2hhRm9umjS7H+51hdLQryfUHMTgc6rR6RbT7e/3iOn+NXgXFPFcd3vurZvWV5v/D7c3/K8VxvZFfDGB3vLLe3y2xzD8AAADMr6+u/fU34r/P3vjo083ylub/I+3N/+MerPxQcLa342C8/v/eJSHMXFp/OAvcFZu7bEkIH5xJTcQS2QX1z48lxrLAXXGHyfJYYv1EfVWLYuBAEvjJUB44mAQOxUC+l2J/yHfl/P1QCGfNpNbVl9gWSwwngc/EwEgSGI2BsSSwOAbGk8Cri/PARBL4txgIU/Xb6t7F+bYCAAA4Evk8q6f+bkjneQe6W2XoaJWhv1WGzlYZKq0yNBpFvP/tmKEnOXmlo5CpJ621L6mllCFeDP+I+1XKEH5YnzMtWGo6nn9QO9+goz7DA5/oroQmSvP/sfbm//31t1nrh+L8f/b6f1ngB7F7X4unjo/EwI8/WR/IdwwcipPdm2pVTeQl8kn7TbHEeAyMJIFtMTCeBNavywP73lMfyGfatcb31hqfyksUAgAAAHDCxR0EcTdNnP/fseMrA83Kleb/4+3N/2N7A8XGboi1Hl4cwv0ds72pBVYMZoG4H2Mw/jz+fYMhnFLYwVErMdmflehNGg7f78t+od6bVvW9vuzHB/H+hU898vDN1cRtfSEsLex9qbXxfCVroy8NnNGbBfrTwNbuLBD3/NQC3+3MAnDMansF4wsqP9WlZnjucg1ef++Ua4KmwyvtA50j31y/uZovpR2u+T7VmiN72pruv+W4Kb09Dnq3LcR327B3W/GLVP4N5a3ZUCV0bprcvOHq6Z3xkeIvWUvm6Xku/kq1nfRxeB3uPvretlZJOzCWfHyMzV1u7tdhR6zulieW3t21/ILH71ux9OX9H9v7StvdaCD+UPiR6/518EeFzTvfKiF/zS24z5MJnycL8b+BEU9bCGHdq1+/qVm8NP+faG/+353czvh13Jg7loTwkcLGfSxu/j9ekn0OFgLZp+S7yoHskPt/DTX85AQAAIDjrba7o7a/YCq/zU4IT+fJ5fwTR5g/7q8YnzN/u/3u/+tLljaLl+b/65vP/xcl3XT83/F/5onj/3M62XdFL0of2H1Mu6JL1TEvHP+f08n+bnP8f06O/zv+PxfH/1tw/H9OJ/vTVvqWtM2XrhDCy3/00LPN4qX5/7b25v/W/5t70b7a+n/rG63/t63R+n+7rf8HAADMqwYLzaXzvNLqfaUM6ep9pQwtFwhsucSg9f+OeP2/l05//jehidL8f3d78//4chgotr5Q1v8bWdegqltjYJuFAQEAADgZNdpBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNvrgX/4n03N4o/+9rxnX7h4/Io9ay9+9brzTn0yhKmZxzuycEf/jbeP//zuc+/Z88DqO+47fP5HK3m5nvz2d+tyx1rfHAphX+GRwZh4bah6ZzZw4afv2dVdTTw2FMKHi4Ete7acUk18ayiEZcXAw5csf081sSct8eAL575UTVyaBj614tQ3qolz8kBH2t1/XJx1tyPt7s2LQ1hSCNS6e8Xi+qpqbfxpHuhM2/inwayNGBiMRb8xmLURA9OxxNSiEFZ2h9CVVvVoJauqK63qXypZVV1pVV+uhHBOCKE7reqF3qyq7nTkT/ZmVcXAaR/a//oZ1cS+3hBWFgNPf+7Os6qJLySBWuN/0RvCB6ovmbTxb/dkjfekjd/WE8L7Qwi9aYlfdmcletMSL3aH8K5CoNb457tD2BV4R4gfPnWfaDt2Xbtlw/T05PZ5TPTmbfWFzVPTk6Mbt05vqiR9aqSjkH7r+qMf+3Ovf2lj9faie9cNtpPuzsv1zHR5dU/d3TUne+9jv/qLlcw+H6X6Y/7eMBAWXb1jcvvoFzfs3Ll9Vfa33eyrs79deTTbVqsWyrZaVqxk5c4rt63csevaFVNXbrh88vLJq1advXrszLE1Yx8/c2V1VGPZ3+Mx1DtP/FBP7y5UciI+ACQkJBZaorPu023sZP8gL33Rn+1oT6jMfECXphXFLB0zozweg157lCM+mu8pLUe0qjRxKGVZ3TrLmtJkYjZLX5Zl5ntdaXJYrKlzZpPG+51hdLSr0XYYrr9b3Lw/O4bN+0y+6dpNAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwf+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwLAAAAAAgzN86jJ4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALgUAAD//wNUIwc=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x100, 0x0)
ioctl$FITRIM(r0, 0xc4009420, &(0x7f0000000180)={0x5})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101740, 0x179)
ioctl$FITRIM(r1, 0xc0185879, &(0x7f0000000000)={0x4000000000000008, 0xf20c, 0x9})

