last executing test programs:

4m56.004173923s ago: executing program 0 (id=141):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000440)=[<r1=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r0, 0xc01064ab, &(0x7f0000000e00)={0x1, 0x0, r1})

4m55.620016383s ago: executing program 0 (id=131):
r0 = socket$inet6(0xa, 0x2, 0x3a)
setsockopt$inet6_int(r0, 0x29, 0x3e, &(0x7f0000000000)=0x2, 0x4)
sendto$inet6(r0, &(0x7f0000000080)="800009e92208a1ce", 0xfdef, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x9}, 0x1c)

4m55.19150256s ago: executing program 0 (id=134):
syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x804, &(0x7f0000001180)=ANY=[], 0xfd, 0x187, &(0x7f00000006c0)="$eJzskrGO00AQhr+1neRAxwkkqmvuipOAAuL4ANFx5dHT0WAlJkQ4QOJIkCiFEUIpKBAlT5DXQOIFoEA0dKlTRNTIaHfHlhMe4fYr9s/8Ozu7M/HzbJS1gL+beZczDD4H/FCKADhS1lt7Vj+L/hT9ZIXvkvdI/Peih9l01pScY65Z40Wcpsn4GPhjvMrKHr7zWJtSv+TQU6AoigI8eqDT2S9zNvOuD4yqHDgM4LppoqhydCM6uAG0J8PX7Ww6uz0Yxv2kn7yM/NP74d0wvBe1nw3SJLSrql0hraD1FtDaEyPeN/sN4INYl9lG1Z4m++oSTyhrN8sZHih28WpnS1V8rd7Vovy/4PEZ6Ge9yVXNPTFVAkxL5yh8CTpB7X32rj2zcaf7Ku0tUKjy2JKgqtFZ0aiCqB6cPsi5YkstpOSJ6LnoUnQlerTzyQS5Xj9KdDOHJm/jyWTc0UOyvxp28/e4MGgvuprXB6Zv/eJtN/fN+2+2DofD4XA4HA6Hw3HR+BcAAP//KMR5Ig==")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r0, 0x0, 0x58)

4m54.756122415s ago: executing program 0 (id=138):
syz_mount_image$exfat(&(0x7f0000000580), &(0x7f0000000040)='./bus\x00', 0x800800, &(0x7f0000000740)={[{@discard}, {@discard}, {@dmask={'dmask', 0x3d, 0x5}}, {@errors_continue}, {@errors_remount}, {@keep_last_dots}, {@gid}, {@gid={'gid', 0x3d, 0xee01}}, {@errors_continue}, {@fmask={'fmask', 0x3d, 0x7}}, {@iocharset={'iocharset', 0x3d, 'iso8859-7'}}]}, 0x1, 0x1534, &(0x7f0000003e40)="$eJzs3AuYjVX7MPD7Xms9Y0jaTXIY1lr3w05imSTJIUkOSZIkSU4JSZO8kpAYckoakpDjkByGkBwmJo3z+XxISJImSUJyStZ3CZ+O39v7vf1f/+ud+3ddz2Xdez33etbe9372Xs9jZr7pOKhag+qV6xER/Fvwwj9JABALAP0A4BoACACgdFzpuPP92SUm/XsHYX+vh1Ov9AzYlcT1z9q4/lkb1z9r4/pnbVz/rI3rn7Vx/bM2rj9jWdnGqfmv5S3rbnz//79fnT/t4e///yKZJUZ/sbrE9Z0AYv5qCtc/a+P6/9cK/spOXP+sjeufVcVe6Qmw/wX4/M8Ksv1pD9c/a+P6M5aVXen7z1d6g0jWfg2u9PuPMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxljWcMpfpgDgUvtKz4sxxhhjjDHGGGN/H5/tSs+AMcYYY4wxxhhj//MQBEhQEEAMZINYyA45QADA1ZALroEIXAtxcB3khushD+SFfJAf4qEAFAQNBiwQhFAICkMUboAicCMUhZugGBQHByUgAW6GknALlIJboTTcBmXgdigL5aA8VIA7oCLcCZXgLqgMd0MVqArVoDrcAzXgXqgJ90EtuB9qwwNQBx6EuvAQ1IOHoT48Ag3gUWgIj0EjaAxNoCk0+yv5Mb/NfxG6wkvQDbpDEvSAnvAy9ILe0Af6Qj94BfrDqzAAXoNkGAiD4HUYDG/AEHgThsIwGA5vwQgYCaNgNIyBsZAC42A8vA0T4B2YCJNgMkyBVJgK0+BdmA4zYCa8B7PgfZgNc2AuzIM0+ADmwwJIhw9hIXwEGbAIFsMSWArLYDmsgJWwClbDGlgL62A9bICNsAk2wxbYCttgO3wMO+AT2Am7YDd8Cnvgs38x/+Rv8jshIKBAgQoVxmAMxmIs5sAcmBNzYi7MhRGMYBzGYW7MjXkwD+bDfBiP8VgQC6JBg4SEhbAQRjGKRbAIFsWiWAyLoUOHCZiAJfEWLIWlsDSWxjJYBstiOSyHFbACVsSKWAkrYWWsjFWwClbDangP3oM9sCbWxFpYC2tj7Uu3p7Ae1sP6WB8bYANsiA2xETbCJtgEm2EzbI7NsQW2wFbYCltja2yDbTARE7EttsV22A7bY3vsgB2wI3bETtgZO2e+mA3wJXwJu2MV0QN7Yk/shcnZ+mBf7IuvYH98FV/F1zAZB+IgfB1fxzdwCJ7AoTgMh+NwrChG4igcjSTGYgqm4HgcjxNwAk7ESTgJp2AqTsVpOA2n4wycge/hLHwf38c5OAfnYRqm4XxcgOmYjgvxJGbgIlyMS3ApLsOluAJX4gpcjWtwNa7DdbgBN+Am3IRbcAtuw234MSoA/AR34S5Mxj24B/fiXtyH+3A/7sdMzMQDeAAP4kE8hIfwMB7GI3gUj+FRPI7H8QSexFN4Cs/gGTyLz8d/Vf/jm1YlgzhPCSViRIyIFbEih8ghcoqcIpfIJSIiIuJEnMgtcos8Io/IJ/KJeBEvCoqCwggjSIQxACCiIiqKiCKiqCgqioliwgknEkSCKClKilKilCgtbhNlxO2irCgnWroKooKoKFq5SuIuUVlUFlVEVVFNVBfVRQ1RQ9QUNUUtUUvUFrVFHfGgqCt6YB98WJyvTAMxEBuKQdhINBby4idYczEEW4iWopV4UgzDodhGNHeJ4hnRVozCduIfYjQ+JzqIsdhRvCA6ic6ii3hRdBUtXDfRXUzEHqKnmIK9RG/RR/QV07GqeA9nZa8mXhPJYqAYJF4X8/ANMUS8KYaKYWK4eEuMECPFKDFajBFjRYoYJ8aLt8UE8Y6YKCaJyWKKSBVTxTTxrpguZoiZ4j0xS7wvZos5Yq6YJ9LEB2K+WCDSxYdiofhIZIhFYrFYIpaKZWK5WCFWilVitVgj1op1Yr3YIDaKTWKz2CK2im1iu/hY7BCfiJ1il9gtPhV7xGdir/hc7BNfiP3iS5EpvhIHxNfioPhGHBLfisPiO3FEHBXHxPfiuPhBnBAnxSlxWpwRP4qz4idxTngBEqWQUioZyBiZTcbK7DKHvErmlMHFV/daGSevk7nl9TKPzCvzyfwyXhaQBaWWRlpJMpSFZGEZlTfIIvJGWVTeJIvJ4tLJEjJB3ixLyltkKXmrLC1vk2Xk7bKsLCfLywryDllR3ikhcuEYVWRVWU1Wl/fIJLhX1pT3yVryfllbPiDryAdlXfmQrCcflvXlI7KBfFQ2lI/JRrKxbCKbymbycdlcPiFbyJaylXxStpZPyTbyaZkon5Ftpb/4FnlOdpDPy47yBdlJdpZd5E/ynPSym+wuoQfInvJl2Uv2ln1kX9lPviL7y1flAPmaTJYD5SD5uhws35BD5JtyqBwmh8u35Ag5Uo6So+UYOVamyHFyvHxbTpDvyIlykpwsp8hUOVX2uTjSTCn/af7bf5A/4Oejb5Ab5Sa5WW6RW+U2uV1+LHfIHXKn3Cl3y91yj9wj98q9cp/cJ/fL/TJTZsoD8oA8KA/KQ/KQPCwPyyPyqDwtv5fH5Q/yhDwpT8rT8ow8I89efA1AoRJKKqUCFaOyqViVXeVQV6mc6mqVS12jIupaFaeuU7nV9SqPyqvyqfwqXhVQBZVWRllFKlSFVGEVVTfgxTeMKqaKK6dKqAR187+Sr4qoG1VRddOv8i/NL0kFEv5gfs1UM9VcNVctVAvVSrVSrVVr1Ua1UYkqUbVVbVU71U61V+1VB9VBdVQdVSfVSXVRXVRX1VV1U91UkkpSPdXLqpfqrfqovqqfekX1V/3VADVAJatkNUgNUoPVYDVEDVFD1VA1XA1XI9QINUqNUmPUGJWiUtR4NV5NUBPURDVRTVaTVapKVdPUNDVdTVcz1Uw1S81Ss9VsNVfNVWkqTc1X81W6SlcL1UKVoRapRWqJWqKWqWVqhVqhVqlVao1ao9apdSpDbVQb1Wa1WW1VW9V2tV3tUDvUTrVT7Va71R61R+1Ve9U+tU/tV/tVpspUB9QBdVAdVIfUIXVYHVZH1BF1TB1Tx9VxdUKdUKfUKXVGnVFn1Vl1Tp07v+wLRCACFaggJogJYoPYIEeQI8gZ5AxyBbmCSBAJ4oK4IHdwfZAnyBvkC/IH8UGBoGCgAxPYQFwsejS4ISgS3BgUDW4KigXFAxeUCBKCm4OSwS1BqeDWoHRwW1AmuD0oG5QLygcVgjuCisGdQaXgrqBycHdQJagaVAuqB/cENYJ7g5rBfUGt4P6gdvBAUCd4MKgbPBTUCx4O6gePBA2CR4OGwWNBo6Bx0CRoGjT7W8f3/kTeJ1w33V0n6R66p35Z99K9dR/dV/fTr+j++lU9QL+mk/VAPUi/rgfrN/QQ/aYeqofp4fotPUKP1KP0aD1Gj9Upepwer9/WE/Q7eqKepCfrKTpVT9XT9Lt6up6hZ+r39Cz9vp6t5+i5ep5O0x/o+XqBTtcf6oX6I52hF+nFeoleqpfp5XqFXqlX6dV6jV6r1+n1eoPeqDfpzXqL3qq36e36Y71Df6J36l16t/5U79Gf6b36c71Pf6H36y91pv5KH9Bf64P6G31If6sP6+/0EX1UH9Pf6+P6B31Cn9Sn9Gl9Rv+oz+qf9Dntzy/uz3+9G2WUiTExJtbEmhwmh8lpcppcJpeJmIiJM3Emt8lt8pg8Jp/JZ+JNvCloCprzyJApZAqZqImaIqaIKWqKmmKmmHHGmQSTYEqakqaUKWVKm9KmjCljypqyprwpb+4wd5g7zZ3mLnOXudvcbaqaqqa6qW5qmBqmpqlpaplaprapbeqYOqauqWvqmXqmvqlvGpgGpqFpaBqZRqaJaWKamWamuWluWpgWppVpZVqb1qaNaWMSTaJpa9qadqadaW/amw6mg+loOppOppPpYrqYrqar6Wa6mSSTZHqanqaX6WX6mD6mn+ln+pv+ZoAZYJJNshlkBpnBZrAZYoaYoWaYGX5+oWpGmlFmtBljxpoUk2LGm/FmgplgJpqJZrKZbFJNqplmppnpZrqZaWaaWWaWmW1mm7lmrkkzaWa+mW/STbpZaBaaDJNhFpvFZqlZapab5WalWWlWm9VmLaw16816s9FsNJvNZrPVbDXbzXazw+wwO81Os9vsNnvMHrPX7DX7zD6z3+w3mSbTHDAHzEFz0Bwyh8xhc9gcMUfMMXPMHDfHzQlzwpwyp8wZk/fi96U3sTa7zWGvsjnt1TaXvcb+Ns5n89t4W8AWtNrmsXl/FRtrbVF7ky1mi1tnS9gEe/Pv4rK2nC1vK9g7bEV7p630mxhsDXuvrWnvs7Xs/ba6vedXcW37gK1jH7V1EQFsY1vfNrUN7KO2oX3MNrKNbRPb1La2T9k29mmbaJ+xbe2zv4vn2wV2pV1lV9s1dqfdZU/Z0/ag/caesT/abra77Wdfsf3tq3aAfc0m24G/i4fbt+wIO9KOsqPtGDv2d/FkO8Wm2ql2mn3XTrczfhen2Q/sLJtuZ9s5dq6d93N8fk7p9kO70H5kM2wAi+0Su9Qus8vtiv871yV2nV1vN9gd9hO72W6xW+02u/3SQtjusrvtp3aP/cwesF/bffYLu98espn2q5/j88/vkP3WHrbf2SP2qD1mv7fH7Q/q59yRvQDsj/Z7+5M9Z70FQgKSpCigGMpGsZSdctBVlJOuplx0DUXoWoqj6yg3XU95KC/lo/wUTwWoIGkyZIkopEJUmKJ0A12aXjEqTo5KUALdTCXpFipFt1Jpuo3K0O1UlspReapAd1BFupMq0V1Ume6mKlSVqlF1uodq0L1Uk+6jWnQ/1aYHqA49SHXpIapHD1N9eoQa0KPUkB6jRtSYmlBTakaPU3N6glpQS2pFT1Jreora0NOUSM9QW3qW2tE/qD09Rx3oeepIL1An6kxd6EXqSi9RN+pOSdSDetLL1It6Ux/qS/3oFepPr9IAeo2SaSANotdpML1BQ+hNGkrDaDi9RSNoJI2i0TSGxlIKjaPx9DZNoHdoIk2iyTSFUmkqTaN3aTrNoJn0Hs2i92k2zaG5NI/S6AOaTwsonT6khfQRZdAiWkxLaCkto+W0glbSKlpNa2gtraP1tIE20ibaTFtoK22j7fQx7aBPaCftot30Ke2hz2gvfU776AvaT19SJn1FB+hrOkjf0CH61nen7+gIHaVj9D0dpx/oBJ2kU3SaztCPdJZ+onPkCUIMRShDFQZhTJgtjA2zhznCq8Kc4dVhrvCaMBJeG8aF14W5w+vDPGHeMF+YP4wPC4QFQx2a0IYUhmGhsHAYDW8Ii4Q3hkVDDIuFxUMXlggTwpvDkuEtYanw1rB0eFtYJrw9LBuWCx+9v0J4R1gxvDOsFN4VVg7vDquEVcNqYfXwnrBGeG9YM7wvrBXeH5YKHwjrhA+GdcOHwnrhw2H98JGwQfho2DB8LGwUNg6bhE3DZuHjYfPwibBF2DJsFT4Ztg6fCtuET4eJ4TNh2/DZn/sfWPDn/Ulhj7Bn+HL4cuj9fXJudF40LfpBdH50QTQ9+mF0YfSjaEZ0UXRxdEl0aXRZdHl0RXRldFV0dXRNdG10XXR9dEPU++rZwKETTjrlAhfjsrlYl93lcFe5nO5ql8td4yLuWhfnrnO53fUuj8vr8rn8Lt4VcAWddsZZRy50hVxhF3U3uCLuRlfU3eSKueLOuRIuwTV1zVwz19w94Vq4lq6Ve9I96Z5yT7mn3dPuGdfWPevauX+49u4518E97553L7hOrrPr4l50Xd24XBfOySTX0/V0vVwv18f1cf1cP9ff9XcD3ACX7JLdIDfIDXaD3RA3xA11Q91wN9yNcCPcKDfKjXFjXIpLcePdeDfBTXAT3UQ32U12qS7VTXPT3HQ33VWcceEos91sN9fNdWkuzc1359eM6W6hW+gyXIZb7Ba7pW6pW+6Wu5VupVvtVru1bq1b79a7jW6j2+w2u61uq9vutrsdbofb6a+5MKjb4/a6vW6f2+f2uy9dpvvKHXBfu4PuG3fIfesOu+/cEXfUHXPfu+PuB3fCnXSn3Gl3xv3ozrqf3DnnXUpkXGR85O3IhMg7kYmRSZHJkSmR1MjUyLTIu5HpkRmRmZH3IrMi70dmR+ZE5kbmRdIiH0TmRxZE0iMfRhZGPopkRBZFFkeWRJZGlkW8L7A59IV8YR/1N/gi/kZf1N/ki/ni3vkSPsHf7Ev6W3wpf6sv7W/zZfztvqwv58v7x3wj39g38U19M/+4b+6f8C18S9/KP+lb+6d8G/+0T/TP+Lb+Wd/O/8O398/5Dv5539G/4Dv5zr6Lf9F39S/5br67T/I9fE//su/le/s+vq/v51/x/f2rfoB/zSf7gX6Qf90P9m/4If5NP9QP88Nj3vIjLl0iw1if4sf58f5tP8G/4yf6SX6yn+JT/VQ/zb/rp/sZfqZ/z8/y7/vZfo6f6+f5NP+Bn+8X+HT/oV/oP/IZftGlm8p+uV/hV/pVfrVf49f6dX693+A3+k1+s9/it/ptfrv/2O/wn/idfpff7T/1e/xnfq//3O/zX/j9/kuf6b/yB/zX/qD/xh/y3/rD/jt/xB/1x/z3/rj/wZ/wJ/0pf9qf8T/6s/4nf45/Z40xxhhj7C8Zd7kpft1z4XZ+jz/IEb/YuScAXL0lf+Yv+8+vKNfmudDuLeJbRwDgme4dH760VamSlJR0cd8MCUHhOQCX/ifovBi4HC+CVvAUJEJLKPmH8+8tOp+hfzJ+9DaAHL/IiYXL8eXxPwfApD8Y//Enh88vE56K+3+MPwegaOHLOdnhcrwIWv18f6UllPqT+edt/sv5x/5+/OxfpAC0+EVOTrgcX55/AjwBz0Lir/ZkjDHGGGOMMcYu6C3Kt790/XnpJz7/6Po8Xl3OyQaX4392fc4YY4wxxhhjjLEr77nOXZ5+PDGxZft/vVHp/yvrLzcawv/UyNz4w4b3AJceUQDwbw4IcL4h/5PPYtN/5FjJF0+d33YtPe0D+N9RSvwbzp0r/MHEGGOMMcYY+9tdXvT/+nF1pSbEGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xlQf+Jv0Z2pZ8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9nwAAAP//+BMB0A==")
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x0, 0x1)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0)

4m54.375928022s ago: executing program 0 (id=144):
r0 = socket$inet6(0xa, 0x3, 0x87)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000280)={{{@in6=@mcast1, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x4e20, 0x0, 0x4e24, 0x9, 0x2, 0x20}, {0x2000000000, 0x4, 0x1, 0x0, 0xfffffffffffffffc, 0x9, 0xffffffffffffffff, 0x7}, {0x1ff, 0xffffffffe, 0x4053e5, 0x20}, 0x20004, 0x0, 0x1, 0x0, 0x1, 0x3}, {{@in6=@mcast2, 0x40000000, 0x32}, 0x2, @in6=@private0, 0x3502, 0x1, 0x0, 0x0, 0x4, 0xfffffffd}}, 0xe8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0x9df}, 0x1c)

4m53.66014082s ago: executing program 0 (id=147):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x7, &(0x7f00000001c0)=0x8, 0x4)
setsockopt$CAN_RAW_FD_FRAMES(r0, 0x65, 0x5, &(0x7f0000000280), 0x4)

4m52.852622817s ago: executing program 32 (id=147):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x7, &(0x7f00000001c0)=0x8, 0x4)
setsockopt$CAN_RAW_FD_FRAMES(r0, 0x65, 0x5, &(0x7f0000000280), 0x4)

4m24.379645448s ago: executing program 6 (id=351):
r0 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e2a, 0xffffffff, @mcast2, 0x6}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000001f00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="24000000000000002900000032000000fe8000000000000000000000000000bb", @ANYRES32, @ANYBLOB="00000000500000000000000029000000040000002e06000000000000010600000000000007280000000308010800ffffffffffffff7f00000000000000000180000000000000ffffff7f0000000000000042000014"], 0x90}}], 0x2, 0x4001c00)

4m24.234493263s ago: executing program 6 (id=353):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, 0x0, 0x0)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x40, &(0x7f0000000380)=0x5, 0x4)

4m23.910594669s ago: executing program 6 (id=356):
syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3)

4m23.415995159s ago: executing program 6 (id=362):
syz_mount_image$exfat(&(0x7f0000000580), &(0x7f0000000040)='./bus\x00', 0x800800, &(0x7f0000000740)={[{@discard}, {@discard}, {@dmask={'dmask', 0x3d, 0x5}}, {@errors_continue}, {@errors_remount}, {@keep_last_dots}, {@gid}, {@gid={'gid', 0x3d, 0xee01}}, {@errors_continue}, {@fmask={'fmask', 0x3d, 0x7}}, {@iocharset={'iocharset', 0x3d, 'iso8859-7'}}]}, 0x1, 0x1534, &(0x7f0000003e40)="$eJzs3AuYjVX7MPD7Xms9Y0jaTXIY1lr3w05imSTJIUkOSZIkSU4JSZO8kpAYckoakpDjkByGkBwmJo3z+XxISJImSUJyStZ3CZ+O39v7vf1f/+ud+3ddz2Xdez33etbe9372Xs9jZr7pOKhag+qV6xER/Fvwwj9JABALAP0A4BoACACgdFzpuPP92SUm/XsHYX+vh1Ov9AzYlcT1z9q4/lkb1z9r4/pnbVz/rI3rn7Vx/bM2rj9jWdnGqfmv5S3rbnz//79fnT/t4e///yKZJUZ/sbrE9Z0AYv5qCtc/a+P6/9cK/spOXP+sjeufVcVe6Qmw/wX4/M8Ksv1pD9c/a+P6M5aVXen7z1d6g0jWfg2u9PuPMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxljWcMpfpgDgUvtKz4sxxhhjjDHGGGN/H5/tSs+AMcYYY4wxxhhj//MQBEhQEEAMZINYyA45QADA1ZALroEIXAtxcB3khushD+SFfJAf4qEAFAQNBiwQhFAICkMUboAicCMUhZugGBQHByUgAW6GknALlIJboTTcBmXgdigL5aA8VIA7oCLcCZXgLqgMd0MVqArVoDrcAzXgXqgJ90EtuB9qwwNQBx6EuvAQ1IOHoT48Ag3gUWgIj0EjaAxNoCk0+yv5Mb/NfxG6wkvQDbpDEvSAnvAy9ILe0Af6Qj94BfrDqzAAXoNkGAiD4HUYDG/AEHgThsIwGA5vwQgYCaNgNIyBsZAC42A8vA0T4B2YCJNgMkyBVJgK0+BdmA4zYCa8B7PgfZgNc2AuzIM0+ADmwwJIhw9hIXwEGbAIFsMSWArLYDmsgJWwClbDGlgL62A9bICNsAk2wxbYCttgO3wMO+AT2Am7YDd8Cnvgs38x/+Rv8jshIKBAgQoVxmAMxmIs5sAcmBNzYi7MhRGMYBzGYW7MjXkwD+bDfBiP8VgQC6JBg4SEhbAQRjGKRbAIFsWiWAyLoUOHCZiAJfEWLIWlsDSWxjJYBstiOSyHFbACVsSKWAkrYWWsjFWwClbDangP3oM9sCbWxFpYC2tj7Uu3p7Ae1sP6WB8bYANsiA2xETbCJtgEm2EzbI7NsQW2wFbYCltja2yDbTARE7EttsV22A7bY3vsgB2wI3bETtgZO2e+mA3wJXwJu2MV0QN7Yk/shcnZ+mBf7IuvYH98FV/F1zAZB+IgfB1fxzdwCJ7AoTgMh+NwrChG4igcjSTGYgqm4HgcjxNwAk7ESTgJp2AqTsVpOA2n4wycge/hLHwf38c5OAfnYRqm4XxcgOmYjgvxJGbgIlyMS3ApLsOluAJX4gpcjWtwNa7DdbgBN+Am3IRbcAtuw234MSoA/AR34S5Mxj24B/fiXtyH+3A/7sdMzMQDeAAP4kE8hIfwMB7GI3gUj+FRPI7H8QSexFN4Cs/gGTyLz8d/Vf/jm1YlgzhPCSViRIyIFbEih8ghcoqcIpfIJSIiIuJEnMgtcos8Io/IJ/KJeBEvCoqCwggjSIQxACCiIiqKiCKiqCgqioliwgknEkSCKClKilKilCgtbhNlxO2irCgnWroKooKoKFq5SuIuUVlUFlVEVVFNVBfVRQ1RQ9QUNUUtUUvUFrVFHfGgqCt6YB98WJyvTAMxEBuKQdhINBby4idYczEEW4iWopV4UgzDodhGNHeJ4hnRVozCduIfYjQ+JzqIsdhRvCA6ic6ii3hRdBUtXDfRXUzEHqKnmIK9RG/RR/QV07GqeA9nZa8mXhPJYqAYJF4X8/ANMUS8KYaKYWK4eEuMECPFKDFajBFjRYoYJ8aLt8UE8Y6YKCaJyWKKSBVTxTTxrpguZoiZ4j0xS7wvZos5Yq6YJ9LEB2K+WCDSxYdiofhIZIhFYrFYIpaKZWK5WCFWilVitVgj1op1Yr3YIDaKTWKz2CK2im1iu/hY7BCfiJ1il9gtPhV7xGdir/hc7BNfiP3iS5EpvhIHxNfioPhGHBLfisPiO3FEHBXHxPfiuPhBnBAnxSlxWpwRP4qz4idxTngBEqWQUioZyBiZTcbK7DKHvErmlMHFV/daGSevk7nl9TKPzCvzyfwyXhaQBaWWRlpJMpSFZGEZlTfIIvJGWVTeJIvJ4tLJEjJB3ixLyltkKXmrLC1vk2Xk7bKsLCfLywryDllR3ikhcuEYVWRVWU1Wl/fIJLhX1pT3yVryfllbPiDryAdlXfmQrCcflvXlI7KBfFQ2lI/JRrKxbCKbymbycdlcPiFbyJaylXxStpZPyTbyaZkon5Ftpb/4FnlOdpDPy47yBdlJdpZd5E/ynPSym+wuoQfInvJl2Uv2ln1kX9lPviL7y1flAPmaTJYD5SD5uhws35BD5JtyqBwmh8u35Ag5Uo6So+UYOVamyHFyvHxbTpDvyIlykpwsp8hUOVX2uTjSTCn/af7bf5A/4Oejb5Ab5Sa5WW6RW+U2uV1+LHfIHXKn3Cl3y91yj9wj98q9cp/cJ/fL/TJTZsoD8oA8KA/KQ/KQPCwPyyPyqDwtv5fH5Q/yhDwpT8rT8ow8I89efA1AoRJKKqUCFaOyqViVXeVQV6mc6mqVS12jIupaFaeuU7nV9SqPyqvyqfwqXhVQBZVWRllFKlSFVGEVVTfgxTeMKqaKK6dKqAR187+Sr4qoG1VRddOv8i/NL0kFEv5gfs1UM9VcNVctVAvVSrVSrVVr1Ua1UYkqUbVVbVU71U61V+1VB9VBdVQdVSfVSXVRXVRX1VV1U91UkkpSPdXLqpfqrfqovqqfekX1V/3VADVAJatkNUgNUoPVYDVEDVFD1VA1XA1XI9QINUqNUmPUGJWiUtR4NV5NUBPURDVRTVaTVapKVdPUNDVdTVcz1Uw1S81Ss9VsNVfNVWkqTc1X81W6SlcL1UKVoRapRWqJWqKWqWVqhVqhVqlVao1ao9apdSpDbVQb1Wa1WW1VW9V2tV3tUDvUTrVT7Va71R61R+1Ve9U+tU/tV/tVpspUB9QBdVAdVIfUIXVYHVZH1BF1TB1Tx9VxdUKdUKfUKXVGnVFn1Vl1Tp07v+wLRCACFaggJogJYoPYIEeQI8gZ5AxyBbmCSBAJ4oK4IHdwfZAnyBvkC/IH8UGBoGCgAxPYQFwsejS4ISgS3BgUDW4KigXFAxeUCBKCm4OSwS1BqeDWoHRwW1AmuD0oG5QLygcVgjuCisGdQaXgrqBycHdQJagaVAuqB/cENYJ7g5rBfUGt4P6gdvBAUCd4MKgbPBTUCx4O6gePBA2CR4OGwWNBo6Bx0CRoGjT7W8f3/kTeJ1w33V0n6R66p35Z99K9dR/dV/fTr+j++lU9QL+mk/VAPUi/rgfrN/QQ/aYeqofp4fotPUKP1KP0aD1Gj9Upepwer9/WE/Q7eqKepCfrKTpVT9XT9Lt6up6hZ+r39Cz9vp6t5+i5ep5O0x/o+XqBTtcf6oX6I52hF+nFeoleqpfp5XqFXqlX6dV6jV6r1+n1eoPeqDfpzXqL3qq36e36Y71Df6J36l16t/5U79Gf6b36c71Pf6H36y91pv5KH9Bf64P6G31If6sP6+/0EX1UH9Pf6+P6B31Cn9Sn9Gl9Rv+oz+qf9Dntzy/uz3+9G2WUiTExJtbEmhwmh8lpcppcJpeJmIiJM3Emt8lt8pg8Jp/JZ+JNvCloCprzyJApZAqZqImaIqaIKWqKmmKmmHHGmQSTYEqakqaUKWVKm9KmjCljypqyprwpb+4wd5g7zZ3mLnOXudvcbaqaqqa6qW5qmBqmpqlpaplaprapbeqYOqauqWvqmXqmvqlvGpgGpqFpaBqZRqaJaWKamWamuWluWpgWppVpZVqb1qaNaWMSTaJpa9qadqadaW/amw6mg+loOppOppPpYrqYrqar6Wa6mSSTZHqanqaX6WX6mD6mn+ln+pv+ZoAZYJJNshlkBpnBZrAZYoaYoWaYGX5+oWpGmlFmtBljxpoUk2LGm/FmgplgJpqJZrKZbFJNqplmppnpZrqZaWaaWWaWmW1mm7lmrkkzaWa+mW/STbpZaBaaDJNhFpvFZqlZapab5WalWWlWm9VmLaw16816s9FsNJvNZrPVbDXbzXazw+wwO81Os9vsNnvMHrPX7DX7zD6z3+w3mSbTHDAHzEFz0Bwyh8xhc9gcMUfMMXPMHDfHzQlzwpwyp8wZk/fi96U3sTa7zWGvsjnt1TaXvcb+Ns5n89t4W8AWtNrmsXl/FRtrbVF7ky1mi1tnS9gEe/Pv4rK2nC1vK9g7bEV7p630mxhsDXuvrWnvs7Xs/ba6vedXcW37gK1jH7V1EQFsY1vfNrUN7KO2oX3MNrKNbRPb1La2T9k29mmbaJ+xbe2zv4vn2wV2pV1lV9s1dqfdZU/Z0/ag/caesT/abra77Wdfsf3tq3aAfc0m24G/i4fbt+wIO9KOsqPtGDv2d/FkO8Wm2ql2mn3XTrczfhen2Q/sLJtuZ9s5dq6d93N8fk7p9kO70H5kM2wAi+0Su9Qus8vtiv871yV2nV1vN9gd9hO72W6xW+02u/3SQtjusrvtp3aP/cwesF/bffYLu98espn2q5/j88/vkP3WHrbf2SP2qD1mv7fH7Q/q59yRvQDsj/Z7+5M9Z70FQgKSpCigGMpGsZSdctBVlJOuplx0DUXoWoqj6yg3XU95KC/lo/wUTwWoIGkyZIkopEJUmKJ0A12aXjEqTo5KUALdTCXpFipFt1Jpuo3K0O1UlspReapAd1BFupMq0V1Ume6mKlSVqlF1uodq0L1Uk+6jWnQ/1aYHqA49SHXpIapHD1N9eoQa0KPUkB6jRtSYmlBTakaPU3N6glpQS2pFT1Jreora0NOUSM9QW3qW2tE/qD09Rx3oeepIL1An6kxd6EXqSi9RN+pOSdSDetLL1It6Ux/qS/3oFepPr9IAeo2SaSANotdpML1BQ+hNGkrDaDi9RSNoJI2i0TSGxlIKjaPx9DZNoHdoIk2iyTSFUmkqTaN3aTrNoJn0Hs2i92k2zaG5NI/S6AOaTwsonT6khfQRZdAiWkxLaCkto+W0glbSKlpNa2gtraP1tIE20ibaTFtoK22j7fQx7aBPaCftot30Ke2hz2gvfU776AvaT19SJn1FB+hrOkjf0CH61nen7+gIHaVj9D0dpx/oBJ2kU3SaztCPdJZ+onPkCUIMRShDFQZhTJgtjA2zhznCq8Kc4dVhrvCaMBJeG8aF14W5w+vDPGHeMF+YP4wPC4QFQx2a0IYUhmGhsHAYDW8Ii4Q3hkVDDIuFxUMXlggTwpvDkuEtYanw1rB0eFtYJrw9LBuWCx+9v0J4R1gxvDOsFN4VVg7vDquEVcNqYfXwnrBGeG9YM7wvrBXeH5YKHwjrhA+GdcOHwnrhw2H98JGwQfho2DB8LGwUNg6bhE3DZuHjYfPwibBF2DJsFT4Ztg6fCtuET4eJ4TNh2/DZn/sfWPDn/Ulhj7Bn+HL4cuj9fXJudF40LfpBdH50QTQ9+mF0YfSjaEZ0UXRxdEl0aXRZdHl0RXRldFV0dXRNdG10XXR9dEPU++rZwKETTjrlAhfjsrlYl93lcFe5nO5ql8td4yLuWhfnrnO53fUuj8vr8rn8Lt4VcAWddsZZRy50hVxhF3U3uCLuRlfU3eSKueLOuRIuwTV1zVwz19w94Vq4lq6Ve9I96Z5yT7mn3dPuGdfWPevauX+49u4518E97553L7hOrrPr4l50Xd24XBfOySTX0/V0vVwv18f1cf1cP9ff9XcD3ACX7JLdIDfIDXaD3RA3xA11Q91wN9yNcCPcKDfKjXFjXIpLcePdeDfBTXAT3UQ32U12qS7VTXPT3HQ33VWcceEos91sN9fNdWkuzc1359eM6W6hW+gyXIZb7Ba7pW6pW+6Wu5VupVvtVru1bq1b79a7jW6j2+w2u61uq9vutrsdbofb6a+5MKjb4/a6vW6f2+f2uy9dpvvKHXBfu4PuG3fIfesOu+/cEXfUHXPfu+PuB3fCnXSn3Gl3xv3ozrqf3DnnXUpkXGR85O3IhMg7kYmRSZHJkSmR1MjUyLTIu5HpkRmRmZH3IrMi70dmR+ZE5kbmRdIiH0TmRxZE0iMfRhZGPopkRBZFFkeWRJZGlkW8L7A59IV8YR/1N/gi/kZf1N/ki/ni3vkSPsHf7Ev6W3wpf6sv7W/zZfztvqwv58v7x3wj39g38U19M/+4b+6f8C18S9/KP+lb+6d8G/+0T/TP+Lb+Wd/O/8O398/5Dv5539G/4Dv5zr6Lf9F39S/5br67T/I9fE//su/le/s+vq/v51/x/f2rfoB/zSf7gX6Qf90P9m/4If5NP9QP88Nj3vIjLl0iw1if4sf58f5tP8G/4yf6SX6yn+JT/VQ/zb/rp/sZfqZ/z8/y7/vZfo6f6+f5NP+Bn+8X+HT/oV/oP/IZftGlm8p+uV/hV/pVfrVf49f6dX693+A3+k1+s9/it/ptfrv/2O/wn/idfpff7T/1e/xnfq//3O/zX/j9/kuf6b/yB/zX/qD/xh/y3/rD/jt/xB/1x/z3/rj/wZ/wJ/0pf9qf8T/6s/4nf45/Z40xxhhj7C8Zd7kpft1z4XZ+jz/IEb/YuScAXL0lf+Yv+8+vKNfmudDuLeJbRwDgme4dH760VamSlJR0cd8MCUHhOQCX/ifovBi4HC+CVvAUJEJLKPmH8+8tOp+hfzJ+9DaAHL/IiYXL8eXxPwfApD8Y//Enh88vE56K+3+MPwegaOHLOdnhcrwIWv18f6UllPqT+edt/sv5x/5+/OxfpAC0+EVOTrgcX55/AjwBz0Lir/ZkjDHGGGOMMcYu6C3Kt790/XnpJz7/6Po8Xl3OyQaX4392fc4YY4wxxhhjjLEr77nOXZ5+PDGxZft/vVHp/yvrLzcawv/UyNz4w4b3AJceUQDwbw4IcL4h/5PPYtN/5FjJF0+d33YtPe0D+N9RSvwbzp0r/MHEGGOMMcYY+9tdXvT/+nF1pSbEGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xlQf+Jv0Z2pZ8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9nwAAAP//+BMB0A==")
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x0, 0x1)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0)

