last executing test programs:

6.419213284s ago: executing program 2 (id=1254):
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYRES32=0x0], 0xff, 0xa4, &(0x7f00000000c0)="$eJzs0b+pAkEQB+C5e/C4A9EC7OFq0CKswBKMBEEsyFYswdTIwNTkZHFFuGDBQFH4Ptg/P4ZdBuZw3U9jHNFvI/q/eOiT1XoXJf/FKr+gzmeThj655/M8YhYRVaqn7bJZHvMaPF80xd9Hb+sbAAB4XTXIdXTdM53afGk/2RMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAN7kFAAD//z7jFwY=")
socket$netlink(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)

6.06127284s ago: executing program 2 (id=1257):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)={0x1c, r1, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40800}, 0x80)

5.764557649s ago: executing program 2 (id=1261):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, 0x0, 0x0)
ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000b40)={'dummy0\x00'})

5.403674376s ago: executing program 2 (id=1264):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000100)='./bus\x00', 0x4000, &(0x7f0000000280)=ANY=[@ANYBLOB="636865636b706f696e743d64697361626c652c6261636b67726f756e645f67633d73796e632c61636c2c616c6c6f635f6d6f64653d72657573652c696e6c696e655f78617474722c6e6f666c7573685f6d657267652c6d6f64653d6c66732c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c6167655f657874656e745f63616368652c646973636172642c6e6f696e6c696e655f64656e7472792c008bfb3c1e4b1b12ae77c937da8858"], 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x105)
statx(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x800, 0x2dd8806920477201, &(0x7f00000003c0))

3.800469031s ago: executing program 1 (id=1273):
r0 = syz_open_dev$video(&(0x7f00000000c0), 0x3, 0x20)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
ioctl$VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000100)=@multiplanar_overlay={0x4, 0x3, 0x4, 0x70000, 0x2, {0x77359400}, {0x5, 0x8, 0x0, 0x0, 0x1, 0x4, "654e6887"}, 0x7, 0x3, {0x0}, 0x4})

3.460826143s ago: executing program 1 (id=1274):
pipe2$9p(&(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd/4\x00')
mount$9p_fd(0x0, &(0x7f0000000180)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})

3.004361276s ago: executing program 1 (id=1277):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x3, 0x8000}, 0x4)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000180)={0x0, 0x6}, 0x4)

2.86746532s ago: executing program 2 (id=1279):
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000480), 0x40202, 0x0)
write$FUSE_WRITE(r0, &(0x7f0000002500)={0x18, 0x0, 0x0, {0x4}}, 0x18)

2.788667491s ago: executing program 1 (id=1281):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$802154_dgram(r0, &(0x7f0000000140)={&(0x7f0000000700)={0x24, @none={0x0, 0x2}}, 0x14, &(0x7f0000000080)={0x0}, 0x7}, 0x20000000)
ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000000))