2.947750454s ago: executing program 0 (id=1092):
syz_mount_image$hpfs(&(0x7f000000a000), &(0x7f0000009ec0)='./file1\x00', 0x3200041, &(0x7f0000000000)=ANY=[@ANYBLOB="6561733d6e6f2c636173653d617369732c636865636b3d6e6f6e652c00ecb1696642cb97380abf69dce83f1c1dd0eb96506352e4c7d6b88109eebe378da654d5d91d6a45e65053658f366b87b26180bdb0a0e2ef4103c4336999ae591f101bac606a7595fc5a131d32d3723526dc1d4b5c1ce2f300a7eb59286590c97f58ae092a495a425b0bec6265"], 0x1, 0x9e15, &(0x7f000000a040)="$eJwUk1Mc34UDRZe37JZtnmzbtm375H5fG8u23VbLtm3XsrH4//wf7ut9OPfcOwc4coCjBnjXAO8e4OgB3jPAewd43wDvH+ADA3xwgA8N8OEBPjLARwf42AAfH+ATA3xygE8N8OkBPjPAZwf43ACfH+ALA3xxgC8N8OUBvjLAVwf42gBfH+AbA3xzgG8N8O0BvjPAdwf43gDfH+AHA/xwgB8N8OMBfjLATwf42QA/H+AXAxwzwC8H+NUAvx7gNwP8doDfDfD7Af4wwB8H+NMAfx7gLwP8dYC/DfD3Af4xwLED/HOAfw3w7wH+M8B/B/jfAIcEOE6A4wY4XoDjBzhBgBMGOFGAQwMcFuDEAU4S4KQBThbg5AFOEeCUAU4V4NQBThPgtAFOF+D0Ac4Q4PAAZwxwpgBnDnCWAGcNcLYAZw9wjgDnDHCuAOcOcJ4A5w1wvgDnD3CBABcMcKEAFw5wkQAXDXCxABcPcIkACXDJAJcKcOkAlwlw2QCXC3D5AFcIcMUAVwpw5QBXCXDVAFcLcPUA1whwzQDXCnDtANcJcN0A1wtw/QA3CHDDADcKcOMANwlw0wA3C3DzALcIcMsAtwpw6wC3CXDbALcLcPsAdwhwxwB3CnDnAHcJcNcAdwtw9wD3CHDPAPcKcO8A9wlw3wD3C3D/AA8I8MAADwrw4AAPCfDQAA8L8PAAjwjwyACPCvDoAI8J8NgAjwvw+ABPCPDEAA3wpABPDvCUAE8N8LQATw/wjADPDHAQYBBgGGAUYBxgEmAaYBZgHmARYBlgFWAdYBNgG2AXYB/giADPCvDsAM8J8NwAzwvw/AAvCPDCAC8K8OIALwnw0gAvC/DyAK8I8MoArwrw6gCvCfDaAK8L8PoAbwjwxgBvCvDmAG8J8NYAbwvw9gDvCPDOAEcGOCrAuwK8O8DRAd4T4L0B3hfg/QE+EOCDAT4U4MMBPhLgowE+FuDjAT4R4JMBPhXg0wE+E+CzAT4X4PMBvhDgiwG+FODLAb4S4KsBvhbg6wG+EeCbAb4V4NsBvhPguwG+F+D7AX4Q4IcBfhTgxwF+EuCnAX4W4OcBfhHgmAC/DPCrAL8O8JsAvw3wuwC/D/CHAH8M8KcAfw7wlwB/DfC3AH8P8I8Axwb4Z4B/Bfh3gP8E+G+A/wU4JMRxQhw3xPFCHD/ECUKcMMSJQhwa4rAQJw5xkhAnDXGyECcPcYoQpwxxqhCnDnGaEKcNcboQpw9xhhCHhzhjiDOFOHOIs4Q4a4izhTh7iHOEOGeIc4U4d4jzhDhviPOFOH+IC4S4YIgLhbhwiIuEuGiIi4W4eIhLhEiIS4a4VIhLh7hMiMuGuFyIy4e4QogrhrhSiCuHuEqIq4a4Woirh7hGiGuGuFaIa4e4TojrhrheiOuHuEGIG4a4UYgbh7hJiJuGuFmIm4e4RYhbhrhViFuHuE2I24a4XYjbh7hDiDuGuFOIO4e4S4i7hrhbiLuHuEeIe4a4V4h7h7hPiPuGuF+I+4d4QIgHhnhQiAeHeEiIh4Z4WIiHh3hEiEeGeFSIR4d4TIjHhnhciMeHeEKIJ4ZoiCeFeHKIp4R4aoinhXh6iGeEeGaIgxCDEMMQoxDjEJMQ0xCzEPMQixDLEKsQ6xCbENsQuxD7EEeEeFaIZ4d4TojnhnheiOeHeEGIF4Z4UYgXh3hJiJeGeFmIl4d4RYhXhnhViFeHeE2I14Z4XYjXh3hDiDeGeFOIN4d4S4i3hnhbiLeHeEeId4Y4MsRRId4V4t0hjg7xnhDvDfG+EO8P8YEQHwzxoRAfDvGREB8N8bEQHw/xiRCfDPGpEJ8O8ZkQnw3xuRCfD/GFEF8M8aUQXw7xlRBfDfG1EF8P8Y0Q3wzxrRDfDvGdEN8N8b0Q3w/xgxA/DPGjED8O8ZMQPw3xsxA/D/GLEMeE+GWIX4X4dYjfhPhtiN+F+H2IP4T4Y4g/hfhziL+E+GuIv4X4e4h/hDg2xD9D/CvEv0P8J8R/Q/wvxCERjhPhuBGOF+H4EU4Q4YQRThTh0AiHRThxhJNEOGmEk0U4eYRTRDhlhFNFOHWE00Q4bYTTRTh9hDNEODzCGSOcKcKZI5wlwlkjnC3C2SOcI8I5I5wrwrkjnCfCeSOcL8L5I1wgwgUjXCjChSNcJMJFI1wswsUjXCJCIlwywqUiXDrCZSJcNsLlIlw+whUiXDHClSJcOcJVIlw1wtUiXD3CNSJcM8K1Ilw7wnUiXDfC9SJcP8INItwwwo0i3DjCTSLcNMLNItw8wi0i3DLCrSLcOsJtItw2wu0i3D7CHSLcMcKdItw5wl0i3DXC3SLcPcI9Itwzwr0i3DvCfSLcN8L9Itw/wgMiPDDCgyI8OMJDIjw0wsMiPDzCIyI8MsKjIjw6wmMiPDbC4yI8PsITIjwxQiM8KcKTIzwlwlMjPC3C0yM8I8IzIxxEGEQYRhhFGEeYRJhGmEWYR1hEWEZYRVhH2ETYRthF2Ec4IsKzIjw7wnMiPDfC8yI8P8ILIrwwwosivDjCSyK8NMLLIrw8wisivDLCqyK8OsJrIrw2wusivD7CGyK8McKbIrw5wlsivDXC2yK8PcI7IrwzwpERjorwrgjvjnB0hPdEeG+E90V4f4QPRPhghA9F+HCEj0T4aISPRfh4hE9E+GSET0X4dITPRPhshM9F+HyEL0T4YoQvRfhyhK9E+GqEr0X4eoRvRPhmhG9F+HaE70T4boTvRfh+hB9E+GGEH0X4cYSfRPhphJ9F+HmEX0Q4JsIvI/wqwq8j/CbCbyP8LsLvI/whwh8j/CnCnyP8JcJfI/wtwt8j/CPCsRH+GeFfEf4d4T8R/hvhfxEOiXGcGMeNcbwYx49xghgnjHGiGIfGOCzGiWOcJMZJY5wsxsljnCLGKWOcKsapY5wmxmljnC7G6WOcIcbhMc4Y40wxzhzjLDHOGuNsMc4e4xwxzhnjXDHOHeM8Mc4b43wxzh/jAjEuGONCMS4c4yIxLhrjYjEuHuMSMRLjkjEuFePSMS4T47IxLhfj8jGuEOOKMa4U48oxrhLjqjGuFuPqMa4R45oxrhXj2jGuE+O6Ma4X4/oxbhDjhjFuFOPGMW4S46Yxbhbj5jFuEeOWMW4V49YxbhPjtjFuN/6QIf/nu0OMO8a4U4w7x7hLjLvGuFuMu8e4R4x7xrhXjHvHuE+M+8a4X4z7x3hAjAfGeFCMB8d4SIyHxnhYjIfHeESMR8Z4VIxHx3hMjMfGeFyMx8d4QownxmiMJ8V4coynxHhqjKfFeHqMZ8R4ZoyDGIMYwxijGOMYkxjTGLMY8xiLGMsYqxjrGJsY2xi7GPsYR8R4Voxnx3hOjOfGeF6M58d4QYwXxnhRjBfHeEmMl8Z4WYyXx3hFjFfGeFWMV8d4TYzXxnhdjNfHeEOMN8Z4U4w3x3hLjLfGeFuMt8d4R4x3xjgyxlEx3hXj3TGOjvGeGO+N8b4Y74/xgRgfjPGhGB+O8ZEYH43xsRgfj/GJGJ+M8akYn47xmRifjfG5GJ+P8YUYX4zxpRhfjvGVGF+N8bUYX4/xjRjfjPGtGN+O8Z0Y343xvRjfj/GDGD+M8aMYP47xkxg/jfGzGD+P8YsYx8T4ZYxfxfh1jN/E+G2M38X4fYw/xPhjjD/F+HOMv8T4a4y/xfh7jH/EODbGP2P8K8a/Y/wnxn9j/C/GIQmOk+C4CY6X4PgJTpDghAlOlODQBIclOHGCkyQ4aYKTJTh5glMkOGWCUyU4dYLTJDhtgtMlOH2CMyQ4PMEZE5wpwZkTnCXBWROcLcHZE5wjwTkTnCvBuROcJ8F5E5wvwfkTXCDBBRNcKMGFE1wkwUUTXCzBxRNcIkESXDLBpRJcOsFlElw2weUSXD7BFRJcMcGVElw5wVUSXDXB1RJcPcE1ElwzwbUSXDvBdRJcN8H1Elw/wQ0S3DDBjRLcOMFNEtw0wc0S3DzBLRLcMsGtEtw6wW0S3DbB7RLcPsEdEtwxwZ0S3DnBXRLcNcHdEtw9wT0S3DPBvRLcO8F9Etw3wf0S3D/BAxI8MMGDEjw4wUMSPDTBwxI8PMEjEjwywaMSPDrBYxI8NsHjEjw+wRMSPDFBEzwpwZMTPCXBUxM8LcHTEzwjwTMTHCQYJBgmGCUYJ5gkmCaYJZgnWCRYJlglWCfYJNgm2CXYJzgiwbMSPDvBcxI8N8HzEjw/wQsSvDDBixK8OMFLErw0wcsSvDzBKxK8MsGrErw6wWsSvDbB6xK8PsEbErwxwZsSvDnBWxK8NcHbErw9wTsSvDPBkQmOSvCuBO9OcHSC9yR4b4L3JXh/gg8k+GCCDyX4cIKPJPhogo8l+HiCTyT4ZIJPJfh0gs8k+GyCzyX4fIIvJPhigi8l+HKCryT4aoKvJfh6gm8k+GaCbyX4doLvJPhugu8l+H6CHyT4YYIfJfhxgp8k+GmCnyX4eYJfJDgmwS8T/CrBrxP8JsFvE/wuwe8T/CHBHxP8KcGfE/wlwV8T/C3B3xP8I8GxCf6Z4F8J/p3gPwn+m+B/CQ5JcZwUx01xvBTHT3GCFCdMcaIUh6Y4LMWJU5wkxUlTnCzFyVOcIsUpU5wqxalTnCbFaVOcLsXpU5whxeEpzpjiTCnOnOIsKc6a4mwpzp7iHCnOmeJcKc6d4jwpzpvifCnOn+ICKS6Y4kIpLpziIikumuJiKS6e4hIpkuKSKS6V4tIpLpPisikul+LyKa6Q4ooprpTiyimukuKqKa6W4uoprpHimimuleLaKa6T4roprpfi+ilukOKGKW6U4sYpbpLipiluluLmKW6R4pYpbpXi1iluk+K2KW6X4vYp7pDijinulOLOKe6S4q4p7pbi7inukeKeKe6V4t4p7pPivinul+L+KR6Q4oEpHpTiwSkekuKhKR6W4uEpHpHikSkeleLRKR6T4rEpHpfi8SmekOKJKZriSSmenOIpKZ6a4mkpnp7iGSmemeIgxSDFMMUoxTjFJMU0xSzFPMUixTLFKsU6xSbFNsUuxT7FESmeleLZKZ6T4rkpnpfi+SlekOKFKV6U4sUpXpLipSleluLlKV6R4pUpXpXi1Slek+K1KV6X4vUp3pDijSnelOLNKd6S4q0p3pbi7SnekeKdKY5McVSKd6V4d4qjU7wnxXtTvC/F+1N8IMUHU3woxYdTfCTFR1N8LMXHU3wixSdTfCrFp1N8JiV5NsXnUnw+xRdSfDHFl1J8OcVXUnw1xddSfD3FN1J8M8W3Unw7xXdSfDfF91J8P8UPUvwwxY9S/DjFT1L8NMXPUvw8xS9SHJPilyl+leLXKX6T4rcpfpfi9yn+kOKPKf6U4s8p/pLiryn+luLvKf6R4tgU/0zxrxT/TvGfFP9N8b8Uh2Q4TobjZjhehuNnOEGGE2Y4UYZDMxyW4cQZTpLhpBlOluHkGU6R4ZQZTpXh1BlOk+G0GU6X4fQZzpDh8AxnzHCmDGfOcJYMZ81wtgxnz3CODOfMcK4M585wngznzXC+DOfPcIEMF8xwoQwXznCRDBfNcLEMF89wiQzJcMkMl8pw6QyXyXDZDJfLcPkMV8hwxQxXynDlDFfJcNUMV8tw9QzXyHDNDNfKcO0M18lw3QzXy3D9DDfIcMMMN8pw4ww3yXDTDDfLcPMMt8hwywy3ynDrDLfJcNsMt8tw+wx3yHDHDHfKcOcMd8lw1wx3y3D3DPfIcM8M98pw7wz3yXDfDPfLcP8MD8jwwAwPyvDgDA/J8NAMD8vw8AyPyPDIDI/K8OgMj8nw2AyPy/D4DE/I8MQMzfCkDE/O8JQMT83wtAxPz/CMDM/McJBhkGGYYZRhnGGSYZphlmGeYZFhmWGVYZ1hk2GbYZdhn+GIDM/K8OwMz8nw3AzPy/D8DC/I8MIML8rw4gwvyfDSDC/L8PIMr8jwygyvyvDqDK/J8NoMr8vw+gxvyPDGDG/K8OYMb8nw1gxvy/D2DO/I8M4MR2Y4KsO7Mrw7w9EZ3pPhvRnel+H9GT6Q4YMZPpThwxk+kuGjGT6W4eMZPpHhkxk+leHTGT6T4bMZPpfh8xm+kOGLGb6U4csZvpLhqxm+luHrGb6R4ZsZvpXh2xm+k+G7Gb6X4fsZfpDhhxl+lOHHGX6S4acZfpbh5xl+keGYDL/M8KsMv87wmwy/zfC7DL/P8IcMf8zwpwx/zvCXDH/N8LcMf8/wjwzHZvhnhn9l+HeG/2T4b4b/ZTgkx3FyHDfH8XIcP8cJcpwwx4lyHJrjsBwnznGSHCfNcbIcJ89xihynzHGqHKfOcZocp81xuhynz3GGHIfnOGOOM+U4c46z5DhrjrPlOHuOc+Q4Z45z5Th3jvPkOG+O8+U4f44L5LhgjgvluHCOi+S4aI6L5bh4jkvkSI5L5rhUjkvnuEyOy+a4XI7L57hCjivmuFKOK+e4So6r5rhajqvnuEaOaw4dMuT/LNbOcZ0c181xvRzXz3GDHDfMcaMcN85xkxw3zXGzHDfPcYsct8xxqxy3znGbHLfNcbsct89xhxx3zHGnHHfOcZccd81xtxx3z3GPHPfMca8c985xnxz3zXG/HPfP8YAcD8zxoBwPzvGQHA/N8bAcD8/xiByPzPGoHI/O8Zgcj83xuByPz/GEHE/M0RxPyvHkHE/J8dQcT8vx9BzPyPHMHAc5BjmGOUY5xjkmOaY5ZjnmORY5ljlWOdY5Njm2OXY59jmOyPGsHM/O8Zwcz83xvBzPz/GCHC/M8aIcL87xkhwvzfGyHC/P8Yocr8zxqhyvzvGaHK/N8bocr8/xhhxvzPGmHG/O8ZYcb83xthxvz/GO/+81ZsTYkTmO+r/LQ4YM+X9G5zhkyJAh9+Z4X4735/hAjg/+3/0hQ4Y8nOMjOT6a42M5Pp7jEzk+meNTOT6d4zM5Ppvjczk+n+MLOb6Y40s5vpzjKzm+muNrOb6e4xs5vpnjWzm+neM7Ob6b43s5vp/jBzl+mONHOX6c4yc5fprjZzl+nuMXOY7J8cscv8rx6xy/yfHbHL/L8fscf8jxxxx/yvHnHH/J8dccf8vx9xz/yHFsjn/m+FeOf+f4T47/5vjf/5kUOE6B4xY4XoHjFzhBgRMWOFGBQwscVuDEBU5S4KQFTlbg5AVOUeCUBU5V4NQFTlPgtAVOV+D0Bc5Q4PACZyxwpgJnLnCWAmctcLYCZy9wjgLnLHCuAucucJ4C5y1wvgLnL3CBAhcscKECFy5wkQIXLXCxAhcvcIkCKXDJApcqcOkCNxjejF22wOUKXL7AFQpcscCVCly5wFUKXLXA1QpcvcA1ClyzwLUKXLvAdQpct8D1Clz//30FbljgRgVuXOAmBW5a4GYFbl7gFgVuWeBWBW5d4DYFblvgdgVuX+AOBe5Y4E4F7lzgLgXuWuBuBe5e4B4F7lngXgXuXeA+Be5b4H4F7l/gAQUeWOBBBR5c4CEFHlrgYQUeXuARBR5Z4FEFHl3gMQUeW+BxBR5f4AkFnligBZ5U4MkFnlLgqQWeVuDpBZ5R4JkFDgoMCgwLjAqMC0wKTAvMCswLLAosC6wKrAtsCmwL7ArsCxxR4FkFnl3gOQWeW+B5BZ5f4AUFXljgRQVeXOAlBV5a4GUFXl7gFQVeWeBVBV5d4DUFXlvgdQVeX+ANBd5Y4E0F3lzgLQXeWuBtBd5e4B0F3lngyAJHFXhXgXcXOLrAewq8t8D7Cry/wAcKfLDAhwp8uMBHCny0wMcKfLzAJwp8ssCnCny6wGcKfLbA5wp8vsAXCnyxwJcKfLnAVwp8tcDXCny9wDcKfLPAtwp8u8B3Cny3wPcKfL/ADwr8sMCPCvy4wE8K/LTAzwr8vMAvChxT4JcFflXg1wV+U+C3BX5X4PcF/lDgjwX+VODPBf5S4K8F/lbg7wX+UeDYAv8s8K8C/y7wnwL/LfC/AoeUOE6J45Y4XonjlzhBiROWOFGJQ0scVuLEJU5S4qQlTlbi5CVOUeKUJU5V4tQlTlPitCVOV+L0Jc5Q4vASZyxxphJnLnGWEmctcbYSZy9xjhLnLHGuEucucZ4S5y1xvhLnL3GBEhcscaESFy5xkRIXLXGxEhcvcYkSKXHJEpcqcekSlylx2RKXK3H5ElcoccUSVypx5RJXKXHVElcrcfUS1yhxzRLXKnHtEtcpcd0S1ytx/RI3KHHDEjcqceMSNylx0xI3K3HzErcoccsStypx6xK3KXHbErcrcfsSdyhxxxJ3KnHnEncpcdcSdytx9xL3KHHPEvcqce8S9ylx3xL3K3H/Eg8o8cASDyrx4BIPKfHQEg8r8fASjyjxyBKPKvHoEo8p8dgSjyvx+BJPKPHEEi3xpBJPLvGUEk8t8bQSTy/xjBLPLHFQYlBiWGJUYlxiUmJaYlZiXmJRYlliVWJdYlNiW2JXYl/iiBLPKvHsEs8p8dwSzyvx/BIvKPHCEi8q8eISLynx0hIvK/HyEq8o8coSryrx6hKvKfHaEq8r8foSbyjxxhJvKvHmEm8p8dYSbyvx9hLvKPHOEkeWOKrEu0q8u8TRJd5T4r0l3lfi/SU+UOKDJT5U4sMlPlLioyU+VuLjJT5R4pMlPlXi0yU+U+KzJT5X4vMlvlDiiyW+VOLLJb5S4qslvlbi6yW+UeKbJb5V4tslvlPiuyW+V+L7JX5Q4oclflTixyV+UuKnJX5W4uclflHimBK/LPGrEr8u8ZsSvy3xuxK/L/GHEn8s8acSfy7xlxJ/LfG3En8v8Y8Sx5b4Z4l/lfh3if+U+G+J/5U4pMJxKhy3wvEqHL/CCSqcsMKJKhxa4bAKJ65wkgonrXCyCievcIoKp6xwqgqnrnCaCqetcLoKp69whgqHVzhjhTNVOHOFs1Q4a4WzVTh7hXNUOGeFc1U4d4XzVDhvhfNVOH+FC1S4YIULVbhwhYtUuGiFi1W4eIVLVEiFS1a4VIVLV7hMhctWuFyFy1e4QoUrVrhShStXuEqFq1a4WoWrV7hGhWtWuFaFa1e4ToXrVrhehetXuEGFG1a4UYUbV7hJhZtWuFmFm1e4RYVbVrhVhVtXuE2F21a4XYXbV7hDhTtWuFOFO1e4S4W7VrhbhbtXuEeFe1a4V4V7V7hPhftWuF+F+1d4QIUHVnhQhQdXeEiFh1Z4WIWHV3hEhUdWeFSFR1d4TIXHVnhchcdXeEKFJ1ZohSdVeHKFp1R4aoWnVXh6hWdUeGaFgwqDCsMKowrjCpMK0wqzCvMKiwrLCqsK6wqbCtsKuwr7CkdUeFaFZ1d4ToXnVnhehedXeEGFF1Z4UYUXV3hJhZdWeFmFl1d4RYVXVnhVhVdXeE2F11Z4XYXXV3hDhTdWeFOFN1d4S4W3VnhbhbdXeEeFd1Y4ssJRFd5V4d0Vjq7wngrvrfC+Cu+v8IEKH6zwoQofrvCRCh+t8LEKH6/wiQqfrPCpCp+u8JkKn63wuQqfr/CFCl+s8KUKX67wlQpfrfC1Cl+v8I0K36zwrQrfrvCdCt+t8L0K36/wgwo/rPCjCj+u8JMKP63wswo/r/CLCsdU+GWFX1X4dYXfVPhthd9V+H2FP1T4Y4U/Vfhzhb9U+GuFv1X4e4V/VDi2wj8r/KvCvyv8p8J/K/yvwiE1jlPjuDWOV+P4NU5Q44Q1TlTj0BqH1ThxjZPUOGmNk9U4eY1T1DhljVPVOHWN09Q4bY3T1Th9jTPUOLzGGWucqcaZa5ylxllrnK3G2Wuco8Y5a5yrxrlrnKfGeWucr8b5a1ygxgVrXKjGhWtcpMZFa1ysxsVrXKJGalyyxqVqXLrGZWpctsblaly+xhVqXLHGlWpcucZValy1xtVqXL3GNWpcs8a1aly7xnVqXLfG9Wpcv8YNatywxo1q3LjGTWrctMbNaty8xi1q3LLGrWrcusZtaty2xu1q3L7GHWrcscadaty5xl1q3LXG3WrcvcY9atyzxr1q3LvGfWrct8b9aty/xgNqPLDGg2o8uMZDajy0xsNqPLzGI2o8ssajajy6xmNqPLbG42o8vsYTajyxRms8qcaTazylxlNrPK3G02s8o8YzaxzUGNQY1hjVGNeY1JjWmNWY11jUWNZY1VjX2NTY1tjV2Nc4osazajy7xnNqPLfG82o8v8YLarywxotqvLjGS2q8tMbLary8xitqvLLGq2q8usZrary2xutqvL7GG2q8scabary5xltqvLXG22q8vcY7aryzxpE1jqrxrhrvrnF0jffUeG+N99V4f40P1PhgjQ/V+HCNj9T4aI2P1fh4jU/U+GSNT9X4dI3P1Phsjc/V+HyNL9T4Yo0v1fhyja/U+GqNr9X4eo1v1PhmjW/V+HaN79T4bo3v1fh+jR/U+GGNH9X4cY2f1PhpjZ/V+HmNX9Q4psYva/yqxq9r/KbGb2v8rsbva/yhxh9r/KnGn2v8pcZfa/ytxt9r/KPGsTX+WeNfNf5d4z81/lvjfzUOaXCcBsdtcLwGx29wggYnbHCiBoc2OKzBiRucpMFJG5yswckbnKLBKRucqsGpG5ymwWkbnK7B6RucocHhDc7Y4EwNztzgLA3O2uBsDc7e4BwNztngXA3O3eA8Dc7b4HwNzt/gAg0u2OBCDS7c4CINLtrgYg0u3uASDdLgkg0u1eDSDS7T4LINLtfg8g2u0OCKDa7U4MoNrtLgqg2u1uDqDa7R4JoNrtXg2g2u0+C6Da7X4PoNbtDghg1u1ODGDW7S4KYNbtbg5g1u0eCWDW7V4NYNbtPgtg1u1+D2De7Q4I4N7tTgzg3u0uCuDe7W4O4N7tHgng3u1eDeDe7T4L4N7tfg/g0e0OCBDR7U4MENHtLgoQ0e1uDhDR7R4JENHtXg0Q0e0+CxDR7X4PENntDgiQ3a4EkNntzgKQ2e2uBpDZ7e4BkNntngoMGgwbDBqMG4waTBtMGswbzBosGywarBusGmwbbBrsG+wRENntXg2Q2e0+C5DZ7X4PkNXtDghQ1e1ODFDV7S4KUNXtbg5Q1e0eCVDV7V4NUNXtPgtQ1e1+D1Dd7Q4I0N3tTgzQ3e0uCtDd7W4O0N3tHgnQ2ObHBUg3c1eHeDoxu8p8F7G7yvwfsbfKDBBxt8qMGHG3ykwUcbfKzBxxt8osEnG3yqwacbfKbBZxt8rsHnG3yhwRcbfKnBlxt8pcFXG3ytwdcbfKPBNxt8q8G3G3ynwXcbfK/B9xv8oMEPG/yowY8b/KTBTxv8rMHPG/yiwTENftngVw1+3eA3DX7b4HcNft/gDw3+2OBPDf7c4C8N/trgbw3+3uAfDY5t8M8G/2rw7wb/afDfBv9rcEiL47Q4bovjtTh+ixO0OGGLE7U4tMVhLU7c4iQtTtriZC1O3uIULU7Z4lQtTt3iNC1O2+J0LU7f4gwtDm9xxhZnanHmFmdpcdYWZ2tx9hbnaHHOFudqce4W52lx3hbna3H+FhdoccEWF2px4RYXaXHRFhdrcfEWl2iRFpdscakWl25xmRaXbXG5FpdvcYUWV2xxpRZXbnGVFldtcbUWV29xjRbXbHGtFtducZ0W121xvRbXb3GDFjdscaMWN25xkxY3bXGzFjdvcYsWt2xxqxa3bnGbFrdtcbsWt29xhxZ3bHGnFnducZcWd21xtxZ3b3GPFvdsca8W925xnxb3bXG/Fvdv8YAWD2zxoBYPbvGQFg9t8bAWD2/xiBaPbPGoFo9u8ZgWj23xuBaPb/GEFk9s0RZPavHkFk9p8dQWT2vx9BbPaPHMFgctBi2GLUYtxi0mLaYtZi3mLRYtli1WLdYtNi22LXYt9i2OaPGsFs9u8ZwWz23xvBbPb/GCFi9s8aIWL27xkhYvbfGyFi9v8YoWr2zxqhavbvGaFq9t8boWr2/xhhZvbPGmFm9u8ZYWb23xthZvb/GOFu9scWSLo1q8q8W7Wxzd4j0t3tvifS3e3+IDLT7Y4kMtPtziIy0+2uJjLT7e4hMtPtniUy0+3eIzLT7b4nMtw/7/mxdafLHFl1p8ucVXWny1xddafL3FN1p8s8W3Wny7xXdafLfF91p8v8UPWvywxY9a/LjFT1r8tMXPWvy8xS9aHNPily1+1eLXLX7T4rctftfi9y3+0OKPLf7U4s8t/tLiry3+1uLvLf7R4tgW/2zxrxb/bvGfFv9t8b8Wh3Q4Tofjdjheh+N3OEGHE3Y4UYdDOxzW4cQdTtLhpB1O1uHkHU7R4ZQdTtXh1B1O0+G0HU7X4fQdztDh8A5n7HCmDmfucJYOZ+1wtg5n73CODufscK4O5+5wng7n7XC+DufvcIEOF+xwoQ4X7nCRDhftcLEOF+9wiQ7pcMkOl+pw6Q6X6XDZDpfrcPmOYUOGDHHFDlfqcOUOV+lw1Q5X63D1DtfocM0O1+pw7Q7X6XDdDtfrcP0ON+hwww436nDjDjfpcNMON+tw8w636HDLDrfqcOsOt+lw2w6363D7DnfocMcOd+pw5w536XDXDnfrcPcO9+hwzw736nDvDvfpcN8O9+tw/w4P6PDADg/q8OAOD+nw0A4P6/DwDo/o8MgOj+rw6A6P6fDYDo/r8PgOT+jwxA7t8KQOT+7wlA5P7fC0Dk/v8IwOz+xw0GHQYdhh1GHcYdJh2mHWYd5h0WHZYdVh3WHTYdth12Hf4YgOz+rw7A7P6fDcDs/r8PwOL+jwwg4v6vDiDi/p8NIOL+vw8g6v6PDKDq/q8OoOr+nw2g6v6/D6Dm/o8MYOb+rw5g5v6fDWDm/r8PYO7+jwzg5Hdjiqw7s6vLvD0R3e0+G9Hd7X4f0dPtDhgx0+1OHDHT7S4aMdPtbh4x0+0eGTHT7V4dMdPtPhsx0+1+HzHb7Q4YsdvtThyx2+0uGrHb7W4esdvtHhmx2+1eHbHb7T4bsdvtfh+x1+0OGHHX7U4ccdftLhpx1+1uHnHX7R4ZgOv+zwqw6/7vCbDr/t8LsOv+/whw5/7PCnDn/u8JcOf+3wtw5/7/CPDsd2+GeHf3X4d4f/dPhvh/91OKTHcXoct8fxehy/xwl6nLDHiXoc2uOwHifucZIeJ+1xsh4n73GKHqfscaoep+5xmh6n7XG6HqfvcYYeh/c4Y48z9Thzj7P0OGuPs/U4e49z9Dhnj3P1OHeP8/Q4b4/z9Th/jwv0uGCPC/W4cI+L9Lhoj4v1uHiPS/RIj0v2uFSPS/e4TI/L9rhcj8v3uEKPK/a4Uo8r97hKj6v2uFqPq/e4Ro9r9rhWj2v3uE6P6/a4Xo/r97hBjxv2uFGPG/e4SY+b9rhZj5v3uEWPW/a4VY9b97hNj9v2uF2P2/e4Q4879rhTjzv3uEuPu/a4W4+797hHj3v2uFePe/e4T4/79rhfj/v3eECPB/Z4UI8H93hIj4f2eFiPh/d4RI9H9nhUj0f3eEyPx/Z4XI/H93hCjyf2aI8n9Xhyj6f0eGqPp/V4eo9n9Hhmj4Megx7DHqMe4x6THtMesx7zHoseyx6rHusemx7bHrse+x5H9HhWj2f3eE6P5/Z4Xo/n93hBjxf2eFGPF/d4SY+X9nhZj5f3eEWPV/Z4VY9X93hNj9f2eF2P1/d4Q4839nhTjzf3eEuPt/Z4W4+393hHj3f2OLLHUT3e1ePdPY7u8Z6e/7FID0x4HgwCRVO3qW3bvbVt27btWyO138dGbSupbdu2He3szPcXzhyHD3DEAB8a4MMDfGSAjw7wsQE+PsAnBvjkAJ8a4NMDfGaAzw7wuQE+P8AXBvjiAF8a4MsDfGWArw7wtQG+PsA3BvjmAN8a4NsDfGeA7w7wvQG+P8APBvjhAD8a4McD/GSAnw7wswF+PsAvBvjlAL8a4NcD/GaA3w7wuwF+P8AfBvjjAH8a4M8D/GWAvw7wtwH+PsA/BvjnAP8a4N8D/GeA/w7wvwGOHOCoAY4e4JgBjh3gkADHCXDcAMcLcPwAJwhwwgAnCnDiACcJcGiAkwY4WYCTBzhFgFMGOFWAUwc4TYDTBjhdgNMHOEOAMwY4U4AzBzhLgLMGOFuAswc4R4BzBjhXgHMHOE+A8wY4X4DzB7hAgAsGuFCACwe4SICLBrhYgIsHuESASwa4VIAEuHSAywS4bIDLBbh8gCsEuGKAKwW4coCrBLhqgKsFuHqAawS4ZoBrBbh2gOsEuG6A6wW4foAbBLhhgBsFuHGAmwS4aYCbBbh5gFsEuGWAWwW4dYDbBLhtgNsFuH2AOwS4Y4A7BbhzgLsEuGuAuwW4e4B7BLhngHsFuHeA+wS4b4D7Bbh/gAcEeGCABwV4cICHBHhogIcFeHiARwR4ZIBHBXh0gMcEeGyAxwV4fIAnBHhigCcFeHKABnhKgKcGeFqApwd4RoBnBnhWgGcHeE6A5wY4LMDzAjw/wAsCvDDAiwK8OMBLArw0wMsCvDzAKwK8MsCrAhwEGAQYBhgFGAeYBJgGmAWYB1gEWAZYBVgH2ATYBtgF2Ad4dYDXBHhtgNcFeH2ANwR4Y4A3BXhzgLcEeGuAtwV4e4B3BHhngHcFeHeA9wR4b4D3BXh/gA8E+GCAwwMcEeBDAT4c4CMBPhrgYwE+HuATAT4Z4FMBPh3gMwE+G+BzAT4f4AsBvhjgSwG+HOArAb4a4GsBvh7gGwG+GeBbAb4d4DsBvhvgewG+H+AHAX4Y4EcBfhzgJwF+GuBnAX4e4BcBfhngVwF+HeA3AX4b4HcBfh/gDwH+GOBPAf4c4C8B/hrgbwH+HuAfAf4Z4F8B/h3gPwH+G+B/AY4McFSAowMcE+DYAIeEOE6I44Y4XojjhzhBiBOGOFGIE4c4SYhDQ5w0xMlCnDzEKUKcMsSpQpw6xGlCnDbE6UKcPsQZQpwxxJlCnDnEWUKcNcTZQpw9xDlCnDPEuUKcO8R5Qpw3xPlCnD/EBUJcMMSFQlw4xEVCXDTExUJcPMQlQlwyxKVCJMSlQ1wmxGVDXC7E5UNcIcQVQ1wpxJVDXCXEVUNcLcTVQ1wjxDVDXCvEtUNcJ8R1Q1wvxPVD3CDEDUPcKMSNQ9wkxE1D3CzEzUPcIsQtQ9wqxK1D3CbEbUPcLsTtQ9whxB1D3CnEnUPcJcRdQ9wtxN1D3CPEPUPcK8S9Q9wnxH1D3C/E/UM8IMQDQzwoxINDPCTEQ0M8LMTDQzwixCNDPCrEo0M8JsRjQzwuxONDPCHEE0M8KcSTQzTEU0I8NcTTQjw9xDNCPDPEs0I8O8RzQjw3xGEhnhfi+SFeEOKFIV4U4sUhXhLipSFeFuLlIV4R4pUhXhXiIMQgxDDEKMQ4xCTENMQsxDzEIsQyxCrEOsQmxDbELsQ+xKtDvCbEa0O8LsTrQ7whxBtDvCnEm0O8JcRbQ7wtxNtDvCPEO0O8K8S7Q7wnxHtDvC/E+0N8IMQHQxwe4ogQHwrx4RAfCfHREB8L8fEQnwjxyRCfCvHpEJ8J8dkQnwvx+RBfCPHFEF8K8eUQXwnx1RBfC/H1EN8I8c0Q3wrx7RDfCfHdEN8L8f0QPwjxwxA/CvHjED8J8dMQPwvx8xC/CPHLEL8K8esQvwnx2xC/C/H7EH8I8ccQfwrx5xB/CfHXEH8L8fcQ/wjxzxD/CvHvEP8J8d8Q/wtxZIijQhwd4pgQx4Y4JMJxIhw3wvEiHD/CCSKcMMKJIpw4wkkiHBrhpBFOFuHkEU4R4ZQRThXh1BFOE+G0EU4X4fQRzhDhjBHOFOHMEc4S4awRzhbh7BHOEeGcEc4V4dwRzhPhvBHOF+H8ES4Q4YIRLhThwhEuEuGiES4W4eIRLhHhkhEuFSERLh3hMhEuG+FyES4f4QoRrhjhShGuHOEqEa4a4WoRrh7hGhGuGeFaEa4d4ToRrhvhehGuH+EGEW4Y4UYRbhzhJhFuGuFmEW4e4RYRbhnhVhFuHeE2EW4b4XYRbh/hDhHuGOFOEe4c4S4R7hrhbhHuHuEeEe4Z4V4R7h3hPhHuG+F+Ee4f4QERHhjhQREeHOEhER4a4WERHh7hEREeGeFRER4d4TERHhvhcREeH+EJEZ4Y4UkRnhyhEZ4S4akRnhbh6RGeEeGZEZ4V4dkRnhPhuREOi/C8CM+P8IIIL4zwoggvjvCSCC+N8LIIL4/wigivjPCqCAcRBhGGEUYRxhEmEaYRZhHmERYRlhFWEdYRNhG2EXYR9hFeHeE1EV4b4XURXh/hDRHeGOFNEd4c4S0R3hrhbRHeHuEdEd4Z4V0R3h3hPRHeG+F9Ed4f4QMRPhjh8AhHRPhQhA9H+EiEj0b4WISPR/hEhE9G+FSET0f4TITPRvhchM9H+EKEL0b4UoQvR/hKhK9G+FqEr0f4RoRvRvhWhG9H+E6E70b4XoTvR/hBhB9G+FGEH0f4SYSfRvhZhJ9H+EWEX0b4VYRfR/hNhN9G+F2E30f4Q4Q/RvhThD9H+EuEv0b4W4S/R/hHhH9G+FeEf0f4T4T/RvhfhCMjHBXh6AjHRDg2wiExjhPjuDGOF+P4MU4Q44QxThTjxDFOEuPQGCeNcbIYJ49xihinjHGqGKeOcZoYp41xuhinj3GGGGeMcaYYZ45xlhhnjXG2GGePcY4Y54xxrhjnjnGeGOeNcb4Y549xgRgXjHGhGBeOcZEYF41xsRgXj3GJGJeMcakYiXHpGJeJcdkYl4tx+RhXiHHFGFeKceUYV4lx1RhXi3H1GNeIcc0Y14px7RjXiXHdGNeLcf0YN4hxwxg3inHjGDeJcdMYN4tx8xi3iHHLGLeKcesYt4lx2xi3i3H7GHeIcccYd4px5xh3iXHXGHeLcfcY94hxzxj3inHvGPeJcd8Y94tx/xgPiPHAGA+K8eAYD4nx0BgPi/HwGI+I8cgYj4rx6BiPifHYGI+L8fgYT4jxxBhPivHkGI3xlBhPjfG0GE+P8YwYz4zxrBjPjvGcGM+NcViM58V4fowXxHhhjBfFeHGMl8R4aYyXxXh5jFfEeGWMV8U4iDGIMYwxijGOMYkxjTGLMY+xiLGMsYqxjrGJsY2xi7GP8eoYr4nx2hivi/H6GG+I8cYYb4rx5hhvifHWGG+L8fYY74jxzhjvivHuGO+J8d4Y74vx/hgfiPHBGIfHOCLGh2J8OMZHYnw0xsdifDzGJ2J8MsanYnw6xmdifDbG52J8PsYXYnwxxpdifDnGV2J8NcbXYnw9xjdifDPGt2J8O8Z3Ynw3xvdifD/GD2L8MMaPYvw4xk9i/DTGz2L8PMYvYvwyxq9i/DrGb2L8NsbvYvw+xh9i/DHGn2L8OcZfYvw1xt9i/D3GP2L8M8a/Yvw7xn9i/DfG/2IcGeOoGEfHOCbGsTEOSXCcBMdNcLwEx09wggQnTHCiBCdOcJIEhyY4aYKTJTh5glMkOGWCUyU4dYLTJDhtgtMlOH2CMyQ4Y4IzJThzgrMkOGuCsyU4e4JzJDhngnMlOHeC8yQ4b4LzJTh/ggskuGCCCyW4cIKLJLhogosluHiCSyS4ZIJLJUiCSye4TILLJrhcgssnuEKCKya4UoIrJ7hKgqsmuFqCqye4RoJrJrhWgmsnuE6C6ya4XoLrJ7hBghsmuFGCGye4SYKbJrhZgpsnuEWCWya4VYJbJ7hNgtsmuF2C2ye4Q4I7JrhTgjsnuEuCuya4W4K7J7hHgnsmuFeCeye4T4L7JrhfgvsneECCByZ4UIIHJ3hIgocmeFiChyd4RIJHJnhUgkcneEyCxyZ4XILHJ3hCgicmeFKCJydogqckeGqCpyV4eoJnJHhmgmcleHaC5yR4boLDEjwvwfMTvCDBCxO8KMGLE7wkwUsTvCzByxO8IsErE7wqwUGCQYJhglGCcYJJgmmCWYJ5gkWCZYJVgnWCTYJtgl2CfYJXJ3hNgtcmeF2C1yd4Q4I3JnhTgjcneEuCtyZ4W4K3J3