4m22.850204304s ago: executing program 6 (id=364):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a34000000000a4f1c0000000000000000020000000900010073797a300000000008000240000000020900010073797a310000000014000000110001"], 0x5c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)={{0x14}, [@NFT_MSG_NEWCHAIN={0x50, 0x3, 0xa, 0x801, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_ID={0x8}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x28, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x148bc9a0}, @NFTA_HOOK_HOOKNUM={0x8}, @NFTA_HOOK_DEV={0x14, 0x3, 'dvmrp0\x00'}]}]}], {0x14, 0x11, 0x1, 0x74, 0x0, {0x1}}}, 0x78}}, 0x0)

4m22.082534618s ago: executing program 6 (id=369):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=@newtfilter={0x38, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, {0xfff2, 0x4}, {}, {0x5, 0x10}}, [@filter_kind_options=@f_flow={{0x9}, {0x8, 0x2, [@TCA_FLOW_EMATCHES={0x4}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x400c021}, 0x20040054)
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$inet(r0, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast2, @empty}}}, @ip_retopts={{0x18, 0x110, 0xc, {[@timestamp_addr={0x44, 0x4}]}}}], 0x38}, 0x0)

4m21.087487953s ago: executing program 33 (id=369):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=@newtfilter={0x38, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, {0xfff2, 0x4}, {}, {0x5, 0x10}}, [@filter_kind_options=@f_flow={{0x9}, {0x8, 0x2, [@TCA_FLOW_EMATCHES={0x4}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x400c021}, 0x20040054)
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$inet(r0, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast2, @empty}}}, @ip_retopts={{0x18, 0x110, 0xc, {[@timestamp_addr={0x44, 0x4}]}}}], 0x38}, 0x0)

5.31376797s ago: executing program 5 (id=3186):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x40, &(0x7f0000000340), 0x1, 0x58c, &(0x7f00000005c0)="$eJzs3T1sG2UfAPD/neO3X3mbvtL7Si+oQwVIRarqJP2AwtSuiEqVOiCxlMhxoyhOHMUONFGGdK8QHRCgLmWDgRHEwIBYkFhYWUDMSBWNQGo6gJG/0jaxg1OaOI1/P+nse+45+/88d/4/9p3u5AD61rHaQxrxTERcSiKGHqobiGblscZ6qytL+fsrS/kkqtXLvyaRRMS9laV8a/2k+XwoIpYj4v8R8U024kS6MW55YXFqrFgszDXLw5Xp2eHywuLJyemxicJEYeb0y6+cPXfm7Oip0c6Nz26trzd+uvnuje9fu33z08+OLuffH0vifAw26x7ux5PU2CbZOL9u+ZntCNZDSa8bwGPJNPO8lkr/i6HINLO+nerQjjYN2GbVfRHVrUiWt7Q6sJslW8t/YM9o/Q6oHf+2pp38/XHnQuMApBZ3tTk1agYa5yZif/3Y5OBvySNHJrXjzSM72VD2pOXrETEyMLDx8580P3+Pb+RJNJBt9fWFxo7auP/TtfEn2ow/g61zp/9Qa/xb3TD+PYif6TD+Xeoyxh9v/vxRx/jXI55tGz9Zi5+0iZ9GxFtdxr/1xpfnOtVVP444Hu3jtySbnx8evjpZLIw0HtvG+Or40Vc36//BDvEb52z3179m2m3/2S77/8W3nz+3vEn8F5/ffP+32/4HIuK9LuP/594nr3equ3M9uVv7FbDV/V9bdrvL+C+dP/Zjh6oDXb4FAAAAAAAAAADQRlq/li1Jc2vzaZrLNe7h/W8cTIulcuXE1dL8zHjjmrcjkU1bV1oNNcpJrTzavB63VT61rnw60wyYOVAv5/Kl4niP+w4AAAAAAAAAAAAAAAAAAAC7xaF19///nqnf/7/+76qBvarzX34De538h/71aP4nPWsHsPN8/0Pfqsp/6F/yH/qX/If+Jf+hf8l/6F/yH/qX/AcAAAAAAAAAAAAAAAAAAAAAAAAAgG1x6eLF2lS9v7KUr5XHBxbmp0pvnxwvlKdy0/P5XL40N5ubKJUmioVcvjT9d+9XLJVmR2Jm/tpwpVCuDJcXFq9Ml+ZnKlcmp8cmClcK2R3pFQAAAAAAAAAAAAAAAAAAADxdButTkuYiIq3Pp2kuF/HviDgS2eTqZLEwEhGHI+KHTHZfrTza60YDAAAAAAAAAAAAAAAAAADAHlNeWJwaKxYLc30yM7BhyXedV46I5SfbjNo7bvlV2ea+2i3b8GmbObw7mvGUzfR4YAIAAAAAAAAAAAAAAAAAgD704Kbfbl/x5/Y2CAAAAAAAAAAAAAAAAAAAAPpS+ksSEbXp+NALg+tr/5WsZurPEfHOrcsfXBurVOZGa8vvri2vfNhcfqoX7Qe61crTVh4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD5QXFqfGisXC3DbO9LqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/jrwAAAP//iG/XoQ==")
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
rt_sigtimedwait(&(0x7f0000000200)={[0x10000]}, 0x0, &(0x7f0000000740)={0x77359400}, 0x8)

4.777529329s ago: executing program 5 (id=3196):
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0x0, 0x2)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

4.015834012s ago: executing program 7 (id=3209):
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r0, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x4e20, @local}, 0x10, 0x0, 0x0, &(0x7f0000000600)=[@rdma_map={0x24, 0x114, 0x3, {{0x0}, 0x0, 0x31}}], 0x30}, 0x0)

3.805542587s ago: executing program 3 (id=3213):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000006c0)={0x34, r1, 0x1, 0x70bd2a, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_MASTER_SLAVE_CFG={0x5}]}, 0x34}}, 0x0)

3.800361017s ago: executing program 7 (id=3214):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="240000002000010327bd7000ffdbdf2502000000000000050e00000008000b0090"], 0x24}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="2800000021000100"], 0x28}}, 0x0)

3.530476042s ago: executing program 3 (id=3220):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r0, &(0x7f0000000080)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0002}}}, 0x14)
sendmsg$802154_dgram(r0, &(0x7f0000000100)={&(0x7f0000000140)={0x24, @long={0x3, 0xffff}}, 0x14, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x4008144}, 0x0)

3.465389537s ago: executing program 7 (id=3222):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$NLBL_CALIPSO_C_ADD(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="09180000000000000000010000000800020002000000080001"], 0x24}}, 0x0)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="140100001f000504000000000000000005"], 0x114}], 0x1}, 0x0)

3.296494863s ago: executing program 3 (id=3223):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000180)=@assoc_value, &(0x7f00000001c0)=0x8)

3.213188881s ago: executing program 7 (id=3226):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140))
ioctl$sock_rose_SIOCADDRT(r0, 0x890b, 0x0)

3.112043625s ago: executing program 1 (id=3227):
syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="00af268263b121dc03d7d9b98b9cdb76841d31005b31fdfd141b652968fbeae7aac982a517703dc5950f6728aecf5ec337b119ffd66d0a02970718ba573db352906385cece74366e628b6a775c9a6f6fff046416c6240e39a647186c4cf0b360bd17d4cdbd912dc61fd24e6f17d8"], 0x1, 0x152, &(0x7f00000007c0)="$eJzs0E1LKnEUx/Hf3Bnlcq/eBzKwFia0aEjMacRatdBIEtKBwk0rwSYKFCOhXBrRrkXQ1oXlVnwLlrWxRgh7E23cBS0n/o7Rw67977MZ5nsOh2FWlnoqgoAMx3KpuLdvlsvmVnDdSCc3ntrtuOhuAD8/zZ39qziwI54KMDgCRL7xAtu7BXMuXyqI90EcUAEkfjtdg7P7SzSf0+YhSaKp00Bn3Gn6aO9ji47apAIk/r7fsy+AGXHv/9s94BlApRZquZCxbNu2xfeepEJTY5LTm3cZq5sKzwbMUz050fD4ZWTN20skhvPHSDf8EGk1+z0rvWakjV5U1xeimqJpsb5xb6Vi1TMoq54DYPPLPTf8ASULHEvA+XA2uJa8ADr1F6P4Z7E++tfVQzkISJVaPud3NXK+fz8gq5BARERERERERERERERERET0Xa8BAAD//wFeZcY=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000200)=""/179, 0xb3)

3.100988984s ago: executing program 3 (id=3228):
syz_usb_connect(0x5, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xc7, 0x3d, 0x8a, 0x8, 0x2770, 0x9120, 0x6c77, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x91, 0xb0, 0xe2}}]}}]}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00v\x00\t\x00'/20, @ANYRES32=0x0, @ANYBLOB="04000d80080001"], 0x24}, 0x1, 0x5502000000000000}, 0x0)

2.952492981s ago: executing program 7 (id=3231):
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000000)='./file1\x00', 0x810, &(0x7f0000000140)={[{@nossd_spread}, {@nodatacow}, {@enospc_debug}, {@nossd}, {@nodatasum}, {@autodefrag}, {@user_subvol_rm}, {@max_inline={'max_inline', 0x3d, [0x6d, 0x33, 0x78, 0x39, 0x38, 0x36]}}]}, 0x1, 0x50f3, &(0x7f000000a2c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734fVCUoXQKNkkNY6beL22gUQtVdaUqhEpzbqhoCqi2NhrsnjBjm1KjEJkbCIaIShtkJIPRRhFUc0HqBWISAoIFymOUHlEVEUBBAqtIQoipSQRaYIUqtl7z+ydc3cefqzx0t9P8s6Z+Z/nnYfn3HvnXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/h4Feu+dtm8Ud/e96zL1w8fsWetRe/et15pz4ZwsTM4x1ZuKP/xtvHf373uffseWD1HfcdPv+jvXm5PB4Gqn868zs3xFoPLw7h/o4QutPAisEs0JPfH4z1vW8whFPCbKBWYrI/K5E2HL7fF8K+MBuoVfW9vhAGC4ELn3rk4Zuridv6QlgaQqikbTxfydroSwNn9GaB/jSwtTsL/OqtTC3w3c4sAMcsvhlqL/oDE/UZhucu1+D113PcOvb2SofXFRPDjfP9bO08d6qgN31g4pietlJ1zIvS2+Ogd9sCeLeVtvOtnrbiF6n8G8pbs6FK6Nw0uXnD1dM74yOdYXS0q1FN8/Q8P/P6lzYeSXrBvA5jB4aPy+vwlieW3t21/ILH71ux9OX9H9v7yrF280eFTVpMz7dKyF9zC+Z5jMZ9niyAt1/pW9KIL10hhM2f/73PNIuX5v/Dzef/8eUcbzvrcsda3xzK5ubxkcGYeG0om5sDAADAgrEQ9ppuHX3oE83qK83/R9o7/h8P+eeT+Wy0B0MYn0nsXRLCaTOPZ4G7YnOXLQnhgzOpifrA2iRwMIT3ziSW16pKSiyKJUaSwE+G8sB4EjgUAxNJ4FsxcGsSuCEGDiSBjTFwMAmcGwNhqn4cvz+Uj6PtQF8MrM824oF4FsIvhmJrybZ6rlYVAADAcZLPDnvq7xbOdTjWDHF6eaCvVYZ4BnbDDJWkhnQGW5tWNayhu1UNna1qqI17d/Phl2ruaFVz6TSMjvoMt//ybz4bmijN/8eaz/8rc3Sko3T8P4R1M39j7s48Ml2Lr5+oywAAAAAcg4H/ffGbzeKl+f94e+f/x30iXYXM4bG4G2LLkhDG6gNZtX9YDmRHvQfyAAAAACwEtePxtWPhU/ltdop2Op8u5584wvzxwP/4nPl7Dz64vll/S/P/ifbO/++vv806cSj24mtLQlhUCPwg9rIamDESAz/+ZH0gH/+huAFuilXlJybUqropllgfA2NJYF+jEj+slTitPpA/WbXG99bGMZWXKAQAAADghIu7A+Jx+Xj+/4d+s/qaZuVK8//1R3b+/8w8uHR6//RACCu7Q+hKfxjwWH+2MGAMDHbkiYf6s7q60qqu7w/hnOrA0qpezNf/707XGHyqL6sqBk770P7Xz6gmvtkXwspi4OnP3XlWNbEzCdQa/8u+ED5QHW3a+HcWZY33pI1/fVEI7y8EalVdtiiEamO9aVWPVPLrGKRV/XMlhHcVArWqzq6EsCsAsEDF/0o3FR/csevaLRumpye3z2Mi7sPvC5unpidHN26d3lRp0KdNSZ/rljG6vjymdq9881y+RNFF964bbCdd+53gWLGtfD9+6cTB/H78LtQzM87VPXV316RD/siHy02EwjepRkPunOch9xcrmX0SS/XH/L1hICy6esfk9tEvbti5c/uq7G+72Vdnf+NhpmxbrUq3Vf9cfWvj5dFwtazE0W6rZcVKVu68ctvKHbuuXTF15YbLJy+fvGrV2avHzhxbM/bxM1dWRzWW/W0x1GVzVZ0M9a072xzXcRzq6d2FSk7Ep4aEhMRCS2wdWNb0/+TS/H9b8/l//NSJn/z5+gyNjv8Px8P82eOzh/nXx8C+do//Dzc6ml87MWAkCeyOgd0O8wMAAPDOECf5cW9m3Cv90+XfeblZudL8f3d7v/8/Tuv/15auP7/RMv/LY4mxRuv/p8v819b/391o/f90mf/a+v/73ob1/6+uBZJN8gvr/wMAAO8EJ279/5bL+6cXCChlaLm8f3qBgFKGlsv4t3uBgCNe///5//yr/w5NlOb/t7Y3/7dwPwAAAJw8vvxn1/xOs3hp/r+vvfn/iV//LzQ6/3+kUWCi0cKA1v8DAABggWq0/t/wjf2XNitXmv8faG/+H0+76KzLHWt9cyhb0y6ka9q9NlT7yQAAAAAsDJ1hdLSnzbx1K6OuPfo2n8mXAm2WLnrxTw4f2fn/B9ub/9f9LuOWJ5be3bX8gsffvG/F0pf3f2zvK7PH/wEAAID50+5+CQAAAAAAAAAAAAAA4O334n/sWdMsXvr9f1g383ij3//H6/7F3xe8uy53rLX1+n/5/Qs/fc+umSULHxsK4cPFwJY9W04J+bX5lxUDD1+y/D3VxJ60xIMvnPtSNXFpGvjUilPfqCbOSQLr4yKJ700D8aqKbyxOAnF5xX9PA3F7HEgDvXngq4uzcXSk2+qng9m26ki31bODISwpBGrb6v7BrI2OdIC3JYHaAL+QBuIA/zwPdKa9umcg61UMDMaidwxkvQIA4KQVvwX2hM1T05Nj8St8vD29u/42qluy7PpytR1tNv9cvjTZRfeuG2wn3ZV+F5291nhPqFSHsKr0dbWYpWNmlMenlhab7t0NhtxqtbfOBuVSR7rpehuPqC8b0ejGrdObeloOfE3rLKu7W2ZZVZrsFLN0zmzSNmppoy9tjKjNbdNGl+P9zjA62pXk+oMYHA51Wr0i2v29fnGdv0avgmKeqw7v/VWz+krz/+H25v+V4rjeyC8GsDteWe/vlljmHwAAAObXV9f++hvx32dvfPTpZnlL8/+R9ub/cQ9Wfig429txMF7/f++SEGYurT+cBe6KzV22JIQPzqQmYonsgvrnxxJjWeCuuMNkeSyxfqK+qkUxcCAJ/GQoDxxMAodiIN9LsT/ku3L+fiiEs2ZS6+pLbIslhpPAZ2JgJAmMxsBYElgcA+NJ4NXFeWAiCfxbDISp+m117+J8WwEAAByJfJ7VU383pPO8A92tMnS0ytDfKkNnqwyVVhkajSLe/3bM0JOcvNJRyNST1tqX1FLKEC+Gf8T9KmUIP6zPmRYsNR3PP6idb9BRn+GBT3RXQhOl+f9Ye/P//vrbrPVDcf4/e/2/LPCD2L2vxVPHR2Lgx5+sD+Q7Bg7Fye5Ntaom8hL5pP2mWGI8BkaSwLYYGE8C69flgX3vqQ/kM+1a43trjU/lJQoBAAAAOOHiDoK4mybO/+/Y8ZWBZuVK8//x9ub/sb2BYmM3xFoPLw7h/o7Z3tQCKwazQNyPMRh/Hv++wRBOKezgqJWY7M9K9CYNh+/3Zb9Q702r+l5f9uODeP/Cpx55+OZq4ra+EJYW9r7U2ni+krXRlwbO6M0C/Wlga3cWiHt+aoHvdmYBOGa1vYLxBZWf6lIzPHe5Bq+/d8o1QdPhlfaBzpFvrt9czZfSDtd8n2rNkT1tTfffctyU3h4HvdsW4rtt2Lut+EUq/4by1myoEjo3TW7ecPX0zvhI8ZesJfP0PBd/pdpO+ji8DncffW9bq6QdGEs+PsbmLjf367AjVnfLE0vv7lp+weP3rVj68v6P7X2l7W40EH8o/Mh1/zr4o8LmnW+VkL/mFtznyYTPk4X438CIpy2EsO7Vr9/ULF6a/0+0N//vTm5n/DpuzB1LQvhIYeM+Fjf/Hy/JPgcLgexT8l3lQHbI/b+GGn5yAgAAwPFW291R218wld9mJ4Sn8+Ry/okjzB/3V4zPmb/dfvf/9SVLm8VL8//1zef/i5JuOv7v+D/zxPH/OZ3su6IXpQ/sPqZd0aXqmBeO/8/pZH+3Of4/J8f/Hf+fi+P/LTj+P6eT/WkrfUva5ktXCOHlP3ro2Wbx0vx/W3vzf+v/zb1oX239v/WN1v/b1mj9v93W/wMAAOZVg4Xm0nleafW+UoZ09b5ShpYLBLZcYtD6f0e8/t9Lpz//m9BEaf6/u735f3w5DBRbXyjr/42sa1DVrTGwzcKAAAAAnIwa7SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg7fXAP/zPpmbxR3973rMvXDx+xZ61F7963XmnPhnC1MzjHVm4o//G28d/fve59+x5YPUd9x0+/6OVvFxPfvu7dbljrW8OhbCv8MhgTLw2VL0zG7jw0/fs6q4mHhsK4cPFwJY9W06pJr41FMKyYuDhS5a/p5rYk5Z48IVzX6omLk0Dn1px6hvVxDl5oCPt7j8uzrrbkXb35sUhLCkEat29YnF9VbU2/jQPdKZt/NNg1kYMDMai3xjM2oiB6VhialEIK7tD6EqrerSSVdWVVvUvlayqrrSqL1dCOCeE0J1W9UJvVlV3OvIne7OqYuC0D+1//YxqYl9vCCuLgac/d+dZ1cQXkkCt8b/oDeED1ZdM2vi3e7LGe9LGb+sJ4f0hhN60xC+7sxK9aYkXu0N4VyFQa/zz3SHsCrwjxA+fuk+0Hbuu3bJhenpy+zwmevO2+sLmqenJ0Y1bpzdVkj410lFIv3X90Y/9ude/tLF6e9G96wbbSXfn5Xpmury6p+7umpO997Ff/cVKZp+PUv0xf28YCIuu3jG5ffSLG3bu3L4q+9tu9tXZ3648mm2rVQtlWy0rVrJy55XbVu7Yde2KqSs3XD55+eRVq85ePXbm2Jqxj5+5sjqqsezv8RjqnSd+qKd3Fyo5ER8AEhISCy3RWffpNnayf5CXvujPdrQnVGY+oEvTimKWjplRHo9Brz3KER/N95SWI1pVmjiUsqyeI8v19VnWlCYTs7X0ZVlmvteVJofFxjpnNmm83xlGR7sabYfh+rvFzfuzY9i8z+Sbrt00AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/HDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8rcPo2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEsBAAD//+erI4o=")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14d27e, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x4)

2.907535591s ago: executing program 1 (id=3232):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000180)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c696e6f646536342c00655d9e4bfc7653603c61402ea595826c43b900e2426c63ec8f2848ba9bf63fa83ccd1540b5629c7bd796df672ec26f60"], 0x1, 0x4421, &(0x7f0000004500)="$eJzs3c9PHGUfAPBnBt63UNsKtYeamLiJTTRqCPSk0kRKaSm0WFNtY7xsF9i26MI2sBgPPeCtiScTD8ZDo4k3Tg0Hr/VP8OKxnpvowYuJSSNmd2eBGXbDSliwzeeTlNl5fu9+d5595jB94kTl9txSbm4pV1jIlWduLp3OfVYuLc8XQ7xPDrp/2tOJOIn9wbly7sIH10+H8NPsL4/X19fXQ1V3aGpoy+s//7g7s/XYEGfqVNtt3tpe+TiEcGLbuKq6Qggf/RhCFEI4m6SNJsfeEMKxUM+7fvfLG7k9Gs2DR8Uz+SdT99aGT02u3l9r/d6jEL4tvfjmrfnfXuka/vX1PeoeAAAAAAAAAAAAAAAAAICn3PjVK9feHxwKD6PQvRptf153PDm2ej52fc+83Pk3CwAAAAAAAAAAAAAAAAAAAP9Rm8//56LjTZ7/H0uOIy3qr7/b+THSORPvXRk7PziU7P8ebct/K0n6/WxX6G+y73t2//ezmfrN93/f3s9uNcbX6LcvRPFA6jyOBwZC+D7Z+P1kdDgulZcqb9wsLy/M7tkwnlrp+Nd3709FJ9nQv934j2ba7/z+/y9s+zZVz2/s3VfsmZaOf1fLcj98EbUV/3OZevsRf3YvHf/uWlrv1gIj9QmgGv+vuneO/1im/U7F/1gIIRdVx5pLzQDVNUw1vdV6hbR0/P9XS0tNnckH2er6/ysT//OZ9g9q/l/J/hDRVDr+/6+l9aRKbF7//fHO1/+FTPsHEf/q+Ff8/rclHf9D9cTuVJHaJ9nu/D+eab9T8b8WJ+M8FqW+AatRPb3V/1dHWjr+PdvyN+//4rbWfxcz9ffr/q/Rb+P+rzH9vxbV7/9oLh3/3pbl2r3+JzL1Oj3/j9TWf+xWOv6Ha2nptXNf7W+78Z/MtN+p+NdWJT2N+G/OJ38fqqd/Z/3XlnT8n6snxltLrNT+1tZ/0c7r/0uZ9g9i/Vcd/0rc2V6fFen4H2lZrhr/n9v4/b+cqdf5+IcwaK2/a+n4H21Zrnb99+wc/6lMvU7H/9VONg4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFBhNjn0higdS53E8MBDCueT8ZDgcTRdm89Ol8synSyGMJem5cDy6VSpPF0r5uYXybDFfKJXKMyGcT/JPhJ5oqVSu5OcLdy5stNUb3S4WFivTxUIlhDCepL8Ujjbamp6rzBfuhBAubuQ9H5cX79wuLORn5xbfGRwcHAwTG2Poj4qfV4oLlXrv9dwQJjfq9kVbBlfLvrQxliPRJ+XlxYVCqZZ+eUudUnmmUNpSZyrJ+zr0R5XF5YWZQqWYL5VvNfo7SCPJcWzi6odXLw9ty78R1Y+j+zssAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6lh8NvfxNC6K6fxSGEXJS8iJJ/KQ8eFc/kn0zdWxs+Nbl6f+1xszIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/7ADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFXfpHaSCI4gD8Ziy09BhWy25nu6KIFq4InkCP4WH0KF7CO1ikSJsiBJJZCPsHtkmq72sezI+Z92AeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyz2+de+vdROR4mp7GfH7+fd/nD+X+n03ff/iDDNyOk8v3f1D3ZR/T6P8thyt2rxPN+uvj5iovZ/Bngz36WDcZ2hu3+bm6/teR8pVRLQlv0k5V9WytwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAHTtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgWMBAAAAAGH+1lH0bQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD//z8QH1I=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x81)
ioctl$FS_IOC_RESVSP(r0, 0x40046f01, &(0x7f00000000c0)={0x0, 0x0, 0x757039a7, 0x100000000})