2.339974722s ago: executing program 1 (id=1283):
syz_mount_image$xfs(&(0x7f0000009600), &(0x7f0000009640)='./file0\x00', 0x840, &(0x7f00000000c0)={[{@lazytime}, {@uqnoenforce}, {@quota}, {@filestreams}, {@grpquota}, {@allocsize={'allocsize', 0x3d, [0x30, 0x39, 0x6d]}}, {@largeio}]}, 0x4, 0x968d, &(0x7f000001c300)="$eJzs3Am4pnMBuP/3DGOXMVRSaiqiRdYsUWYGMxSSJdqRJWUpqdCmRUoqItqzb9nKEsrWSrK3UEKoZIm02Ib5X2fmDGPcpF+//+VX931f1znv+z7v8zzn+34/z3KO5mrzSRtPHAzmGkxv3GDWzr1m8pQxV21w+5FbLXjMcqfcvf8jV1x8/MjjhJHHiYPBYNTI20PTl40dnHraqMHs05Y/3LxzzzM0/2Cw/MjLkf0MVp7+MP/lM9abOkuzDnTo4W/7TP+a1gLDP2L4yWH773X4YDAYM9P2Q4PB0J6P+qDSNp8wedLDVg+5DVuNHnk+89cc07/mv2gwmP+MAR8fM6879CR8pOGfueeLzhm9wZPws//r2nzC5HVn8R8+F2cbWbby8Dk+6zlobNbj/NYltlh1ZAqnHW+DwfAl7hHnyn9Fm0+YtN7gsa/zgyNXu2CfqdOvm3MOpt8o5h4MBvOMXF/ne7Jd6j9rwsQVpt2zZ7weYZ9xLO9Jx8XxbznpweGb9GAwWGgwGLvOjHtBVVVV/Xc0YeIKa8L9f67Hu/+ffPKiZ3T/r6qq+u9t3QkTVxi+189y/5/v8e7/uyx64cem/7f/8StP3+rBJ/dDVFVV1b/VpHXx/j/m8e7/K6956Xrd/6uqqv5722j9aff/+Wa5/y/8ePf/N5602mIj6834veGBmXY5NNP/nnD/TMtnm2n5fTMtHz3TfmZef46Zlt8z0/I5h9+D9ccNBmNn/HvBKQ8vHjtu+L2R5ffOtHz8w/9OZ/G1Zlo+Yablk2ZaPnFkrMPLJ8+0fPJM66/zOFNdVVX1/0wbrTBpzcFM/85+ZPEiM96n+//5Z1679JM13qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqvrv7MHbzzpnMBgMDQaDUYPBlMHI85kfB1OnTp06/Prk8y677Ekb6P8bDZ17zeQpY67a4PYjt1rwmOVOuXv/h2fpv7b//k9Q/0nD/nMdN24w2GnTJ3so9STU+e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7iHrz9rHNGjoFRg8GUwcjzPWc8nrnfG940suqqm51y50EPb7n4+O1Hnp17zeQp2z8JY38SGhr+rGOu2uD2I7da8JjlTrl7//+Bs+e//xPUf9I0/+2HBoOR83vM8Lm8wYSNNllqMBgcdOcpm600eOi9VYbfW23sbIPZpm261LTvay/OO95znemP44e/LfzQPk6etv91px4629Asg5ipV5x7w5Fv3/zuFWd9XPKxP8eoGU8Ov+70u6ZOnTr1EQtHmusxNp6x/xmfZdbzfGTsSw2PfZldd3zXMu/ZfY+lt99xy+222W6bnZZbYZUVV1p+uZVWfdky226/wzbLTv/+GHM2btr3NZ/InM0365zdPmHmOZv1sz3WnI17/DmbtscpewxtMmPOZv8352zNx5+zcduP/KDFx48ebDFtaoYGg8XXGj3YbfjFcnMOBouvPbLuIsPrrj521GCw38MfdPjZnA8dg0N7Dq+z+aSNJz48skd/wkddpx+x4uLjRx4njDxOnD7EcYOHD8Wxg1NPGzU8F4+Y5nnnnmdo/sFg+ZGXI/sZrDry7iEz1ps6S7MOdOjhb/tM/5rWAsM7GX7yjmXPunr4XJxl+/8/+j+6/j/Ka5WhhyZqaORrZJ3pXhMmr/vwz5o2DcNzN9vIspWHTWads/+bPWq842YfjHmc8U5ad+IKw4tnmf8Zm+DxdccSF3xg+rE1fuXpWz34f4xC453vcca77gQc73yPN97jPnjJadN39X9tvLNc69ab9n38E7nWDR7/Wjcb7WCbixeb9Vr36sce4iPO4xlzNOcsKz3WtW63g5ffc3j/4x//Wrfe8NhHP+JaN2owWHzNGde64QvfpNGD/YZfLD/8YvLowTHDL1aY9mLuwXnDL176tp132Hp4wToz5mTZ4f2OHzs0zf2ClW9ZcuoBU6euNTKW8WMfOdaR42PczPfzCWOnT+aMbWfsd3jVGfu9+enT35s0st8J/8Z+Z2xL471zgenvTR7Z78RZ9jv6cfY7Y9tHnQ9LDT104XqM682kWa43I3/jzPhxj/iaY/rX/BcNBvOfQb6zrPsvr5l0/s71OOOdMHGFNYfHN8v5+9DhSOfvJZOvGr5XzD8YDBYaDMauM2Ps/2ZDjzXe2R9/vBNhvLM/3nivOHbH9f8vjHcw03gfcZxtvtH0Y2WdkeNs8r9x/M7Ydtbr2Ohp706/7K/zRK5j4x51HfvobKNmmeyZeqzf2baG9ac/X+Th33OvOfHoGXM/epb9/qvf2Wb6LENwHRszy9/zo9a5fjBEc77ncatfOnTg48/56MEj/7aYMecztn28OZ/8ROb8WY8/50/09+Slnj/9/dGzjH/mOd9w32d+ZsaczzHLfv/VnE9+/HvHo+d8/GA0zfmy902ft8e7nj7WnM/YdsacD3/E1cbOPlh7+J41MueTnsicL/J/5zifB9af/nybhxadfeQpr5sx57PO8b+a80n/7pyPe+g4X3zae88bNZhjjsFuW+666y7LTf8+4+Xy07/zteiea6bP8+PdSx/LaMa2j3derPVEjMY8IaOhf2W06OyPZfTwqXXEzrs87f/0WrTWv2s04GvRVUdPn7fH+73oseZ8xrZ0H1x4pu1n/Tt0o/Wn/d493yz3wRmb4H3w7DPX23vGLkc2e2CWYc64r94/0/LZZlp+30zLR8+0n5nXn2Om5ffMtHz4I8wx0/ozWMcN/807snzKw6uPHf7ladzI8ntnWj7+4W0XX2um5RNmWj5ppuUTHz40Fp880/LJM62/zuDfbMZ/k95+1ot8PdH677/u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zFPXj7WeeMHAOjBoMpg+nPh0YeB3sObXjbGsOPg8Fg9MonTN3wyR7vk9zQuddMnjLmqg1uP3KrBY9Z7pS79/8fOHv++z9B/SdN899+aDAYOb/HbD8YDDaYsNEmSw0Ggw2nnrDyqMFD7y0y/N7qY0cNBvsNPWIHcz60ztCew+tsPmnjiYPBXCNrjHvUD33UefSIFRcfP/I4YeRx4vTr07jBw8fr2MGpp40azD5t+cPNO/c8Q/MPBsuPvBzZz2Dl6Q/zXz5jvamzNOtAhx7+ts/0r2ktMPwjhp/stt3kZw/P1Szb/z/TjGv19qP+5aqd/+7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93/55/R8v/Wom6y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u3/ff+7/X8ZRT06d/+7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8tf3IO3n3XOyDEwajCYMpj+fGjPkcfB0EmnvnDkEBm9+5VHHfpkj/dJbujcayZPGXPVBrcfudWCxyx3yt37/w+cPf/9n6D+k6b5bz80GIyc32O2HwwGG0zYaJOlBoPBoUddufuowUPvLTL83upjRw0G+w09YgdzPrTO0J7D62w+aeOJg8FcI2uMe9QPfdR59IgVFx8/8jhh5HHi9OvTuMHDx+vYwamnjRrMPm35w8079zxD8w8Gy4+8HNnPYOXpD/NfPmO9qbM060CHHv62z/SvaS0w/COGn+w13zUnDc/VLNv/P9OMa/X2o/7lqp3/7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3lL+7B2886Z+QYGDUYTBlMfz5q5HFoz5tu/PAmw4/DrxdcZ+9rnuzxPskNnXvN5Cljrtrg9iO3WvCY5U65e///gbPnv/8T1H/SsP9cx40bDHba9MkeSj0Jdf67y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/uAdvP+uckaejHl46as+OC2zo3GsmTxlz1Qa3H7nVgscsd8rd+z/ZA/pPewz/j+aPWfw/lj9m8f94/pjF/xP5Yxb/vfLHLP6fzB+z+O+dP2bx/1T+mMX/0/ljFv998scs/p/JH7P475s/ZvH/bP6Yxf9z+WMW/8/nj1n898sfs/jvnz9m8f9C/pjF/4D8MYv/gfljFv8v5o9Z/A/KH7P4H5w/ZvH/Uv6Yxf/L+WMW/6/kj1n8v5o/ZvH/Wv6Yxf/r+WMW/2/kj1n8v5k/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi/+38scs/sfnj1n8T8gfs/ifmD9m8T8pf8zif3L+mMX/2/ljFv/v5I9Z/E/JH7P4n5o/ZvE/LX/M4n96/pjF/7v5Yxb/M/LHLP5n5o9Z/M/KH7P4fy9/zOL//fwxi//Z+WMW/3Pyxyz+5+aPWfzPyx+z+J+fP2bx/0H+mMX/h/ljFv8f5Y9Z/H+cP2bx/0n+mMX/p/ljFv8L8scs/hfmj1n8f5Y/ZvG/KH/M4v/z/DGL/8X5Yxb/S/LHLP6X5o9Z/C/LH7P4X54/ZvG/In/M4n9l/pjF/xf5Yxb/X+aPWfx/lT9m8f91/pjF/6r8MYv/1fljFv/f5I9Z/H+bP2bxvyZ/zOL/u/wxi/+1+WMW/+vyxyz+1+ePWfx/nz9m8b8hf8zif2P+mMX/pvwxi/8f8scs/n/MH7P4/yl/zOJ/c/6Yxf/P+WMW/1vyxyz+t+aPWfxvyx+z+N+eP2bx/0v+mMX/jvwxi/+d+WMW/7/mj1n878ofs/j/LX/M4v/3/DGL/z/yxyz+/8wfs/jfnT9m8b8nf8zif2/+mMX/vvwxi//9+WMW/yn5Yxb/B/LHLP4P5o9Z/Kfmj0n8Zxvkj1n8h/LHLP6j8scs/rPlj1n8Z88fs/iPzh+z+M+RP2bxnzN/zOI/V/6YxX/u/DGL/zz5Yxb/efPHLP7z5Y9Z/OfPH7P4PyV/zOK/QP6YxX9M/pjFf8H8MYv/2Pwxi/9C+WMW/4Xzxyz+T80fs/g/LX/M4v/0/DGL/yL5Yxb/Z+SPWfwXzR+z+D8zf8zi/6z8MYv/YvljFv9n549Z/J+TP2bxH5c/ZvF/bv6Yxf95+T+q2UceDf7Pzx+znP+L549Z/JfIH7P4vyB/zOK/ZP6YxX+p/DGL/wvzxyz+L8ofs/i/OH/M4v+S/DGL/9L5Yxb/l+aPWfyXyR+z+C+bP2bxXy5/zOK/fP6YxX+F/DGL/4r5Yxb/l+WPWfxXyh+z+K+cP2bxXyV/zOK/av6Yxf/l+WMW/9Xyxyz+q+ePWfxfkT9m8X9l/pjFf438MYv/+Pwxi/+E/DGL/8T8MYv/mvljFv+18scs/mvnj1n8J+WPWfwnq/xne8JrWvzXUfk/8Sz+6+aPWfxflT9m8X91/pjFf738MYv/+vljFv8N8scs/q/JH7P4b5g/ZvF/bf6YxX+j/DGL/8b5Yxb/TfLHLP6b5o9Z/F+XP2bx3yx/zOK/ef6Yxf/1+WMW/zfkj1n835g/ZvF/U/6Yxf/N+WMW/7fkj1n835o/ZvHfIn/M4r9l/pjFf6v8MYv/2/LHLP5b549Z/LfJH7P4b5s/ZvHfLn/M4v/2/DGL//b5Yxb/d+SPWfzfmT9m8d8hf8ziv2P+mMV/p/wxi//O+WMW/3flj1n8350/ZvHfJX/M4v+e/DGL/675Yxb/9+aPWfzflz9m8X9//pjFf7f8MYv/7vljFv898scs/h/IH7P4fzB/zOL/ofwxi/+H88cs/h/JH7P475k/ZvH/aP6Yxf9j+WMW/4/nj1n8P5E/ZvHfK3/M4v/J/DGL/975Yxb/T+WPWfw/nT9m8d8nf8zi/5n8MYv/vvljFv/P5o9Z/D+XP2bx/3z+mMV/v/wxi//++WMW/y/kj1n8D8gfs/gfmD9m8f9i/pjF/6D8MYv/wfljFv8v5Y9Z/L+cP2bx/0r+mMX/q/ljFv+v5Y9Z/L+eP2bx/0b+mMX/m/ljFv9D8scs/ofmj1n8D8sfs/gfnj9m8T8if8zif2T+mMX/qPwxi//R+WMW/2Pyxyz+x+aPWfyPyx+z+H8rf8zif3z+mMX/hPwxi/+J+WMW/5Pyxyz+J+ePWfy/nT9m8f9O/pjF/5T8MYv/qfljFv/T8scs/qfnj1n8v5s/ZvE/I3/M4n9m/pjF/6z8MYv/9/LHLP7fzx+z+J+dP2bxPyf/aR042yNfW/zPzR+z+J+XP2bxPz9/zOL/g/wxi/8P88cs/j/KH7P4/zh/zOL/k/wxi/9P88cs/hfkj1n8L8wfs/j/LH/M4n9R/pjF/+f5Yxb/i/PHLP6X5I9Z/C/NH7P4X5Y/ZvG/PH/M4n9F/pjF/8r8MYv/L/LHLP6/zB+z+P8qf8zi/+v8MYv/VfljFv+r88cs/r/JH7P4/zZ/zOJ/Tf6Yxf93+WMW/2vzxyz+1+WPWfyvzx+z+P8+f8zif0P+mMX/xvwxi/9N+WMW/z/kj1n8/5g/ZvH/U/6Yxf/m/DGL/5/zxyz+t+SPWfxvzR+z+N+WP2bxvz1/zOL/l/wxi/8d+WMW/zvzxyz+f80fs/jflT9m8f9b/pjF/+/5Yxb/f+SPWfz/mT9m8b87f8zif0/+mMX/3vwxi/99+WMW//vzxyz+U/LHLP4P5I9Z/B/MH7P4T80fk/jPPsgfs/gP5Y9Z/Eflj1n8Z8sfs/jPnj9m8R+dP2bxnyN/zOI/Z/6YxX+u/DGL/9z5Yxb/efLHLP7z5o9Z/OfLH7P4z58/ZvF/Sv6YxX+B/DGL/5j8MYv/gvljFv+x+WMW/4Xyxyz+C+ePWfyfmj9m8X9a/pjF/+n5Yxb/RfLHLP7PyB+z+C+aP2bxf2b+mMX/WfljFv/F8scs/s/OH7P4Pyd/zOI/Ln/M4v/c/DGL//Pyxyz+z88fs/gvnj9m8V8if8zi/4L8MYv/kvljFv+l8scs/i/MH7P4vyh/zOL/4vwxi/9L8scs/kvnj1n8X5o/ZvFfJn/M4r9s/pjFf7n8MYv/8vljFv8V8scs/ivmj1n8X5Y/ZvFfKX/M4r9y/pjFf5X8MYv/qvljFv+X549Z/FfLH7P4r54/ZvF/Rf6Yxf+V+WMW/zXyxyz+4/PHLP4T8scs/hPzxyz+a+aPWfzXyh+z+K+dP2bxn5Q/ZvGfnD9m8V8nf8ziv27+mMX/VfljFv9X549Z/NcT+q/xBNax+K8v9H8iWfw3yB+z+L8mf8ziv2H+mMX/tYPL8ocs/ht1/mMW/43zxyz+m+SPWfw3zR+z+L8uf8ziv1n+mMV/8/wxi//r88cs/m/IH7P4vzF/zOL/pvwxi/+b88cs/m/JH7P4vzV/zOK/Rf6YxX/L/DGL/1b5Yxb/t+WPWfy3zh+z+G+TP2bx3zZ/zOK/Xf6Yxf/t+WMW/+3zxyz+78gfs/i/M3/M4r9D/pjFf8f8MYv/TvljFv+d88cs/u/KH7P4vzt/zOK/S/6Yxf89+WMW/13zxyz+780fs/i/L3/M4v/+/DGL/275Yxb/3fPHLP575I9Z/D+QP2bx/2D+mMX/Q/ljFv8P549Z/D+SP2bx3zN/zOL/0fwxi//H8scs/h/PH7P4fyJ/zOK/V/6Yxf+T+WMW/73zxyz+n8ofs/h/On/M4r9P/pjF/zP5Yxb/ffPHLP6fzR+z+H8uf8zi//n8MYv/fvljFv/988cs/l/IH7P4H5A/ZvE/MH/M4v/F/DGL/0H5Yxb/g/PHLP5fyh+z+H85f8zi/5X8MYv/V/PHLP5fyx+z+H89f8zi/438MYv/N/PHLP6H5I9Z/A/NH7P4H5Y/ZvE/PH/M4n9E/pjF/8j8MYv/UfljFv+j88cs/sfkj1n8j80fs/gflz9m8f9W/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/h/O3/M4v+d/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4fzd/zOJ/Rv6Yxf/M/DGL/1n5Yxb/7+WPWfy/nz9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+P8gfs/j/MH/M4v+j/DGL/4/zxyz+P8kfs/j/NH/M4n9B/pjF/8L8MYv/z/LHLP4X5Y9Z/H+eP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4/yJ/zOL/y/wxi/+v8scs/r/OH7P4X5U/ZvG/On/M4v+b/DGL/2/zxyz+1+SPWfx/lz9m8b82f8zif13+mMX/+vwxi//v88cs/jfkj1n8b8wfs/jflD9m8f9D/pjF/4/5Yxb/P+WPWfxvzh+z+P85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+f8kfs/jfkT9m8b8zf8zi/9f8MYv/XfljFv+/5Y9Z/P+eP2bx/0f+mMX/n/ljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8ziPyV/zOL/QP6Yxf/B/DGL/9T8MYn/6EH+mMV/KH/M4j8qf8ziP1v+mMV/9vwxi//o/DGL/xz5Yxb/OfPHLP5z5Y9Z/OfOH7P4z5M/ZvGfN3/M4j9f/pjFf/78MYv/U/LHLP4L5I9Z/Mfkj1n8F8wfs/iPzR+z+C+UP2bxXzh/zOL/1Pwxi//T8scs/k/PH7P4L5I/ZvF/Rv6YxX/R/DGL/zPzxyz+z8ofs/gvlj9m8X92/pjF/zn5Yxb/cfljFv/n5o9Z/J+XP2bxf37+mMV/8fwxi/8S+WMW/xfkj1n8l8wfs/gvlT9m8X9h/pjF/0X5Yxb/F+ePWfxfkj9m8V86f8zi/9L8MYv/MvljFv9l88cs/svlj1n8l88fs/ivkD9m8V8xf8zi/7L8MYv/SvljFv+V88cs/qvkj1n8V80fs/i/PH/M4r9a/pjFf/X8MYv/K/LHLP6vzB+z+K+RP2bxH58/ZvGfkD9m8Z+YP2bxXzN/zOK/Vv6YxX/t/DGL/6T8MYv/5Pwxi/86+WMW/3Xzxyz+r8ofs/i/On/M4r9e/pjFf/38MYv/BvljFv/X5I9Z/DfMH7P4vzZ/zOK/Uf6YxX/j/DGL/yb5Yxb/TfPHLP6vyx+z+G+WP2bx3zx/zOL/+vwxi/8b8scs/m/MH7P4vyl/zOL/5vwxi/9b8scs/m/NH7P4b5E/ZvHfMn/M4r9V/pjF/235Yxb/rfPHLP7b5I9Z/LfNH7P4b5c/ZvF/e/6YxX/7/DGL/zvyxyz+78wfs/jvkD9m8d8xf8ziv1P+mMV/5/wxi/+78scs/u/OH7P475I/ZvF/T/6YxX/X/DGL/3vzxyz+78sfs/i/P3/M4r9b/pjFf/f8MYv/HvljFv8P5I9Z/D+YP2bx/1D+mMX/w/ljFv+P5I9Z/PfMH7P4fzR/zOL/sfwxi//H88cs/p/IH7P475U/ZvH/ZP6YxX/v/DGL/6fyxyz+n84fs/jvkz9m8f9M/pjFf9/8MYv/Z/PHLP6fyx+z+H8+f8ziv1/+mMV///wxi/8X8scs/gfkj1n8D8wfs/h/MX/M4n9Q/pjF/+D8MYv/l/LHLP5fzh+z+H8lf8zi/9X8MYv/1/LHLP5fzx+z+H8jf8zi/838MYv/IfljFv9D88cs/oflj1n8D88fs/gfkT9m8T8yf8zif1T+mMX/6Pwxi/8x+WMW/2Pzxyz+x+WPWfy/lT9m8T8+f8zif0L+mMX/xPwxi/9J+WMW/5Pzxyz+384fs/h/J3/M4n9K/pjF/9T8MYv/afljFv/T88cs/t/NH7P4n5E/ZvE/M3/M4n9W/pjF/3v5Yxb/7+ePWfzPzh+z+J+TP2bxPzd/zOJ/Xv6Yxf/8/DGL/w/yxyz+P8wfs/j/KH/M4v/j/DGL/0/yxyz+P80fs/hfkD9m8b8wf8zi/7P8MYv/RfljFv+f549Z/C/OH7P4X5I/ZvG/NH/M4n9Z/pjF//L8MYv/FfljFv8r88cs/r/IH7P4/zJ/zOL/q/wxi/+v88cs/lflj1n8r84fs/j/Jn/M4v/b/DGL/zX5Yxb/3+WPWfyvzR+z+F+XP2bxvz5/zOL/+/wxi/8N+WMW/xvzxyz+N+WPWfz/kD9m8f9j/pjF/0/5Yxb/m/PHLP5/zh+z+N+SP2bxvzV/zOJ/W/6Yxf/2/DGL/1/yxyz+d+SPWfzvzB+z+P81f8zif1f+mMX/b/ljFv+/549Z/P+RP2bx/2f+mMX/7vwxi/89+WMW/3vzxyz+9+WPWfzvzx+z+E/JH7P4P5A/ZvF/MH/M4j81f0ziP8cgf8ziP5Q/ZvEflT9m8Z8tf8ziP3v+mMV/dP6YxX+O/DGL/5z5Yxb/ufLHLP5z549Z/OfJH7P4z5s/ZvGfL3/M4j9//pjF/yn5Yxb/BfLHLP5j8scs/gvmj1n8x+aPWfwXyh+z+C+cP2bxf2r+mMX/afljFv+n549Z/BfJH7P4PyN/zOK/aP6Yxf+Z+WMW/2flj1n8F8sfs/g/O3/M4v+c/DGL/7j8MYv/c/PHLP7Pyx+z+D8/f8ziv3j+mMV/ifwxi/8L8scs/kvmj1n8l8ofs/i/MH/M4v+i/DGL/4vzxyz+L8kfs/gvnT9m8X9p/pjFf5n8MYv/svljFv/l8scs/svnj1n8V8gfs/ivmD9m8X9Z/pjFf6X8MYv/yvljFv9V8scs/qvmj1n8X54/ZvFfLX/M4r96/pjF/xX5Yxb/V+aPWfzXyB+z+I/PH7P4T8gfs/hPzB+z+K+ZP2bxXyt/zOK/dv6YxX9S/pjFf3L+mMV/nfwxi/+6+WMW/1flj1n8X50/ZvFfL3/M4r9+/pjFf4P8MYv/a/LHLP4b5o9Z/F+bP2bx3yh/zOK/cf6YxX+T/DGL/6b5Yxb/1+WPWfw3yx+z+G+eP2bxf33+mMX/DfljFv835o9Z/N+UP2bxf3P+mMX/LfljFv+35o9Z/LfIH7P4b5k/ZvHfKn/M4v+2/DGL/9b5Yxb/bfLHLP7b5o9Z/LfLH7P4vz1/zOK/ff6Yxf8d+WMW/3fmj1n8d8gfs/jvmD9m8d8pf8ziv3P+mMX/XfljFv93549Z/HfJH7P4vyd/zOK/a/6Yxf+9+WMW//flj1n8358/ZvHfLX/M4r97/pjFf4/8MYv/B/LHLP4fzB+z+H8of8zi/+H8MYv/R/LHLP575o9Z/D+aP2bx/1j+mMX/4/ljFv9P5I9Z/PfKH7P4fzJ/zOK/d/6Yxf9T+WMW/0/nj1n898kfs/h/Jn/M4r9v/pjF/7P5Yxb/z+WPWfw/nz9m8d8vf8ziv3/+mMX/C/ljFv8D8scs/gfmj1n8v5g/ZvE/KH/M4n9w/pjF/0v5Yxb/L+ePWfy/kj9m8f9q/pjF/2v5Yxb/r+ePWfy/kT9m8f9m/pjF/5D8MYv/ofljFv/D8scs/ofnj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/mPwxi/+x+WMW/+Pyxyz+38ofs/gfnz9m8T8hf8zif2L+mMX/pPwxi//J+WMW/2/nj1n8v5M/ZvE/JX/M4n9q/pjF/7T8MYv/6fljFv/v5o9Z/M/IH7P4n5k/ZvE/K3/M4v+9/DGL//fzxyz+Z+ePWfzPyR+z+J+bP2bxPy9/zOJ/fv6Yxf8H+WMW/x/mj1n8f5Q/ZvH/cf6Yxf8n+WMW/5/mj1n8L8gfs/hfmD9m8f9Z/pjF/6L8MYv/z/PHLP4X549Z/C/JH7P4X5o/ZvG/LH/M4n95/pjF/4r8MYv/lfljFv9f5I9Z/H+ZP2bx/1X+mMX/1/ljFv+r8scs/lfnj1n8f5M/ZvH/bf6Yxf+a/DGL/+/yxyz+1+aPWfyvyx+z+F+fP2bx/33+mMX/hvwxi/+N+WMW/5vyxyz+f8gfs/j/MX/M4v+n/DGL/835Yxb/P+ePWfxvyR+z+N+aP2bxvy1/zOJ/e/6Yxf8v+WMW/zvyxyz+d1r95378ty3+f7X6/4ss/nflj1n8/5Y/ZvH/e/6Yxf8f+WMW/3/mj1n8784fs/jfkz9m8b83f8zif1/+mMX//vwxi/+U/DGL/wP5Yxb/B/PHLP5T88ck/nMO8scs/kP5Yxb/UfljFv/Z8scs/rPnj1n8R+ePWfznyB+z+M+ZP2bxnyt/zOI/d/6YxX+e/DGL/7z5Yxb/+fLHLP7z549Z/J+SP2bxXyB/zOI/Jn/M4r9g/pjFf2z+mMV/ofwxi//C+WMW/6fmj1n8n5Y/ZvF/ev6YxX+R/DGL/zPyxyz+i+aPWfyfmT9m8X9W/pjFf7H8MYv/s/PHLP7PyR+z+I/LH7P4Pzd/zOL/vPwxi//z88cs/ovnj1n8l8gfs/i/IH/M4r9k/pjFf6n8MYv/C/PHLP4vyh+z+L84f8zi/5L8MYv/0vljFv+X5o9Z/JfJH7P4L5s/ZvFfLn/M4r98/pjFf4X8MYv/ivljFv+X5Y9Z/FfKH7P4r5w/ZvFfJX/M4r9q/pjF/+X5Yxb/1fLHLP6r549Z/F+RP2bxf2X+mMV/jfwxi//4/DGL/4T8MYv/xPwxi/+a+WMW/7Xyxyz+a+ePWfwn5Y9Z/Cfnj1n818kfs/ivmz9m8X9V/pjF/9X5Yxb/9fLHLP7r549Z/DfIH7P4vyZ/zOK/Yf6Yxf+1+WMW/43yxyz+G+ePWfw3yR+z+G+aP2bxf13+mMV/s/wxi//m+WMW/9fnj1n835A/ZvF/Y/6Yxf9N+WMW/zfnj1n835I/ZvF/a/6YxX+L/DGL/5b5Yxb/rfLHLP5vyx+z+G+dP2bx3yZ/zOK/bf6YxX+7/DGL/9vzxyz+2+ePWfzfkT9m8X9n/pjFf4f8MYv/jvljFv+d8scs/jvnj1n835U/ZvF/d/6YxX+X/DGL/3vyxyz+u+aPWfzfmz9m8X9f/pjF//35Yxb/3fLHLP67549Z/PfIH7P4fyB/zOL/wfwxi/+H8scs/h/OH7P4fyR/zOK/Z/6Yxf+j+WMW/4/lj1n8P54/ZvH/RP6YxX+v/DGL/yfzxyz+e+ePWfw/lT9m8f90/pjFf5/8MYv/Z/LHLP775o9Z/D+bP2bx/1z+mMX/8/ljFv/98scs/vvnj1n8v5A/ZvE/IH/M4n9g/pjF/4v5Yxb/g/LHLP4H549Z/L+UP2bx/3L+mMX/K/ljFv+v5o9Z/L+WP2bx/3r+mMX/G/ljFv9v5o9Z/A/JH7P4H5o/ZvE/LH/M4n94/pjF/4j8MYv/kfljFv+j8scs/kfnj1n8j8kfs/gfmz9m8T8uf8zi/638MYv/8fljFv8T8scs/ifmj1n8T8ofs/ifnD9m8f92/pjF/zv5Yxb/U/LHLP6n5o9Z/E/LH7P4n54/ZvH/bv6Yxf+M/DGL/5n5Yxb/s/LHLP7fyx+z+H8/f8zif3b+mMX/nPwxi/+5+WMW//Pyxyz+5+ePWfx/kD9m8f9h/pjF/0f5Yxb/H+ePWfx/kj9m8f9p/pjF/4L8MYv/hfljFv+f5Y9Z/C/KH7P4/zx/zOJ/cf6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/K/IH7P4X5k/ZvH/Rf6Yxf+X+WMW/1/lj1n8f50/ZvG/Kn/M4n91/pjF/zf5Yxb/3+aPWfyvyR+z+P8uf8zif23+mMX/uvwxi//1+WMW/9/nj1n8b8gfs/jfmD9m8b8pf8zi/4f8MYv/H/PHLP5/yh+z+N+cP2bx/3P+mMX/lvwxi/+t+WMW/9vyxyz+t+ePWfz/kj9m8b8jf8zif2f+mMX/r/ljFv+78scs/n/LH7P4/z1/zOL/j/wxi/8/88cs/nfnj1n878kfs/jfmz9m8b8vf8zif3/+mMV/Sv6Yxf+B/DGL/4P5Yxb/qfljEv+5BvljFv+h/DGL/6j8MYv/bPljFv/Z88cs/qPzxyz+c+SPWfznzB+z+M+VP2bxnzt/zOI/T/6YxX/e/DGL/3z5Yxb/+fPHLP5PyR+z+C+QP2bxH5M/ZvFfMH/M4j82f8ziv1D+mMV/4fwxi/9T88cs/k/LH7P4Pz1/zOK/SP6Yxf8Z+WMW/0Xzxyz+z8wfs/g/K3/M4r9Y/pjF/9n5Yxb/5+SPWfzH5Y9Z/J+bP2bxf17+mMX/+fljFv/F88cs/kvkj1n8X5A/ZvFfMn/M4r9U/pjF/4X5Yxb/F+WPWfxfnD9m8X9J/pjFf+n8MYv/S/PHLP7L5I9Z/JfNH7P4L5c/ZvFfPn/M4r9C/pjFf8X8MYv/y/LHLP4r5Y9Z/FfOH7P4r5I/ZvFfNX/M4v/y/DGL/2r5Yxb/1fPHLP6vyB+z+L8yf8ziv0b+mMV/fP6YxX9C/pjFf2L+mMV/zfwxi/9a+WMW/7Xzxyz+k/LHLP6T88cs/uvkj1n8180fs/i/Kn/M4v/q/DGL/3r5Yxb/9fPHLP4b5I9Z/F+TP2bx3zB/zOL/2vwxi/9G+WMW/43zxyz+m+SPWfw3zR+z+L8uf8ziv1n+mMV/8/wxi//r88cs/m/IH7P4vzF/zOL/pvwxi/+b88cs/m/JH7P4vzV/zOK/Rf6YxX/L/DGL/1b5Yxb/t+WPWfy3zh+z+G+TP2bx3zZ/zOK/Xf6Yxf/t+WMW/+3zxyz+78gfs/i/M3/M4r9D/pjFf8f8MYv/TvljFv+d88cs/u/KH7P4vzt/zOK/S/6Yxf89+WMW/13zxyz+780fs/i/L3/M4v/+/DGL/275Yxb/3fPHLP575I9Z/D+QP2bx/2D+mMX/Q/ljFv8P549Z/D+SP2bx3zN/zOL/0fwxi//H8scs/h/PH7P4fyJ/zOK/V/6Yxf+T+WMW/73zxyz+n8ofs/h/On/M4r9P/pjF/zP5Yxb/ffPHLP6fzR+z+H8uf8zi//n8MYv/fvljFv/988cs/l/IH7P4H5A/ZvE/MH/M4v/F/DGL/0H5Yxb/g/PHLP5fyh+z+H85f8zi/5X8MYv/V/PHLP5fyx+z+H89f8zi/438MYv/N/PHLP6H5I9Z/A/NH7P4H5Y/ZvE/PH/M4n9E/pjF/8j8MYv/UfljFv+j88cs/sfkj1n8j80fs/gflz9m8f9W/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/h/O3/M4v+d/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4fzd/zOJ/Rv6Yxf/M/DGL/1n5Yxb/7+WPWfy/nz9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+P8gfs/j/MH/M4v+j/DGL/4/zxyz+P8kfs/j/NH/M4n9B/pjF/8L8MYv/z/LHLP4X5Y9Z/H+eP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4/yJ/zOL/y/wxi/+v8scs/r/OH7P4X5U/ZvG/On/M4v+b/DGL/2/zxyz+1+SPWfx/lz9m8b82f8zif13+mMX/+vwxi//v88cs/jfkj1n8b8wfs/jflD9m8f9D/pjF/4/5Yxb/P+WPWfxvzh+z+P85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+f8kfs/jfkT9m8b8zf8zi/9f8MYv/XfljFv+/5Y9Z/P+eP2bx/0f+mMX/n/ljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8ziPyV/zOL/QP6Yxf/B/DGL/9T8MYn/3IP8MYv/UP6YxX9U/pjFf7b8MYv/7PljFv/R