hHgncmeFeCdyd4T4L3Jnhfgvcn+ECCDyY4PMERCT6U4MMJPpLgowk+luDjCT6R4JMJPpXg0wk+k+CzCT6X4PMJvpDgiwm+lODLCb6S4KsJvpbg6wm+keCbCb6V4NsJvpPguwm+l+D7CX6Q4IcJfpTgxwl+kuCnCX6W4OcJfpHglwl+leDXCX6T4LcJfpfg9wn+kOCPCf6U4M8J/pLgrwn+luDvCf6R4J8J/pXg3wn+k+C/Cf6X4MgERyU4OsExCY5NcEiK46Q4borjpTh+ihOkOGGKE6U4cYqTpDg0xUlTnCzFyVOcIsUpU5wqxalTnCbFaVOcLsXpU5whxRlTnCnFmVOcJcVZU5wtxdlTnCPFOVOcK8W5U5wnxXlTnC/F+VNcIMUFU1woxYVTXCTFRVNcLMXFU1wixSVTXCpFUlw6xWVSXDbF5VJcPsUVUlwxxZVSXDnFVVJcNcXVUlw9xTVSXDPFtVJcO8V1Ulw3xfVSXD/FDVLcMMWNUtw4xU1S3DTFzVLcPMUtUtwyxa1S3DrFbVLcNsXtUtw+xR1S3DHFnVLcOcVdUtw1xd1S3D3FPVLcM8W9Utw7xX1S3DfF/VLcP8UDUjwwxYNSPDjFQ1I8NMXDUjw8xSNSPDLFo1I8OsVjUjw2xeNSPD7FE1I8McWTUjw5RVM8JcVTUzwtxdNTPCPFM1M8K8WzUzwnxXNTHJbieSmen+IFKV6Y4kUpXpziJSlemuJlKV6e4hUpXpniVSkOUgxSDFOMUoxTTFJMU8xSzFMsUixTrFKsU2xSbFPsUuxTvDrFa1K8NsXrUrw+xRtSvDHFm1K8OcVbUrw1xdtSvD3FO1K8M8W7Urw7xXtSvDfF+1K8P8UHUnwwxeEpjkjxoRQfTvGRFB9N8bEUH0/xiRSfTPGpFJ9O8ZkUn03xuRSfT/GFFF9M8aUUX07xlRRfTfG1FF9P8Y0U30zxrRTfTvGdFN9N8b0U30/xgxQ/TPGjFD9O8ZMUP03xsxQ/T/GLFL9M8asUv07xmxS/TfG7FL9P8YcUf0zxpxR/TvGXFH9N8bcUf0/xjxT/TPGvFP9O8Z8U/03xvxRHpjgqxdEpjklxbIpDMhwnw3EzHC/D8TOcIMMJM5wow4kznCTDoRlOmuFkGU6e4RQZTpnhVBlOneE0GU6b4XQZTp/hDBnOmOFMGc6c4SwZzprhbBnOnuEcGc6Z4VwZzp3hPBnOm+F8Gc6f4QIZLpjhQhkunOH7GS6a4WIZLp7hEhkumeFSGZLh0hkuk+GyGS6X4fIZrpDhihmulOHKGa6S4aoZrpbh6hmukeGaGa6V4doZrpPhuhmul+H6GW6Q4YYZbpThxhlukuGmGW6W4eYZbpHhlhluleHWGW6T4bYZbpfh9hnukOGOGe6U4c4Z7pLhrhnuluHuGe6R4Z4Z7pXh3hnuk+G+Ge6X4f4ZHpDhgRkelOHBGR6S4aEZHpbh4RkekeGRGR6V4dEZHpPhsRkel+HxGZ6Q4YkZnpThyRma4SkZnprhaRmenuEZGZ6Z4VkZnp3hORmem+GwDM/L8PwML8jwwgwvyvDiDC/J8NIML8vw8gyvyPDKDK/KcJBhkGGYYZRhnGGSYZphlmGeYZFhmWGVYZ1hk2GbYZdhn+HVGV6T4bUZXpfh9RnekOGNGd6U4c0Z3pLhrRneluHtGd6R4Z0Z3pXh3Rnek+G9Gd6X4f0ZPpDhgxkOz3BEhg9l+HCGj2T4aIaPZfh4hk9k+GSGT2X4dIbPZPhshs9l+HyGL2T4YoYvZfhyhq9k+GqGr2X4eoZvZPhmhm9l+HaG72T4bobv/e/wBxl+mOFHGX6c4ScZfprhZxl+nuEXGX6Z4VcZfp3hNxl+m+F3GX6f4Q8Z/pjhTxn+nOEvGf6a4W8Z/p7hHxn+meFfGf6d4T8Z/pvhfxmOzHBUhqMzHJPh2AyH5DhOjuPmOF6O4+c4QY4T5jhRjhPnOEmOQ3OcNMfJcpw8xylynDLHqXKcOsdpcpw2x+lynD7HGXKcMceZcpw5x1lynDXH2XKcPcc5cpwzx7lynDvHeXKcN8f5cpw/xwVyXDDHhXJcOMdFclw0x8VyXDzHJXJcMselciTHpXNcJsdlc1wux+VzXCHHFXNcKceVc1wlx1VzXC3H1XNcI8c1c1wrx7VzXCfHdXNcL8f1c9wgxw1z3CjHjXPcJMdNc9wsx81z3CLHLXPcKsetc9wmx21z3C7H7XPcIccdc9wpx51z3CXHXXPcLcfdc9wjxz1z3CvHvXPcJ8d9c9wvx/1zPCDHA3M8KMeDczwkx0NzPCzHw3M8Iscjczwqx6NzPCbHY3M8LsfjczwhxxNzPCnHk3M0x1NyPDXH03I8Pcczcjwzx7NyPDvHc3I8N8dhOZ6X4/k5XpDjhTlelOPFOV6S46U5Xpbj5TlekeOVOV6V4yDHIMcwxyjHOMckxzTHLMc8xyLHMscqxzrHJsc2xy7HPserc7wmx2tzvC7H63O8Iccbc7wpx5tzvCXHW3O8Lcfbc7wjxztzvCvHu3O8J8d7c7wvx/tzfCDHB3McnuOIHB/K8eEcH8nx0Rwfy/HxHJ/I8ckcn8rx6RyfyfHZHJ/L8fkcX8jxxRxfyvHlHF/J8dUcX8vx9RzfyPHNHN/K8e0c38nx3Rzfy/H9HD/I8cMcP8rx4xw/yfHTHD/L8fMcv8jxyxy/yvHrHL/J8dscv8vx+xx/yPHHHH/K8eccf8nx1xx/y/H3HP/I8c8c/8rx7xz/yfHfHP/LcWSOo3IcneOYHMfmOKTAcQoct8DxChy/wAkKnLDAiQqcuMBJChxa4KQFTlbg5AVOUeCUBU5V4NQFTlPgtAVOV+D0Bc5Q4IwFzlTgzAXOUuCsBc5W4OwFzlHgnAXOVeDcBc5T4LwFzlfg/AUuUOCCBS5U4MIFLlLgogUuVuDiBS5R4JIFLlUgBS5d4DIFLlvgcgUuX+AKBa5Y4EoFrlzgKgWuWuBqBa5e4BoFrlngWgWuXeA6Ba5b4HoFrl/gBgVuWOBGBW5c4CYFblrgZgVuXuAWBW5Z4FYFbl3gNgVuW+B2BW5f4A4F7ljgTgXuXOAuBe5a4G4F7l7gHgXuWeBeBe5d4D4F7lvgfgXuX+ABBR5Y4EEFHlzgIQUeWuBhBR5e4BEFHlngUQUeXeAxBR5b4HEFHl/gCQWeWOBJBZ5coAWeUuCpBZ5W4OkFnlHgmQWeVeDZBZ5T4LkFDivwvALPL/CCAi8s8KICLy7wkgIvLfCyAi8v8IoCryzwqgIHBQYFhgVGBcYFJgWmBWYF5gUWBZYFVgXWBTYFtgV2BfYFXl3gNQVeW+B1BV5f4A0F3ljgTQXeXOAtBd5a4G0F3l7gHQXeWeBdBd5d4D0F3lvgfQXeX+ADBT5Y4PACRxT4UIEPF/hIgY8W+FiBjxf4RIFPFvhUgU8X+EyBzxb4XIHPF/hCgS8W+FKBLxf4SoGvFvhaga8X+EaBbxb4VoFvF/hOge8W+F6B7xf4QYEfFvhRgR8X+EmBnxb4WYGfF/hFgV8W+FWBXxf4TYHfFvhdgd8X+EOBPxb4U4E/F/hLgb8W+FuBvxf4x//7DMW/Cvy7wH8K/LfA/wocWeCoAkcXOKbAsQUOKXGcEsctcbwSxy9xghInLHGiEicucZISh5Y4aYmTlTh5iVOUOGWJU5U4dYnTlDhtidOVOH2JM5Q4Y4kzlThzibOUOGuJs5U4e4lzlDhniXOVOHeJ85Q4b4nzlTh/iQuUuGCJC5W4cImLlLhoiYuVuHiJS5S4ZIlLlUiJS5e4TInLlrhcicuXuEKJK5a4Uokrl7hKiauWuFqJq5e4RolrlrhWiWuXuE6J65a4Xonrl7hBiRuWuFGJG5e4SYmblrhZiZuXuEWJW5a4VYlbl7hNiduWuF2J25e4Q4k7lrhTiTuXuEuJu5a4W4m7l7hHiXuWuFeJe5e4T4n7lrhfifuXeECJB5Z4UIkHl3hIiYeWeFiJh5d4RIlHlnhUiUeXeEyJx5Z4XInHl3hCiSeWeFKJJ5doiaeUeGqJp5V4eolnlHhmiWeVeHaJ55R4bonDSjyvxPNLvKDEC0u8qMSLS7ykxEtLvKzEy0u8osQrS7yqxEGJQYlhiVGJcYlJiWmJWYl5iUWJZYlViXWJTYltiV2JfYlXl3hNideWeF2J15d4Q4k3lnhTiTeXeEuJt5Z4W4m3l3hHiXeWeFeJd5d4T4n3lnhfifeX+ECJD5Y4vMQRJT5U4sMlPlLioyU+VuLjJT5R4pMlPlXi0yU+U+KzJT5X4vMlvlDiiyW+VOLLJb5S4qslvlbi6yW+UeKbJb5V4tslvlPiuyW+V+L7JX5Q4oclflTixyV+UuKnJX5W4uclflHilyV+VeLXJX5T4rclflfi9yX+UOKPJf5U4s8l/lLiryX+VuLvJf5R4p8l/lXi3yX+U+K/Jf5X4sgSR5U4usQxJY4tcUiF41Q4boXjVTh+hRNUOGGFE1U4cYWTVDi0wkkrnKzCySucosIpK5yqwqkrnKbCaSucrsLpK5yhwhkrnKnCmSucpcJZK5ytwtkrnKPCOSucq8K5K5ynwnkrnK/C+StcoMIFK1yowoUrXKTCRStcrMLFK1yiwiUrXKpCKly6wmUqXLbC5SpcvsIVKlyxwpUqXLnCVSpctcLVKly9wjUqXLPCtSpcu8J1Kly3wvUqXL/CDSrcsMKNKty4wk0q3LTCzSrcvMItKtyywq0q3LrCbSrctsLtKty+wh0q3LHCnSrcucJdKty1wt0q3L3CPSrcs8K9Kty7wn0q3LfC/Srcv8IDKjywwoMqPLjCQyo8tMLDKjy8wiMqPLLCoyo8usJjKjy2wuMqPL7CEyo8scKTKjy5Qis8pcJTKzytwtMrPKPCMys8q8KzKzynwnMrHFbheRWeX+EFFV5Y4UUVXlzhJRVeWuFlFV5e4RUVXlnhVRUOKgwqDCuMKowrTCpMK8wqzCssKiwrrCqsK2wqbCvsKuwrvLrCayq8tsLrKry+whsqvLHCmyq8ucJbKry1wtsqvL3COyq8s8K7Kry7wnsqvLfC+yq8v8IHKnywwuEVjqjwoQofrvCRCh+t8LEKH6/wiQqfrPCpCp+u8JkKn63wuQqfr/CFCl+s8KUKX67wlQpfrfC1Cl+v8I0K36zwrQrfrvCdCt+t8L0K36/wgwo/rPCjCj+u8JMKP63wswo/r/CLCr+s8KsKv67wmwq/rfC7Cr+v8IcKf6zwpwp/rvCXCn+t8LcKf6/wjwr/rPCvCv+u8J8K/63wvwpHVjiqwtEVjqlwbIVDahynxnFrHK/G8WucoMYJa5yoxolrnKTGoTVOWuNkNU5e4xQ1TlnjVDVOXeM0NU5b43Q1Tl/jDDXOWONMNc5c4yw1zlrjbDXOXuMcNc5Z41w1zl3jPDXOW+N8Nc5f4wI1LljjQjUuXOMiNS5a42I1Ll7jEjUuWeNSNVLj0jUuU+OyNS5X4/I1rlDjijWuVOPKNa5S46o1rlbj6jWuUeOaNa5V49o1rlPjujWuV+P6NW5Q44Y1blTjxjVuUuOmNW5W4+Y1blHjljVuVePWNW5T47Y1blfj9jXuUOOONe5U48417lLjrjXuVuPuNe5R45417lXj3jXuU+O+Ne5X4/41HlDjgTUeVOPBNR5S46E1Hlbj4TUeUeORNR5V49E1HlPjsTUeV+PxNZ5Q44k1nlTjyTVa4yk1nlrjaTWeXuMZNZ5Z41k1nl3jOTWeW+OwGs+r8fwaL6jxwhovqvHiGi+p8dIaL6vx8hqvqPHKGq+qcVBjUGNYY1RjXGNSY1pjVmNeY1FjWWNVY11jU2NbY1djX+PVNV5T47U1Xlfj9TXeUOONNd5U48013lLjrTXeVuPtNd5R45013lXj3TXeU+O9Nd5X4/01PlDjgzUOr3FEjQ/V+HCNj9T4aI2P1fh4jU/U+GSNT9X4dI3P1Phsjc/V+HyNL9T4Yo0v1fhyja/U+GqNr9X4eo1v1PhmjW/V+HaN79T4bo3v1fh+jR/U+GGNH9X4cY2f1PhpjZ/V+HmNX9T4ZY1f1fh1jd/U+G2N39X4fY0/1PhjjT/V+HONv9T4a42/1fh7jX/U+GeNf9X4d43/1Phvjf/VOLLGUTWOrnFMjWNrHNLgOA2O2+B4DY7f4AQNTtjgRA1O3OAkDQ5tcNIGJ2tw8ganaHDKBqdqcOoGp2lw2gana3D6BmdocMYGZ2pw5gZnaXDWBmdrcPYG52hwzgbnanDuBudpcN4G52tw/gYXaHDBBhdqcOEGF2lw0QYXa3DxBpdocMkGl2qQBpducJkGl21wuQaXb3CFBldscKUGV25wlQZXbXC1BldvcI0G12xwrQbXbnCdBtdtcL0G129wgwY3bHCjBjducJMGN21wswY3b3CLBrdscKsGt25wmwa3bXC7BrdvcIcGd2xwpwZ3bnCXBndtcLcGd29wjwb3bHCvBvducJ8G921wvwb3b/CABg9s8KAGD27wkAYPbfCwBg9v8IgGj2zwqAaPbvCYBo9t8LgGj2/whAZPbPCkBk9u0AZPafDUBk9r8PQGz2jwzAbPavDsBs9p8NwGhzV4XoPnN3hBgxc2eFGDFzd4SYOXNnhZg5c3eEWDVzZ4VYODBoMGwwajBuMGkwbTBrMG8waLBssGqwbrBpsG2wa7BvsGr27wmgavbfC6Bq9v8IYGb2zwpgZvbvCWBm9t8LYGb2/wjgbvbPCuBu9u8J4G723wvgbvb/CBBh9scHiDIxp8qMGHG3ykwUcbfKzBxxt8osEnG3yqwacbfKbBZxt8rsHnG3yhwRcbfKnBlxt8pcFXG3ytwdcbfKPBNxt8q8G3G3ynwXcbfK/B9xv8oMEPG/yowY8b/KTBTxv8rMHPG/yiwS8b/KrBrxv8psFvG/yuwe8b/KHBHxv8qcGfG/ylwV8b/K3B3xv8o8E/G/yrwb8b/KfBfxv8r8GRDY5qcHSDYxoc2+CQFsdpcdwWx2tx/BYnaHHCFidqceIWJ2lxaIuTtjhZi5O3OEWLU7Y4VYtTtzhNi9O2OF2L07c4Q4sztjhTizO3OEuLs7Y4W4uztzhHi3O2OFeLc7c4T4vztjhfi/O3uECLC7a4UIsLt7hIi4u2uFiLi7e4RItLtrhUi7S4dIvLtLhsi8u1uHyLK7S4Yosrtbhyi6u0uGqLq7W4eotrtLhmi2u1uHaL67S4bovrtbh+ixu0uGGLG7W4cYubtLhpi5u1uHmLW7S4ZYtbtbh1i9u0uG2L27W4fYs7tLhjizu1uHOLu7S4a4u7tbh7i3u0uGeLe7W4d4v7tLhvi/u1uH+LB7R4YIsHtXhwi4e0eGiLh7V4eItHtHhki0e1eHSLx7R4bIvHtXh8iye0eGKLJ7V4cou2eEqLp7Z4Wount3hGi2e2eFaLZ7d4TovntjisxfNaPL/FC1q8sMWLWry4xUtavLTFy1q8vMUrWryyxataHLQYtBi2GLUYt5i0mLaYtZi3WLRYtli1WLfYtNi22LXYt3h1i9e0eG2L17V4fYs3tHhjize1eHOLt7R4a4u3tXh7i3e0eGeLd7V4d4v3tHhvi/e1eH+LD7T4YIvDWxzR4kMtPtziIy0+2uJjLT7e4hMtPtniUy0+3eIzLT7b4nMtPt/iCy2+2OJLLb7c4istvtriay2+3uIbLb7Z4lstvt3iOy2+2+J7Lb7f4gctftjiRy1+3OInLX7a4mctft7iFy1+2eJXLX7d4jctftvidy1+3+IPLf7Y4k8t/tziLy3+2uJvLf7e4h8t/tniXy3+3eI/Lf7b4n8tjmxxVIujWxzT4tgWh3Q4Tofjdjheh+N3OEGHE3Y4UYcTdzhJh0M7nLTDyTqcvMMpOpyyw6k6nLrDaTqctsPpOpy+wxk6nLHDmTqcucNZOpy1w9k6nL3DOTqcs8O5Opy7w3k6nLfD+Tqcv8MFOlyww4U6XLjDRTpctMPFOly8wyU6XLLDpTqkw6U7XKbDZTtcrsPlO1yhwxU7XKnDlTtcpcNVO1ytw9U7XKPDNTtcq8O1O1ynw3U7XK/D9TvcoMMNO9yow4073KTDTTvcrMPNO9yiwy073KrDrTvcpsNtO9yuw+073KHDHTvcqcOdO9ylw1073K3D3Tvco8M9O9yrw7073KfDfTvcr8P9OzygwwM7PKjDgzs8pMNDOzysw8M7PKLDIzs8qsOjOzymw2M7PK7D4zs8ocMTOzypw5M7tMNTOjy1w9M6PL3DMzo8s8OzOjy7w3M6PLfDYR2e1+H5HV7Q4YUdXtThxR1e0uGlHV7W4eUdXtHhlR1e1eGgw6DDsMOow7jDpMO0w6zDvMOiw7LDqsO6w6bDtsOuw77Dqzu8psNrO7yuw+s7vKHDGzu8qcObO7ylw1s7vK3D2zu8o8M7O7yrw7s7vKfDezu8r8P7O3ygwwc7HN7hiA4f6vDhDh/p8NEOH+vw8Q6f6PDJDp/q8OkOn+nw2Q6f6/D5Dl/o8MUOX+rw5Q5f6fDVDl/r8PUO3+jwzQ7f6vDtDt/p8N0O3+vw/Q4/6PDDDj/q8OMOP+nw0w4/6/DzDr/o8MsOv+rw6w6/6fDbDr/r8PsOf+jwxw5/6vDnDn/p8NcOf+vw9w7/6PDPDv8aNsS/O/ynw387/K/DkR2O6nB0h2M6HNvhkB7H6XHcHsfrcfweJ+hxwh4n6nHiHifpcWiPk/Y4WY+T9zhFj1P2OFWPU/c4TY/T9jhdj9P3OEOPM/Y4U48z9zhLj7P2OFuPs/c4R49z9jhXj3P3OE+P8/Y4X4/z97hAjwv2uFCPC/e4SI+L9rhYj4v3uESPS/a4VI/0uHSPy/S4bI/L9bh8jyv0uGKPK/W4co+r9Lhqj6v1uHqPa/S4Zo9r9bh2j+v0uG6P6/W4fo8b9Lhhjxv1uHGPm/S4aY+b9bh5j1v0uGWPW/W4dY/b9Lhtj9v1uH2PO/S4Y4879bhzj7v0uGuPu/W4e4979Lhnj3v1uHeP+/S4b4/79bh/jwf0eGCPB/V4cI+H9Hhoj4f1eHiPR/R4ZI9H9Xh0j8f0eGyPx/V4fI8n9Hhijyf1eHKP9nhKj6f2eFqPp/d4Ro9n9nhWj2f3eE6P5/Y4rMfzejy/xwt6vLDHi3q8uMdLery0x8t6vLzHK3q8sserehz0GPQY9hj1GPeY9Jj2mPWY91j0WPZY9Vj32PTY9tj12Pd4dY/X9Hhtj9f1eH2PN/R4Y4839Xhzj7f0eGuPt/V4e4939Hhnj3f1eHeP9/R4b4/39Xh/jw/0+GCPw3sc0eP/kVyOTXwfjBZMmSa1bbtb27Zt295aqW3j/7NRt1Ft27btO8/c8w3OzuyLHTnAUQMcPcAxAxw7wIcG+PAAHxngowN8bICPD/CJAT45wKcG+PQAnxngswN8boDPD/CFAb44wJcG+PIAXxngqwN8bYCvD/CNAb45wLcG+PYA3xnguwN8b4DvD/CDAX44wI8G+PEAPxngpwP8bICfD/CLAX45wK8G+PUAvxngtwP8boDfD/CHAf44wJ8G+PMAfxngrwP8bYC/D/CPAf45wL8G+PcA/xngvwP8b4BDAhwnwHEDHC/A8QOcIMAJAxwa4EQBDgtweIATBzhJgJMGOFmAkwc4RYBTBjhVgFMHOE2A0wY4XYDTBzhDgDMGOFOAMwc4S4CzBjhbgLMHOEeAcwY4V4BzBzhPgPMGOF+A8we4QIALBrhQgAsHuEiAiwa4WICLB7hEgAS4ZIBLBbh0gMsEuGyAywW4fIArBLhigCsFuHKAqwS4aoCrBbh6gGsEuGaAawW4doDrBLhugOsFuH6AGwS4YYAbBbhxgJsEuGmAmwW4eYBbBLhlgFsFuHWA2wS4bYDbBbh9gDsEuGOAOwW4c4C7BLhrgLsFuHuAewS4Z4B7Bbh3gPsEuG+A+wW4f4AHBHhggAcFeHCAhwR4aICHBXh4gEcEeGSARwV4dIDHBHhsgMcFeHyAJwR4YoAGeFKAJwd4SoCnBnhagKcHeEaAZwZ4VoBnB3hOgCMCPDfA8wI8P8ALArwwwIsCvDjASwK8NMDLArw8wCsCvDLAqwK8OsBrArw2wOsCvD7AGwK8McCbArw5wFsCvDXA2wK8PcA7AhwEGAQYBhgFGAeYBJgGmAWYB1gEWAZYBVgH2ATYBtgF2Ad4Z4B3BXh3gPcEeG+A9wV4f4APBPhggCMDHBXg6ADHBDg2wIcCfDjARwJ8NMDHAnw8wCcCfDLApwJ8OsBnAnw2wOcCfD7AFwJ8McCXAnw5wFcCfDXA1wJ8PcA3AnwzwLcCfDvAdwJ8N8D3Anw/wA8C/DDAjwL8OMBPAvw0wM8C/DzALwL8MsCvAvw6wG8C/DbA7wL8PsAfAvwxwJ8C/DnAXwL8NcDfAvw9wD8C/DPAvwL8O8B/Avw3wP+C8RwS4jghjhvieCGOH+IEIU4Y4tAQJwpxWIjDQ5w4xElCnDTEyUKcPMQpQpwyxKlCnDrEaUKcNsTpQpw+xBlCnDHEmUKcOcRZQpw1xNlCnD3EOUKcM8S5Qpw7xHlCnDfE+UKcP8QFQlwwxIVCXDjERUJcNMTFQlw8xCVCJMQlQ1wqxKVDXCbEZUNcLsTlQ1whxBVDXCnElUNcJcRVQ1wtxNVDXCPENUNcK8S1Q1wnxHVDXC/E9UPcIMQNQ9woxI1D3CTETUPcLMTNQ9wixC1D3CrErUPcJsRtQ9wuxO1D3CHEHUPcKcSdQ9wlxF1D3C3E3UPcI8Q9Q9wrxL1D3CfEfUPcL8T9QzwgxANDPCjEg0M8JMRDQzwsxMNDPCLEI0M8KsSjQzwmxGNDPC7E40M8IcQTQzTEk0I8OcRTQjw1xNNCPD3EM0I8M8SzQjw7xHNCHBHiuSGeF+L5IV4Q4oUhXhTixSFeEuKlIV4W4uUhXhHilSFeFeLVIV4T4rUhXhfi9SHeEOKNId4U4s0h3hLirSHeFuLtId4R4iDEIMQwxCjEOMQkxDTELMQ8xCLEMsQqxDrEJsQ2xC7EPsQ7Q7wrxLtDvCfEe0O8L8T7Q3wgxAdDHBniqBBHhzgmxLEhPhTiwyE+EuKjIT4W4uMhPhHikyE+FeLTIT4T4rMhPhfi8yG+EOKLIb4U4sshvhLiqyG+FuLrIb4R4pshvhXi2yG+E+K7Ib4X4vshfhDihyF+FOLHIX4S4qchfhbi5yF+EeKXIX4V4tchfhPityF+F+L3If4Q4o8h/hTizyH+EuKvIf4W4u8h/hHinyH+FeLfIf4T4r8h/hfikAjHiXDcCMeLcPwIJ4hwwgiHRjhRhMMiHB7hxBFOEuGkEU4W4eQRThHhlBFOFeHUEU4T4bQRThfh9BHOEOGMEc4U4cwRzhLhrBHOFuHsEc4R4ZwRzhXh3BHOE+G8Ec4X4fwRLhDhghEuFOHCES4S4aIRLhbh4hEuESERLhnhUhEuHeEyES4b4XIRLh/hChGuGOFKEa4c4SoRrhrhahGuHuEaEa4Z4VoRrh3hOhGuG+F6Ea4f4QYRbhjhRhFuHOEmEW4a4WYRbh7hFhFuGeFWEW4d4TYRbhvhdhFuH+EOEe4Y4U4R7hzhLhHuGuFuEe4e4R4R7hnhXhHuHeE+Ee4b4X4R7h/hAREeGOFBER4c4SERHhrhYREeHuERER4Z4VERHh3hMREeG+FxER4f4QkRnhihEZ4U4ckRnhLhqRGeFuHpEZ4R4ZkRnhXh2RGeE+GICM+N8LwIz4/wgggvjPCiCC+O8JIIL43wsggvj/CKCK+M8KoIr47wmgivjfC6CK+P8IYIb4zwpghvjvCWCG+N8LYIb4/wjggHEQYRhhFGEcYRJhGmEWYR5hEWEZYRVhHWETYRthF2EfYR3hnhXRHeHeE9Ed4b4X0R3h/hAxE+GOHICEdFODrCMRGOjfChCB+O8JEIH43wsQgfj/CJCJ+M8KkIn47wmQifjfC5CJ+P8IUIX4zwpQhfjvCVCF+N8LUIX4/wjQjfjPCtCN+O8J0I343wvQjfj/CDCD+M8KMIP47wkwg/jfCzCD+P8IsIv4zwqwi/jvCbCL+N8LsIv4/whwh/jPCnCH+O8JcIf43wtwh/j/CPCP+M8K8I/47wnwj/jfC/CIfEOE6M48Y4XozjxzhBjBPGODTGiWIcFuPwGCeOcZIYJ41xshgnj3GKGKeMcaoYp45xmhinjXG6GKePcYYYZ4xxphhnjnGWGGeNcbYYZ49xjhjnjHGuGOeOcZ4Y541xvhjnj3GBGBeMcaEYF45xkRgXjXGxGBePcYkYiXHJGJeKcekYl4lx2RiXi3H5GFeIccUYV4px5RhXiXHVGFeLcfUY14hxzRjXinHtGNeJcd0Y14tx/Rg3iHHDGDeKceMYNxl3yJD/cdssxs1j3CLGLWPcKsatY9wmxm1j3C7G7WPcIcYdY9wpxp1j3CXGXWPcLcbdY9wjxj1j3CvGvWPcJ8Z9Y9wvxv1jPCDGA2M8KMaDYzwkxkNjPCzGw2M8IsYjYzwqxqNjPCbGY2M8LsbjYzwhxhNjNMaTYjw5xlNiPDXG02I8PcYzYjwzxrNiPDvGc2IcEeO5MZ4X4/kxXhDjhTFeFOPFMV4S46UxXhbj5TFeEeOVMV4V49UxXhPjtTFeF+P1Md4Q440x3hTjzTHeEuOtMd4W4+0x3hHjIMYgxjDGKMY4xiTGNMYsxjzGIsYyxirGOsYmxjbGLsY+xjtjvCvGu2O8J8Z7Y7wvxvtjfCDGB2McGeOoGEfHOCbGsTE+FOPDMT4S46MxPhbj4zE+EeOTMT4V49MxPhPjszE+F+PzMb4Q44sxvhTjyzG+EuOrMb4W4+sxvhHjmzG+FePbMb4T47sxvhfj+zF+EOOHMX4U48cxfhLjpzF+FuPnMX4R45cxfhXj1zF+E+O3MX4X4/cx/hDjjzH+FOPPMf4S468x/hbj7zH+EeOfMf4V498x/hPjvzH+F+OQBMdJcNwEx0tw/AQnSHDCBIcmOFGCwxIcnuDECU6S4KQJTpbg5AlOkeCUCU6V4NQJTpPgtAlOl+D0Cc6Q4IwJzpTgzAnOkuCsCc6W4OwJzpHgnAnOleDcCc6T4LwJzpfg/AkukOCCCS6U4MIJLpLgogkuluDiCS6RIAkumeBSCS6d4DIJLpvgcgkun+AKCa6Y4EoJrpzgKgmumuBqCa6e4BoJrpngWgmuneA6Ca6b4HoJrp/gBglumOBGCW6c4CYJbprgZglunuAWCW6Z4FYJbp3gNglum+B2CW6f4A4J7pjgTgnunOAuCe6a4G4J7p7gHgnumeBeCe6d4D4J7pvgfgnun+ABCR6Y4EEJHpzgIQkemuBhCR6e4BEJHpngUQkeneAxCR6b4HEJHp/gCQmemKAJnpTgySOGe0qCpyZ4WoKnJ3hGgmcmeFaCZyd4ToIjEjw3wfMSPD/BCxK8MMGLErw4wUsSvDTByxK8PMErErwywasSvDrBaxK8NsHrErw+wRsSvDHBmxK8OcFbErw1wdsSvD3BOxIcJBgkGCYYJRgnmCSYJpglmCdYJFgmWCVYJ9gk2CbYJdgneGeCdyV4d4L3JHhvgvcleH+CDyT4YIIjExyV4OgExyQ4NsGHEnw4wUcSfDTBxxJ8PMEnEnwywacSfDrBZxJ8NsHnEnw+wRcSfDHBlxJ8OcFXEnw1wdcSfD3BNxJ8M8G3Enw7wXcSfDfB9xJ8P8EPEvwwwY8S/DjBTxL8NMHPEvw8wS8S/DLBrxL8OsFvEvw2we8S/D7BHxL8McGfEvw5wV8S/DXB3xL8PcE/Evwzwb8S/DvBfxL8N8H/EhyS4jgpjpvieCmOn+IEKU6Y4tAUJ0pxWIrDU5w4xUlSnDTFyVKcPMUpUpwyxalSnDrFaVKcNsXpUpw+xRlSnDHFmVKcOcVZUpw1xdlSnD3FOVKcM8W5Upw7xXlSnDfF+VKcP8UFUlwwxYVSXDjFRVJcNMXFUlw8xSVSJMUlU1wqxaVTXCbFZVNcLsXlU1whxRVTXCnFlVNcJcVVU1wtxdVTXCPFNVNcK8W1U1wnxXVTXC/F9VPcIMUNU9woxY1T3CTFTVPcLMXNU9wixS1T3CrFrVPcJsVtU9wuxe1T3CHFHVPcKcWdU9wlxV1T3C3F3VPcI8U9U9wrxb1T3CfFfVPcL8X9UzwgxQNTPCjFg1M8JMVDUzwsxcNTPCLFI1M8KsWjUzwmxWNTPC7F41M8IcUTUzTFk1I8OcVTUjw1xdNSPD3FM1I8M8WzUjw7xXNSHJHiuSmel+L5KV6Q4oUpXpTixSlekuKlKV6W4uUpXpHilSleleLVKV6T4rUpXpfi9SnekOKNKd6U4s0p3pLirSneluLtKd6R4iDFIMUwxSjFOMUkxTTFLMU8xSLFMsUqxTrFJsU2xS7FPsU7U7wrxbtTvCfFe1O8L8X7U3wgxQdTHJniqBRHpzgmxbEpPpTiwyk+kuKjKT6W4uMpPpHikyk+leLTKT6T4rMpPpfi8ym+kOKLKb6U4sspvpLiqym+luLrKb6R4pspvpXi2ym+k+K7Kb6X4vspfpDihyl+lOLHKX6S4qcpfpbi5yl+keKXKX6V4tcpfpPityl+l+L3Kf6Q4o8p/pTizyn+kuKvKf6W4u8p/pHinyn+leLfKf6T4r8p/pfikAzHyXDcDMfLcPwMJ8hwwgyHZjhRhsMyHJ7hxBlOkuGkGU6W4eQZTpHhlBlOleHUGU6T4bQZTpfh9BnOkOGMGc6U4cwZzpLhrBnOluHsGc6R4ZwZzpXh3BnOk+G8Gc6X4fwZLpDhghkulOHCGS6S4aIZLpbh4hkukSEZLpnhUhkuneEyGS6b4XIZLp/hChmumOFKGa6c4SoZrprhahmunuEaGa6Z4VoZrp3hOhmum+F6Ga6f4QYZbpjhRhlunOEmGW6a4WYZbp7hFhlumeFWGW6d4TYZbpvhdhlun+EOGe6Y4U4Z7pzhLhnumuFuGe6e4R4Z7pnhXhnuneE+2f8CA/fLcP8MD8jwwAwPyvDgDA/J8NAMD8vw8AyPyPDIDI/K8OgMj8nw2AyPy/D4DE/I8MQMzfCkDE/O8JQMT83wtAxPz/CMDM/M8KwMz87wnAxHZHhuhudleH6GF2R4YYYXZXhxhpdkeGmGl2V4eYZXZHhlhldleHWG12R4bYbXZXh9hjdkeGOGN2V4c4a3ZHhrhrdleHuGd2Q4yDDIMMwwyjDOMMkwzTDLMM+wyLDMsMqwzrDJsM2wy7DP8M4M78rw7gzvyfDeDO/L8P4MH8jwwQxHZjgqw9EZjslwbIYPZfhwho9k+GiGj2X4eIZPZPhkhk9l+HSGz2T4bIbPZfh8hi9k+GKGL2X4coavZPhqhq9l+HqGb2T4ZoZvZfh2hu9k+G6G72X4foYfZPhhhh9l+HGGn2T4aYafZfh5hl9k+GWGX2X4dYbfZPhtht9l+H2GP2T4Y4Y/Zfhzhr9k+GuGv2X4e4Z/ZPhnhn9l+HeG/2T4b4b/ZTgkx3FyHDfH8XIcP8cJcpwwx6E5TpTjsByH5zhxjpPkOGmOk+U4eY5T5DhljlPlOHWO0+Q4bY7T5Th9jjPkOGOOM+U4c46z5DhrjrPlOHuOc+Q4Z45z5Th3jvPkOG+O8+U4f44L5LhgjgvluHCOi+S4aI6L5bh4jkvkSI5L5rhUjkvnuEyOy+a4XI7L57hCjivmuFKOK+e4So6r5rhajqvnuEaOa+a4Vo5r57hOjuvmuF6O6+e4QY4b5rhRjhvnuEmOm+a4WY6b57hFjlvmuFWOW+e4TY7b5rhdjtvnuEOOO+a4U44757hLjrvmuFuOu+e4R4575rhXjnvnuE+O++a4X47753hAjgfmeFCOB+d4SI6H5nhYjofneESOR+Z4VI5H53hMjsfmeFyOx+d4Qo4n5miOJ+V4co6n5HhqjqfleHqOZ+R4Zo5n5Xh2jufkOCLHc3M8L8fzc7wgxwtzvCjHi3O8JMdLc7wsx8tzvCLHK3O8Kserc7wmx2tzvC7H63O8Iccbc7wpx5tzvCXHW3O8Lcfbc7wjx0GOQY5hjlGOcY5JjmmOWY55jkWOZY5VjnWOTY5tjl2OfY535nhXjnfneE+O9+Z4X4735/hAjg/mODLHUTmOznFMjmNzfCjHh3N8JMdHc3wsx8dzfCLHJ3N8Ksenc3wmx2dzfC7H53N8IccXc3wpx5dzfCXHV3N8LcfXc3wjxzdzfCvHt3N8J8d3c3wvx/dz/CDHD3P8KMePc/wkx09z/CzHz3P8Iscvc/wqx69z/CbHb3P8Lsfvc/whxx9z/CnHn3P8Jcdfc/wtx99z/CPHP3P8K8e/c/wnx39z/C/HIQWOU+C4BY5X4PgFTlDghAUOLXCiAocVOLzAiQucpMBJC5yswMkLnKLAKQucqsCpC5ymwGkLnK7A6QucocAZC5ypwJkLnKXAWQucrcDZC5yjwDkLnKvAuQucp8B5C5yvwPkLXKDABQtcqMCFC1ykwEULXKzAxQtcokAKXLLApQpcusBlCly2wOUKXL7AFQpcscCVCly5wFUKXLXA1QpcvcA1ClyzwLUKXLvAdQpct8D1Cly/wA0K3LDAjQrcuMBNCty0wM0K3LzALQrcssCtCty6wG0K3LbA7QrcvsAdCtyxwJ0K3LnAXQrctcDdCty9wD0K3LPAvQrcu8B9Cty3wP0K3L/AAwo8sMCDCjy4wEMKPLTAwwo8vMAjCjyywKMKPLrAYwo8tsDjCjy+wBMKPLFACzypwJMLPKXAUws8rcDTCzyjwDMLPKvAsws8p8ARBZ5b4HkFnl/gBQVeWOBFBV5c4CUFXlrgZQVeXuAVBV5Z4FUFXl3gNQVeW+B1BV5f4A0F3ljgTQXeXOAtBd5a4G0F3l7gHQUOCgwKDAuMCowLTApMC8wKzAssCiwLhg4ZMsS6wKbAtsCuwL7AOwu8q8C7C7ynwHsLvK/A+wt8oMAHCxxZ4KgCRxc4psCxBT5U4MMFPlLgowU+VuDjBT5R4JMFPlXg0wU+U+CzBT5X4PMFvlDgiwW+VODLBb5S4KsFvlbg6wW+UeCbBb5V4NsFvlPguwW+V+D7BX5Q4IcFflTgxwV+UuCnBX5W4OcFflHglwV+VeDXBX5T4LcFflfg9wX+UOCPBf5U4M8F/lLgrwX+VuDvBf5R4J8F/lXg3wX+U+C/Bf5X4JASxylx3BLHK3H8EicoccISh5Y4UYnDShxe4sQlTlLipCVOVuLkJU5R4pQlTlXi1CVOU+K0JU5X4vQlzlDijCXOVOLMJc5S4qwlzlbi7CXOUeKcJc5V4twlzlPivCXOV+L8JS5Q4oIlLlTiwiUuUuKiJS5W4uIlLlEiJS5Z4lIlLl3iMiUuW+JyJS5f4golrljiSiWuXOIqJa5a4molrl7iGiWuWeJaJa5d4jolrlvieiWuX+IGJW5Y4kYlblziJiVuWuJmJW5e4hYlblniViVuXeI2JW5b4nYlbl/iDiXuWOJOJe5c4i4l7lribiXuXuIeJe5Z4l4l7l3iPiXuW+J+Je5f4gElHljiQSUeXOIhJR5a4mElHl7iESUeWeJRJR5d4jElHlvicSUeX+IJJZ5YoiWeVOLJJZ5S4qklnlbi6SWeUeKZJZ5V4tklnlPiiBLPLfG8Es8v8YISLyzxohIvLvGSEi8t8bISLy/xihKvLPGqEq8u8ZoSry3xuhKvL/GGEm8s8aYSby7xlhJvLfG2Em8v8Y4SByUGJYYlRiXGJSYlpiVmJeYlFiWWJVYl1iU2JbYldiX2Jd5Z4l0l3l3iPSXeW+J9Jd5f4gMlPljiyBJHlTi6xDElji3xoRIfLvGREh8t8bESHy/xiRKfLPGpEp8u8ZkSny3xuRKfL/GFEl8s8aUSXy7xlRJfLfG1El8fNuT/V+JbJb5d4jslvlvieyW+X+IHJX5Y4kclflziJyV+WuJnJX5e4hclflniVyV+XeI3JX5b4nclfl/iDyX+WOJPJf5c4i8l/lribyX+XuIfJf5Z4l8l/l3iPyX+W+J/JQ6pcJwKx61wvArHr3CCCiescGiFE1U4rMLhFU5c4SQVTlrhZBVOXuEUFU5Z4VQVTl3hNBVOW+F0FU5f4QwVzljhTBXOXOEsFc5a4WwVzl7hHBXOWeFcFc5d4TwVzlvhfBXOX+ECFS5Y4UIVLlzhIhUuWuFiFS5e4RIVUuGSFS5V4dIVLlPhshUuV+HyFa5Q4YoVrlThyhWuUuGqFa5W4eoVrlHhmhWuVeHaFa5T4boVrlfh+hVuUOGGFW5U4cYVblLhphVuVuHmFW5R4ZYVblXh1hVuU+G2FW5X