2.870132142s ago: executing program 5 (id=3233):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f00000002c0)={0x0, 0x0, 0x1, "c4"}, 0x9)

2.680540017s ago: executing program 5 (id=3234):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f00000001c0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c6572726f72733d72656d6f756e742d726f2c61636c2c00a9b504852143b698d2e379891a0dde7f9adfca8cbec85bf8e749e04e"], 0x11, 0x443f, &(0x7f00000088c0)="$eJzs3c1PHOcdAOB3BlyD6w9wfXClSl2pllq1FQKf2mKpGGNjsKkrt7aqXtYLrG3ahbVgqXqwFHKzlFOkHKIcrETKjZPFIVfnT8glR+dsKTnkEimSFaLdnYWdYVds0C7EzvMcmJ33e/c3H+8chjdOVB4ureWW1nKFlVx54f7axdz/yqX15WKID0nL/o8dXv90phfHyVEfez9lt65c+8fdiyF8uvj5y+3t7e1Q1R9aGmv6/M3Xjxeatw1xpk613datdcu/Qwjn9oyrqi+E8K9PQohCCJeTtMlkOxhCOBXqeXcfv3Mv16XRPHtRvJR/Nfdka/zC7ObTrfbfPQrhg9Iv//hg+cvf9I1/8fsudQ8AAAAAAAAAAAAAAAAAwGtu+vatO38fHQvPo9C/Ge19X3c62bZ7P3a7a37d+y8LAAAAAAAAAAAAAAAAAAAAP1K77//norMt3v+fSrYTbepv/7VNxvHujpPemPnbramro2PJ+u/Rnvw/JUlfXe4Lwy3Wfc+u/345U7/1+u97+zmoxvga/Q6FKB7ZfmsnfyjE8chICB8lC7+fj07EpfJa5Q/3y+sri10bxmsrHf/66v2p6CQL+nca/8lM+71f//8Xe46m6v697h1ib7R0/Pvalvv47aij+F/J1DuM+HNw6fj319IGmwtM1C8A1fi/279//Kcy7fcq/qdDCLmoOtZc6gpQncNU09vNV0hLx/9YLS116Ux+yHbn/7eZ+F/NtN8u/me69g1aX/83sjciWkrH/2e1tIFUid3zfzje//y/lmn/KO7/1fFvuP93JB3/5KGtP1Wk9kt2ev2fzrTfq/jfiZNxno5SR8BmVE9v9//qSEvHf2BP/u7zX9zR/O96pv5hPf81+q09/zU9h/wuqj//0Vo6/oNty3V6/s9k6vX6+j9Rm/9xUOn4n6ilpefOQ7W/ncZ/NtN+r+Jfm5UMNOK/ez357ng9/UPzv46k4//zemLcXGKj9rc2/4v2n//fyLR/FPO/6vg34t72+qZIx/9k23LV+H/Wwf3/ZqZe7+Mfwqi5/oGl43+qbbna+T+wf/znMvV6Hf/f9rJxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNfAZLIdClE8ktqP45GREK4k++fDiWi+sJifL5UX/rsWwlSSngtnowel8nyhlF9aKS8W84VSqbwQwtUk/1wYiNZK5Up+ufDo2k5bg9HDYmG1Ml8sVEII00n6r8KpRlvzS5XlwqMQwvWdvDNxefXRw8JKfnFp9S+jo6OjYWZnDMNR8f+V4kql3ns9N4TZnbpDUdPgatk3dsZyMvpPeX11pVCqpd9sqlMqLxRKTXXmkrz3wnBUWV1fWShUivlS+UGjv6M0kWynZm7/8/bNsT3596L6dvJwhwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAD/R8/M/vhxD663txCGGi8SFqVf7Zi+Kl/Ku5J1vjF2Y3n269bFcOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB7duBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrBLxygRA1EYgN+Mhdp5DKuQdLYJimhhRPAEegwPE4/iJbyDhYWthQhmBjTuQprd6vuaB/l5eT8kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACsc3k33t+2XUSKo6/DiJfH17ff+XWZ0zDPvNg/2FNPduPqZjy/aLvy3dO//Kw8eu/zT/r58fQQG2b1PPzdX/5Ps3rneGuvaVjXv/ard08i5SYi+pKfppybZt27AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPhmBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwLAAAAAAgzN86ir4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//78SIGU=")
symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
unlink(&(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

1.792868639s ago: executing program 4 (id=3235):
r0 = fsopen(&(0x7f0000002200)='ramfs\x00', 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000100)='mode\x00', &(0x7f0000000140)='7', 0x0)

1.587328356s ago: executing program 4 (id=3236):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="02000000040000000100000027bf00000005"], 0x48)
mmap(&(0x7f0000fa2000/0x3000)=nil, 0x3000, 0x0, 0x13, r0, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x42032, 0xffffffffffffffff, 0x0)

1.504698224s ago: executing program 2 (id=3237):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000140)={0x8000001}, 0x8)
close(r0)

1.496975089s ago: executing program 3 (id=3238):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x63, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, 0x0, {0xe, 0x3}, {0x6}, {0x4, 0x8}}}, 0x24}}, 0x40004)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="340000003e000900000000000008000003000000040004001c000180180010"], 0x34}}, 0x84)

1.295952326s ago: executing program 7 (id=3239):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040bd28420000000000000109022400010000000009040100020300000009210000000122070009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\"\a'], 0x0}, 0x0)

1.290638692s ago: executing program 1 (id=3240):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f0000002c00)=[{{0x0, 0x0, 0x0}, 0x200001}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f00000007c0)}, 0x101}, {{0x0, 0x0, 0x0}, 0x40}, {{0x0, 0x0, 0x0}, 0x409}, {{0x0, 0x0, &(0x7f0000000600)=[{0x0, 0x500}, {&(0x7f0000001a00)=""/4109, 0x100d}, {0x0}, {&(0x7f00000004c0)=""/121, 0x79}], 0x4}, 0x8}, {{0x0, 0x0, 0x0}, 0xc}], 0x7, 0x40000020, 0x0)

1.290078324s ago: executing program 4 (id=3241):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x34, r1, 0x1, 0x0, 0x0, {0x12}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}]}, @ETHTOOL_A_COALESCE_RX_USECS_LOW={0x8, 0x6}]}, 0x34}}, 0x0)

1.233930401s ago: executing program 3 (id=3242):
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2b, 0x0, 0x0)
syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x20400)
syz_usb_connect(0x2, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0)

1.183909325s ago: executing program 2 (id=3243):
syz_open_procfs(0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x10, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x8, 0x0, 0x2}}}}}}, 0x0)
syz_emit_ethernet(0x7a, &(0x7f0000000240)={@link_local, @remote, @val={@void}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f51c93", 0x40, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x500, {0x0, 0x6, "508359", 0x2c, 0x0, 0x0, @private1, @loopback, [@hopopts={0x3a}, @srh={0x0, 0x0, 0x4, 0x0, 0x10, 0x0, 0x2}]}}}}}}}, 0x0)

1.033847768s ago: executing program 5 (id=3244):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)={0x38, r1, 0x601, 0x70bd2a, 0x0, {}, [@TIPC_NLA_LINK={0x24, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0xfffffffffffffedb, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x0, 0x1, 'broadcast-link\x00'}]}, @TIPC_NLA_NET={0x0, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0x0, 0x3, 0xff}, @TIPC_NLA_NET_NODEID={0x0, 0x3, 0x2}, @TIPC_NLA_NET_ID, @TIPC_NLA_NET_NODEID_W1={0x0, 0x4, 0x8}]}]}, 0x38}}, 0x0)

950.123601ms ago: executing program 4 (id=3245):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000007000000000000000300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xe, 0x0, &(0x7f0000000200)="449d060721b9e6bb51f2f6f20504", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)

913.61618ms ago: executing program 2 (id=3246):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000080)=@assoc_value, 0x8)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f00000000c0)=@assoc_value={0x0, 0x4}, &(0x7f0000000140)=0x8)

743.870552ms ago: executing program 4 (id=3247):
setreuid(0xffffffffffffffff, 0xee00)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSARP(r0, 0x8915, &(0x7f0000000a80)={{0x2, 0x4e22, @empty}, {0x0, @remote}, 0x48, {0x2, 0x0, @empty}, 'lo\x00'})

550.473348ms ago: executing program 1 (id=3248):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
cachestat(r0, &(0x7f00000001c0)={0xb, 0x30}, 0x0, 0x1ee)

494.457392ms ago: executing program 2 (id=3249):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0))
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/unix\x00')
pread64(r0, &(0x7f0000000080)=""/50, 0x32, 0x8)

456.892012ms ago: executing program 1 (id=3250):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vxcan0\x00', <r1=>0x0})
sendmsg$can_raw(r0, &(0x7f0000000000)={&(0x7f00000000c0)={0x1d, r1}, 0x10, &(0x7f0000000140)={&(0x7f0000000180)=@can={{0x0, 0x0, 0x1, 0x1}, 0xa, 0x0, 0x4, 0x0, "b400000500"}, 0x10}, 0x2, 0x0, 0x0, 0x4080}, 0x0)

450.655779ms ago: executing program 4 (id=3251):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000700)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x61}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r1, 0x18000000000002a0, 0x28, 0x0, &(0x7f00000001c0)="d2ff03076003008cb89e08f086dd", 0x0, 0xd5b1, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)

229.23387ms ago: executing program 2 (id=3252):
r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x20280, 0x0)
ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000080)=0x14)
pselect6(0x40, &(0x7f0000000040)={0xc, 0x40000000000, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x81}, 0x0, 0x0, 0x0, 0x0)