+WMW/znyxyz+c+aPWfznyh+z+M+dP2bxnyd/zOI/b/6YxX++/DGL//z5Yxb/p+SPWfwXyB+z+I/JH7P4L5g/ZvEfmz9m8V8of8ziv3D+mMX/qfljFv+n5Y9Z/J+eP2bxXyR/zOL/jPwxi/+i+WMW/2fmj1n8n5U/ZvFfLH/M4v/s/DGL/3Pyxyz+4/LHLP7PzR+z+D8vf8zi//z8MYv/4vljFv8l8scs/i/IH7P4L5k/ZvFfKn/M4v/C/DGL/4vyxyz+L84fs/i/JH/M4r90/pjF/6X5Yxb/ZfLHLP7L5o9Z/JfLH7P4L58/ZvFfIX/M4r9i/pjF/2X5Yxb/lfLHLP4r549Z/FfJH7P4r5o/ZvF/ef6YxX+1/DGL/+r5Yxb/V+SPWfxfmT9m8V8jf8ziPz5/zOI/IX/M4j8xf8ziv2b+mMV/rfwxi//a+WMW/0n5Yxb/yfljFv918scs/uvmj1n8X5U/ZvF/df6YxX+9/DGL//r5Yxb/DfLHLP6vyR+z+G+YP2bxf23+mMV/o/wxi//G+WMW/03yxyz+m+aPWfxflz9m8d8sf8ziv3n+mMX/9fljFv835I9Z/N+YP2bxf1P+mMX/zfljFv+35I9Z/N+aP2bx3yJ/zOK/Zf6YxX+r/DGL/9vyxyz+W+ePWfy3yR+z+G+bP2bx3y5/zOL/9vwxi//2+WMW/3fkj1n835k/ZvHfIX/M4r9j/pjFf6f8MYv/zvljFv935Y9Z/N+dP2bx3yV/zOL/nvwxi/+u+WMW//fmj1n835c/ZvF/f/6YxX+3/DGL/+75Yxb/PfLHLP4fyB+z+H8wf8zi/6H8MYv/h/PHLP4fyR+z+O+ZP2bx/2j+mMX/Y/ljFv+P549Z/D+RP2bx3yt/zOL/yfwxi//e+WMW/0/lj1n8P50/ZvHfJ3/M4v+Z/DGL/775Yxb/z+aPWfw/lz9m8f98/pjFf7/8MYv//vljFv8v5I9Z/A/IH7P4H5g/ZvH/Yv6Yxf+g/DGL/8H5Yxb/L+WPWfy/nD9m8f9K/pjF/6v5Yxb/r+WPWfy/nj9m8f9G/pjF/5v5Yxb/Q/LHLP6H5o9Z/A/LH7P4H54/ZvE/In/M4n9k/pjF/6j8MYv/0fljFv9j8scs/sfmj1n8j8sfs/h/K3/M4n98/pjF/4T8MYv/ifljFv+T8scs/ifnj1n8v50/ZvH/Tv6Yxf+U/DGL/6n5Yxb/0/LHLP6n549Z/L+bP2bxPyN/zOJ/Zv6Yxf+s/DGL//fyxyz+388fs/ifnT9m8T8nf8zif27+mMX/vPwxi//5+WMW/x/kj1n8f5g/ZvH/Uf6Yxf/H+WMW/5/kj1n8f5o/ZvG/IH/M4n9h/pjF/2f5Yxb/i/LHLP4/zx+z+F+cP2bxvyR/zOJ/af6Yxf+y/DGL/+X5Yxb/K/LHLP5X5o9Z/H+RP2bx/2X+mMX/V/ljFv9f549Z/K/KH7P4X50/ZvH/Tf6Yxf+3+WMW/2vyxyz+v8sfe6T/6Cd7OP95j+F/bf6Y5fy/Ln/M4n99/pjF//f5Yxb/G/LHLP435o9Z/G/KH7P4/yF/zOL/x/wxi/+f8scs/jfnj1n8/5w/ZvG/JX/M4n9r/pjF/7b8MYv/7fljFv+/5I9Z/O/IH7P435k/ZvH/a/6Yxf+u/DGL/9/yxyz+f88fs/j/I3/M4v/P/DGL/935Yxb/e/LHLP735o9Z/O/LH7P4358/ZvGfkj9m8X8gf8zi/2D+mMV/av6YxH+eQf6YxX8of8ziPyp/zOI/W/6YxX/2/DGL/+j8MYv/HPljFv8588cs/nPlj1n8584fs/jPkz/2v+8/10Nv5f/o/vf9pzXPfPljFv/588cs/k/JH7P4L5A/ZvEfkz9m8V8wf8ziPzZ/zOK/UP6YxX/h/DGL/1Pzxyz+T8sfs/g/PX/M4r9I/pjF/xn5Yxb/RfPHLP7PzB+z+D8rf8ziv1j+mMX/2fljFv/n5I9Z/Mflj1n8n5s/ZvF/Xv6Yxf/5+WMW/8Xzxyz+S+SPWfxfkD9m8V8yf8ziv1T+mMX/hfljFv8X5Y9Z/F+cP2bxf0n+mMV/6fwxi/9L88cs/svkj1n8l80fs/gvlz9m8V8+f8ziv0L+mMV/xfwxi//L8scs/isp/ad+5F+tYfFfWen/r7P4r5I/ZvFfNX/M4v/y/DGL/2r5Yxb/1fPHLP6vyB+z+L8yf8ziv0b+mMV/fP6YxX9C/pjFf2L+mMV/zfwxi/9a+WMW/7Xzxyz+k/LHLP6T88cs/uvkj1n8180fs/i/Kn/M4v/q/DGL/3r5Yxb/9fPHLP4b5I9Z/F+TP2bx3zB/zOL/2vwxi/9G+WMW/43zxyz+m+SPWfw3zR+z+L8uf8ziv1n+mMV/8/wxi//r88cs/m/IH7P4vzF/zOL/pvwxi/+b88cs/m/JH7P4vzV/zOK/Rf6YxX/L/DGL/1b5Yxb/t+WPWfy3zh+z+G+TP2bx3zZ/zOK/Xf6Yxf/t+WMW/+3zxyz+78gfs/i/M3/M4r9D/pjFf8f8MYv/TvljFv+d88cs/u/KH7P4vzt/zOK/S/6Yxf89+WMW/13zxyz+780fs/i/L3/M4v/+/DGL/275Yxb/3fPHLP575I9Z/D+QP2bx/2D+mMX/Q/ljFv8P549Z/D+SP2bx3zN/zOL/0fwxi//H8scs/h/PH7P4fyJ/zOK/V/6Yxf+T+WMW/73zxyz+n8ofs/h/On/M4r9P/pjF/zP5Yxb/ffPHLP6fzR+z+H8uf8zi//n8MYv/fvljFv/988cs/l/IH7P4H5A/ZvE/MH/M4v/F/DGL/0H5Yxb/g/PHLP5fyh+z+H85f8zi/5X8MYv/V/PHLP5fyx+z+H89f8zi/438MYv/N/PHLP6H5I9Z/A/NH7P4H5Y/ZvE/PH/M4n9E/pjF/8j8MYv/UfljFv+j88cs/sfkj1n8j80fs/gflz9m8f9W/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/h/O3/M4v+d/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4fzd/zOJ/Rv6Yxf/M/DGL/1n5Yxb/7+WPWfy/nz9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+P8gfs/j/MH/M4v+j/DGL/4/zxyz+P8kfs/j/NH/M4n9B/pjF/8L8MYv/z/LHLP4X5Y9Z/H+eP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4/yJ/zOL/y/wxi/+v8scs/r/OH7P4X5U/ZvG/On/M4v+bmf2HOhhmZPH/beSYxf+a/DGL/+/yxyz+1+aPWfyvyx+z+F+fP2bx/33+mMX/hvwxi/+N+WMW/5vyxyz+f8gfs/j/MX/M4v+n/DGL/835Yxb/P+ePWfxvyR+z+N+aP2bxvy1/zOJ/e/6Yxf8v+WMW/zvyxyz+d+aPWfz/mj9m8b8rf8zi/7f8MYv/3/PHLP7/yB+z+P8zf8zif3f+mMX/nvwxi/+9+WMW//vyxyz+9+ePWfyn5I9Z/B/IH7P4P5g/ZvGfmj8m8Z93kD9m8e//8o2z+I/KH7P4z5Y/ZvGfPX/M4j86f8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+M+XP2bxnz9/zOL/lPwxi/8C+WMW/zH5Yxb/BfPHLP5j88cs/gvlj1n8F84fs/g/NX/M4v+0/DGL/9Pzxyz+i+SPWfyfkT9m8V80f8zi/8z8MYv/s/LHLP6L5Y9Z/J+dP2bxf07+mMV/XP6Yxf+5+WMW/+flj1n8n58/ZvFfPH/M4r9E/pjF/wX5Yxb/JfPHLP5L5Y9Z/F+YP2bxf1H+mMX/xfljFv+X5I9Z/JfOH7P4vzR/zOK/TP6YxX/Z/DGL/3L5Yxb/5fPHLP4r5I9Z/FfMH7P4vyx/zOK/Uv6YxX/l/DGL/yr5Yxb/VfPHLP4vzx+z+K+WP2bxXz1/zOL/ivwxi/8r88cs/mvkj1n8x+ePWfwn5I9Z/Cfmj1n818wfs/ivlT9m8V87f8ziPyl/zOI/OX/M4r9O/pjFf938MYv/q/LHLP6vzh+z+K+XP2bxXz9/zOK/Qf6Yxf81+WMW/w3zxyz+r80fs/hvlD9m8d84f8ziv0n+mMV/0/yx/2X/qR95aOm8r8sf+1/2n/n83yx/zOK/ef6Yxf/1+WMW/zfkj1n835g/ZvF/U/6Yxf/N+WMW/7fkj1n835o/ZvHfIn/M4r9l/pjFf6v8MYv/2/LHLP5b549Z/LfJH7P4b5s/ZvHfLn/M4v/2/DGL//b5Yxb/d+SPWfzfmT9m8d8hf8ziv2P+mMV/p/wxi//O+WMW/3flj1n8350/ZvHfJX/M4v+e/DGL/675Yxb/9+aPWfzflz9m8X9//pjFf7f8MYv/7vljFv898scs/h/IH7P4fzB/zOL/ofwxi/+H88cs/h/JH7P475k/ZvH/aP6Yxf9j+WMW/4/nj1n8P5E/ZvHfK3/M4v/J/DGL/975Yxb/T+WPWfw/nT9m8d8nf8zi/5n8MYv/vvljFv/P5o9Z/D+XP2bx/3z+mMV/v/wxi//++WMW/y/kj1n8D8gfs/gfmD9m8f9i/pjF/6D8MYv/wfljFv8v5Y9Z/L+cP2bx/0r+mMX/q/ljFv+v5Y9Z/L+eP2bx/0b+mMX/m/ljFv9D8scs/ofmj1n8D8sfs/gfnj9m8T8if8zif2T+mMX/qPwxi//R+WMW/2Pyxyz+x+aPWfyPyx+z+H8rf8zif3z+mMX/hPwxi/+J+WMW/5Pyxyz+J+ePWfy/nT9m8f9O/pjF/5T8MYv/qfljFv/T8scs/qfnj1n8v5s/ZvE/I3/M4n9m/pjF/6z8MYv/9/LHLP7fzx+z+J+dP2bxPyd/zOJ/bv6Yxf+8/DGL//n5Yxb/H+SPWfx/mD9m8f9R/pjF/8f5Yxb/n+SPWfx/mj9m8b8gf8zif2H+mMX/Z/ljFv+L8scs/j/PH7P4X5w/ZvG/JH/M4n9p/pjF/zKf/9xPZCWL/+U+/yeUxf+K/DGL/5X5Yxb/X+SPWfx/mT9m8f9V/pjF/9f5Yxb/q/LHLP5X549Z/H+TP2bx/23+mMX/mvwxi//v8scs/tfmj1n8r8sfs/hfnz9m8f99/pjF/4b8MYv/jfljFv+b8scs/n/IH7P4/zF/zOL/p/wxi//N+WMW/z/nj1n8b8kfs/jfmj9m8b8tf8zif3v+mMX/L/ljFv878scs/nfmj1n8/5o/ZvG/K3/M4v+3/DGL/9/zxyz+/8gfs/j/M3/M4n93/pjF/578MYv/vfljFv/78scs/vfnj1n8p+SPWfwfyB+z+D+YP2bxn5o/JvGfb5A/ZvEfyh+z+I/KH7P4z5Y/ZvGfPX/M4j86f8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+M+XP2bxnz9/zOL/lPwxi/8C+WMW/zH5Yxb/BfPHLP5j88cs/gvlj1n8F84fs/g/NX/M4v+0/DGL/9Pzxyz+i+SPWfyfkT9m8V80f8zi/8z8MYv/s/LHLP6L5Y9Z/J+dP2bxf07+mMV/XP6Yxf+5+WMW/+flj1n8n58/ZvFfPH/M4r9E/pjF/wX5Yxb/JfPHLP5L5Y9Z/F+YP2bxf1H+mMX/xfljFv+X5I9Z/JfOH7P4vzR/zOK/TP6YxX/Z/DGL/3L5Yxb/5fPHLP4r5I9Z/FfMH7P4vyx/zOK/Uv6YxX/l/DGL/yr5Yxb/VfPHLP4vzx+z+K+WP2bxXz1/zOL/ivwxi/8r88cs/mvkj1n8x+ePWfwn5I9Z/Cfmj1n818wfs/ivlT9m8V87f8ziPyl/zOI/OX/M4r9O/pjFf938MYv/q/LHLP6vzh+z+K+XP2bxXz9/zOK/Qf6Yxf81+WMW/w3zxyz+r80fs/hvlD9m8d84f8ziv0n+mMV/0/wxi//r8scs/pvlj1n8N88fs/i/Pn/M4v+G/DGL/xvzxyz+b8ofs/i/OX/M4v+W/DGL/1vzxyz+W+SPWfy3zB+z+G+VP2bxf1v+mMV/6/wxi/82+WMW/23zxyz+2+WPWfzfnj9m8d8+f8zi/478MYv/O/PHLP475I9Z/HfMH7P475Q/ZvHfOX/sIf9tT/qf9n9X/pjl/H93/pjFf5f8MYv/e/LHLP675o9Z/N+bP2bxf1/+mMX//fljFv/d8scs/rvnj1n898gfs/h/IH/M4v/B/DGL/4fyxyz+H84fs/h/JH/M4r9n/pjF/6P5Yxb/j+WPWfw/nj9m8f9E/pjFf6/8MYv/J/PHLP57549Z/D+VP2bx/3T+mMV/n/wxi/9n8scs/vvmj1n8P5s/ZvH/XP6Yxf/z+WMW//3yxyz+++ePWfy/kD9m8T8gf8zif2D+mMX/i/ljFv+D8scs/gfnj1n8v5Q/ZvH/cv6Yxf8r+WMW/6/mj1n8v5Y/ZvH/ev6Yxf8b+WMW/2/mj1n8D8kfs/gfmj9m8T8sf8zif3j+mMX/iPwxi/+R+WMW/6Pyxyz+R+ePWfyPyR+z+B+bP2bxPy5/zOL/rfwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bx/3b+mMX/O/ljFv9T8scs/qfmj1n8T8sfs/ifnj9m8f9u/pjF/4z8MYv/mfljFv+z8scs/t/LH7P4fz9/zOJ/dv6Yxf+c/DGL/7n5Yxb/8/LHLP7n549Z/H+QP2bx/2H+mMX/R/ljFv8f549Z/H+SP2bx/2n+mMX/gvwxi/+F+WMW/5/lj1n8L8ofs/j/PH/M4n9x/pjF/5L8MYv/pfljFv/L8scs/pfnj1n8r8gfs/hfmT9m8f9F/pjF/5f5Yxb/X+WPWfx/nT9m8b8qf8zif3X+mMX/N/ljFv/f5o9Z/K/JH7P4/y5/zOJ/bf6Yxf+6/DGL//X5Yxb/3+ePWfxvyB+z+N+YP2bxvyl/zOL/h/wxi/8f88cs/n/KH7P435w/ZvH/c/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/P+SP2bxvyN/zOJ/Z/6Yxf+v+WMW/7vyxyz+f8sfs/j/PX/M4v+P/DGL/z/zxyz+d+ePWfzvyR+z+N+bP2bxvy9/zOJ/f/6YxX9K/pjF/4H8MYv/g/ljFv+p+WMS//kH+WMW/6H8MYv/qPwxi/9s+WMW/9nzxyz+o/PHLP5z5I9Z/OfMH7P4z5U/ZvGfO3/M4j9P/pjFf978MYv/fPljFv/588cs/k/JH7P4L5A/ZvEfkz9m8V8wf8ziPzZ/zOK/UP6YxX/h/DGL/1Pzxyz+T8sfs/g/PX/M4r9I/pjF/xn5Yxb/RfPHLP7PzB+z+D8rf8ziv1j+mMX/2fljFv/n5I9Z/Mflj1n8n5s/ZvF/Xv6Yxf/5+WMW/8Xzxyz+S+SPWfxfkD9m8V8yf8ziv1T+mMX/hfljFv8X5Y9Z/F+cP2bxf0n+mMV/6fwxi/9L88cs/svkj1n8l80fs/gvlz9m8V8+f8ziv0L+mMV/xfwxi//L8scs/ivlj1n8V84fs/ivkj9m8V81f8zi//L8MYv/avljFv/V88cs/q/IH7P4vzJ/zOK/Rv6YxX98/pjFf0L+mMV/Yv6YxX/N/DGL/1r5Yxb/tfPHLP6T8scs/pPzxyz+6+SPWfzXzR+z+L8qf8zi/+r8MYv/evljFv/188cs/hvkj1n8X5M/ZvHfMH/M4v/a/DGL/0b5Yxb/jfPHLP6b5I9Z/DfNH7P4vy5/zOK/Wf6YxX/z/DGL/+vzxyz+b8gfs/i/MX/M4v+m/DGL/5vzxyz+b8kfs/i/NX/M4r9F/pjFf8v8MYv/VvljFv+35Y9Z/LfOH7P4b5M/ZvHfNn/M4r9d/pjF/+35Yxb/7fPHLP7vyB+z+L8zf8ziv0P+mMV/x/wxi/9O+WMW/53zxyz+78ofs/i/O3/M4r9L/pjF/z35Yxb/XfPHLP7vzR+z+L8vf8zi//78MYv/bvljFv/d88cs/nvkj1n8P5A/ZvH/YP6Yxf9D+WMW/w/nj1n8P5I/ZvHfM3/M4v/R/DGL/8fyxyz+H88fs/h/In/M4r9X/pjF/5P5Yxb/vfPHLP6fyh+z+H86f8ziv0/+mMX/M/ljFv9988cs/p/NH7P4fy5/zOL/+fwxi/9++WMW//3zxyz+X8gfs/gfkD9m8T8wf8zi/8X8MYv/QfljFv+D88cs/l/KH7P4fzl/zOL/lfwxi/9X88cs/l/LH7P4fz1/zOL/jfwxi/8388cs/ofkj1n8D80fs/gflj9m8T88f8zif0T+mMX/yPwxi/9R+WMW/6Pzxyz+x+SPWfyPzR+z+B+XP2bx/1b+mMX/+Pwxi/8J+WMW/xPzxyz+J+WPWfxPzh+z+H87f8zi/538MYv/KfljFv9T88cs/qflj1n8T88fs/h/N3/M4n9G/pjF/8z8MYv/WfljFv/v5Y9Z/L+fP2bxPzt/zOJ/Tv6Yxf/c/DGL/3n5Yxb/8/PHLP4/yB+z+P8wf8zi/6P8MYv/j/PHLP4/yR+z+P80f8zif0H+mMX/wvwxi//P8scs/hflj1n8f54/ZvG/OH/M4n9J/pjF/9L8MYv/ZfljFv/L88cs/lfkj1n8r8wfs/j/In/M4v/L/DGL/6/yxyz+v84fs/hflT9m8b86f8zi/5v8MYv/b/PHLP7X5I9Z/H+XP2bxvzZ/zOJ/Xf6Yxf/6/DGL/+/zxyz+N+SPWfxvzB+z+N+UP2bx/0P+mMX/j/ljFv8/5Y9Z/G/OH7P4/zl/zOJ/S/6Yxf/W/DGL/235Yxb/2/PHLP5/yR+z+N+RP2bxvzN/zOL/1/wxi/9d+WMW/7/lj1n8/54/ZvH/R/6Yxf+f+WMW/7vzxyz+9+SPWfzvzR+z+N+XP2bxvz9/zOI/JX/M4v9A/pjF/8H8MYv/1Pwxif9TBvljFv+h/DGL/6j8MYv/bPljFv/Z88cs/qPzxyz+c+SPWfznzB+z+M+VP2bxnzt/zOI/T/6YxX/e/DGL/3z5Yxb/+fPHLP5PyR+z+C+QP2bxH5M/ZvFfMH/M4j82f8ziv1D+mMV/4fwxi/9T88cs/k/LH7P4Pz1/zOK/SP6Yxf8Z+WMW/0Xzxyz+z8wfs/g/K3/M4r9Y/pjF/9n5Yxb/5+SPWfzH5Y9Z/J+bP2bxf17+mMX/+fljFv/F88cs/kvkj1n8X5A/ZvFfMn/M4r9U/pjF/4X5Yxb/F+WPWfxfnD9m8X9J/pjFf+n8MYv/S/PHLP7L5I9Z/JfNH7P4L5c/ZvFfPn/M4r9C/pjFf8X8MYv/y/LHLP4r5Y9Z/FfOH7P4r5I/ZvFfNX/M4v/y/DGL/2r5Yxb/1fPHLP6vyB+z+L8yf8ziv0b+mMV/fP6YxX9C/pjFf2L+mMV/zfwxi/9aIv+5/o11Lf5ri/z/nSz+k/LHLP6T88cs/uvkj1n8180fs/i/Kn/M4v/q/DGL/3r5Yxb/9fPHLP4b5I9Z/F+TP2bx3zB/zOL/2vwxi/9G+WMW/43zxyz+m+SPWfw3zR+z+L8uf8ziv1n+mMV/8/wxi//r88cs/m/IH7P4vzF/zOL/pvwxi/+b88cs/m/JH7P4vzV/zOK/Rf6YxX/L/DGL/1b5Yxb/t+WPWfy3zh+z+G+TP2bx3zZ/zOK/Xf6Yxf/t+WMW/+3zxyz+78gfs/i/M3/M4r9D/pjFf8f8MYv/TvljFv+d88cs/u/KH7P4vzt/zOK/S/6Yxf89+WMW/13zxyz+780fs/i/L3/M4v/+/DGL/275Yxb/3fPHLP575I9Z/D+QP2bx/2D+mMX/Q/ljFv8P549Z/D+SP2bx3zN/zOL/0fwxi//H8scs/h/PH7P4fyJ/zOK/V/6Yxf+T+WMW/73zxyz+n8ofs/h/On/M4r9P/pjF/zP5Yxb/ffPHLP6fzR+z+H8uf8zi//n8MYv/fvljFv/988cs/l/IH7P4H5A/ZvE/MH/M4v/F/DGL/0H5Yxb/g/PHLP5fyh+z+H85f8zi/5X8MYv/V/PHLP5fyx+z+H89f8zi/438MYv/N/PHLP6H5I9Z/A/NH7P4H5Y/ZvE/PH/M4n9E/pjF/8j8MYv/UfljFv+j88cs/sfkj1n8j80fs/gflz9m8f9W/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/h/O3/M4v+d/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4fzd/zOJ/Rv6Yxf/M/DGL/1n5Yxb/7+WPWfy/nz9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+P8gfs/j/MH/M4v+j/DGL/4/zxyz+P8kfs/j/NH/M4n9B/pjF/8L8MYv/z/LHLP4X5Y9Z/H+eP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4/yJ/zOL/y/wxi/+v8scs/r/OH7P4X5U/ZvG/On/M4v+b/DGL/2/zxyz+1+SPWfx/lz9m8b82f8zif13+mMX/+vwxi//v88cs/jfkj1n8b8wfs/jflD9m8f9D/pjF/4/5Yxb/P+WPWfxvzh+z+P85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+f8kfs/jfkT9m8b8zf8zi/9f8MYv/XfljFv+/5Y9Z/P+eP2bx/0f+mMX/n/ljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8ziPyV/zOL/QP6Yxf/B/DGL/9T8MYn/AoP8MYv/UP6YxX9U/pjFf7b8MYv/7Pk/otlGHi3+o/PHLP5z5I9Z/OfMH7P4z5U/ZvGfO3/M4j9P/pjFf978MYv/fPljFv/588cs/k/JH7P4L5A/ZvEfkz9m8V8wf8ziPzZ/zOK/UP6YxX/h/DGL/1Pzxyz+T8sfs/g/PX/M4r9I/pjF/xn5Yxb/RfPHLP7PzB+z+D8rf8ziv1j+mMX/2fljFv/n5I9Z/Mflj1n8n5s/ZvF/Xv6Yxf/5+WMW/8Xzxyz+S+SPWfxfkD9m8V8yf8ziv1T+mMX/hfljFv8X5Y9Z/F+cP2bxf0n+mMV/6fwxi/9L88cs/svkj1n8l80fs/gvlz9m8V8+f8ziv0L+mMV/xfwxi//L8scs/ivlj1n8V84fs/ivkj9m8V81f8zi//L8MYv/avljFv/V88cs/q/IH7P4vzJ/zOK/Rv6YxX98/pjFf0L+mMV/Yv6YxX/N/DGL/1r5Yxb/tfPHLP6T8scs/pPzxyz+6+SPWfzXzR+z+L8qf8zi/+r8MYv/evljFv/188cs/hvkj1n8X5M/ZvHfMH/M4v/a/DGL/0b5Yxb/jfPHLP6b5I9Z/DfNH7P4vy5/zOK/Wf6YxX/z/DGL/+vzxyz+b8gfs/i/MX/M4v+m/DGL/5vzxyz+b8kfs/i/NX/M4r9F/pjFf8v8MYv/VvljFv+35Y9Z/LfOH7P4b5M/ZvHfNn/M4r9d/pjF/+35Yxb/7fPHLP7vyB+z+L8zf8ziv0P+mMV/x/wxi/9O+WMW/53zxyz+78ofs/i/O3/M4r9L/pjF/z35Yxb/XfPHLP7vzR+z+L8vf8zi//78MYv/bvljFv/d88cs/nvkj1n8P5A/ZvH/YP6Yxf9D+WMW/w/nj/1/7NGzFiCGAkXRZ79kYtu2bdu2bWdi27Zt27Zt254UqbLW/YLcvbtTn5b/A/2PWv7v5n/U8n93/6OW/3v4H7X839P/qOX/Xv5HLf/39j9q+b+P/1HL/339j1r+7+d/1PJ/f/+jlv8H+B+1/D/Q/6jl/0H+Ry3/D/Y/avl/iP9Ry/9D/Y9a/h/mf9Ty/3D/o5b/R/gftfw/0v+o5f9R/kct/4/2P2r5f4z/Ucv/Y/2PWv4f53/U8v94/6OW/yf4H7X8P9H/qOX/Sf5HLf9P9j9q+X+K/1HL/1P9j1r+n+Z/1PL/dP+jlv9n+B+1/D/T/6jl/1n+Ry3/z/Y/avl/jv9Ry/9z/Y9a/p/nf9Ty/3z/o5b/F/gftfy/0P+o5f9F/kct/y/2P2r5f4n/Ucv/S/2PWv5f5n/U8v9y/6OW/1f4H7X8v9L/qOX/Vf5HLf+v9j9q+X+N/1HL/2v9j1r+X+d/1PL/ev+jlv83+B+1/L/R/6jl/03+Ry3/b/Y/avl/i/9Ry/9b/Y9a/t/mf9Ty/3b/o5b/d/gftfy/0/+o5f9d/kct/+/2P2r5f4//Ucv/e/2PWv7f53/U8v9+/6OW/w/4H7X8f9D/qOX/Q/5HLf8f9j9q+f+I/1HL/0f9j1r+P+Z/1PL/cf+jlv9P+B+1/H/S/6jl/1P+Ry3/n/Y/avn/jP9Ry/9n/Y9a/j/nf9Ty/3n/o5b/L/gftfx/0f+o5f9L/kct/1/2P2r5/4r/Ucv/V/2PWv6/5n/U8v91/6OW/2/4H7X8f9P/qOX/W/5HLf/f9j9q+f+O/1HL/3f9j1r+v+d/1PL/ff+jlv8f+B+1/P/Q/6jl/0f+Ry3/P/Y/avn/if9Ry/9P/Y9a/n/mf9Ty/3P/o5b/X/gftfz/0v+o5f9X/kct/7/2P2r5/43/Ucv/b/2PWv5/53/U8v97/6OW/z/4H7X8/9H/qOX/T/5HLf9/9j9q+f+L/1HL/0H+RyX/B/zJ/6jl/5/9j1r+/8X/qOX/X/2PWv7/zf+o5f/f/Y9a/v/D/6jl/z/9j1r+/8v/qOX/v/2PWv7/x/+o5f9//Y9a/v/P/6jl///9j1r+D+Z/1PJ/cP+jlv8D/I9a/g/hf9Tyf0j/o5b/Q/kftfwf2v+o5f8w/kct/4f1P2r5P5z/Ucv/4f2PWv6P4H/U8n9E/6OW/yP5H7X8H9n/qOX/KP5HLf9H9T9q+T+a/1HL/9H9j1r+j+F/1PJ/TP+jlv9j+R+1/B/b/6jl/zj+Ry3/x/U/avk/nv9Ry//x/Y9a/k/gf9Tyf0L/o5b/E/kftfyf2P+o5f8k/kct/yf1P2r5P5n/Ucv/yf2PWv5P4X/U8n9K/6OW/1P5H7X8n9r/qOX/NP5HLf+n9T9q+T+d/1HL/+n9j1r+z+B/1PJ/Rv+jlv8z+R+1/J/Z/6jl/yz+Ry3/Z/U/avk/m/9Ry//Z/Y9a/s/hf9Tyf07/o5b/c/kftfyf2/+o5f88/kct/+f1P2r5P5//Ucv/+f2PWv4v4H/U8n9B/6OW/wv5H7X8X9j/qOX/Iv5HLf8X9T9q+b+Y/1HL/8X9j1r+L+F/1PJ/Sf+jlv9L+R+1/F/a/6jl/zL+Ry3/l/U/avm/nP9Ry//l/Y9a/q/gf9Tyf0X/o5b/K/kftfxf2f+o5f8q/kct/1f1P2r5v5r/Ucv/1f2PWv6v4X/U8n9N/6OW/2v5H7X8X9v/qOX/Ov5HLf/X9T9q+b+e/1HL//X9j1r+b+B/1PJ/Q/+jlv8b+R+1/N/Y/6jl/yb+/2bQ77Pl/6b+Ry3/N/M/avm/uf9Ry/8t/I9a/m/pf9Tyfyv/o5b/W/sftfzfxv+o5f+2/kct/7fzP2r5v73/Ucv/HfyPWv7v6H/U8n8n/6OW/zv7H7X838X/qOX/rv5HLf8H+h/94f4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/Mq+/cd4XRdwHP8ccIBkGy5mDGuDfFu6pXTHj+EfTkgELvTA34gaAncgeAd0HHacGj/+IJfOH7mRYytXwrCctHnLNZ1dmlmzWLXV7IeapStrkeks2GJd+95977z7dtz6vs/3m5WPxx/3/X4+X14f4LYnnw9TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP9dDY0LjoytGXJq7OCDDx9u7n2dfXTFTQd+331B/2v546XDXHLM4IOenp6e2c/O2lE+nFAUReln21k+nlg5Ll1/Z/2XOvqOwvzuFxcfn/zLxiMH1pz2cF3X0ftqe8/WFjeu29DS/IkxRREuqi06Sgd1NUURFtUW95YO6ksHi2uLh0sHs3oPTim+Wzo4b+3mlqbSiSXR3zP4f9HQuLMYO6TYYsifBoP731n/nTv6X0e4ZP/VxhXl/i/v/OGbFZ/1O0H//dcPCyr7r/o3CJxQdf0/P7//dYRL/sf9f9KTK18e7rMT999//fBJ/UM6wzz/D2m08rm/4vl/+jCXHNhfWdN5vNT/Jbc+M6N8atx/8/z/zvXDRZX9jxny/F96jl/Y//w/oSjCxaP8dsB7SkPjriMj3f9H7n/ctIpNzeD+T2/bvL/U/2OLf/B4+VRtlf0vHOH+P2ZJxa8VqE5D41d7Ku7/VfRffGyYSw70/9bjv32o1P+jf7z/jEGfVdP/xZX9z2xv3TJz6/bOcze0rl7fvL55U92sebPn1tfNPX/OzN5Hgr6vo/yuwHvD6O7/xaSKTU1RNA/sr+468FSp/zkPPDC7fGpilf0vGvH+P939H4b1kTHF+PFFx+r29ra6vq/9h/V9X/t+2DD9V/H3/zPPLv+w2vJrTVFMHdjfecZdy0v9v33omd3lU+Or7H/xiP3PH/h5gQijvP83VWyG9H/w0Iu9z/9L7zl4evlUtX//XzJi/6+4/8NoNDRW/A8/77JS/7uKSyM7DQ3++x+kk6P/R9++vjtuHT6lf0gnR/9/+MLRc+LWYan+IZ0c/Y/beP9zcetwif4hnRz9L5syb3ncOlyqf0gnR/9rXznnr3Hr0Kh/SCdH/2d/ZXdH3Dos0z+kk6P/B9tmb4tbh+X6h3Ry9P/zUx98NW4dLtM/pJOj/2PH7r4hbh0u1z+kk6P/rj1n/ShuHa7QP6STo//L1i0Icetwpf4hnRz9T5v658fi1uEq/UM6Ofqf+5d/nhq3DlfrH9LJ0f/tX1y+L24drtE/pJOj/7HXvfxC3Dqs0D+kk6P/JWdtWxC3DtfqH9LJ0X/Tz5p64tZhZbn/CYX+4V2Xo/+Z3/zJhrh1uM79H9LJ0f/hZY/siVuH6/UP6eTof09dMTluHW7QP6STo/9vfP+0Q3Hr8Gn9Qzo5+v/dk0/Mi1uHVfqHdHL0/+yHbvtW3DrcqH9IJ0f/96x54cy4dVitf0gnR/8P7X3uy3HrsEb/kE6O/l9/vfV9ceuwVv+QTo7+J0085bW4dWjSP6STo/8Ft3ytLW4dmvUP6eTov3V314/j1mGd/iGdHP1/9PjUlXHrsF7/kE6O/lfM2fvBuHW4Sf+QTo7+P7D0gl1x67BB/5BOjv4v7P74hXHrsFH/kE6O/tuf/vzX49bhZv1DOjn63zvj1UVx69Cif0gnR/8vrVry07h1aNU/pJOj/zcfuXZT3Dps0j+kk6P/J37x1rG4ddisf0gnR//vP3/h3+PWYYv+IZ0c/S9a/MbauHX4jP4hnRz9b+z610tx69Cmf0gnR/8zDl+1NG4dtuof0snR//fOrdsftw7t+od0cvR/xxX76uPWYZv+IZ0c/e8/eOddcetwi/4hnRz9v/Gr6dPi1uGz+od0cvR/3+RD18StQ4f+IZ0c/f96U+3TceuwXf+QTo7+/7Fvyo64dejUP6STo/+nXuv+U9w63Kp/SCdH/6vG/WZ83Drcpn9IJ0f/Uzq33Bu3DrfrH9LJ0f+8u1efF7cOn9M/pJOj/61/e/7bceuwQ/+QztbtnTevbmlpbvPGG2+8GXhzsv9kAlJ7J/qT/SsBAAAAAAAAAAAAAABOJMc/JzrZv0cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg3+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhB44FAAAAAIT5WwfRuwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBXAAAA//9O+OOp")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000140)=ANY=[@ANYBLOB="000000004c90020000000000030001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"])