4fYV7lDhjhXuVOHOFe5S4a4V7lbh7hXuUeGeFe5V4d4V7lPhvhXuV+H+FR5Q4YEVHlThwRUeUuGhFR5W4eEVHlHhkRUeVeHRFR5T4bEVHlfh8RWeUOGJFVrhSRWeXOEpFZ5a4WkVnl7hGRWeWeFZFZ5d4TkVjqjw3ArPq/D8Ci+o8MIKL6rw4govqfDSCi+r8PIKr6jwygqvqvDqCq+p8NoKr6vw+gpvqPDGCm+q8OYKb6nw1gpvq/D2Cu+ocFBhUGFYYVRhXGFSYVphVmFeYVFhWWFVYV1hU2FbYVdhX+GdFd5V4d0V3lPhvRXeV+H9FT5Q4YMVjqxwVIWjKxxT4dgKH6rw4QofqfDRCh+r8PEKn6jwyQqfqvDpCp+p8NkKn6vw+QpfqPDFCl+q8OUKX6nw1Qpfq/D1Ct+o8M0K36rw7QrfqfDdCt+r8P0KP6jwwwo/qvDjCj+p8NMKP6vw8wq/qPDLCr+q8OsKv6nw2wq/q/D7Cn+o8McKf6rw5wp/qfDXCn+r8PcK/6jwzwr/qvDvCv+p8N8K/6twSI3j1DhujePVOH6NE9Q4YY1Da5yoxmE1Dq9x4honqXHSGiercfIap6hxyhqnqnHqGqepcdoap6tx+hpnqHHGGmeqceYaZ6lx1hpnq3H2Gueocc4a56px7hrnqXHeGuercf4aF6hxwRoXqnHhGhepcdEaF6tx8RqXqJEal6xxqRqXrnGZGpetcbkal69xhRpXrHGlGleucZUaV61xtRpXr3GNGtesca0a165xnRrXrXG9GtevcYMaN6xxoxo3rnGTGjetcbMaN69xixq3rHGrGreucZsat61xuxq3r3GHGnescacad65xlxp3rXG3GnevcY8a96xxrxr3rnGfGvetcb8a96/xgBoPrPGgGg+u8ZAaD63xsBoPr/GIGo+s8agaj67xmBqPrfG4Go+v8YQaT6zRGk+q8eQaT6nx1BpPq/H0Gs+o8cwaz6rx7BrPqXFEjefWeF6N59d4QY0X1nhRjRfXeEmNl9Z4WY2X13hFjVfWeFWNV9d4TY3X1nhdjdfXeEONN9Z4U40313hLjbfWeFuNt9d4R42DGoMawxqjGuMakxrTGrMa8xqLGssaqxrrGpsa2xq7Gvsa76zxrhrvrvGeGu+t8b4a76/xgRofrHFkjaNqHF3jmBrH1vhQjQ/X+EiNj9b4WI2P1/hEjU/W+FSNT9f4TI3P1vhcjc/X+EKNL9b4Uo0v1/hKja/W+FqNr9f4Ro1v1vhWjW/X+E6N79b4Xo3v1/hBjR/W+FGNH9f4SY2f1vhZjZ/X+EWNX9b4VY1f1/hNjd/W+F2N39f4Q40/1vhTjT/X+EuNv9b4W42/1/hHjX/W+FeNf9f4T43/1vhfjUMaHKfBcRscr8HxG5ygwQkbHNrgRA0Oa3B4gxM3OEmDkzY4WYOTNzhFg1M2OFWDUzc4TYPTNjhdg9M3OEODMzY4U4MzNzhLg7M2OFuDszc4R4NzNjhXg3M3OE+D8zY4X4PzN7hAgws2uFCDCze4SIOLNrhYg4s3uESDNLhkg0s1uHSDyzS4bIPLNbh8gys0uGKDKzW4coOrNLhqg6s1uHqDazS4ZoNrNbh2g+s0uG6D6zW4foMbNLhhgxs1uHGDmzS4aYObNbh5g1s0uGWDWzW4dYPbNLhtg9s1uH2DOzS4Y4M7Nbhzg7s0uGuDuzW4e4N7NLhng3s1uHeD+zS4b4P7Nbh/gwc0eGCDBzV4cIOHNHhog4c1eHiDRzR4ZINHNXh0g8c0eGyDxzV4fIMnNHhigzZ4UoMnN3hKg6c2eFqDpzd4RoNnNnhWg2c3eE6DIxo8t8HzGjy/wQsavLDBixq8uMFLGry0wcsavLzBKxq8ssGrGry6wWsavLbB6xq8vsEbGryxwZsavLnBWxq8tcHbGry9wTsaHDQYNBg2GDUYN5g0mDaYNZg3WDRYNlg1WDfYNNg22DXYN3hng3c1eHeD9zR4b4P3NXh/gw80+GCDIxsc1eDoBsc0OLbBhxp8uMFHGny0wccafLzBJxp8ssGnGny6wWcafLbB5xp8vsEXGnyxwZcafLnBVxp8tcHXGny9wTcafLPBtxp8u8F3Gny3wfcafL/BDxr8sMGPGvy4wU8a/LTBzxr8vMEvGvyywa8a/LrBbxr8tsHvGvy+wR8a/LHBnxr8ucFfGvy1wd8a/L3BPxr8s8G/Gvy7wX8a/LfB/xoc0uI4LY7b4ngtjt/iBC1O2OLQFidqcViLw1ucuMVJWpy0xclanLzFKVqcssWpWpy6xWlanLbF6VqcvsUZWpyxxZlanLnFWVqctcXZWpy9xTlanLPFuVqcu8V5Wpy3xflanL/FBVpcsMWFWly4xUVaXLTFxVpcvMUlWqTFJVtcqsWlW1ymxWVbXK7F5VtcocUVW1ypxZVbXKXFVVtcrcXVW1yjxTVbXKvFtVtcp8V1W1yvxfVb3KDFDVvcqMWNW9ykxU1b3KzFzVvcosUtW9yqxa1b3KbFbVvcrsXtW9yhxR1b3KnFnVvcpcVdW9ytxd1b3KPFPVvcq8W9W9ynxX1b3K/F/Vs8oMUDWzyoxYNbPKTFQ1s8rMXDWzyixSNbPKrFo1s8psVjWzyuxeNbPKHFE1u0xZNaPLnFU1o8tcXTWjy9xTNaPLPFs1o8u8VzWhzR4rktntfi+S1e0OKFLV7U4sUtXtLipS1e1uLlLV7R4pUtXtXi1S1e0+K1LV7X4vUt3tDijS3e1OLNLd7S4q0t3tbi7S3e0eKgxaDFsMWoxbjFpMW0xazFvMWixbLFqsW6xabFtsWuxb7FO1u8q8W7W7ynxXtbvK/F+1t8oMUHWxzZ4qgWR7c4psWxLT7U4sMtPtLioy0+1uLjLT7R4pMtPtX+vy/PtPhsi8+1+HyLL7T4Yosvtfhyi6+0+GqLr7X4eotvtPhmi2+1+HaL77T4bovvtfh+ix+0+GGLH7X4cYuftPhpi5+1+HmLX7T4ZYtftfh1i9+0+G2L37X4fYs/tPhjiz+1+HOLv7T4a4u/tfh7i3+0+GeLf7X4d4v/tPhvi//970+H43Q4bofjdTh+hxN0OGGHQzucqMNhHQ7vcOIOJ+lw0g4n63DyDqfocMoOp+pw6g6n6XDaDqfrcPoOZ+hwxg5n6nDmDmfpcNYOZ+tw9g7n6HDODufqcO4O5+lw3g7n63D+DhfocMEOF+pw4Q4X6XDRDhfrcPEOl+iQDpfscKkOl+5wmQ6X7XC5DpfvcIUOV+xwpQ5X7nCVDlftcLUOV+9wjQ7X7HCtDtfucJ0O1+1wvQ7X73CDDjfscKMON+5wkw437XCzDjfvcIsOt+xwqw637nCbDrftcLsOt+9whw537HCnDnfucJcOd+1wtw5373CPDvfscK8O9+5wnw737XC/Dvfv8IAOD+zwoA4P7vCQDg/t8LAOD+/wiA6P7PCoDo/u8JgOj+3wuA6P7/CEDk/s0A5P6vDkDk/p8NQOT+vw9A7P6PDMDs/q8OwOz+lwRIfndnheh+d3eEGHF3Z4UYcXd3hJh5d2eFmHl3d4RYdXdnhVh1d3eE2H13Z4XYfXd3hDhzd2eFOHN3d4S4e3dnhbh7d3eEeHgw6DDsMOow7jDpMO0w6zDvMOiw7LDqsO6w6bDtsOuw77Du/s8K4O7+7wng7v7fC+Du/v8IEOH+xwZIejOhzd4ZgOx3b4UIcPd/hIh492+FiHj3f4RIdPdvhUh093+EyHz3b4XIfPd/hChy92+FKHL3f4Soevdvhah693+EaHb3b4Vodvd/hOh+92+F6H73f4QYcfdvhRhx93+EmHn3b4WYefd/hFh192+FWHX3f4TYffdvhdh993+EOHP3b4U4c/d/hLh792+FuHv3f4R4d/dvhXh393+E+H/3b4X4dDehynx3F7HK/H8XucoMcJexza40Q9DutxeI8T9zhJj5P2OFmPk/c4RY9T9jhVj1P3OE2P0/Y4XY/T9zhDjzP2OFOPM/c4S4+z9jhbj7P3OEePc/Y4V49z9zhPj/P2OF+P8/e4QI8L9rhQjwv3uEiPi/a4WI+L97hEj/S4ZI9L9bh0j8v0uGyPy/W4fI8r9Lhijyv1uHKPq/S4ao+r9bh6j2v0uGaPa/W4do/r9Lhuj+v1uH6PG/S4YY8b9bhxj5v0uGmPm/W4eY9b9Lhlj1v1uHWP2/S4bY/b9bh9jzv0uGOPO/W4c4+79Lhrj7v1uHuPe/S4Z4979bh3j/v0uG+P+/W4f48H9Hhgjwf1eHCPh/R4aI+H9Xh4j0f0eGSPR/V4dI/H9Hhsj8f1eHyPJ/R4Yo/2eFKPJ/d4So+n9nhaj6f3eEaPZ/Z4Vo9n93hOjyN6PLfH83o8v8cLerywx4t6vLjHS3q8tMfLery8xyt6vLLHq3q8usdrery2x+t6vL7HG3q8scebery5x1t6vLXH23q8vcc7ehz0GPQY9hj1GPeY9Jj2mPWY91j0WPZY9Vj32PTY9tj12Pd4Z4939Xh3j/f0eG+P9/V4f48P9PhgjyN7HNXj6B7H9Di25/9YtOc2vgtAgeJbtWrZtl0n27Zt2z7Ztm17v6+NbBvLNlat7T73ufe8h/Pfx26A/QCfHOBTA3x6gM8M8NkBPjfA5wf4wgBfHOBLA3x5gK8M8NUBvjbA1wf4xgDfHOBbA3x7gO8M8N0BvjfA9wf4wQA/HOBHA/x4gJ8McOQAPx3gZwP8fIBfDPDLAX41wK8H+M0Avx3gdwP8foA/DPDHAf40wJ8H+MsAfx3gbwP8fYB/DPDPAf41wFED/HuA/wzw3wGOHuB/AxwzwLEDHBLg0ADHCXDcAMcLcFiA4wc4QYATBjg8wIkCnDjASQKcNMDJApw8wCkCnDLAqQKcOsBpApw2wOkCnD7AGQKcMcCZApw5wFkCnDXA2QKcPcA5ApwzwLkCnDvAeQKcN8D5Apw/wAUCXDDAhQJcOMBFAlw0wMUCXDzAJQIkwCUDXCrApQNcJsBlA1wuwOUDXCHAFQNcKcCVA1wlwFUDXC3A1QNcI8A1A1wrwLUDXCfAdQNcL8D1A9wgwA0D3CjAjQPcJMBNA9wswM0D3CLALQPcKsCtA9wmwG0D3C7A7QPcIcAdA9wpwJ0D3CXAXQPcLcDdA9wjwD0D3CvAvQPcJ8B9A9wvwP0DPCDAAwM8KMCDAzwkwEMDPCzAwwM8IsAjAzwqwKMDPCbAYwM8LsDjAzwhwBMDNMCTAjw5wFMCPDXA0wI8PcAzAjwzwLMCPDvAcwI8N8DzAjw/wAsCvDDAiwK8OMBLArw0wMsCvDzAKwK8MsCrArw6wGsCvDbA6wK8PsAbArwxwJsCvDnAWwK8NcDbArw9wDsCvDPAuwK8O8B7Arw3wPsCvD/ABwJ8MMCHAnw4wEcCfDTAxwJ8PMAnAhwR4CDAIMAwwCjAOMAkwDTALMA8wCLAMsAqwDrAJsA2wC7APsAnA3wqwKcDfCbAZwN8LsDnA3whwBcDfCnAlwN8JcBXA3wtwNcDfCPANwN8K8C3A3wnwHcDfC/A9wP8IMAPA/wowI8D/CTAkQF+GuBnAX4e4BcBfhngVwF+HeA3AX4b4HcBfh/gDwH+GOBPAf4c4C8B/hrgbwH+HuAfAf4Z4F8Bjgrw7wD/CfDfAEcH+F+AYwIcG+CQEIeGOE6I44Y4XojDQhw/xAlCnDDE4SFOFOLEIU4S4qQhThbi5CFOEeKUIU4V4tQhThPitCFOF+L0Ic4Q4owhzhTizCHOEuKsIc4W4uwhzhHinCHOFeLcIc4T4rwhzhfi/CEuEOKCIS4U4sIhLhLioiEuFuLiIS4RIiEuGeJSIS4d4jIhLhviciEuH+IKIa4Y4kohrhziKiGuGuJqIa4e4hohrhniWiGuHeI6Ia4b4nohrh/iBiFuGOJGIW4c4iYhbhriZiFuHuIWIW4Z4lYhbh3iNiFuG+J2IW4f4g4h7hjiTiHuHOIuIe4a4m4h7h7iHiHuGeJeIe4d4j4h7hvifiHuH+IBIR4Y4kEhHhziISEeGuJhIR4e4hEhHhniUSEeHeIxIR4b4nEhHh/iCSGeGKIhnhTiySGeEuKpIZ4W4ukhnhHimSGeFeLZIZ4T4rkhnhfi+SFeEOKFIV4U4sUhXhLipSFeFuLlIV4R4pUhXhXi1SFeE+K1IV4X4vUh3hDijSHeFOLNId4S4q0h3hbi7SHeEeKdId4V4t0h3hPivSHeF+L9IT4Q4oMhPhTiwyE+EuKjIT4W4uMhPhHiiBAHIQYhhiFGIcYhJiGmIWYh5iEWIZYhViHWITYhtiF2IfYhPhniUyE+HeIzIT4b4nMhPh/iCyG+GOJLIb4c4ishvhriayG+HuIbIb4Z4lshvh3iOyG+G+J7Ib4f4gchfhjiRyF+HOInIY4M8dMQPwvx8xC/CPHLEL8K8esQvwnx2xC/C/H7EH8I8ccQfwrx5xB/CfHXEH8L8fcQ/wjxzxD/CnFUiH+H+E+I/4Y4OsT/QhwT4tgQh0Q4NMJxIhw3wvEiHBbh+BFOEOGEEQ6PcKIIJ45wkggnjXCyCCePcIoIp4xwqginjnCaCKeNcLoIp49whghnjHCmCGeOcJYIZ41wtghnj3COCOeMcK4I545wngjnjXC+COePcIEIF4xwoQgXjnCRCBeNcLEIF49wiQiJcMkIl4pw6QiXiXDZCJeLcPkIV4hwxQhXinDlCFeJcNUIV4tw9QjXiHDNCNeKcO0I1xn2/2YjwvUj3CDCDSPcKMKNI9wkwk0j3CzCzSPcIsItI9wqwq0j3CbCbSPcLsLtI9whwh0j3CnCnSPcJcJdI9wtwt0j3CPCPSPcK8K9I9wnwn0j3C/C/SM8IMIDIzwowoMjPCTCQyM8LMLDIzwiwiMjPCrCoyM8JsJjIzwuwuMjPCHCEyM0wpMiPDnCUyI8NcLTIjw9wjMiPDPCsyI8O8JzIjw3wvMiPD/CCyK8MMKLIrw4wksivDTCyyK8PMIrIrwywqsivDrCayK8NsLrIrw+whsivDHCmyK8OcJbIrw1wtsivD3COyK8M8K7Irw7wnsivDfC+yK8P8IHInwwwocifDjCRyJ8NMLHInw8wiciHBHhIMIgwjDCKMI4wiTCNMIswjzCIsIywirCOsImwjbCLsI+wicjfCrCpyN8JsJnI3wuwucjfCHCFyN8KcKXI3wlwlcjfC3C1yN8I8I3I3wrwrcjfCfCdyN8L8L3I/wgwg8j/CjCjyP8JMKREX4a4WcRfh7hFxF+GeFXEX4d4TcRfhvhdxF+H+EPEf4Y4U8R/hzhLxH+GuFvEf4e4R8R/hnhXxGOivDvCP+J8N8IR0f4X4RjIhwb4ZAYh8Y4TozjxjhejMNiHD9m1Nj/y+ExThTjxDFOEuOkMU4W4+QxThHjlDFOFePUMU4T47QxThfj9DHOEOOMMc4U48wxzhLjrDHOFuPsMc4R45wxzhXj3DHOE+O8Mc4X4/wxLhDjgjEuFOPCMS4S46IxLhbj4jEuESMxLhnjUjEuHeMyMS4b43IxLh/jCjGuGONKMa4c4yoxrhrjajGuHuMaMa4Z41oxrh3jOjGuG+N6Ma4f4wYxbhjjRjFuHOMmMW4a42Yxbh7jFjFuGeNWMW4d4zYxbhvjdjFuH+MOMe4Y404x7hzjLjHuGuNuMe4e4x4x7hnjXjHuHeM+Me4b434x7h/jATEeGONBMR4c4yExHhrjYTEeHuMRMR4Z41ExHh3jMTEeG+NxMR4f4wkxnhijMZ4U48kxnhLjqTGeFuPpMZ4R45kxnhXj2TGeE+O5MZ4X4/kxXhDjhTFeFOPFMV4S46UxXhbj5TFeEeOVMV4V49UxXhPjtTFeF+P1Md4Q440x3hTjzTHeEuOtMd4W4+0x3hHjnTHeFePdMd4T470x3hfj/TE+EOODMT4U48MxPhLjozE+FuPjMT4R44gYBzEGMYYxRjHGMSYxpjFmMeYxFjGWMVYx1jE2MbYxdjH2MT4Z41MxPh3jMzE+G+NzMT4f4wsxvhjjSzG+HOMrMb4a42sxvh7jGzG+GeNbMb4d4zsxvhvjezG+H+MHMX4Y40cxfhzjJzGOjPHTGD+L8fMYv4jxyxi/ivHrGL+J8dsYv4vx+xh/iPHHGH+K8ecYf4nx1xh/i/H3GP+I8c8Y/4pxVIx/x/hPjP/GODrG/2IcE+PYGIckODTBcRIcN8HxEhyW4PgJTpDghAkOT3CiBCdOcJIEJ01wsgQnT3CKBKdMcKoEp05wmgSnTXC6BKdPcIYEZ0xwpgRnTnCWBGdNcLYEZ09wjgTnTHCuBOdOcJ4E501wvgTnT3CBBBdMcKEEF05wkQQXTXCxBBdPcIkESXDJBJdKcOkEl0lw2QSXS3D5BFdIcMUEV0pw5QRXSXDVBFdLcPUE10hwzQTXSnDtBNdJcN0E10tw/QQ3SHDDBDdKcOMEN0lw0wQ3S3DzBLdIcMsEt0pw6wS3SXDbBLdLcPsEd0hwxwR3SnDnBHdJcNcEd0tw9wT3SHDPBPdKcO8E90lw3wT3S3D/BA9I8MAED0rw4AQPSfDQBA9L8PAEj0jwyASPSvDoBI9J8NgEj0vw+ARPSPDEBE3wpARPTvCUBE9N8LQET0/wjATPTPCsBM9O8JwEz03wvATPT/CCBC9M8KIEL07wkgQvTfCyBC9P8IoEr0zwqgSvTvCaBK9N8LoEr0/whgRvTPCmBG9O8JYEb03wtgRvT/COBO9M8K4E707wngTvTfC+BO9P8IEEH0zwoQQfTvCRBB9N8LEEH0/wiQRHJDhIMEgwTDBKME4wSTBNMEswT7BIsEywSrBOsEmwTbBLsE/wyQSfSvDpBJ9J8NkEn0vw+QRfSPDFBF9K8OUEX0nw1QRfS/D1BN9I8M0E30rw7QTfSfDdBN9L8P0EP0jwwwQ/SvDjBD9JcGSCnyb4WYKfJ/hFgl8m+FWCXyf4TYLfJvhdgt8n+EOCPyb4U4I/J/hLgr8m+FuCvyf4R4J/JvhXgqMS/DvBfxL8N8HRCf6X4JgExyY4JMWhKY6T4rgpjpfisBTHT3GCFCdMcXiKE6U4cYqTpDhpipOlOHmKU6Q4ZYpTpTh1itOkOG2K06U4fYozpDhjijOlOHOKs6Q4a4qzpTh7inOkOGeKc6U4d4rzpDhvivOlOH+KC6S4YIoLpbhwioukuGiKi6W4eIpLpEiKS6a4VIpLp7hMisumuFyKy6e4QoorprhSiiunuEqKq6a4Woqrp7hGimumuFaKa6e4TorrprheiuunuEGKG6a4UYobp7hJipumuFmKm6e4RYpbprhVilunuE2K26a4XYrbp7hDijumuFOKO6e4S4q7prhbirunuEeKe6a4V4p7p7hPivumuF+K+6d4QIoHpnhQigeneEiKh6Z4WIqHp3hEikemeFSKR6d4TIrHpnhciseneEKKJ6ZoiieleHKKp6R4aoqnpXh6imekeGaKZ6V4dornpHhuiueleH6KF6R4YYoXpXhxipekeGmKl6V4eYpXpHhlileleHWK16R4bYrXpXh9ijekeGOKN6V4c4q3pHhrireleHuKd6R4Z4p3pXh3ivekeG+K96V4f4oPpPhgig+l+HCKj6T4aIqPpfh4ik+kOCLFQYpBimGKUYpxikmKaYpZinmKRYplilWKdYpNim2KXYp9ik+m+FSKT6f4TIrPpvhcis+n+EKKL6b4Uoovp/hKiq+m+FqKr6f4RopvpvhWim+n+E6K76b4Xorvp/hBih+m+FGKH6f4SYojU/w0xc9S/DzFL1L8MsWvUvw6xW9S/DbF71L8PsUfUvwxxZ9S/DnFX1L8NcXfUvw9xT9S/DPFv1IcleLfKf6T4r8pjk7xvxTHpDg2xSEZDs1wnAzHzXC8DIdlOH6GE2Q4YYbDM5wow4kznCTDSTOcLMPJM5wiwykznCrDqTOcJsNpM5wuw+kznCHDGTOcKcOZM5wlw1kznC3D2TOcI8M5M5wrw7kznCfDeTOcL8P5M1wgwwUzXCjDhTNcJMNFM1wsw8UzXCJDMlwyw6UyXDrDZTJcNsPlMlw+wxUyXDHDlTJcOcNVMlw1w9UyXD3DNTJcM8O1Mlw7w3UyXDfD9TJcP8MNMtwww40y3DjDTTLcNMPNMtw8wy0y3DLDrTLcOsNtMtw2w+0y3D7DHTLcMcOdMtw5w10y3DXD3TLcPcM9Mtwzw70y3DvDfTLcN8P9Mtw/wwMyPDDDgzI8OMNDMjw0w8MyPDzDIzI8MsOjMjw6w2MyPDbD4zI8PsMTMjwxQzM8KcOTMzwlw1MzPC3D0zM8I8MzMzwrw7MzPCfDczM8L8PzM7wgwwszvCjDizO8JMNLM7wsw8szvCLDKzO8KsOrM7wmw2szvC7D6zO8IcMbM7wpw5szvCXDWzO8LcPbM7wjwzszvCvDuzO8J8N7M7wvw/szfCDDBzN8KMOHM3wkw0czfCzDxzN8IsMRGQ4yDDIMM4wyjDNMMkwzzDLMMywyLDOsMqwzbDJsM+wy7DN8MsOnMnw6w2cyfDbD5zJ8PsMXMnwxw5cyfDnDVzJ8NcPXMnw9wzcyfDPDtzJ8O8N3Mnw3w/cyfD/DDzL8MMOPMvw4w08yHJnhpxl+luHnGX6R4ZcZfpXh1xl+k+G3GX6X4fcZ/pDhjxn+lOHPGf6S4a8Z/pbh7xn+keGfGf6V4agM/87wnwz/zXB0hv9lOCbDsRkOyXFojuPkOG6O4+U4LMfxc5wgxwlzHJ7jRDlOnOMkOU6a42Q5Tp7jFDlOmeNUOU6d4zQ5TpvjdDlOn+MMOc6Y40w5zpzjLDnOmuNsOc6e4xw5zpnjXDnOneM8Oc6b43w5zp/jAjkumONCOS6c4yI5LprjYjkunuMSOZLjkjkulePSOS6T47I5Lpfj8jmukOOKOa6U48o5rpLjqjmuluPqOa6R45o5rpXj2jmuk+O6Oa6X4/o5bpDjhjlulOPGOW6S46Y5bpbj5jlukeOWOW6V49Y5bpPjtjlul+P2Oe6Q44457pTjzjnukuOuOe6W4+457pHjnjnulePeOe6T47457pfj/jkekOOBOR6U48E5HpLjoTkeluPhOR6R45E5HpXj0Tkek+OxOR6X4/E5npDjiTma40k5npzjKTmemuNpOZ6e4xk5npnjWTmeneM5OZ6b43k5np/jBTlemONFOV6c4yU5XprjZTlenuMVOV6Z41U5Xp3jNTlem+N1OV6f4w053pjjTTnenOMtOd6a42053p7jHTnemeNdOd6d4z053pvjfTnen+MDOT6Y40M5PpzjIzk+muNjOT6e4xM5jshxkGOQY5hjlGOcY5JjmmOWY55jkWOZY5VjnWOTY5tjl2M/fMiQ/33iqRyfzvGZHJ/N8bkcn8/xhRxfzPGlHF/O8ZUcX83xtRxfz/GNHN/M8a0c387xnRzfzfG9HN/P8YMcP8zxoxw/zvGTHEfm+GmOn+X4eY5f5Phljl/l+HWO3+T4bY7f5fh9jj/k+GOOP+X4c46/5Phrjr/l+HuOf+T4Z45/5Tgqx79z/CfHf3McneN/OY7JcWyOQwocWuA4BY5b4HgFDitw/AInKHDCAocXOFGBExc4SYGTFjhZgZMXOEWBUxY4VYFTFzhNgdMWOF2B0xc4Q4EzFjhTgTMXOEuBsxY4W4GzFzhHgXMWOFeBcxc4T4HzFjhfgfMXuECBCxa4UIELF7hIgYsWuFiBixe4RIEUuGSBSxW4dIHLFLhsgcsVuHyBKxS4YoErFbhygasUuGqBqxW4eoFrFLhmgWsVuHaB6xS4boHrFbh+gRsUuGGBGxW4cYGbFLhpgZsVuHmBWxS4ZYFbFbh1gdsUuG2B2xW4fYE7FLhjgTsVuHOBuxS4a4G7Fbh7gXsUuGeBexW4d4H7FLhvgfsVuH+BBxR4YIEHFXhwgYcUeGiBhxV4eIFHFHhkgUcVeHSBxxR4bIHHFXh8gScUeGKBFnhSgScXeEqBpxZ4WoGnF3hGgWcWeFaBZxd4ToHnFnhegecXeEGBFxZ4UYEXF3hJgZcWeFmBlxd4RYFXFnhVgVcXeE2B1xZ4XYHXF3hDgTcWeFOBNxd4S4G3FnhbgbcXeEeBdxZ4V4F3F3hPgfcWeF+B9xf4QIEPFvhQgQ8X+EiBjxb4WIGPF/hEgSMKHBQYFBgWGBUYF5gUmBaYFZgXWBRYFlgVWBfYFNgW2BXYF/hkgU8V+HSBzxT4bIHPFfh8gS8U+GKBLxX4coGvFPhqga8V+HqBbxT4ZoFvFfh2ge8U+G6B7xX4foEfFPhhgR8V+HGBnxQ4ssBPC/yswM8L/KLALwv8qsCvC/ymwG8L/K7A7wv8ocAfC/ypwJ8L/KXAXwv8rcDfC/yjwD8L/KvAUQX+XeA/Bf5b4OgC/ytwTIFjCxxS4tASxylx3BLHK3FYieOXOEGJE5Y4vMSJSpy4xElKnLTEyUqcvMQpSpyyxKlKnLrEaUqctsTpSpy+xBlKnLHEmUqcucRZSpy1xNlKnL3EOUqcs8S5Spy7xHlKnLfE+Uqcv8QFSlywxIVKXLjERUpctMTFSly8xCVKpMQlS1yqxKVLXKbEZUtcrsTlS1yhxBVLXKnElUtcpcRVS1ytxNVLXKPENUtcq8S1S1ynxHVLXK/E9UvcoMQNS9yoxI1L3KTETUvcrMTNS9yixC1L3KrErUvcpsRtS9yuxO1L3KHEHUvcqcSdS9ylxF1L3K3E3Uvco8Q9S9yrxL1L3KfEfUvcr8T9SzygxANLPKjEg0s8pMRDSzysxMNLPKLEI0s8qsSjSzymxGNLPK7E40s8ocQTS7TEk0o8ucRTSjy1xNNKPL3EM0o8s8SzSjy7xHNKPLfE80o8v8QLSrywxItKvLjES0q8tMTLSry8xCtKvLLEq0q8usRrSry2xOtKvL7EG0q8scSbSry5xFtKvLXE20q8vcQ7SryzxLtKvLvEe0q8t8T7Sry/xAdKfLDEh0p8uMRHSny0xMdKfLzEJ0ocUeKgxKDEsMSoxLjEpMS0xKzEvMSixLLEqsS6xKbEtsSuxL7EJ0t8qsSnS3ymxGdLfK7E50t8ocQXS3ypxJdLfKXEV0t8rcTXS3yjxDdLfKvEt0t8p8R3S3yvxPdL/KDED0v8qMSPS/ykxJElflriZyV+XuIXJX5Z4lclfl3iNyV+W+J3JX5f4g8l/ljiTyX+XOIvJf5a4m8l/l7iHyX+WeJfJY4q8e8S/ynx3xJHl/hfiWNKHFvikAqHVjhOheNWOF6Fwyocv8IJKpywwuEVTlThxBVOUuGkFU5W4eQVTlHhlBVOVeHUFU5T4bQVTlfh9BXOUOGMFc5U4cwVzlLhrBXOVuHsFc5R4ZwVzlXh3BXOU+G8Fc5X4fwVLlDhghUuVOHCFS5S4aIVLlbh4hUuUSEVLlnhUhUuXeEyFS5b4XIVLl/hChWuWOFKFa5c4SoVrlrhahWuXuEaFa5Z4VoVrl3hOhWuW+F6Fa5f4QYVbljhRhVuXOEmFW5a4WYVbl7hFhVuWeFWFW5d4TYVblvhdhVuX+EOFe5Y4U4V7lzhLhXuWuFuFe5e4R4V7lnhXhXuXeE+Fe5b4X4V7l/hARUeWOFBFR5c4SEVHlrhYRUeXuERFR5Z4VEVI0cMGeIxFR5b4XEVHl/hCRWeWKEVnlThyRWeUuGpFZ5W4ekVnlHhmRWeVeHZFZ5T4bkVnlfh+RVeUOGFFV5U4cUVXlLhpRVeVuHlFV5R4ZUVXlXh1RVeU+G1FV5X4fUV3lDhjRXeVOHNFd5S4a0V3lbh7RXeUeGdFd5V4d0V3lPhvRXeV+H9FT5Q4YMVPlThwxU+UuGjFT5W4eMVPlHhiAoHFQYVhhVGFcYVJhWmFWYV5hUWFZYVVhXWFTYVthV2FfYVPlnhUxU+XeEzFT5b4XMVPl/hCxW+WOFLFb5c4SsVvlrhaxW+XuEbFb5Z4VsVvl3hOxW+W+F7Fb5f4QcVfljhRxV+XOEnFY6s8NMKP6vw8wq/qPDLCr+q8OsKv6nw2wq/q/D7Cn+o8McKf6rw5wp/qfDXCn+r8PcK/6jwzwr/qnBUhX9X+E+F/1Y4usL/KhxT4dgKh9Q4tMZxahy3xvFqHFbj+DVOUOOENQ6vcaIaJ65xkhonrXGyGievcYoap6xxqhqnrnGaGqetcboap69xhhpnrHGmGmeucZYaZ61xthpnr3GOGuesca4a565xnhrnrXG+GuevcYEaF6xxoRoXrnGRGhetcbEaF69xiRqpcckal6px6RqXqXHZGpercfkaV6hxxRpXqnHlGlepcdUaV6tx9RrXqHHNGteqce0a16lx3RrXq3H9GjeoccMaN6px4xo3qXHTGjercfMat6hxyxq3qnHrGrepcdsat6tx+xp3qHHHGneqcecad6lx1xp3q3H3Gveocc8a96px7xr3qXHfGvercf8aD6jxwBoPqvHgGg+p8dAaD6vx8BqPqPHIGo+q8egaj6nx2BqPq/H4Gk+o8cQarfGkGk+u8ZQaT63xtBpPr/GMGs+s8awaz67xnBrPrfG8Gs+v8YIaL6zxohovrvGSGi+t8bIaL6/xihqvrPGqGq+u8Zoar63xuhqvr/GGGm+s8aYab67xlhpvrfG2Gm+v8Y4a76zxrhrvrvGeGu+t8b4a76/xgRofrPGhGh+u8ZEaH63xsRofr/GJGkfUOKgxqDGsMaoxrjGpMa0xqzGvsaixrLGqsa6xqbGtsauxr/HJGp+q8ekan6nx2Rqfq/H5Gl+o8cUaX6rx5RpfqfHVGl+r8fUa36jxzRrfqvHtGt+p8d0a36vx/Ro/qPHDGj+q8eMaP6lxZI2f1vhZjZ/X+EWNX9b4VY1f1/hNjd/W+F2N39f4Q40/1vhTjT/X+EuNv9b4W42/1/hHjX/W+FeNo2r8u8Z/avy3xtE1/lfjmBrH1jikwaENjtPguA2O1+CwBsdvcIIGJ2xweIMTNThxg5M0OGmDkzU4eYNTNDhlg1M1OHWD0zQ4bYPTNTh9gzM0OGODMzU4c4OzNDhrg7M1OHuDczQ4Z4NzNTh3g/M0OG+D8zU4f4MLNLhggws1uHCDizS4aIOLNbh4g0s0SINLNrhUg0s3uEyDyza4XIPLN7hCgys2uFKDKze4SoOrNrhag6s3uEaDaza4VoNrN7hOg+s2uF6D6ze4QYMbNrhRgxs3uEmDmza4WYObN7hFg1s2uFWDWze4TYPbNrhdg9s3uEODOza4U4M7N7hLg7s2uFuDuze4R4N7NrhXg3s3uE+D+za4X4P7N3hAgwc2eFCDBzd4SIOHNnhYg4c3eESDRzZ4VINHN3hMg8c2eFyDxzd4QoMnNmiDJzV4coOnNHhqg6c1eHqDZzR4ZoNnNXh2g+c0eG6D5zV4foMXNHhhgxc1eHGDlzR4aYOXNXh5g1c0eGWDVzV4dYPXNHhtg9c1eH2DNzR4Y4M3NXhzg7c0eGuDtzV4e4N3NHhng3c1eHeD9zR4b4P3NXh/gw80+GCDDzX4cIOPNPhog481+HiDTzQ4osFBg0GDYYNRg3GDSYNpg1mDeYNFg2WDVYN1g02DbYNdg32DTzb4VINPN/hMg882+FyDzzf4QoMvNvhSgy83+EqDrzb4WoOvN/hGg282+FaDbzf4ToPvNvheg+83+EGDHzb4UYMfN/hJgyMb/LTBzxr8vMEvGvyywa8a/LrBbxr8tsHvGvy+wR8a/LHBnxr8ucFfGvy1wd8a/L3BPxr8s8G/GhzV4N8N/tPgvw2ObvC/Bsc0OLbBIS0ObXGcFsdtcbwWh7U4fosTtDhhi8NbnKjFiVucpMVJW5ysxclbnKLFKVucqsWpW5ymxWlbnK7F6VucocUZW5ypxZlbnKXFWVucrcXZW5yjxTlbnKvFuVucp8V5W5yvxflbXKDFBVtcqMWFW1ykxUVbXKzFxVtcokVaXLLFpUYPdekWl2lx2RaXa3H5FldoccUWV2px5RZXaXHVFldrcfUW12hxzRbXanHtFtdpcd0W12tx/RY3aHHDFjdqceMWN2lx0xY3a3HzFrdoccsWt2px6xa3aXHbFrdrcfsWd2hxxxZ3anHnFndpcdcWd2tx9xb3aHHPFvdqce8W92lx3xb3a3H/Fg9o8cAWD2rx4BYPafHQFg9r8fAWj2jxyBaPavHoFo9p8dgWj2vx+BZPaPHEFm3xpBZPbvGUFk9t8bQWT2/xjBbPbPGsFs9u8ZwWz23xvBbPb/GCFi9s8aIWL27xkhYvbfGyFi9v8YoWr2zxqhavbvGaFq9t8boWr2/xhhZvbPGmFm9u8ZYWb23xthZvb/GOFu9s8a4W727xnhbvbfG+Fu9v8YEWH2zxoRYfbvGRFh9t8bEWH2/xiRZHtDhoMWgxbDFqMW4xaTFtMWsxb7FosWyxarFusWmxbbFrsW/xyRafavHpFp9p8dkWn2vx+RZfaPHFFl9q8eUWX2nx1RZfa/H1Ft9o8c0W32rx7RbfafHdFt9r8f0WP2jxwxY/avHjFj9pcWSLn7b4WYuft/hFi1+2+FWLX7f4TYvftvhdi9+3+EOLP7b4U4s/t/hLi7+2+FuLv7f4R4t/tvhXi6Na/LvFf1r8t8XRLf7X4pgWx7Y4pMOhHY7T4bgdjtfhsA7H73CCDifscHiHE3U4cYeTdDhph5N1OHmHU3Q4ZYdTdTh1h9N0OG2H03U4fYczdDhjhzN1OHOHs3Q4a4ezdTh7h3N0OGeHc3U4d4fzdDhvh/N1OH+HC3S4YIcLdbhwh4t0uGiHi3W4eIdLdEiHS3a4VIdLd7hMh8t2uFyHy3e4QocrdrhShyt3uEqHq3a4Woerd7hGh2t2uFaHa3e4Tofrdrheh+t3uEGHG3a4UYcbd7hJh5t2uFmHm3e4RYdbdrhVh1t3uE2H23a4XYfbd7hDhzt2uFOHO3e4S4e7drhbh7t3uEeHe3a4V4d7d7hPh/t2uF+H+3d4QIcHdnhQhwd3eEiHh3Z4WIeHd3hEh0d2eFSHR3d4TIfHdnhch8d3eEKHJ3Zohyd1eHKHp3R4aoendXh6h2d0eGaHZ3V4dofndHhuh+d1eH6HF3R4YYcXdXhxh5d0eGmHl3V4eYdXdHhlh1d1eHWH13R4bYfXdXh9hzd0eGOHN3V4c4e3dHhrh7d1eHuHd3R4Z4d3dXh3h/d0eG+H93V4f4cPdPhghw91+HCHj3T4aIePdfh4h090OKLDQYdBh2GHUYdxh0mHaYdZh3mHRYdlh1WHdYdNh22HXYd9h092+FSHT3f4TIfPdvhch893+EKHL3b4Uocvd/hKh692+FqHr3f4RodvdvhWh293+E6H73b4Xofvd/hBhx92+FGHH3f4SYcjO/y0w886/LzDLzr8ssOvOvy6w286/LbD7zr8vsMfOvyxw586/LnDXzr8tcPfOvy9wz86/LPDvzoc1eHfHf7T4b8dju7wvw7HdDi2wyE9Du1xnB7H7XG8Hof1OH6PE/Q4YY/De5yox4l7nKTHSXucrMfJe5yixyl7nKrHqXucpsdpe5yux+l7nKHHGXucqceZe5ylx1l7nK3H2Xuco8c5e5yrx7l7nKfHeXucr8f5e1ygxwV7XKjHhXtcpMdFe1ysx8V7XKJHelyyx6V6XLrHZXpctsflely+xxV6XLHHlXpcucdVely1x9V6XL3HNXpcs8e1ely7x3V6XLfH9Xpcv8cNetywx4163LjHTXrctMfNety8xy163LLHrXrcusdtety2x+163L7HHXrcscedety5x1163LXH3Xrcvcc9etyzx7163LvHfXrct8f9ety/xwN6PLDHg3o8uMdDejy0x8N6PLzHI3o8ssejejy6x2N6PLbH43o8vscTejyxR3s8qceTezylx1N7PK3H03s8o8czezyrx7N7PKfHc3s8r8fze7ygxwt7vKjHi3u8pMdLe7ysx8t7vKLHK3u8qsere7ymx2t7vK7H63u8occbe7ypx5t7vKXHW3u8rcfbe7yjxzt7vKvHu3u8p8d7e7yvx/t7fKDHB3t8qMeHe3ykx0d7fKzHx3t8oscRPQ56/J8AAAD//8P52+I=")
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x10, 0x20, 0x301}, 0x10}], 0x1, 0x0, 0x0, 0x40000}, 0x0)
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2390024, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0)