228.441447ms ago: executing program 5 (id=3253):
syz_mount_image$xfs(&(0x7f0000009600), &(0x7f0000009640)='./file0\x00', 0x840, &(0x7f00000000c0)={[{@lazytime}, {@uqnoenforce}, {@quota}, {@filestreams}, {@grpquota}, {@allocsize={'allocsize', 0x3d, [0x30, 0x39, 0x6d]}}, {@largeio}]}, 0x4, 0x968d, &(0x7f000001c300)="$eJzs3Am4pnMBuP/3DGOXMVRSaiqiRdYsUWYGMxSSJdqRJWUpqdCmRUoqItqzb9nKEsrWSrK3UEKoZIm02Ib5X2fmDGPcpF+//+VX931f1znv+z7v8zzn+34/z3KO5mrzSRtPHAzmGkxv3GDWzr1m8pQxV21w+5FbLXjMcqfcvf8jV1x8/MjjhJHHiYPBYNTI20PTl40dnHraqMHs05Y/3LxzzzM0/2Cw/MjLkf0MVp7+MP/lM9abOkuzDnTo4W/7TP+a1gLDP2L4yWH773X4YDAYM9P2Q4PB0J6P+qDSNp8wedLDVg+5DVuNHnk+89cc07/mv2gwmP+MAR8fM6879CR8pOGfueeLzhm9wZPws//r2nzC5HVn8R8+F2cbWbby8Dk+6zlobNbj/NYltlh1ZAqnHW+DwfAl7hHnyn9Fm0+YtN7gsa/zgyNXu2CfqdOvm3MOpt8o5h4MBvOMXF/ne7Jd6j9rwsQVpt2zZ7weYZ9xLO9Jx8XxbznpweGb9GAwWGgwGLvOjHtBVVVV/Xc0YeIKa8L9f67Hu/+ffPKiZ3T/r6qq+u9t3QkTVxi+189y/5/v8e7/uyx64cem/7f/8StP3+rBJ/dDVFVV1b/VpHXx/j/m8e7/K6956Xrd/6uqqv5722j9aff/+Wa5/y/8ePf/N5602mIj6834veGBmXY5NNP/nnD/TMtnm2n5fTMtHz3TfmZef46Zlt8z0/I5h9+D9ccNBmNn/HvBKQ8vHjtu+L2R5ffOtHz8w/9OZ/G1Zlo+Yablk2ZaPnFkrMPLJ8+0fPJM66/zOFNdVVX1/0wbrTBpzcFM/85+ZPEiM96n+//5Z1679JM13qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqvrv7MHbzzpnMBgMDQaDUYPBlMHI85kfB1OnTp06/Prk8y677Ekb6P8bDZ17zeQpY67a4PYjt1rwmOVOuXv/h2fpv7b//k9Q/0nD/nMdN24w2GnTJ3so9STU+e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7iHrz9rHNGjoFRg8GUwcjzPWc8nrnfG940suqqm51y50EPb7n4+O1Hnp17zeQp2z8JY38SGhr+rGOu2uD2I7da8JjlTrl7//+Bs+e//xPUf9I0/+2HBoOR83vM8Lm8wYSNNllqMBgcdOcpm600eOi9VYbfW23sbIPZpm261LTvay/OO95znemP44e/LfzQPk6etv91px4629Asg5ipV5x7w5Fv3/zuFWd9XPKxP8eoGU8Ov+70u6ZOnTr1EQtHmusxNp6x/xmfZdbzfGTsSw2PfZldd3zXMu/ZfY+lt99xy+222W6bnZZbYZUVV1p+uZVWfdky226/wzbLTv/+GHM2btr3NZ/InM0365zdPmHmOZv1sz3WnI17/DmbtscpewxtMmPOZv8352zNx5+zcduP/KDFx48ebDFtaoYGg8XXGj3YbfjFcnMOBouvPbLuIsPrrj521GCw38MfdPjZnA8dg0N7Dq+z+aSNJz48skd/wkddpx+x4uLjRx4njDxOnD7EcYOHD8Wxg1NPGzU8F4+Y5nnnnmdo/sFg+ZGXI/sZrDry7iEz1ps6S7MOdOjhb/tM/5rWAsM7GX7yjmXPunr4XJxl+/8/+j+6/j/Ka5WhhyZqaORrZJ3pXhMmr/vwz5o2DcNzN9vIspWHTWads/+bPWq842YfjHmc8U5ad+IKw4tnmf8Zm+DxdccSF3xg+rE1fuXpWz34f4xC453vcca77gQc73yPN97jPnjJadN39X9tvLNc69ab9n38E7nWDR7/Wjcb7WCbixeb9Vr36sce4iPO4xlzNOcsKz3WtW63g5ffc3j/4x//Wrfe8NhHP+JaN2owWHzNGde64QvfpNGD/YZfLD/8YvLowTHDL1aY9mLuwXnDL176tp132Hp4wToz5mTZ4f2OHzs0zf2ClW9ZcuoBU6euNTKW8WMfOdaR42PczPfzCWOnT+aMbWfsd3jVGfu9+enT35s0st8J/8Z+Z2xL471zgenvTR7Z78RZ9jv6cfY7Y9tHnQ9LDT104XqM682kWa43I3/jzPhxj/iaY/rX/BcNBvOfQb6zrPsvr5l0/s71OOOdMHGFNYfHN8v5+9DhSOfvJZOvGr5XzD8YDBYaDMauM2Ps/2ZDjzXe2R9/vBNhvLM/3nivOHbH9f8vjHcw03gfcZxtvtH0Y2WdkeNs8r9x/M7Ydtbr2Ohp706/7K/zRK5j4x51HfvobKNmmeyZeqzf2baG9ac/X+Th33OvOfHoGXM/epb9/qvf2Wb6LENwHRszy9/zo9a5fjBEc77ncatfOnTg48/56MEj/7aYMecztn28OZ/8ROb8WY8/50/09+Slnj/9/dGzjH/mOd9w32d+ZsaczzHLfv/VnE9+/HvHo+d8/GA0zfmy902ft8e7nj7WnM/YdsacD3/E1cbOPlh7+J41MueTnsicL/J/5zifB9af/nybhxadfeQpr5sx57PO8b+a80n/7pyPe+g4X3zae88bNZhjjsFuW+666y7LTf8+4+Xy07/zteiea6bP8+PdSx/LaMa2j3derPVEjMY8IaOhf2W06OyPZfTwqXXEzrs87f/0WrTWv2s04GvRVUdPn7fH+73oseZ8xrZ0H1x4pu1n/Tt0o/Wn/d493yz3wRmb4H3w7DPX23vGLkc2e2CWYc64r94/0/LZZlp+30zLR8+0n5nXn2Om5ffMtHz4I8wx0/ozWMcN/807snzKw6uPHf7ladzI8ntnWj7+4W0XX2um5RNmWj5ppuUTHz40Fp880/LJM62/zuDfbMZ/k95+1ot8PdH677/u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zFPXj7WeeMHAOjBoMpg+nPh0YeB3sObXjbGsOPg8Fg9MonTN3wyR7vk9zQuddMnjLmqg1uP3KrBY9Z7pS79/8fOHv++z9B/SdN899+aDAYOb/HbD8YDDaYsNEmSw0Ggw2nnrDyqMFD7y0y/N7qY0cNBvsNPWIHcz60ztCew+tsPmnjiYPBXCNrjHvUD33UefSIFRcfP/I4YeRx4vTr07jBw8fr2MGpp40azD5t+cPNO/c8Q/MPBsuPvBzZz2Dl6Q/zXz5jvamzNOtAhx7+ts/0r2ktMPwjhp/stt3kZw/P1Szb/z/TjGv19qP+5aqd/+7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93/55/R8v/Wom6y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u3/ff+7/X8ZRT06d/+7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8tf3IO3n3XOyDEwajCYMpj+fGjPkcfB0EmnvnDkEBm9+5VHHfpkj/dJbujcayZPGXPVBrcfudWCxyx3yt37/w+cPf/9n6D+k6b5bz80GIyc32O2HwwGG0zYaJOlBoPBoUddufuowUPvLTL83upjRw0G+w09YgdzPrTO0J7D62w+aeOJg8FcI2uMe9QPfdR59IgVFx8/8jhh5HHi9OvTuMHDx+vYwamnjRrMPm35w8079zxD8w8Gy4+8HNnPYOXpD/NfPmO9qbM060CHHv62z/SvaS0w/COGn+w13zUnDc/VLNv/P9OMa/X2o/7lqp3/7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3lL+7B2886Z+QYGDUYTBlMfz5q5HFoz5tu/PAmw4/DrxdcZ+9rnuzxPskNnXvN5Cljrtrg9iO3WvCY5U65e///gbPnv/8T1H/SsP9cx40bDHba9MkeSj0Jdf67y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/uAdvP+uckaejHl46as+OC2zo3GsmTxlz1Qa3H7nVgscsd8rd+z/ZA/pPewz/j+aPWfw/lj9m8f94/pjF/xP5Yxb/vfLHLP6fzB+z+O+dP2bx/1T+mMX/0/ljFv998scs/p/JH7P475s/ZvH/bP6Yxf9z+WMW/8/nj1n898sfs/jvnz9m8f9C/pjF/4D8MYv/gfljFv8v5o9Z/A/KH7P4H5w/ZvH/Uv6Yxf/L+WMW/6/kj1n8v5o/ZvH/Wv6Yxf/r+WMW/2/kj1n8v5k/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi/+38scs/sfnj1n8T8gfs/ifmD9m8T8pf8zif3L+mMX/2/ljFv/v5I9Z/E/JH7P4n5o/ZvE/LX/M4n96/pjF/7v5Yxb/M/LHLP5n5o9Z/M/KH7P4fy9/zOL//fwxi//Z+WMW/3Pyxyz+5+aPWfzPyx+z+J+fP2bx/0H+mMX/h/ljFv8f5Y9Z/H+cP2bx/0n+mMX/p/ljFv8L8scs/hfmj1n8f5Y/ZvG/KH/M4v/z/DGL/8X5Yxb/S/LHLP6X5o9Z/C/LH7P4X54/ZvG/In/M4n9l/pjF/xf5Yxb/X+aPWfx/lT9m8f91/pjF/6r8MYv/1fljFv/f5I9Z/H+bP2bxvyZ/zOL/u/wxi/+1+WMW/+vyxyz+1+ePWfx/nz9m8b8hf8zif2P+mMX/pvwxi/8f8scs/n/MH7P4/yl/zOJ/c/6Yxf/P+WMW/1vyxyz+t+aPWfxvyx+z+N+eP2bx/0v+mMX/jvwxi/+d+WMW/7/mj1n878ofs/j/LX/M4v/3/DGL/z/yxyz+/8wfs/jfnT9m8b8nf8zif2/+mMX/vvwxi//9+WMW/yn5Yxb/B/LHLP4P5o9Z/Kfmj0n8Zxvkj1n8h/LHLP6j8scs/rPlj1n8Z88fs/iPzh+z+M+RP2bxnzN/zOI/V/6YxX/u/DGL/zz5Yxb/efPHLP7z5Y9Z/OfPH7P4PyV/zOK/QP6YxX9M/pjFf8H8MYv/2Pwxi/9C+WMW/4Xzxyz+T80fs/g/LX/M4v/0/DGL/yL5Yxb/Z+SPWfwXzR+z+D8zf8zi/6z8MYv/YvljFv9n549Z/J+TP2bxH5c/ZvF/bv6Yxf95+T+q2UceDf7Pzx+znP+L549Z/JfIH7P4vyB/zOK/ZP6YxX+p/DGL/wvzxyz+L8ofs/i/OH/M4v+S/DGL/9L5Yxb/l+aPWfyXyR+z+C+bP2bxXy5/zOK/fP6YxX+F/DGL/4r5Yxb/l+WPWfxXyh+z+K+cP2bxXyV/zOK/av6Yxf/l+WMW/9Xyxyz+q+ePWfxfkT9m8X9l/pjFf438MYv/+Pwxi/+E/DGL/8T8MYv/mvljFv+18scs/mvnj1n8J+WPWfwnq/xne8JrWvzXUfk/8Sz+6+aPWfxflT9m8X91/pjFf738MYv/+vljFv8N8scs/q/JH7P4b5g/ZvF/bf6YxX+j/DGL/8b5Yxb/TfLHLP6b5o9Z/F+XP2bx3yx/zOK/ef6Yxf/1+WMW/zfkj1n835g/ZvF/U/6Yxf/N+WMW/7fkj1n835o/ZvHfIn/M4r9l/pjFf6v8MYv/2/LHLP5b549Z/LfJH7P4b5s/ZvHfLn/M4v/2/DGL//b5Yxb/d+SPWfzfmT9m8d8hf8ziv2P+mMV/p/wxi//O+WMW/3flj1n8350/ZvHfJX/M4v+e/DGL/675Yxb/9+aPWfzflz9m8X9//pjFf7f8MYv/7vljFv898scs/h/IH7P4fzB/zOL/ofwxi/+H88cs/h/JH7P475k/ZvH/aP6Yxf9j+WMW/4/nj1n8P5E/ZvHfK3/M4v/J/DGL/975Yxb/T+WPWfw/nT9m8d8nf8zi/5n8MYv/vvljFv/P5o9Z/D+XP2bx/3z+mMV/v/wxi//++WMW/y/kj1n8D8gfs/gfmD9m8f9i/pjF/6D8MYv/wfljFv8v5Y9Z/L+cP2bx/0r+mMX/q/ljFv+v5Y9Z/L+eP2bx/0b+mMX/m/ljFv9D8scs/ofmj1n8D8sfs/gfnj9m8T8if8zif2T+mMX/qPwxi//R+WMW/2Pyxyz+x+aPWfyPyx+z+H8rf8zif3z+mMX/hPwxi/+J+WMW/5Pyxyz+J+ePWfy/nT9m8f9O/pjF/5T8MYv/qfljFv/T8scs/qfnj1n8v5s/ZvE/I3/M4n9m/pjF/6z8MYv/9/LHLP7fzx+z+J+dP2bxPyf/aR042yNfW/zPzR+z+J+XP2bxPz9/zOL/g/wxi/8P88cs/j/KH7P4/zh/zOL/k/wxi/9P88cs/hfkj1n8L8wfs/j/LH/M4n9R/pjF/+f5Yxb/i/PHLP6X5I9Z/C/NH7P4X5Y/ZvG/PH/M4n9F/pjF/8r8MYv/L/LHLP6/zB+z+P8qf8zi/+v8MYv/VfljFv+r88cs/r/JH7P4/zZ/zOJ/Tf6Yxf93+WMW/2vzxyz+1+WPWfyvzx+z+P8+f8zif0P+mMX/xvwxi/9N+WMW/z/kj1n8/5g/ZvH/U/6Yxf/m/DGL/5/zxyz+t+SPWfxvzR+z+N+WP2bxvz1/zOL/l/wxi/8d+WMW/zvzxyz+f80fs/jflT9m8f9b/pjF/+/5Yxb/f+SPWfz/mT9m8b87f8zif0/+mMX/3vwxi/99+WMW//vzxyz+U/LHLP4P5I9Z/B/MH7P4T80fk/jPPsgfs/gP5Y9Z/Eflj1n8Z8sfs/jPnj9m8R+dP2bxnyN/zOI/Z/6YxX+u/DGL/9z5Yxb/efLHLP7z5o9Z/OfLH7P4z58/ZvF/Sv6YxX+B/DGL/5j8MYv/gvljFv+x+WMW/4Xyxyz+C+ePWfyfmj9m8X9a/pjF/+n5Yxb/RfLHLP7PyB+z+C+aP2bxf2b+mMX/WfljFv/F8scs/s/OH7P4Pyd/zOI/Ln/M4v/c/DGL//Pyxyz+z88fs/gvnj9m8V8if8zi/4L8MYv/kvljFv+l8scs/i/MH7P4vyh/zOL/4vwxi/9L8scs/kvnj1n8X5o/ZvFfJn/M4r9s/pjFf7n8MYv/8vljFv8V8scs/ivmj1n8X5Y/ZvFfKX/M4r9y/pjFf5X8MYv/qvljFv+X549Z/FfLH7P4r54/ZvF/Rf6Yxf+V+WMW/zXyxyz+4/PHLP4T8scs/hPzxyz+a+aPWfzXyh+z+K+dP2bxn5Q/ZvGfnD9m8V8nf8ziv27+mMX/VfljFv9X549Z/NcT+q/xBNax+K8v9H8iWfw3yB+z+L8mf8ziv2H+mMX/tYPL8ocs/ht1/mMW/43zxyz+m+SPWfw3zR+z+L8uf8ziv1n+mMV/8/wxi//r88cs/m/IH7P4vzF/zOL/pvwxi/+b88cs/m/JH7P4vzV/zOK/Rf6YxX/L/DGL/1b5Yxb/t+WPWfy3zh+z+G+TP2bx3zZ/zOK/Xf6Yxf/t+WMW/+3zxyz+78gfs/i/M3/M4r9D/pjFf8f8MYv/TvljFv+d88cs/u/KH7P4vzt/zOK/S/6Yxf89+WMW/13zxyz+780fs/i/L3/M4v/+/DGL/275Yxb/3fPHLP575I9Z/D+QP2bx/2D+mMX/Q/ljFv8P549Z/D+SP2bx3zN/zOL/0fwxi//H8scs/h/PH7P4fyJ/zOK/V/6Yxf+T+WMW/73zxyz+n8ofs/h/On/M4r9P/pjF/zP5Yxb/ffPHLP6fzR+z+H8uf8zi//n8MYv/fvljFv/988cs/l/IH7P4H5A/ZvE/MH/M4v/F/DGL/0H5Yxb/g/PHLP5fyh+z+H85f8zi/5X8MYv/V/PHLP5fyx+z+H89f8zi/438MYv/N/PHLP6H5I9Z/A/NH7P4H5Y/ZvE/PH/M4n9E/pjF/8j8MYv/UfljFv+j88cs/sfkj1n8j80fs/gflz9m8f9W/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/h/O3/M4v+d/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4fzd/zOJ/Rv6Yxf/M/DGL/1n5Yxb/7+WPWfy/nz9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+P8gfs/j/MH/M4v+j/DGL/4/zxyz+P8kfs/j/NH/M4n9B/pjF/8L8MYv/z/LHLP4X5Y9Z/H+eP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4/yJ/zOL/y/wxi/+v8scs/r/OH7P4X5U/ZvG/On/M4v+b/DGL/2/zxyz+1+SPWfx/lz9m8b82f8zif13+mMX/+vwxi//v88cs/jfkj1n8b8wfs/jflD9m8f9D/pjF/4/5Yxb/P+WPWfxvzh+z+P85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+f8kfs/jfkT9m8b8zf8zi/9f8MYv/XfljFv+/5Y9Z/P+eP2bx/0f+mMX/n/ljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8ziPyV/zOL/QP6Yxf/B/DGL/9T8MYn/6EH+mMV/KH/M4j8qf8ziP1v+mMV/9vwxi//o/DGL/xz5Yxb/OfPHLP5z5Y9Z/OfOH7P4z5M/ZvGfN3/M4j9f/pjFf/78MYv/U/LHLP4L5I9Z/Mfkj1n8F8wfs/iPzR+z+C+UP2bxXzh/zOL/1Pwxi//T8scs/k/PH7P4L5I/ZvF/Rv6YxX/R/DGL/zPzxyz+z8ofs/gvlj9m8X92/pjF/zn5Yxb/cfljFv/n5o9Z/J+XP2bxf37+mMV/8fwxi/8S+WMW/xfkj1n8l8wfs/gvlT9m8X9h/pjF/0X5Yxb/F+ePWfxfkj9m8V86f8zi/9L8MYv/MvljFv9l88cs/svlj1n8l88fs/ivkD9m8V8xf8zi/7L8MYv/SvljFv+V88cs/qvkj1n8V80fs/i/PH/M4r9a/pjFf/X8MYv/K/LHLP6vzB+z+K+RP2bxH58/ZvGfkD9m8Z+YP2bxXzN/zOK/Vv6YxX/t/DGL/6T8MYv/5Pwxi/86+WMW/3Xzxyz+r8ofs/i/On/M4r9e/pjFf/38MYv/BvljFv/X5I9Z/DfMH7P4vzZ/zOK/Uf6YxX/j/DGL/yb5Yxb/TfPHLP6vyx+z+G+WP2bx3zx/zOL/+vwxi/8b8scs/m/MH7P4vyl/zOL/5vwxi/9b8scs/m/NH7P4b5E/ZvHfMn/M4r9V/pjF/235Yxb/rfPHLP7b5I9Z/LfNH7P4b5c/ZvF/e/6YxX/7/DGL/zvyxyz+78wfs/jvkD9m8d8xf8ziv1P+mMV/5/wxi/+78scs/u/OH7P475I/ZvF/T/6YxX/X/DGL/3vzxyz+78sfs/i/P3/M4r9b/pjFf/f8MYv/HvljFv8P5I9Z/D+YP2bx/1D+mMX/w/ljFv+P5I9Z/PfMH7P4fzR/zOL/sfwxi//H88cs/p/IH7P475U/ZvH/ZP6YxX/v/DGL/6fyxyz+n84fs/jvkz9m8f9M/pjFf9/8MYv/Z/PHLP6fyx+z+H8+f8ziv1/+mMV///wxi/8X8scs/gfkj1n8D8wfs/h/MX/M4n9Q/pjF/+D8MYv/l/LHLP5fzh+z+H8lf8zi/9X8MYv/1/LHLP5fzx+z+H8jf8zi/838MYv/IfljFv9D88cs/oflj1n8D88fs/gfkT9m8T8yf8zif1T+mMX/6Pwxi/8x+WMW/2Pzxyz+x+WPWfy/lT9m8T8+f8zif0L+mMX/xPwxi/9J+WMW/5Pzxyz+384fs/h/J3/M4n9K/pjF/9T8MYv/afljFv/T88cs/t/NH7P4n5E/ZvE/M3/M4n9W/pjF/3v5Yxb/7+ePWfzPzh+z+J+TP2bxPzd/zOJ/Xv6Yxf/8/DGL/w/yxyz+P8wfs/j/KH/M4v/j/DGL/0/yxyz+P80fs/hfkD9m8b8wf8zi/7P8MYv/RfljFv+f549Z/C/OH7P4X5I/ZvG/NH/M4n9Z/pjF//L8MYv/FfljFv8r88cs/r/IH7P4/zJ/zOL/q/wxi/+v88cs/lflj1n8r84fs/j/Jn/M4v/b/DGL/zX5Yxb/3+WPWfyvzR+z+F+XP2bxvz5/zOL/+/wxi/8N+WMW/xvzxyz+N+WPWfz/kD9m8f9j/pjF/0/5Yxb/m/PHLP5/zh+z+N+SP2bxvzV/zOJ/W/6Yxf/2/DGL/1/yxyz+d+SPWfzvzB+z+P81f8zif1f+mMX/b/ljFv+/549Z/P+RP2bx/2f+mMX/7vwxi/89+WMW/3vzxyz+9+WPWfzvzx+z+E/JH7P4P5A/ZvF/MH/M4j81f0ziP8cgf8ziP5Q/ZvEflT9m8Z8tf8ziP3v+mMV/dP6YxX+O/DGL/5z5Yxb/ufLHLP5z549Z/OfJH7P4z5s/ZvGfL3/M4j9//pjF/yn5Yxb/BfLHLP5j8scs/gvmj1n8x+aPWfwXyh+z+C+cP2bxf2r+mMX/afljFv+n549Z/BfJH7P4PyN/zOK/aP6Yxf+Z+WMW/2flj1n8F8sfs/g/O3/M4v+c/DGL/7j8MYv/c/PHLP7Pyx+z+D8/f8ziv3j+mMV/ifwxi/8L8scs/kvmj1n8l8ofs/i/MH/M4v+i/DGL/4vzxyz+L8kfs/gvnT9m8X9p/pjFf5n8MYv/svljFv/l8scs/svnj1n8V8gfs/ivmD9m8X9Z/pjFf6X8MYv/yvljFv9V8scs/qvmj1n8X54/ZvFfLX/M4r96/pjF/xX5Yxb/V+aPWfzXyB+z+I/PH7P4T8gfs/hPzB+z+K+ZP2bxXyt/zOK/dv6YxX9S/pjFf3L+mMV/nfwxi/+6+WMW/1flj1n8X50/ZvFfL3/M4r9+/pjFf4P8MYv/a/LHLP4b5o9Z/F+bP2bx3yh/zOK/cf6YxX+T/DGL/6b5Yxb/1+WPWfw3yx+z+G+eP2bxf33+mMX/DfljFv835o9Z/N+UP2bxf3P+mMX/LfljFv+35o9Z/LfIH7P4b5k/ZvHfKn/M4v+2/DGL/9b5Yxb/bfLHLP7b5o9Z/LfLH7P4vz1/zOK/ff6Yxf8d+WMW/3fmj1n8d8gfs/jvmD9m8d8pf8ziv3P+mMX/XfljFv93549Z/HfJH7P4vyd/zOK/a/6Yxf+9+WMW//flj1n8358/ZvHfLX/M4r97/pjFf4/8MYv/B/LHLP4fzB+z+H8of8zi/+H8MYv/R/LHLP575o9Z/D+aP2bx/1j+mMX/4/ljFv9P5I9Z/PfKH7P4fzJ/zOK/d/6Yxf9T+WMW/0/nj1n898kfs/h/Jn/M4r9v/pjF/7P5Yxb/z+WPWfw/nz9m8d8vf8ziv3/+mMX/C/ljFv8D8scs/gfmj1n8v5g/ZvE/KH/M4n9w/pjF/0v5Yxb/L+ePWfy/kj9m8f9q/pjF/2v5Yxb/r+ePWfy/kT9m8f9m/pjF/5D8MYv/ofljFv/D8scs/ofnj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/mPwxi/+x+WMW/+Pyxyz+38ofs/gfnz9m8T8hf8zif2L+mMX/pPwxi//J+WMW/2/nj1n8v5M/ZvE/JX/M4n9q/pjF/7T8MYv/6fljFv/v5o9Z/M/IH7P4n5k/ZvE/K3/M4v+9/DGL//fzxyz+Z+ePWfzPyR+z+J+bP2bxPy9/zOJ/fv6Yxf8H+WMW/x/mj1n8f5Q/ZvH/cf6Yxf8n+WMW/5/mj1n8L8gfs/hfmD9m8f9Z/pjF/6L8MYv/z/PHLP4X549Z/C/JH7P4X5o/ZvG/LH/M4n95/pjF/4r8MYv/lfljFv9f5I9Z/H+ZP2bx/1X+mMX/1/ljFv+r8scs/lfnj1n8f5M/ZvH/bf6Yxf+a/DGL/+/yxyz+1+aPWfyvyx+z+F+fP2bx/33+mMX/hvwxi/+N+WMW/5vyxyz+f8gfs/j/MX/M4v+n/DGL/835Yxb/P+ePWfxvyR+z+N+aP2bxvy1/zOJ/e/6Yxf8v+WMW/zvyxyz+d1r95378ty3+f7X6/4ss/nflj1n8/5Y/ZvH/e/6Yxf8f+WMW/3/mj1n8784fs/jfkz9m8b83f8zif1/+mMX//vwxi/+U/DGL/wP5Yxb/B/PHLP5T88ck/nMO8scs/kP5Yxb/UfljFv/Z8scs/rPnj1n8R+ePWfznyB+z+M+ZP2bxnyt/zOI/d/6YxX+e/DGL/7z5Yxb/+fLHLP7z549Z/J+SP2bxXyB/zOI/Jn/M4r9g/pjFf2z+mMV/ofwxi//C+WMW/6fmj1n8n5Y/ZvF/ev6YxX+R/DGL/zPyxyz+i+aPWfyfmT9m8X9W/pjFf7H8MYv/s/PHLP7PyR+z+I/LH7P4Pzd/zOL/vPwxi//z88cs/ovnj1n8l8gfs/i/IH/M4r9k/pjFf6n8MYv/C/PHLP4vyh+z+L84f8zi/5L8MYv/0vljFv+X5o9Z/JfJH7P4L5s/ZvFfLn/M4r98/pjFf4X8MYv/ivljFv+X5Y9Z/FfKH7P4r5w/ZvFfJX/M4r9q/pjF/+X5Yxb/1fLHLP6r549Z/F+RP2bxf2X+mMV/jfwxi//4/DGL/4T8MYv/xPwxi/+a+WMW/7Xyxyz+a+ePWfwn5Y9Z/Cfnj1n818kfs/ivmz9m8X9V/pjF/9X5Yxb/9fLHLP7r549Z/DfIH7P4vyZ/zOK/Yf6Yxf+1+WMW/43yxyz+G+ePWfw3yR+z+G+aP2bxf13+mMV/s/wxi//m+WMW/9fnj1n835A/ZvF/Y/6Yxf9N+WMW/zfnj1n835I/ZvF/a/6YxX+L/DGL/5b5Yxb/rfLHLP5vyx+z+G+dP2bx3yZ/zOK/bf6YxX+7/DGL/9vzxyz+2+ePWfzfkT9m8X9n/pjFf4f8MYv/jvljFv+d8scs/jvnj1n835U/ZvF/d/6YxX+X/DGL/3vyxyz+u+aPWfzfmz9m8X9f/pjF//35Yxb/3fLHLP67549Z/PfIH7P4fyB/zOL/wfwxi/+H8scs/h/OH7P4fyR/zOK/Z/6Yxf+j+WMW/4/lj1n8P54/ZvH/RP6YxX+v/DGL/yfzxyz+e+ePWfw/lT9m8f90/pjFf5/8MYv/Z/LHLP775o9Z/D+bP2bx/1z+mMX/8/ljFv/98scs/vvnj1n8v5A/ZvE/IH/M4n9g/pjF/4v5Yxb/g/LHLP4H549Z/L+UP2bx/3L+mMX/K/ljFv+v5o9Z/L+WP2bx/3r+mMX/G/ljFv9v5o9Z/A/JH7P4H5o/ZvE/LH/M4n94/pjF/4j8MYv/kfljFv+j8scs/kfnj1n8j8kfs/gfmz9m8T8uf8zi/638MYv/8fljFv8T8scs/ifmj1n8T8ofs/ifnD9m8f92/pjF/zv5Yxb/U/LHLP6n5o9Z/E/LH7P4n54/ZvH/bv6Yxf+M/DGL/5n5Yxb/s/LHLP7fyx+z+H8/f8zif3b+mMX/nPwxi/+5+WMW//Pyxyz+5+ePWfx/kD9m8f9h/pjF/0f5Yxb/H+ePWfx/kj9m8f9p/pjF/4L8MYv/hfljFv+f5Y9Z/C/KH7P4/zx/zOJ/cf6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/K/IH7P4X5k/ZvH/Rf6Yxf+X+WMW/1/lj1n8f50/ZvG/Kn/M4n91/pjF/zf5Yxb/3+aPWfyvyR+z+P8uf8zif23+mMX/uvwxi//1+WMW/9/nj1n8b8gfs/jfmD9m8b8pf8zi/4f8MYv/H/PHLP5/yh+z+N+cP2bx/3P+mMX/lvwxi/+t+WMW/9vyxyz+t+ePWfz/kj9m8b8jf8zif2f+mMX/r/ljFv+78scs/n/LH7P4/z1/zOL/j/wxi/8/88cs/nfnj1n878kfs/jfmz9m8b8vf8zif3/+mMV/Sv6Yxf+B/DGL/4P5Yxb/qfljEv+5BvljFv+h/DGL/6j8MYv/bPljFv/Z88cs/qPzxyz+c+SPWfznzB+z+M+VP2bxnzt/zOI/T/6YxX/e/DGL/3z5Yxb/+fPHLP5PyR+z+C+QP2bxH5M/ZvFfMH/M4j82f8ziv1D+mMV/4fwxi/9T88cs/k/LH7P4Pz1/zOK/SP6Yxf8Z+WMW/0Xzxyz+z8wfs/g/K3/M4r9Y/pjF/9n5Yxb/5+SPWfzH5Y9Z/J+bP2bxf17+mMX/+fljFv/F88cs/kvkj1n8X5A/ZvFfMn/M4r9U/pjF/4X5Yxb/F+WPWfxfnD9m8X9J/pjFf+n8MYv/S/PHLP7L5I9Z/JfNH7P4L5c/ZvFfPn/M4r9C/pjFf8X8MYv/y/LHLP4r5Y9Z/FfOH7P4r5I/ZvFfNX/M4v/y/DGL/2r5Yxb/1fPHLP6vyB+z+L8yf8ziv0b+mMV/fP6YxX9C/pjFf2L+mMV/zfwxi/9a+WMW/7Xzxyz+k/LHLP6T88cs/uvkj1n8180fs/i/Kn/M4v/q/DGL/3r5Yxb/9fPHLP4b5I9Z/F+TP2bx3zB/zOL/2vwxi/9G+WMW/43zxyz+m+SPWfw3zR+z+L8uf8ziv1n+mMV/8/wxi//r88cs/m/IH7P4vzF/zOL/pvwxi/+b88cs/m/JH7P4vzV/zOK/Rf6YxX/L/DGL/1b5Yxb/t+WPWfy3zh+z+G+TP2bx3zZ/zOK/Xf6Yxf/t+WMW/+3zxyz+78gfs/i/M3/M4r9D/pjFf8f8MYv/TvljFv+d88cs/u/KH7P4vzt/zOK/S/6Yxf89+WMW/13zxyz+780fs/i/L3/M4v/+/DGL/275Yxb/3fPHLP575I9Z/D+QP2bx/2D+mMX/Q/ljFv8P549Z/D+SP2bx3zN/zOL/0fwxi//H8scs/h/PH7P4fyJ/zOK/V/6Yxf+T+WMW/73zxyz+n8ofs/h/On/M4r9P/pjF/zP5Yxb/ffPHLP6fzR+z+H8uf8zi//n8MYv/fvljFv/988cs/l/IH7P4H5A/ZvE/MH/M4v/F/DGL/0H5Yxb/g/PHLP5fyh+z+H85f8zi/5X8MYv/V/PHLP5fyx+z+H89f8zi/438MYv/N/PHLP6H5I9Z/A/NH7P4H5Y/ZvE/PH/M4n9E/pjF/8j8MYv/UfljFv+j88cs/sfkj1n8j80fs/gflz9m8f9W/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/h/O3/M4v+d/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4fzd/zOJ/Rv6Yxf/M/DGL/1n5Yxb/7+WPWfy/nz9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+P8gfs/j/MH/M4v+j/DGL/4/zxyz+P8kfs/j/NH/M4n9B/pjF/8L8MYv/z/LHLP4X5Y9Z/H+eP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4/yJ/zOL/y/wxi/+v8scs/r/OH7P4X5U/ZvG/On/M4v+b/DGL/2/zxyz+1+SPWfx/lz9m8b82f8zif13+mMX/+vwxi//v88cs/jfkj1n8b8wfs/jflD9m8f9D/pjF/4/5Yxb/P+WPWfxvzh+z+P85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+f8kfs/jfkT9m8b8zf8zi/9f8MYv/XfljFv+/5Y9Z/P+eP2bx/0f+mMX/n/ljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8ziPyV/zOL/QP6Yxf/B/DGL/9T8MYn/3IP8MYv/UP6YxX9U/pjFf7b8MYv/7PljFv/R+WMW/znyxyz+c+aPWfznyh+z+M+dP2bxnyd/zOI/b/6YxX++/DGL//z5Yxb/p+SPWfwXyB+z+I/JH7P4L5g/ZvEfmz9m8V8of8ziv3D+mMX/qfljFv+n5Y9Z/J+eP2bxXyR/zOL/jPwxi/+i+WMW/2fmj1n8n5U/ZvFfLH/M4v/s/DGL/3Pyxyz+4/LHLP7PzR+z+D8vf8zi//z8MYv/4vljFv8l8scs/i/IH7P4L5k/ZvFfKn/M4v/C/DGL/4vyxyz+L84fs/i/JH/M4r90/pjF/6X5Yxb/ZfLHLP7L5o9Z/JfLH7P4L58/ZvFfIX/M4r9i/pjF/2X5Yxb/lfLHLP4r549Z/FfJH7P4r5o/ZvF/ef6YxX+1/DGL/+r5Yxb/V+SPWfxfmT9m8V8jf8ziPz5/zOI/IX/M4j8xf8ziv2b+mMV/rfwxi//a+WMW/0n5Yxb/yfljFv918scs/uvmj1n8X5U/ZvF/df6YxX+9/DGL//r5Yxb/DfLHLP6vyR+z+G+YP2bxf23+mMV/o/wxi//G+WMW/03yxyz+m+aPWfxflz9m8d8sf8ziv3n+mMX/9fljFv835I9Z/N+YP2bxf1P+mMX/zfljFv+35I9Z/N+aP2bx3yJ/zOK/Zf6YxX+r/DGL/9vyxyz+W+ePWfy3yR+z+G+bP2bx3y5/zOL/9vwxi//2+WMW/3fkj1n835k/ZvHfIX/M4r9j/pjFf6f8MYv/zvljFv935Y9Z/N+dP2bx3yV/zOL/nvwxi/+u+WMW//fmj1n835c/ZvF/f/6YxX+3/DGL/+75Yxb/PfLHLP4fyB+z+H8wf8zi/6H8MYv/h/PHLP4fyR+z+O+ZP2bx/2j+mMX/Y/ljFv+P549Z/D+RP2bx3yt/zOL/yfwxi//e+WMW/0/lj1n8P50/ZvHfJ3/M4v+Z/DGL/775Yxb/z+aPWfw/lz9m8f98/pjFf7/8MYv//vljFv8v5I9Z/A/IH7P4H5g/ZvH/Yv6Yxf+g/DGL/8H5Yxb/L+WPWfy/nD9m8f9K/pjF/6v5Yxb/r+WPWfy/nj9m8f9G/pjF/5v5Yxb/Q/LHLP6H5o9Z/A/LH7P4H54/ZvE/In/M4n9k/pjF/6j8MYv/0fljFv9j8scs/sfmj1n8j8sfs/h/K3/M4n98/pjF/4T8MYv/ifljFv+T8scs/ifnj1n8v50/ZvH/Tv6Yxf+U/DGL/6n5Yxb/0/LHLP6n549Z/L+bP2bxPyN/zOJ/Zv6Yxf+s/DGL//fyxyz+388fs/ifnT9m8T8nf8zif27+mMX/vPwxi//5+WMW/x/kj1n8f5g/ZvH/Uf6Yxf/H+WMW/5/kj1n8f5o/ZvG/IH/M4n9h/pjF/2f5Yxb/i/LHLP4/zx+z+F+cP2bxvyR/zOJ/af6Yxf+y/DGL/+X5Yxb/K/LHLP5X5o9Z/H+RP2bx/2X+mMX/V/ljFv9f549Z/K/KH7P4X50/ZvH/Tf6Yxf+3+WMW/2vyxyz+v8sfe6T/6Cd7OP95j+F/bf6Y5fy/Ln/M4n99/pjF//f5Yxb/G/LHLP435o9Z/G/KH7P4/yF/zOL/x/wxi/+f8scs/jfnj1n8/5w/ZvG/JX/M4n9r/pjF/7b8MYv/7fljFv+/5I9Z/O/IH7P435k/ZvH/a/6Yxf+u/DGL/9/yxyz+f88fs/j/I3/M4v/P/DGL/935Yxb/e/LHLP735o9Z/O/LH7P4358/ZvGfkj9m8X8gf8zi/2D+mMV/av6YxH+eQf6YxX8of8ziPyp/zOI/W/6YxX/2/DGL/+j8MYv/HPljFv8588cs/nPlj1n8584fs/jPkz/2v+8/10Nv5f/o/vf9pzXPfPljFv/588cs/k/JH7P4L5A/ZvEfkz9m8V8wf8ziPzZ/zOK/UP6YxX/h/DGL/1Pzxyz+T8sfs/g/PX/M4r9I/pjF/xn5Yxb/RfPHLP7PzB+z+D8rf8ziv1j+mMX/2fljFv/n5I9Z/Mflj1n8n5s/ZvF/Xv6Yxf/5+WMW/8Xzxyz+S+SPWfxfkD9m8V8yf8ziv1T+mMX/hfljFv8X5Y9Z/F+cP2bxf0n+mMV/6fwxi/9L88cs/svkj1n8l80fs/gvlz9m8V8+f8ziv0L+mMV/xfwxi//L8scs/isp/ad+5F+tYfFfWen/r7P4r5I/ZvFfNX/M4v/y/DGL/2r5Yxb/1fPHLP6vyB+z+L8yf8ziv0b+mMV/fP6YxX9C/pjFf2L+mMV/zfwxi/9a+WMW/7Xzxyz+k/LHLP6T88cs/uvkj1n8180fs/i/Kn/M4v/q/DGL/3r5Yxb/9fPHLP4b5I9Z/F+TP2bx3zB/zOL/2vwxi/9G+WMW/43zxyz+m+SPWfw3zR+z+L8uf8ziv1n+mMV/8/wxi//r88cs/m/IH7P4vzF/zOL/pvwxi/+b88cs/m/JH7P4vzV/zOK/Rf6YxX/L/DGL/1b5Yxb/t+WPWfy3zh+z+G+TP2bx3zZ/zOK/Xf6Yxf/t+WMW/+3zxyz+78gfs/i/M3/M4r9D/pjFf8f8MYv/TvljFv+d88cs/u/KH7P4vzt/zOK/S/6Yxf89+WMW/13zxyz+780fs/i/L3/M4v/+/DGL/275Yxb/3fPHLP575I9Z/D+QP2bx/2D+mMX/Q/ljFv8P549Z/D+SP2bx3zN/zOL/0fwxi//H8scs/h/PH7P4fyJ/zOK/V/6Yxf+T+WMW/73zxyz+n8ofs/h/On/M4r9P/pjF/zP5Yxb/ffPHLP6fzR+z+H8uf8zi//n8MYv/fvljFv/988cs/l/IH7P4H5A/ZvE/MH/M4v/F/DGL/0H5Yxb/g/PHLP5fyh+z+H85f8zi/5X8MYv/V/PHLP5fyx+z+H89f8zi/438MYv/N/PHLP6H5I9Z/A/NH7P4H5Y/ZvE/PH/M4n9E/pjF/8j8MYv/UfljFv+j88cs/sfkj1n8j80fs/gflz9m8f9W/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/h/O3/M4v+d/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4fzd/zOJ/Rv6Yxf/M/DGL/1n5Yxb/7+WPWfy/nz9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+P8gfs/j/MH/M4v+j/DGL/4/zxyz+P8kfs/j/NH/M4n9B/pjF/8L8MYv/z/LHLP4X5Y9Z/H+eP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4/yJ/zOL/y/wxi/+v8scs/r/OH7P4X5U/ZvG/On/M4v+bmf2HOhhmZPH/beSYxf+a/DGL/+/yxyz+1+aPWfyvyx+z+F+fP2bx/33+mMX/hvwxi/+N+WMW/5vyxyz+f8gfs/j/MX/M4v+n/DGL/835Yxb/P+ePWfxvyR+z+N+aP2bxvy1/zOJ/e/6Yxf8v+WMW/zvyxyz+d+aPWfz/mj9m8b8rf8zi/7f8MYv/3/PHLP7/yB+z+P8zf8zif3f+mMX/nvwxi/+9+WMW//vyxyz+9+ePWfyn5I9Z/B/IH7P4P5g/ZvGfmj8m8Z93kD9m8e//8o2z+I/KH7P4z5Y/ZvGfPX/M4j86f8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+M+XP2bxnz9/zOL/lPwxi/8C+WMW/zH5Yxb/BfPHLP5j88cs/gvlj1n8F84fs/g/NX/M4v+0/DGL/9Pzxyz+i+SPWfyfkT9m8V80f8zi/8z8MYv/s/LHLP6L5Y9Z/J+dP2bxf07+mMV/XP6Yxf+5+WMW/+flj1n8n58/ZvFfPH/M4r9E/pjF/wX5Yxb/JfPHLP5L5Y9Z/F+YP2bxf1H+mMX/xfljFv+X5I9Z/JfOH7P4vzR/zOK/TP6YxX/Z/DGL/3L5Yxb/5fPHLP4r5I9Z/FfMH7P4vyx/zOK/Uv6YxX/l/DGL/yr5Yxb/VfPHLP4vzx+z+K+WP2bxXz1/zOL/ivwxi/8r88cs/mvkj1n8x+ePWfwn5I9Z/Cfmj1n818wfs/ivlT9m8V87f8ziPyl/zOI/OX/M4r9O/pjFf938MYv/q/LHLP6vzh+z+K+XP2bxXz9/zOK/Qf6Yxf81+WMW/w3zxyz+r80fs/hvlD9m8d84f8ziv0n+mMV/0/yx/2X/qR95aOm8r8sf+1/2n/n83yx/zOK/ef6Yxf/1+WMW/zfkj1n835g/ZvF/U/6Yxf/N+WMW/7fkj1n835o/ZvHfIn/M4r9l/pjFf6v8MYv/2/LHLP5b549Z/LfJH7P4b5s/ZvHfLn/M4v/2/DGL//b5Yxb/d+SPWfzfmT9m8d8hf8ziv2P+mMV/p/wxi//O+WMW/3flj1n8350/ZvHfJX/M4v+e/DGL/675Yxb/9+aPWfzflz9m8X9//pjFf7f8MYv/7vljFv898scs/h/IH7P4fzB/zOL/ofwxi/+H88cs/h/JH7P475k/ZvH/aP6Yxf9j+WMW/4/nj1n8P5E/ZvHfK3/M4v/J/DGL/975Yxb/T+WPWfw/nT9m8d8nf8zi/5n8MYv/vvljFv/P5o9Z/D+XP2bx/3z+mMV/v/wxi//++WMW/y/kj1n8D8gfs/gfmD9m8f9i/pjF/6D8MYv/wfljFv8v5Y9Z/L+cP2bx/0r+mMX/q/ljFv+v5Y9Z/L+eP2bx/0b+mMX/m/ljFv9D8scs/ofmj1n8D8sfs/gfnj9m8T8if8zif2T+mMX/qPwxi//R+WMW/2Pyxyz+x+aPWfyPyx+z+H8rf8zif3z+mMX/hPwxi/+J+WMW/5Pyxyz+J+ePWfy/nT9m8f9O/pjF/5T8MYv/qfljFv/T8scs/qfnj1n8v5s/ZvE/I3/M4n9m/pjF/6z8MYv/9/LHLP7fzx+z+J+dP2bxPyd/zOJ/bv6Yxf+8/DGL//n5Yxb/H+SPWfx/mD9m8f9R/pjF/8f5Yxb/n+SPWfx/mj9m8b8gf8zif2H+mMX/Z/ljFv+L8scs/j/PH7P4X5w/ZvG/JH/M4n9p/pjF/zKf/9xPZCWL/+U+/yeUxf+K/DGL/5X5Yxb/X+SPWfx/mT9m8f9V/pjF/9f5Yxb/q/LHLP5X549Z/H+TP2bx/23+mMX/mvwxi//v8scs/tfmj1n8r8sfs/hfnz9m8f99/pjF/4b8MYv/jfljFv+b8scs/n/IH7P4/zF/zOL/p/wxi//N+WMW/z/nj1n8b8kfs/jfmj9m8b8tf8zif3v+mMX/L/ljFv878scs/nfmj1n8/5o/ZvG/K3/M4v+3/DGL/9/zxyz+/8gfs/j/M3/M4n93/pjF/578MYv/vfljFv/78scs/vfnj1n8p+SPWfwfyB+z+D+YP2bxn5o/JvGfb5A/ZvEfyh+z+I/KH7P4z5Y/ZvGfPX/M4j86f8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+M+XP2bxnz9/zOL/lPwxi/8C+WMW/zH5Yxb/BfPHLP5j88cs/gvlj1n8F84fs/g/NX/M4v+0/DGL/9Pzxyz+i+SPWfyfkT9m8V80f8zi/8z8MYv/s/LHLP6L5Y9Z/J+dP2bxf07+mMV/XP6Yxf+5+WMW/+flj1n8n58/ZvFfPH/M4r9E/pjF/wX5Yxb/JfPHLP5L5Y9Z/F+YP2bxf1H+mMX/xfljFv+X5I9Z/JfOH7P4vzR/zOK/TP6YxX/Z/DGL/3L5Yxb/5fPHLP4r5I9Z/FfMH7P4vyx/zOK/Uv6YxX/l/DGL/yr5Yxb/VfPHLP4vzx+z+K+WP2bxXz1/zOL/ivwxi/8r88cs/mvkj1n8x+ePWfwn5I9Z/Cfmj1n818wfs/ivlT9m8V87f8ziPyl/zOI/OX/M4r9O/pjFf938MYv/q/LHLP6vzh+z+K+XP2bxXz9/zOK/Qf6Yxf81+WMW/w3zxyz+r80fs/hvlD9m8d84f8ziv0n+mMV/0/wxi//r8scs/pvlj1n8N88fs/i/Pn/M4v+G/DGL/xvzxyz+b8ofs/i/OX/M4v+W/DGL/1vzxyz+W+SPWfy3zB+z+G+VP2bxf1v+mMV/6/wxi/82+WMW/23zxyz+2+WPWfzfnj9m8d8+f8zi/478MYv/O/PHLP475I9Z/HfMH7P475Q/ZvHfOX/sIf9tT/qf9n9X/pjl/H93/pjFf5f8MYv/e/LHLP675o9Z/N+bP2bxf1/+mMX//fljFv/d8scs/rvnj1n898gfs/h/IH/M4v/B/DGL/4fyxyz+H84fs/h/JH/M4r9n/pjF/6P5Yxb/j+WPWfw/nj9m8f9E/pjFf6/8MYv/J/PHLP57549Z/D+VP2bx/3T+mMV/n/wxi/9n8scs/vvmj1n8P5s/ZvH/XP6Yxf/z+WMW//3yxyz+++ePWfy/kD9m8T8gf8zif2D+mMX/i/ljFv+D8scs/gfnj1n8v5Q/ZvH/cv6Yxf8r+WMW/6/mj1n8v5Y/ZvH/ev6Yxf8b+WMW/2/mj1n8D8kfs/gfmj9m8T8sf8zif3j+mMX/iPwxi/+R+WMW/6Pyxyz+R+ePWfyPyR+z+B+bP2bxPy5/zOL/rfwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bx/3b+mMX/O/ljFv9T8scs/qfmj1n8T8sfs/ifnj9m8f9u/pjF/4z8MYv/mfljFv+z8scs/t/LH7P4fz9/zOJ/dv6Yxf+c/DGL/7n5Yxb/8/LHLP7n549Z/H+QP2bx/2H+mMX/R/ljFv8f549Z/H+SP2bx/2n+mMX/gvwxi/+F+WMW/5/lj1n8L8ofs/j/PH/M4n9x/pjF/5L8MYv/pfljFv/L8scs/pfnj1n8r8gfs/hfmT9m8f9F/pjF/5f5Yxb/X+WPWfx/nT9m8b8qf8zif3X+mMX/N/ljFv/f5o9Z/K/JH7P4/y5/zOJ/bf6Yxf+6/DGL//X5Yxb/3+ePWfxvyB+z+N+YP2bxvyl/zOL/h/wxi/8f88cs/n/KH7P435w/ZvH/c/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/P+SP2bxvyN/zOJ/Z/6Yxf+v+WMW/7vyxyz+f8sfs/j/PX/M4v+P/DGL/z/zxyz+d+ePWfzvyR+z+N+bP2bxvy9/zOJ/f/6YxX9K/pjF/4H8MYv/g/ljFv+p+WMS//kH+WMW/6H8MYv/qPwxi/9s+WMW/9nzxyz+o/PHLP5z5I9Z/OfMH7P4z5U/ZvGfO3/M4j9P/pjFf978MYv/fPljFv/588cs/k/JH7P4L5A/ZvEfkz9m8V8wf8ziPzZ/zOK/UP6YxX/h/DGL/1Pzxyz+T8sfs/g/PX/M4r9I/pjF/xn5Yxb/RfPHLP7PzB+z+D8rf8ziv1j+mMX/2fljFv/n5I9Z/Mflj1n8n5s/ZvF/Xv6Yxf/5+WMW/8Xzxyz+S+SPWfxfkD9m8V8yf8ziv1T+mMX/hfljFv8X5Y9Z/F+cP2bxf0n+mMV/6fwxi/9L88cs/svkj1n8l80fs/gvlz9m8V8+f8ziv0L+mMV/xfwxi//L8scs/ivlj1n8V84fs/ivkj9m8V81f8zi//L8MYv/avljFv/V88cs/q/IH7P4vzJ/zOK/Rv6YxX98/pjFf0L+mMV/Yv6YxX/N/DGL/1r5Yxb/tfPHLP6T8scs/pPzxyz+6+SPWfzXzR+z+L8qf8zi/+r8MYv/evljFv/188cs/hvkj1n8X5M/ZvHfMH/M4v/a/DGL/0b5Yxb/jfPHLP6b5I9Z/DfNH7P4vy5/zOK/Wf6YxX/z/DGL/+vzxyz+b8gfs/i/MX/M4v+m/DGL/5vzxyz+b8kfs/i/NX/M4r9F/pjFf8v8MYv/VvljFv+35Y9Z/LfOH7P4b5M/ZvHfNn/M4r9d/pjF/+35Yxb/7fPHLP7vyB+z+L8zf8ziv0P+mMV/x/wxi/9O+WMW/53zxyz+78ofs/i/O3/M4r9L/pjF/z35Yxb/XfPHLP7vzR+z+L8vf8zi//78MYv/bvljFv/d88cs/nvkj1n8P5A/ZvH/YP6Yxf9D+WMW/w/nj1n8P5I/ZvHfM3/M4v/R/DGL/8fyxyz+H88fs/h/In/M4r9X/pjF/5P5Yxb/vfPHLP6fyh+z+H86f8ziv0/+mMX/M/ljFv9988cs/p/NH7P4fy5/zOL/+fwxi/9++WMW//3zxyz+X8gfs/gfkD9m8T8wf8zi/8X8MYv/QfljFv+D88cs/l/KH7P4fzl/zOL/lfwxi/9X88cs/l/LH7P4fz1/zOL/jfwxi/8388cs/ofkj1n8D80fs/gflj9m8T88f8zif0T+mMX/yPwxi/9R+WMW/6Pzxyz+x+SPWfyPzR+z+B+XP2bx/1b+mMX/+Pwxi/8J+WMW/xPzxyz+J+WPWfxPzh+z+H87f8zi/538MYv/KfljFv9T88cs/qflj1n8T88fs/h/N3/M4n9G/pjF/8z8MYv/WfljFv/v5Y9Z/L+fP2bxPzt/zOJ/Tv6Yxf/c/DGL/3n5Yxb/8/PHLP4/yB+z+P8wf8zi/6P8MYv/j/PHLP4/yR+z+P80f8zif0H+mMX/wvwxi//P8scs/hflj1n8f54/ZvG/OH/M4n9J/pjF/9L8MYv/ZfljFv/L88cs/lfkj1n8r8wfs/j/In/M4v/L/DGL/6/yxyz+v84fs/hflT9m8b86f8zi/5v8MYv/b/PHLP7X5I9Z/H+XP2bxvzZ/zOJ/Xf6Yxf/6/DGL/+/zxyz+N+SPWfxvzB+z+N+UP2bx/0P+mMX/j/ljFv8/5Y9Z/G/OH7P4/zl/zOJ/S/6Yxf/W/DGL/235Yxb/2/PHLP5/yR+z+N+RP2bxvzN/zOL/1/wxi/9d+WMW/7/lj1n8/54/ZvH/R/6Yxf+f+WMW/7vzxyz+9+SPWfzvzR+z+N+XP2bxvz9/zOI/JX/M4v9A/pjF/8H8MYv/1Pwxif9TBvljFv+h/DGL/6j8MYv/bPljFv/Z88cs/qPzxyz+c+SPWfznzB+z+M+VP2bxnzt/zOI/T/6YxX/e/DGL/3z5Yxb/+fPHLP5PyR+z+C+QP2bxH5M/ZvFfMH/M4j82f8ziv1D+mMV/4fwxi/9T88cs/k/LH7P4Pz1/zOK/SP6Yxf8Z+WMW/0Xzxyz+z8wfs/g/K3/M4r9Y/pjF/9n5Yxb/5+SPWfzH5Y9Z/J+bP2bxf17+mMX/+fljFv/F88cs/kvkj1n8X5A/ZvFfMn/M4r9U/pjF/4X5Yxb/F+WPWfxfnD9m8X9J/pjFf+n8MYv/S/PHLP7L5I9Z/JfNH7P4L5c/ZvFfPn/M4r9C/pjFf8X8MYv/y/LHLP4r5Y9Z/FfOH7P4r5I/ZvFfNX/M4v/y/DGL/2r5Yxb/1fPHLP6vyB+z+L8yf8ziv0b+mMV/fP6YxX9C/pjFf2L+mMV/zfwxi/9aIv+5/o11Lf5ri/z/nSz+k/LHLP6T88cs/uvkj1n8180fs/i/Kn/M4v/q/DGL/3r5Yxb/9fPHLP4b5I9Z/F+TP2bx3zB/zOL/2vwxi/9G+WMW/43zxyz+m+SPWfw3zR+z+L8uf8ziv1n+mMV/8/wxi//r88cs/m/IH7P4vzF/zOL/pvwxi/+b88cs/m/JH7P4vzV/zOK/Rf6YxX/L/DGL/1b5Yxb/t+WPWfy3zh+z+G+TP2bx3zZ/zOK/Xf6Yxf/t+WMW/+3zxyz+78gfs/i/M3/M4r9D/pjFf8f8MYv/TvljFv+d88cs/u/KH7P4vzt/zOK/S/6Yxf89+WMW/13zxyz+780fs/i/L3/M4v/+/DGL/275Yxb/3fPHLP575I9Z/D+QP2bx/2D+mMX/Q/ljFv8P549Z/D+SP2bx3zN/zOL/0fwxi//H8scs/h/PH7P4fyJ/zOK/V/6Yxf+T+WMW/73zxyz+n8ofs/h/On/M4r9P/pjF/zP5Yxb/ffPHLP6fzR+z+H8uf8zi//n8MYv/fvljFv/988cs/l/IH7P4H5A/ZvE/MH/M4v/F/DGL/0H5Yxb/g/PHLP5fyh+z+H85f8zi/5X8MYv/V/PHLP5fyx+z+H89f8zi/438MYv/N/PHLP6H5I9Z/A/NH7P4H5Y/ZvE/PH/M4n9E/pjF/8j8MYv/UfljFv+j88cs/sfkj1n8j80fs/gflz9m8f9W/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/h/O3/M4v+d/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4fzd/zOJ/Rv6Yxf/M/DGL/1n5Yxb/7+WPWfy/nz9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+P8gfs/j/MH/M4v+j/DGL/4/zxyz+P8kfs/j/NH/M4n9B/pjF/8L8MYv/z/LHLP4X5Y9Z/H+eP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4/yJ/zOL/y/wxi/+v8scs/r/OH7P4X5U/ZvG/On/M4v+b/DGL/2/zxyz+1+SPWfx/lz9m8b82f8zif13+mMX/+vwxi//v88cs/jfkj1n8b8wfs/jflD9m8f9D/pjF/4/5Yxb/P+WPWfxvzh+z+P85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+f8kfs/jfkT9m8b8zf8zi/9f8MYv/XfljFv+/5Y9Z/P+eP2bx/0f+mMX/n/ljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8ziPyV/zOL/QP6Yxf/B/DGL/9T8MYn/AoP8MYv/UP6YxX9U/pjFf7b8MYv/7Pk/otlGHi3+o/PHLP5z5I9Z/OfMH7P4z5U/ZvGfO3/M4j9P/pjFf978MYv/fPljFv/588cs/k/JH7P4L5A/ZvEfkz9m8V8wf8ziPzZ/zOK/UP6YxX/h/DGL/1Pzxyz+T8sfs/g/PX/M4r9I/pjF/xn5Yxb/RfPHLP7PzB+z+D8rf8ziv1j+mMX/2fljFv/n5I9Z/Mflj1n8n5s/ZvF/Xv6Yxf/5+WMW/8Xzxyz+S+SPWfxfkD9m8V8yf8ziv1T+mMX/hfljFv8X5Y9Z/F+cP2bxf0n+mMV/6fwxi/9L88cs/svkj1n8l80fs/gvlz9m8V8+f8ziv0L+mMV/xfwxi//L8scs/ivlj1n8V84fs/ivkj9m8V81f8zi//L8MYv/avljFv/V88cs/q/IH7P4vzJ/zOK/Rv6YxX98/pjFf0L+mMV/Yv6YxX/N/DGL/1r5Yxb/tfPHLP6T8scs/pPzxyz+6+SPWfzXzR+z+L8qf8zi/+r8MYv/evljFv/188cs/hvkj1n8X5M/ZvHfMH/M4v/a/DGL/0b5Yxb/jfPHLP6b5I9Z/DfNH7P4vy5/zOK/Wf6YxX/z/DGL/+vzxyz+b8gfs/i/MX/M4v+m/DGL/5vzxyz+b8kfs/i/NX/M4r9F/pjFf8v8MYv/VvljFv+35Y9Z/LfOH7P4b5M/ZvHfNn/M4r9d/pjF/+35Yxb/7fPHLP7vyB+z+L8zf8ziv0P+mMV/x/wxi/9O+WMW/53zxyz+78ofs/i/O3/M4r9L/pjF/z35Yxb/XfPHLP7vzR+z+L8vf8zi//78MYv/bvljFv/d88cs/nvkj1n8P5A/ZvH/YP6Yxf9D+WMW/w/nj/1/7NGzFiCGAkXRZ79kYtu2bdu2bWdi27Zt27Zt254UqbLW/YLcvbtTn5b/A/2PWv7v5n/U8n93/6OW/3v4H7X839P/qOX/Xv5HLf/39j9q+b+P/1HL/339j1r+7+d/1PJ/f/+jlv8H+B+1/D/Q/6jl/0H+Ry3/D/Y/avl/iP9Ry/9D/Y9a/h/mf9Ty/3D/o5b/R/gftfw/0v+o5f9R/kct/4/2P2r5f4z/Ucv/Y/2PWv4f53/U8v94/6OW/yf4H7X8P9H/qOX/Sf5HLf9P9j9q+X+K/1HL/1P9j1r+n+Z/1PL/dP+jlv9n+B+1/D/T/6jl/1n+Ry3/z/Y/avl/jv9Ry/9z/Y9a/p/nf9Ty/3z/o5b/F/gftfy/0P+o5f9F/kct/y/2P2r5f4n/Ucv/S/2PWv5f5n/U8v9y/6OW/1f4H7X8v9L/qOX/Vf5HLf+v9j9q+X+N/1HL/2v9j1r+X+d/1PL/ev+jlv83+B+1/L/R/6jl/03+Ry3/b/Y/avl/i/9Ry/9b/Y9a/t/mf9Ty/3b/o5b/d/gftfy/0/+o5f9d/kct/+/2P2r5f4//Ucv/e/2PWv7f53/U8v9+/6OW/w/4H7X8f9D/qOX/Q/5HLf8f9j9q+f+I/1HL/0f9j1r+P+Z/1PL/cf+jlv9P+B+1/H/S/6jl/1P+Ry3/n/Y/avn/jP9Ry/9n/Y9a/j/nf9Ty/3n/o5b/L/gftfx/0f+o5f9L/kct/1/2P2r5/4r/Ucv/V/2PWv6/5n/U8v91/6OW/2/4H7X8f9P/qOX/W/5HLf/f9j9q+f+O/1HL/3f9j1r+v+d/1PL/ff+jlv8f+B+1/P/Q/6jl/0f+Ry3/P/Y/avn/if9Ry/9P/Y9a/n/mf9Ty/3P/o5b/X/gftfz/0v+o5f9X/kct/7/2P2r5/43/Ucv/b/2PWv5/53/U8v97/6OW/z/4H7X8/9H/qOX/T/5HLf9/9j9q+f+L/1HL/0H+RyX/B/zJ/6jl/5/9j1r+/8X/qOX/X/2PWv7/zf+o5f/f/Y9a/v/D/6jl/z/9j1r+/8v/qOX/v/2PWv7/x/+o5f9//Y9a/v/P/6jl///9j1r+D+Z/1PJ/cP+jlv8D/I9a/g/hf9Tyf0j/o5b/Q/kftfwf2v+o5f8w/kct/4f1P2r5P5z/Ucv/4f2PWv6P4H/U8n9E/6OW/yP5H7X8H9n/qOX/KP5HLf9H9T9q+T+a/1HL/9H9j1r+j+F/1PJ/TP+jlv9j+R+1/B/b/6jl/zj+Ry3/x/U/avk/nv9Ry//x/Y9a/k/gf9Tyf0L/o5b/E/kftfyf2P+o5f8k/kct/yf1P2r5P5n/Ucv/yf2PWv5P4X/U8n9K/6OW/1P5H7X8n9r/qOX/NP5HLf+n9T9q+T+d/1HL/+n9j1r+z+B/1PJ/Rv+jlv8z+R+1/J/Z/6jl/yz+Ry3/Z/U/avk/m/9Ry//Z/Y9a/s/hf9Tyf07/o5b/c/kftfyf2/+o5f88/kct/+f1P2r5P5//Ucv/+f2PWv4v4H/U8n9B/6OW/wv5H7X8X9j/qOX/Iv5HLf8X9T9q+b+Y/1HL/8X9j1r+L+F/1PJ/Sf+jlv9L+R+1/F/a/6jl/zL+Ry3/l/U/avm/nP9Ry//l/Y9a/q/gf9Tyf0X/o5b/K/kftfxf2f+o5f8q/kct/1f1P2r5v5r/Ucv/1f2PWv6v4X/U8n9N/6OW/2v5H7X8X9v/qOX/Ov5HLf/X9T9q+b+e/1HL//X9j1r+b+B/1PJ/Q/+jlv8b+R+1/N/Y/6jl/yb+/2bQ77Pl/6b+Ry3/N/M/avm/uf9Ry/8t/I9a/m/pf9Tyfyv/o5b/W/sftfzfxv+o5f+2/kct/7fzP2r5v73/Ucv/HfyPWv7v6H/U8n8n/6OW/zv7H7X838X/qOX/rv5HLf8H+h/94f4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/Mq+/cd4XRdwHP8ccIBkGy5mDGuDfFu6pXTHj+EfTkgELvTA34gaAncgeAd0HHacGj/+IJfOH7mRYytXwrCctHnLNZ1dmlmzWLXV7IeapStrkeks2GJd+95977z7dtz6vs/3m5WPxx/3/X4+X14f4LYnnw9TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP9dDY0LjoytGXJq7OCDDx9u7n2dfXTFTQd+331B/2v546XDXHLM4IOenp6e2c/O2lE+nFAUReln21k+nlg5Ll1/Z/2XOvqOwvzuFxcfn/zLxiMH1pz2cF3X0ftqe8/WFjeu29DS/IkxRREuqi06Sgd1NUURFtUW95YO6ksHi2uLh0sHs3oPTim+Wzo4b+3mlqbSiSXR3zP4f9HQuLMYO6TYYsifBoP731n/nTv6X0e4ZP/VxhXl/i/v/OGbFZ/1O0H//dcPCyr7r/o3CJxQdf0/P7//dYRL/sf9f9KTK18e7rMT999//fBJ/UM6wzz/D2m08rm/4vl/+jCXHNhfWdN5vNT/Jbc+M6N8atx/8/z/zvXDRZX9jxny/F96jl/Y//w/oSjCxaP8dsB7SkPjriMj3f9H7n/ctIpNzeD+T2/bvL/U/2OLf/B4+VRtlf0vHOH+P2ZJxa8VqE5D41d7Ku7/VfRffGyYSw70/9bjv32o1P+jf7z/jEGfVdP/xZX9z2xv3TJz6/bOcze0rl7fvL55U92sebPn1tfNPX/OzN5Hgr6vo/yuwHvD6O7/xaSKTU1RNA/sr+468FSp/zkPPDC7fGpilf0vGvH+P939H4b1kTHF+PFFx+r29ra6vq/9h/V9X/t+2DD9V/H3/zPPLv+w2vJrTVFMHdjfecZdy0v9v33omd3lU+Or7H/xiP3PH/h5gQijvP83VWyG9H/w0Iu9z/9L7zl4evlUtX//XzJi/6+4/8NoNDRW/A8/77JS/7uKSyM7DQ3++x+kk6P/R9++vjtuHT6lf0gnR/9/+MLRc+LWYan+IZ0c/Y/beP9zcetwif4hnRz9L5syb3ncOlyqf0gnR/9rXznnr3Hr0Kh/SCdH/2d/ZXdH3Dos0z+kk6P/B9tmb4tbh+X6h3Ry9P/zUx98NW4dLtM/pJOj/2PH7r4hbh0u1z+kk6P/rj1n/ShuHa7QP6STo//L1i0Icetwpf4hnRz9T5v658fi1uEq/UM6Ofqf+5d/nhq3DlfrH9LJ0f/tX1y+L24drtE/pJOj/7HXvfxC3Dqs0D+kk6P/JWdtWxC3DtfqH9LJ0X/Tz5p64tZhZbn/CYX+4V2Xo/+Z3/zJhrh1uM79H9LJ0f/hZY/siVuH6/UP6eTof09dMTluHW7QP6STo/9vfP+0Q3Hr8Gn9Qzo5+v/dk0/Mi1uHVfqHdHL0/+yHbvtW3DrcqH9IJ0f/96x54cy4dVitf0gnR/8P7X3uy3HrsEb/kE6O/l9/vfV9ceuwVv+QTo7+J0085bW4dWjSP6STo/8Ft3ytLW4dmvUP6eTov3V314/j1mGd/iGdHP1/9PjUlXHrsF7/kE6O/lfM2fvBuHW4Sf+QTo7+P7D0gl1x67BB/5BOjv4v7P74hXHrsFH/kE6O/tuf/vzX49bhZv1DOjn63zvj1UVx69Cif0gnR/8vrVry07h1aNU/pJOj/zcfuXZT3Dps0j+kk6P/J37x1rG4ddisf0gnR//vP3/h3+PWYYv+IZ0c/S9a/MbauHX4jP4hnRz9b+z610tx69Cmf0gnR/8zDl+1NG4dtuof0snR//fOrdsftw7t+od0cvR/xxX76uPWYZv+IZ0c/e8/eOddcetwi/4hnRz9v/Gr6dPi1uGz+od0cvR/3+RD18StQ4f+IZ0c/f96U+3TceuwXf+QTo7+/7Fvyo64dejUP6STo/+nXuv+U9w63Kp/SCdH/6vG/WZ83Drcpn9IJ0f/Uzq33Bu3DrfrH9LJ0f+8u1efF7cOn9M/pJOj/61/e/7bceuwQ/+QztbtnTevbmlpbvPGG2+8GXhzsv9kAlJ7J/qT/SsBAAAAAAAAAAAAAABOJMc/JzrZv0cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg3+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhB44FAAAAAIT5WwfRuwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBXAAAA//9O+OOp")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, 0x0)