1.486629245s ago: executing program 4 (id=1288):
timer_settime(0x0, 0x0, &(0x7f0000000100)={{}, {0x0, 0x989680}}, 0x0)
r0 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000000)={r0, r0, r0}, &(0x7f0000000040)=""/72, 0x48, &(0x7f0000000280)={&(0x7f00000000c0)={'sha1-ssse3\x00'}})

1.360594053s ago: executing program 3 (id=1290):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@ipv4_newaddr={0x3c, 0x14, 0x1, 0x0, 0x25dfdbfc, {0x2, 0x1f, 0x49, 0xcb, r1}, [@IFA_LOCAL={0x8, 0x2, @multicast1}, @IFA_LABEL={0x14}, @IFA_BROADCAST={0x8, 0x4, @broadcast}]}, 0x3c}}, 0x0)

1.204362807s ago: executing program 1 (id=1291):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)

1.136587605s ago: executing program 2 (id=1292):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000480)=ANY=[@ANYBLOB="6e6f757365725f78617474722c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c6572726f72733d636f6e74696e75652c646174613d77726974656261636b2c6572726f72733d72656d6f756e742d726f2c6e6f61636c2c0033b67a38edf7ca65cff4aecf1bccac7b7847e83ec6928ad9eff2281ff7a2314d9a8541a9772b98d067c1463bb01ed3ebf5764745d29402107611df2e22d6cfb25eb0a8b970f339cf6413aaef25cee228060d70ce0ade90d917a9c5"], 0x1, 0x442f, &(0x7f0000004480)="$eJzs3c9rHFUcAPA3k7RJan8ktYcKggsWFJWQ9KRGME3TH0lbI9UWESHdJNs2ssmWZCMeeog3wZPgQTwUBW85SQ5e65/gxaOeC3rwIghiZHdn053JLlnrbmLL53PYt/N+J9+Z2TeH3RcnyrcXV3OLq7n8cq40f3P1dO6jUnFtqRDiPdJ0/AN7Nz7t6cZ50kafff995jQzc/b8O9dPh/DDwk8Ptra2tkJFb2hqtOH9H7/fnW9M6+JMm0q/zXvrlPdDCCd2zKuiJ4Tw3vchRCGEM0neRJIOhBCOhFrZ9buf3ch1aDZ9Sbo5dmp6495m6789CuGr4jOv3Fr69fmesV9e6tDwAAAAAAAAAAAAAAAAAAA85i5cnbn29shouB+F3o2o9n3dvsbyJG31/ditjnluD/5aAAAAAAAAAAAAAAAAAAAA+H96+P3/XHQ82rlf92SSjrdov/Vm9+dI90y9NTN5bmQ02f89aiiZOVZ5fTXJ+u1MTxhqsu97dv/3M5n+m+//HnVs/vX51ccdDFE8nDqO4+HhEL5JNn4/GR2Ki6XV8ss3S2vLCx2bxmMrHf/a7v2p6CQb+rcb/4lM/93f///pHWdT5fhG506xJ1o6/j0t6/WHqK34n82024v48+jS8e+t5g00Vhiv3QC+/SQKn/fuHv/JTP/div/REEIuqsw1l7oDVNYwlfxW6xXS0vE/UM1L3TqTf2Ql/s2u/z8z8T+X6X+/7v/r2Q8imkrH/2A1rz9V4+H1PxTvfv2fz/S/H/GvzH/d539b0vFPfvmtN1Wl+p9s9/5/IdN/t+J/LU7meTRKnQEbUS2/1e/VkZaOf/+O8ofPf3Fb67+LmfZ79fxXH7f+/Fe//b8Y1Z7/aC4d/4GW9dq9/qcy7bp9/x+vrv94VOn4H6rmpdfOg9XXduM/nem/O/E/uP1uPLP+/7uvtgD42vqvLen4P1XLjBtrrFdfq+u/aPf1/6VM//ux/qvMfz3u7qhPinT8D7esV4n/j218/l/OtOt+/EMYsdZ/ZOn4H2lZr3r99+8e/yuZdt2O/wvd7BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgMTCRpIMhiodTx3E8PBzC2eT4ZDgUzeUXZueKpfkPVkOYTPJz4Xh0q1iayxdnF5dLC4XZfLFYmg/hXFJ+IvRHq8VSeXYpf+f8dl8D0e1CfqU8V8iXQwgXkvxnw5F6X3OL5aX8nRDCxe2yY3Fp5c7t/PLswuLK6yMjIyNhansOQ1Hh43JhuVwbvVYawvR228GoYXLV4kvbczkcfVhaW1nOF6v5lxvaFEvz+WJDmytJ2RdhKCqvrC3P58uF2WLpVn28/TSepJNTV9+9enl0R/mNqJZO7O20AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiX7o+99mUIobd2FIcQxutvomb1v/u58MbsX1c+3Rw7Nb1xb/NBq3oAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMA/7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWGXjlEqBoIwAM+uRazEY1iFpLONKKKFEcETaO0JPIwexUt4BwsLWwsR4gYkL3mkea/6vmZgf3Z2YAcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1rm86+9vmzYixeFPVcXb4/vH//y61Jez+fsHe5iR3bm66c8vmrb8e9rIT8vRZ5eH9Pvr+SFm6uh1sifTffozNH062jLX0r4tzTe+exwp1xHRlfwk5VzX63oBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8sgMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUXfBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADArwAAAP//hykaaw==")
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)