2.637194292s ago: executing program 4 (id=1093):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x167)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x1a42028, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file1\x00', 0x42, 0x5)
read$FUSE(r0, 0x0, 0x0)

2.55138652s ago: executing program 3 (id=1094):
r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0x80000001, 0x82002)
r1 = syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0x7078, 0x0, 0xb, 0x284}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0})
io_uring_enter(r1, 0x3516, 0x0, 0x4, 0x0, 0x0)

2.279685916s ago: executing program 4 (id=1095):
syz_mount_image$nilfs2(&(0x7f00000000c0), &(0x7f0000000300)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xaf1, &(0x7f0000001cc0)="$eJzs3V+IXFf9APBzd3c2u2n7y6a/RNc0tonVtmq7aTZrrAZNSoJgaIr4Uii+hDStwRjBCmopmOTJN1tKCj75B5/6UqoIFkRCn3wp2EAR8lQFfWiIWPChRpORnbln5t6Tmdydze7cnd3PB+6eufecO99zZ+/cuf/OPQHYsMZafxcWZrMQLrz5ypH3H/j79OKUg50SM62/E4WxRgghy8cnkvd7b7ydXv/gxRO90izMt/7G8fDk1c68d4QQzoZd4WKYCTsuXHr57fknjp07en73O68duLI6Sw8AABvL1y4eWNj+lz/ds/Xa6/ceCps60+P++UycMNXe7z+U7/jH/f+xUB5fTLdeToJ037Z03LA4jE2Xi473KFeM00jKTfSIvzhMJlVo9Cm3Kdw6/nhhWq/lhlEW1+OZkI3NhRA2d8bHxubm2sfkoXVcP5nNnTl1+tnna6oosOL+dV8IYVdhOHy+PL7WhoNroA7LHJproA4jORwaXqxrzbbal3lIQ3NL3VsggLb0euFNzmYrGq/zbhNLi3/18bHe88MKGPb6P1D8yZviTw81fqh5+ddA/F+ds8Vh5azXtSkuV/we3ZmPp9cR0vuXXv19eb6u9EpHeWp6PaKxxHr2u44wKtcX+tVzfMj1WK5+9U/Xi/XqS3kaP4cvl3LvK31/0v/pqPyPgd4+TM//GwyrODz2fv11GPkhlMYbt/NezZq3P8Dald4314zXR3OTFfmbKvKnKvKnK/I3V+TfUZEPG9lvvveT8FLWPd+VHtMPej48nme7K0//b8D6pOcjB42f3vc7qNuNn95PDGvZ744/dfKxZ56+1L7/P+us/zfy9T0ebszk362LeYF4vjA9rx7vq+82HCjnp+XuTupzV4/yrdfbyuWybd33CYXtzE31mC3Pt6VfuZ3lcjNJuel8mErqm+6fbE7mi/sfcbsaP6+JZHkbyXJMJvWI25WteZrWA5Yjro+t+/8LF63i/f9x/ZwNjezZU6dPPpqPx/X0j+ONTYvT9w6z0sCKSNv/dMfL7X9mQ7n9z52d6Y2x4nZhS3d61t4uvJG/X3n6fCdOYXrhRy3+zn1zfLpVfu7Ed04/s8LLDhvd8z984VvHT58++V0vlv3iK2ujGoO8iIcta6U+Xgz6Ytdqh6h5wwSsuj0/au8EPHLq28efO/ncyTP79u/fNz+//wv7Fva09uv3FPfui87WUFtgJXV/9OuuCQAAAAAAAAAAALBU3z965NK7b33+crv9f7f9X2z/H+/8je3/f5y0/0/bycd28LEd4NYe+a0yyQNWJ5NyjXz4/6S+25I425P5PpKnnX788vb/MVz6XNdYn48m0xt9RpPHCdz0vJTJ5BkkaX+Bn8jT83n6ywA1yno/wj9db3s83zr7sLCux+dTFJrwNj0feHTE/1trbSg80ii2/+75XKce7bUZLcNosVj3MgK9/WNDPf/7n90FH2C+h2uv90YbJoYb76eDrxPrZWj23Utfag82ACuj7v4//xbaceP5zzN/+OrU4hCLXX28vL1Mn18Kg/jzu+Xxtd7/5GrHT/vtG3b8upd/2P1/dvq/y7d/cbvXf/uX9Jg3s7y4//7ZlcuFsGHHUuOnyx+fA71tsPjX8vhxaR4MS4vf/EUSP70gtET/SeJvXmL8m5Z/5/Li/zePHz+2h+5favx2jbOxcj2mk+WI1//S88bR9WT547M9bxH/6y/0Wv5ldtR4I48PG9mo9DM7qGQ/orPTXtX/76C//7fb/2+nslm5Mul9GJ/Lx+OGON7nkPZ3Mmj94/0V8Xdge/L+WcXvm/5/R9sX87Tq+xD7/43r40z+k18Yb32WcbzR47Ndr9saGFXvbajrf8MarrQPg5Y3/1T99TcMMDTHlzFfp5+4muvfbDZX94RWhVqDU/vnX/dxQt3x6/78q6T9/6b78Gn/v2l+2v9vmp/2/5vmT+f/oX75af+/6eeZ9v+bpRVP3jftH3i2Iv9jFfk7eud3ot9TMf/OivyPV+Tv7uQfLJWI+ffecv5uuX7vf3dF/v0V+Z+syP9URf4DFfkPFfKLfUDH/E8n82dJ/noX26P0+/yA9Sttn+f7DxtHvP7T7/u/rZs/WSwy3FoCq+HV1/cefvrX35hpt/+f7JwPidfxDuXjjfzY6Af5eHrdOxTGF/Peysf/muSv9fMdsJGkz89If/8frMgHRle8z8v3GzagbKr35Dytem5Vv/18Rstn8vSzefpwnj6Sp3N5uidP9+bp/JDqx+o4/MZvD7yUdY/3tyT5S72fPG0PVHpOVAhh3xLrk54fGPR+9vQ5foO63fjLbA4GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQm7HW34WF2SyEC2++cuSpY6f2LE452Ckx0/o7URhrdOYL4dE8Hc/Tn+cvrn/w4olieiNPszAfspB1pocnr3Yi3RFCOBt2hYthJuy4cOnlt+efOHbu6Pnd77x24MrqfQIAAACw/v0vAAD//8AFCcQ=")
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000280)='./bus\x00', 0x0, 0x0, 0xff, 0x0, &(0x7f00000007c0))
syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./bus/file0\x00', 0x80008, 0x0, 0x0, 0x0, &(0x7f0000000000))
rename(&(0x7f0000000000)='./bus/file0\x00', &(0x7f0000000080)='./file0\x00')
rename(&(0x7f0000000180)='./file0\x00', &(0x7f0000000a00)='./bus/file0\x00')

2.241365957s ago: executing program 0 (id=1096):
r0 = socket$inet6(0xa, 0x3, 0x7)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4)
setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x380000, @loopback}, 0x1c)
sendmmsg(r0, &(0x7f000000d6c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=ANY=[], 0xc}}], 0x1, 0x4000000)

1.736075379s ago: executing program 0 (id=1097):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="180000002e0001ff070000000000000006"], 0x18}], 0x1, 0x0, 0x0, 0x84}, 0x300)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)={0x14, 0x2e, 0x1, 0x0, 0x0, "", [@nested={0x4, 0x119}]}, 0x14}], 0x1, 0x0, 0x0, 0x84}, 0x300)
read(r0, &(0x7f0000000080)=""/38, 0x26)

1.646113606s ago: executing program 3 (id=1098):
unshare(0x2040400)
r0 = semget$private(0x0, 0x7, 0x191)
semtimedop(r0, &(0x7f0000000200)=[{0x0, 0xffff, 0x2000}, {0x4, 0x3, 0x1800}], 0x2, 0x0)
semop(r0, &(0x7f0000000000)=[{0x0, 0xe8c7, 0x1000}], 0x1)
semctl$SETVAL(r0, 0x0, 0x10, &(0x7f0000000080)=0x4)

1.615760529s ago: executing program 4 (id=1099):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000340)={0x26, 'hash\x00', 0x0, 0x0, 'wp512-generic\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000000b80)=[{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)='v', 0xf4240}], 0x1}], 0x4924924924923d5, 0x8004)
setsockopt$SO_TIMESTAMP(r1, 0x1, 0x49, &(0x7f0000000040)=0x1, 0x4)

1.1759574s ago: executing program 0 (id=1100):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x7fa962bfffff, 0x12, r0, 0x0)
munmap(&(0x7f0000ff9000/0x2000)=nil, 0x2000)
mremap(&(0x7f0000ff8000/0x1000)=nil, 0x1000, 0x2000, 0x0, &(0x7f0000ff8000/0x2000)=nil)

939.460789ms ago: executing program 4 (id=1101):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @dev={0xfe, 0x80, '\x00', 0x1d}, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0x11, 0x0, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x3a, &(0x7f00000001c0)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x3, 0x2c, 0x0, 0x0, 0x8, 0x6, 0x0, @remote, @local}, {{0x4e23, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x6, 0x2, 0x8000, 0x0, 0xfffc, {[@mss={0x2, 0x4, 0xa005}]}}}}}}}, 0x0)

831.018986ms ago: executing program 0 (id=1102):
r0 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r0, &(0x7f0000002f40)=[{{&(0x7f0000000000)={0x2, 0x0, @initdev={0xac, 0x1e, 0x4, 0x0}}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000200)="9a", 0x1}], 0x1}}], 0x1, 0x4000000)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f00000003c0)=@sack_info={r2, 0x8, 0x1}, 0xc)

637.0809ms ago: executing program 4 (id=1103):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x210000, &(0x7f0000002f40)={[{@nodelalloc}, {@dioread_lock}, {@barrier_val={'barrier', 0x3d, 0x4}}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x10}}, {@bh}, {@init_itable}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3004009, 0x0, 0x2, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)

569.787339ms ago: executing program 3 (id=1104):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbff, 0x2ffffffff}, 0xc)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)=@newtaction={0x18, 0x31, 0x1, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0)

540.710459ms ago: executing program 0 (id=1105):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xb, 0x100, 0x1108, 0x9, 0x1}, 0x50)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0xfd, 0x909f}]})
bpf$MAP_LOOKUP_BATCH(0x1b, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x3, r0}, 0x38)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0xa, 0xffffffffffffffff, 0x4}, 0x38)

295.315149ms ago: executing program 3 (id=1106):
sendmsg$key(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020800000100000000000001000000000100140003"], 0x18}}, 0x0)
io_setup(0x8, &(0x7f0000000600)=<r0=>0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0))
r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002)
io_submit(r0, 0x1, &(0x7f0000000180)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000000c0)="01", 0x24}])

0s ago: executing program 4 (id=1107):
syz_mount_image$ext4(&(0x7f0000000380)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001500)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @dev}, {0x306, @local}, 0x48, {0x2, 0x0, @dev}})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x200)

kernel console output (not intermixed with test programs):