157.728317ms ago: executing program 1 (id=3254):
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_DEL_MIF(r0, 0x29, 0xc8, 0x0, 0xc000000)
setsockopt$MRT6_DEL_MFC(r0, 0x29, 0xcd, 0x0, 0x0)

0s ago: executing program 2 (id=3255):
syz_mount_image$bfs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x804011, &(0x7f0000000440)=ANY=[@ANYBLOB="00cd067ca5fe94f358a97d3799d10d6a0f0d49553970899fa347aa76be1b2509f63779954a38f01042f578e036051ee7d6d1fb7e07c209e650464433ce970000000900000014c931bb00000000", @ANYRESOCT=0x0, @ANYRES32, @ANYRES32], 0x1, 0xa0, &(0x7f0000000300)="$eJzs17GJAlEUBdC7s8vuGjgNGNiBNdiKGGpmpAhWZCuWIIgVmInJyDgziHagngP/Py43fcnbXbaDlEm1Saoni+VqNpk3f/p5MA7voEjyl+Q/ybBs8u+tObRbkOxP62n36ubr3DUAAMArKTKqx3cbj/fmJ0mvvQOaBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPCJrgEAAP//sjg1uA==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
listxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000500)=""/24, 0x18)

kernel console output (not intermixed with test programs):

rrupt directory, running e2fsck is recommended
[  328.520842][T11899] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -12
[  328.539962][T11899] EXT4-fs error (device loop5): ext4_iget_extra_inode:5035: inode #15: comm syz.5.2127: corrupted in-inode xattr: invalid ea_ino
[  328.556312][T11899] EXT4-fs (loop5): Remounting filesystem read-only
[  328.573988][T11899] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  328.696219][T11917] loop4: detected capacity change from 0 to 512
[  328.711025][T11917] EXT4-fs: Ignoring removed nomblk_io_submit option
[  328.712107][T11915] overlayfs: failed to resolve './file0': -2
[  328.724260][ T5934] usb 4-1: new full-speed USB device number 12 using dummy_hcd
[  328.770820][T11917] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  328.781601][T11917] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2
[  328.792356][ T5852] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.828019][T11917] EXT4-fs (loop4): 1 truncate cleaned up
[  328.835386][T11917] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  328.937927][ T5934] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  328.959677][ T5934] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  328.968632][T11917] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #2: block 4: comm syz.4.2135: lblock 0 mapped to illegal pblock 4 (length 1)
[  329.011550][ T5934] usb 4-1: New USB device found, idVendor=11ff, idProduct=3331, bcdDevice= 0.00
[  329.015742][T11917] EXT4-fs (loop4): Remounting filesystem read-only
[  329.038594][ T5934] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  329.078638][ T5934] usb 4-1: config 0 descriptor??
[  329.085906][T11911] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  329.130374][ T5845] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  329.269732][T11928] loop4: detected capacity change from 0 to 512
[  329.524125][ T5934] gembird 0003:11FF:3331.0015: hidraw0: USB HID v0.00 Device [HID 11ff:3331] on usb-dummy_hcd.3-1/input0
[  329.545326][   T30] audit: type=1400 audit(1753722449.275:61): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=262620E6 pid=11936 comm="syz.4.2143"
[  329.730656][ T5934] usb 4-1: USB disconnect, device number 12
[  329.761543][T11944] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2147'.
[  329.798049][T11944] openvswitch: netlink: nsh attr 0 has unexpected len 4 expected 0
[  329.813976][T11944] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  329.858573][T11948] loop1: detected capacity change from 0 to 1024
[  329.882819][T11948] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  329.909743][T11948] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  329.945858][T11951] loop7: detected capacity change from 0 to 1024
[  329.957337][T11948] EXT4-fs (loop1): orphan cleanup on readonly fs
[  329.980375][T11948] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix.
[  329.996591][T11924] loop5: detected capacity change from 0 to 32768
[  330.008585][T11924] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2136 (11924)
[  330.035922][T11948] EXT4-fs (loop1): Cannot turn on quotas: error -22
[  330.044901][T11951] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  330.082202][T11924] BTRFS info (device loop5): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  330.102862][T11948] EXT4-fs error (device loop1): ext4_free_blocks:6587: comm syz.1.2148: Freeing blocks not in datazone - block = 0, count = 4096
[  330.154366][T11951] EXT4-fs (loop7): Online resizing not supported with bigalloc
[  330.162191][T11924] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm
[  330.205475][T11948] EXT4-fs (loop1): Remounting filesystem read-only
[  330.212711][T11924] BTRFS info (device loop5): using free-space-tree
[  330.222634][T11948] EXT4-fs (loop1): 1 orphan inode deleted
[  330.257163][T11948] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  330.314262][ T7176] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  330.404671][T11948] EXT4-fs: Ignoring removed orlov option
[  330.454623][T11948] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  330.512090][T11981] loop7: detected capacity change from 0 to 64
[  330.527782][T11948] EXT4-fs (loop1): stripe (16) is not aligned with cluster size (4096), stripe is disabled
[  330.550696][ T5934] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  330.602961][T11948] EXT4-fs (loop1): can't enable nombcache during remount
[  330.626478][ T5852] BTRFS info (device loop5): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  330.692487][T11953] loop4: detected capacity change from 0 to 32768
[  330.728072][ T5934] usb 3-1: Using ep0 maxpacket: 16
[  330.735534][T11984] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2157'.
[  330.739176][ T5934] usb 3-1: config 0 has an invalid interface number: 8 but max is 0
[  330.753069][T11984] openvswitch: netlink: nsh attribute has 5276 unknown bytes.
[  330.776093][T11984] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  330.791193][ T5856] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  330.822273][ T5934] usb 3-1: config 0 has no interface number 0
[  330.854527][ T5934] usb 3-1: config 0 interface 8 altsetting 3 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  330.890546][ T5934] usb 3-1: config 0 interface 8 altsetting 3 endpoint 0x81 has invalid wMaxPacketSize 0
[  330.921681][ T5934] usb 3-1: config 0 interface 8 has no altsetting 0
[  330.967781][ T5934] usb 3-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00
[  330.987116][ T5934] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  331.024636][ T5934] usb 3-1: config 0 descriptor??
[  331.294689][T11998] loop3: detected capacity change from 0 to 256
[  331.298397][ T5841] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  331.330439][T11998] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  331.358350][T11998] FAT-fs (loop3): Filesystem has been set read-only
[  331.375412][T11998] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  331.401175][T11998] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  331.425213][T12000] loop7: detected capacity change from 0 to 128
[  331.445327][T12000] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  331.466531][   T30] audit: type=1800 audit(1753722451.257:62): pid=11998 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2165" name="file1" dev="loop3" ino=1048796 res=0 errno=0
[  331.487383][ T5841] usb 2-1: Using ep0 maxpacket: 16
[  331.503099][ T5934] uclogic 0003:5543:0522.0016: unknown main item tag 0x0
[  331.523433][ T5841] usb 2-1: config 0 has an invalid interface number: 105 but max is 0
[  331.534189][T12000] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  331.543564][ T5841] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  331.554631][ T5934] uclogic 0003:5543:0522.0016: unknown main item tag 0x0
[  331.568397][ T5934] uclogic 0003:5543:0522.0016: unknown main item tag 0x0
[  331.577370][ T5841] usb 2-1: config 0 has no interface number 0
[  331.587658][ T5934] uclogic 0003:5543:0522.0016: unknown main item tag 0x0
[  331.600240][ T5841] usb 2-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  331.613809][ T5841] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  331.622273][ T5934] uclogic 0003:5543:0522.0016: unknown main item tag 0x0
[  331.631908][ T5841] usb 2-1: Product: syz
[  331.636462][ T5934] uclogic 0003:5543:0522.0016: hidraw0: USB HID v0.00 Device [HID 5543:0522] on usb-dummy_hcd.2-1/input8
[  331.650311][ T5841] usb 2-1: Manufacturer: syz
[  331.655180][ T5841] usb 2-1: SerialNumber: syz
[  331.720277][ T5841] usb 2-1: config 0 descriptor??
[  331.739693][ T5934] usb 3-1: USB disconnect, device number 15
[  331.763551][ T5841] usb 2-1: Found UVC 0.00 device syz (046d:08f3)
[  331.781242][ T5841] usb 2-1: No valid video chain found.
[  331.907417][T12011] loop5: detected capacity change from 0 to 1024
[  331.961933][T12013] loop7: detected capacity change from 0 to 512
[  331.963049][ T5934] usb 2-1: USB disconnect, device number 9
[  332.008381][T12013] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  332.028746][   T30] audit: type=1800 audit(1753722451.827:63): pid=12011 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2170" name="file1" dev="loop5" ino=25 res=0 errno=0
[  332.249896][ T7176] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.537290][T12036] loop5: detected capacity change from 0 to 128
[  332.578983][T12036] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  332.674638][T12036] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  332.711137][T12044] loop4: detected capacity change from 0 to 256
[  332.736317][T12044] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  332.783460][T12044] exFAT-fs (loop4): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  332.904670][   T12] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  333.617813][   T43] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  333.656944][T12042] loop1: detected capacity change from 0 to 40427
[  333.797071][T12054] loop4: detected capacity change from 0 to 32768
[  333.804279][   T43] usb 6-1: Using ep0 maxpacket: 32
[  333.819917][   T43] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  333.835072][   T43] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  333.847825][T12042] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  333.868426][   T43] usb 6-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  333.877538][   T43] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  333.884086][T12054] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  333.915987][   T43] usb 6-1: config 0 descriptor??
[  333.988707][T12054] XFS (loop4): Ending clean mount
[  333.996338][T12054] XFS (loop4): Quotacheck needed: Please wait.
[  334.015796][ T5856] syz-executor: attempt to access beyond end of device
[  334.015796][ T5856] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  334.043876][ T5856] CPU: 0 UID: 0 PID: 5856 Comm: syz-executor Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  334.043912][ T5856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  334.043927][ T5856] Call Trace:
[  334.043936][ T5856]  <TASK>
[  334.043946][ T5856]  dump_stack_lvl+0x189/0x250
[  334.043988][ T5856]  ? __pfx_dump_stack_lvl+0x10/0x10
[  334.044016][ T5856]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  334.044043][ T5856]  ? __pfx_queue_work_on+0x10/0x10
[  334.044076][ T5856]  ? srso_alias_return_thunk+0x5/0xfbef5
[  334.044104][ T5856]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  334.044129][ T5856]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  334.044157][ T5856]  ? srso_alias_return_thunk+0x5/0xfbef5
[  334.044185][ T5856]  ? f2fs_hw_is_readonly+0x39b/0x470
[  334.044218][ T5856]  f2fs_handle_critical_error+0x37c/0x540
[  334.044253][ T5856]  f2fs_write_end_io+0x495/0x810
[  334.044282][ T5856]  ? blkg_put+0x22/0x240
[  334.044339][ T5856]  __submit_merged_bio+0x27a/0x6a0
[  334.044372][ T5856]  __submit_merged_write_cond+0x255/0x530
[  334.044423][ T5856]  f2fs_write_data_pages+0x261d/0x3000
[  334.044451][ T5856]  ? arch_stack_walk+0xfc/0x150
[  334.044522][ T5856]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  334.044609][ T5856]  ? srso_alias_return_thunk+0x5/0xfbef5
[  334.044645][ T5856]  ? finish_task_switch+0x266/0x950
[  334.044684][ T5856]  ? srso_alias_return_thunk+0x5/0xfbef5
[  334.044712][ T5856]  ? __lock_acquire+0xab9/0xd20
[  334.044748][ T5856]  ? srso_alias_return_thunk+0x5/0xfbef5
[  334.044780][ T5856]  ? do_raw_spin_lock+0x121/0x290
[  334.044826][ T5856]  ? srso_alias_return_thunk+0x5/0xfbef5
[  334.044859][ T5856]  ? srso_alias_return_thunk+0x5/0xfbef5
[  334.044887][ T5856]  ? do_raw_spin_unlock+0x122/0x240
[  334.044922][ T5856]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  334.044949][ T5856]  do_writepages+0x32e/0x550
[  334.044982][ T5856]  ? srso_alias_return_thunk+0x5/0xfbef5
[  334.045009][ T5856]  ? srso_alias_return_thunk+0x5/0xfbef5
[  334.045031][ T5856]  ? do_raw_spin_unlock+0x122/0x240
[  334.045064][ T5856]  filemap_fdatawrite+0x191/0x230
[  334.045094][ T5856]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  334.045121][ T5856]  ? preempt_schedule_irq+0xde/0x150
[  334.045182][ T5856]  ? srso_alias_return_thunk+0x5/0xfbef5
[  334.045211][ T5856]  ? do_raw_spin_unlock+0x122/0x240
[  334.045245][ T5856]  f2fs_sync_dirty_inodes+0x31f/0x830
[  334.045286][ T5856]  f2fs_write_checkpoint+0x94a/0x1de0
[  334.045337][ T5856]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  334.045416][ T5856]  ? kill_f2fs_super+0x298/0x6c0
[  334.045475][ T5856]  kill_f2fs_super+0x2c3/0x6c0
[  334.045508][ T5856]  ? __pfx_kill_f2fs_super+0x10/0x10
[  334.045532][ T5856]  ? radix_tree_delete_item+0x2b6/0x400
[  334.045562][ T5856]  ? srso_alias_return_thunk+0x5/0xfbef5
[  334.045585][ T5856]  ? shrinker_free+0x2ce/0x3e0
[  334.045611][ T5856]  deactivate_locked_super+0xbc/0x130
[  334.045640][ T5856]  cleanup_mnt+0x425/0x4c0
[  334.045664][ T5856]  ? srso_alias_return_thunk+0x5/0xfbef5
[  334.045689][ T5856]  ? lockdep_hardirqs_on+0x9c/0x150
[  334.045720][ T5856]  task_work_run+0x1d4/0x260
[  334.045762][ T5856]  ? __pfx_task_work_run+0x10/0x10
[  334.045799][ T5856]  ? __x64_sys_umount+0x122/0x160
[  334.045845][ T5856]  ? exit_to_user_mode_loop+0x40/0x110
[  334.045880][ T5856]  exit_to_user_mode_loop+0xec/0x110
[  334.045907][ T5856]  do_syscall_64+0x2bd/0x3b0
[  334.045936][ T5856]  ? lockdep_hardirqs_on+0x9c/0x150
[  334.045963][ T5856]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.045987][ T5856]  ? srso_alias_return_thunk+0x5/0xfbef5
[  334.046014][ T5856]  ? exc_page_fault+0x9f/0xf0
[  334.046044][ T5856]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.046069][ T5856] RIP: 0033:0x7f8dde58fcd7
[  334.046090][ T5856] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  334.046111][ T5856] RSP: 002b:00007ffcddbbf0d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  334.046136][ T5856] RAX: 0000000000000000 RBX: 00007f8dde610b55 RCX: 00007f8dde58fcd7
[  334.046154][ T5856] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcddbbf190
[  334.046170][ T5856] RBP: 00007ffcddbbf190 R08: 0000000000000000 R09: 0000000000000000
[  334.046186][ T5856] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcddbc0220
[  334.046203][ T5856] R13: 00007f8dde610b55 R14: 000000000005184f R15: 00007ffcddbc0260
[  334.046242][ T5856]  </TASK>
[  334.046579][ T5856] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  334.092468][T12054] XFS (loop4): Quotacheck: Done.
[  334.495959][T12070] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  334.515437][T12070] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  334.552865][T12070] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  334.575538][T12070] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  334.589074][T12091] netlink: 120 bytes leftover after parsing attributes in process `syz.3.2203'.
[  334.600376][ T5845] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  334.631724][T12070] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  334.647874][T12070] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  334.656626][T12070] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  334.663080][T12070] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  334.695279][T12070] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  334.711067][   T43] ft260 0003:0403:6030.0017: failed to retrieve chip version
[  334.737940][T12070] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  334.753848][   T43] ft260 0003:0403:6030.0017: probe with driver ft260 failed with error -71
[  334.765163][T12070] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  334.791205][T12070] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  334.811852][   T43] usb 6-1: USB disconnect, device number 12
[  334.865047][T12070] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  335.381380][T12111] loop1: detected capacity change from 0 to 256
[  335.395095][T12111] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  335.450218][T12111] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  335.481531][T12116] loop5: detected capacity change from 0 to 64
[  335.493300][T12111] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  335.534002][T12119] A link change request failed with some changes committed already. Interface ip6gretap0 may have been left with an inconsistent configuration, please check.
[  335.568168][   T43] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  335.739667][ T5858] Bluetooth: hci1: command 0x0406 tx timeout
[  335.748174][ T2145] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  335.935384][T12133] lo speed is unknown, defaulting to 1000
[  336.622006][ T5858] Bluetooth: hci2: command 0x0406 tx timeout
[  336.698280][ T5858] Bluetooth: hci5: command 0x0406 tx timeout
[  336.704388][ T5858] Bluetooth: hci4: command 0x0406 tx timeout
[  336.710714][ T5849] Bluetooth: hci3: command 0x0406 tx timeout
[  336.777961][ T5858] Bluetooth: hci0: command 0x0405 tx timeout
[  336.833315][T12169] loop5: detected capacity change from 0 to 512
[  336.881062][T12169] EXT4-fs: Ignoring removed nobh option
[  336.886696][T12169] EXT4-fs: Ignoring removed nobh option
[  336.973403][T12169] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2
[  336.982741][T12169] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.2235: invalid indirect mapped block 4294967295 (level 2)
[  337.009619][T12169] EXT4-fs (loop5): 1 truncate cleaned up
[  337.017297][T12169] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  337.056333][   T30] audit: type=1800 audit(1753722456.847:64): pid=12169 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2235" name="file2" dev="loop5" ino=16 res=0 errno=0
[  337.076838][    C0] vkms_vblank_simulate: vblank timer overrun
[  337.128389][ T5852] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  337.308783][T12179] loop5: detected capacity change from 0 to 128
[  337.335721][T12179] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  337.371805][T12164] loop3: detected capacity change from 0 to 32768
[  337.412675][T12164] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2234 (12164)
[  337.437858][T12179] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  337.456060][T12184] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2242'.
[  337.481540][T12164] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  337.509080][T12164] BTRFS info (device loop3): using sha256 (sha256-x86_64) checksum algorithm
[  337.528682][T12164] BTRFS info (device loop3): using free-space-tree
[  337.601669][T12162] loop1: detected capacity change from 0 to 40427
[  337.625259][T12162] F2FS-fs (loop1): Image doesn't support compression
[  337.662120][T12162] F2FS-fs (loop1): invalid crc value
[  337.818222][ T5858] Bluetooth: hci1: command 0x0406 tx timeout
[  337.915574][T12162] F2FS-fs (loop1): Start checkpoint disabled!
[  337.925979][T12162] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  337.934529][ T5851] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  337.973617][T12162] F2FS-fs (loop1): Image doesn't support compression
[  338.518711][T12228] IPVS: length: 139 != 8
[  338.697996][ T5858] Bluetooth: hci2: command 0x0406 tx timeout
[  338.778270][ T5858] Bluetooth: hci4: command 0x0406 tx timeout
[  338.787159][ T5849] Bluetooth: hci3: command 0x0406 tx timeout
[  338.793445][   T51] Bluetooth: hci5: command 0x0406 tx timeout
[  338.857907][ T5849] Bluetooth: hci0: command 0x0405 tx timeout
[  338.893934][T12240] Cannot find add_set index 2 as target
[  338.915036][T12242] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2252'.
[  338.947888][ T5926] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  338.999758][T12242] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2252'.
[  339.127744][ T5926] usb 4-1: Using ep0 maxpacket: 8
[  339.137307][T12248] netlink: 'syz.4.2263': attribute type 4 has an invalid length.
[  339.156634][ T5926] usb 4-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  339.175779][ T5926] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  339.185221][ T5926] usb 4-1: Product: syz
[  339.196387][ T5926] usb 4-1: Manufacturer: syz
[  339.201090][ T5926] usb 4-1: SerialNumber: syz
[  339.239308][ T5926] usb 4-1: config 0 descriptor??
[  339.263517][ T5926] gspca_main: se401-2.14.0 probing 047d:5003
[  339.658058][   T30] audit: type=1326 audit(1753722459.447:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12277 comm="syz.2.2276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdea2d8e9a9 code=0x7ffc0000
[  339.692946][   T30] audit: type=1326 audit(1753722459.447:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12277 comm="syz.2.2276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdea2d8e9a9 code=0x7ffc0000
[  339.724002][ T5926] gspca_se401: Wrong descriptor type
[  339.753435][   T30] audit: type=1326 audit(1753722459.457:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12277 comm="syz.2.2276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fdea2d8e9a9 code=0x7ffc0000
[  339.781022][   T30] audit: type=1326 audit(1753722459.477:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12277 comm="syz.2.2276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdea2d8e9a9 code=0x7ffc0000
[  339.835731][   T30] audit: type=1326 audit(1753722459.477:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12277 comm="syz.2.2276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdea2d8e9a9 code=0x7ffc0000
[  339.868076][   T30] audit: type=1326 audit(1753722459.477:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12277 comm="syz.2.2276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fdea2d8e9a9 code=0x7ffc0000
[  339.919558][   T43] usb 4-1: USB disconnect, device number 13
[  339.924127][   T30] audit: type=1326 audit(1753722459.477:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12277 comm="syz.2.2276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdea2d8e9a9 code=0x7ffc0000
[  339.955743][   T30] audit: type=1326 audit(1753722459.477:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12277 comm="syz.2.2276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdea2d8e9a9 code=0x7ffc0000
[  340.115829][T12290] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2282'.
[  340.156723][T12292] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2283'.
[  340.165801][ T5934] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  340.291173][T12297] loop4: detected capacity change from 0 to 1024
[  340.328210][ T5934] usb 6-1: Using ep0 maxpacket: 8
[  340.343829][ T5934] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 7
[  340.355483][ T5934] usb 6-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  340.360234][T12297] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  340.365482][ T5934] usb 6-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  340.385570][ T5934] usb 6-1: Product: syz
[  340.390091][ T5934] usb 6-1: Manufacturer: syz
[  340.394703][ T5934] usb 6-1: SerialNumber: syz
[  340.614961][ T5934] usb 6-1: palm_os_3_probe - error -71 getting connection information
[  340.643879][ T5934] visor 6-1:1.0: probe with driver visor failed with error -71
[  340.678110][ T5934] usb 6-1: USB disconnect, device number 13
[  340.706231][ T5845] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  340.878896][T12321] loop4: detected capacity change from 0 to 22
[  340.895098][T12321] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  340.927853][T12321] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  340.938067][ T5858] Bluetooth: hci0: command 0x0405 tx timeout
[  340.949431][T12325] loop1: detected capacity change from 0 to 1024
[  341.012422][T12327] netlink: 'syz.3.2299': attribute type 3 has an invalid length.
[  341.035337][T12325] hfsplus: bad catalog entry type
[  341.125319][ T3500] hfsplus: b-tree write err: -5, ino 4
[  341.267354][T12335] loop4: detected capacity change from 0 to 512
[  341.299399][T12335] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  341.366764][T12335] ext4 filesystem being mounted at /320/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  341.576863][T12335] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  341.603550][T12353] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2310'.
[  341.616069][T12351] loop3: detected capacity change from 0 to 2048
[  341.635696][T12351] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  341.682327][T12357] loop5: detected capacity change from 0 to 512
[  341.720782][T12357] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  341.743063][ T5845] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  341.828996][T12363] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2318'.
[  341.838467][T12363] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2318'.
[  341.842244][T12357] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  341.943880][T12357] ext4 filesystem being mounted at /381/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  342.264412][ T5852] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  342.423867][T12382] loop7: detected capacity change from 0 to 512
[  342.497888][T12382] EXT4-fs error (device loop7): ext4_orphan_get:1419: comm syz.7.2325: bad orphan inode 13
[  342.598408][T12382] ext4_test_bit(bit=12, block=4) = 1
[  342.603851][T12382] is_bad_inode(inode)=0
[  342.618016][T12382] NEXT_ORPHAN(inode)=0
[  342.648775][T12382] max_ino=32
[  342.662229][T12382] i_nlink=1
[  342.694225][T12382] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  342.709791][T12396] loop3: detected capacity change from 0 to 1024
[  342.775278][T12365] loop4: detected capacity change from 0 to 32768
[  342.790028][T12365] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.2315 (12365)
[  342.803483][T12382] EXT4-fs warning (device loop7): dx_probe:801: inode #2: comm syz.7.2325: Unrecognised inode hash code 20
[  342.818769][T12398] loop1: detected capacity change from 0 to 256
[  342.827822][T12382] EXT4-fs warning (device loop7): dx_probe:934: inode #2: comm syz.7.2325: Corrupt directory, running e2fsck is recommended
[  342.843882][ T1153] hfsplus: b-tree write err: -5, ino 4
[  342.867147][T12365] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  342.880766][T12382] EXT4-fs warning (device loop7): dx_probe:801: inode #2: comm syz.7.2325: Unrecognised inode hash code 20
[  342.893279][T12365] BTRFS info (device loop4): using sha256 (sha256-x86_64) checksum algorithm
[  342.902444][T12365] BTRFS info (device loop4): using free-space-tree
[  342.909406][T12382] EXT4-fs warning (device loop7): dx_probe:934: inode #2: comm syz.7.2325: Corrupt directory, running e2fsck is recommended
[  342.975676][ T7176] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  343.213616][T12419] program syz.2.2335 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  343.237357][T12424] loop1: detected capacity change from 0 to 512
[  343.257233][ T5845] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  343.276654][T12424] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  343.371645][T12424] ext4 filesystem being mounted at /382/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  343.449615][T12424] EXT4-fs (loop1): resizing filesystem from 64 to 1 blocks
[  343.477493][T12431] tmpfs: Cannot change global quota limit on remount
[  343.489220][T12424] EXT4-fs warning (device loop1): ext4_resize_fs:2042: can't shrink FS - resize aborted
[  343.683907][ T5856] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  343.750975][T12436] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2345'.
[  343.892493][   T30] audit: type=1800 audit(1753722463.687:73): pid=12441 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2344" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  344.768735][T12437] loop3: detected capacity change from 0 to 32768
[  344.808569][T12437] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2342 (12437)
[  344.872991][T12437] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  344.904315][T12437] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm
[  344.947733][T12437] BTRFS info (device loop3): using free-space-tree
[  345.039139][ T5858] Bluetooth: hci2: unknown advertising packet type: 0x20
[  345.057345][   T30] audit: type=1326 audit(1753722464.847:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12496 comm="syz.1.2366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dde58e9a9 code=0x7ffc0000
[  345.155553][   T30] audit: type=1326 audit(1753722464.847:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12496 comm="syz.1.2366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dde58e9a9 code=0x7ffc0000
[  345.181672][   T30] audit: type=1326 audit(1753722464.847:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12496 comm="syz.1.2366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f8dde58e9a9 code=0x7ffc0000
[  345.204874][   T30] audit: type=1326 audit(1753722464.847:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12496 comm="syz.1.2366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dde58e9a9 code=0x7ffc0000
[  345.228566][   T30] audit: type=1326 audit(1753722464.847:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12496 comm="syz.1.2366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dde58e9a9 code=0x7ffc0000
[  345.268833][   T30] audit: type=1326 audit(1753722464.847:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12496 comm="syz.1.2366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7f8dde58e9a9 code=0x7ffc0000
[  345.395369][   T30] audit: type=1326 audit(1753722464.847:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12496 comm="syz.1.2366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dde58e9a9 code=0x7ffc0000
[  345.403473][ T5851] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  345.430587][   T30] audit: type=1326 audit(1753722464.847:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12496 comm="syz.1.2366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dde58e9a9 code=0x7ffc0000
[  345.447337][T12457] loop4: detected capacity change from 0 to 32768
[  346.233944][T12478] loop7: detected capacity change from 0 to 40427
[  346.316665][T12478] F2FS-fs (loop7): invalid crc value
[  346.444927][T12529] loop5: detected capacity change from 0 to 512
[  346.482009][T12525] loop1: detected capacity change from 0 to 2048
[  346.528676][T12529] EXT4-fs (loop5): 1 orphan inode deleted
[  346.572137][T12529] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  346.588679][T12536] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  346.596315][ T2949] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  346.625062][ T2949] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:6: Failed to release dquot type 1
[  346.640181][T12529] ext4 filesystem being mounted at /393/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  346.715923][T12478] F2FS-fs (loop7): Start checkpoint disabled!
[  346.767047][T12478] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  346.847361][T12536] NILFS (loop1): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  346.894874][T12536] NILFS error (device loop1): nilfs_bmap_propagate: broken bmap (inode number=4)
[  346.916377][T12536] Remounting filesystem read-only
[  346.950025][ T5852] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.708052][T12573] bpf: Bad value for 'uid'
[  347.983145][T12585] loop7: detected capacity change from 0 to 128
[  348.064443][T12585] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  348.130448][T12592] mkiss: ax0: crc mode is auto.
[  348.138856][T12585] ext4 filesystem being mounted at /276/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  348.322905][ T7176] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  348.499565][T12603] loop1: detected capacity change from 0 to 128
[  348.531649][T12603] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  348.557814][ T5841] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  348.603038][T12603] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  348.658536][T12610] loop4: detected capacity change from 0 to 164
[  348.728029][ T5841] usb 6-1: Using ep0 maxpacket: 16
[  348.736253][T12610] rock: directory entry would overflow storage
[  348.746195][ T5841] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  348.760879][T12610] rock: sig=0x4f50, size=4, remaining=3
[  348.766534][T12610] isofs: Unable to find the ".." directory for NFS.
[  348.774229][ T5841] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  348.804402][ T5841] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  348.873612][ T5841] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  348.888566][ T5841] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  348.920076][ T5841] usb 6-1: config 0 descriptor??
[  349.096784][T12624] netlink: 'syz.7.2421': attribute type 27 has an invalid length.
[  349.361815][   T30] audit: type=1326 audit(1753722469.157:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12628 comm="syz.1.2427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dde58e9a9 code=0x7ffc0000
[  349.384111][    C0] vkms_vblank_simulate: vblank timer overrun
[  349.406266][ T5841] microsoft 0003:045E:07DA.0018: ignoring exceeding usage max
[  349.465702][ T5841] input: HID 045e:07da as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:045E:07DA.0018/input/input12
[  349.498058][   T30] audit: type=1326 audit(1753722469.157:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12628 comm="syz.1.2427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dde58e9a9 code=0x7ffc0000
[  349.563516][   T30] audit: type=1326 audit(1753722469.177:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12628 comm="syz.1.2427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f8dde58e9a9 code=0x7ffc0000
[  349.621502][   T30] audit: type=1326 audit(1753722469.177:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12628 comm="syz.1.2427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dde58e9a9 code=0x7ffc0000
[  349.723526][   T30] audit: type=1326 audit(1753722469.177:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12628 comm="syz.1.2427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dde58e9a9 code=0x7ffc0000
[  349.823194][   T30] audit: type=1326 audit(1753722469.177:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12628 comm="syz.1.2427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=441 compat=0 ip=0x7f8dde58e9a9 code=0x7ffc0000
[  349.879683][ T5841] microsoft 0003:045E:07DA.0018: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0
[  349.907969][   T30] audit: type=1326 audit(1753722469.237:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12628 comm="syz.1.2427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dde58e9a9 code=0x7ffc0000
[  349.930289][    C0] vkms_vblank_simulate: vblank timer overrun
[  349.960113][ T5841] usb 6-1: USB disconnect, device number 14
[  350.015698][   T30] audit: type=1326 audit(1753722469.237:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12628 comm="syz.1.2427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8dde58e9a9 code=0x7ffc0000
[  350.271656][T12663] loop5: detected capacity change from 0 to 64
[  350.306231][T12663] MINIX-fs: mounting unchecked file system, running fsck is recommended
[  350.361023][T12663] MINIX-fs warning: remounting unchecked fs, running fsck is recommended
[  350.378459][T12668] loop3: detected capacity change from 0 to 1024
[  350.415824][T12668] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  350.470760][T12668] ext4 filesystem being mounted at /451/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  350.611426][T12668] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #14: comm syz.3.2443: attempt to clear invalid blocks 1886221359 len 1
[  350.680432][T12678] loop5: detected capacity change from 0 to 64
[  350.792177][ T5851] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.065842][T12651] loop1: detected capacity change from 0 to 32768
[  351.397850][ T5841] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  351.565632][ T5841] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  351.610367][ T5841] usb 6-1: New USB device found, idVendor=04b4, idProduct=07b1, bcdDevice= 0.00
[  351.639249][ T5841] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  351.670808][ T5841] usb 6-1: config 0 descriptor??
[  351.862224][T12705] netdevsim netdevsim7 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  351.871673][T12705] netdevsim netdevsim7 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  351.880554][T12705] netdevsim netdevsim7 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  351.891152][T12705] netdevsim netdevsim7 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  352.020622][   T30] audit: type=1326 audit(1753722471.817:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12706 comm="syz.2.2462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdea2d8e9a9 code=0x7ffc0000
[  352.081102][   T30] audit: type=1326 audit(1753722471.817:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12706 comm="syz.2.2462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdea2d8d310 code=0x7ffc0000
[  352.125184][ T5841] cypress 0003:04B4:07B1.0019: unknown main item tag 0x0
[  352.132172][T12695] loop3: detected capacity change from 0 to 32768
[  352.145466][ T5841] cypress 0003:04B4:07B1.0019: hidraw0: USB HID v0.00 Device [HID 04b4:07b1] on usb-dummy_hcd.5-1/input0
[  352.180641][T12695] btrfs: Deprecated parameter 'usebackuproot'
[  352.186763][T12695] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  352.206828][T12695] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2454 (12695)
[  352.241869][T12695] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  352.256574][T12713] loop7: detected capacity change from 0 to 64
[  352.271442][T12695] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm
[  352.291926][T12713] BFS-fs: bfs_fill_super(): loop7 is unclean, continuing
[  352.303155][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  352.307852][T12695] BTRFS info (device loop3): using free-space-tree
[  352.328154][ T5841] usb 6-1: USB disconnect, device number 15
[  352.405010][T12701] loop4: detected capacity change from 0 to 32768
[  352.413726][T12701] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.2459 (12701)