1.112344528s ago: executing program 4 (id=1293):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
setuid(0xee01)
ioctl$SIOCRSSL2CALL(r0, 0x89e2, 0x0)

1.064736885s ago: executing program 3 (id=1294):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x34, r1, 0x1, 0x0, 0x0, {0x10}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}]}, @ETHTOOL_A_COALESCE_STATS_BLOCK_USECS={0x8, 0xa, 0xfffffffd}]}, 0x34}}, 0x0)

972.473189ms ago: executing program 0 (id=1295):
socket$inet_tcp(0x2, 0x1, 0x0)
socket(0x23, 0x5, 0x0)
pselect6(0x40, &(0x7f0000000100), &(0x7f0000000000)={0x1f}, 0x0, 0x0, 0x0)

861.316551ms ago: executing program 3 (id=1296):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r0, 0x4)
setsockopt$inet_tcp_int(r0, 0x6, 0x3, &(0x7f00000001c0), 0x4)

858.104463ms ago: executing program 4 (id=1297):
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)}, 0x12141)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000014c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945f105d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26f8ffa5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f705000000473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057844f226ef4e912f01a201e694e3806e8c70e8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c48eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f3faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4f189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbde8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315896f88a8fb1dd679fb4c515f8b7a5b7aca6a251a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304197c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d944e0b083bbd86b19cb074577a25ff581d92af08a06f857310a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e020000007a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e77fcca110000000800000000000000f8877994ebdc35f7efd41e3babd9b3782edd6776d5b6cb4ecd72c9de9b5503747d71440378cf2c2c7ea2dc5febb654a867f853713cf4c0bb322fbbe446d18dee4c821275ef18259cafc346c8b3b9fb0f3adcf6ea310a6b9a3f59e29a5909ea047fb61affb4bc8bbea1fb761b8933795b1a91358a7791aa843d07020e8bb6fc18458c49ac6313e7165b7d9f65e94a62b69f1011b94340cdb7303f01e5cdb5682ddf73d65c3de1d88dd7496d6345d5b9de0223988056a53e19a8b96b9640bc6c09d3c2ff894d626b57c776ed53f94d5e22ff148061b37f72bd92924cb1d0a725e19b264346b7cae0251a850de78316503f3c3d395c7e3f04fc8d52583327cd2341ce4b2d092815376299686f41353b2823814563011a2223b9dd00000000000000000000003a131374a3371cb3e2a9bb4d798b91cefa444501f40b7c9589e8c0bb6c82123d2b45ce905d0903b32ecf30e828c71a07a83f3275f3d661d1af0ffbd5d7f0"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r0, 0xfeffff, 0xa40, 0x3f000002, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3ff07258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0xf0, 0xffffff0c}, 0x40)

762.379957ms ago: executing program 0 (id=1298):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="2000000076000d0b0040000000000000030000081c00000008000a"], 0x20}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="2c00000015000504e1ff4319918e00352d"], 0x2c}}, 0x60040050)

663.261814ms ago: executing program 4 (id=1299):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r0, 0x114, 0xa, &(0x7f0000000180)=ANY=[], 0x4)

572.827327ms ago: executing program 3 (id=1300):
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet(0x2b, 0x801, 0x0)
splice(r1, 0x0, r0, 0x0, 0x39000, 0x9)

572.195628ms ago: executing program 0 (id=1301):
r0 = syz_genetlink_get_family_id$team(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000100000000000300000008000100", @ANYBLOB="03"], 0x20}}, 0x0)

431.872172ms ago: executing program 3 (id=1302):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
io_setup(0xc9f, &(0x7f0000000000)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])

431.133408ms ago: executing program 4 (id=1303):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), r0)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000580)=ANY=[@ANYBLOB="90000000", @ANYRES16=r1, @ANYBLOB="01000000000000000000010000000c00060003000000000000000c0002000000000000000000040007800c000800000000000000000008000a00000000004400078008"], 0x90}}, 0x64000008)

385.38482ms ago: executing program 0 (id=1304):
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x40, 0x1ff)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)
mount$nfs(&(0x7f00000000c0)='@\x00', &(0x7f0000000040)='./file1\x00', 0x0, 0x28, 0x0)

209.614596ms ago: executing program 0 (id=1305):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x19, 0x3, 0x7ffc0001}]})
r0 = open(&(0x7f0000000080)='./bus\x00', 0x147842, 0x49)
preadv2(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

176.528213ms ago: executing program 4 (id=1306):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x4810, &(0x7f00000000c0)=ANY=[@ANYRES8=0x0, @ANYRESOCT=0x0, @ANYRES64=0x0], 0x11, 0x6a0, &(0x7f0000004200)="$eJzs3c1vHGcdB/DvrNcvm0qO26ZpQJUwjVRQIxI7VgrhkoAQClKFqnDgbDVOY8VJg+OitAfiAhJXDvwB5RAucAIhJCSkSOUMt4qbxakSEpee0h4YNLOz9trd9UvebMPnE80+zzPPzDO/+c3LvkTWBPi/delU2vfTyaVTr9+p2mv35pbW7s3d6NWTjCdpJe1ukeJmUnyYXEx3yheqmc1wxbDt/Grx/OWPPln7uNtqZ2O86qUzPMD2bvZitZkynWSkKR/BpvHefLjxxjeqxXpmqoSd7CUO9ttoknKTHx3f6BmkHOlrDL3egcOj6L5v9ule/1PJkSQTvTe01W5n6+lHuKM93YtWn1wcAAAAcGAcfXA3uZPJ/Y4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADpPm+f9FM7V69ekUvef/j/U9Y39sn8MdbvvIJnqV+62nEQwAAAAAAAAAPFlfepDfXi7LyV67LOr/83+5bhyrX5/JO7mdhSzndO5kPitZyXJmk0z1DTR2Z35lZXm2t+ZnZVkOWfPswDXP7jLgzuPYawAAAAAAAAD4n3GhKX+aS5nc51gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCTIhnpFvV0rFefSqudZCLJWLXcavL3Xv0wu7/fAQAAAMBTcPRBHuROJnvtsqi/8x+vv/dP5J3czEoWs5KlLORK/VtA91t/a+3e3NLavbkb1fT5cb/17436HyZ3DKMeMd3fHgZv+US9RCdXs1jPOZ0383aWciWtes3KiV48g+N6v4qpuNBVlrtL0JWmrPb8l015MEzVGRldz8hME1uVjWe3z0T/0XmILc2mtf7Lz7E95PzCtlsp/tM7Jkd6c5Jnvrdzzkf3tDOPZGsmzvadfce3z0TylT/+7ofXlm5ev1asnjo4p9EejP9z46rZmom5vky8uOtMXL19ODOxVSsvrNcv5bv5QU5lOm9kOYv5ceazkoVM5zt1bb45n6vXqe0zdXFT642dohhrjsvIlpi+fLRbbhfTy/W6k1nM9/N2rmQhr9X/zmY2X8+5nMv5viP8wi6u+taAq/5Pw4M/+dWm0knyi6Y8GKq8PtuX1/577lTd1z+nlXK8u95zj+3euK79xaZSHYmfNeXBsJ6Jiay/S/Sie76XgdGBmfh1fVu5vXTz+vK1+Vtbxi1WB2/vlWze/T3dSEb2svBeVefLc9XBqlubz46q7/mBfbN137H1vtbWvt901vt2ulLHms9wnx/pbN334sC+ubrvRF/fxuetz8qy7H7eAuDAO/LqkbHOvzp/63zQ+XnnWuf1iW+Pf2P8pbGM/nX0m+2ZkVdaLxW/zwf5SXb+hg4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOzo9rvvXZ9fWlpY3lIpy/LukK4nUkk72TTnL3/uWyZJ/TCg3Q9YLX2xldRz2mkqewvs7sPtzvsPm4R/NMfkqST8sVQmhp4/WyuflmV5MGLeTaVsHJR4nkDl1bIst11mX29LwFNwZuXGrTO3333va4s35t9aeGvh5vlz587PnD/32tyZq4tLCzPd1/2OEngS+j6BAwAAAAAAAAAAAIfE7v44p3i0v+0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeASXTqV9P0VmZ07PVO21e3NL1dSrbyz5aZJWkmI6KT5MLqY7ZapvuGLYdlaTyx99svZxt9Vupnr51nbr7c5qM2U6yUhTDjAxaGZ5d9h4RT3OreHjbTFsL4r1viphJ3uJg/323wAAAP//H4wcFQ==")
r0 = open(&(0x7f0000000040)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f00000003c0)={0x80d8})

746.838µs ago: executing program 3 (id=1307):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x7, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000080ff0000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bca90000000000003509020000d44affe5000d0000000000b702000000000000739af0ff00000000c509040004100000c3aaf0ff00000000bf8600000000000007080000f8ffffffbfa400000000000007060000f0ffffffb70200000800000018220000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf9800000000000056080000000000048500000007000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x6d, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

0s ago: executing program 0 (id=1308):
r0 = syz_io_uring_setup(0x499, &(0x7f0000000200)={0x0, 0x4661, 0x8, 0x3, 0x288}, &(0x7f0000000140), &(0x7f0000000380))
io_setup(0x8, &(0x7f0000004200)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000280)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])

kernel console output (not intermixed with test programs):