284][ T5828]  f2fs_sync_dirty_inodes+0x30e/0x810
[  150.562341][ T5828]  f2fs_write_checkpoint+0x9c6/0x2490
[  150.562418][ T5828]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  150.562451][ T5828]  ? srso_alias_return_thunk+0x5/0xfbef5
[  150.562557][ T5828]  kill_f2fs_super+0x308/0x710
[  150.562601][ T5828]  ? __pfx_kill_f2fs_super+0x10/0x10
[  150.562669][ T5828]  deactivate_locked_super+0xbc/0x130
[  150.562707][ T5828]  cleanup_mnt+0x437/0x4d0
[  150.562740][ T5828]  ? _raw_spin_unlock_irq+0x23/0x50
[  150.562779][ T5828]  task_work_run+0x1d9/0x270
[  150.562817][ T5828]  ? __pfx_task_work_run+0x10/0x10
[  150.562850][ T5828]  ? srso_alias_return_thunk+0x5/0xfbef5
[  150.562893][ T5828]  exit_to_user_mode_loop+0xed/0x480
[  150.562930][ T5828]  ? srso_alias_return_thunk+0x5/0xfbef5
[  150.562958][ T5828]  ? rcu_is_watching+0x15/0xb0
[  150.562988][ T5828]  do_syscall_64+0x2b7/0xf80
[  150.563017][ T5828]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.563041][ T5828]  ? trace_irq_disable+0x37/0x100
[  150.563075][ T5828]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.563099][ T5828] RIP: 0033:0x7fc13bd9c117
[  150.563130][ T5828] Code: a2 c7 05 7c c4 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  150.563150][ T5828] RSP: 002b:00007ffc3f20ae38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  150.563176][ T5828] RAX: 0000000000000000 RBX: 00007fc13be0471f RCX: 00007fc13bd9c117
[  150.563193][ T5828] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc3f20aef0
[  150.563208][ T5828] RBP: 00007ffc3f20aef0 R08: 00007ffc3f20bef0 R09: 00000000ffffffff
[  150.563225][ T5828] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc3f20bf80
[  150.563241][ T5828] R13: 00007fc13be0471f R14: 0000000000024b1c R15: 00007ffc3f20bfc0
[  150.563285][ T5828]  </TASK>
[  150.581640][ T7397] loop4: detected capacity change from 0 to 32768
[  150.602789][ T5828] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  150.634202][ T7399] loop3: detected capacity change from 0 to 32768
[  150.745902][ T7424] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  150.837640][ T7399] (syz.3.556,7399,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  150.857696][ T7424] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  150.969296][ T7399] (syz.3.556,7399,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  150.993887][ T7424] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  151.008677][ T7397] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  151.113813][ T7424] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  151.150386][ T7424] System zones: 0-2, 18-18, 34-35
[  151.169467][ T7424] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  151.185224][ T7399] JBD2: Ignoring recovery information on journal
[  151.248503][ T7397] XFS (loop4): Ending clean mount
[  151.273667][ T7424] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  151.286508][ T7438] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  151.293968][ T7438] IPv6: NLM_F_CREATE should be set when creating new route
[  151.301180][ T7438] IPv6: NLM_F_CREATE should be set when creating new route
[  151.327791][ T7424] EXT4-fs error (device loop1): ext4_readdir:264: inode #2: block 3: comm syz.1.566: path /99/file0: bad entry in directory: inode out of bounds - offset=24, inode=134217739, rec_len=20, size=2048 fake=0
[  151.327892][ T7438] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  151.356220][ T7399] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  151.513970][ T5833] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  151.537503][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.697886][ T7443] loop2: detected capacity change from 0 to 4096
[  151.783296][ T7443] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  151.799979][ T7451] loop1: detected capacity change from 0 to 256
[  151.935189][ T7451] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x32e3664b, utbl_chksum : 0xe619d30d)
[  151.972792][ T5837] ocfs2: Unmounting device (7,3) on (node local)
[  151.990046][ T7451] exFAT-fs (loop1): valid_size(150994954) is greater than size(10)
[  152.155562][ T5819] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.522025][ T7461] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  152.559963][   T50] Bluetooth: hci6: Frame reassembly failed (-84)
[  152.581555][ T7470] loop3: detected capacity change from 0 to 8
[  152.955464][ T7483] loop3: detected capacity change from 0 to 1024
[  152.979960][ T7483] EXT4-fs: Ignoring removed oldalloc option
[  152.982499][ T7486] loop4: detected capacity change from 0 to 256
[  153.002978][ T7483] EXT4-fs: Ignoring removed bh option
[  153.075348][ T7483] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  153.220007][ T5837] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.433525][ T7494] loop0: detected capacity change from 0 to 2048
[  153.574145][ T7499] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  153.724395][ T7499] NILFS (loop0): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  153.739516][ T7476] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  153.790065][ T7499] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=4)
[  153.840664][ T7499] Remounting filesystem read-only
[  153.882964][ T7476] XFS (loop1): Ending clean mount
[  153.891109][ T7494] NILFS (loop0): mounting fs with errors
[  153.931588][ T7494] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=2)
[  153.980335][ T7494] Remounting filesystem read-only
[  154.109299][ T5831] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  154.127321][ T5828] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer
[  154.149737][ T7492] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.588 (7492)
[  154.201839][ T7492] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  154.212552][ T7492] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  154.361375][ T7529] netlink: 8 bytes leftover after parsing attributes in process `syz.0.596'.
[  154.425113][ T7492] BTRFS info (device loop4): rebuilding free space tree
[  154.515350][ T5830] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  154.529092][ T7492] BTRFS info (device loop4): disabling free space tree
[  154.581354][ T7492] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  154.656107][ T7492] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  154.785923][ T7492] BTRFS info (device loop4): enabling ssd optimizations
[  154.811965][ T7492] BTRFS info (device loop4): turning on async discard
[  154.825477][ T7492] BTRFS info (device loop4): force clearing of disk cache
[  154.857781][ T7492] BTRFS info (device loop4): enabling auto defrag
[  154.872064][ T7492] BTRFS info (device loop4): max_inline set to 4096
[  155.025672][ T7509] F2FS-fs (loop5): invalid crc value
[  155.097549][ T7544] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  155.146871][ T7544] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  155.257407][   T24] hid-generic 0005:16C0:05DF.0005: item fetching failed at offset 0/1
[  155.332559][   T24] hid-generic 0005:16C0:05DF.0005: probe with driver hid-generic failed with error -22
[  155.457036][   T37] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared)
[  155.520583][ T7509] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  155.522967][ T5833] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  155.572772][ T7509] F2FS-fs (loop5): Start checkpoint disabled!
[  155.633920][ T7509] F2FS-fs (loop5): f2fs_disable_checkpoint() finish, err:0
[  155.690642][ T7509] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  155.885224][   T31] audit: type=1800 audit(1770434537.885:25): pid=7509 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.592" name="file1" dev="loop5" ino=14 res=0 errno=0
[  156.072708][ T1264] kworker/u8:6: attempt to access beyond end of device
[  156.072708][ T1264] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  156.133004][ T1264] CPU: 1 UID: 0 PID: 1264 Comm: kworker/u8:6 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  156.133047][ T1264] Tainted: [L]=SOFTLOCKUP
[  156.133056][ T1264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  156.133088][ T1264] Workqueue: writeback wb_workfn (flush-7:5)
[  156.133135][ T1264] Call Trace:
[  156.133144][ T1264]  <TASK>
[  156.133154][ T1264]  dump_stack_lvl+0xe8/0x150
[  156.133189][ T1264]  f2fs_handle_critical_error+0x37c/0x540
[  156.133228][ T1264]  f2fs_write_end_io+0xc1d/0xfd0
[  156.133280][ T1264]  __submit_merged_bio+0x256/0x650
[  156.133317][ T1264]  f2fs_submit_page_write+0xd62/0x2190
[  156.133381][ T1264]  do_write_page+0x40f/0xac0
[  156.133423][ T1264]  ? f2fs_encrypt_one_page+0xaf/0x930
[  156.133462][ T1264]  f2fs_outplace_write_data+0x11a/0x220
[  156.133506][ T1264]  f2fs_do_write_data_page+0x12dc/0x1850
[  156.133555][ T1264]  ? __pfx_f2fs_do_write_data_page+0x10/0x10
[  156.133591][ T1264]  ? __lock_acquire+0x6b5/0x2cf0
[  156.133635][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.133664][ T1264]  ? __lock_acquire+0x6b5/0x2cf0
[  156.133710][ T1264]  f2fs_write_single_data_page+0xad6/0x18e0
[  156.133762][ T1264]  ? __pfx_f2fs_write_single_data_page+0x10/0x10
[  156.133814][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.133842][ T1264]  ? folio_clear_dirty_for_io+0x573/0x710
[  156.133880][ T1264]  ? folio_clear_dirty_for_io+0x1d4/0x710
[  156.133920][ T1264]  f2fs_write_data_pages+0x1ac1/0x3360
[  156.133993][ T1264]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  156.134041][ T1264]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  156.134136][ T1264]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  156.134187][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.134215][ T1264]  ? __lock_acquire+0x6b5/0x2cf0
[  156.134266][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.134298][ T1264]  ? lock_list_lru_of_memcg+0x2e/0x4c0
[  156.134330][ T1264]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  156.134364][ T1264]  do_writepages+0x32e/0x550
[  156.134408][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.134436][ T1264]  ? reacquire_held_locks+0x104/0x190
[  156.134459][ T1264]  ? writeback_sb_inodes+0x42a/0x1940
[  156.134491][ T1264]  __writeback_single_inode+0x133/0x1230
[  156.134519][ T1264]  ? do_raw_spin_unlock+0xf5/0x210
[  156.134554][ T1264]  writeback_sb_inodes+0x92e/0x1940
[  156.134585][ T1264]  ? unwind_next_frame+0xa5/0x23c0
[  156.134635][ T1264]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  156.134657][ T1264]  ? do_raw_spin_lock+0x12b/0x2f0
[  156.134730][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.134758][ T1264]  ? rcu_is_watching+0x15/0xb0
[  156.134783][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.134822][ T1264]  wb_writeback+0x445/0xad0
[  156.134851][ T1264]  ? queue_io+0x291/0x450
[  156.134884][ T1264]  ? __pfx_wb_writeback+0x10/0x10
[  156.134905][ T1264]  ? do_raw_spin_lock+0x12b/0x2f0
[  156.134953][ T1264]  wb_workfn+0x3f8/0xef0
[  156.134986][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.135014][ T1264]  ? look_up_lock_class+0x57/0x110
[  156.135078][ T1264]  ? __pfx_wb_workfn+0x10/0x10
[  156.135111][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.135143][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.135171][ T1264]  ? do_raw_spin_lock+0x12b/0x2f0
[  156.135199][ T1264]  ? lock_acquire+0x106/0x330
[  156.135236][ T1264]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  156.135268][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.135300][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.135332][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.135367][ T1264]  ? process_scheduled_works+0xa0f/0x17a0
[  156.135408][ T1264]  ? process_scheduled_works+0xa0f/0x17a0
[  156.135449][ T1264]  process_scheduled_works+0xaec/0x17a0
[  156.135521][ T1264]  ? __pfx_process_scheduled_works+0x10/0x10
[  156.135556][ T1264]  ? do_raw_spin_lock+0x12b/0x2f0
[  156.135589][ T1264]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  156.135616][ T1264]  ? schedule+0x90/0x360
[  156.135645][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.135679][ T1264]  worker_thread+0xda6/0x1360
[  156.135737][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.135765][ T1264]  ? __kthread_parkme+0x19c/0x1f0
[  156.135798][ T1264]  kthread+0x726/0x8b0
[  156.135831][ T1264]  ? __pfx_worker_thread+0x10/0x10
[  156.135869][ T1264]  ? __pfx_kthread+0x10/0x10
[  156.135895][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.135930][ T1264]  ? _raw_spin_unlock_irq+0x23/0x50
[  156.135953][ T1264]  ? __pfx_kthread+0x10/0x10
[  156.135984][ T1264]  ret_from_fork+0x51b/0xa40
[  156.136011][ T1264]  ? __pfx_ret_from_fork+0x10/0x10
[  156.136031][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.136060][ T1264]  ? __switch_to+0xc82/0x1410
[  156.136116][ T1264]  ? __pfx_kthread+0x10/0x10
[  156.136146][ T1264]  ret_from_fork_asm+0x1a/0x30
[  156.136201][ T1264]  </TASK>
[  156.647268][ T1264] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  156.655356][ T1264] kworker/u8:6: attempt to access beyond end of device
[  156.655356][ T1264] loop5: rw=2049, sector=45112, nr_sectors = 8 limit=40427
[  156.669412][ T1264] CPU: 1 UID: 0 PID: 1264 Comm: kworker/u8:6 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  156.669448][ T1264] Tainted: [L]=SOFTLOCKUP
[  156.669457][ T1264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  156.669473][ T1264] Workqueue: writeback wb_workfn (flush-7:5)
[  156.669518][ T1264] Call Trace:
[  156.669527][ T1264]  <TASK>
[  156.669537][ T1264]  dump_stack_lvl+0xe8/0x150
[  156.669572][ T1264]  f2fs_handle_critical_error+0x37c/0x540
[  156.669609][ T1264]  f2fs_write_end_io+0xc1d/0xfd0
[  156.669667][ T1264]  __submit_merged_bio+0x256/0x650
[  156.669702][ T1264]  __submit_merged_write_cond+0x269/0x530
[  156.669731][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.669766][ T1264]  f2fs_write_single_data_page+0x13ae/0x18e0
[  156.669817][ T1264]  ? __pfx_f2fs_write_single_data_page+0x10/0x10
[  156.669869][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.669898][ T1264]  ? folio_clear_dirty_for_io+0x573/0x710
[  156.669937][ T1264]  ? folio_clear_dirty_for_io+0x1d4/0x710
[  156.669978][ T1264]  f2fs_write_data_pages+0x1ac1/0x3360
[  156.670050][ T1264]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  156.670099][ T1264]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  156.670183][ T1264]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  156.670234][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.670263][ T1264]  ? __lock_acquire+0x6b5/0x2cf0
[  156.670314][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.670347][ T1264]  ? lock_list_lru_of_memcg+0x2e/0x4c0
[  156.670379][ T1264]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  156.670414][ T1264]  do_writepages+0x32e/0x550
[  156.670457][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.670485][ T1264]  ? reacquire_held_locks+0x104/0x190
[  156.670509][ T1264]  ? writeback_sb_inodes+0x42a/0x1940
[  156.670541][ T1264]  __writeback_single_inode+0x133/0x1230
[  156.670569][ T1264]  ? do_raw_spin_unlock+0xf5/0x210
[  156.670604][ T1264]  writeback_sb_inodes+0x92e/0x1940
[  156.670636][ T1264]  ? unwind_next_frame+0xa5/0x23c0
[  156.670685][ T1264]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  156.670707][ T1264]  ? do_raw_spin_lock+0x12b/0x2f0
[  156.670781][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.670810][ T1264]  ? rcu_is_watching+0x15/0xb0
[  156.670835][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.670874][ T1264]  wb_writeback+0x445/0xad0
[  156.670903][ T1264]  ? queue_io+0x291/0x450
[  156.670936][ T1264]  ? __pfx_wb_writeback+0x10/0x10
[  156.670957][ T1264]  ? do_raw_spin_lock+0x12b/0x2f0
[  156.671005][ T1264]  wb_workfn+0x3f8/0xef0
[  156.671037][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.671089][ T1264]  ? look_up_lock_class+0x57/0x110
[  156.671143][ T1264]  ? __pfx_wb_workfn+0x10/0x10
[  156.671175][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.671208][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.671240][ T1264]  ? do_raw_spin_lock+0x12b/0x2f0
[  156.671267][ T1264]  ? lock_acquire+0x106/0x330
[  156.671304][ T1264]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  156.671337][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.671369][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.671401][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.671436][ T1264]  ? process_scheduled_works+0xa0f/0x17a0
[  156.671474][ T1264]  ? process_scheduled_works+0xa0f/0x17a0
[  156.671515][ T1264]  process_scheduled_works+0xaec/0x17a0
[  156.671586][ T1264]  ? __pfx_process_scheduled_works+0x10/0x10
[  156.671623][ T1264]  ? do_raw_spin_lock+0x12b/0x2f0
[  156.671655][ T1264]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  156.671683][ T1264]  ? schedule+0x90/0x360
[  156.671711][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.671745][ T1264]  worker_thread+0xda6/0x1360
[  156.671803][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.671831][ T1264]  ? __kthread_parkme+0x19c/0x1f0
[  156.671864][ T1264]  kthread+0x726/0x8b0
[  156.671902][ T1264]  ? __pfx_worker_thread+0x10/0x10
[  156.671940][ T1264]  ? __pfx_kthread+0x10/0x10
[  156.671965][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.671999][ T1264]  ? _raw_spin_unlock_irq+0x23/0x50
[  156.672022][ T1264]  ? __pfx_kthread+0x10/0x10
[  156.672051][ T1264]  ret_from_fork+0x51b/0xa40
[  156.672078][ T1264]  ? __pfx_ret_from_fork+0x10/0x10
[  156.672098][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.672133][ T1264]  ? __switch_to+0xc82/0x1410
[  156.672173][ T1264]  ? __pfx_kthread+0x10/0x10
[  156.672202][ T1264]  ret_from_fork_asm+0x1a/0x30
[  156.672255][ T1264]  </TASK>
[  157.092989][ T1264] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  157.301419][ T7558] set_capacity_and_notify: 4 callbacks suppressed
[  157.301440][ T7558] loop2: detected capacity change from 0 to 40427
[  157.543597][ T7558] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  157.576814][ T7558] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  157.581235][ T7578] tipc: Started in network mode
[  157.641626][ T7578] tipc: Node identity ac14140f, cluster identity 4711
[  157.690029][ T7578] tipc: New replicast peer: 255.255.255.255
[  157.724611][ T7578] tipc: Enabled bearer <udp:syz2>, priority 10
[  158.014449][ T7564] loop3: detected capacity change from 0 to 32768
[  158.111678][ T7591] mkiss: ax0: crc mode is auto.
[  158.236435][ T5819] syz-executor: attempt to access beyond end of device
[  158.236435][ T5819] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  158.292063][ T5819] CPU: 0 UID: 0 PID: 5819 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  158.292103][ T5819] Tainted: [L]=SOFTLOCKUP
[  158.292112][ T5819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  158.292126][ T5819] Call Trace:
[  158.292146][ T5819]  <TASK>
[  158.292157][ T5819]  dump_stack_lvl+0xe8/0x150
[  158.292196][ T5819]  f2fs_handle_critical_error+0x37c/0x540
[  158.292237][ T5819]  f2fs_write_end_io+0xc1d/0xfd0
[  158.292294][ T5819]  __submit_merged_bio+0x256/0x650
[  158.292332][ T5819]  __submit_merged_write_cond+0x269/0x530
[  158.292371][ T5819]  f2fs_write_data_pages+0x2806/0x3360
[  158.292448][ T5819]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  158.292546][ T5819]  ? srso_alias_return_thunk+0x5/0xfbef5
[  158.292583][ T5819]  ? srso_alias_return_thunk+0x5/0xfbef5
[  158.292612][ T5819]  ? __lock_acquire+0x6b5/0x2cf0
[  158.292669][ T5819]  ? srso_alias_return_thunk+0x5/0xfbef5
[  158.292698][ T5819]  ? __lock_acquire+0x6b5/0x2cf0
[  158.292746][ T5819]  ? srso_alias_return_thunk+0x5/0xfbef5
[  158.292775][ T5819]  ? do_raw_spin_lock+0x12b/0x2f0
[  158.292812][ T5819]  ? srso_alias_return_thunk+0x5/0xfbef5
[  158.292846][ T5819]  ? srso_alias_return_thunk+0x5/0xfbef5
[  158.292875][ T5819]  ? do_raw_spin_unlock+0xf5/0x210
[  158.292905][ T5819]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  158.292941][ T5819]  do_writepages+0x32e/0x550
[  158.292980][ T5819]  ? srso_alias_return_thunk+0x5/0xfbef5
[  158.293012][ T5819]  ? srso_alias_return_thunk+0x5/0xfbef5
[  158.293046][ T5819]  ? srso_alias_return_thunk+0x5/0xfbef5
[  158.293074][ T5819]  ? do_raw_spin_unlock+0xf5/0x210
[  158.293111][ T5819]  filemap_fdatawrite+0x1e9/0x2f0
[  158.293158][ T5819]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  158.293247][ T5819]  ? srso_alias_return_thunk+0x5/0xfbef5
[  158.293279][ T5819]  ? srso_alias_return_thunk+0x5/0xfbef5
[  158.293314][ T5819]  ? do_raw_spin_unlock+0xf5/0x210
[  158.293350][ T5819]  f2fs_sync_dirty_inodes+0x30e/0x810
[  158.293408][ T5819]  f2fs_write_checkpoint+0x9c6/0x2490
[  158.293486][ T5819]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  158.293520][ T5819]  ? srso_alias_return_thunk+0x5/0xfbef5
[  158.293626][ T5819]  kill_f2fs_super+0x308/0x710
[  158.293671][ T5819]  ? __pfx_kill_f2fs_super+0x10/0x10
[  158.293740][ T5819]  deactivate_locked_super+0xbc/0x130
[  158.293778][ T5819]  cleanup_mnt+0x437/0x4d0
[  158.293812][ T5819]  ? _raw_spin_unlock_irq+0x23/0x50
[  158.293843][ T5819]  task_work_run+0x1d9/0x270
[  158.293881][ T5819]  ? __pfx_task_work_run+0x10/0x10
[  158.293913][ T5819]  ? srso_alias_return_thunk+0x5/0xfbef5
[  158.293956][ T5819]  exit_to_user_mode_loop+0xed/0x480
[  158.293992][ T5819]  ? srso_alias_return_thunk+0x5/0xfbef5
[  158.294021][ T5819]  ? rcu_is_watching+0x15/0xb0
[  158.294051][ T5819]  do_syscall_64+0x2b7/0xf80
[  158.294079][ T5819]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.294102][ T5819]  ? trace_irq_disable+0x37/0x100
[  158.294140][ T5819]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.294165][ T5819] RIP: 0033:0x7fc20f79c117
[  158.294188][ T5819] Code: a2 c7 05 7c c4 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  158.294207][ T5819] RSP: 002b:00007fffc5efd568 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  158.294233][ T5819] RAX: 0000000000000000 RBX: 00007fc20f80471f RCX: 00007fc20f79c117
[  158.294250][ T5819] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffc5efd620
[  158.294265][ T5819] RBP: 00007fffc5efd620 R08: 00007fffc5efe620 R09: 00000000ffffffff
[  158.294283][ T5819] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffc5efe6b0
[  158.294298][ T5819] R13: 00007fc20f80471f R14: 0000000000026903 R15: 00007fffc5efe6f0
[  158.294342][ T5819]  </TASK>
[  158.299979][ T5819] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  158.855147][ T5931] tipc: Node number set to 2886997007
[  159.151212][ T7615] netlink: 4 bytes leftover after parsing attributes in process `syz.3.629'.
[  159.200692][ T7615] netlink: 34 bytes leftover after parsing attributes in process `syz.3.629'.
[  159.202024][ T5896] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  159.450637][ T5896] usb 5-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  159.472798][ T5896] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.491353][ T5896] usb 5-1: Product: syz
[  159.499716][ T5896] usb 5-1: Manufacturer: syz
[  159.505354][ T5896] usb 5-1: SerialNumber: syz
[  159.521107][ T5896] usb 5-1: config 0 descriptor??
[  159.637937][ T7626] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  159.819759][ T7633] loop0: detected capacity change from 0 to 128
[  159.846502][ T7636] loop5: detected capacity change from 0 to 256
[  159.860957][ T7633] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  159.951122][ T5896] usb 5-1: Firmware: major: 149, minor: 125, hardware type: UNKNOWN (228)
[  159.961209][ T7636] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  160.053439][   T31] audit: type=1800 audit(1770434542.045:26): pid=7636 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.638" name="file1" dev="loop5" ino=1048635 res=0 errno=0
[  160.086439][ T7636] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  160.108907][ T7636] FAT-fs (loop5): Filesystem has been set read-only
[  160.125718][   T12] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  160.139901][   T31] audit: type=1800 audit(1770434542.085:27): pid=7636 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.638" name="file1" dev="loop5" ino=1048635 res=0 errno=0
[  160.169628][ T7636] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  160.181242][ T5896] usb 5-1: failed to fetch extended address, random address set
[  160.222441][ T7636] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  160.230470][ T5896] usb 5-1: atusb_probe: initialization failed, error = -524
[  160.249139][ T5896] atusb 5-1:0.0: probe with driver atusb failed with error -524
[  160.262652][ T7636] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  160.312010][ T7636] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  160.343983][ T5896] usb 5-1: USB disconnect, device number 5
[  160.391198][ T7636] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  160.431701][ T7636] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  160.471789][ T7636] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  160.510071][ T7636] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  160.550542][ T7636] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  160.581377][ T7636] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  160.612790][ T7636] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  160.652020][ T7636] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  160.655916][ T7652] loop1: detected capacity change from 0 to 256
[  160.671472][ T7636] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  160.713870][ T7652] exfat: Deprecated parameter 'namecase'
[  160.719567][ T7652] exfat: Deprecated parameter 'namecase'
[  160.732047][ T7636] FAT-fs (loop5): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  160.772024][ T7652] exfat: Deprecated parameter 'utf8'
[  160.856287][ T7652] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  160.879268][ T7628] loop3: detected capacity change from 0 to 40427
[  160.918624][ T7628] F2FS-fs (loop3): Invalid log blocks per segment (4278190089)
[  160.942615][ T7628] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  160.966735][ T7628] F2FS-fs (loop3): invalid crc value
[  161.152065][ T5931] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  161.215844][ T7666] loop0: detected capacity change from 0 to 1024
[  161.253083][ T7666] EXT4-fs: Ignoring removed nomblk_io_submit option
[  161.310668][ T7628] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  161.337351][ T7669] loop2: detected capacity change from 0 to 2048
[  161.362202][ T5931] usb 5-1: Using ep0 maxpacket: 8
[  161.375991][ T7666] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  161.414733][ T5931] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  161.449025][ T7666] System zones: 0-1, 3-36
[  161.455473][ T5931] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  161.471450][ T7628] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  161.486809][ T7666] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.522000][ T7628] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  161.529592][ T5931] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  161.543033][ T7669]  loop2: p4 < >
[  161.568087][ T5931] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  161.571595][ T5187]  loop2: p4 < >
[  161.588812][ T7677] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  161.616351][ T5896] IPVS: starting estimator thread 0...
[  161.650905][ T5931] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  161.683906][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.727738][ T7680] IPVS: using max 26 ests per chain, 62400 per kthread
[  161.736662][ T5931] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  161.743123][ T7628] F2FS-fs (loop3): Corrupted max_depth of 3: 255
[  161.746538][ T5931] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  161.784403][ T7628] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  161.821196][ T5931] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  161.863442][ T5931] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  161.867462][ T6080] udevd[6080]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  161.877998][ T5931] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  161.902425][ T5931] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  161.920221][ T5931] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  161.955890][ T5931] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  161.993635][   T24] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  162.004441][ T5931] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  162.030952][ T7689] loop1: detected capacity change from 0 to 1024
[  162.038670][ T5931] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  162.048468][ T6080] udevd[6080]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  162.057117][ T5931] usb 5-1: string descriptor 0 read error: -22
[  162.126736][ T5931] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  162.152413][   T24] usb 6-1: Using ep0 maxpacket: 16
[  162.167202][   T24] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  162.183528][ T5931] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.200691][   T24] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  162.232060][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[  162.258586][   T24] usb 6-1: New USB device found, idVendor=05ac, idProduct=0247, bcdDevice= 0.00
[  162.298016][ T5931] adutux 5-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  162.310543][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.346048][   T24] usb 6-1: config 0 descriptor??
[  162.460052][ T5931] usb 5-1: USB disconnect, device number 6
[  162.684796][ T7698] loop2: detected capacity change from 0 to 128
[  162.746799][ T7698] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  162.762759][ T7698] ext4 filesystem being mounted at /99/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  162.795805][ T7702] syzkaller1: entered promiscuous mode
[  162.801313][ T7702] syzkaller1: entered allmulticast mode
[  162.829798][   T24] apple 0003:05AC:0247.0006: unexpected long global item
[  162.851990][ T5896] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  162.876401][   T24] apple 0003:05AC:0247.0006: parse failed
[  162.903733][   T24] apple 0003:05AC:0247.0006: probe with driver apple failed with error -22
[  162.923068][ T5819] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  163.007865][ T5896] usb 2-1: Using ep0 maxpacket: 32
[  163.020299][ T5896] usb 2-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  163.020682][   T30] usb 6-1: USB disconnect, device number 5
[  163.049406][ T5896] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.099116][ T5896] usb 2-1: config 0 descriptor??
[  163.330891][ T5896] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  163.388596][ T5896] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  163.414888][ T5896] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  163.442050][ T5896] usb 2-1: media controller created
[  163.511553][ T5896] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  163.622325][ T5896] az6027: usb out operation failed. (-71)
[  163.653590][ T5896] az6027: usb out operation failed. (-71)
[  163.682574][ T5896] stb0899_attach: Driver disabled by Kconfig
[  163.706389][ T5896] az6027: no front-end attached
[  163.706389][ T5896] 
[  163.728004][ T5896] az6027: usb out operation failed. (-71)
[  163.751460][ T5896] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  163.795176][ T5896] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input9
[  163.836410][ T5896] dvb-usb: schedule remote query interval to 400 msecs.
[  163.847674][ T5896] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  163.882603][ T5896] usb 2-1: USB disconnect, device number 5
[  163.902286][ T7728] loop5: detected capacity change from 0 to 4096
[  163.923656][ T7731] binder: 7730:7731 ioctl 0 0 returned -22
[  163.988659][ T7729] loop0: detected capacity change from 0 to 4096
[  164.001736][ T7729] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512).
[  164.004324][ T7728] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.111598][   T31] audit: type=1800 audit(1770434546.105:28): pid=7728 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.674" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop5" ino=18 res=0 errno=0
[  164.167903][ T7734] loop4: detected capacity change from 0 to 2048
[  164.189045][ T5896] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  164.222826][ T7729] ntfs3(loop0): ino=b, mi_enum_attr
[  164.228097][ T7729] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  164.233220][ T7737] loop2: detected capacity change from 0 to 256
[  164.269449][ T7734] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  164.323426][ T7729] ntfs3(loop0): Failed to load $Extend (-22).
[  164.339776][ T7729] ntfs3(loop0): Failed to initialize $Extend.
[  164.371633][ T5820] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.511196][ T7737] FAT-fs (loop2): Directory bread(block 64) failed
[  164.559270][ T7737] FAT-fs (loop2): Directory bread(block 65) failed
[  164.599034][ T7737] FAT-fs (loop2): Directory bread(block 66) failed
[  164.636530][ T7734] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  164.654295][ T7737] FAT-fs (loop2): Directory bread(block 67) failed
[  164.661371][ T7737] FAT-fs (loop2): Directory bread(block 68) failed
[  164.668956][ T7737] FAT-fs (loop2): Directory bread(block 69) failed
[  164.712105][ T7734] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 408 with error 28
[  164.734105][ T7737] FAT-fs (loop2): Directory bread(block 70) failed
[  164.755750][ T5896] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  164.770822][ T7737] FAT-fs (loop2): Directory bread(block 71) failed
[  164.782023][ T7734] EXT4-fs (loop4): This should not happen!! Data will be lost
[  164.782023][ T7734] 
[  164.822102][ T7737] FAT-fs (loop2): Directory bread(block 72) failed
[  164.823794][ T7734] EXT4-fs (loop4): Total free blocks count 0
[  164.835835][ T7737] FAT-fs (loop2): Directory bread(block 73) failed
[  164.890699][ T7734] EXT4-fs (loop4): Free/Dirty block details
[  164.921980][ T5896] usb 2-1: Using ep0 maxpacket: 8
[  164.930403][ T5896] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  164.942204][ T5896] usb 2-1: config 179 has no interface number 0
[  164.950226][ T7734] EXT4-fs (loop4): free_blocks=2415919104
[  164.959417][ T5896] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  164.981272][ T7734] EXT4-fs (loop4): dirty_blocks=416
[  165.001122][ T7734] EXT4-fs (loop4): Block reservation details
[  165.014099][ T5896] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  165.032012][ T7734] EXT4-fs (loop4): i_reserved_data_blocks=26
[  165.047312][ T5896] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  165.089268][ T5896] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  165.119229][ T5896] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  165.153912][ T5896] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  165.166151][ T7756] loop0: detected capacity change from 0 to 512
[  165.172973][ T5896] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.232732][ T7756] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.289453][ T7756] ext4 filesystem being mounted at /129/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  165.292631][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  165.338277][ T7741] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  165.505826][ T7756] EXT4-fs error (device loop0): ext4_empty_dir:3078: inode #12: comm syz.0.684: Directory hole found for htree leaf block 0
[  165.600421][ T7756] EXT4-fs (loop0): Remounting filesystem read-only
[  165.621962][ T5931] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  165.685008][ T5896] input: Generic X-Box pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input10
[  165.743532][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.803368][   T12] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  165.827008][ T5931] usb 3-1: Using ep0 maxpacket: 8
[  165.845687][ T5931] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  165.861991][   T12] Quota error (device loop0): write_blk: dquota write failed
[  165.872341][ T5931] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  165.889403][   T12] Quota error (device loop0): free_dqentry: Can't write quota data block 5
[  165.899007][ T5931] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  165.903932][ T5896] usb 2-1: USB disconnect, device number 6
[  165.908806][    C0] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  165.908858][    C0] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  165.962261][ T5931] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  165.973490][ T7771] loop3: detected capacity change from 0 to 1024
[  165.993341][ T7771] EXT4-fs: Ignoring removed bh option
[  166.004383][ T5931] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  166.072944][ T5931] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  166.111637][ T5931] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  166.129202][ T7771] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.264865][   T31] audit: type=1800 audit(1770434548.265:29): pid=7771 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.691" name="file1" dev="loop3" ino=15 res=0 errno=0
[  166.388184][ T5931] usb 3-1: usb_control_msg returned -32
[  166.405118][ T5931] usbtmc 3-1:16.0: can't read capabilities
[  166.533231][ T5837] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.556852][ T7786] loop0: detected capacity change from 0 to 1024
[  166.621545][ T7786] hfsplus: invalid length 256 has been corrected to 255
[  166.655777][ T7786] hfsplus: invalid length 256 has been corrected to 255
[  166.712203][ T7791] hfsplus: invalid length 256 has been corrected to 255
[  166.732349][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  166.740937][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  166.813403][ T7793] usbtmc 3-1:16.0: INDICATOR_PULSE returned 0
[  166.824261][ T7794] loop5: detected capacity change from 0 to 1024
[  166.875367][ T7794] hfsplus: invalid length 32517 has been corrected to 255
[  166.900282][ T5940] hfsplus: b-tree write err: -5, ino 4
[  166.946222][ T5940] hfsplus: invalid length 256 has been corrected to 255
[  167.024166][ T5924] usb 3-1: USB disconnect, device number 5
[  167.483410][ T7811] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  167.520690][ T5896] IPVS: starting estimator thread 0...
[  167.640049][ T7816] loop4: detected capacity change from 0 to 64
[  167.663252][ T7814] IPVS: using max 27 ests per chain, 64800 per kthread
[  167.824023][ T7825] loop0: detected capacity change from 0 to 128
[  167.950519][ T7825] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  167.991987][ T5896] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  168.042460][ T7825] ext4 filesystem being mounted at /134/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  168.182178][ T5896] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  168.199094][ T5896] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  168.210118][ T7801] loop1: detected capacity change from 0 to 32768
[  168.225962][ T5896] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  168.239792][ T7801] (syz.1.703,7801,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  168.245490][ T5896] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  168.272352][ T5896] usb 5-1: SerialNumber: syz
[  168.277641][ T5828] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  168.298553][ T7801] (syz.1.703,7801,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  168.334609][ T7801] JBD2: Ignoring recovery information on journal
[  168.509579][ T5896] usb 5-1: 0:2 : does not exist
[  168.515480][ T7801] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  168.570508][ T7841] netlink: 8 bytes leftover after parsing attributes in process `syz.0.715'.
[  168.633363][ T5896] usb 5-1: USB disconnect, device number 7
[  168.798702][ T6303] udevd[6303]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  168.880310][ T7845] loop2: detected capacity change from 0 to 256
[  168.957591][ T5831] ocfs2: Unmounting device (7,1) on (node local)
[  169.028235][ T7845] FAT-fs (loop2): Directory bread(block 64) failed
[  169.063520][ T7845] FAT-fs (loop2): Directory bread(block 65) failed
[  169.092388][ T7845] FAT-fs (loop2): Directory bread(block 66) failed