[  352.437449][T12701] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  352.488526][T12701] BTRFS info (device loop4): using sha256 (sha256-x86_64) checksum algorithm
[  352.497401][T12701] BTRFS info (device loop4): using free-space-tree
[  352.548801][ T2949] BTRFS warning (device loop3): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  352.589817][T12695] BTRFS error (device loop3): failed to load root extent
[  352.624927][T12695] BTRFS warning (device loop3): try to load backup roots slot 1
[  352.660853][ T1153] BTRFS warning (device loop3): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  352.694551][T12695] BTRFS warning (device loop3): couldn't read tree root
[  352.705511][T12745] loop1: detected capacity change from 0 to 1024
[  352.726730][T12695] BTRFS warning (device loop3): try to load backup roots slot 2
[  352.737026][   T60] BTRFS error (device loop3): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  352.753198][T12695] BTRFS warning (device loop3): couldn't read tree root
[  352.764952][T12695] BTRFS warning (device loop3): try to load backup roots slot 3
[  352.791935][T12695] BTRFS info (device loop3): rebuilding free space tree
[  352.843338][T12695] BTRFS info (device loop3): checking UUID tree
[  352.870572][ T1153] hfsplus: bad catalog file entry
[  352.876145][ T1153] hfsplus: b-tree write err: -5, ino 3
[  352.905351][ T5845] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  353.226755][ T5851] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  353.308003][ T2145] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  353.529031][ T2145] usb 6-1: New USB device found, idVendor=05ac, idProduct=0253, bcdDevice=65.5a
[  353.566537][ T2145] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  353.600558][ T2145] usb 6-1: config 0 descriptor??
[  353.640809][ T2145] input: bcm5974 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input13
[  353.810698][ T5195] bcm5974 6-1:0.0: could not read from device
[  353.861980][ T2145] usb 6-1: USB disconnect, device number 16
[  353.888956][ T5195] bcm5974 6-1:0.0: could not read from device
[  354.188288][ T5934] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  354.260681][T12769] loop7: detected capacity change from 0 to 32768
[  354.299238][T12769] ocfs2: Slot 0 on device (7,7) was already allocated to this node!
[  354.356054][T12769] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  354.367760][ T5934] usb 4-1: Using ep0 maxpacket: 16
[  354.417107][ T5934] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  354.450809][ T5934] usb 4-1: New USB device found, idVendor=0c70, idProduct=f00e, bcdDevice= 0.00
[  354.488014][ T5934] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  354.527871][ T5934] usb 4-1: config 0 descriptor??
[  354.567275][ T7176] ocfs2: Unmounting device (7,7) on (node local)
[  354.724668][T12812] openvswitch: netlink: nsh attribute has 124 unknown bytes.
[  354.759514][T12812] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  354.933961][T12819] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2499'.
[  354.984246][ T5934] aquacomputer_d5next 0003:0C70:F00E.001A: hidraw0: USB HID v0.83 Device [HID 0c70:f00e] on usb-dummy_hcd.3-1/input0
[  355.183136][ T5934] usb 4-1: USB disconnect, device number 14
[  355.227513][T12810] loop5: detected capacity change from 0 to 32768
[  355.263623][T12810] 
[  355.263623][T12810]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  355.263623][T12810] 
[  355.307133][T12810] ERROR: (device loop5): diWrite: ixpxd invalid
[  355.307133][T12810] 
[  355.339269][T12810] ERROR: (device loop5): txCommit: 
[  355.339269][T12810] 
[  355.446530][ T5852] 
[  355.446530][ T5852]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  355.446530][ T5852] 
[  355.467584][ T5852] 
[  355.467584][ T5852]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  355.467584][ T5852] 
[  355.653636][T12822] loop1: detected capacity change from 0 to 32768
[  355.672290][T12822] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2501 (12822)
[  355.714461][T12822] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  355.725046][T12822] BTRFS info (device loop1): using sha256 (sha256-x86_64) checksum algorithm
[  355.734491][T12822] BTRFS info (device loop1): using free-space-tree
[  355.959196][ T5856] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  357.449325][T12881] loop3: detected capacity change from 0 to 32768
[  357.682173][T12906] loop4: detected capacity change from 0 to 1024
[  357.736808][T12906] EXT4-fs: Ignoring removed mblk_io_submit option
[  357.889305][T12881] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  357.889339][T12881]   allowing incompatible features above 0.0: (unknown version)
[  357.889354][T12881]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  357.889388][T12881] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  357.889427][T12881] bcachefs (loop3): initializing new filesystem
[  357.890768][T12906] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  357.952881][T12881] bcachefs (loop3): going read-write
[  358.043052][T12881] bcachefs (loop3): marking superblocks
[  358.166701][T12881] bcachefs (loop3): initializing freespace
[  358.197210][T12890] loop1: detected capacity change from 0 to 32768
[  358.252067][T12881] bcachefs (loop3): done initializing freespace
[  358.317010][T12881] bcachefs (loop3): reading snapshots table
[  358.348252][T12881] bcachefs (loop3): reading snapshots done
[  358.364706][ T5845] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.532053][T12881] bcachefs (loop3): done starting filesystem
[  358.596368][T12943] loop7: detected capacity change from 0 to 2364
[  358.784005][ T5851] bcachefs (loop3): shutting down
[  358.797778][ T5851] bcachefs (loop3): going read-only
[  358.827817][ T5851] bcachefs (loop3): finished waiting for writes to stop
[  358.870444][ T5851] bcachefs (loop3): flushing journal and stopping allocators, journal seq 2
[  359.007570][T12958] loop7: detected capacity change from 0 to 512
[  359.036485][T12960] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2551'.
[  359.082253][T12958] EXT4-fs error (device loop7): ext4_clear_blocks:876: inode #13: comm syz.7.2549: attempt to clear invalid blocks 2 len 1
[  359.102066][T12960] bridge0: entered promiscuous mode
[  359.144600][T12960] macvlan2: entered allmulticast mode
[  359.154656][T12958] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters
[  359.171445][ T5851] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 3
[  359.198738][T12960] bridge0: entered allmulticast mode
[  359.207891][T12958] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #13: comm syz.7.2549: invalid indirect mapped block 1819239214 (level 0)
[  359.230369][T12960] bridge0: port 3(macvlan2) entered blocking state
[  359.240331][ T5851] bcachefs (loop3): clean shutdown complete, journal seq 4
[  359.252099][T12958] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #13: comm syz.7.2549: invalid indirect mapped block 1819239214 (level 1)
[  359.252761][ T5851] bcachefs (loop3): marking filesystem clean
[  359.311852][T12960] bridge0: port 3(macvlan2) entered disabled state
[  359.319755][T12967] loop1: detected capacity change from 0 to 2048
[  359.336553][T12967] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found!
[  359.354082][T12958] EXT4-fs (loop7): 1 truncate cleaned up
[  359.375145][T12960] bridge0: left allmulticast mode
[  359.380312][T12958] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  359.383696][T12967] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  359.428138][T12960] bridge0: left promiscuous mode
[  359.444334][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  359.444356][   T30] audit: type=1326 audit(1753722479.227:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12970 comm="syz.5.2555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad56d8e9a9 code=0x7ffc0000
[  359.496252][ T5851] bcachefs (loop3): shutdown complete
[  359.564672][ T7176] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  359.596006][   T30] audit: type=1326 audit(1753722479.227:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12970 comm="syz.5.2555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad56d8e9a9 code=0x7ffc0000
[  359.677368][   T30] audit: type=1326 audit(1753722479.227:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12970 comm="syz.5.2555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fad56d8e9a9 code=0x7ffc0000
[  359.705615][   T30] audit: type=1326 audit(1753722479.227:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12970 comm="syz.5.2555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad56d8e9a9 code=0x7ffc0000
[  359.735245][   T30] audit: type=1326 audit(1753722479.237:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12970 comm="syz.5.2555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad56d8e9a9 code=0x7ffc0000
[  359.822085][   T30] audit: type=1326 audit(1753722479.237:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12970 comm="syz.5.2555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=312 compat=0 ip=0x7fad56d8e9a9 code=0x7ffc0000
[  359.886330][   T30] audit: type=1326 audit(1753722479.237:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12970 comm="syz.5.2555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad56d8e9a9 code=0x7ffc0000
[  360.196366][T12993] loop7: detected capacity change from 0 to 1764
[  360.225685][T12995] x_tables: ip6_tables: quota.0 match: invalid size 24 (kernel) != (user) 144
[  360.290183][T12993] iso9660: Corrupted directory entry in block 0 of inode 1792
[  361.137077][T13001] loop5: detected capacity change from 0 to 40427
[  361.147300][T13001] F2FS-fs (loop5): build fault injection rate: 690
[  361.174495][T13001] F2FS-fs (loop5): invalid crc value
[  361.385836][T13001] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  361.469104][ T5852] syz-executor: attempt to access beyond end of device
[  361.469104][ T5852] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  361.470829][T13028] loop1: detected capacity change from 0 to 1024
[  361.548216][ T5852] CPU: 0 UID: 0 PID: 5852 Comm: syz-executor Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  361.548252][ T5852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  361.548267][ T5852] Call Trace:
[  361.548276][ T5852]  <TASK>
[  361.548286][ T5852]  dump_stack_lvl+0x189/0x250
[  361.548327][ T5852]  ? __pfx_dump_stack_lvl+0x10/0x10
[  361.548355][ T5852]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  361.548382][ T5852]  ? __pfx_queue_work_on+0x10/0x10
[  361.548413][ T5852]  ? srso_alias_return_thunk+0x5/0xfbef5
[  361.548438][ T5852]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  361.548460][ T5852]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  361.548489][ T5852]  ? srso_alias_return_thunk+0x5/0xfbef5
[  361.548518][ T5852]  ? f2fs_hw_is_readonly+0x39b/0x470
[  361.548549][ T5852]  f2fs_handle_critical_error+0x37c/0x540
[  361.548589][ T5852]  f2fs_write_end_io+0x495/0x810
[  361.548617][ T5852]  ? blkg_put+0x22/0x240
[  361.548673][ T5852]  __submit_merged_bio+0x27a/0x6a0
[  361.548706][ T5852]  __submit_merged_write_cond+0x255/0x530
[  361.548756][ T5852]  f2fs_write_data_pages+0x261d/0x3000
[  361.548785][ T5852]  ? srso_alias_return_thunk+0x5/0xfbef5
[  361.548853][ T5852]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  361.548896][ T5852]  ? arch_stack_walk+0xfc/0x150
[  361.548961][ T5852]  ? __mod_zone_page_state+0xd7/0x140
[  361.549007][ T5852]  ? srso_alias_return_thunk+0x5/0xfbef5
[  361.549035][ T5852]  ? folios_put_refs+0x560/0x640
[  361.549077][ T5852]  ? srso_alias_return_thunk+0x5/0xfbef5
[  361.549104][ T5852]  ? __lock_acquire+0xab9/0xd20
[  361.549140][ T5852]  ? srso_alias_return_thunk+0x5/0xfbef5
[  361.549167][ T5852]  ? do_raw_spin_lock+0x121/0x290
[  361.549208][ T5852]  ? srso_alias_return_thunk+0x5/0xfbef5
[  361.549241][ T5852]  ? srso_alias_return_thunk+0x5/0xfbef5
[  361.549268][ T5852]  ? do_raw_spin_unlock+0x122/0x240
[  361.549305][ T5852]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  361.549334][ T5852]  do_writepages+0x32e/0x550
[  361.549374][ T5852]  ? srso_alias_return_thunk+0x5/0xfbef5
[  361.549407][ T5852]  ? srso_alias_return_thunk+0x5/0xfbef5
[  361.549433][ T5852]  ? do_raw_spin_unlock+0x122/0x240
[  361.549474][ T5852]  filemap_fdatawrite+0x191/0x230
[  361.549510][ T5852]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  361.549598][ T5852]  ? srso_alias_return_thunk+0x5/0xfbef5
[  361.549632][ T5852]  ? do_raw_spin_unlock+0x122/0x240
[  361.549674][ T5852]  f2fs_sync_dirty_inodes+0x31f/0x830
[  361.549724][ T5852]  f2fs_write_checkpoint+0x94a/0x1de0
[  361.549785][ T5852]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  361.549866][ T5852]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  361.549897][ T5852]  ? srso_alias_return_thunk+0x5/0xfbef5
[  361.549925][ T5852]  ? kfree+0x18e/0x440
[  361.549958][ T5852]  ? kill_f2fs_super+0x298/0x6c0
[  361.549996][ T5852]  kill_f2fs_super+0x2c3/0x6c0
[  361.550035][ T5852]  ? __pfx_kill_f2fs_super+0x10/0x10
[  361.550063][ T5852]  ? radix_tree_delete_item+0x2b6/0x400
[  361.550098][ T5852]  ? srso_alias_return_thunk+0x5/0xfbef5
[  361.550126][ T5852]  ? shrinker_free+0x2ce/0x3e0
[  361.550155][ T5852]  deactivate_locked_super+0xbc/0x130
[  361.550187][ T5852]  cleanup_mnt+0x425/0x4c0
[  361.550215][ T5852]  ? srso_alias_return_thunk+0x5/0xfbef5
[  361.550242][ T5852]  ? lockdep_hardirqs_on+0x9c/0x150
[  361.550272][ T5852]  task_work_run+0x1d4/0x260
[  361.550314][ T5852]  ? __pfx_task_work_run+0x10/0x10
[  361.550349][ T5852]  ? __x64_sys_umount+0x122/0x160
[  361.550389][ T5852]  ? exit_to_user_mode_loop+0x40/0x110
[  361.550421][ T5852]  exit_to_user_mode_loop+0xec/0x110
[  361.550447][ T5852]  do_syscall_64+0x2bd/0x3b0
[  361.550475][ T5852]  ? lockdep_hardirqs_on+0x9c/0x150
[  361.550502][ T5852]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  361.550525][ T5852]  ? srso_alias_return_thunk+0x5/0xfbef5
[  361.550557][ T5852]  ? exc_page_fault+0x9f/0xf0
[  361.550587][ T5852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  361.550611][ T5852] RIP: 0033:0x7fad56d8fcd7
[  361.550633][ T5852] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  361.550654][ T5852] RSP: 002b:00007ffd9ac57558 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  361.550679][ T5852] RAX: 0000000000000000 RBX: 00007fad56e10b55 RCX: 00007fad56d8fcd7
[  361.550697][ T5852] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd9ac57610
[  361.550712][ T5852] RBP: 00007ffd9ac57610 R08: 0000000000000000 R09: 0000000000000000
[  361.550728][ T5852] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd9ac586a0
[  361.550744][ T5852] R13: 00007fad56e10b55 R14: 00000000000583b8 R15: 00007ffd9ac586e0
[  361.550783][ T5852]  </TASK>
[  361.550792][ T5852] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  362.013765][ T2949] hfsplus: b-tree write err: -5, ino 4
[  362.050142][T13037] binder: 13033:13037 ioctl c018620c 200000000000 returned -22
[  362.187525][T13039] loop1: detected capacity change from 0 to 2048
[  362.276746][T13039] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  362.304848][T13039] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  362.728804][T13055] netlink: 'syz.7.2594': attribute type 1 has an invalid length.
[  362.737032][T13055] netlink: 232 bytes leftover after parsing attributes in process `syz.7.2594'.
[  362.777987][T13055] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2594'.
[  362.829690][T13057] Mount JFS Failure: -22
[  363.023784][T13068] loop3: detected capacity change from 0 to 64
[  363.263475][T13073] loop5: detected capacity change from 0 to 1024
[  363.351213][T13073] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  363.574293][ T5852] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  363.595202][T13088] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2607'.
[  363.789029][T13094] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2610'.
[  365.077751][ T2145] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  365.142096][T13113] loop1: detected capacity change from 0 to 32768
[  365.250101][ T2145] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  365.283391][ T2145] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  365.356586][ T2145] usb 3-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  365.392562][ T2145] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  365.419038][ T2145] usb 3-1: config 0 descriptor??
[  366.062322][ T2145] hid-led 0003:27B8:01ED.001B: probe with driver hid-led failed with error -71
[  366.069771][T13151] loop1: detected capacity change from 0 to 256
[  366.088425][T13151] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  366.093454][ T2145] usb 3-1: USB disconnect, device number 16
[  366.137301][T13151] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  366.228642][T13151] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[  366.392861][T13163] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2643'.
[  366.525197][T13169] netlink: 'syz.7.2647': attribute type 12 has an invalid length.
[  366.558502][T13169] netlink: 132 bytes leftover after parsing attributes in process `syz.7.2647'.
[  366.807979][ T5934] usb 2-1: new full-speed USB device number 10 using dummy_hcd
[  366.962093][ T5934] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  366.980372][ T5934] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[  367.012353][T13186] loop4: detected capacity change from 0 to 128
[  367.032326][ T5934] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10
[  367.053524][T13186] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  367.057026][ T5934] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  367.090785][T13186] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  367.107860][ T5934] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  367.144530][ T5934] usb 2-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  367.165333][ T5934] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  367.187416][ T5934] usb 2-1: Product: syz
[  367.192718][ T5934] usb 2-1: Manufacturer: syz
[  367.207966][ T5934] usb 2-1: SerialNumber: syz
[  367.218878][ T5934] usb 2-1: config 0 descriptor??
[  367.285087][T13167] loop5: detected capacity change from 0 to 32768
[  367.327867][ T5841] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  367.339243][T13167] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  367.445415][ T5934] radio-si470x 2-1:0.0: DeviceID=0x51b4 ChipID=0x426b
[  367.498929][T13167] XFS (loop5): Ending clean mount
[  367.512534][T13167] XFS (loop5): Quotacheck needed: Please wait.
[  367.518768][ T5841] usb 4-1: Using ep0 maxpacket: 32
[  367.520840][ T5841] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  367.545661][ T5841] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  367.557209][ T5841] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[  367.566357][ T5841] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  367.589623][ T5841] usb 4-1: config 0 descriptor??
[  367.623542][T13167] XFS (loop5): Quotacheck: Done.
[  367.646193][ T5934] radio-si470x 2-1:0.0: software version 81, hardware version 180
[  367.758249][ T5852] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  367.853893][ T5934] radio-si470x 2-1:0.0: si470x_set_report: usb_control_msg returned -71
[  367.884098][ T5934] radio-si470x 2-1:0.0: submitting int urb failed (-90)
[  367.894415][ T5934] radio-si470x 2-1:0.0: si470x_set_report: usb_control_msg returned -71
[  367.918805][ T5934] radio-si470x 2-1:0.0: probe with driver radio-si470x failed with error -22
[  367.956385][ T5934] usb 2-1: USB disconnect, device number 10
[  368.032134][ T5841] kone 0003:1E7D:2CED.001C: unknown main item tag 0x0
[  368.045480][ T5841] kone 0003:1E7D:2CED.001C: unknown main item tag 0x0
[  368.057530][ T5841] kone 0003:1E7D:2CED.001C: unknown main item tag 0x0
[  368.068270][ T5841] kone 0003:1E7D:2CED.001C: unknown main item tag 0x0
[  368.076680][ T5841] kone 0003:1E7D:2CED.001C: unknown main item tag 0x0
[  368.087744][ T5841] kone 0003:1E7D:2CED.001C: hidraw0: USB HID v0.00 Device [HID 1e7d:2ced] on usb-dummy_hcd.3-1/input0
[  368.229358][ T5841] kone 0003:1E7D:2CED.001C: couldn't init struct kone_device
[  368.236846][ T5841] kone 0003:1E7D:2CED.001C: couldn't install mouse
[  368.275588][ T5841] kone 0003:1E7D:2CED.001C: probe with driver kone failed with error -5
[  368.295560][ T5841] usb 4-1: USB disconnect, device number 15
[  368.313653][T13208] loop4: detected capacity change from 0 to 32768
[  368.325848][T13208] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.2661 (13208)
[  368.379844][T13208] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  368.397958][T13208] BTRFS info (device loop4): using sha256 (sha256-x86_64) checksum algorithm
[  368.411310][T13208] BTRFS info (device loop4): using free-space-tree
[  368.592840][T13208] BTRFS error (device loop4): balance: invalid convert metadata profile raid1
[  368.636776][T13238] loop1: detected capacity change from 0 to 2048
[  368.688003][ T5845] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  368.804100][T13245] loop5: detected capacity change from 0 to 64
[  368.810792][T13238] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  369.094849][ T5856] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  369.440187][T13270] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2681'.
[  369.524445][T13273] IPVS: sync thread started: state = BACKUP, mcast_ifn = wg0, syncid = 4, id = 0
[  369.660028][T13275] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  369.985626][T13286] loop7: detected capacity change from 0 to 512
[  370.018858][T13286] EXT4-fs: Ignoring removed nobh option
[  370.024632][T13286] EXT4-fs: Ignoring removed mblk_io_submit option
[  370.093777][T13286] EXT4-fs error (device loop7): ext4_iget_extra_inode:5035: inode #15: comm syz.7.2688: corrupted in-inode xattr: overlapping e_value 
[  370.161176][T13286] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.2688: couldn't read orphan inode 15 (err -117)
[  370.185733][T13286] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  370.362233][ T7176] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.426588][T13303] netlink: 'syz.3.2696': attribute type 8 has an invalid length.
[  370.942106][T13323] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2704'.
[  371.016754][T13326] netlink: 'syz.3.2706': attribute type 17 has an invalid length.
[  371.067746][T13326] netlink: 'syz.3.2706': attribute type 41 has an invalid length.
[  371.184943][T13328] loop5: detected capacity change from 0 to 512
[  371.232939][T13328] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  371.295902][T13328] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002]
[  371.324429][T13328] System zones: 1-12
[  371.361679][T13328] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  371.365767][T13337] loop7: detected capacity change from 0 to 16
[  371.383163][T13328] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #11: comm syz.5.2707: corrupted inode contents
[  371.436881][T13328] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #11: comm syz.5.2707: mark_inode_dirty error
[  371.468831][T13337] MTD: Attempt to mount non-MTD device "/dev/loop7"
[  371.509675][T13328] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.2707: invalid indirect mapped block 1 (level 1)
[  371.524950][T13339] tc_dump_action: action bad kind
[  371.568259][T13328] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #11: comm syz.5.2707: corrupted inode contents
[  371.612223][T13328] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  371.646050][T13328] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #11: comm syz.5.2707: corrupted inode contents
[  371.674002][T13328] EXT4-fs error (device loop5): ext4_truncate:4597: inode #11: comm syz.5.2707: mark_inode_dirty error
[  371.686248][T13328] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  371.701964][T13328] EXT4-fs (loop5): 1 truncate cleaned up
[  371.714317][T13328] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  371.844208][T13334] loop3: detected capacity change from 0 to 32768
[  371.880801][T13334] JBD2: Ignoring recovery information on journal
[  371.904750][T13343] loop7: detected capacity change from 0 to 4096
[  371.979604][T13343] ntfs3(loop7): Different NTFS sector size (4096) and media sector size (512).
[  371.990715][ T5852] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  371.991718][T13334] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  372.065619][T13343] ntfs3(loop7): Failed to load $Extend (-22).
[  372.072722][T13343] ntfs3(loop7): Failed to initialize $Extend.
[  372.161916][ T5851] ocfs2: Unmounting device (7,3) on (node local)
[  373.090008][T13354] loop1: detected capacity change from 0 to 32768
[  373.163886][T13354] JBD2: Ignoring recovery information on journal
[  373.353919][T13354] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  373.383325][T13398] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2738'.
[  373.543277][ T5856] ocfs2: Unmounting device (7,1) on (node local)
[  373.638693][T13409] loop5: detected capacity change from 0 to 256
[  373.652843][T13409] exfat: Deprecated parameter 'namecase'
[  373.671909][T13409] exfat: Deprecated parameter 'utf8'
[  373.722116][T13409] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  374.078807][T13418] netlink: 44 bytes leftover after parsing attributes in process `syz.5.2747'.
[  374.573626][T13411] loop4: detected capacity change from 0 to 32768
[  374.615110][T13411] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  374.658148][ T2145] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  374.813169][ T5845] ocfs2: Unmounting device (7,4) on (node local)
[  374.828297][ T2145] usb 6-1: Using ep0 maxpacket: 8
[  374.835908][ T2145] usb 6-1: unable to get BOS descriptor or descriptor too short
[  374.845860][ T2145] usb 6-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  374.867741][ T2145] usb 6-1: config 7 interface 0 altsetting 0 has an endpoint descriptor with address 0x32, changing to 0x2
[  374.888989][ T2145] usb 6-1: config 7 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  374.938283][T13440] tipc: Enabled bearer <eth:macvlan0>, priority 10
[  374.962965][ T2145] usb 6-1: New USB device found, idVendor=0489, idProduct=e0b5, bcdDevice=ae.2a
[  374.982672][ T2145] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  375.011240][ T2145] usb 6-1: Product: syz
[  375.025787][ T2145] usb 6-1: Manufacturer: syz
[  375.043127][ T2145] usb 6-1: SerialNumber: syz
[  375.098459][    C0] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  375.152494][T13423] loop7: detected capacity change from 0 to 32768
[  375.288766][ T2145] usb 6-1: USB disconnect, device number 17
[  375.586426][T13461] loop1: detected capacity change from 0 to 128
[  375.629289][T13461] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  375.731903][T13461] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  376.139921][    C1] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  376.209053][T13485] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2777'.
[  376.400099][T13497] netlink: 'syz.3.2784': attribute type 1 has an invalid length.
[  376.551734][T13504] program syz.7.2787 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  376.584277][T13506] loop3: detected capacity change from 0 to 256
[  377.178268][    C1] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  377.256344][T13539] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  377.392082][T13542] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2803'.
[  377.411332][T13545] loop5: detected capacity change from 0 to 16
[  377.436046][T13545] MTD: Attempt to mount non-MTD device "/dev/loop5"
[  377.485374][ T5849] Bluetooth: hci4: unexpected event for opcode 0x2041
[  377.720809][T13557] vlan2: entered promiscuous mode
[  377.725893][T13557] macvlan1: entered promiscuous mode
[  377.782308][T13561] loop1: detected capacity change from 0 to 64
[  377.909238][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  377.917729][   T43] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  377.966071][T13565] loop1: detected capacity change from 0 to 512
[  378.040382][T13565] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  378.057311][T13569] loop5: detected capacity change from 0 to 1024
[  378.073716][T13565] ext4 filesystem being mounted at /472/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  378.088183][   T43] usb 3-1: Using ep0 maxpacket: 16
[  378.095585][   T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  378.109073][   T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  378.121257][   T43] usb 3-1: New USB device found, idVendor=0f30, idProduct=0111, bcdDevice= 0.00
[  378.131843][   T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  378.138365][T13565] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2813: bg 0: block 64: padding at end of block bitmap is not set
[  378.168708][   T43] usb 3-1: config 0 descriptor??
[  378.220686][    C1] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  378.245460][ T5856] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  378.396347][T13578] loop5: detected capacity change from 0 to 1024
[  378.424347][T13578] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only.
[  378.455091][T13578] hfsplus: filesystem is marked journaled, leaving read-only.
[  378.585452][   T43] pantherlord 0003:0F30:0111.001D: unknown main item tag 0x0
[  378.607767][   T43] pantherlord 0003:0F30:0111.001D: unknown main item tag 0x0
[  378.634172][   T43] pantherlord 0003:0F30:0111.001D: unknown main item tag 0x0
[  378.666067][   T43] pantherlord 0003:0F30:0111.001D: unknown main item tag 0x0
[  378.698180][   T43] pantherlord 0003:0F30:0111.001D: unknown main item tag 0x0
[  378.721172][   T43] pantherlord 0003:0F30:0111.001D: hidraw0: USB HID vff.fd Device [HID 0f30:0111] on usb-dummy_hcd.2-1/input0
[  378.752651][T13591] netlink: 'syz.5.2825': attribute type 1 has an invalid length.
[  378.760757][   T43] pantherlord 0003:0F30:0111.001D: no output reports found
[  378.768267][T13591] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  378.800272][   T43] usb 3-1: USB disconnect, device number 17
[  378.876671][T13595] loop3: detected capacity change from 0 to 128
[  378.912500][T13595] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  379.182844][T13608] loop3: detected capacity change from 0 to 2048
[  379.203827][T13609] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  379.258397][    C0] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  379.566222][T13615] loop3: detected capacity change from 0 to 4096
[  379.575996][T13615] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[  379.645312][T13615] ntfs3(loop3): Failed to load $Extend (-22).
[  379.652254][T13615] ntfs3(loop3): Failed to initialize $Extend.
[  379.689624][   T30] audit: type=1800 audit(1753722499.487:105): pid=13615 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2834" name="file1" dev="loop3" ino=30 res=0 errno=0
[  380.024322][T13624] loop3: detected capacity change from 0 to 4096
[  380.071385][T13624] NILFS (loop3): invalid segment: Checksum error in segment payload
[  380.091406][T13624] NILFS (loop3): trying rollback from an earlier position
[  380.147141][T13624] NILFS (loop3): recovery complete
[  380.193874][T13631] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  380.300152][    C1] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  380.443268][T13639] loop4: detected capacity change from 0 to 64
[  380.521269][T13639] hfs: request for non-existent node 131072 in B*Tree
[  380.567984][T13639] hfs: request for non-existent node 131072 in B*Tree
[  380.809921][T13652] loop1: detected capacity change from 0 to 2048
[  380.859353][T13659] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  380.950155][T13652] NILFS error (device loop1): nilfs_dotdot: directory #12 missing '..'
[  380.963867][T13652] Remounting filesystem read-only
[  381.080816][ T5856] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer
[  381.193034][T13671] loop4: detected capacity change from 0 to 1024
[  381.255901][T13671] hfsplus: bad catalog entry type
[  381.336151][ T3500] hfsplus: b-tree write err: -5, ino 4
[  381.358172][    C0] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  381.528307][T13685] loop3: detected capacity change from 0 to 256
[  381.552343][T13685] exfat: Deprecated parameter 'utf8'
[  381.570682][T13685] exfat: Deprecated parameter 'utf8'
[  381.712478][T13681] loop5: detected capacity change from 0 to 32768
[  381.747063][T13681] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  381.798923][T13681] XFS (loop5): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  381.814514][T13685] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[  381.838393][T13681] XFS (loop5): Starting recovery (logdev: internal)
[  381.876135][T13681] XFS (loop5): Corruption warning: Metadata has LSN (2:16) ahead of current LSN (1:48). Please unmount and run xfs_repair (>= v4.3) to resolve.
[  381.893343][T13681] XFS (loop5): Metadata corruption detected at xfs_agf_verify+0x18b/0x8f0, xfs_agf block 0x1 
[  381.905665][T13681] XFS (loop5): Unmount and run xfs_repair
[  381.911502][T13681] XFS (loop5): First 128 bytes of corrupted metadata buffer:
[  381.918949][T13681] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 10 00  XAGF............
[  381.928221][T13681] 00000010: 00 00 00 01 00 00 00 02 00 00 00 00 00 00 00 01  ................
[  381.937113][T13681] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  381.946280][T13681] 00000030: 00 00 00 04 00 00 0b a2 00 00 0b a0 00 00 00 00  ................
[  381.955341][T13681] 00000040: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[  381.964958][T13681] 00000050: 00 00 00 00 00 00 00 01 00 00 00 05 00 00 00 01  ................
[  381.973913][T13681] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  381.982989][T13681] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  381.995215][T13681] XFS (loop5): Corruption of in-memory data (0x8) detected at xfs_buf_submit+0x356/0xc10 (fs/xfs/xfs_buf.c:1463).  Shutting down filesystem.
[  382.009763][T13681] XFS (loop5): Please unmount the filesystem and rectify the problem(s)
[  382.018906][T13681] XFS (loop5): log mount/recovery failed: error -117
[  382.061601][T13681] XFS (loop5): log mount failed
[  382.382711][    C1] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  382.559828][T13712] loop1: detected capacity change from 0 to 4096
[  382.623518][T13712] NILFS (loop1): invalid segment: Checksum error in segment payload
[  382.657920][T13712] NILFS (loop1): trying rollback from an earlier position
[  382.670451][T13714] loop3: detected capacity change from 0 to 1024
[  382.687982][T13714] EXT4-fs: Ignoring removed mblk_io_submit option
[  382.691413][T13712] NILFS (loop1): recovery complete
[  382.777912][T13714] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  382.854701][T13708] loop5: detected capacity change from 0 to 32768
[  382.863861][T13708] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2876 (13708)
[  382.885311][T13708] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  382.911183][T13708] BTRFS info (device loop5): using crc32c (crc32c-x86_64) checksum algorithm
[  382.928119][T13708] BTRFS info (device loop5): disk space caching is enabled
[  382.948399][T13708] BTRFS warning (device loop5): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  383.076366][ T5851] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  383.171106][T13708] BTRFS info (device loop5): rebuilding free space tree
[  383.258601][T13708] BTRFS info (device loop5): disabling free space tree
[  383.265618][T13708] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  383.305915][T13708] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  383.418106][    C0] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  383.582056][ T5852] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  383.603984][T13716] loop7: detected capacity change from 0 to 32768
[  383.648293][T13716] BTRFS: device /dev/loop7 (7:7) using temp-fsid ed9d5173-db11-405d-bc42-5a6fff141275
[  383.669441][T13716] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.2878 (13716)
[  383.730678][T13716] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  383.800747][T13716] BTRFS info (device loop7): using crc32c (crc32c-x86_64) checksum algorithm
[  383.837900][T13716] BTRFS info (device loop7): disk space caching is enabled
[  383.878010][T13716] BTRFS warning (device loop7): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  384.023398][T13742] loop3: detected capacity change from 0 to 32768
[  384.080794][T13742] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2882 (13742)
[  384.131913][T13742] BTRFS info (device loop3): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  384.172715][T13742] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm
[  384.173361][T13716] BTRFS info (device loop7): rebuilding free space tree
[  384.204383][T13742] BTRFS info (device loop3): using free-space-tree
[  384.277859][T13716] BTRFS info (device loop7): disabling free space tree
[  384.284797][T13716] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  384.325609][T13716] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  384.459897][    C0] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  384.513996][ T5851] BTRFS info (device loop3): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  384.632844][ T7176] BTRFS info (device loop7): last unmount of filesystem ed9d5173-db11-405d-bc42-5a6fff141275
[  384.989388][T13760] comedi comedi3: reset error (fatal)
[  385.503357][    C0] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  385.777964][ T5944] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  385.948015][ T5944] usb 2-1: Using ep0 maxpacket: 32
[  385.968582][ T5944] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[  385.996100][ T5944] usb 2-1: config 0 has no interface number 0
[  386.017482][ T5944] usb 2-1: config 0 interface 184 has no altsetting 0
[  386.037539][ T5944] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  386.056156][ T5944] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  386.087674][ T5944] usb 2-1: Product: syz
[  386.110602][ T5944] usb 2-1: Manufacturer: syz
[  386.115259][ T5944] usb 2-1: SerialNumber: syz
[  386.167046][ T5944] usb 2-1: config 0 descriptor??
[  386.189188][ T5944] smsc75xx v1.0.0
[  386.548409][    C1] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  386.739428][T13842] kernel profiling enabled (shift: 7)
[  386.790355][ T5944] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  386.851029][ T5944] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  386.888926][ T5944] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_bind
[  386.903660][ T5944] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -71
[  386.905130][T13819] loop7: detected capacity change from 0 to 32768
[  386.922319][ T5944] usb 2-1: USB disconnect, device number 11
[  386.949183][T13819] XFS: ikeep mount option is deprecated.
[  386.987995][T13819] XFS (loop7): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  387.020109][T13847] loop3: detected capacity change from 0 to 4096