le1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  154.712657][ T7426] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 15: comm syz.0.539: path /136/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  154.829642][ T7426] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 16: comm syz.0.539: path /136/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  154.855782][ T5840] Bluetooth: hci4: command tx timeout
[  154.993556][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.270995][ T7424] loop2: detected capacity change from 0 to 32768
[  155.313421][ T7424] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.538 (7424)
[  155.335527][ T7451] loop4: detected capacity change from 0 to 1764
[  155.368452][ T7424] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  155.379528][ T7424] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  155.390731][ T1210] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  155.419000][ T7439] loop3: detected capacity change from 0 to 32768
[  155.421676][ T7424] BTRFS info (device loop2): using free-space-tree
[  155.493773][ T7451] iso9660: Corrupted directory entry in block 2 of inode 1920
[  155.564069][ T1210] usb 1-1: Using ep0 maxpacket: 16
[  155.601278][ T1210] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  155.628310][ T7439] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  155.679290][ T1210] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  155.720157][ T1210] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  155.791841][ T1210] usb 1-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00
[  155.814205][ T1210] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.854164][ T5843] ocfs2: Unmounting device (7,3) on (node local)
[  155.875579][ T1210] usb 1-1: config 0 descriptor??
[  156.013395][ T7480] netlink: 12 bytes leftover after parsing attributes in process `syz.1.556'.
[  156.013877][ T5846] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  156.259951][ T7482] loop1: detected capacity change from 0 to 256
[  156.317241][ T7482] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d)
[  156.349397][ T1210] hid-u2fzero 0003:10C4:8ACF.0006: hidraw0: USB HID v0.00 Device [HID 10c4:8acf] on usb-dummy_hcd.0-1/input0
[  156.451301][ T1210] hid-u2fzero 0003:10C4:8ACF.0006: U2F Zero LED initialised
[  156.491326][ T1210] hid-u2fzero 0003:10C4:8ACF.0006: U2F Zero RNG initialised
[  156.580965][ T1210] usb 1-1: USB disconnect, device number 3
[  156.628500][ T7483] fido_id[7483]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/1-1/report_descriptor': No such file or directory
[  157.022003][ T7494] loop1: detected capacity change from 0 to 512
[  157.091203][ T7494] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  157.133079][ T7476] loop4: detected capacity change from 0 to 32768
[  157.147595][ T7494] EXT4-fs (loop1): 1 truncate cleaned up
[  157.161534][ T7476] XFS: noikeep mount option is deprecated.
[  157.188215][ T7494] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.268068][ T7476] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  157.323997][ T7506] mmap: syz.0.560 (7506) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  157.334786][ T7494] EXT4-fs error (device loop1): ext4_lookup:1787: inode #16: comm syz.1.559: iget: bad i_size value: 5497558147880
[  157.423095][ T7494] EXT4-fs (loop1): Remounting filesystem read-only
[  157.434615][ T7485] loop3: detected capacity change from 0 to 32768
[  157.440705][ T7476] XFS (loop4): Ending clean mount
[  157.451703][ T7485] btrfs: Deprecated parameter 'usebackuproot'
[  157.457892][ T7485] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  157.478421][ T7485] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.554 (7485)
[  157.552776][ T7485] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  157.581509][ T7485] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm
[  157.593572][ T5839] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.609314][ T7485] BTRFS info (device loop3): using free-space-tree
[  157.661053][ T5834] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  157.908794][ T7489] loop2: detected capacity change from 0 to 40427
[  157.944415][ T7485] BTRFS info (device loop3): rebuilding free space tree
[  157.987871][ T7489] F2FS-fs (loop2): Invalid segment/section count (24 != 1 * 1)
[  158.058511][ T7489] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  158.169837][ T7489] F2FS-fs (loop2): invalid crc value
[  158.193238][   T30] audit: type=1800 audit(1749798577.818:2525): pid=7485 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.554" name="file1" dev="loop3" ino=260 res=0 errno=0
[  158.393503][ T7485] BTRFS info (device loop3): balance: start -sconvert=raid0,soft
[  158.466357][ T7485] BTRFS info (device loop3): left=0, need=98304, flags=10
[  158.513739][ T7485] BTRFS info (device loop3): space_info SYSTEM (sub-group id 0) has 0 free, is not full
[  158.523944][ T7485] BTRFS info (device loop3): space_info total=4194304, used=4096, pinned=0, reserved=0, may_use=0, readonly=4190208 zone_unusable=0
[  158.538793][ T7485] BTRFS info (device loop3): global_block_rsv: size 1441792 reserved 1441792
[  158.548862][ T7485] BTRFS info (device loop3): trans_block_rsv: size 0 reserved 0
[  158.556675][ T7485] BTRFS info (device loop3): chunk_block_rsv: size 0 reserved 0
[  158.564471][ T7485] BTRFS info (device loop3): delayed_block_rsv: size 0 reserved 0
[  158.572392][ T7485] BTRFS info (device loop3): delayed_refs_rsv: size 0 reserved 0
[  158.598467][ T7485] BTRFS info (device loop3): relocating block group 1048576 flags system
[  158.697925][ T7489] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  158.780864][ T7489] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  158.967670][ T7485] BTRFS info (device loop3): balance: ended with status: 0
[  159.035894][ T7563] use of bytesused == 0 is deprecated and will be removed in the future,
[  159.080305][ T7563] use the actual size instead.
[  159.088576][ T5846] syz-executor: attempt to access beyond end of device
[  159.088576][ T5846] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  159.128201][ T5846] CPU: 1 UID: 0 PID: 5846 Comm: syz-executor Not tainted 6.16.0-rc1-next-20250613-syzkaller #0 PREEMPT(full) 
[  159.128229][ T5846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  159.128241][ T5846] Call Trace:
[  159.128249][ T5846]  <TASK>
[  159.128258][ T5846]  dump_stack_lvl+0x189/0x250
[  159.128287][ T5846]  ? __pfx_dump_stack_lvl+0x10/0x10
[  159.128303][ T5846]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  159.128332][ T5846]  ? __pfx_queue_work_on+0x10/0x10
[  159.128353][ T5846]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  159.128379][ T5846]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  159.128408][ T5846]  ? f2fs_hw_is_readonly+0x39b/0x470
[  159.128439][ T5846]  f2fs_handle_critical_error+0x37c/0x540
[  159.128472][ T5846]  f2fs_write_end_io+0x495/0x810
[  159.128499][ T5846]  ? blkg_put+0x22/0x240
[  159.128542][ T5846]  __submit_merged_bio+0x27a/0x6a0
[  159.128575][ T5846]  __submit_merged_write_cond+0x255/0x530
[  159.128608][ T5846]  f2fs_write_data_pages+0x261d/0x3000
[  159.128675][ T5846]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  159.128757][ T5846]  ? __mod_zone_page_state+0xd7/0x140
[  159.128787][ T5846]  ? unwind_next_frame+0xa5/0x2390
[  159.128816][ T5846]  ? rcu_is_watching+0x15/0xb0
[  159.128834][ T5846]  ? __kasan_check_byte+0x12/0x40
[  159.128868][ T5846]  ? is_bpf_text_address+0x26/0x2b0
[  159.128907][ T5846]  ? rcu_is_watching+0x15/0xb0
[  159.128940][ T5846]  ? rcu_is_watching+0x15/0xb0
[  159.128957][ T5846]  ? lock_release+0x4b/0x3e0
[  159.128999][ T5846]  ? lock_release+0x4b/0x3e0
[  159.129061][ T5846]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  159.129087][ T5846]  do_writepages+0x32b/0x550
[  159.129117][ T5846]  ? do_raw_spin_unlock+0x122/0x240
[  159.129143][ T5846]  filemap_fdatawrite+0x199/0x240
[  159.129162][ T5846]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  159.129230][ T5846]  ? do_raw_spin_unlock+0x122/0x240
[  159.129256][ T5846]  f2fs_sync_dirty_inodes+0x31f/0x830
[  159.129300][ T5846]  f2fs_write_checkpoint+0x95a/0x1df0
[  159.129352][ T5846]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  159.129418][ T5846]  ? try_to_wake_up+0x7e5/0x1290
[  159.129447][ T5846]  ? kill_f2fs_super+0x298/0x6c0
[  159.129479][ T5846]  kill_f2fs_super+0x2c3/0x6c0
[  159.129513][ T5846]  ? __pfx_kill_f2fs_super+0x10/0x10
[  159.129537][ T5846]  ? radix_tree_delete_item+0x2b6/0x400
[  159.129570][ T5846]  ? shrinker_free+0x2ce/0x3e0
[  159.129598][ T5846]  deactivate_locked_super+0xb9/0x130
[  159.129627][ T5846]  cleanup_mnt+0x425/0x4c0
[  159.129652][ T5846]  ? lockdep_hardirqs_on+0x9c/0x150
[  159.129681][ T5846]  task_work_run+0x1d4/0x260
[  159.129708][ T5846]  ? __pfx_task_work_run+0x10/0x10
[  159.129729][ T5846]  ? __x64_sys_umount+0x122/0x160
[  159.129752][ T5846]  ? exit_to_user_mode_loop+0x40/0x110
[  159.129782][ T5846]  exit_to_user_mode_loop+0xec/0x110
[  159.129808][ T5846]  do_syscall_64+0x2bd/0x3b0
[  159.129836][ T5846]  ? lockdep_hardirqs_on+0x9c/0x150
[  159.129861][ T5846]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.129879][ T5846]  ? clear_bhb_loop+0x60/0xb0
[  159.129902][ T5846]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.129920][ T5846] RIP: 0033:0x7f182bf8fc57
[  159.129937][ T5846] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  159.129952][ T5846] RSP: 002b:00007fff9f0c4e98 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  159.129972][ T5846] RAX: 0000000000000000 RBX: 00007f182c010925 RCX: 00007f182bf8fc57
[  159.129984][ T5846] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff9f0c4f50
[  159.129995][ T5846] RBP: 00007fff9f0c4f50 R08: 0000000000000000 R09: 0000000000000000
[  159.130006][ T5846] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff9f0c5fe0
[  159.130018][ T5846] R13: 00007f182c010925 R14: 0000000000026cc8 R15: 00007fff9f0c6020
[  159.130049][ T5846]  </TASK>
[  159.518361][ T5846] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  159.560978][ T5843] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  159.969030][ T7572] usb usb8: usbfs: interface 0 claimed by hub while 'syz.4.577' resets device
[  160.529096][ T7592] loop2: detected capacity change from 0 to 128
[  160.546478][ T7591] loop4: detected capacity change from 0 to 1024
[  161.006562][ T7601] loop1: detected capacity change from 0 to 4096
[  161.031779][ T7604] loop2: detected capacity change from 0 to 1024
[  161.072011][ T7601] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[  161.882584][ T7626] loop0: detected capacity change from 0 to 256
[  161.941160][ T7626] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  161.992728][ T7628] loop3: detected capacity change from 0 to 64
[  161.994478][ T7626] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512
[  162.066403][ T7626] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  162.110974][ T7626] UDF-fs: Scanning with blocksize 512 failed
[  162.181256][ T7626] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  162.219743][ T7626] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  162.313803][   T30] audit: type=1800 audit(1749798581.948:2526): pid=7626 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.595" name="file2" dev="loop0" ino=66 res=0 errno=0
[  162.457327][ T7615] loop2: detected capacity change from 0 to 32768
[  162.545285][ T7615] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  162.843029][ T5846] ocfs2: Unmounting device (7,2) on (node local)
[  163.288416][ T7640] loop0: detected capacity change from 0 to 32768
[  163.340458][ T7640] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.601 (7640)
[  163.391225][ T7658] netlink: 4 bytes leftover after parsing attributes in process `syz.4.610'.
[  163.432522][ T7640] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  163.437246][ T7636] loop3: detected capacity change from 0 to 32768
[  163.451596][ T7658] A link change request failed with some changes committed already. Interface wg2 may have been left with an inconsistent configuration, please check.
[  163.482083][ T7640] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  163.618462][ T7640] BTRFS info (device loop0): rebuilding free space tree
[  163.666203][ T7675] loop2: detected capacity change from 0 to 512
[  163.734757][ T7675] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  163.760101][ T7640] BTRFS info (device loop0): disabling free space tree
[  163.823719][ T7675] EXT4-fs (loop2): orphan cleanup on readonly fs
[  163.829812][ T7640] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  163.856082][ T7675] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.611: iget: bad i_size value: 360287970189639680
[  163.874327][ T7640] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  163.885526][ T7675] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.611: couldn't read orphan inode 15 (err -117)
[  163.981302][ T7675] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  164.072898][   T30] audit: type=1800 audit(1749798583.698:2527): pid=7640 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.601" name="file1" dev="loop0" ino=260 res=0 errno=0
[  164.147292][ T7684] loop4: detected capacity change from 0 to 1024
[  164.175474][ T7684] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (12806!=20869)
[  164.207532][ T5849] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  164.233945][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.253913][ T7684] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c018, mo2=0002]
[  164.320732][ T7684] System zones: 0-1, 3-36
[  164.364373][ T7684] EXT4-fs (loop4): orphan cleanup on readonly fs
[  164.445718][ T7684] EXT4-fs (loop4): 1 orphan inode deleted
[  164.502718][ T7684] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  164.649567][ T7684] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.662821][ T7656] loop1: detected capacity change from 0 to 32768
[  165.280626][ T7705] netlink: 16 bytes leftover after parsing attributes in process `syz.2.624'.
[  165.539255][ T7686] loop3: detected capacity change from 0 to 32768
[  165.606862][ T7686] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  165.853282][ T7730] loop0: detected capacity change from 0 to 64
[  165.897904][ T7686] XFS (loop3): Ending clean mount
[  166.000755][ T7734] loop1: detected capacity change from 0 to 256
[  166.039335][ T7734] exfat: Deprecated parameter 'utf8'
[  166.124761][ T7734] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  166.154488][ T5843] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  166.280697][ T1210] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  166.467665][ T1210] usb 5-1: Using ep0 maxpacket: 32
[  166.491609][ T1210] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  166.522526][ T7745] loop0: detected capacity change from 0 to 512
[  166.526882][ T1210] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  166.577350][ T1210] usb 5-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  166.619701][ T1210] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  166.643824][ T1210] usb 5-1: config 0 descriptor??
[  166.645049][ T7745] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.750125][ T7745] ext4 filesystem being mounted at /157/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  166.936628][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.059230][ T7761] netlink: 4 bytes leftover after parsing attributes in process `syz.0.643'.
[  167.099696][ T1210] ft260 0003:0403:6030.0007: unknown main item tag 0x0
[  167.173992][ T7751] loop3: detected capacity change from 0 to 32768
[  167.225004][ T7751] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  167.283616][ T1210] ft260 0003:0403:6030.0007: failed to retrieve chip version
[  167.309930][ T1210] ft260 0003:0403:6030.0007: probe with driver ft260 failed with error -71
[  167.325149][ T7775] warning: `syz.2.646' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  167.400059][ T7751] XFS (loop3): Ending clean mount
[  167.421116][ T1210] usb 5-1: USB disconnect, device number 7
[  167.445007][ T7751] XFS (loop3): Quotacheck needed: Please wait.
[  167.560466][ T7751] XFS (loop3): Quotacheck: Done.
[  167.673298][ T5843] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  167.975982][ T7784] loop1: detected capacity change from 0 to 64
[  168.096393][ T7788] loop3: detected capacity change from 0 to 64
[  168.137008][ T7777] loop0: detected capacity change from 0 to 32768
[  168.486612][ T7777] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,no_splitbrain_check,journal_flush_disabled,norecovery,nojournal_transaction_names,reconstruct_alloc
[  168.486645][ T7777]   allowing incompatible features above 0.0: (unknown version)
[  168.486658][ T7777]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  168.622073][ T7786] loop4: detected capacity change from 0 to 32768
[  168.697904][ T7777] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  168.712398][ T7777] bcachefs (loop0): invalid journal entry, version=1.7: mi_btree_bitmap type=data_usage in superblock: invalid journal entry usage: bad nr_required in entry journal: 4/1 [0], fixing
[  168.731472][ T7777] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[  168.739675][ T7777] bcachefs (loop0): Version upgrade required:
[  168.739675][ T7777] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  168.739675][ T7777] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  168.739675][ T7777]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  168.770710][ T7799] loop3: detected capacity change from 0 to 160
[  168.910461][ T7786] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,no_splitbrain_check,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc
[  168.910598][ T7786]   allowing incompatible features above 0.0: (unknown version)
[  168.910612][ T7786]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  168.938531][ T7802] loop1: detected capacity change from 0 to 2048
[  168.941993][ T7777] bcachefs (loop0): dropping and reconstructing all alloc info
[  168.976799][ T7799] iso9660: Unknown parameter 's§Ÿ3௷Dj’N'
[  169.009901][ T7802] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  169.033509][ T7777] bcachefs (loop0): accounting_read... done
[  169.037092][ T7777] bcachefs (loop0): alloc_read... done
[  169.037495][ T7777] bcachefs (loop0): snapshots_read... done
[  169.037995][ T7777] bcachefs (loop0): Fixed errors, running fsck a second time to verify fs is clean
[  169.038672][ T7777] bcachefs (loop0): done starting filesystem
[  169.065506][ T7802] syz.1.657: attempt to access beyond end of device
[  169.065506][ T7802] loop1: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  169.065614][ T7803] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  169.118902][ T7802] syz.1.657: attempt to access beyond end of device
[  169.118902][ T7802] loop1: rw=0, sector=33554430, nr_sectors = 2 limit=2048
[  169.119111][ T7802] NILFS (loop1): I/O error reading meta-data file (ino=6, block-offset=3)
[  169.119134][ T7802] NILFS (loop1): error -5 reading inode: ino=15
[  169.131593][ T7802] syz.1.657: attempt to access beyond end of device
[  169.131593][ T7802] loop1: rw=0, sector=33554430, nr_sectors = 2 limit=2048
[  169.131793][ T7802] NILFS (loop1): I/O error reading meta-data file (ino=6, block-offset=3)
[  169.131812][ T7802] NILFS (loop1): error -5 reading inode: ino=15
[  169.303585][ T7777] bcachefs (loop0): unable to set label with more than 31 bytes
[  169.458516][ T5849] bcachefs (loop0): shutting down
[  169.547371][ T7807] loop1: detected capacity change from 0 to 1024
[  169.562724][ T5849] bcachefs (loop0): shutdown complete
[  169.970384][ T7811] netlink: 64 bytes leftover after parsing attributes in process `syz.1.663'.
[  169.988047][ T7813] loop3: detected capacity change from 0 to 16
[  170.014035][ T7786] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  170.040646][ T7786] bcachefs (loop4): recovering from clean shutdown, journal seq 10
[  170.052093][ T7813] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  170.070680][ T7811] netlink: 208 bytes leftover after parsing attributes in process `syz.1.663'.
[  170.101966][ T7786] bcachefs (loop4): Version upgrade required:
[  170.101966][ T7786] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  170.101966][ T7786] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  170.101966][ T7786]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  170.291095][ T7786] bcachefs (loop4): dropping and reconstructing all alloc info
[  170.381522][ T7786] bcachefs (loop4): accounting_read... done
[  170.431998][ T7786] bcachefs (loop4): alloc_read... done
[  170.469148][ T7786] bcachefs (loop4): snapshots_read... done
[  170.492127][ T7786] bcachefs (loop4): done starting filesystem
[  170.634481][ T7823] loop0: detected capacity change from 0 to 256
[  170.661833][ T7823] vfat: Unknown parameter 'shoru~ame'
[  170.774158][ T5834] bcachefs (loop4): shutting down
[  170.814504][ T7825] loop1: detected capacity change from 0 to 128
[  170.910327][ T5834] bcachefs (loop4): shutdown complete
[  171.250822][ T5933] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  171.369851][ T7818] loop3: detected capacity change from 0 to 32768
[  171.410708][ T5933] usb 1-1: Using ep0 maxpacket: 16
[  171.417827][ T5933] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  171.432444][ T7818] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.666 (7818)
[  171.447801][ T5933] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  171.476320][ T5933] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  171.502929][ T5933] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  171.510552][ T7818] BTRFS info (device loop3): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  171.531473][ T5933] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  171.541012][ T7818] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  171.557889][ T7818] BTRFS info (device loop3): using free-space-tree
[  171.581863][ T5933] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  171.591426][ T5933] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  171.600006][ T5933] usb 1-1: Manufacturer: syz
[  171.621117][ T5933] usb 1-1: config 0 descriptor??
[  171.724376][   T12] BTRFS warning (device loop3): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xf8bb6bdef03b64ff3b11a2a87ba7a2aeacfdb41cc49a87adad5cc1644d216b29 level 0
[  171.759035][ T7818] BTRFS error (device loop3): failed to load root extent
[  171.767968][   T12] BTRFS warning (device loop3 state C): checksum verify failed on logical 5341184 mirror 1 wanted 0xc53d3c5bb04ba5dfc01f4c277f0b81815915cb99da5074f609a3f7f617cf284a found 0xd34891a64d32c06b063fbbf3d26e09cb4d5acf5ade8dc51c4cd532bb53f895d0 level 0
[  171.877704][ T7818] BTRFS error (device loop3 state C): failed to load root free space
[  171.921584][   T12] BTRFS warning (device loop3 state C): checksum verify failed on logical 5287936 mirror 1 wanted 0x31987782e3a542b4b1826f4a60605b79838e23bf27075900db4b92202c72b2fd found 0xceda3bc49047826ec4468b88ec74a14d6cd3232f25b2c41331ed48993507590e level 0
[  171.950058][  T967] BTRFS warning (device loop3 state C): checksum verify failed on logical 5292032 mirror 1 wanted 0xcbbb23d5b53a3b4892a5068ee5011732ffcd94742b434497e3f11d7ca86a6d23 found 0x6ab87e71a537053373402d980abd70276b583e303a68e0dd0a46bb41cfc306c8 level 0
[  172.039301][ T7850] loop2: detected capacity change from 0 to 1764
[  172.070992][ T5933] rc_core: IR keymap rc-hauppauge not found
[  172.076956][ T5933] Registered IR keymap rc-empty
[  172.111921][ T5933] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  172.125178][ T7854] loop1: detected capacity change from 0 to 128
[  172.150703][ T5933] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  172.185482][ T7854] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  172.207204][ T5933] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[  172.252324][ T7854] ext4 filesystem being mounted at /147/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  172.294107][ T7854] EXT4-fs warning (device loop1): __ext4_ioctl:1259: Setting inode version is not supported with metadata_csum enabled.
[  172.355816][ T5933] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input8
[  172.369970][ T5843] BTRFS info (device loop3 state C): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  172.409097][ T5933] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  172.430794][ T5933] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  172.461414][ T5933] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  172.493382][ T5839] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  172.501799][ T5933] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  172.531338][ T5933] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  172.563066][ T5933] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  172.622361][ T5933] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  172.681510][ T5933] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  172.710638][ T5933] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  172.753746][ T5933] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  172.803806][ T5933] mceusb 1-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  172.840653][ T5933] mceusb 1-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  172.880165][ T5933] usb 1-1: USB disconnect, device number 4
[  172.974238][ T7871] loop1: detected capacity change from 0 to 256
[  173.139692][ T7873] netlink: 12 bytes leftover after parsing attributes in process `syz.3.683'.
[  173.216031][ T7875] loop2: detected capacity change from 0 to 47
[  173.251226][ T7871] FAT-fs (loop1): Directory bread(block 64) failed
[  173.287383][ T7871] FAT-fs (loop1): Directory bread(block 65) failed
[  173.310649][ T7871] FAT-fs (loop1): Directory bread(block 66) failed
[  173.361148][ T7871] FAT-fs (loop1): Directory bread(block 67) failed
[  173.367890][ T7871] FAT-fs (loop1): Directory bread(block 68) failed
[  173.415304][ T7871] FAT-fs (loop1): Directory bread(block 69) failed
[  173.429930][ T7875] MINIX-fs: deleted inode referenced: 9
[  173.431354][ T7871] FAT-fs (loop1): Directory bread(block 70) failed
[  173.457802][ T7875] MINIX-fs: deleted inode referenced: 9
[  173.469307][ T7882] loop4: detected capacity change from 0 to 64
[  173.478053][ T7871] FAT-fs (loop1): Directory bread(block 71) failed
[  173.485250][ T7875] MINIX-fs: deleted inode referenced: 9
[  173.487326][ T7875] MINIX-fs: deleted inode referenced: 9
[  173.516812][ T7871] FAT-fs (loop1): Directory bread(block 72) failed
[  173.544913][   T30] audit: type=1800 audit(1749798593.168:2528): pid=7882 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.687" name="file1" dev="loop4" ino=18 res=0 errno=0
[  173.565251][ T7871] FAT-fs (loop1): Directory bread(block 73) failed
[  173.722890][ T7886] loop2: detected capacity change from 0 to 256
[  173.745677][ T7886] exfat: Deprecated parameter 'utf8'
[  173.761944][ T7886] exfat: Deprecated parameter 'utf8'
[  173.767309][ T7886] exfat: Deprecated parameter 'utf8'
[  173.773268][ T7887] netlink: 65039 bytes leftover after parsing attributes in process `syz.0.689'.
[  173.835865][ T7886] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[  174.007526][ T7897] loop1: detected capacity change from 0 to 1024
[  174.009023][ T7894] loop4: detected capacity change from 0 to 64
[  174.143414][ T7897] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  174.456403][ T5839] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.740438][ T7922] netlink: 40 bytes leftover after parsing attributes in process `syz.2.705'.
[  174.799775][ T7923] loop4: detected capacity change from 0 to 2048
[  174.895098][ T7929] netlink: 104 bytes leftover after parsing attributes in process `syz.0.708'.
[  174.914307][ T7930] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  175.067447][ T7936] loop3: detected capacity change from 0 to 512
[  175.160436][ T7936] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.241280][ T7936] ext4 filesystem being mounted at /137/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  175.481165][ T5843] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.710931][ T2157] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  175.812489][ T7949] loop0: detected capacity change from 0 to 32768
[  175.860905][ T2157] usb 5-1: Using ep0 maxpacket: 16
[  175.894617][ T7943] loop2: detected capacity change from 0 to 32768
[  175.902650][ T7943] btrfs: Deprecated parameter 'usebackuproot'
[  175.908900][ T7943] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  175.910790][ T2157] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  175.941464][ T7943] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.715 (7943)
[  175.988441][ T7943] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  176.027076][ T2157] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  176.049037][ T7943] BTRFS info (device loop2): using crc32c (crc32c-x86_64) checksum algorithm
[  176.078744][ T2157] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  176.093209][ T7943] BTRFS info (device loop2): using free-space-tree
[  176.104798][ T7949] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  176.104830][ T7949]   allowing incompatible features above 0.0: (unknown version)
[  176.104844][ T7949]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  176.146410][ T2157] usb 5-1: New USB device found, idVendor=045e, idProduct=9994, bcdDevice=fc.3c
[  176.146453][ T2157] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.155507][ T2157] usb 5-1: config 0 descriptor??
[  176.359300][ T7949] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  176.419247][ T7943] BTRFS info (device loop2): rebuilding free space tree
[  176.430727][ T7949] bcachefs (loop0): initializing new filesystem
[  176.497917][ T7949] bcachefs (loop0): going read-write
[  176.573199][ T2157] hid-generic 0003:045E:9994.0008: unknown main item tag 0x2
[  176.601129][   T30] audit: type=1800 audit(1749798596.238:2529): pid=7943 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.715" name="file1" dev="loop2" ino=260 res=0 errno=0
[  176.621694][    C1] vkms_vblank_simulate: vblank timer overrun
[  176.639940][ T2157] hid-generic 0003:045E:9994.0008: unknown main item tag 0x0
[  176.661599][ T2157] hid-generic 0003:045E:9994.0008: unknown main item tag 0x0
[  176.675277][ T7943] BTRFS info (device loop2): balance: start -sconvert=raid0,soft
[  176.681379][ T2157] hid-generic 0003:045E:9994.0008: unknown main item tag 0x0
[  176.701545][ T7943] BTRFS info (device loop2): left=0, need=98304, flags=10
[  176.711072][ T7943] BTRFS info (device loop2): space_info SYSTEM (sub-group id 0) has 0 free, is not full
[  176.720975][ T7943] BTRFS info (device loop2): space_info total=4194304, used=4096, pinned=0, reserved=0, may_use=0, readonly=4190208 zone_unusable=0
[  176.734706][ T7943] BTRFS info (device loop2): global_block_rsv: size 1441792 reserved 1441792
[  176.743600][ T7943] BTRFS info (device loop2): trans_block_rsv: size 0 reserved 0
[  176.751371][ T7943] BTRFS info (device loop2): chunk_block_rsv: size 0 reserved 0
[  176.759789][ T7943] BTRFS info (device loop2): delayed_block_rsv: size 0 reserved 0
[  176.768779][ T7943] BTRFS info (device loop2): delayed_refs_rsv: size 0 reserved 0
[  176.786354][ T7960] loop3: detected capacity change from 0 to 32768
[  176.793045][ T2157] hid-generic 0003:045E:9994.0008: unbalanced collection at end of report description
[  176.825890][ T7943] BTRFS info (device loop2): relocating block group 1048576 flags system
[  176.833437][ T2157] hid-generic 0003:045E:9994.0008: probe with driver hid-generic failed with error -22
[  176.857669][ T7949] bcachefs (loop0): marking superblocks
[  176.907413][ T7960] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  176.924209][ T2157] usb 5-1: USB disconnect, device number 8
[  177.048821][ T7949] bcachefs (loop0): initializing freespace
[  177.058005][ T7943] BTRFS info (device loop2): balance: ended with status: 0
[  177.121463][ T7949] bcachefs (loop0): done initializing freespace
[  177.127840][ T7960] XFS (loop3): Ending clean mount
[  177.171464][ T7949] bcachefs (loop0): reading snapshots table
[  177.208762][ T7949] bcachefs (loop0): reading snapshots done
[  177.228198][ T5846] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  177.373658][ T7949] bcachefs (loop0): done starting filesystem
[  177.380338][ T5843] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  177.709587][ T7949] syz.0.717 (7949) used greatest stack depth: 16248 bytes left
[  177.952895][ T5849] bcachefs (loop0): shutting down
[  177.957968][ T5849] bcachefs (loop0): going read-only
[  177.999148][ T5849] bcachefs (loop0): finished waiting for writes to stop
[  178.092487][ T5849] bcachefs (loop0): flushing journal and stopping allocators, journal seq 3
[  178.304549][ T8021] loop4: detected capacity change from 0 to 128
[  178.323284][ T5849] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 3
[  178.365721][ T5849] bcachefs (loop0): clean shutdown complete, journal seq 4
[  178.382153][ T5849] bcachefs (loop0): marking filesystem clean
[  178.472200][ T2157] Process accounting resumed
[  178.477681][ T2157] FAT-fs (loop4): error, corrupted file size (i_pos 548, 512)
[  178.509787][ T2157] FAT-fs (loop4): Filesystem has been set read-only
[  178.582912][ T5849] bcachefs (loop0): shutdown complete
[  178.782469][ T8031] netlink: 24 bytes leftover after parsing attributes in process `syz.1.739'.
[  178.903682][ T8032] loop4: detected capacity change from 0 to 4096
[  178.917085][ T8034] loop3: detected capacity change from 0 to 1024
[  178.976214][ T8034] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  179.227240][ T5843] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.721806][ T8057] netlink: 60 bytes leftover after parsing attributes in process `syz.4.750'.
[  179.747657][ T8041] loop1: detected capacity change from 0 to 32768
[  179.927228][ T8063] veth1_macvtap: left promiscuous mode
[  179.946915][ T8063] macsec0: entered allmulticast mode
[  179.988263][ T8066] veth1_macvtap: entered promiscuous mode
[  180.023649][ T8066] veth1_macvtap: entered allmulticast mode
[  180.053048][ T8068] netlink: 'syz.1.755': attribute type 1 has an invalid length.
[  180.070681][ T8066] macsec0: left allmulticast mode
[  180.079001][ T8066] veth1_macvtap: left allmulticast mode
[  180.368938][ T8076] loop2: detected capacity change from 0 to 512
[  180.448231][ T8076] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  180.478258][ T8077] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  180.499900][ T8076] ext4 filesystem being mounted at /141/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  180.631505][ T8076] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.759: bg 0: block 145: padding at end of block bitmap is not set
[  180.898646][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.935131][ T8089] loop4: detected capacity change from 0 to 1024
[  181.014812][ T8061] loop3: detected capacity change from 0 to 32768
[  181.038271][   T30] audit: type=1800 audit(1749798600.668:2530): pid=8089 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.764" name="file1" dev="loop4" ino=20 res=0 errno=0
[  181.147006][ T8061] XFS (loop3): DAX unsupported by block device. Turning off DAX.
[  181.181358][ T8061] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  181.400738][ T8061] XFS (loop3): Ending clean mount
[  181.439237][ T8061] XFS (loop3): Quotacheck needed: Please wait.
[  181.549840][ T8061] XFS (loop3): Quotacheck: Done.
[  181.668347][ T5843] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  181.969155][ T8102] loop1: detected capacity change from 0 to 32768
[  182.009827][ T8102] btrfs: Deprecated parameter 'usebackuproot'
[  182.039687][ T8102] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  182.071000][ T8102] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.767 (8102)
[  182.166505][ T8102] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  182.209973][ T8102] BTRFS info (device loop1): using sha256 (sha256-x86_64) checksum algorithm
[  182.240836][ T8102] BTRFS info (device loop1): using free-space-tree
[  182.445869][ T8102] BTRFS info (device loop1): rebuilding free space tree
[  182.772071][ T5839] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  182.828194][ T8117] loop0: detected capacity change from 0 to 32768
[  182.986598][ T8119] loop4: detected capacity change from 0 to 32768
[  183.227782][ T8155] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  183.278836][ T8153] loop2: detected capacity change from 0 to 1024
[  183.318041][ T8153] EXT4-fs: Ignoring removed nobh option
[  183.320729][ T8119] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  183.370769][ T8153] EXT4-fs: Ignoring removed bh option
[  183.425812][ T8119]   allowing incompatible features above 0.0: (unknown version)
[  183.439376][ T8153] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  183.444327][ T8119]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  183.527631][ T8119] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  183.574220][ T8119] bcachefs (loop4): initializing new filesystem
[  183.646686][ T8119] bcachefs (loop4): going read-write
[  183.689965][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.880838][ T5896] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  183.926043][ T8119] bcachefs (loop4): marking superblocks
[  184.045542][ T8119] bcachefs (loop4): initializing freespace
[  184.054740][ T5896] usb 4-1: Using ep0 maxpacket: 8
[  184.074920][ T5896] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  184.078172][ T8119] bcachefs (loop4): done initializing freespace
[  184.100664][ T8188] loop2: detected capacity change from 0 to 256
[  184.113899][ T5896] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  184.145120][ T8119] bcachefs (loop4): reading snapshots table
[  184.151501][ T2157] usb 2-1: new full-speed USB device number 7 using dummy_hcd
[  184.156638][ T5896] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 8
[  184.163486][ T8188] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  184.185196][ T5896] usb 4-1: New USB device found, idVendor=046d, idProduct=ca03, bcdDevice= 0.00
[  184.196187][ T5896] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.202881][ T8119] bcachefs (loop4): reading snapshots done
[  184.235224][ T5896] usb 4-1: config 0 descriptor??
[  184.291879][ T8119] bcachefs (loop4): done starting filesystem
[  184.342707][ T2157] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  184.382935][ T2157] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  184.414587][ T2157] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  184.435423][ T2157] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.488728][ T2157] usb 2-1: Product: syz
[  184.506530][ T2157] usb 2-1: Manufacturer: syz
[  184.543471][ T2157] usb 2-1: SerialNumber: syz
[  184.686923][ T5896] logitech 0003:046D:CA03.0009: item fetching failed at offset 15/69
[  184.722118][ T5896] logitech 0003:046D:CA03.0009: parse failed
[  184.768906][ T5834] bcachefs (loop4): shutting down
[  184.778967][ T5896] logitech 0003:046D:CA03.0009: probe with driver logitech failed with error -22
[  184.802425][ T5834] bcachefs (loop4): going read-only
[  184.818264][ T5834] bcachefs (loop4): finished waiting for writes to stop
[  184.870960][ T5834] bcachefs (loop4): flushing journal and stopping allocators, journal seq 3
[  184.916966][ T5896] usb 4-1: USB disconnect, device number 3
[  184.984933][ T5834] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 3
[  185.004616][ T2157] usb 2-1: cannot find UAC_HEADER
[  185.025956][ T5834] bcachefs (loop4): clean shutdown complete, journal seq 4
[  185.061081][ T5834] bcachefs (loop4): marking filesystem clean
[  185.070146][ T2157] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -22
[  185.149087][ T5834] bcachefs (loop4): shutdown complete
[  185.169743][ T7262] udevd[7262]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  185.248036][ T2157] usb 2-1: USB disconnect, device number 7
[  185.432349][ T8202] loop0: detected capacity change from 0 to 32768
[  185.452865][ T8202] (syz.0.798,8202,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  185.479649][ T8202] (syz.0.798,8202,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  185.553646][ T8202] JBD2: Ignoring recovery information on journal
[  185.689187][ T8208] loop3: detected capacity change from 0 to 1024
[  185.696600][ T8204] loop2: detected capacity change from 0 to 32768
[  185.714790][ T8202] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  185.724819][ T8208] EXT4-fs: Ignoring removed bh option