[  169.111312][ T7826] loop3: detected capacity change from 0 to 40427
[  169.131107][ T7845] FAT-fs (loop2): Directory bread(block 67) failed
[  169.149799][ T7826] F2FS-fs (loop3): invalid crc value
[  169.155655][ T7845] FAT-fs (loop2): Directory bread(block 68) failed
[  169.155713][ T7845] FAT-fs (loop2): Directory bread(block 69) failed
[  169.155813][ T7845] FAT-fs (loop2): Directory bread(block 70) failed
[  169.155842][ T7845] FAT-fs (loop2): Directory bread(block 71) failed
[  169.155924][ T7845] FAT-fs (loop2): Directory bread(block 72) failed
[  169.155953][ T7845] FAT-fs (loop2): Directory bread(block 73) failed
[  169.486902][ T7826] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  169.492146][ T7854] gretap0: entered promiscuous mode
[  169.548058][ T7826] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  169.666501][ T7826] syz.3.711: attempt to access beyond end of device
[  169.666501][ T7826] loop3: rw=2049, sector=77824, nr_sectors = 136 limit=40427
[  169.824936][ T7861] netlink: 212 bytes leftover after parsing attributes in process `syz.2.724'.
[  169.876040][ T5837] syz-executor: attempt to access beyond end of device
[  169.876040][ T5837] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  169.901269][ T5837] CPU: 1 UID: 0 PID: 5837 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  169.901309][ T5837] Tainted: [L]=SOFTLOCKUP
[  169.901318][ T5837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  169.901333][ T5837] Call Trace:
[  169.901343][ T5837]  <TASK>
[  169.901352][ T5837]  dump_stack_lvl+0xe8/0x150
[  169.901392][ T5837]  f2fs_handle_critical_error+0x37c/0x540
[  169.901439][ T5837]  f2fs_write_end_io+0xc1d/0xfd0
[  169.901493][ T5837]  __submit_merged_bio+0x256/0x650
[  169.901530][ T5837]  __submit_merged_write_cond+0x269/0x530
[  169.901568][ T5837]  f2fs_write_data_pages+0x2806/0x3360
[  169.901640][ T5837]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  169.901690][ T5837]  ? srso_alias_return_thunk+0x5/0xfbef5
[  169.901720][ T5837]  ? css_rstat_updated+0x23a/0x530
[  169.901782][ T5837]  ? srso_alias_return_thunk+0x5/0xfbef5
[  169.901811][ T5837]  ? rcu_is_watching+0x15/0xb0
[  169.901838][ T5837]  ? srso_alias_return_thunk+0x5/0xfbef5
[  169.901871][ T5837]  ? mod_memcg_lruvec_state+0x1b8/0x320
[  169.901909][ T5837]  ? srso_alias_return_thunk+0x5/0xfbef5
[  169.901938][ T5837]  ? lru_gen_update_size+0x7c9/0xd10
[  169.901985][ T5837]  ? srso_alias_return_thunk+0x5/0xfbef5
[  169.902012][ T5837]  ? __lock_acquire+0x6b5/0x2cf0
[  169.902083][ T5837]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  169.902119][ T5837]  do_writepages+0x32e/0x550
[  169.902157][ T5837]  ? srso_alias_return_thunk+0x5/0xfbef5
[  169.902189][ T5837]  ? srso_alias_return_thunk+0x5/0xfbef5
[  169.902223][ T5837]  ? srso_alias_return_thunk+0x5/0xfbef5
[  169.902251][ T5837]  ? do_raw_spin_unlock+0xf5/0x210
[  169.902287][ T5837]  filemap_fdatawrite+0x1e9/0x2f0
[  169.902329][ T5837]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  169.902413][ T5837]  ? srso_alias_return_thunk+0x5/0xfbef5
[  169.902445][ T5837]  ? srso_alias_return_thunk+0x5/0xfbef5
[  169.902479][ T5837]  ? do_raw_spin_unlock+0xf5/0x210
[  169.902514][ T5837]  f2fs_sync_dirty_inodes+0x30e/0x810
[  169.902568][ T5837]  f2fs_write_checkpoint+0x9c6/0x2490
[  169.902639][ T5837]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  169.902673][ T5837]  ? srso_alias_return_thunk+0x5/0xfbef5
[  169.902765][ T5837]  kill_f2fs_super+0x308/0x710
[  169.902808][ T5837]  ? __pfx_kill_f2fs_super+0x10/0x10
[  169.902871][ T5837]  deactivate_locked_super+0xbc/0x130
[  169.902909][ T5837]  cleanup_mnt+0x437/0x4d0
[  169.902943][ T5837]  ? _raw_spin_unlock_irq+0x23/0x50
[  169.902973][ T5837]  task_work_run+0x1d9/0x270
[  169.903010][ T5837]  ? __pfx_task_work_run+0x10/0x10
[  169.903043][ T5837]  ? srso_alias_return_thunk+0x5/0xfbef5
[  169.903083][ T5837]  exit_to_user_mode_loop+0xed/0x480
[  169.903119][ T5837]  ? srso_alias_return_thunk+0x5/0xfbef5
[  169.903148][ T5837]  ? rcu_is_watching+0x15/0xb0
[  169.903177][ T5837]  do_syscall_64+0x2b7/0xf80
[  169.903205][ T5837]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.903229][ T5837]  ? trace_irq_disable+0x37/0x100
[  169.903262][ T5837]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.903287][ T5837] RIP: 0033:0x7f3b0339c117
[  169.903308][ T5837] Code: a2 c7 05 7c c4 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  169.903329][ T5837] RSP: 002b:00007ffe90e0fa88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  169.903356][ T5837] RAX: 0000000000000000 RBX: 00007f3b0340471f RCX: 00007f3b0339c117
[  169.903373][ T5837] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe90e0fb40
[  169.903389][ T5837] RBP: 00007ffe90e0fb40 R08: 00007ffe90e10b40 R09: 00000000ffffffff
[  169.903412][ T5837] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe90e10bd0
[  169.903428][ T5837] R13: 00007f3b0340471f R14: 0000000000029729 R15: 00007ffe90e10c10
[  169.903467][ T5837]  </TASK>
[  170.280684][ T5837] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  170.524223][ T7843] loop5: detected capacity change from 0 to 40427
[  170.589772][ T7843] F2FS-fs (loop5): invalid crc value
[  170.720272][ T7877] loop1: detected capacity change from 0 to 64
[  170.907627][ T7843] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  170.982963][ T7843] F2FS-fs (loop5): Start checkpoint disabled!
[  171.007544][ T7879] overlayfs: failed to decode file handle (len=6, type=248, flags=0, err=-61)
[  171.037288][ T7843] F2FS-fs (loop5): f2fs_disable_checkpoint() finish, err:0
[  171.122284][ T7843] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  171.195272][ T7886] loop0: detected capacity change from 0 to 512
[  171.258687][ T7886] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  171.381609][ T7886] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.459969][ T1264] kworker/u8:6: attempt to access beyond end of device
[  171.459969][ T1264] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  171.488430][ T7895] loop1: detected capacity change from 0 to 64
[  171.495137][ T7886] ext4 filesystem being mounted at /140/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  171.561537][ T1264] CPU: 1 UID: 0 PID: 1264 Comm: kworker/u8:6 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  171.561578][ T1264] Tainted: [L]=SOFTLOCKUP
[  171.561587][ T1264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  171.561603][ T1264] Workqueue: writeback wb_workfn (flush-7:5)
[  171.561651][ T1264] Call Trace:
[  171.561660][ T1264]  <TASK>
[  171.561670][ T1264]  dump_stack_lvl+0xe8/0x150
[  171.561706][ T1264]  f2fs_handle_critical_error+0x37c/0x540
[  171.561747][ T1264]  f2fs_write_end_io+0xc1d/0xfd0
[  171.561798][ T1264]  __submit_merged_bio+0x256/0x650
[  171.561833][ T1264]  __submit_merged_write_cond+0x269/0x530
[  171.561875][ T1264]  f2fs_write_data_pages+0x2806/0x3360
[  171.561947][ T1264]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  171.561997][ T1264]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  171.562072][ T1264]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  171.562122][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  171.562161][ T1264]  ? __lock_acquire+0x6b5/0x2cf0
[  171.562214][ T1264]  ? set_shrinker_bit+0x7c/0x350
[  171.562246][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  171.562279][ T1264]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  171.562314][ T1264]  do_writepages+0x32e/0x550
[  171.562357][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  171.562385][ T1264]  ? reacquire_held_locks+0x104/0x190
[  171.562409][ T1264]  ? writeback_sb_inodes+0x42a/0x1940
[  171.562442][ T1264]  __writeback_single_inode+0x133/0x1230
[  171.562470][ T1264]  ? do_raw_spin_unlock+0xf5/0x210
[  171.562505][ T1264]  writeback_sb_inodes+0x92e/0x1940
[  171.562550][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  171.562589][ T1264]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  171.562611][ T1264]  ? do_raw_spin_lock+0x12b/0x2f0
[  171.562685][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  171.562714][ T1264]  ? rcu_is_watching+0x15/0xb0
[  171.562739][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  171.562778][ T1264]  wb_writeback+0x445/0xad0
[  171.562808][ T1264]  ? queue_io+0x291/0x450
[  171.562840][ T1264]  ? __pfx_wb_writeback+0x10/0x10
[  171.562862][ T1264]  ? do_raw_spin_lock+0x12b/0x2f0
[  171.562909][ T1264]  wb_workfn+0x3f8/0xef0
[  171.562944][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  171.562973][ T1264]  ? look_up_lock_class+0x57/0x110
[  171.563022][ T1264]  ? __pfx_wb_workfn+0x10/0x10
[  171.563055][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  171.563086][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  171.563119][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  171.563155][ T1264]  ? do_raw_spin_unlock+0xf5/0x210
[  171.563192][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  171.563224][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  171.563256][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  171.563291][ T1264]  ? process_scheduled_works+0xa0f/0x17a0
[  171.563330][ T1264]  ? process_scheduled_works+0xa0f/0x17a0
[  171.563371][ T1264]  process_scheduled_works+0xaec/0x17a0
[  171.563442][ T1264]  ? __pfx_process_scheduled_works+0x10/0x10
[  171.563479][ T1264]  ? do_raw_spin_lock+0x12b/0x2f0
[  171.563511][ T1264]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  171.563539][ T1264]  ? schedule+0x90/0x360
[  171.563567][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  171.563602][ T1264]  worker_thread+0xda6/0x1360
[  171.563660][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  171.563689][ T1264]  ? __kthread_parkme+0x19c/0x1f0
[  171.563722][ T1264]  kthread+0x726/0x8b0
[  171.563754][ T1264]  ? __pfx_worker_thread+0x10/0x10
[  171.563793][ T1264]  ? __pfx_kthread+0x10/0x10
[  171.563819][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  171.563854][ T1264]  ? _raw_spin_unlock_irq+0x23/0x50
[  171.563878][ T1264]  ? __pfx_kthread+0x10/0x10
[  171.563908][ T1264]  ret_from_fork+0x51b/0xa40
[  171.563935][ T1264]  ? __pfx_ret_from_fork+0x10/0x10
[  171.563955][ T1264]  ? srso_alias_return_thunk+0x5/0xfbef5
[  171.563985][ T1264]  ? __switch_to+0xc82/0x1410
[  171.564025][ T1264]  ? __pfx_kthread+0x10/0x10
[  171.564055][ T1264]  ret_from_fork_asm+0x1a/0x30
[  171.564111][ T1264]  </TASK>
[  172.016785][ T7875] loop4: detected capacity change from 0 to 32768
[  172.033247][ T7875] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.731 (7875)
[  172.082877][ T1264] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  172.112712][ T7875] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  172.142240][ T7875] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  172.244222][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.447218][ T7875] BTRFS info (device loop4): enabling ssd optimizations
[  172.486522][ T7875] BTRFS info (device loop4): turning on async discard
[  172.493884][ T7875] BTRFS info (device loop4): enabling free space tree
[  172.561995][   T30] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  172.768253][   T30] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  172.798079][   T30] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  172.836112][   T30] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  172.847175][ T5833] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  172.865644][   T30] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  172.902100][   T30] usb 3-1: Manufacturer: syz
[  172.988377][   T30] usb 3-1: config 0 descriptor??
[  173.425141][ T7944] loop4: detected capacity change from 0 to 1024
[  173.435258][   T30] pyra 0003:1E7D:2CF6.0007: unknown main item tag 0x0
[  173.474790][   T30] pyra 0003:1E7D:2CF6.0007: unknown main item tag 0x0
[  173.502758][   T30] pyra 0003:1E7D:2CF6.0007: unknown main item tag 0x0
[  173.513655][   T30] pyra 0003:1E7D:2CF6.0007: unknown main item tag 0x0
[  173.562416][   T30] pyra 0003:1E7D:2CF6.0007: unknown main item tag 0x0
[  173.582084][   T30] pyra 0003:1E7D:2CF6.0007: unknown main item tag 0x0
[  173.607778][   T30] pyra 0003:1E7D:2CF6.0007: unknown main item tag 0x0
[  173.672453][   T30] pyra 0003:1E7D:2CF6.0007: hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[  173.721607][   T30] pyra 0003:1E7D:2CF6.0007: couldn't init struct pyra_device
[  173.756739][   T30] pyra 0003:1E7D:2CF6.0007: couldn't install mouse
[  173.800146][   T30] pyra 0003:1E7D:2CF6.0007: probe with driver pyra failed with error -71
[  173.880529][   T30] usb 3-1: USB disconnect, device number 6
[  174.012061][ T5931] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  174.145286][ T7957] fido_id[7957]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  174.192537][ T5931] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  174.224020][ T5931] usb 6-1: config 0 has no interfaces?
[  174.230596][ T5931] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  174.255282][ T5931] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.355045][ T5931] usb 6-1: config 0 descriptor??
[  174.484387][ T7940] loop0: detected capacity change from 0 to 32768
[  174.506896][ T7940] 
[  174.506896][ T7940]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  174.506896][ T7940] 
[  174.567564][ T5931] usb 6-1: USB disconnect, device number 6
[  174.612924][ T7940] ERROR: (device loop0): dbReAlloc: the block is outside the filesystem
[  174.612924][ T7940] 
[  174.689044][ T7940] ERROR: (device loop0): remounting filesystem as read-only
[  174.715335][ T7940] jfs_create: dtInsert returned -EIO
[  174.733200][ T7940] ERROR: (device loop0): jfs_create: 
[  174.733200][ T7940] 
[  174.993796][ T5830] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  175.002861][ T5830] Bluetooth: hci2: Injecting HCI hardware error event
[  175.011474][ T5836] Bluetooth: hci2: hardware error 0x00
[  175.421668][ T7973] loop1: detected capacity change from 0 to 32768
[  175.484677][ T7973] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[  175.492695][ T5931] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  175.515211][ T7973] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  175.562027][  T793] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  175.663411][ T5931] usb 4-1: too many configurations: 9, using maximum allowed: 8
[  175.665093][ T7973] XFS (loop1): Ending clean mount
[  175.674017][ T5931] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  175.687384][ T5931] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  175.698655][ T5931] usb 4-1: config 0 interface 0 has no altsetting 0
[  175.720776][ T5931] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  175.744034][ T5931] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  175.746696][  T793] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  175.772313][ T7973] XFS (loop1): Quotacheck needed: Please wait.
[  175.778094][ T5931] usb 4-1: config 0 interface 0 has no altsetting 0
[  175.814057][  T793] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  175.820093][ T5931] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  175.847337][ T5931] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  175.863446][ T7973] XFS (loop1): Quotacheck: Done.
[  175.882123][ T5931] usb 4-1: config 0 interface 0 has no altsetting 0
[  175.892598][  T793] usb 6-1: config 0 descriptor??
[  175.893692][ T5931] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  175.922037][ T5931] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  175.925766][  T793] cp210x 6-1:0.0: cp210x converter detected
[  175.948128][ T5931] usb 4-1: config 0 interface 0 has no altsetting 0
[  175.991717][ T5931] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  176.012210][ T5931] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  176.041355][ T5931] usb 4-1: config 0 interface 0 has no altsetting 0
[  176.045367][ T8009] overlayfs: failed to decode file handle (len=5, type=251, flags=0, err=-22)
[  176.060498][ T5931] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  176.073919][ T5931] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  176.119603][ T5931] usb 4-1: config 0 interface 0 has no altsetting 0
[  176.134696][ T5931] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  176.153862][ T5931] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  176.171268][ T5831] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  176.174305][ T5931] usb 4-1: config 0 interface 0 has no altsetting 0
[  176.188081][ T5931] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  176.197492][ T5931] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  176.212317][ T5931] usb 4-1: config 0 interface 0 has no altsetting 0
[  176.221072][ T5931] usb 4-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  176.238340][ T5931] usb 4-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  176.247661][ T5931] usb 4-1: Product: syz
[  176.262414][ T5931] usb 4-1: Manufacturer: syz
[  176.273725][ T5931] usb 4-1: SerialNumber: syz
[  176.289541][ T5931] usb 4-1: config 0 descriptor??
[  176.323969][ T8013] loop0: detected capacity change from 0 to 1024
[  176.330155][  T793] cp210x 6-1:0.0: failed to get vendor val 0x0010 size 3: -32
[  176.331697][ T5931] yurex 4-1:0.0: USB YUREX device now attached to Yurex #0
[  176.392447][  T793] cp210x 6-1:0.0: GPIO initialisation failed: -524
[  176.416600][ T8013] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.431488][  T793] usb 6-1: cp210x converter now attached to ttyUSB0
[  176.501255][   T31] audit: type=1800 audit(1770434558.495:30): pid=8013 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.781" name="file1" dev="loop0" ino=15 res=0 errno=0
[  176.666960][ T5931] usb 6-1: USB disconnect, device number 7
[  176.736965][ T5931] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  176.760049][ T5931] cp210x 6-1:0.0: device disconnected
[  176.786202][    C1] usb 4-1: yurex_control_callback - control failed: -71
[  176.786586][ T5896] usb 4-1: USB disconnect, device number 6
[  176.835249][ T5896] yurex 4-1:0.0: USB YUREX #0 now disconnected
[  176.860507][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.158291][ T8023] loop2: detected capacity change from 0 to 1024
[  177.232049][ T5836] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  177.245589][ T8025] vlan2: entered allmulticast mode
[  177.269005][ T8025] vlan0: entered allmulticast mode
[  177.309117][ T8025] veth0_vlan: entered allmulticast mode
[  177.416159][ T8027] loop1: detected capacity change from 0 to 2048
[  177.458939][ T8027] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  177.471791][ T5940] hfsplus: b-tree write err: -5, ino 4
[  177.672395][ T5910] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  177.841973][ T5910] usb 6-1: Using ep0 maxpacket: 32
[  177.862640][ T5910] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  177.890334][ T5910] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  177.904760][ T5940] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  177.908822][ T5910] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  177.929413][ T5910] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.939070][ T5940] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  177.949472][ T8040] xt_CT: No such helper "snmp_trap"
[  177.954680][ T5940] EXT4-fs (loop1): This should not happen!! Data will be lost
[  177.954680][ T5940] 
[  177.983864][ T5910] usb 6-1: config 0 descriptor??
[  177.991246][ T5940] EXT4-fs (loop1): Total free blocks count 0
[  178.012527][ T5940] EXT4-fs (loop1): Free/Dirty block details
[  178.018473][ T5940] EXT4-fs (loop1): free_blocks=4096
[  178.055950][ T5940] EXT4-fs (loop1): dirty_blocks=512
[  178.061183][ T5940] EXT4-fs (loop1): Block reservation details
[  178.085662][ T5940] EXT4-fs (loop1): i_reserved_data_blocks=32
[  178.110625][  T151] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 480 with error 28
[  178.144069][ T8035] loop4: detected capacity change from 0 to 32768
[  178.245507][ T8035] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  178.396520][ T8035] XFS (loop4): Ending clean mount
[  178.456390][ T8035] XFS (loop4): Quotacheck needed: Please wait.
[  178.505941][ T5910] savu 0003:1E7D:2D5A.0008: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.5-1/input0
[  178.523474][ T8035] XFS (loop4): Quotacheck: Done.
[  178.630596][ T8069] loop3: detected capacity change from 0 to 512
[  178.677895][ T8069] EXT4-fs (loop3): orphan cleanup on readonly fs
[  178.728786][ T8069] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[  178.753497][ T5833] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  178.776463][ T5931] usb 6-1: USB disconnect, device number 8
[  178.777969][ T8069] EXT4-fs (loop3): 1 truncate cleaned up
[  178.823199][ T8069] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  178.876254][ T8074] macvtap1: entered promiscuous mode
[  178.898195][ T8074] dummy0: entered promiscuous mode
[  178.906424][ T8074] team0: Device macvtap1 failed to register rx_handler
[  178.933045][ T8074] dummy0: left promiscuous mode
[  178.999940][ T5837] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.333770][ T8080] loop4: detected capacity change from 0 to 64
[  179.379966][ T8080] BFS-fs: bfs_fill_super(): loop4 is unclean, continuing
[  179.434901][ T8082] loop2: detected capacity change from 0 to 256
[  179.483426][ T8082] exfat: Deprecated parameter 'namecase'
[  179.539637][ T8082] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf4419509, utbl_chksum : 0xe619d30d)
[  179.732036][  T793] usb 4-1: new full-speed USB device number 7 using dummy_hcd
[  179.955120][  T793] usb 4-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  179.991941][  T793] usb 4-1: config 0 interface 0 has no altsetting 0
[  179.998603][  T793] usb 4-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00
[  180.041938][  T793] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.123179][  T793] usb 4-1: config 0 descriptor??
[  180.129252][ T8085] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  180.211229][ T8108] loop2: detected capacity change from 0 to 2048
[  180.236701][ T8108] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  180.268567][ T8108] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  180.293705][ T8108] UDF-fs: Scanning with blocksize 512 failed
[  180.321531][ T8108] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  180.626367][  T793] samsung 0003:0419:0600.0009: unknown main item tag 0x0
[  180.646006][  T793] samsung 0003:0419:0600.0009: unknown main item tag 0x0
[  180.701977][  T793] samsung 0003:0419:0600.0009: unknown main item tag 0x0
[  180.720589][  T793] samsung 0003:0419:0600.0009: unknown main item tag 0x0
[  180.784797][  T793] samsung 0003:0419:0600.0009: unknown main item tag 0x0
[  180.837924][  T793] samsung 0003:0419:0600.0009: hidraw0: USB HID v0.04 Device [HID 0419:0600] on usb-dummy_hcd.3-1/input0
[  180.912721][  T793] usb 4-1: USB disconnect, device number 7
[  181.100565][ T8118] fido_id[8118]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  181.160095][ T8125] loop5: detected capacity change from 0 to 64
[  181.190502][   T31] audit: type=1800 audit(1770434563.185:31): pid=8125 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.820" name="file1" dev="loop5" ino=5 res=0 errno=0
[  181.191333][ T8127] loop0: detected capacity change from 0 to 512
[  181.275240][ T8125] Trying to free block not in datazone
[  181.295547][   T31] audit: type=1800 audit(1770434563.215:32): pid=8125 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.820" name="file1" dev="loop5" ino=5 res=0 errno=0
[  181.351604][ T8104] loop1: detected capacity change from 0 to 32768
[  181.412802][ T8104] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[  181.425148][ T8104] XFS (loop1): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  181.574085][ T8127] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  181.622166][ T8127] ext4 filesystem being mounted at /157/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  181.656198][ T8129] loop4: detected capacity change from 0 to 4096
[  181.681452][ T8104] XFS (loop1): Ending clean mount
[  181.705860][ T8129] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512).
[  181.717702][   T31] audit: type=1800 audit(1770434563.705:33): pid=8127 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.821" name="file2" dev="loop0" ino=16 res=0 errno=0
[  181.779511][ T8104] XFS (loop1): Quotacheck needed: Please wait.
[  181.870926][ T8104] XFS (loop1): Quotacheck: Done.
[  181.969317][ T5828] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.046548][ T5831] XFS (loop1): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  182.119945][ T8143] loop3: detected capacity change from 0 to 8192
[  182.593809][ T8157] block nbd4: shutting down sockets
[  182.811513][ T8163] loop3: detected capacity change from 0 to 512
[  182.906056][ T8163] EXT4-fs error (device loop3): ext4_xattr_inode_iget:437: comm syz.3.834: Parent and EA inode have the same ino 15
[  183.051517][ T8168] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  183.085037][ T8163] EXT4-fs error (device loop3): ext4_xattr_inode_iget:437: comm syz.3.834: Parent and EA inode have the same ino 15
[  183.197657][ T8163] EXT4-fs (loop3): 1 orphan inode deleted
[  183.210103][ T8163] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  183.397301][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.530332][ T5837] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.540652][ T8186] netlink: 36 bytes leftover after parsing attributes in process `syz.2.840'.
[  184.077196][ T8200] set_capacity_and_notify: 1 callbacks suppressed
[  184.077219][ T8200] loop4: detected capacity change from 0 to 4096
[  184.222810][ T8209] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  184.243059][ T8210] macvlan0: entered allmulticast mode
[  184.248471][ T8210] veth1_vlan: entered allmulticast mode
[  184.312083][   T31] audit: type=1800 audit(1770434566.295:34): pid=8200 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.847" name="file1" dev="loop4" ino=15 res=0 errno=0
[  184.337813][ T8210] veth1_vlan: left allmulticast mode
[  184.439039][ T8210] macvlan0 (unregistering): left allmulticast mode
[  184.536551][ T8218] loop5: detected capacity change from 0 to 512
[  184.643188][ T8218] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  184.698460][ T8218] EXT4-fs (loop5): 1 truncate cleaned up
[  184.743945][ T8218] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  185.022375][ T5820] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.046593][ T8234] loop2: detected capacity change from 0 to 1024
[  185.316371][ T5940] hfsplus: b-tree write err: -5, ino 4
[  185.432038][ T8251] loop0: detected capacity change from 0 to 64
[  185.482018][  T793] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  185.652379][  T793] usb 6-1: Using ep0 maxpacket: 16
[  185.710775][  T793] usb 6-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  185.784222][  T793] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.784991][ T8255] loop4: detected capacity change from 0 to 32768
[  185.836382][  T793] usb 6-1: config 0 descriptor??
[  185.911055][ T8255] XFS (loop4): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  185.920324][  T793] gspca_main: sonixj-2.14.0 probing 0471:0327
[  186.258168][ T8255] XFS (loop4): Starting recovery (logdev: internal)
[  186.287809][ T8255] XFS (loop4): Ending recovery (logdev: internal)
[  186.317934][ T8255] XFS (loop4): Corruption warning: Metadata has LSN (8192:64) ahead of current LSN (1:256). Please unmount and run xfs_repair (>= v4.3) to resolve.
[  186.333208][ T8255] XFS (loop4): Metadata CRC error detected at xfs_allocbt_read_verify+0x42/0xe0, xfs_bnobt block 0x4 
[  186.344319][ T8255] XFS (loop4): Unmount and run xfs_repair
[  186.350048][ T8255] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[  186.357658][ T8255] 00000000: 53 55 4d 59 00 00 00 02 ff ff ff ff ff ff ff ff  SUMY............
[  186.366559][ T8255] 00000010: 00 00 00 00 00 00 00 04 00 00 20 00 00 00 00 40  .......... ....@
[  186.375585][ T8255] 00000020: 9f 91 83 2a 3b 79 45 c3 9d 6d ed 0b c7 35 7f e4  ...*;yE..m...5..
[  186.384478][ T8255] 00000030: 00 00 00 00 25 47 cc 81 00 00 00 0d 00 00 00 03  ....%G..........
[  186.394488][ T8255] 00000040: 00 00 0e a8 00 00 11 58 00 00 00 00 00 00 00 00  .......X........
[  186.403518][ T8255] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  186.412439][ T8255] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  186.421313][ T8255] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  186.430266][ T8255] XFS (loop4): metadata I/O error in "xfs_btree_read_buf_block+0x2b0/0x490" at daddr 0x4 len 4 error 74
[  186.488898][ T5833] XFS (loop4): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  186.530061][ T5833] XFS (loop4): Uncorrected metadata errors detected; please run xfs_repair.
[  186.628234][ T8258] loop1: detected capacity change from 0 to 32768
[  186.718641][ T8258] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  186.926400][ T8258] XFS (loop1): Ending clean mount
[  187.061606][  T793] usb 6-1: USB disconnect, device number 9
[  187.217540][ T8296] Illegal XDP return value 8296 on prog  (id 50) dev syz_tun, expect packet loss!
[  187.318586][ T5831] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  187.774030][ T8304] loop2: detected capacity change from 0 to 2048
[  187.839951][ T8304] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  187.900892][ T8293] loop0: detected capacity change from 0 to 131072
[  187.914910][ T8293] F2FS-fs (loop0): Wrong CP boundary, start(512) end(198144) blocks(1024)
[  187.924703][ T8293] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  187.955010][ T8293] F2FS-fs (loop0): invalid crc value
[  188.062987][ T8293] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  188.092328][ T8293] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[  188.099439][ T8293] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  188.324758][ T8316] rtc_cmos 00:00: Alarms can be up to one day in the future
[  188.867862][ T8327] loop3: detected capacity change from 0 to 2048
[  188.915564][ T8327] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  188.954052][ T5903] rtc_cmos 00:00: Alarms can be up to one day in the future
[  188.971782][ T8327] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  188.991248][ T5903] rtc_cmos 00:00: Alarms can be up to one day in the future
[  189.022112][ T5903] rtc_cmos 00:00: Alarms can be up to one day in the future
[  189.052307][ T5903] rtc_cmos 00:00: Alarms can be up to one day in the future
[  189.094370][ T5903] rtc rtc0: __rtc_set_alarm: err=-22
[  189.232155][ T8307] loop5: detected capacity change from 0 to 32768
[  189.342136][ T8307] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  189.421299][ T8307] XFS (loop5): Ending clean mount
[  189.488188][ T8317] loop4: detected capacity change from 0 to 32768
[  189.503469][ T8307] XFS (loop5): Quotacheck needed: Please wait.
[  189.652057][ T8307] XFS (loop5): Quotacheck: Done.
[  189.659088][ T8317] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  189.775033][ T8360] loop3: detected capacity change from 0 to 1024
[  189.794099][ T8347] loop1: detected capacity change from 0 to 4096
[  189.846729][ T8317] XFS (loop4): Ending clean mount
[  189.884622][ T8360] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  189.887671][ T8317] XFS (loop4): Quotacheck needed: Please wait.
[  189.939449][ T5820] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  189.980569][ T8365] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  190.029018][ T8360] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[  190.140772][ T8317] XFS (loop4): Quotacheck: Done.
[  190.160238][ T8366] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[  190.394525][ T5837] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.452274][ T5833] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  190.521499][ T8371] loop2: detected capacity change from 0 to 128
[  190.662260][ T8371] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  190.688299][ T8375] loop3: detected capacity change from 0 to 256
[  190.712132][ T8371] hpfs: filesystem error: improperly stopped
[  190.718164][ T8371] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  190.772173][ T8371] hpfs: You really don't want any checks? You are crazy...
[  190.793748][ T8375] exfat: Deprecated parameter 'utf8'
[  190.814149][ T8375] exfat: Deprecated parameter 'utf8'
[  190.825290][ T8371] hpfs: hpfs_map_sector(): read error
[  190.830668][ T8371] hpfs: code page support is disabled
[  190.870889][ T8371] hpfs: hpfs_map_4sectors(): unaligned read
[  190.890065][ T8380] loop5: detected capacity change from 0 to 256
[  190.904862][ T8371] hpfs: hpfs_map_4sectors(): unaligned read
[  190.910773][ T8371] hpfs: filesystem error: unable to find root dir
[  190.961099][ T8375] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  191.026603][ T8380] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xf3da6b1f, utbl_chksum : 0xe619d30d)
[  191.530921][ T8395] loop4: detected capacity change from 0 to 1024
[  191.553741][ T8398] loop2: detected capacity change from 0 to 64
[  191.562951][ T8395] EXT4-fs: Ignoring removed nomblk_io_submit option
[  191.601972][  T793] usb 1-1: new full-speed USB device number 5 using dummy_hcd
[  191.611080][ T8395] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  191.670442][ T8395] System zones: 0-1, 3-36
[  191.682570][ T8395] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.764125][  T793] usb 1-1: config 0 has an invalid interface number: 110 but max is 0
[  191.786627][  T793] usb 1-1: config 0 has no interface number 0
[  191.825759][ T8403] loop3: detected capacity change from 0 to 4096
[  191.842022][  T793] usb 1-1: config 0 interface 110 altsetting 2 endpoint 0x2 has invalid wMaxPacketSize 0
[  191.856295][  T793] usb 1-1: config 0 interface 110 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  191.867512][ T8403] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  191.886998][  T793] usb 1-1: config 0 interface 110 has no altsetting 0
[  191.902109][   T30] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  191.905025][  T793] usb 1-1: New USB device found, idVendor=0547, idProduct=2720, bcdDevice=af.55
[  191.916621][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.957558][  T793] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.980062][ T8407] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  191.999746][  T793] usb 1-1: Product: syz
[  192.006483][  T793] usb 1-1: Manufacturer: syz
[  192.011499][  T793] usb 1-1: SerialNumber: syz
[  192.043044][  T793] usb 1-1: config 0 descriptor??
[  192.092040][   T30] usb 2-1: Using ep0 maxpacket: 16
[  192.118345][   T30] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  192.141827][   T30] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  192.207254][   T30] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.236123][   T30] usb 2-1: config 0 descriptor??
[  192.325345][ T8413] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  192.561353][   T24] usb 1-1: USB disconnect, device number 5
[  192.734147][   T30] mcp2221 0003:04D8:00DD.000A: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[  192.941927][   T30] usb 2-1: USB disconnect, device number 7
[  193.504577][ T8421] ocfs2: Slot 0 on device (7,3) was already allocated to this node!
[  193.612777][ T8421] JBD2: Ignoring recovery information on journal
[  193.900805][ T8421] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  193.960756][ T8418] F2FS-fs (loop4): build fault injection rate: 174
[  193.982049][ T5836] Bluetooth: hci5: link tx timeout
[  193.987631][ T5836] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[  194.042362][ T8418] F2FS-fs (loop4): build fault injection type: 0x3bfe8c
[  194.145254][ T8418] F2FS-fs (loop4): invalid crc value
[  194.264348][ T8443] (syz.3.925,8443,1):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options
[  194.315218][ T8433] set_capacity_and_notify: 2 callbacks suppressed
[  194.315238][ T8433] loop0: detected capacity change from 0 to 131072
[  194.342100][ T8433] F2FS-fs (loop0): invalid crc value
[  194.452034][ T8433] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  194.464228][ T8433] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  194.567845][ T8418] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  194.652158][ T8418] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  194.675738][ T5837] ocfs2: Unmounting device (7,3) on (node local)
[  194.696083][   T30] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  194.819788][ T8418] syz.4.923: attempt to access beyond end of device
[  194.819788][ T8418] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  194.912549][   T30] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  194.933113][   T30] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  194.974907][ T8457] loop2: detected capacity change from 0 to 512
[  195.014487][   T30] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  195.028768][ T5833] syz-executor: attempt to access beyond end of device
[  195.028768][ T5833] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  195.041912][   T30] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.077039][ T8457] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[  195.086463][ T5833] CPU: 0 UID: 0 PID: 5833 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  195.086500][ T5833] Tainted: [L]=SOFTLOCKUP
[  195.086509][ T5833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  195.086524][ T5833] Call Trace:
[  195.086533][ T5833]  <TASK>
[  195.086543][ T5833]  dump_stack_lvl+0xe8/0x150
[  195.086583][ T5833]  f2fs_handle_critical_error+0x37c/0x540
[  195.086625][ T5833]  f2fs_write_end_io+0xc1d/0xfd0
[  195.086682][ T5833]  __submit_merged_bio+0x256/0x650
[  195.086722][ T5833]  __submit_merged_write_cond+0x269/0x530
[  195.086761][ T5833]  f2fs_write_data_pages+0x2806/0x3360
[  195.086841][ T5833]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  195.086894][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.086924][ T5833]  ? css_rstat_updated+0x23a/0x530
[  195.086996][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.087025][ T5833]  ? rcu_is_watching+0x15/0xb0
[  195.087050][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.087079][ T5833]  ? mod_memcg_lruvec_state+0x1b8/0x320
[  195.087118][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.087146][ T5833]  ? lru_gen_update_size+0x7c9/0xd10
[  195.087203][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.087231][ T5833]  ? __lock_acquire+0x6b5/0x2cf0
[  195.087306][ T5833]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  195.087342][ T5833]  do_writepages+0x32e/0x550
[  195.087380][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.087413][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.087447][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.087476][ T5833]  ? do_raw_spin_unlock+0xf5/0x210
[  195.087513][ T5833]  filemap_fdatawrite+0x1e9/0x2f0
[  195.087555][ T5833]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  195.087645][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.087677][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.087712][ T5833]  ? do_raw_spin_unlock+0xf5/0x210
[  195.087749][ T5833]  f2fs_sync_dirty_inodes+0x30e/0x810
[  195.087806][ T5833]  f2fs_write_checkpoint+0x9c6/0x2490
[  195.087885][ T5833]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  195.087918][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.088024][ T5833]  kill_f2fs_super+0x308/0x710
[  195.088070][ T5833]  ? __pfx_kill_f2fs_super+0x10/0x10
[  195.088138][ T5833]  deactivate_locked_super+0xbc/0x130
[  195.088178][ T5833]  cleanup_mnt+0x437/0x4d0
[  195.088216][ T5833]  ? _raw_spin_unlock_irq+0x23/0x50
[  195.088248][ T5833]  task_work_run+0x1d9/0x270
[  195.088285][ T5833]  ? __pfx_task_work_run+0x10/0x10
[  195.088318][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.088361][ T5833]  exit_to_user_mode_loop+0xed/0x480
[  195.088397][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  195.088426][ T5833]  ? rcu_is_watching+0x15/0xb0
[  195.088455][ T5833]  do_syscall_64+0x2b7/0xf80
[  195.088485][ T5833]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.088509][ T5833]  ? trace_irq_disable+0x37/0x100
[  195.088542][ T5833]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.088567][ T5833] RIP: 0033:0x7fdba539c117
[  195.088590][ T5833] Code: a2 c7 05 7c c4 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  195.088611][ T5833] RSP: 002b:00007fff964776c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  195.088636][ T5833] RAX: 0000000000000000 RBX: 00007fdba540471f RCX: 00007fdba539c117
[  195.088654][ T5833] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff96477780
[  195.088670][ T5833] RBP: 00007fff96477780 R08: 00007fff96478780 R09: 00000000ffffffff
[  195.088687][ T5833] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff96478810
[  195.088704][ T5833] R13: 00007fdba540471f R14: 000000000002f919 R15: 00007fff96478850
[  195.088748][ T5833]  </TASK>
[  195.163110][   T30] usb 2-1: config 0 descriptor??
[  195.211616][ T5833] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  195.521063][   T37] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[  195.912693][   T30] kovaplus 0003:1E7D:2D50.000B: hidraw0: USB HID v0.00 Device [HID 1e7d:2d50] on usb-dummy_hcd.1-1/input0
[  196.034154][ T5836] Bluetooth: hci5: command 0x0406 tx timeout
[  196.283843][   T30] kovaplus 0003:1E7D:2D50.000B: couldn't init struct kovaplus_device
[  196.310369][   T30] kovaplus 0003:1E7D:2D50.000B: couldn't install mouse
[  196.345102][   T30] kovaplus 0003:1E7D:2D50.000B: probe with driver kovaplus failed with error -71
[  196.415108][   T30] usb 2-1: USB disconnect, device number 8
[  196.844191][ T8501] input: syz1 as /devices/virtual/input/input11
[  196.908330][ T8497] loop3: detected capacity change from 0 to 4096
[  196.965778][ T8497] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  197.278263][ T8511] vcan0: tx address claim with different name
[  197.638754][   T31] audit: type=1326 audit(1770434579.635:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8523 comm="syz.0.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13bd9aeb9 code=0x7ffc0000
[  197.763818][   T31] audit: type=1326 audit(1770434579.635:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8523 comm="syz.0.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13bd9aeb9 code=0x7ffc0000
[  197.886071][   T31] audit: type=1326 audit(1770434579.665:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8523 comm="syz.0.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13bd9aeb9 code=0x7ffc0000
[  197.989447][   T31] audit: type=1326 audit(1770434579.665:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8523 comm="syz.0.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13bd9aeb9 code=0x7ffc0000
[  198.056081][ T8530] loop5: detected capacity change from 0 to 4096
[  198.130380][   T31] audit: type=1326 audit(1770434579.675:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8523 comm="syz.0.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7fc13bd9aeb9 code=0x7ffc0000
[  198.140220][ T8539] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  198.291824][   T31] audit: type=1326 audit(1770434579.675:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8523 comm="syz.0.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13bd9aeb9 code=0x7ffc0000
[  198.427793][   T31] audit: type=1326 audit(1770434579.675:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8523 comm="syz.0.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13bd9aeb9 code=0x7ffc0000
[  198.501013][   T31] audit: type=1326 audit(1770434579.685:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8523 comm="syz.0.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13bd9aeb9 code=0x7ffc0000
[  198.533409][   T30] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  198.572059][   T31] audit: type=1326 audit(1770434579.685:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8523 comm="syz.0.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13bd9aeb9 code=0x7ffc0000
[  198.684810][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  198.691285][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  198.701014][   T31] audit: type=1326 audit(1770434579.685:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8523 comm="syz.0.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=198 compat=0 ip=0x7fc13bd9aeb9 code=0x7ffc0000
[  198.753969][   T30] usb 4-1: Using ep0 maxpacket: 8
[  198.799229][   T30] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  198.839024][   T30] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  198.879888][   T30] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  198.913428][   T30] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  198.946291][   T30] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  198.965602][   T30] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  198.975008][   T30] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  199.061983][ T5910] usb 3-1: new full-speed USB device number 7 using dummy_hcd
[  199.217706][ T8567] loop4: detected capacity change from 0 to 512
[  199.227567][ T8567] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  199.230304][   T30] usb 4-1: GET_CAPABILITIES returned 0
[  199.251054][ T5910] usb 3-1: unable to get BOS descriptor or descriptor too short
[  199.276621][ T5910] usb 3-1: not running at top speed; connect to a high speed hub
[  199.281974][   T30] usbtmc 4-1:16.0: can't read capabilities
[  199.313934][ T5910] usb 3-1: config 17 has an invalid interface number: 8 but max is 1
[  199.340644][ T5910] usb 3-1: config 17 has 1 interface, different from the descriptor's value: 2
[  199.360879][ T8567] EXT4-fs (loop4): 1 truncate cleaned up
[  199.367292][ T5910] usb 3-1: config 17 has no interface number 0
[  199.409761][ T5910] usb 3-1: config 17 interface 8 altsetting 6 endpoint 0x3 has invalid wMaxPacketSize 0
[  199.425820][ T8567] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  199.452882][ T8572] netlink: 'syz.5.984': attribute type 7 has an invalid length.
[  199.504551][ T5910] usb 3-1: config 17 interface 8 has no altsetting 0
[  199.512082][ T8572] netlink: 'syz.5.984': attribute type 8 has an invalid length.
[  199.530083][ T8572] netlink: 'syz.5.984': attribute type 7 has an invalid length.
[  199.573651][ T5910] usb 3-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=2c.ff
[  199.581112][ T8572] netlink: 208804 bytes leftover after parsing attributes in process `syz.5.984'.
[  199.590948][ T8567] syz.4.983 (pid 8567) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  199.605880][ T5910] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.629400][ T5910] usb 3-1: Product: syz
[  199.641822][ T5910] usb 3-1: Manufacturer: syz
[  199.651971][ T5910] usb 3-1: SerialNumber: syz
[  199.768187][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.788658][ T5931] usb 4-1: USB disconnect, device number 8
[  199.913448][ T5910] usb 3-1: selecting invalid altsetting 0
[  199.952454][ T8579] loop5: detected capacity change from 0 to 2048
[  200.007730][ T5910] usb 3-1: USB disconnect, device number 7
[  200.013040][ T8579] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  200.068444][ T6303] udevd[6303]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:17.8/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  200.243136][ T1264] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  200.291668][ T1264] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  200.348601][ T1264] EXT4-fs (loop5): This should not happen!! Data will be lost
[  200.348601][ T1264] 
[  200.401975][ T1264] EXT4-fs (loop5): Total free blocks count 0
[  200.411540][ T1264] EXT4-fs (loop5): Free/Dirty block details
[  200.441535][ T1264] EXT4-fs (loop5): free_blocks=4096
[  200.466562][ T1264] EXT4-fs (loop5): dirty_blocks=512
[  200.471806][ T1264] EXT4-fs (loop5): Block reservation details
[  200.514330][ T1264] EXT4-fs (loop5): i_reserved_data_blocks=32
[  200.552642][ T1264] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 480 with error 28
[  200.694810][ T8603] loop2: detected capacity change from 0 to 512
[  200.703519][ T8600] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci5/hci5:200/input12
[  200.761710][ T8603] EXT4-fs (loop2): Test dummy encryption mode enabled
[  200.797018][ T8603] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  200.893435][ T8603] EXT4-fs error (device loop2): xattr_find_entry:337: inode #15: comm syz.2.995: corrupted xattr entries
[  200.928686][ T8603] EXT4-fs (loop2): 1 orphan inode deleted
[  201.033434][ T8603] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  201.116108][ T8612] loop5: detected capacity change from 0 to 512
[  201.184088][ T8603] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[  201.417420][ T5819] EXT4-fs error (device loop2): mb_free_blocks:2037: group 0, inode 11: block 54:freeing already freed block (bit 53); block bitmap corrupt.
[  201.604611][ T5819] EXT4-fs error (device loop2): ext4_lookup:1785: inode #14: comm syz-executor: invalid fast symlink length 39
[  201.683011][   T30] kernel write not supported for file bpf-prog (pid: 30 comm: kworker/1:1)
[  201.695989][ T5819] EXT4-fs error (device loop2): ext4_lookup:1785: inode #14: comm syz-executor: invalid fast symlink length 39
[  202.010383][ T8610] loop3: detected capacity change from 0 to 32768
[  202.094943][ T8610] JBD2: Ignoring recovery information on journal
[  202.206078][ T8608] loop4: detected capacity change from 0 to 32768
[  202.219998][ T8608] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.997 (8608)
[  202.254337][ T8608] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  202.301202][ T8610] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  202.306475][ T8608] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  202.383759][ T5819] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.568028][ T8608] BTRFS info (device loop4): turning off barriers
[  202.627027][ T8608] BTRFS info (device loop4): enabling free space tree
[  202.684271][ T8608] BTRFS info (device loop4): use zstd compression, level 3
[  202.686634][ T5837] ocfs2: Unmounting device (7,3) on (node local)
[  203.009935][  T151] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  203.101814][  T151] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.322291][ T5833] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  203.633778][  T151] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  203.670200][ T8658] sock: sock_set_timeout: `syz.0.1014' (pid 8658) tries to set negative timeout
[  203.699509][  T151] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.877109][ T8649] loop5: detected capacity change from 0 to 32768
[  204.031778][ T8649] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  204.176778][ T8649] XFS (loop5): Ending clean mount
[  204.210371][  T151] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  204.279287][ T8649] XFS (loop5): Quotacheck needed: Please wait.
[  204.285610][  T151] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.339906][ T5836] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  204.350798][ T5836] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  204.366323][ T5836] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  204.390981][ T8649] XFS (loop5): Quotacheck: Done.
[  204.406825][ T5836] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  204.420147][ T5836] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  204.593013][  T151] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  204.626824][  T151] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.652188][ T5820] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  204.803901][ T8683] input: syz1 as /devices/virtual/input/input14
[  205.206160][ T8690] loop0: detected capacity change from 0 to 128
[  205.393960][ T8694] vcan0: tx drop: invalid sa for name 0xfffffffffffffffd
[  205.511732][ T8671] loop1: detected capacity change from 0 to 32768
[  205.695717][  T151] bridge_slave_1: left allmulticast mode
[  205.722665][  T151] bridge_slave_1: left promiscuous mode
[  205.756004][  T151] bridge0: port 2(bridge_slave_1) entered disabled state
[  205.829781][  T151] bridge_slave_0: left allmulticast mode
[  205.864773][  T151] bridge_slave_0: left promiscuous mode
[  205.900641][  T151] bridge0: port 1(bridge_slave_0) entered disabled state
[  206.512426][ T5836] Bluetooth: hci0: command tx timeout
[  207.517579][ T8741] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.1038'.
[  207.814061][ T8743] loop0: detected capacity change from 0 to 8192
[  207.827901][  T151] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  207.890855][  T151] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  207.926996][  T151] bond0 (unregistering): Released all slaves
[  208.051657][ T8737] loop1: detected capacity change from 0 to 40427
[  208.082373][ T8737] F2FS-fs (loop1): Image doesn't support compression
[  208.089245][ T8737] F2FS-fs (loop1): build fault injection rate: 693
[  208.121957][ T8737] F2FS-fs (loop1): invalid crc value
[  208.484727][ T8754] loop5: detected capacity change from 0 to 512
[  208.567663][ T8737] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  208.592117][ T8754] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1)
[  208.601423][ T8754] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  208.609026][ T8737] F2FS-fs (loop1): Start checkpoint disabled!
[  208.627425][ T5836] Bluetooth: hci0: command tx timeout
[  208.679310][ T8737] F2FS-fs (loop1): f2fs_disable_checkpoint() finish, err:0
[  208.689220][ T8737] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  208.791276][ T8676] chnl_net:caif_netlink_parms(): no params data found
[  208.806125][ T8754] FAT-fs (loop5): FAT read failed (blocknr 128)
[  209.012132][   T50] kworker/u8:3: attempt to access beyond end of device
[  209.012132][   T50] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  209.106810][   T50] CPU: 0 UID: 0 PID: 50 Comm: kworker/u8:3 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  209.106850][   T50] Tainted: [L]=SOFTLOCKUP
[  209.106860][   T50] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  209.106877][   T50] Workqueue: writeback wb_workfn (flush-7:1)
[  209.106922][   T50] Call Trace:
[  209.106932][   T50]  <TASK>
[  209.106943][   T50]  dump_stack_lvl+0xe8/0x150
[  209.106978][   T50]  f2fs_handle_critical_error+0x37c/0x540
[  209.107018][   T50]  f2fs_write_end_io+0xc1d/0xfd0
[  209.107071][   T50]  __submit_merged_bio+0x256/0x650
[  209.107108][   T50]  __submit_merged_write_cond+0x269/0x530
[  209.107146][   T50]  f2fs_write_data_pages+0x2806/0x3360
[  209.107217][   T50]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  209.107307][   T50]  ? unwind_next_frame+0xa5/0x23c0
[  209.107338][   T50]  ? ret_from_fork+0x51b/0xa40
[  209.107361][   T50]  ? ret_from_fork_asm+0x1a/0x30
[  209.107431][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.107471][   T50]  ? __lock_acquire+0x6b5/0x2cf0
[  209.107515][   T50]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  209.107550][   T50]  do_writepages+0x32e/0x550
[  209.107595][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.107624][   T50]  ? reacquire_held_locks+0x104/0x190
[  209.107649][   T50]  ? writeback_sb_inodes+0x42a/0x1940
[  209.107682][   T50]  __writeback_single_inode+0x133/0x1230
[  209.107710][   T50]  ? do_raw_spin_unlock+0xf5/0x210
[  209.107746][   T50]  writeback_sb_inodes+0x92e/0x1940
[  209.107800][   T50]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  209.107823][   T50]  ? do_raw_spin_lock+0x12b/0x2f0
[  209.107898][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.107928][   T50]  ? rcu_is_watching+0x15/0xb0
[  209.107953][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.107992][   T50]  wb_writeback+0x445/0xad0
[  209.108022][   T50]  ? queue_io+0x291/0x450
[  209.108055][   T50]  ? __pfx_wb_writeback+0x10/0x10
[  209.108077][   T50]  ? do_raw_spin_lock+0x12b/0x2f0
[  209.108126][   T50]  wb_workfn+0x3f8/0xef0
[  209.108159][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.108188][   T50]  ? look_up_lock_class+0x57/0x110
[  209.108237][   T50]  ? __pfx_wb_workfn+0x10/0x10
[  209.108271][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.108304][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.108333][   T50]  ? do_raw_spin_lock+0x12b/0x2f0
[  209.108360][   T50]  ? lock_acquire+0x106/0x330
[  209.108398][   T50]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  209.108431][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.108472][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.108505][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.108545][   T50]  ? process_scheduled_works+0xa0f/0x17a0
[  209.108583][   T50]  ? process_scheduled_works+0xa0f/0x17a0
[  209.108625][   T50]  process_scheduled_works+0xaec/0x17a0
[  209.108698][   T50]  ? __pfx_process_scheduled_works+0x10/0x10
[  209.108735][   T50]  ? do_raw_spin_lock+0x12b/0x2f0
[  209.108768][   T50]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  209.108795][   T50]  ? schedule+0x90/0x360
[  209.108824][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.108859][   T50]  worker_thread+0xda6/0x1360
[  209.108918][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.108946][   T50]  ? __kthread_parkme+0x19c/0x1f0
[  209.108980][   T50]  kthread+0x726/0x8b0
[  209.109014][   T50]  ? __pfx_worker_thread+0x10/0x10
[  209.109053][   T50]  ? __pfx_kthread+0x10/0x10
[  209.109079][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.109115][   T50]  ? _raw_spin_unlock_irq+0x23/0x50
[  209.109139][   T50]  ? __pfx_kthread+0x10/0x10
[  209.109170][   T50]  ret_from_fork+0x51b/0xa40
[  209.109198][   T50]  ? __pfx_ret_from_fork+0x10/0x10
[  209.109232][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  209.109264][   T50]  ? __switch_to+0xc82/0x1410
[  209.109305][   T50]  ? __pfx_kthread+0x10/0x10
[  209.109336][   T50]  ret_from_fork_asm+0x1a/0x30
[  209.109391][   T50]  </TASK>
[  209.109401][   T50] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  209.273291][ T5824] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  209.508029][ T5824] Bluetooth: hci4: Injecting HCI hardware error event
[  210.232996][ T8760] loop0: detected capacity change from 0 to 32768
[  210.286781][ T8760] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1045 (8760)
[  210.344650][ T8791] loop3: detected capacity change from 0 to 512
[  210.415161][ T8760] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  210.426594][  T151] hsr_slave_0: left promiscuous mode
[  210.430309][ T8791] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  210.467060][ T8760] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  210.476800][  T151] hsr_slave_1: left promiscuous mode
[  210.487297][  T151] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  210.499682][  T151] batman_adv: batadv0: Removing interface: batadv_slave_0
[  210.510155][ T8791] ext4 filesystem being mounted at /168/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  210.542885][  T151] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  210.550308][  T151] batman_adv: batadv0: Removing interface: batadv_slave_1
[  210.681909][ T5824] Bluetooth: hci0: command tx timeout
[  210.737682][  T151] veth1_macvtap: left promiscuous mode
[  210.745793][ T8760] BTRFS info (device loop0): enabling ssd optimizations
[  210.762759][ T8760] BTRFS info (device loop0): turning on flush-on-commit
[  210.769718][ T8760] BTRFS info (device loop0): enabling free space tree
[  210.791670][  T151] veth0_macvtap: left promiscuous mode
[  210.803757][ T5837] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.822074][  T151] veth1_vlan: left promiscuous mode
[  210.827819][ T8760] BTRFS info (device loop0): enabling auto defrag
[  210.848090][  T151] veth0_vlan: left promiscuous mode
[  210.874387][ T8760] BTRFS info (device loop0): use lzo compression, level 1
[  210.883964][ T8760] BTRFS info (device loop0): max_inline set to 4096
[  210.992171][ T5824] Bluetooth: hci3: command 0x0406 tx timeout
[  210.993688][ T5138] Bluetooth: hci4: command 0x0406 tx timeout
[  210.999063][ T5824] Bluetooth: hci1: command 0x0406 tx timeout
[  211.195549][ T5836] Bluetooth: hci4: hardware error 0x00
[  211.305939][ T8826] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  211.480582][ T5828] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  212.022168][ T8821] loop1: detected capacity change from 0 to 32768
[  212.065825][ T8821] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1056 (8821)
[  212.176365][ T8821] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  212.213453][ T8821] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  212.248801][ T8821] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  212.326439][ T8845] loop3: detected capacity change from 0 to 512
[  212.398169][ T8845] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  212.412088][ T8845] ext4 filesystem being mounted at /175/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  212.490003][ T8821] BTRFS info (device loop1): rebuilding free space tree
[  212.496914][ T8845] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  212.536495][ T8821] BTRFS info (device loop1): disabling free space tree
[  212.543495][ T8821] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  212.554437][ T8821] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  212.597897][ T8821] BTRFS info (device loop1): enabling ssd optimizations
[  212.612015][ T8821] BTRFS info (device loop1): enabling disk space caching
[  212.625096][ T8821] BTRFS info (device loop1): force clearing of disk cache
[  212.633129][ T8821] BTRFS info (device loop1): enabling auto defrag
[  212.639562][ T8821] BTRFS info (device loop1): max_inline set to 0
[  212.657742][ T5837] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.755176][ T5830] Bluetooth: hci0: command tx timeout
[  212.919714][ T5831] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  212.934654][ T8862] loop3: detected capacity change from 0 to 512
[  212.948569][ T8839] loop0: detected capacity change from 0 to 40427
[  212.953998][ T8862] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  213.013094][ T8839] F2FS-fs (loop0): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288)
[  213.033705][ T8839] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  213.046285][ T8839] F2FS-fs (loop0): Image doesn't support compression
[  213.058575][ T8839] F2FS-fs (loop0): build fault injection rate: 690
[  213.067460][ T8839] F2FS-fs (loop0): build fault injection type: 0x35f7
[  213.079922][ T8862] EXT4-fs (loop3): 1 orphan inode deleted
[  213.085947][ T8839] F2FS-fs (loop0): invalid crc value
[  213.115204][ T8862] EXT4-fs (loop3): 1 truncate cleaned up
[  213.165460][ T8862] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  213.312383][ T5836] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  213.319235][ T8839] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  213.366749][ T8839] F2FS-fs (loop0): Start checkpoint disabled!
[  213.376325][ T5837] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.402339][ T8839] F2FS-fs (loop0): f2fs_disable_checkpoint() finish, err:0
[  213.481944][ T8839] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  213.489017][ T8839] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  213.986112][  T151] team0 (unregistering): Port device team_slave_1 removed
[  214.071780][  T151] team0 (unregistering): Port device team_slave_0 removed
[  214.398173][ T5924] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  214.593820][ T5924] usb 1-1: Using ep0 maxpacket: 8
[  214.601764][ T5924] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  214.613147][ T5924] usb 1-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  214.638371][ T5924] usb 1-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  214.650048][ T5924] usb 1-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  214.675132][ T5924] usb 1-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  214.686566][ T5924] usb 1-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  214.717739][ T5924] usb 1-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  214.748273][ T5924] usb 1-1: config 168 interface 0 has no altsetting 0
[  214.766314][ T5924] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  214.785785][ T5924] usb 1-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  214.805770][ T5924] usb 1-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  214.818814][ T5924] usb 1-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  214.850299][ T5924] usb 1-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  214.862380][ T5924] usb 1-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  214.887390][ T5924] usb 1-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  214.900904][ T5924] usb 1-1: config 168 interface 0 has no altsetting 0
[  214.921735][ T5924] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  214.929306][ T5924] usb 1-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  214.941095][ T5924] usb 1-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  214.962839][ T5924] usb 1-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  214.980347][ T5924] usb 1-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  215.000617][ T5924] usb 1-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  215.012227][ T5924] usb 1-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  215.052688][ T8879] netlink: 'syz.1.1072': attribute type 2 has an invalid length.
[  215.070732][ T5924] usb 1-1: config 168 interface 0 has no altsetting 0
[  215.076332][ T8676] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.091711][ T8676] bridge0: port 1(bridge_slave_0) entered disabled state
[  215.109078][ T5924] usb 1-1: string descriptor 0 read error: -22
[  215.115424][ T5924] usb 1-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  215.126071][ T8676] bridge_slave_0: entered allmulticast mode
[  215.141106][ T5924] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  215.144872][ T8676] bridge_slave_0: entered promiscuous mode
[  215.193942][ T5924] adutux 1-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  215.214577][ T8676] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.232471][ T8676] bridge0: port 2(bridge_slave_1) entered disabled state
[  215.239768][ T8676] bridge_slave_1: entered allmulticast mode
[  215.269978][ T8676] bridge_slave_1: entered promiscuous mode
[  215.733455][ T5910] usb 1-1: USB disconnect, device number 6
[  215.765269][ T8676] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  215.798376][ T8676] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  215.905891][ T8676] team0: Port device team_slave_0 added
[  215.947992][ T8676] team0: Port device team_slave_1 added
[  216.376805][ T8676] batman_adv: batadv0: Adding interface: batadv_slave_0
[  216.388961][ T8676] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  216.433249][ T8676] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  216.483615][ T8676] batman_adv: batadv0: Adding interface: batadv_slave_1
[  216.521635][ T8676] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  216.623753][ T8676] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  216.751159][ T8921] loop1: detected capacity change from 0 to 16
[  216.772192][ T8676] hsr_slave_0: entered promiscuous mode
[  216.778904][ T8676] hsr_slave_1: entered promiscuous mode
[  216.792784][ T8676] debugfs: 'hsr0' already exists in 'hsr'
[  216.801588][ T8921] erofs (device loop1): mounted with root inode @ nid 36.
[  216.819451][ T8676] Cannot create hsr debugfs directory
[  217.702377][ T8940] loop0: detected capacity change from 0 to 128
[  217.716054][ T8940] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  217.779770][ T8940] hpfs: filesystem error: improperly stopped
[  217.843800][ T8940] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  217.851586][ T8940] hpfs: You really don't want any checks? You are crazy...
[  217.903972][ T8940] hpfs: hpfs_map_sector(): read error
[  217.909383][ T8940] hpfs: code page support is disabled
[  217.970920][ T8940] hpfs: hpfs_map_4sectors(): unaligned read
[  217.998952][ T8940] hpfs: hpfs_map_4sectors(): unaligned read
[  218.016945][ T8940] hpfs: filesystem error: unable to find root dir
[  218.115135][ T8940] hpfs: hpfs_map_4sectors(): unaligned read
[  218.492697][ T8950] loop4: detected capacity change from 0 to 2048
[  218.590264][ T8676] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  218.606698][ T8954] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  218.636861][ T8676] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  218.683954][ T8950] NILFS error (device loop4): nilfs_dotdot: directory #12 missing '..'
[  218.699694][ T8938] loop1: detected capacity change from 0 to 32768
[  218.719488][ T8676] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  218.732302][ T8950] Remounting filesystem read-only
[  218.752179][ T8938] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1091 (8938)
[  218.791323][ T8676] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  218.883726][ T8938] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  218.922284][ T5833] NILFS (loop4): disposed unprocessed dirty file(s) when detaching log writer
[  218.940601][ T8938] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  219.179568][ T8938] BTRFS info (device loop1): setting nodatasum
[  219.203246][ T8938] BTRFS info (device loop1): allowing degraded mounts
[  219.210040][ T8938] BTRFS info (device loop1): disabling tree log
[  219.271993][ T8938] BTRFS info (device loop1): turning on async discard
[  219.311804][ T8938] BTRFS info (device loop1): enabling free space tree
[  219.525634][ T8891] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888053591000 pfn:0x53591
[  219.585402][ T8891] memcg:ffff8880783f8d40
[  219.590613][ T8676] 8021q: adding VLAN 0 to HW filter on device bond0
[  219.611824][ T8891] flags: 0xfff00000000001(locked|node=0|zone=1|lastcpupid=0x7ff)
[  219.658159][ T8891] raw: 00fff00000000001 0000000000000000 dead000000000122 0000000000000000
[  219.675554][ T8676] 8021q: adding VLAN 0 to HW filter on device team0
[  219.687484][ T8891] raw: ffff888053591000 0000000000000000 00000001ffffffff ffff8880783f8d40
[  219.721283][ T8891] page dumped because: VM_BUG_ON_FOLIO(folio_order(folio) < mapping_min_folio_order(mapping))
[  219.731734][ T8998] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  219.760963][ T8995] BTRFS warning (device loop1): failed to trim 1 device(s), last error -512
[  219.782833][ T8938] BTRFS info (device loop1): balance: start -d -m
[  219.804102][ T1264] bridge0: port 1(bridge_slave_0) entered blocking state
[  219.811294][ T1264] bridge0: port 1(bridge_slave_0) entered forwarding state
[  219.841981][ T8891] page_owner tracks the page as allocated
[  219.864246][ T8938] BTRFS info (device loop1): relocating block group 6881280 flags data|metadata
[  219.875266][ T8891] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x152c00(GFP_NOIO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 8891, tgid 8887 (syz.5.1076), ts 219525479338, free_ts 219195692943
[  219.891178][ T1264] bridge0: port 2(bridge_slave_1) entered blocking state
[  219.902978][ T1264] bridge0: port 2(bridge_slave_1) entered forwarding state
[  220.007627][ T8891]  post_alloc_hook+0x228/0x280
[  220.032833][ T9003] loop4: detected capacity change from 0 to 1024
[  220.042554][ T8891]  get_page_from_freelist+0x24dc/0x2580
[  220.066151][ T9003] EXT4-fs: Ignoring removed bh option
[  220.083193][ T8891]  __alloc_frozen_pages_noprof+0x18d/0x380
[  220.102545][   T31] kauditd_printk_skb: 5 callbacks suppressed
[  220.102565][   T31] audit: type=1326 audit(1770434602.095:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9005 comm="syz.0.1105" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc13bd9aeb9 code=0x0
[  220.126322][ T8676] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  220.151740][ T8891]  alloc_pages_mpol+0x232/0x4a0
[  220.170517][ T8891]  alloc_pages_noprof+0xa8/0x190
[  220.175959][ T8891]  folio_alloc_noprof+0x1e/0x30
[  220.181309][ T8891]  filemap_alloc_folio_noprof+0x111/0x470
[  220.188755][ T8891]  page_cache_ra_order+0x547/0xe50
[  220.195988][ T8891]  do_sync_mmap_readahead+0x6ad/0x8e0
[  220.201389][ T8891]  filemap_fault+0x703/0x12e0
[  220.206701][ T8891]  __do_fault+0x138/0x390
[  220.213232][ T8891]  do_pte_missing+0x21a2/0x37a0
[  220.218051][ T9003] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.218307][ T8891]  handle_mm_fault+0x1b8c/0x32a0
[  220.235907][ T8891]  __get_user_pages+0x165b/0x29d0
[  220.240969][ T8891]  populate_vma_page_range+0x2be/0x3c0
[  220.262418][ T8676] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  220.322900][ T8938] BTRFS info (device loop1): relocating block group 5242880 flags data|metadata
[  220.334840][ T9003] EXT4-fs error (device loop4): ext4_find_dest_de:2050: inode #12: block 7: comm syz.4.1103: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0
[  220.362516][ T8891]  __mm_populate+0x25f/0x390
[  220.367427][ T8891] page last free pid 793 tgid 793 stack trace:
[  220.374729][ T8891]  __free_frozen_pages+0xbf8/0xd70
[  220.381636][ T8891]  rcu_core+0xc9e/0x1750
[  220.397199][ T9003] EXT4-fs (loop4): Remounting filesystem read-only
[  220.404971][ T8891]  handle_softirqs+0x22a/0x7c0
[  220.417045][ T8891]  do_softirq+0x76/0xd0
[  220.441794][ T8891]  __local_bh_enable_ip+0xf8/0x130
[  220.447735][ T8891]  wg_packet_decrypt_worker+0xd01/0xd80
[  220.467516][ T8891]  process_scheduled_works+0xaec/0x17a0
[  220.511956][ T8891]  worker_thread+0xda6/0x1360
[  220.521294][ T8891]  kthread+0x726/0x8b0
[  220.530302][ T8891]  ret_from_fork+0x51b/0xa40
[  220.530604][ T8938] BTRFS info (device loop1): balance: canceled
[  220.541971][ T8891]  ret_from_fork_asm+0x1a/0x30
[  220.552870][ T8891] ------------[ cut here ]------------
[  220.558398][ T8891] kernel BUG at mm/filemap.c:859!
[  220.577253][ T8891] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI
[  220.583713][ T8891] CPU: 1 UID: 0 PID: 8891 Comm: syz.5.1076 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  220.594666][ T8891] Tainted: [L]=SOFTLOCKUP
[  220.598988][ T8891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  220.609045][ T8891] RIP: 0010:__filemap_add_folio+0x11bc/0x1300
[  220.615139][ T8891] Code: 85 c6 ff 4c 89 e7 48 c7 c6 e0 98 b7 8b e8 7c 1b 2a ff 90 0f 0b e8 c4 85 c6 ff 4c 89 e7 48 c7 c6 80 8d b7 8b e8 65 1b 2a ff 90 <0f> 0b e8 ad 85 c6 ff 4c 89 e7 48 c7 c6 e0 98 b7 8b e8 4e 1b 2a ff
[  220.634742][ T8891] RSP: 0018:ffffc900030d71e0 EFLAGS: 00010246
[  220.640812][ T8891] RAX: 4f514bb7e979db00 RBX: 0000000000000000 RCX: 0000000000000000
[  220.648782][ T8891] RDX: 0000000000000007 RSI: ffffffff8dcc9d7a RDI: 00000000ffffffff
[  220.656750][ T8891] RBP: ffffc900030d7360 R08: ffffffff8fef2077 R09: 1ffffffff1fde40e
[  220.664720][ T8891] R10: dffffc0000000000 R11: fffffbfff1fde40f R12: ffffea00014d6440
[  220.672688][ T8891] R13: dffffc0000000000 R14: ffffea00014d6448 R15: 0000000000000004
[  220.680832][ T8891] FS:  00007fbfa90d56c0(0000) GS:ffff8881257f3000(0000) knlGS:0000000000000000
[  220.689779][ T8891] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  220.696451][ T8891] CR2: 000055af29e9eee0 CR3: 000000003133a000 CR4: 0000000000350ef0
[  220.704429][ T8891] Call Trace:
[  220.707708][ T8891]  <TASK>
[  220.710638][ T8891]  ? percpu_ref_put+0x19/0x180
[  220.715405][ T8891]  ? __pfx___filemap_add_folio+0x10/0x10
[  220.721058][ T8891]  ? srso_alias_return_thunk+0x5/0xfbef5
[  220.726703][ T8891]  ? percpu_ref_put+0xf9/0x180
[  220.731474][ T8891]  ? srso_alias_return_thunk+0x5/0xfbef5
[  220.737196][ T8891]  ? __mem_cgroup_charge+0x149/0x1e0
[  220.742483][ T8891]  filemap_add_folio+0x264/0x530
[  220.747436][ T8891]  page_cache_ra_order+0x6a8/0xe50
[  220.752559][ T8891]  do_sync_mmap_readahead+0x6ad/0x8e0
[  220.757939][ T8891]  ? __pfx_do_sync_mmap_readahead+0x10/0x10
[  220.763838][ T8891]  ? count_memcg_event_mm+0x1d/0x250
[  220.769127][ T8891]  ? count_memcg_event_mm+0x1d/0x250
[  220.774424][ T8891]  filemap_fault+0x703/0x12e0
[  220.779113][ T8891]  ? __pfx_filemap_fault+0x10/0x10
[  220.784237][ T8891]  ? __pfx_filemap_map_pages+0x10/0x10
[  220.789706][ T8891]  ? srso_alias_return_thunk+0x5/0xfbef5
[  220.795434][ T8891]  __do_fault+0x138/0x390
[  220.799769][ T8891]  do_pte_missing+0x21a2/0x37a0
[  220.804623][ T8891]  ? do_pte_missing+0x1258/0x37a0
[  220.809655][ T8891]  ? srso_alias_return_thunk+0x5/0xfbef5
[  220.815292][ T8891]  handle_mm_fault+0x1b8c/0x32a0
[  220.820248][ T8891]  ? mt_find+0x186/0x630
[  220.824499][ T8891]  ? handle_mm_fault+0xee/0x32a0
[  220.829544][ T8891]  ? __pfx_handle_mm_fault+0x10/0x10
[  220.834843][ T8891]  ? srso_alias_return_thunk+0x5/0xfbef5
[  220.840482][ T8891]  __get_user_pages+0x165b/0x29d0
[  220.845792][ T8891]  populate_vma_page_range+0x2be/0x3c0
[  220.851261][ T8891]  ? __pfx_populate_vma_page_range+0x10/0x10
[  220.857247][ T8891]  ? srso_alias_return_thunk+0x5/0xfbef5
[  220.862882][ T8891]  ? down_read+0x272/0x2e0
[  220.867301][ T8891]  ? __mm_populate+0x173/0x390
[  220.872068][ T8891]  __mm_populate+0x25f/0x390
[  220.876665][ T8891]  ? __pfx___mm_populate+0x10/0x10
[  220.881775][ T8891]  ? srso_alias_return_thunk+0x5/0xfbef5
[  220.887413][ T8891]  vm_mmap_pgoff+0x3aa/0x4f0
[  220.892018][ T8891]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  220.897138][ T8891]  ? __fget_files+0x2a/0x420
[  220.901730][ T8891]  ? srso_alias_return_thunk+0x5/0xfbef5
[  220.907372][ T8891]  ? __fget_files+0x3a0/0x420
[  220.912051][ T8891]  ? __fget_files+0x2a/0x420
[  220.916645][ T8891]  ksys_mmap_pgoff+0x51e/0x760
[  220.921420][ T8891]  do_syscall_64+0xe2/0xf80
[  220.925919][ T8891]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.931983][ T8891]  ? trace_irq_disable+0x37/0x100
[  220.937013][ T8891]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.942903][ T8891] RIP: 0033:0x7fbfa819aeb9
[  220.947314][ T8891] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  220.966929][ T8891] RSP: 002b:00007fbfa90d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  220.975611][ T8891] RAX: ffffffffffffffda RBX: 00007fbfa8416090 RCX: 00007fbfa819aeb9
[  220.983580][ T8891] RDX: 0000000001000002 RSI: 0000000000b36000 RDI: 0000200000000000
[  220.991549][ T8891] RBP: 00007fbfa8208c1f R08: 0000000000000003 R09: 00000000783f7000
[  220.999517][ T8891] R10: 0000000000028011 R11: 0000000000000246 R12: 0000000000000000
[  221.007661][ T8891] R13: 00007fbfa8416128 R14: 00007fbfa8416090 R15: 00007ffe405631b8
[  221.015642][ T8891]  </TASK>
[  221.018646][ T8891] Modules linked in:
[  221.023980][ T8891] ---[ end trace 0000000000000000 ]---
[  221.109574][ T8891] RIP: 0010:__filemap_add_folio+0x11bc/0x1300
[  221.117610][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.128164][ T5831] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  221.173846][ T8891] Code: 85 c6 ff 4c 89 e7 48 c7 c6 e0 98 b7 8b e8 7c 1b 2a ff 90 0f 0b e8 c4 85 c6 ff 4c 89 e7 48 c7 c6 80 8d b7 8b e8 65 1b 2a ff 90 <0f> 0b e8 ad 85 c6 ff 4c 89 e7 48 c7 c6 e0 98 b7 8b e8 4e 1b 2a ff
[  221.250545][ T9021] loop4: detected capacity change from 0 to 512
[  221.285143][ T9021] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.1107: inode has both inline data and extents flags
[  221.312988][ T9021] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.1107: couldn't read orphan inode 15 (err -117)
[  221.331980][ T8891] RSP: 0018:ffffc900030d71e0 EFLAGS: 00010246
[  221.336048][ T9021] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.361208][ T8891] RAX: 4f514bb7e979db00 RBX: 0000000000000000 RCX: 0000000000000000
[  221.392966][ T8676] 8021q: adding VLAN 0 to HW filter on device batadv0
[  221.409783][ T8891] RDX: 0000000000000007 RSI: ffffffff8dcc9d7a RDI: 00000000ffffffff
[  221.410806][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.443714][ T8891] RBP: ffffc900030d7360 R08: ffffffff8fef2077 R09: 1ffffffff1fde40e
[  221.475150][ T8891] R10: dffffc0000000000 R11: fffffbfff1fde40f R12: ffffea00014d6440
[  221.504534][ T8891] R13: dffffc0000000000 R14: ffffea00014d6448 R15: 0000000000000004
[  221.533012][ T8891] FS:  00007fbfa90d56c0(0000) GS:ffff8881256f3000(0000) knlGS:0000000000000000
[  221.546087][ T8891] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  221.556851][ T8891] CR2: 00007fe320be7e9c CR3: 000000003133a000 CR4: 0000000000350ef0
[  221.567302][ T8891] Kernel panic - not syncing: Fatal exception
[  221.573699][ T8891] Kernel Offset: disabled
[  221.578010][ T8891] Rebooting in 86400 seconds..