[  185.773380][ T8208] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a842c018, mo2=0002]
[  185.791960][ T8204] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  185.800649][ T8208] System zones: 1-12
[  185.807018][ T8208] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  185.977004][ T5849] ocfs2: Unmounting device (7,0) on (node local)
[  186.008302][ T5843] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.038040][ T5846] ocfs2: Unmounting device (7,2) on (node local)
[  186.470099][ T8225] loop0: detected capacity change from 0 to 128
[  186.545854][ T8225] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  186.658047][ T8225] ext4 filesystem being mounted at /180/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  186.669843][ T8215] loop1: detected capacity change from 0 to 32768
[  186.706756][ T8215] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.803 (8215)
[  186.756621][ T8215] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  186.811818][ T8215] BTRFS info (device loop1): using sha256 (sha256-x86_64) checksum algorithm
[  186.850448][ T5849] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  187.071250][ T8215] BTRFS info (device loop1): rebuilding free space tree
[  187.131433][ T8215] BTRFS info (device loop1): disabling free space tree
[  187.153300][ T8215] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  187.187710][ T8215] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  187.670859][ T5839] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  187.982314][ T8263] loop0: detected capacity change from 0 to 512
[  188.023664][ T8263] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  188.099718][ T8242] loop2: detected capacity change from 0 to 40427
[  188.155379][ T8263] EXT4-fs (loop0): 1 truncate cleaned up
[  188.234377][ T8242] F2FS-fs (loop2): invalid crc value
[  188.250084][ T8263] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  188.331177][ T8263] EXT4-fs error (device loop0): ext4_find_extent:903: inode #15: comm syz.0.817: inode has invalid extent depth: 25964
[  188.410718][ T8263] EXT4-fs (loop0): Remounting filesystem read-only
[  188.417497][ T8263] fs-verity (loop0, inode 15): Error -117 getting verity descriptor size
[  188.652630][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.672388][ T8242] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  188.795805][   T30] audit: type=1800 audit(1749798608.428:2531): pid=8242 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.811" name="file1" dev="loop2" ino=10 res=0 errno=0
[  188.888872][ T8257] loop4: detected capacity change from 0 to 32768
[  188.936857][ T8257] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  188.962451][ T5846] syz-executor: attempt to access beyond end of device
[  188.962451][ T5846] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  189.016874][ T5846] CPU: 1 UID: 0 PID: 5846 Comm: syz-executor Not tainted 6.16.0-rc1-next-20250613-syzkaller #0 PREEMPT(full) 
[  189.016905][ T5846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  189.016918][ T5846] Call Trace:
[  189.016927][ T5846]  <TASK>
[  189.016936][ T5846]  dump_stack_lvl+0x189/0x250
[  189.016971][ T5846]  ? __pfx_dump_stack_lvl+0x10/0x10
[  189.016990][ T5846]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  189.017019][ T5846]  ? __pfx_queue_work_on+0x10/0x10
[  189.017041][ T5846]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  189.017069][ T5846]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  189.017098][ T5846]  ? f2fs_hw_is_readonly+0x39b/0x470
[  189.017129][ T5846]  f2fs_handle_critical_error+0x37c/0x540
[  189.017163][ T5846]  f2fs_write_end_io+0x495/0x810
[  189.017190][ T5846]  ? blkg_put+0x22/0x240
[  189.017235][ T5846]  __submit_merged_bio+0x27a/0x6a0
[  189.017268][ T5846]  __submit_merged_write_cond+0x255/0x530
[  189.017302][ T5846]  f2fs_write_data_pages+0x261d/0x3000
[  189.017380][ T5846]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  189.017437][ T5846]  ? arch_stack_walk+0xfc/0x150
[  189.017483][ T5846]  ? __mod_zone_page_state+0xd7/0x140
[  189.017512][ T5846]  ? folios_put_refs+0x560/0x640
[  189.017549][ T5846]  ? __lock_acquire+0xab9/0xd20
[  189.017585][ T5846]  ? do_raw_spin_lock+0x121/0x290
[  189.017618][ T5846]  ? do_raw_spin_unlock+0x122/0x240
[  189.017640][ T5846]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  189.017683][ T5846]  do_writepages+0x32b/0x550
[  189.017715][ T5846]  ? do_raw_spin_unlock+0x122/0x240
[  189.017744][ T5846]  filemap_fdatawrite+0x199/0x240
[  189.017764][ T5846]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  189.017835][ T5846]  ? do_raw_spin_unlock+0x122/0x240
[  189.017863][ T5846]  f2fs_sync_dirty_inodes+0x31f/0x830
[  189.017909][ T5846]  f2fs_write_checkpoint+0x95a/0x1df0
[  189.017969][ T5846]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  189.018040][ T5846]  ? try_to_wake_up+0x7e5/0x1290
[  189.018071][ T5846]  ? kill_f2fs_super+0x298/0x6c0
[  189.018106][ T5846]  kill_f2fs_super+0x2c3/0x6c0
[  189.018143][ T5846]  ? __pfx_kill_f2fs_super+0x10/0x10
[  189.018169][ T5846]  ? radix_tree_delete_item+0x2b6/0x400
[  189.018204][ T5846]  ? shrinker_free+0x2ce/0x3e0
[  189.018234][ T5846]  deactivate_locked_super+0xb9/0x130
[  189.018265][ T5846]  cleanup_mnt+0x425/0x4c0
[  189.018293][ T5846]  ? lockdep_hardirqs_on+0x9c/0x150
[  189.018325][ T5846]  task_work_run+0x1d4/0x260
[  189.018352][ T5846]  ? __pfx_task_work_run+0x10/0x10
[  189.018375][ T5846]  ? __x64_sys_umount+0x122/0x160
[  189.018399][ T5846]  ? exit_to_user_mode_loop+0x40/0x110
[  189.018431][ T5846]  exit_to_user_mode_loop+0xec/0x110
[  189.018460][ T5846]  do_syscall_64+0x2bd/0x3b0
[  189.018489][ T5846]  ? lockdep_hardirqs_on+0x9c/0x150
[  189.018517][ T5846]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.018536][ T5846]  ? clear_bhb_loop+0x60/0xb0
[  189.018561][ T5846]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.018581][ T5846] RIP: 0033:0x7f182bf8fc57
[  189.018610][ T5846] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  189.018627][ T5846] RSP: 002b:00007fff9f0c4e98 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  189.018648][ T5846] RAX: 0000000000000000 RBX: 00007f182c010925 RCX: 00007f182bf8fc57
[  189.018662][ T5846] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff9f0c4f50
[  189.018674][ T5846] RBP: 00007fff9f0c4f50 R08: 0000000000000000 R09: 0000000000000000
[  189.018686][ T5846] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff9f0c5fe0
[  189.018700][ T5846] R13: 00007f182c010925 R14: 000000000002e16b R15: 00007fff9f0c6020
[  189.018732][ T5846]  </TASK>
[  189.018741][ T5846] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  189.393166][ T5834] ocfs2: Unmounting device (7,4) on (node local)
[  189.393837][ T8270] loop1: detected capacity change from 0 to 40427
[  189.411785][ T8270] F2FS-fs (loop1): build fault injection rate: 690
[  189.418340][ T8270] F2FS-fs (loop1): Image doesn't support compression
[  189.425429][ T8270] F2FS-fs (loop1): Image doesn't support compression
[  189.448539][ T8270] F2FS-fs (loop1): invalid crc value
[  189.705143][ T8270] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  189.917157][ T8278] loop3: detected capacity change from 0 to 32768
[  189.926034][ T5839] syz-executor: attempt to access beyond end of device
[  189.926034][ T5839] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  189.955125][ T5839] CPU: 1 UID: 0 PID: 5839 Comm: syz-executor Not tainted 6.16.0-rc1-next-20250613-syzkaller #0 PREEMPT(full) 
[  189.955151][ T5839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  189.955162][ T5839] Call Trace:
[  189.955170][ T5839]  <TASK>
[  189.955177][ T5839]  dump_stack_lvl+0x189/0x250
[  189.955202][ T5839]  ? __pfx_dump_stack_lvl+0x10/0x10
[  189.955216][ T5839]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  189.955240][ T5839]  ? __pfx_queue_work_on+0x10/0x10
[  189.955258][ T5839]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  189.955280][ T5839]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  189.955304][ T5839]  ? f2fs_hw_is_readonly+0x39b/0x470
[  189.955331][ T5839]  f2fs_handle_critical_error+0x37c/0x540
[  189.955359][ T5839]  f2fs_write_end_io+0x495/0x810
[  189.955381][ T5839]  ? blkg_put+0x22/0x240
[  189.955418][ T5839]  __submit_merged_bio+0x27a/0x6a0
[  189.955446][ T5839]  __submit_merged_write_cond+0x255/0x530
[  189.955474][ T5839]  f2fs_write_data_pages+0x261d/0x3000
[  189.955532][ T5839]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  189.955553][ T5839]  ? is_bpf_text_address+0x26/0x2b0
[  189.955609][ T5839]  ? arch_stack_walk+0xfc/0x150
[  189.955689][ T5839]  ? __lock_acquire+0xab9/0xd20
[  189.955725][ T5839]  ? do_raw_spin_lock+0x121/0x290
[  189.955759][ T5839]  ? do_raw_spin_unlock+0x122/0x240
[  189.955781][ T5839]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  189.955807][ T5839]  do_writepages+0x32b/0x550
[  189.955837][ T5839]  ? do_raw_spin_unlock+0x122/0x240
[  189.955863][ T5839]  filemap_fdatawrite+0x199/0x240
[  189.955882][ T5839]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  189.955961][ T5839]  ? do_raw_spin_unlock+0x122/0x240
[  189.955988][ T5839]  f2fs_sync_dirty_inodes+0x31f/0x830
[  189.956032][ T5839]  f2fs_write_checkpoint+0x95a/0x1df0
[  189.956085][ T5839]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  189.956158][ T5839]  ? try_to_wake_up+0x7e5/0x1290
[  189.956187][ T5839]  ? kill_f2fs_super+0x298/0x6c0
[  189.956246][ T5839]  kill_f2fs_super+0x2c3/0x6c0
[  189.956281][ T5839]  ? __pfx_kill_f2fs_super+0x10/0x10
[  189.956306][ T5839]  ? radix_tree_delete_item+0x2b6/0x400
[  189.956342][ T5839]  ? shrinker_free+0x2ce/0x3e0
[  189.956370][ T5839]  deactivate_locked_super+0xb9/0x130
[  189.956399][ T5839]  cleanup_mnt+0x425/0x4c0
[  189.956425][ T5839]  ? lockdep_hardirqs_on+0x9c/0x150
[  189.956455][ T5839]  task_work_run+0x1d4/0x260
[  189.956483][ T5839]  ? __pfx_task_work_run+0x10/0x10
[  189.956504][ T5839]  ? __x64_sys_umount+0x122/0x160
[  189.956529][ T5839]  ? exit_to_user_mode_loop+0x40/0x110
[  189.956560][ T5839]  exit_to_user_mode_loop+0xec/0x110
[  189.956588][ T5839]  do_syscall_64+0x2bd/0x3b0
[  189.956615][ T5839]  ? lockdep_hardirqs_on+0x9c/0x150
[  189.956640][ T5839]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.956659][ T5839]  ? clear_bhb_loop+0x60/0xb0
[  189.956683][ T5839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.956701][ T5839] RIP: 0033:0x7f2ec778fc57
[  189.956719][ T5839] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  189.956735][ T5839] RSP: 002b:00007ffc2b32bc98 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  189.956755][ T5839] RAX: 0000000000000000 RBX: 00007f2ec7810925 RCX: 00007f2ec778fc57
[  189.956767][ T5839] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc2b32bd50
[  189.956779][ T5839] RBP: 00007ffc2b32bd50 R08: 0000000000000000 R09: 0000000000000000
[  189.956791][ T5839] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc2b32cde0
[  189.956803][ T5839] R13: 00007f2ec7810925 R14: 000000000002e563 R15: 00007ffc2b32ce20
[  189.956837][ T5839]  </TASK>
[  189.956845][ T5839] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  190.360849][ T5896] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  190.363174][ T8278] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  190.549909][ T8278] XFS (loop3): Ending clean mount
[  190.577917][ T5896] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e
[  190.594981][ T8278] XFS (loop3): Quotacheck needed: Please wait.
[  190.612245][ T5896] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.652428][ T5896] usb 5-1: config 0 descriptor??
[  190.672153][ T8278] XFS (loop3): Quotacheck: Done.
[  190.796337][ T5843] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  190.928465][ T8305] loop0: detected capacity change from 0 to 2048
[  191.051963][ T8305] NILFS (loop0): invalid segment: Inconsistency found
[  191.075526][ T8305] NILFS (loop0): trying rollback from an earlier position
[  191.080912][ T8307] netlink: 'syz.2.823': attribute type 4 has an invalid length.
[  191.084987][ T5896] ath6kl: Unsupported hardware version: 0x0
[  191.102301][ T5896] ath6kl: Failed to init ath6kl core: -22
[  191.108596][ T5896] ath6kl_usb 5-1:0.0: probe with driver ath6kl_usb failed with error -22
[  191.130855][ T8307] netlink: 'syz.2.823': attribute type 2 has an invalid length.
[  191.143633][ T8305] NILFS (loop0): recovery complete
[  191.153578][ T8310] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  191.307664][ T2157] usb 5-1: USB disconnect, device number 9
[  191.377517][ T8312] mkiss: ax0: crc mode is auto.
[  191.656408][ T8322] netlink: 24 bytes leftover after parsing attributes in process `syz.0.835'.
[  191.955430][ T8335] loop3: detected capacity change from 0 to 512
[  192.009969][ T8335] EXT4-fs (loop3): 1 orphan inode deleted
[  192.032131][ T8335] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.037320][   T13] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  192.052422][ T8342] loop0: detected capacity change from 0 to 8
[  192.064669][ T8335] ext4 filesystem being mounted at /164/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  192.104059][   T13] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1
[  192.242184][ T5843] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.377818][ T8344] syz.0.845 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  192.756224][ T8337] loop4: detected capacity change from 0 to 32768
[  192.775172][ T8333] loop1: detected capacity change from 0 to 32768
[  192.825118][ T8337] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.842 (8337)
[  192.895260][ T8337] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  192.906189][ T8333] ERROR: (device loop1): diAllocAG: numfree > numinos
[  192.906189][ T8333] 
[  192.936464][ T8337] BTRFS info (device loop4): using sha256 (sha256-x86_64) checksum algorithm
[  192.949902][ T8333] ialloc: diAlloc returned -5!
[  192.992385][ T8337] BTRFS info (device loop4): using free-space-tree
[  193.258135][ T8381] loop3: detected capacity change from 0 to 256
[  193.291898][ T8381] exfat: Deprecated parameter 'utf8'
[  193.320747][ T8381] exfat: Deprecated parameter 'namecase'
[  193.326721][ T8381] exfat: Deprecated parameter 'namecase'
[  193.370701][ T8381] exfat: Deprecated parameter 'utf8'
[  193.397744][ T5834] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  193.478453][ T8381] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffc20, utbl_chksum : 0xe619d30d)
[  193.969205][ T8392] loop2: detected capacity change from 0 to 764
[  194.210213][ T8372] loop0: detected capacity change from 0 to 32768
[  194.261060][ T8372] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.852 (8372)
[  194.295067][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  194.303814][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  194.375725][ T8372] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  194.401194][ T8404] tipc: Enabling of bearer <ÔaB:t> rejected, media not registered
[  194.440750][ T8372] BTRFS info (device loop0): using crc32c (crc32c-x86_64) checksum algorithm
[  194.489046][ T8406] netlink: 24 bytes leftover after parsing attributes in process `syz.1.866'.
[  194.498130][ T8372] BTRFS info (device loop0): disk space caching is enabled
[  194.520620][ T8372] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  194.721647][ T8424] loop3: detected capacity change from 0 to 256
[  194.820701][ T8424] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[  194.901365][ T8430] loop4: detected capacity change from 0 to 1024
[  194.970515][ T8372] BTRFS info (device loop0): rebuilding free space tree
[  195.043794][ T8372] BTRFS info (device loop0): disabling free space tree
[  195.071550][ T8372] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  195.123293][ T8372] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  195.176219][ T8438] loop2: detected capacity change from 0 to 128
[  195.214615][ T8441] loop3: detected capacity change from 0 to 128
[  195.234830][   T12] hfsplus: b-tree write err: -5, ino 4
[  195.242652][ T8442] netlink: 28 bytes leftover after parsing attributes in process `syz.1.875'.
[  195.361367][ T8372] btrfs: Unexpected value for 'norecovery'
[  195.530838][ T5849] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  196.071839][ T8462] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  196.774421][ T8451] loop3: detected capacity change from 0 to 32768
[  196.800334][ T8451] XFS: ikeep mount option is deprecated.
[  196.850231][ T8452] loop2: detected capacity change from 0 to 32768
[  196.866380][ T8451] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  196.896444][ T8452] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  196.988637][ T8452] XFS (loop2): Ending clean mount
[  197.051742][ T8452] XFS (loop2): Quotacheck needed: Please wait.
[  197.132023][ T8452] XFS (loop2): Quotacheck: Done.
[  197.140607][ T8451] XFS (loop3): Ending clean mount
[  197.179729][ T8451] XFS (loop3): Quotacheck needed: Please wait.
[  197.284179][ T8451] XFS (loop3): Quotacheck: Done.
[  197.298113][ T5846] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  197.562630][ T5843] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  197.791841][ T8523] loop2: detected capacity change from 0 to 2048
[  197.859883][ T8523] Alternate GPT is invalid, using primary GPT.
[  197.902625][ T8523]  loop2: p1 p2 p3
[  198.078536][ T5206] Alternate GPT is invalid, using primary GPT.
[  198.111196][ T5206]  loop2: p1 p2 p3
[  198.264073][ T7262] udevd[7262]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  198.280171][ T6112] udevd[6112]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  198.294037][ T5887] udevd[5887]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  198.384755][ T5887] udevd[5887]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  198.416640][ T7262] udevd[7262]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  198.425741][ T6112] udevd[6112]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  198.557725][ T8540] netlink: 8 bytes leftover after parsing attributes in process `syz.3.913'.
[  198.604261][ T8540] openvswitch: netlink: nsh attribute has unmatched MD type 0.
[  198.639536][ T8540] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  198.954928][ T8551] loop4: detected capacity change from 0 to 512
[  198.985899][ T8551] EXT4-fs: Ignoring removed oldalloc option
[  199.045135][ T8551] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  199.095887][ T8530] loop0: detected capacity change from 0 to 32768
[  199.109067][ T8551] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.918: invalid indirect mapped block 4294967295 (level 0)
[  199.129979][ T8530] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.909 (8530)
[  199.145796][ T8551] EXT4-fs (loop4): Remounting filesystem read-only
[  199.158631][ T8551] EXT4-fs (loop4): 1 orphan inode deleted
[  199.164816][ T8551] EXT4-fs (loop4): 1 truncate cleaned up
[  199.173410][ T8551] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.228200][ T8530] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  199.276595][ T8530] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  199.315929][ T8530] BTRFS info (device loop0): using free-space-tree
[  199.337721][ T8557] loop3: detected capacity change from 0 to 4096
[  199.352940][ T5834] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.360151][ T8536] loop2: detected capacity change from 0 to 32768
[  199.395893][ T8557] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512).
[  199.501658][ T8536] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  199.834308][ T8536] XFS (loop2): Ending clean mount
[  199.876228][ T8536] XFS (loop2): Quotacheck needed: Please wait.
[  199.888337][ T5849] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  199.948534][ T8588] loop4: detected capacity change from 0 to 256
[  200.013041][ T8588] exfat: Deprecated parameter 'utf8'
[  200.037238][ T8536] XFS (loop2): Quotacheck: Done.
[  200.052638][ T8588] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[  200.292971][ T5846] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  200.774405][ T8605] loop3: detected capacity change from 0 to 2048
[  200.806148][ T8605] NILFS (loop3): invalid segment: Sequence number mismatch
[  200.851698][ T8605] NILFS (loop3): trying rollback from an earlier position
[  200.891361][ T8605] NILFS (loop3): recovery complete
[  200.949602][ T8608] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  201.047585][   T30] audit: type=1800 audit(1749798620.678:2532): pid=8605 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.932" name="file1" dev="loop3" ino=12 res=0 errno=0
[  201.087228][ T8605] NILFS (loop3): unable to set label with more than 80 bytes
[  201.186591][ T8610] loop2: detected capacity change from 0 to 4096
[  201.467498][ T8610] ntfs3(loop2): failed to convert "0080" to koi8-r
[  201.496950][ T8610] ntfs3(loop2): failed to convert name for inode 1e.
[  201.524036][ T8610] ntfs3(loop2): ino=1f, mi_enum_attr
[  201.549770][ T8610] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  201.576768][ T8595] loop1: detected capacity change from 0 to 32768
[  201.601406][ T8610] ntfs3(loop2): ino=1f, mi_enum_attr
[  201.637619][ T8625] loop3: detected capacity change from 0 to 2048
[  201.653566][ T8595] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  201.738664][ T8620] loop0: detected capacity change from 0 to 4096
[  201.748634][ T8625] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  201.780985][ T8625] ext4 filesystem being mounted at /184/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  201.865985][ T8595] XFS (loop1): Ending clean mount
[  201.957527][   T30] audit: type=1800 audit(1749798621.588:2533): pid=8620 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.938" name="file1" dev="loop0" ino=30 res=0 errno=0
[  201.990115][ T8612] loop4: detected capacity change from 0 to 32768
[  202.035522][ T8612] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.934 (8612)
[  202.046179][ T5843] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.054618][ T5839] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  202.125115][ T8612] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  202.145367][ T8612] BTRFS info (device loop4): using crc32c (crc32c-x86_64) checksum algorithm
[  202.226411][ T8612] BTRFS info (device loop4): using free-space-tree
[  202.333641][ T8642] loop2: detected capacity change from 0 to 512
[  202.420201][ T8642] EXT4-fs (loop2): orphan cleanup on readonly fs
[  202.518222][ T8642] EXT4-fs error (device loop2): ext4_quota_enable:7124: inode #15: comm syz.2.944: iget: bad i_size value: 360287970189639690
[  202.575582][ T8642] EXT4-fs error (device loop2): ext4_quota_enable:7127: comm syz.2.944: Bad quota inode: 15, type: 2
[  202.653459][ T8642] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=2, err=-117, ino=15). Please run e2fsck to fix.
[  202.804568][ T5834] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  202.819415][ T8642] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  202.849612][ T8642] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  202.911852][ T8669] loop1: detected capacity change from 0 to 1024
[  202.972933][ T8667] loop0: detected capacity change from 0 to 4096
[  202.985195][ T8672] loop3: detected capacity change from 0 to 256
[  202.994021][ T8669] hfsplus: bad catalog entry type
[  203.045205][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.061006][ T8667] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512).
[  203.212206][ T8672] FAT-fs (loop3): Directory bread(block 64) failed
[  203.218779][ T8672] FAT-fs (loop3): Directory bread(block 65) failed
[  203.250445][ T8667] ntfs3(loop0): ino=1a, mi_enum_attr
[  203.260457][ T8667] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  203.324017][ T8672] FAT-fs (loop3): Directory bread(block 66) failed
[  203.382387][ T8672] FAT-fs (loop3): Directory bread(block 67) failed
[  203.411379][ T8672] FAT-fs (loop3): Directory bread(block 68) failed
[  203.417941][ T8672] FAT-fs (loop3): Directory bread(block 69) failed
[  203.441865][ T8672] FAT-fs (loop3): Directory bread(block 70) failed
[  203.507291][ T8672] FAT-fs (loop3): Directory bread(block 71) failed
[  203.538481][ T8672] FAT-fs (loop3): Directory bread(block 72) failed
[  203.554072][ T8672] FAT-fs (loop3): Directory bread(block 73) failed
[  204.661044][ T8676] loop2: detected capacity change from 0 to 40427
[  204.685883][ T8674] loop4: detected capacity change from 0 to 32768
[  204.705453][ T8676] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  204.742814][ T8701] loop1: detected capacity change from 0 to 1024
[  204.747086][ T8676] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  204.765201][ T8701] EXT4-fs: Ignoring removed bh option
[  204.813279][ T8674] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  204.897826][ T8691] loop0: detected capacity change from 0 to 32768
[  204.914915][ T8674] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  204.922171][ T8701] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  205.024053][ T8676] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  205.047836][ T8676] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  205.054578][ T8674] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms
[  205.147136][ T5839] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.195671][ T8714] loop3: detected capacity change from 0 to 8
[  205.364032][ T8674] gfs2: fsid=syz:syz.s: first mount done, others may mount
[  205.694953][ T8726] netlink: 36 bytes leftover after parsing attributes in process `syz.1.971'.
[  206.540930][ T8750] random: crng reseeded on system resumption
[  207.003339][ T8735] loop1: detected capacity change from 0 to 32768
[  207.059102][ T8735] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[  207.073997][ T8735] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  207.092157][ T8772] loop4: detected capacity change from 0 to 256
[  207.106944][ T8772] exfat: Deprecated parameter 'namecase'
[  207.163525][ T8772] exfat: Deprecated parameter 'namecase'
[  207.240967][ T2157] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  207.276009][ T8772] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1fdf94bc, utbl_chksum : 0xe619d30d)
[  207.325064][ T8735] XFS (loop1): Ending clean mount
[  207.364309][ T8735] XFS (loop1): Quotacheck needed: Please wait.
[  207.450187][ T2157] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  207.486567][ T2157] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  207.490844][ T8735] XFS (loop1): Quotacheck: Done.
[  207.497628][ T2157] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  207.514712][ T2157] usb 3-1: New USB device found, idVendor=11c0, idProduct=5506, bcdDevice= 0.00
[  207.537219][ T2157] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.565033][ T2157] usb 3-1: config 0 descriptor??
[  207.785238][ T5839] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  207.996984][ T8795] tipc: Started in network mode
[  208.022344][ T2157] betop 0003:11C0:5506.000A: hidraw0: USB HID v0.00 Device [HID 11c0:5506] on usb-dummy_hcd.2-1/input0
[  208.029350][ T8795] tipc: Node identity , cluster identity 4711
[  208.060717][ T2157] betop 0003:11C0:5506.000A: no inputs found
[  208.225372][ T2157] usb 3-1: USB disconnect, device number 4
[  208.241883][ T8800] loop0: detected capacity change from 0 to 128
[  208.656082][ T8815] loop3: detected capacity change from 0 to 512
[  208.752032][ T8815] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  208.798479][ T8815] ext4 filesystem being mounted at /207/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  208.884053][ T8826] loop2: detected capacity change from 0 to 4096
[  208.954511][ T8827] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  209.025093][ T5843] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.096620][ T8829] loop1: detected capacity change from 0 to 512
[  209.235726][ T8829] EXT4-fs (loop1): 1 orphan inode deleted
[  209.255351][   T49] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  209.280005][ T8829] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  209.295889][   T49] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 1
[  209.296991][ T8829] ext4 filesystem being mounted at /219/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  209.398468][ T8840] loop0: detected capacity change from 0 to 128
[  209.417811][ T8840] EXT4-fs: Ignoring removed nobh option
[  209.433646][ T5839] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.467615][ T8840] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  209.585524][ T8840] ext4 filesystem being mounted at /232/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  209.713917][ T8847] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1021'.
[  209.760548][   T30] audit: type=1800 audit(1749798629.378:2534): pid=8840 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1018" name="file2" dev="loop0" ino=12 res=0 errno=0
[  209.838464][ T8844] loop3: detected capacity change from 0 to 32768
[  209.967337][ T5849] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  210.100382][ T8854] loop2: detected capacity change from 0 to 1024
[  210.117787][ T8844] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io
[  210.117812][ T8844]   allowing incompatible features above 0.0: (unknown version)
[  210.117824][ T8844]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  210.208946][ T8854] EXT4-fs: Ignoring removed nobh option
[  210.208995][ T8854] EXT4-fs: Ignoring removed bh option
[  210.270922][ T8854] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  210.288986][ T8854] EXT4-fs error (device loop2): ext4_xattr_inode_iget:442: comm syz.2.1024: error while reading EA inode 32 err=-116
[  210.318968][ T8854] EXT4-fs (loop2): Remounting filesystem read-only
[  210.318997][ T8854] EXT4-fs warning (device loop2): ext4_xattr_inode_inc_ref_all:1129: inode #18: comm syz.2.1024: cleanup dec ref error -30
[  210.319049][ T8854] EXT4-fs warning (device loop2): ext4_xattr_block_set:2190: inode #18: comm syz.2.1024: dec ref error=-30
[  210.471767][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.547395][ T8844] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  210.556994][ T8844] bcachefs (loop3): recovering from clean shutdown, journal seq 10
[  210.568352][ T8844] bcachefs (loop3): Version upgrade required:
[  210.568352][ T8844] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  210.568352][ T8844] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  210.568352][ T8844]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  210.664582][ T8844] bcachefs (loop3): dropping and reconstructing all alloc info
[  210.719929][ T8844] bcachefs (loop3): accounting_read... done
[  210.758720][ T8844] bcachefs (loop3): alloc_read... done
[  210.766358][ T8844] bcachefs (loop3): snapshots_read... done
[  210.787096][ T8844] bcachefs (loop3): done starting filesystem
[  211.031838][ T8872] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1030'.
[  211.061996][ T8857] loop0: detected capacity change from 0 to 32768
[  211.114858][ T8875] sp0: Synchronizing with TNC
[  211.115985][ T5843] bcachefs (loop3): shutting down
[  211.121636][ T8857] XFS: ikeep mount option is deprecated.
[  211.205917][ T8857] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  211.233444][ T5843] bcachefs (loop3): shutdown complete
[  211.407918][ T8891] loop1: detected capacity change from 0 to 256
[  211.418497][ T8857] XFS (loop0): Ending clean mount
[  211.457093][ T8894] loop4: detected capacity change from 0 to 256
[  211.468490][ T8857] XFS (loop0): Quotacheck needed: Please wait.
[  211.523624][ T8891] FAT-fs (loop1): Directory bread(block 64) failed
[  211.580818][ T8894] FAT-fs (loop4): Directory bread(block 64) failed
[  211.590661][ T8891] FAT-fs (loop1): Directory bread(block 65) failed
[  211.597316][ T8891] FAT-fs (loop1): Directory bread(block 66) failed
[  211.616453][ T8894] FAT-fs (loop4): Directory bread(block 65) failed
[  211.634233][ T8891] FAT-fs (loop1): Directory bread(block 67) failed
[  211.660762][ T8891] FAT-fs (loop1): Directory bread(block 68) failed
[  211.671965][ T8894] FAT-fs (loop4): Directory bread(block 66) failed
[  211.679564][ T8857] XFS (loop0): Quotacheck: Done.
[  211.702906][ T8891] FAT-fs (loop1): Directory bread(block 69) failed
[  211.709559][ T8891] FAT-fs (loop1): Directory bread(block 70) failed
[  211.716849][ T8891] FAT-fs (loop1): Directory bread(block 71) failed
[  211.725356][ T8891] FAT-fs (loop1): Directory bread(block 72) failed
[  211.728786][ T8894] FAT-fs (loop4): Directory bread(block 67) failed
[  211.737843][ T8891] FAT-fs (loop1): Directory bread(block 73) failed
[  211.741567][ T8846] Bluetooth: hci1: command 0x0406 tx timeout
[  211.751932][ T8846] Bluetooth: hci3: command 0x0406 tx timeout
[  211.757990][ T5842] Bluetooth: hci0: command 0x0406 tx timeout
[  211.764246][ T5842] Bluetooth: hci2: command 0x0406 tx timeout
[  211.771106][ T8894] FAT-fs (loop4): Directory bread(block 68) failed
[  211.824781][ T8894] FAT-fs (loop4): Directory bread(block 69) failed
[  211.855385][ T8894] FAT-fs (loop4): Directory bread(block 70) failed
[  211.873147][ T8894] FAT-fs (loop4): Directory bread(block 71) failed
[  211.894390][ T8894] FAT-fs (loop4): Directory bread(block 72) failed
[  211.904457][ T8894] FAT-fs (loop4): Directory bread(block 73) failed
[  211.923820][ T5849] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  212.656053][ T8895] loop2: detected capacity change from 0 to 32768
[  212.748999][ T8920] loop0: detected capacity change from 0 to 64
[  212.755596][ T8895] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  212.756819][ T8912] loop4: detected capacity change from 0 to 4096
[  212.852914][ T8912] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  212.881392][ T8920] hfs: bad catalog entry type 0
[  212.924664][ T8912] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 4096)
[  212.949005][ T8927] usb usb8: usbfs: process 8927 (syz.1.1049) did not claim interface 12 before use
[  212.973927][ T8928] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  213.156366][ T8895] XFS (loop2): Ending clean mount
[  213.178924][ T8895] XFS (loop2): Quotacheck needed: Please wait.
[  213.234849][ T8895] XFS (loop2): Quotacheck: Done.
[  213.294858][ T8933] sctp: [Deprecated]: syz.0.1050 (pid 8933) Use of int in max_burst socket option.
[  213.294858][ T8933] Use struct sctp_assoc_value instead
[  213.344172][ T8934] loop4: detected capacity change from 0 to 1024
[  213.424541][ T5846] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  213.448406][ T8934] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  213.647677][ T5156] Bluetooth: hci4: unknown advertising packet type: 0x09
[  213.647742][ T5156] Bluetooth: hci4: unknown advertising packet type: 0x05
[  213.656225][ T5156] Bluetooth: hci4: Malformed LE Event: 0x02
[  213.870919][ T8948] loop3: detected capacity change from 0 to 1024
[  213.911307][ T8950] netlink: 'syz.2.1054': attribute type 4 has an invalid length.
[  213.932415][ T8950] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1054'.
[  214.012029][ T5834] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.363953][ T8964] loop2: detected capacity change from 0 to 128
[  215.031824][ T8957] loop4: detected capacity change from 0 to 32768
[  215.058583][ T8957] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1059 (8957)
[  215.143779][ T8957] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  215.181698][ T8966] loop3: detected capacity change from 0 to 32768
[  215.208897][ T8957] BTRFS info (device loop4): using crc32c (crc32c-x86_64) checksum algorithm
[  215.232647][ T8957] BTRFS info (device loop4): disk space caching is enabled
[  215.249978][ T8957] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  215.504688][ T8957] BTRFS info (device loop4): rebuilding free space tree
[  215.602366][ T8957] BTRFS info (device loop4): disabling free space tree
[  215.627496][ T8957] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  215.664403][ T9000] loop3: detected capacity change from 0 to 256
[  215.693793][ T8957] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  215.795005][ T9000] FAT-fs (loop3): Directory bread(block 64) failed
[  215.830369][ T9000] FAT-fs (loop3): Directory bread(block 65) failed
[  215.887643][ T9000] FAT-fs (loop3): Directory bread(block 66) failed
[  215.914262][   T30] audit: type=1326 audit(1749798635.548:2535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9005 comm="syz.0.1076" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe3a7b8e929 code=0x0
[  215.927407][ T9000] FAT-fs (loop3): Directory bread(block 67) failed
[  215.999750][ T9000] FAT-fs (loop3): Directory bread(block 68) failed
[  216.008611][ T5834] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  216.030947][ T9000] FAT-fs (loop3): Directory bread(block 69) failed
[  216.042427][ T9000] FAT-fs (loop3): Directory bread(block 70) failed
[  216.050301][ T9000] FAT-fs (loop3): Directory bread(block 71) failed
[  216.064628][ T9000] FAT-fs (loop3): Directory bread(block 72) failed
[  216.073023][ T9000] FAT-fs (loop3): Directory bread(block 73) failed
[  217.080928][ T5960] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[  217.272730][ T5960] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  217.294115][ T5960] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  217.331446][ T5960] usb 4-1: New USB device found, idVendor=0925, idProduct=8866, bcdDevice= 0.00
[  217.360587][ T5960] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.401579][ T5960] usb 4-1: config 0 descriptor??
[  217.441218][ T9027] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  217.663411][ T9047] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1095'.
[  217.836192][ T9033] loop1: detected capacity change from 0 to 32768
[  217.878288][ T5960] smartjoyplus 0003:0925:8866.000B: hidraw0: USB HID vff.fa Device [HID 0925:8866] on usb-dummy_hcd.3-1/input0
[  217.905475][ T9033] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  217.917521][ T5960] smartjoyplus 0003:0925:8866.000B: no output reports found
[  217.932447][ T9038] loop2: detected capacity change from 0 to 32768
[  218.028364][ T9038] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  218.039205][ T9041] loop4: detected capacity change from 0 to 40427
[  218.102633][ T5960] usb 4-1: USB disconnect, device number 4
[  218.103226][ T9041] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  218.124784][ T9033] XFS (loop1): Ending clean mount
[  218.176986][ T9064] fido_id[9064]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  218.190561][ T9041] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  218.290556][ T9038] XFS (loop2): Ending clean mount
[  218.323671][ T5839] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  218.531751][ T5846] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  218.533058][ T9041] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  218.568024][ T9041] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  218.833941][ T5896] usb 1-1: new low-speed USB device number 5 using dummy_hcd
[  218.979568][ T9086] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1104'.
[  219.032571][ T5896] usb 1-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  219.073964][ T5896] usb 1-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid maxpacket 1023, setting to 8
[  219.101947][ T5896] usb 1-1: config 0 interface 0 altsetting 9 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  219.133526][ T5896] usb 1-1: config 0 interface 0 has no altsetting 0
[  219.163096][ T5896] usb 1-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[  219.203049][ T5896] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  219.255251][ T5896] usb 1-1: config 0 descriptor??
[  219.283572][ T9076] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  219.742174][ T5896] uclogic 0003:28BD:0094.000C: interface is invalid, ignoring
[  219.968387][ T1210] usb 1-1: USB disconnect, device number 5
[  220.002402][ T9088] loop1: detected capacity change from 0 to 32768
[  220.030848][ T9088] BTRFS: device fsid d552757d-9c39-40e3-95f0-16d819589928 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1105 (9088)
[  220.058504][ T9090] loop3: detected capacity change from 0 to 40427
[  220.092360][ T9090] F2FS-fs (loop3): Corrupted extension count (64 + 1 > 64)
[  220.099632][ T9090] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  220.110316][ T9088] BTRFS info (device loop1): first mount of filesystem d552757d-9c39-40e3-95f0-16d819589928
[  220.144834][ T9088] BTRFS info (device loop1): using sha256 (sha256-x86_64) checksum algorithm
[  220.189602][ T9088] BTRFS info (device loop1): using free-space-tree
[  220.472129][ T9090] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  220.488204][   T30] audit: type=1800 audit(1749798640.118:2536): pid=9088 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1105" name="file1" dev="loop1" ino=260 res=0 errno=0
[  220.537701][ T9090] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  220.721109][ T5839] BTRFS info (device loop1): last unmount of filesystem d552757d-9c39-40e3-95f0-16d819589928
[  221.138476][ T9137] loop2: detected capacity change from 0 to 8192
[  221.167721][ T9137] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  221.605208][ T9154] loop0: detected capacity change from 0 to 512
[  221.635140][ T9154] EXT4-fs: Ignoring removed oldalloc option
[  221.674183][ T9154] EXT4-fs (loop0): 1 truncate cleaned up
[  221.721734][ T9154] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.133707][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.288729][ T9183] netlink: 'syz.4.1141': attribute type 1 has an invalid length.
[  222.305021][   T30] audit: type=1326 audit(1749798641.918:2537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9179 comm="syz.3.1139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f93b8e929 code=0x7ffc0000
[  222.335470][ T9183] netlink: 228 bytes leftover after parsing attributes in process `syz.4.1141'.
[  222.388914][   T30] audit: type=1326 audit(1749798641.918:2538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9179 comm="syz.3.1139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f93b8e929 code=0x7ffc0000
[  222.395398][ T9183] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1141'.
[  222.480259][   T30] audit: type=1326 audit(1749798641.928:2539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9179 comm="syz.3.1139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5f93b8e929 code=0x7ffc0000
[  222.502618][    C1] vkms_vblank_simulate: vblank timer overrun
[  222.523922][ T9191] loop2: detected capacity change from 0 to 256
[  222.539307][ T9191] exfat: Deprecated parameter 'utf8'
[  222.554939][   T30] audit: type=1326 audit(1749798641.938:2540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9179 comm="syz.3.1139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f93b8e929 code=0x7ffc0000
[  222.655152][ T9191] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[  222.679773][   T30] audit: type=1326 audit(1749798641.938:2541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9179 comm="syz.3.1139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f5f93b8e929 code=0x7ffc0000
[  222.702124][    C1] vkms_vblank_simulate: vblank timer overrun
[  222.726880][ T9192] loop3: detected capacity change from 0 to 512
[  222.735516][   T30] audit: type=1326 audit(1749798641.938:2542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9179 comm="syz.3.1139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f93b8e929 code=0x7ffc0000
[  222.793711][ T9192] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  222.903162][ T9192] EXT4-fs (loop3): 1 truncate cleaned up
[  222.944657][ T9192] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  222.986750][ T9192] EXT4-fs (loop3): Online resizing not supported with sparse_super2
[  223.062268][ T5843] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.223012][ T9204] loop3: detected capacity change from 0 to 256
[  223.327275][ T9204] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  223.473904][ T9210] PM: Enabling pm_trace changes system date and time during resume.
[  223.473904][ T9210] PM: Correct system time has to be restored manually after resume.
[  223.502892][ T9212] nbd: illegal input index 327680
[  223.612095][ T9186] loop0: detected capacity change from 0 to 40427
[  223.645328][ T9186] F2FS-fs (loop0): build fault injection rate: 690
[  223.681040][ T9186] F2FS-fs (loop0): Image doesn't support compression
[  223.698780][ T9186] F2FS-fs (loop0): Image doesn't support compression
[  223.774943][ T9186] F2FS-fs (loop0): invalid crc value
[  224.037915][ T9195] loop1: detected capacity change from 0 to 32768
[  224.049698][ T9186] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  224.130932][ T9195] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  224.208175][ T9227] loop4: detected capacity change from 0 to 4096
[  224.456870][ T7262] udevd[7262]: symlink '../../loop1' '/dev/disk/by-diskseq/540.tmp-b7:1' failed: Read-only file system
[  224.491480][ T9195] XFS (loop1): Ending clean mount
[  224.492590][ T7262] udevd[7262]: symlink '../../loop1' '/dev/disk/by-uuid/bfdc47fc-10d8-4eed-a562-11a831b3f791.tmp-b7:1' failed: Read-only file system
[  224.523663][ T6112] udevd[6112]: symlink '../../loop4' '/dev/disk/by-diskseq/541.tmp-b7:4' failed: Read-only file system
[  224.538449][ T9195] XFS (loop1): Metadata CRC error detected at xfs_inobt_read_verify+0x42/0xe0, xfs_finobt block 0x10 
[  224.554516][ T9195] XFS (loop1): Unmount and run xfs_repair
[  224.562019][ T6112] udevd[6112]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  224.580548][ T9195] XFS (loop1): First 128 bytes of corrupted metadata buffer:
[  224.581431][ T9244] loop3: detected capacity change from 0 to 4096
[  224.598434][ T9195] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff  FIB3............
[  224.632824][ T6112] udevd[6112]: symlink '../../loop4' '/dev/disk/by-uuid/0B506D495F2D248F.tmp-b7:4' failed: Read-only file system
[  224.650699][ T9195] 00000010: 00 00 00 00 00 00 00 10 00 00 00 01 00 00 00 80  ................
[  224.682351][ T9195] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91  ..G...N..b..1...
[  224.721887][ T9195] 00000030: 00 00 00 00 37 43 cf 4c 09 00 00 00 00 00 40 37  ....7C.L......@7
[  224.759390][ T7262] udevd[7262]: symlink '../../loop1' '/dev/disk/by-diskseq/540.tmp-b7:1' failed: Read-only file system
[  224.775888][ T9195] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00  ................
[  224.778310][ T6112] udevd[6112]: symlink '../../loop4' '/dev/disk/by-diskseq/541.tmp-b7:4' failed: Read-only file system
[  224.802291][ T7262] udevd[7262]: symlink '../../loop1' '/dev/disk/by-uuid/bfdc47fc-10d8-4eed-a562-11a831b3f791.tmp-b7:1' failed: Read-only file system
[  224.809071][ T9244] ntfs3(loop3): ino=1a, mi_enum_attr
[  224.854257][ T9195] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  224.866789][ T6112] udevd[6112]: symlink '../../loop4' '/dev/disk/by-diskseq/541.tmp-b7:4' failed: Read-only file system
[  224.876291][ T9244] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  224.911463][ T7262] udevd[7262]: symlink '../../loop4' '/dev/disk/by-diskseq/541.tmp-b7:4' failed: Read-only file system
[  224.930991][ T9195] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  224.939906][ T9195] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  225.034914][ T9195] XFS (loop1): metadata I/O error in "xfs_btree_read_buf_block+0x290/0x470" at daddr 0x10 len 4 error 74
[  225.098035][ T9195] XFS (loop1): Failed to initialize disk quotas, err -117.
[  225.330870][ T5839] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  225.375803][ T9258] loop3: detected capacity change from 0 to 16
[  225.380970][ T5839] XFS (loop1): Uncorrected metadata errors detected; please run xfs_repair.
[  225.417870][ T9258] erofs (device loop3): invalid checksum 0xe62de0bb, 0xc6d5fae7 expected
[  225.457254][ T9258] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  225.503661][ T9262] loop4: detected capacity change from 0 to 512
[  225.514948][ T9264] loop0: detected capacity change from 0 to 1024
[  225.530919][ T9258] CIFS mount error: No usable UNC path provided in device string!
[  225.530919][ T9258] 
[  225.531142][ T9258] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  225.537583][ T9264] EXT4-fs: Ignoring removed i_version option
[  225.590059][ T9262] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  225.590084][ T9262] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[  225.590165][ T9262] System zones: 0-1, 15-15, 18-18, 34-34
[  225.590663][ T9262] EXT4-fs (loop4): orphan cleanup on readonly fs
[  225.590748][ T9262] Quota error (device loop4): v2_read_header: Failed header read: expected=8 got=0
[  225.590822][ T9262] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  225.590859][ T9262] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  225.606713][ T9262] EXT4-fs error (device loop4): ext4_orphan_get:1419: comm syz.4.1174: bad orphan inode 16
[  225.689918][ T9262] ext4_test_bit(bit=15, block=18) = 1
[  225.689941][ T9262] is_bad_inode(inode)=0
[  225.689952][ T9262] NEXT_ORPHAN(inode)=0
[  225.689962][ T9262] max_ino=32
[  225.689972][ T9262] i_nlink=2
[  225.699597][ T9264] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  225.715352][ T9264] EXT4-fs error (device loop0): ext4_xattr_inode_iget:437: inode #11: comm syz.0.1165: missing EA_INODE flag
[  225.718920][ T9264] EXT4-fs (loop0): Remounting filesystem read-only
[  225.722014][ T9262] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  225.788693][ T9262] overlay: filesystem on ./file0 is read-only
[  225.898963][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.911417][ T5834] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.131140][ T5840] Bluetooth: hci0: command 0x0406 tx timeout
[  226.131261][ T5156] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  226.271893][ T9275] loop4: detected capacity change from 0 to 4096
[  226.544233][ T9275] ntfs3(loop4): failed to convert "0080" to cp862
[  226.670713][ T5936] usb 3-1: new full-speed USB device number 5 using dummy_hcd
[  226.719974][ T9298] loop0: detected capacity change from 0 to 22
[  226.753994][ T9298] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  226.782134][ T9298] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  226.889284][ T5936] usb 3-1: config 0 has an invalid interface number: 29 but max is 0
[  226.920767][ T5936] usb 3-1: config 0 has no interface number 0
[  226.940793][ T9304] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1191'.
[  226.948758][ T5936] usb 3-1: config 0 interface 29 has no altsetting 0
[  226.962825][ T9304] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1191'.
[  226.969914][ T5936] usb 3-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac
[  226.988419][ T5936] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  227.010627][ T9304] netlink: 'syz.3.1191': attribute type 14 has an invalid length.
[  227.028789][ T5936] usb 3-1: Product: syz
[  227.033327][ T9304] netlink: 'syz.3.1191': attribute type 12 has an invalid length.
[  227.051234][ T5936] usb 3-1: Manufacturer: syz
[  227.060167][ T5936] usb 3-1: SerialNumber: syz
[  227.088307][ T5936] usb 3-1: config 0 descriptor??
[  227.173799][ T9310] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.1193'.
[  227.222305][ T9310] netlink: get zone limit has 8 unknown bytes
[  227.335192][ T5936] peak_usb 3-1:0.29: PEAK-System PCAN-USB X6 v0 fw v0.0.0 (2 channels)
[  227.457172][ T9318] loop4: detected capacity change from 0 to 1024
[  227.474446][ T9320] loop1: detected capacity change from 0 to 256
[  227.536069][ T5936] peak_usb 3-1:0.29 can0: sending command failure: -22
[  227.551135][ T5936] peak_usb 3-1:0.29 can0: sending command failure: -22
[  227.568419][ T5936] peak_usb 3-1:0.29 can0: sending command failure: -22
[  227.590228][ T9320] FAT-fs (loop1): Directory bread(block 64) failed
[  227.617116][ T9320] FAT-fs (loop1): Directory bread(block 65) failed
[  227.657979][ T9320] FAT-fs (loop1): Directory bread(block 66) failed
[  227.690793][ T9320] FAT-fs (loop1): Directory bread(block 67) failed
[  227.706869][   T36] hfsplus: b-tree write err: -5, ino 4
[  227.713031][ T5936] peak_usb 3-1:0.29: probe with driver peak_usb failed with error -22
[  227.721494][ T9320] FAT-fs (loop1): Directory bread(block 68) failed
[  227.743000][ T9324] loop0: detected capacity change from 0 to 4096
[  227.761827][ T9320] FAT-fs (loop1): Directory bread(block 69) failed
[  227.775296][ T5936] usb 3-1: USB disconnect, device number 5
[  227.785565][ T9320] FAT-fs (loop1): Directory bread(block 70) failed
[  227.833741][ T9320] FAT-fs (loop1): Directory bread(block 71) failed
[  227.840389][ T9320] FAT-fs (loop1): Directory bread(block 72) failed
[  227.881664][ T9320] FAT-fs (loop1): Directory bread(block 73) failed
[  228.112137][ T2157] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  228.226109][ T9334] syz.1.1205 (9334): /proc/9333/oom_adj is deprecated, please use /proc/9333/oom_score_adj instead.
[  228.290830][ T2157] usb 5-1: Using ep0 maxpacket: 8
[  228.303066][ T2157] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  228.331178][ T2157] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  228.368087][ T2157] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  228.428148][ T2157] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  228.479228][ T2157] usb 5-1: config 0 descriptor??
[  228.731171][ T2157] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  228.735986][ T9354] loop3: detected capacity change from 0 to 1024
[  228.797039][ T9356] loop0: detected capacity change from 0 to 512
[  228.827648][ T9358] loop1: detected capacity change from 0 to 512
[  228.904087][ T9356] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  228.933309][ T9363] loop2: detected capacity change from 0 to 1024
[  228.941728][ T9356] ext4 filesystem being mounted at /269/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  228.964999][ T2157] usb 5-1: USB disconnect, device number 10
[  228.971581][   T49] hfsplus: b-tree write err: -5, ino 4
[  228.999906][ T9356] EXT4-fs (loop0): resizing filesystem from 128 to 1 blocks
[  229.012000][ T9356] EXT4-fs warning (device loop0): ext4_resize_fs:2042: can't shrink FS - resize aborted
[  229.013762][ T9358] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  229.046339][ T9363] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  229.090801][ T9358] ext4 filesystem being mounted at /264/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  229.156999][ T9358] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  229.199176][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.219444][ T9370] loop3: detected capacity change from 0 to 512
[  229.260118][ T9370] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  229.272657][   T13] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  229.319859][ T9370] EXT4-fs error (device loop3): ext4_orphan_get:1419: comm syz.3.1219: bad orphan inode 16
[  229.352837][ T9370] ext4_test_bit(bit=15, block=4) = 0
[  229.359130][   T13] EXT4-fs (loop2): Remounting filesystem read-only
[  229.368114][ T5839] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.381720][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.399552][ T9370] EXT4-fs (loop3): 1 orphan inode deleted
[  229.433092][ T9370] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  229.468621][ T5887] udevd[5887]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[  229.474830][ T6112] udevd[6112]: symlink '../../loop0' '/dev/disk/by-diskseq/564.tmp-b7:0' failed: Read-only file system
[  229.500208][ T5887] udevd[5887]: symlink '../../loop1' '/dev/disk/by-diskseq/565.tmp-b7:1' failed: Read-only file system
[  229.542201][ T7262] udevd[7262]: symlink '../../loop2' '/dev/disk/by-diskseq/566.tmp-b7:2' failed: Read-only file system
[  229.544957][ T9370] EXT4-fs error (device loop3): __ext4_new_inode:1073: comm syz.3.1219: reserved inode found cleared - inode=1
[  229.611069][ T6112] udevd[6112]: symlink '../../loop0' '/dev/disk/by-diskseq/569.tmp-b7:0' failed: Read-only file system
[  229.616829][ T6650] udevd[6650]: symlink '../../loop4' '/dev/disk/by-diskseq/560.tmp-b7:4' failed: Read-only file system
[  229.636131][ T7262] udevd[7262]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[  229.662284][ T5887] udevd[5887]: symlink '../../loop1' '/dev/disk/by-diskseq/565.tmp-b7:1' failed: Read-only file system
[  229.742626][ T7262] udevd[7262]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[  229.777595][ T5887] udevd[5887]: symlink '../../loop1' '/dev/disk/by-diskseq/570.tmp-b7:1' failed: Read-only file system
[  229.824316][ T5843] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.144408][ T9384] loop1: detected capacity change from 0 to 32768
[  230.161411][ T9384] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1225 (9384)
[  230.192582][ T9384] BTRFS info (device loop1 state S): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  230.200320][ T9387] loop2: detected capacity change from 0 to 1024
[  230.203478][ T9384] BTRFS info (device loop1 state S): using crc32c (crc32c-x86_64) checksum algorithm
[  230.221534][ T9384] BTRFS info (device loop1 state S): using free-space-tree
[  230.350707][ T9389] loop4: detected capacity change from 0 to 2048
[  230.359241][   T13] BTRFS warning (device loop1 state S): checksum verify failed on logical 1052672 mirror 1 wanted 0x37e030f7 found 0xf6479a7e level 0, ignored
[  230.432532][   T49] BTRFS warning (device loop1 state S): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0x95942055 level 0, ignored
[  230.448626][   T49] BTRFS warning (device loop1 state S): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0x5b46211a level 0, ignored
[  230.465295][   T49] BTRFS warning (device loop1 state S): checksum verify failed on logical 5328896 mirror 1 wanted 0x51ec978b found 0x24aa9458 level 0, ignored
[  230.484150][ T9384] BTRFS error (device loop1 state S): dev extent physical offset 6881280 on devid 1 doesn't have corresponding chunk
[  230.498418][ T9408] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  230.498424][ T9384] BTRFS error (device loop1 state S): failed to verify dev extents against chunks: -117
[  230.572152][ T9384] BTRFS error (device loop1 state S): open_ctree failed: -117
[  231.320800][ T5903] usb 3-1: new full-speed USB device number 6 using dummy_hcd
[  231.528441][ T5903] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  231.569309][ T5903] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2
[  231.603707][ T5903] usb 3-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  231.633490][ T5903] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  231.674764][ T9401] loop3: detected capacity change from 0 to 32768
[  231.688889][ T9401] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1226 (9401)
[  231.692225][ T5903] usb 3-1: config 0 descriptor??
[  231.739742][ T9401] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  231.766375][ T5903] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  231.766754][ T9401] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  231.793819][ T5903] dvb-usb: bulk message failed: -22 (3/0)
[  231.817078][ T9443] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1243'.
[  231.826562][ T9401] BTRFS info (device loop3): using free-space-tree
[  231.838513][ T5903] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  231.897645][ T5903] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  231.922687][ T5903] usb 3-1: media controller created
[  231.942638][ T5903] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  232.000124][ T5903] dvb-usb: bulk message failed: -22 (6/0)
[  232.043575][ T5903] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  232.141529][ T5903] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input10
[  232.197165][ T5903] dvb-usb: schedule remote query interval to 150 msecs.
[  232.228259][ T5903] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  232.291341][ T5903] usb 3-1: USB disconnect, device number 6
[  232.392077][ T5903] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  232.446353][ T5843] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  232.575024][ T5933] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  232.713863][ T9480] loop2: detected capacity change from 0 to 64
[  232.761391][ T9481] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1255'.
[  232.772570][ T5933] usb 2-1: Using ep0 maxpacket: 16
[  232.783013][ T5933] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  232.795583][ T9480] BFS-fs: bfs_fill_super(): loop2 is unclean, continuing
[  232.839342][ T5933] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  232.857923][ T5933] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  232.935733][ T5933] usb 2-1: New USB device found, idVendor=0457, idProduct=07da, bcdDevice= 0.00
[  232.990652][ T5933] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  233.071190][ T5933] usb 2-1: config 0 descriptor??
[  233.333980][ T9492] ptrace attach of "./syz-executor exec"[5849] was attempted by " Àÿ      Ðÿ      ð¥      Àÿ      Àÿ      Ðÿ      àÿ              ðÿ      °ÿ      Àÿ                 ÿÿÿÿ                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
[  233.515464][ T5933] hid-multitouch 0003:0457:07DA.000D: unknown main item tag 0x0
[  233.830690][ T5933] hid-multitouch 0003:0457:07DA.000D: unknown main item tag 0x6
[  233.848406][ T9477] loop4: detected capacity change from 0 to 32768
[  233.861450][ T5933] hid-multitouch 0003:0457:07DA.000D: item 0 0 0 11 parsing failed
[  233.891618][ T5933] hid-multitouch 0003:0457:07DA.000D: probe with driver hid-multitouch failed with error -22
[  233.936082][ T5933] usb 2-1: USB disconnect, device number 8
[  234.001221][ T9477] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  234.139772][ T9477] XFS (loop4): Ending clean mount
[  234.233434][ T9477] XFS (loop4): Quotacheck needed: Please wait.
[  234.402316][ T9477] XFS (loop4): Quotacheck: Done.
[  234.474409][ T7262] udevd[7262]: symlink '../../loop4' '/dev/disk/by-diskseq/583.tmp-b7:4' failed: Read-only file system
[  234.514803][ T7262] udevd[7262]: symlink '../../loop4' '/dev/disk/by-uuid/c496e05e-540d-4c72-b591-04d79d8b4eeb.tmp-b7:4' failed: Read-only file system
[  234.569940][ T5834] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  234.744460][ T5887] udevd[5887]: symlink '../../loop1' '/dev/disk/by-diskseq/578.tmp-b7:1' failed: Read-only file system
[  234.752181][ T7262] udevd[7262]: symlink '../../loop4' '/dev/disk/by-diskseq/583.tmp-b7:4' failed: Read-only file system
[  234.871508][ T7262] udevd[7262]: symlink '../../loop4' '/dev/disk/by-diskseq/583.tmp-b7:4' failed: Read-only file system
[  234.975829][ T7262] udevd[7262]: symlink '../../loop1' '/dev/disk/by-diskseq/578.tmp-b7:1' failed: Read-only file system
[  235.244110][ T7262] udevd[7262]: symlink '../../loop1' '/dev/disk/by-diskseq/578.tmp-b7:1' failed: Read-only file system
[  235.275768][ T9501] loop2: detected capacity change from 0 to 40427
[  235.277522][ T9539] loop4: detected capacity change from 0 to 2048
[  235.321370][ T9539] EXT4-fs: Ignoring removed nobh option
[  235.356991][ T9523] loop0: detected capacity change from 0 to 32768
[  235.361636][ T9501] F2FS-fs (loop2): invalid crc value
[  235.419090][ T9509] loop3: detected capacity change from 0 to 40427
[  235.435004][ T7262] udevd[7262]: symlink '../../loop4' '/dev/disk/by-diskseq/586.tmp-b7:4' failed: Read-only file system
[  235.458629][ T9539] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  235.460036][ T9523] read_mapping_page failed!
[  235.489166][ T9509] F2FS-fs (loop3): Invalid SB checksum offset: 0
[  235.495802][ T9509] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  235.503184][ T9539] ext4 filesystem being mounted at /218/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  235.508622][ T7262] udevd[7262]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  235.529032][ T9523] ERROR: (device loop0): txCommit: 
[  235.529032][ T9523] 
[  235.552047][ T9509] F2FS-fs (loop3): invalid crc value
[  235.592780][ T9523] ERROR: (device loop0): remounting filesystem as read-only
[  235.599485][ T7262] udevd[7262]: symlink '../../loop4' '/dev/disk/by-diskseq/586.tmp-b7:4' failed: Read-only file system
[  235.725561][ T5834] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.879561][ T9501] F2FS-fs (loop2): Start checkpoint disabled!
[  235.910422][ T9509] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[  235.960822][ T9501] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  235.961152][ T9509] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  236.209766][   T13] kworker/u8:1: attempt to access beyond end of device
[  236.209766][   T13] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  236.249485][   T13] CPU: 1 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted 6.16.0-rc1-next-20250613-syzkaller #0 PREEMPT(full) 
[  236.249515][   T13] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  236.249528][   T13] Workqueue: writeback wb_workfn (flush-7:2)
[  236.249563][   T13] Call Trace:
[  236.249571][   T13]  <TASK>
[  236.249581][   T13]  dump_stack_lvl+0x189/0x250
[  236.249607][   T13]  ? __pfx_dump_stack_lvl+0x10/0x10
[  236.249623][   T13]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  236.249652][   T13]  ? __pfx_queue_work_on+0x10/0x10
[  236.249673][   T13]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  236.249700][   T13]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  236.249728][   T13]  ? f2fs_hw_is_readonly+0x39b/0x470
[  236.249759][   T13]  f2fs_handle_critical_error+0x37c/0x540
[  236.249791][   T13]  f2fs_write_end_io+0x495/0x810
[  236.249825][   T13]  ? blkg_put+0x22/0x240
[  236.249868][   T13]  __submit_merged_bio+0x27a/0x6a0
[  236.249900][   T13]  __submit_merged_write_cond+0x255/0x530
[  236.249932][   T13]  f2fs_write_data_pages+0x261d/0x3000
[  236.249997][   T13]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  236.250039][   T13]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  236.250110][   T13]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  236.250136][   T13]  ? look_up_lock_class+0x74/0x170
[  236.250174][   T13]  ? trace_f2fs_writepages+0x7f/0x200
[  236.250200][   T13]  ? f2fs_write_node_pages+0x478/0x6e0
[  236.250228][   T13]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  236.250274][   T13]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  236.250302][   T13]  do_writepages+0x32b/0x550
[  236.250331][   T13]  ? reacquire_held_locks+0x127/0x1d0
[  236.250350][   T13]  ? writeback_sb_inodes+0x384/0x1010
[  236.250389][   T13]  __writeback_single_inode+0x145/0xff0
[  236.250420][   T13]  ? do_raw_spin_unlock+0x122/0x240
[  236.250449][   T13]  writeback_sb_inodes+0x6c7/0x1010
[  236.250507][   T13]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  236.250584][   T13]  ? rcu_is_watching+0x15/0xb0
[  236.250613][   T13]  wb_writeback+0x43b/0xaf0
[  236.250652][   T13]  ? queue_io+0x391/0x590
[  236.250684][   T13]  ? __pfx_wb_writeback+0x10/0x10
[  236.250724][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  236.250756][   T13]  wb_workfn+0x409/0xef0
[  236.250798][   T13]  ? __pfx_wb_workfn+0x10/0x10
[  236.250835][   T13]  ? __lock_acquire+0xab9/0xd20
[  236.250875][   T13]  ? process_scheduled_works+0x9ef/0x17b0
[  236.250911][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  236.250935][   T13]  ? process_scheduled_works+0x9ef/0x17b0
[  236.250964][   T13]  ? process_scheduled_works+0x9ef/0x17b0
[  236.250996][   T13]  process_scheduled_works+0xade/0x17b0
[  236.251058][   T13]  ? __pfx_process_scheduled_works+0x10/0x10
[  236.251108][   T13]  worker_thread+0x8a0/0xda0
[  236.251156][   T13]  kthread+0x711/0x8a0
[  236.251183][   T13]  ? __pfx_worker_thread+0x10/0x10
[  236.251200][   T13]  ? __pfx_kthread+0x10/0x10
[  236.251224][   T13]  ? _raw_spin_unlock_irq+0x23/0x50
[  236.251248][   T13]  ? lockdep_hardirqs_on+0x9c/0x150
[  236.251274][   T13]  ? __pfx_kthread+0x10/0x10
[  236.251297][   T13]  ret_from_fork+0x3f9/0x770
[  236.251328][   T13]  ? __pfx_ret_from_fork+0x10/0x10
[  236.251362][   T13]  ? __switch_to_asm+0x39/0x70
[  236.251380][   T13]  ? __switch_to_asm+0x33/0x70
[  236.251399][   T13]  ? __pfx_kthread+0x10/0x10
[  236.251423][   T13]  ret_from_fork_asm+0x1a/0x30
[  236.251462][   T13]  </TASK>
[  236.656370][   T13] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  236.692220][ T9565] program syz.0.1282 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  237.012861][ T9573] loop4: detected capacity change from 0 to 512
[  237.051823][ T9572] netlink: 'syz.0.1285': attribute type 8 has an invalid length.
[  237.060004][ T9573] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  237.114166][ T9573] EXT4-fs (loop4): 1 truncate cleaned up
[  237.170215][ T9573] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  237.263044][ T9569] loop1: detected capacity change from 0 to 32768
[  237.308275][ T9569] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  237.366372][ T9585] loop0: detected capacity change from 0 to 256
[  237.460057][ T9585] exFAT-fs (loop0): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  237.492283][ T9569] XFS (loop1): Ending clean mount
[  237.517505][ T9569] XFS (loop1): Quotacheck needed: Please wait.
[  237.557568][ T5834] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.626272][ T9569] XFS (loop1): Quotacheck: Done.
[  237.778823][ T5839] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  238.545844][ T9617] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1301'.
[  238.690176][ T9619] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1303'.
[  238.731239][ T9619] nbd: socks must be embedded in a SOCK_ITEM attr
[  238.953015][   T30] audit: type=1326 audit(1749798658.588:2543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9624 comm="syz.0.1305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3a7b8e929 code=0x7ffc0000
[  239.004330][ T9627] loop4: detected capacity change from 0 to 1024
[  239.025029][   T30] audit: type=1326 audit(1749798658.588:2544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9624 comm="syz.0.1305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3a7b8e929 code=0x7ffc0000
[  239.084956][ T9599] loop2: detected capacity change from 0 to 32768
[  239.116950][   T30] audit: type=1326 audit(1749798658.618:2545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9624 comm="syz.0.1305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fe3a7b8e929 code=0x7ffc0000
[  239.188296][ T9631] ------------[ cut here ]------------
[  239.193900][ T9631] verifier bug: add backedge: no SCC in verification path, insn_idx 9(1)
[  239.215355][   T30] audit: type=1326 audit(1749798658.618:2546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9624 comm="syz.0.1305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3a7b8e929 code=0x7ffc0000
[  239.243663][ T9631] WARNING: CPU: 1 PID: 9631 at kernel/bpf/verifier.c:1970 do_check+0xda21/0xdba0
[  239.253125][ T9631] Modules linked in:
[  239.257084][ T9631] CPU: 1 UID: 0 PID: 9631 Comm: syz.3.1307 Not tainted 6.16.0-rc1-next-20250613-syzkaller #0 PREEMPT(full) 
[  239.268634][ T9631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  239.278771][ T9631] RIP: 0010:do_check+0xda21/0xdba0
[  239.284030][ T9631] Code: 01 90 48 b8 00 00 00 00 00 fc ff df 41 0f b6 04 06 84 c0 0f 85 2b 01 00 00 41 8b 75 00 48 c7 c7 60 4c 91 8b e8 60 fc ac ff 90 <0f> 0b 90 90 e9 27 fe ff ff e8 d1 5c e9 ff e8 ac 12 4d 00 ba 38 00
[  239.303934][ T9631] RSP: 0018:ffffc9000c56eec0 EFLAGS: 00010246
[  239.310039][ T9631] RAX: 867b8bce18ff8a00 RBX: ffffc9000c56f180 RCX: 0000000000080000
[  239.314867][   T30] audit: type=1326 audit(1749798658.618:2547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9624 comm="syz.0.1305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3a7b8e929 code=0x7ffc0000
[  239.318335][ T9631] RDX: ffffc9000d2ba000 RSI: 0000000000010914 RDI: 0000000000010915
[  239.349965][ T9631] RBP: ffffc9000c56f2c8 R08: 0000000000000003 R09: 0000000000000004
[  239.358096][ T9631] R10: dffffc0000000000 R11: fffffbfff1bfaa14 R12: ffff88814d1b7900
[  239.366375][ T9631] R13: ffff88814d1b7954 R14: 1ffff11029a36f2a R15: 0000000000000000
[  239.374544][ T9631] FS:  00007f5f949276c0(0000) GS:ffff888125d41000(0000) knlGS:0000000000000000
[  239.383523][ T9631] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  239.390122][ T9631] CR2: 00007f964f573000 CR3: 0000000078722000 CR4: 00000000003526f0
[  239.395575][   T30] audit: type=1326 audit(1749798658.638:2548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9624 comm="syz.0.1305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=327 compat=0 ip=0x7fe3a7b8e929 code=0x7ffc0000
[  239.398181][ T9631] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  239.429266][ T9631] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  239.434744][   T30] audit: type=1326 audit(1749798658.638:2549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9624 comm="syz.0.1305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3a7b8e929 code=0x7ffc0000
[  239.437954][ T9631] Call Trace:
[  239.462979][ T9631]  <TASK>
[  239.465922][ T9631]  ? unwind_get_return_address+0x4d/0x90
[  239.471639][ T9631]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  239.477862][ T9631]  ? __x64_sys_bpf+0x7c/0x90
[  239.482565][ T9631]  ? __pfx_do_check+0x10/0x10
[  239.487289][ T9631]  ? __asan_memset+0x22/0x50
[  239.491977][ T9631]  do_check_common+0x18fa/0x2460
[  239.497052][ T9631]  bpf_check+0x110e2/0x1a240
[  239.501738][ T9631]  ? __lock_acquire+0xab9/0xd20
[  239.506647][ T9631]  ? is_bpf_text_address+0x292/0x2b0
[  239.512028][ T9631]  ? is_bpf_text_address+0x26/0x2b0
[  239.517260][ T9631]  ? __kernel_text_address+0xd/0x40
[  239.522530][ T9631]  ? unwind_get_return_address+0x4d/0x90
[  239.528816][ T9631]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  239.535692][ T9631]  ? __pfx_bpf_check+0x10/0x10
[  239.540553][ T9631]  ? __lock_acquire+0xab9/0xd20
[  239.545455][ T9631]  ? __pfx___mutex_trylock_common+0x10/0x10
[  239.551447][ T9631]  ? css_rstat_updated+0x1a5/0xca0
[  239.556619][ T9631]  ? pcpu_block_update+0x1b5/0x8d0
[  239.561833][ T9631]  ? __lock_acquire+0xab9/0xd20
[  239.566741][ T9631]  ? ktime_get_with_offset+0x8c/0x2a0
[  239.572210][ T9631]  ? seqcount_lockdep_reader_access+0x123/0x1c0
[  239.578496][ T9631]  ? lockdep_hardirqs_on+0x9c/0x150
[  239.583803][ T9631]  ? ktime_get_with_offset+0x8c/0x2a0
[  239.589212][ T9631]  ? seqcount_lockdep_reader_access+0x175/0x1c0
[  239.595565][ T9631]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  239.602240][ T9631]  ? bpf_obj_name_cpy+0x194/0x1e0
[  239.607289][ T9631]  ? bpf_lsm_bpf_prog_load+0x9/0x20
[  239.612569][ T9631]  ? security_bpf_prog_load+0x7f/0x310
[  239.618055][ T9631]  bpf_prog_load+0x1318/0x1930
[  239.622885][ T9631]  ? __pfx_bpf_prog_load+0x10/0x10
[  239.628044][ T9631]  ? bpf_lsm_bpf+0x9/0x20
[  239.634154][ T9631]  ? security_bpf+0x7e/0x300
[  239.638779][ T9631]  __sys_bpf+0x5f1/0x860
[  239.643759][ T9631]  ? __pfx___sys_bpf+0x10/0x10
[  239.648612][ T9631]  ? rcu_is_watching+0x15/0xb0
[  239.653503][ T9631]  __x64_sys_bpf+0x7c/0x90
[  239.657964][ T9631]  do_syscall_64+0xfa/0x3b0
[  239.662570][ T9631]  ? lockdep_hardirqs_on+0x9c/0x150
[  239.667799][ T9631]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.674061][ T9631]  ? clear_bhb_loop+0x60/0xb0
[  239.678777][ T9631]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.684738][ T9631] RIP: 0033:0x7f5f93b8e929
[  239.689261][ T9631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.708966][ T9631] RSP: 002b:00007f5f94927038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  239.717625][ T9631] RAX: ffffffffffffffda RBX: 00007f5f93db5fa0 RCX: 00007f5f93b8e929
[  239.717914][ T9599] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[  239.725738][ T9631] RDX: 0000000000000094 RSI: 0000200000000840 RDI: 0000000000000005
[  239.745540][ T9631] RBP: 00007f5f93c10b39 R08: 0000000000000000 R09: 0000000000000000
[  239.754168][ T9631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  239.762329][ T9631] R13: 0000000000000000 R14: 00007f5f93db5fa0 R15: 00007ffc510797f8
[  239.770365][ T9631]  </TASK>
[  239.773471][ T9631] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  239.780776][ T9631] CPU: 1 UID: 0 PID: 9631 Comm: syz.3.1307 Not tainted 6.16.0-rc1-next-20250613-syzkaller #0 PREEMPT(full) 
[  239.792260][ T9631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  239.802339][ T9631] Call Trace:
[  239.805635][ T9631]  <TASK>
[  239.808599][ T9631]  dump_stack_lvl+0x99/0x250
[  239.813221][ T9631]  ? __asan_memcpy+0x40/0x70
[  239.817854][ T9631]  ? __pfx_dump_stack_lvl+0x10/0x10
[  239.823087][ T9631]  ? __pfx__printk+0x10/0x10
[  239.827721][ T9631]  panic+0x2db/0x790
[  239.831650][ T9631]  ? __pfx_panic+0x10/0x10
[  239.836091][ T9631]  ? show_trace_log_lvl+0x4fb/0x550
[  239.841356][ T9631]  __warn+0x31b/0x4b0
[  239.845378][ T9631]  ? do_check+0xda21/0xdba0
[  239.849917][ T9631]  ? do_check+0xda21/0xdba0
[  239.854446][ T9631]  report_bug+0x2be/0x4f0
[  239.858794][ T9631]  ? do_check+0xda21/0xdba0
[  239.863311][ T9631]  ? do_check+0xda21/0xdba0
[  239.867823][ T9631]  ? do_check+0xda23/0xdba0
[  239.872328][ T9631]  handle_bug+0x84/0x160
[  239.876578][ T9631]  exc_invalid_op+0x1a/0x50
[  239.881094][ T9631]  asm_exc_invalid_op+0x1a/0x20
[  239.885959][ T9631] RIP: 0010:do_check+0xda21/0xdba0
[  239.891078][ T9631] Code: 01 90 48 b8 00 00 00 00 00 fc ff df 41 0f b6 04 06 84 c0 0f 85 2b 01 00 00 41 8b 75 00 48 c7 c7 60 4c 91 8b e8 60 fc ac ff 90 <0f> 0b 90 90 e9 27 fe ff ff e8 d1 5c e9 ff e8 ac 12 4d 00 ba 38 00
[  239.910686][ T9631] RSP: 0018:ffffc9000c56eec0 EFLAGS: 00010246
[  239.916779][ T9631] RAX: 867b8bce18ff8a00 RBX: ffffc9000c56f180 RCX: 0000000000080000
[  239.924757][ T9631] RDX: ffffc9000d2ba000 RSI: 0000000000010914 RDI: 0000000000010915
[  239.932732][ T9631] RBP: ffffc9000c56f2c8 R08: 0000000000000003 R09: 0000000000000004
[  239.940713][ T9631] R10: dffffc0000000000 R11: fffffbfff1bfaa14 R12: ffff88814d1b7900
[  239.948703][ T9631] R13: ffff88814d1b7954 R14: 1ffff11029a36f2a R15: 0000000000000000
[  239.956706][ T9631]  ? unwind_get_return_address+0x4d/0x90
[  239.962356][ T9631]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  239.968539][ T9631]  ? __x64_sys_bpf+0x7c/0x90
[  239.973152][ T9631]  ? __pfx_do_check+0x10/0x10
[  239.977846][ T9631]  ? __asan_memset+0x22/0x50
[  239.982456][ T9631]  do_check_common+0x18fa/0x2460
[  239.987416][ T9631]  bpf_check+0x110e2/0x1a240
[  239.992042][ T9631]  ? __lock_acquire+0xab9/0xd20
[  239.996934][ T9631]  ? is_bpf_text_address+0x292/0x2b0
[  240.002237][ T9631]  ? is_bpf_text_address+0x26/0x2b0
[  240.007457][ T9631]  ? __kernel_text_address+0xd/0x40
[  240.012678][ T9631]  ? unwind_get_return_address+0x4d/0x90
[  240.018317][ T9631]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  240.024473][ T9631]  ? __pfx_bpf_check+0x10/0x10
[  240.029240][ T9631]  ? __lock_acquire+0xab9/0xd20
[  240.034104][ T9631]  ? __pfx___mutex_trylock_common+0x10/0x10
[  240.039992][ T9631]  ? css_rstat_updated+0x1a5/0xca0
[  240.045124][ T9631]  ? pcpu_block_update+0x1b5/0x8d0
[  240.050262][ T9631]  ? __lock_acquire+0xab9/0xd20
[  240.055136][ T9631]  ? ktime_get_with_offset+0x8c/0x2a0
[  240.060520][ T9631]  ? seqcount_lockdep_reader_access+0x123/0x1c0
[  240.066765][ T9631]  ? lockdep_hardirqs_on+0x9c/0x150
[  240.071975][ T9631]  ? ktime_get_with_offset+0x8c/0x2a0
[  240.077353][ T9631]  ? seqcount_lockdep_reader_access+0x175/0x1c0
[  240.083610][ T9631]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  240.090211][ T9631]  ? bpf_obj_name_cpy+0x194/0x1e0
[  240.095227][ T9631]  ? bpf_lsm_bpf_prog_load+0x9/0x20
[  240.100426][ T9631]  ? security_bpf_prog_load+0x7f/0x310
[  240.105898][ T9631]  bpf_prog_load+0x1318/0x1930
[  240.110668][ T9631]  ? __pfx_bpf_prog_load+0x10/0x10
[  240.115793][ T9631]  ? bpf_lsm_bpf+0x9/0x20
[  240.120125][ T9631]  ? security_bpf+0x7e/0x300
[  240.124722][ T9631]  __sys_bpf+0x5f1/0x860
[  240.128972][ T9631]  ? __pfx___sys_bpf+0x10/0x10
[  240.133754][ T9631]  ? rcu_is_watching+0x15/0xb0
[  240.138515][ T9631]  __x64_sys_bpf+0x7c/0x90
[  240.142935][ T9631]  do_syscall_64+0xfa/0x3b0
[  240.147449][ T9631]  ? lockdep_hardirqs_on+0x9c/0x150
[  240.152665][ T9631]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.158733][ T9631]  ? clear_bhb_loop+0x60/0xb0
[  240.163410][ T9631]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.169305][ T9631] RIP: 0033:0x7f5f93b8e929
[  240.173721][ T9631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  240.193328][ T9631] RSP: 002b:00007f5f94927038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  240.201747][ T9631] RAX: ffffffffffffffda RBX: 00007f5f93db5fa0 RCX: 00007f5f93b8e929
[  240.209725][ T9631] RDX: 0000000000000094 RSI: 0000200000000840 RDI: 0000000000000005
[  240.217696][ T9631] RBP: 00007f5f93c10b39 R08: 0000000000000000 R09: 0000000000000000
[  240.225659][ T9631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  240.233639][ T9631] R13: 0000000000000000 R14: 00007f5f93db5fa0 R15: 00007ffc510797f8
[  240.241624][ T9631]  </TASK>
[  240.244953][ T9631] Kernel Offset: disabled
[  240.249282][ T9631] Rebooting in 86400 seconds..