[  387.107279][T13858] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  387.123490][T13819] XFS (loop7): Ending clean mount
[  387.150289][T13819] XFS (loop7): Quotacheck needed: Please wait.
[  387.226402][T13819] XFS (loop7): Quotacheck: Done.
[  387.400990][ T7176] XFS (loop7): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  387.588439][    C1] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  387.747751][ T5934] usb 2-1: new full-speed USB device number 12 using dummy_hcd
[  387.899787][ T5934] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  387.908617][T13876] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2924'.
[  387.921820][ T5934] usb 2-1: config 0 has no interface number 0
[  387.941183][ T5934] usb 2-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  387.980471][ T5934] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  388.020571][ T5934] usb 2-1: config 0 descriptor??
[  388.048816][ T5934] usb 2-1: selecting invalid altsetting 1
[  388.055975][ T5934] dvb_ttusb_budget: ttusb_init_controller: error
[  388.100474][ T5934] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  388.273497][ T5934] DVB: Unable to find symbol cx22700_attach()
[  388.388277][ T5934] DVB: Unable to find symbol tda10046_attach()
[  388.418176][ T5934] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  388.428467][ T5934] usb 2-1: USB disconnect, device number 12
[  388.485518][T13887] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2932'.
[  388.513835][T13870] loop3: detected capacity change from 0 to 40427
[  388.553124][T13870] F2FS-fs (loop3): build fault injection rate: 690
[  388.575312][T13870] F2FS-fs (loop3): Image doesn't support compression
[  388.602732][T13870] F2FS-fs (loop3): invalid crc value
[  388.629300][    C1] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  388.788388][T13870] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  388.865225][T13872] loop5: detected capacity change from 0 to 32768
[  388.876534][   T30] audit: type=1800 audit(1753722508.657:106): pid=13870 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2926" name="file1" dev="loop3" ino=10 res=0 errno=0
[  388.971162][T13872] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  389.158683][ T5851] syz-executor: attempt to access beyond end of device
[  389.158683][ T5851] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  389.195904][   T43] IPVS: starting estimator thread 0...
[  389.219054][T13872] XFS (loop5): Ending clean mount
[  389.224930][ T5851] CPU: 0 UID: 0 PID: 5851 Comm: syz-executor Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  389.224961][ T5851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  389.224977][ T5851] Call Trace:
[  389.224987][ T5851]  <TASK>
[  389.224997][ T5851]  dump_stack_lvl+0x189/0x250
[  389.225040][ T5851]  ? __pfx_dump_stack_lvl+0x10/0x10
[  389.225068][ T5851]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  389.225096][ T5851]  ? __pfx_queue_work_on+0x10/0x10
[  389.225129][ T5851]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.225158][ T5851]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  389.225184][ T5851]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  389.225211][ T5851]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.225239][ T5851]  ? f2fs_hw_is_readonly+0x39b/0x470
[  389.225273][ T5851]  f2fs_handle_critical_error+0x37c/0x540
[  389.225310][ T5851]  f2fs_write_end_io+0x495/0x810
[  389.225339][ T5851]  ? blkg_put+0x22/0x240
[  389.225401][ T5851]  __submit_merged_bio+0x27a/0x6a0
[  389.225437][ T5851]  __submit_merged_write_cond+0x255/0x530
[  389.225491][ T5851]  f2fs_write_data_pages+0x261d/0x3000
[  389.225522][ T5851]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.225631][ T5851]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  389.225679][ T5851]  ? arch_stack_walk+0xfc/0x150
[  389.225753][ T5851]  ? __mod_zone_page_state+0xd7/0x140
[  389.225802][ T5851]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.225830][ T5851]  ? folios_put_refs+0x560/0x640
[  389.225876][ T5851]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.225904][ T5851]  ? __lock_acquire+0xab9/0xd20
[  389.225942][ T5851]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.225970][ T5851]  ? do_raw_spin_lock+0x121/0x290
[  389.226016][ T5851]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.226050][ T5851]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.226077][ T5851]  ? do_raw_spin_unlock+0x122/0x240
[  389.226115][ T5851]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  389.226147][ T5851]  do_writepages+0x32e/0x550
[  389.226189][ T5851]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.226223][ T5851]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.226250][ T5851]  ? do_raw_spin_unlock+0x122/0x240
[  389.226295][ T5851]  filemap_fdatawrite+0x191/0x230
[  389.226332][ T5851]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  389.226429][ T5851]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.226465][ T5851]  ? do_raw_spin_unlock+0x122/0x240
[  389.226509][ T5851]  f2fs_sync_dirty_inodes+0x31f/0x830
[  389.226564][ T5851]  f2fs_write_checkpoint+0x94a/0x1de0
[  389.226636][ T5851]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  389.226740][ T5851]  ? kill_f2fs_super+0x298/0x6c0
[  389.226781][ T5851]  kill_f2fs_super+0x2c3/0x6c0
[  389.226823][ T5851]  ? __pfx_kill_f2fs_super+0x10/0x10
[  389.226852][ T5851]  ? radix_tree_delete_item+0x2b6/0x400
[  389.226890][ T5851]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.226918][ T5851]  ? shrinker_free+0x2ce/0x3e0
[  389.226949][ T5851]  deactivate_locked_super+0xbc/0x130
[  389.226984][ T5851]  cleanup_mnt+0x425/0x4c0
[  389.227013][ T5851]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.227042][ T5851]  ? lockdep_hardirqs_on+0x9c/0x150
[  389.227074][ T5851]  task_work_run+0x1d4/0x260
[  389.227119][ T5851]  ? __pfx_task_work_run+0x10/0x10
[  389.227154][ T5851]  ? __x64_sys_umount+0x122/0x160
[  389.227198][ T5851]  ? exit_to_user_mode_loop+0x40/0x110
[  389.227231][ T5851]  exit_to_user_mode_loop+0xec/0x110
[  389.227259][ T5851]  do_syscall_64+0x2bd/0x3b0
[  389.227287][ T5851]  ? lockdep_hardirqs_on+0x9c/0x150
[  389.227314][ T5851]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.227338][ T5851]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.227365][ T5851]  ? exc_page_fault+0x9f/0xf0
[  389.227396][ T5851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.227421][ T5851] RIP: 0033:0x7f4687f8fcd7
[  389.227443][ T5851] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  389.227463][ T5851] RSP: 002b:00007ffe84a2c778 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  389.227489][ T5851] RAX: 0000000000000000 RBX: 00007f4688010b55 RCX: 00007f4687f8fcd7
[  389.227506][ T5851] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe84a2c830
[  389.227522][ T5851] RBP: 00007ffe84a2c830 R08: 0000000000000000 R09: 0000000000000000
[  389.227538][ T5851] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe84a2d8c0
[  389.227555][ T5851] R13: 00007f4688010b55 R14: 000000000005ef6c R15: 00007ffe84a2d900
[  389.227599][ T5851]  </TASK>
[  389.676239][    C0] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  389.678295][ T5851] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  389.699242][T13872] XFS (loop5): Quotacheck needed: Please wait.
[  389.787506][T13872] XFS (loop5): Quotacheck: Done.
[  389.807748][T13918] IPVS: using max 24 ests per chain, 57600 per kthread
[  389.872111][ T5852] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  390.065419][T13892] loop4: detected capacity change from 0 to 32768
[  390.096975][T13892] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.2934 (13892)
[  390.206861][T13892] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  390.242818][T13892] BTRFS info (device loop4): using crc32c (crc32c-x86_64) checksum algorithm
[  390.275844][T13892] BTRFS info (device loop4): using free-space-tree
[  390.704118][    C1] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  390.716543][ T5845] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  391.740788][    C0] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  391.931768][T14010] loop7: detected capacity change from 0 to 1024
[  392.005536][T14010] hfsplus: bad catalog entry type
[  392.109692][   T60] hfsplus: b-tree write err: -5, ino 4
[  392.164120][T14021] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2982'.
[  392.176241][T14021] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2982'.
[  392.185453][T14021] netlink: 'syz.3.2982': attribute type 6 has an invalid length.
[  392.253363][T14023] loop1: detected capacity change from 0 to 128
[  392.294024][T14023] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  392.348246][T14023] ext4 filesystem being mounted at /508/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  392.447364][T14032] loop7: detected capacity change from 0 to 256
[  392.508052][T14032] FAT-fs (loop7): Directory bread(block 64) failed
[  392.536581][T14032] FAT-fs (loop7): Directory bread(block 65) failed
[  392.539800][T14035] loop3: detected capacity change from 0 to 64
[  392.566161][ T5856] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  392.568259][T14032] FAT-fs (loop7): Directory bread(block 66) failed
[  392.602637][T14032] FAT-fs (loop7): Directory bread(block 67) failed
[  392.627864][T14032] FAT-fs (loop7): Directory bread(block 68) failed
[  392.658455][T14032] FAT-fs (loop7): Directory bread(block 69) failed
[  392.665161][T14032] FAT-fs (loop7): Directory bread(block 70) failed
[  392.672691][T14035] Trying to free block not in datazone
[  392.681130][T14035] Trying to free block not in datazone
[  392.707109][T14032] FAT-fs (loop7): Directory bread(block 71) failed
[  392.738054][T14032] FAT-fs (loop7): Directory bread(block 72) failed
[  392.744671][T14032] FAT-fs (loop7): Directory bread(block 73) failed
[  392.781069][    C1] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  393.818413][    C1] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  394.269236][T14078] loop7: detected capacity change from 0 to 4096
[  394.326511][T14054] loop3: detected capacity change from 0 to 32768
[  394.364796][T14086] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  394.405056][T14088] loop4: detected capacity change from 0 to 1024
[  394.427388][T14078] NILFS error (device loop7): nilfs_bmap_lookup_contig: broken bmap (inode number=12)
[  394.473645][T14054] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[  394.531087][T14078] Remounting filesystem read-only
[  394.581301][T14061] loop5: detected capacity change from 0 to 32768
[  394.649429][ T7176] NILFS (loop7): disposed unprocessed dirty file(s) when detaching log writer
[  394.695285][ T1153] hfsplus: b-tree write err: -5, ino 4
[  394.720594][ T5851] ocfs2: Unmounting device (7,3) on (node local)
[  394.773762][T14068] loop1: detected capacity change from 0 to 32768
[  394.831684][T14091] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3016'.
[  394.845273][T14068] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3003 (14068)
[  394.872414][    C1] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  394.918094][T14068] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  394.944576][T14095] loop7: detected capacity change from 0 to 512
[  394.961065][T14068] BTRFS info (device loop1): using crc32c (crc32c-x86_64) checksum algorithm
[  395.024673][T14068] BTRFS info (device loop1): using free-space-tree
[  395.046929][T14095] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  395.162200][T14095] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.3015: bg 0: block 496: padding at end of block bitmap is not set
[  395.377808][   T30] audit: type=1800 audit(1753722515.167:107): pid=14068 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3003" name="file0" dev="loop1" ino=258 res=0 errno=0
[  395.418267][ T5849] Bluetooth: hci1: unexpected event for opcode 0x2005
[  395.441293][ T7176] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  395.483678][T14127] loop4: detected capacity change from 0 to 512
[  395.516651][ T5856] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  395.533015][T14127] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  395.572664][T14127] EXT4-fs (loop4): orphan cleanup on readonly fs
[  395.629756][T14127] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  395.674447][T14127] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  395.693855][T14127] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #16: comm syz.4.3025: casefold flag without casefold feature
[  395.755082][T14127] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.3025: couldn't read orphan inode 16 (err -117)
[  395.876789][T14138] loop5: detected capacity change from 0 to 16
[  395.890503][T14127] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  395.903815][    C1] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  395.954008][T14138] erofs (device loop5): mounted with root inode @ nid 36.
[  396.292691][ T5845] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  396.521432][T14143] loop5: detected capacity change from 0 to 16
[  396.588878][T14143] erofs (device loop5): mounted with root inode @ nid 36.
[  396.695211][T14143] erofs (device loop5): bogus lookback distance 1388 @ lcn 42 of nid 36
[  396.792664][T14134] loop7: detected capacity change from 0 to 131072
[  396.801639][T14143] erofs (device loop5): read error -117 @ 43 of nid 36
[  396.810533][T14134] F2FS-fs (loop7): Allow to mount readonly mode only
[  396.938050][    C1] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  397.295434][T14151] loop5: detected capacity change from 0 to 64
[  397.539399][T14157] loop5: detected capacity change from 0 to 8
[  397.633684][T14157] SQUASHFS error: zlib decompression failed, data probably corrupt
[  397.677730][T14157] SQUASHFS error: Failed to read block 0x13e: -5
[  397.684475][T14157] SQUASHFS error: Unable to read metadata cache entry [13c]
[  397.728735][T14157] SQUASHFS error: Unable to read directory block [13c:26]
[  397.743383][T14136] loop3: detected capacity change from 0 to 32768
[  397.844403][T14136] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  397.988426][    C0] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  398.001036][T14136] XFS (loop3): Ending clean mount
[  398.026728][T14136] XFS (loop3): Quotacheck needed: Please wait.
[  398.146121][T14180] netlink: 165 bytes leftover after parsing attributes in process `syz.7.3044'.
[  398.155452][T14136] XFS (loop3): Quotacheck: Done.
[  398.292635][ T5851] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  398.335847][T14147] loop4: detected capacity change from 0 to 32768
[  398.343563][T14147] XFS: noikeep mount option is deprecated.
[  398.420950][T14147] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  398.701933][T14147] XFS (loop4): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  398.755922][T14147] XFS (loop4): Starting recovery (logdev: internal)
[  398.812511][T14147] XFS (loop4): Ending recovery (logdev: internal)
[  399.012720][ T5845] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  399.028971][    C1] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  399.146131][T14220] loop1: detected capacity change from 0 to 512
[  399.213337][T14220] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  399.311575][T14220] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ce01c, mo2=0002]
[  399.366682][T14220] System zones: 1-12
[  399.395680][T14220] EXT4-fs (loop1): orphan cleanup on readonly fs
[  399.454542][T14220] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.3059: invalid indirect mapped block 12 (level 1)
[  399.518156][T14220] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.3059: invalid indirect mapped block 2 (level 2)
[  399.573040][T14220] EXT4-fs (loop1): 1 truncate cleaned up
[  399.623611][T14220] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback.
[  399.682255][T14214] loop5: detected capacity change from 0 to 40427
[  399.738263][T14214] F2FS-fs (loop5): invalid crc value
[  399.800607][ T5856] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  400.017131][T14214] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  400.064666][    C1] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  400.158010][   T10] usb 3-1: new full-speed USB device number 18 using dummy_hcd
[  400.232902][T14250] loop3: detected capacity change from 0 to 4096
[  400.268774][ T5852] syz-executor: attempt to access beyond end of device
[  400.268774][ T5852] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  400.282921][T14250] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[  400.313818][ T5852] CPU: 0 UID: 0 PID: 5852 Comm: syz-executor Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  400.313852][ T5852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  400.313868][ T5852] Call Trace:
[  400.313877][ T5852]  <TASK>
[  400.313895][ T5852]  dump_stack_lvl+0x189/0x250
[  400.313934][ T5852]  ? __pfx_dump_stack_lvl+0x10/0x10
[  400.313961][ T5852]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  400.313987][ T5852]  ? __pfx_queue_work_on+0x10/0x10
[  400.314020][ T5852]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.314049][ T5852]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  400.314074][ T5852]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  400.314100][ T5852]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.314129][ T5852]  ? f2fs_hw_is_readonly+0x39b/0x470
[  400.314161][ T5852]  f2fs_handle_critical_error+0x37c/0x540
[  400.314195][ T5852]  f2fs_write_end_io+0x495/0x810
[  400.314224][ T5852]  ? blkg_put+0x22/0x240
[  400.314282][ T5852]  __submit_merged_bio+0x27a/0x6a0
[  400.314316][ T5852]  __submit_merged_write_cond+0x255/0x530
[  400.314367][ T5852]  f2fs_write_data_pages+0x261d/0x3000
[  400.314399][ T5852]  ? __lock_acquire+0xab9/0xd20
[  400.314470][ T5852]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  400.314552][ T5852]  ? __mod_zone_page_state+0xd7/0x140
[  400.314598][ T5852]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.314627][ T5852]  ? folios_put_refs+0x560/0x640
[  400.314669][ T5852]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.314697][ T5852]  ? __lock_acquire+0xab9/0xd20
[  400.314732][ T5852]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.314760][ T5852]  ? do_raw_spin_lock+0x121/0x290
[  400.314803][ T5852]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.314836][ T5852]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.314865][ T5852]  ? do_raw_spin_unlock+0x122/0x240
[  400.314907][ T5852]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  400.314941][ T5852]  do_writepages+0x32e/0x550
[  400.314981][ T5852]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.315014][ T5852]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.315042][ T5852]  ? do_raw_spin_unlock+0x122/0x240
[  400.315084][ T5852]  filemap_fdatawrite+0x191/0x230
[  400.315120][ T5852]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  400.315206][ T5852]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.315240][ T5852]  ? do_raw_spin_unlock+0x122/0x240
[  400.315282][ T5852]  f2fs_sync_dirty_inodes+0x31f/0x830
[  400.315332][ T5852]  f2fs_write_checkpoint+0x94a/0x1de0
[  400.315394][ T5852]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  400.315484][ T5852]  ? kill_f2fs_super+0x298/0x6c0
[  400.315522][ T5852]  kill_f2fs_super+0x2c3/0x6c0
[  400.315563][ T5852]  ? __pfx_kill_f2fs_super+0x10/0x10
[  400.315592][ T5852]  ? radix_tree_delete_item+0x2b6/0x400
[  400.315627][ T5852]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.315655][ T5852]  ? shrinker_free+0x2ce/0x3e0
[  400.315685][ T5852]  deactivate_locked_super+0xbc/0x130
[  400.315718][ T5852]  cleanup_mnt+0x425/0x4c0
[  400.315745][ T5852]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.315773][ T5852]  ? lockdep_hardirqs_on+0x9c/0x150
[  400.315804][ T5852]  task_work_run+0x1d4/0x260
[  400.315846][ T5852]  ? __pfx_task_work_run+0x10/0x10
[  400.315886][ T5852]  ? __x64_sys_umount+0x122/0x160
[  400.315927][ T5852]  ? exit_to_user_mode_loop+0x40/0x110
[  400.315958][ T5852]  exit_to_user_mode_loop+0xec/0x110
[  400.315985][ T5852]  do_syscall_64+0x2bd/0x3b0
[  400.316013][ T5852]  ? lockdep_hardirqs_on+0x9c/0x150
[  400.316038][ T5852]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.316061][ T5852]  ? srso_alias_return_thunk+0x5/0xfbef5
[  400.316088][ T5852]  ? exc_page_fault+0x9f/0xf0
[  400.316117][ T5852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.316140][ T5852] RIP: 0033:0x7fad56d8fcd7
[  400.316161][ T5852] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  400.316183][ T5852] RSP: 002b:00007ffd9ac57558 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  400.316208][ T5852] RAX: 0000000000000000 RBX: 00007fad56e10b55 RCX: 00007fad56d8fcd7
[  400.316225][ T5852] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd9ac57610
[  400.316240][ T5852] RBP: 00007ffd9ac57610 R08: 0000000000000000 R09: 0000000000000000
[  400.316255][ T5852] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd9ac586a0
[  400.316271][ T5852] R13: 00007fad56e10b55 R14: 0000000000061aff R15: 00007ffd9ac586e0
[  400.316311][ T5852]  </TASK>
[  400.751664][ T5852] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  400.875596][T14260] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3075'.
[  400.892344][T14238] loop4: detected capacity change from 0 to 32768
[  400.919892][   T10] usb 3-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  400.932227][   T10] usb 3-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  400.943486][   T10] usb 3-1: config 0 interface 0 has no altsetting 0
[  400.950514][   T10] usb 3-1: New USB device found, idVendor=044e, idProduct=120b, bcdDevice= 0.00
[  400.954412][T14250] ntfs3(loop3): Failed to load $Extend (-22).
[  400.959614][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  400.963221][   T10] usb 3-1: config 0 descriptor??
[  400.970422][T14238] JBD2: Ignoring recovery information on journal
[  401.057807][T14250] ntfs3(loop3): Failed to initialize $Extend.
[  401.114423][    C1] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  401.126516][T14265] loop7: detected capacity change from 0 to 1024
[  401.137327][T14265] EXT4-fs: Ignoring removed orlov option
[  401.147216][T14265] EXT4-fs (loop7): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  401.205226][T14265] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  401.236077][T14238] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  401.334388][T14238] (syz.4.3060,14238,0):ocfs2_group_extend:314 ERROR: The disk is too old and small. Force to do offline resize.
[  401.396437][   T10] hid-alps 0003:044E:120B.001E: bogus close delimiter
[  401.436502][   T10] hid-alps 0003:044E:120B.001E: item 0 0 2 10 parsing failed
[  401.461661][   T10] hid-alps 0003:044E:120B.001E: parse failed
[  401.488169][   T10] hid-alps 0003:044E:120B.001E: probe with driver hid-alps failed with error -22
[  401.531065][ T5845] ocfs2: Unmounting device (7,4) on (node local)
[  401.617331][ T6006] usb 3-1: USB disconnect, device number 18
[  401.799373][ T7176] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  402.140381][    C0] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  402.258383][T14297] loop5: detected capacity change from 0 to 4096
[  402.511782][ T6006] kernel write not supported for file /snd/midiC2D0 (pid: 6006 comm: kworker/1:6)
[  403.178057][    C1] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  403.554074][T14352] loop5: detected capacity change from 0 to 64
[  403.573421][T14352] MINIX-fs: mounting file system with errors, running fsck is recommended
[  403.762771][ T6006] kernel write not supported for file /amidi2 (pid: 6006 comm: kworker/1:6)
[  404.218358][    C0] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  404.254354][T14372] loop7: detected capacity change from 0 to 256
[  404.295362][T14372] exfat: Deprecated parameter 'utf8'
[  404.329539][T14372] exfat: Deprecated parameter 'utf8'
[  404.401628][T14372] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x4d7dfc9d, utbl_chksum : 0xe619d30d)
[  404.668776][T14382] loop3: detected capacity change from 0 to 8
[  404.854373][T14382] SQUASHFS error: Unable to read inode 0xa7
[  405.153610][T14392] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3131'.
[  405.176919][T14394] loop7: detected capacity change from 0 to 1024
[  405.187942][T14392] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3131'.
[  405.224823][T14394] hfsplus: bad catalog entry type
[  405.263327][    C0] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  405.277199][T14400] loop1: detected capacity change from 0 to 512
[  405.321933][T14400] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  405.350763][   T36] hfsplus: b-tree write err: -5, ino 4
[  405.395610][T14405] loop3: detected capacity change from 0 to 1024
[  405.403033][T14400] ext4 filesystem being mounted at /530/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  405.467882][ T5944] usb 3-1: new full-speed USB device number 19 using dummy_hcd
[  405.478659][T14405] EXT4-fs: Ignoring removed mblk_io_submit option
[  405.480524][T14411] loop4: detected capacity change from 0 to 64
[  405.485135][T14405] EXT4-fs: inline encryption not supported
[  405.514294][T14405] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  405.557752][T14400] EXT4-fs warning (device loop1): ext4_empty_dir:3095: inode #12: comm syz.1.3135: directory missing '..'
[  405.579818][T14405] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c842e018, mo2=0000]
[  405.593244][T14416] loop5: detected capacity change from 0 to 64
[  405.612656][T14405] EXT4-fs error (device loop3): ext4_orphan_get:1419: comm syz.3.3137: bad orphan inode 11
[  405.657204][ T5944] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  405.685382][T14416] Trying to free block not in datazone
[  405.699708][ T5856] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  405.722669][ T5944] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  405.736255][T14405] ext4_test_bit(bit=10, block=4) = 1
[  405.744510][   T30] audit: type=1326 audit(1753722525.537:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14419 comm="syz.7.3145" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6ee838e9a9 code=0x0
[  405.773919][ T5944] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 1023, setting to 64
[  405.777726][T14405] is_bad_inode(inode)=0
[  405.798076][T14405] NEXT_ORPHAN(inode)=3254779904
[  405.807486][T14405] max_ino=32
[  405.811061][ T5944] usb 3-1: New USB device found, idVendor=1e71, idProduct=200f, bcdDevice= 0.00
[  405.811092][ T5944] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  405.831592][ T5944] usb 3-1: config 0 descriptor??
[  405.832059][T14405] i_nlink=0
[  405.849963][T14397] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  405.867839][T14397] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  405.911758][T14405] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 2: comm syz.3.3137: lblock 2 mapped to illegal pblock 2 (length 1)
[  405.934768][T14405] Quota error (device loop3): qtree_write_dquot: dquota write failed
[  405.943823][T14405] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 48: comm syz.3.3137: lblock 0 mapped to illegal pblock 48 (length 1)
[  405.980658][T14405] Quota error (device loop3): v2_write_file_info: Can't write info structure
[  405.999449][T14405] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.3137: Failed to acquire dquot type 0
[  406.019351][T14405] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  406.035751][T14405] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.3137: mark_inode_dirty error
[  406.048216][T14405] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  406.075535][T14405] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  406.158229][   T43] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  406.185152][ T5851] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  406.196438][ T5851] EXT4-fs error (device loop3): __ext4_get_inode_loc:4792: comm syz-executor: Invalid inode table block 1 in block_group 0
[  406.217444][ T5851] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  406.229383][ T5851] EXT4-fs error (device loop3): ext4_quota_off:7217: inode #3: comm syz-executor: mark_inode_dirty error
[  406.298908][    C0] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  406.303263][ T5944] nzxt-smart2 0003:1E71:200F.001F: unknown main item tag 0x0
[  406.318559][ T5944] nzxt-smart2 0003:1E71:200F.001F: unknown main item tag 0x0
[  406.336266][ T5944] nzxt-smart2 0003:1E71:200F.001F: unknown main item tag 0x0
[  406.349367][   T43] usb 2-1: Using ep0 maxpacket: 32
[  406.371983][   T43] usb 2-1: config index 0 descriptor too short (expected 156, got 27)
[  406.381346][ T5944] nzxt-smart2 0003:1E71:200F.001F: hidraw0: USB HID v0.00 Device [HID 1e71:200f] on usb-dummy_hcd.2-1/input0
[  406.393193][   T43] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  406.412001][   T43] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  406.423635][   T43] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  406.437291][   T43] usb 2-1: config 0 interface 0 has no altsetting 0
[  406.447421][   T43] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  406.458291][   T43] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  406.486670][   T43] usb 2-1: Product: syz
[  406.503475][   T43] usb 2-1: Manufacturer: syz
[  406.513590][   T43] usb 2-1: SerialNumber: syz
[  406.530612][   T43] usb 2-1: config 0 descriptor??
[  406.535247][T14435] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3149'.
[  406.538043][ T5944] usb 3-1: USB disconnect, device number 19
[  406.561507][   T43] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  406.599913][   T43] ldusb 2-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  406.632397][T14427] loop5: detected capacity change from 0 to 32768
[  406.649850][T14427] (syz.5.3146,14427,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  406.689150][T14427] (syz.5.3146,14427,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  406.728062][T14440] loop3: detected capacity change from 0 to 512
[  406.734640][T14427] JBD2: Ignoring recovery information on journal
[  406.765221][T14440] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c01c, mo2=0002]
[  406.814445][T14440] System zones: 1-3, 19-19, 35-38
[  406.845017][T14427] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  406.863347][T14440] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  406.896309][   T10] usb 2-1: USB disconnect, device number 13
[  406.896394][T14440] ext4 filesystem being mounted at /569/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  406.905748][   T10] ldusb 2-1:0.0: LD USB Device #0 now disconnected
[  406.993324][T14447] netlink: 277 bytes leftover after parsing attributes in process `syz.4.3153'.
[  407.099251][ T5852] ocfs2: Unmounting device (7,5) on (node local)
[  407.216316][ T5851] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  407.339527][    C0] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  407.716011][T14444] loop7: detected capacity change from 0 to 32768
[  407.812087][T14444] XFS (loop7): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  407.963187][T14444] XFS (loop7): Ending clean mount
[  407.985612][T14444] XFS (loop7): Quotacheck needed: Please wait.
[  408.098663][T14444] XFS (loop7): Quotacheck: Done.
[  408.137147][T14488] ALSA: mixer_oss: invalid OSS volume ''
[  408.345776][T14487] loop1: detected capacity change from 0 to 8192
[  408.368875][T14492] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3171'.
[  408.399466][    C0] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  408.435534][ T7176] XFS (loop7): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  409.049092][T14505] loop7: detected capacity change from 0 to 8
[  409.119590][T14484] loop3: detected capacity change from 0 to 32768
[  409.420850][    C1] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  409.566354][T14515] netlink: 'syz.5.3183': attribute type 3 has an invalid length.
[  409.700241][T14519] netlink: 128 bytes leftover after parsing attributes in process `syz.4.3184'.
[  409.725027][T14519] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3184'.
[  409.880235][T14522] loop5: detected capacity change from 0 to 1024
[  410.002116][T14522] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  410.067866][T14522] ext4 filesystem being mounted at /528/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  410.283520][ T5852] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  410.458723][    C0] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  410.881420][T14574] loop3: detected capacity change from 0 to 128
[  411.440111][T14589] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3214'.
[  411.499448][    C0] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  411.700426][T14606] netlink: 240 bytes leftover after parsing attributes in process `syz.7.3222'.
[  412.010709][T14616] loop1: detected capacity change from 0 to 16
[  412.018766][T14616] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  412.308971][   T10] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  412.488177][   T10] usb 4-1: Using ep0 maxpacket: 8
[  412.521075][   T10] usb 4-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77
[  412.537794][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  412.555161][    C0] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  412.578102][   T10] usb 4-1: Product: syz
[  412.582325][   T10] usb 4-1: Manufacturer: syz
[  412.607411][   T10] usb 4-1: SerialNumber: syz
[  412.628708][   T10] usb 4-1: config 0 descriptor??
[  412.637562][   T10] gspca_main: sq905-2.14.0 probing 2770:9120
[  412.860095][   T10] gspca_sq905: sq905_command: usb_control_msg failed (-71)
[  412.878324][   T10] sq905 4-1:0.0: probe with driver sq905 failed with error -71
[  412.914894][   T10] usb 4-1: USB disconnect, device number 16
[  413.136397][T14624] loop7: detected capacity change from 0 to 32768
[  413.176400][T14624] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.3231 (14624)
[  413.234547][T14624] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  413.265970][T14624] BTRFS info (device loop7): using crc32c (crc32c-x86_64) checksum algorithm
[  413.275846][T14626] loop1: detected capacity change from 0 to 32768
[  413.307830][T14624] BTRFS info (device loop7): using free-space-tree
[  413.391290][T14626] JBD2: Ignoring recovery information on journal
[  413.392031][T14630] loop5: detected capacity change from 0 to 32768
[  413.484048][T14630] debugfs: Directory 'B1DE653C5FFC4D88B33B244AAB9EB3E9' with parent 'ocfs2' already present!
[  413.561427][T14626] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  413.577844][   T30] audit: type=1800 audit(1753722533.357:109): pid=14624 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3231" name="bus" dev="loop7" ino=263 res=0 errno=0
[  413.620391][    C0] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  413.652472][T14630] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  413.652805][T14656] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes.
[  413.775034][ T7176] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  413.778837][ T5856] ocfs2: Unmounting device (7,1) on (node local)
[  414.047492][ T5852] ocfs2: Unmounting device (7,5) on (node local)
[  414.248381][ T5841] usb 4-1: new full-speed USB device number 17 using dummy_hcd
[  414.248563][T14669] sctp: [Deprecated]: syz.2.3246 (pid 14669) Use of struct sctp_assoc_value in delayed_ack socket option.
[  414.248563][T14669] Use struct sctp_sack_info instead
[  414.388677][T14669] sctp: [Deprecated]: syz.2.3246 (pid 14669) Use of struct sctp_assoc_value in delayed_ack socket option.
[  414.388677][T14669] Use struct sctp_sack_info instead
[  414.456554][ T5841] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[  414.487561][ T5841] usb 4-1: config 179 has no interface number 0
[  414.495920][ T5841] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10
[  414.598141][ T5841] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 64
[  414.618930][    C0] tipc: Duplicate 98aaaa using eth(aa:aa:aa:aa:aa:32) seen on <eth:macvlan0>
[  414.638241][ T5841] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[  414.672967][ T5841] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 45824, setting to 64
[  414.700491][ T5841] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  414.719126][T14681] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3244'.
[  414.750575][ T5841] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  414.787891][ T5841] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  414.820418][T14665] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  414.828117][T14665] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  415.096688][T14433] usb 4-1: USB disconnect, device number 17
[  415.096750][    C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  415.111131][    C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  415.120421][    C0] ==================================================================
[  415.128501][    C0] BUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x23d/0x290
[  415.136349][    C0] Read of size 4 at addr ffff88807d48485c by task syz.4.3251/14684
[  415.144263][    C0] 
[  415.146730][    C0] CPU: 0 UID: 0 PID: 14684 Comm: syz.4.3251 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  415.146762][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  415.146778][    C0] Call Trace:
[  415.146788][    C0]  <IRQ>
[  415.146800][    C0]  dump_stack_lvl+0x189/0x250
[  415.146835][    C0]  ? __kasan_check_byte+0x12/0x40
[  415.146875][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[  415.146910][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  415.146941][    C0]  ? lock_release+0x4b/0x3e0
[  415.146972][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  415.147000][    C0]  ? __virt_addr_valid+0x4a5/0x5c0
[  415.147036][    C0]  print_report+0xca/0x240
[  415.147059][    C0]  ? do_raw_spin_lock+0x23d/0x290
[  415.147093][    C0]  kasan_report+0x118/0x150
[  415.147131][    C0]  ? do_raw_spin_lock+0x23d/0x290
[  415.147172][    C0]  do_raw_spin_lock+0x23d/0x290
[  415.147207][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  415.147237][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  415.147275][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  415.147308][    C0]  _raw_spin_lock_irqsave+0xb3/0xf0
[  415.147334][    C0]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  415.147356][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  415.147386][    C0]  ? kcov_remote_stop+0x78/0x6d0
[  415.147429][    C0]  __wake_up_common_lock+0x2f/0x1f0
[  415.147472][    C0]  __usb_hcd_giveback_urb+0x4d7/0x690
[  415.147511][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  415.147542][    C0]  ? __pfx___usb_hcd_giveback_urb+0x10/0x10
[  415.147582][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  415.147612][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  415.147640][    C0]  ? usb_hcd_giveback_urb+0x10e/0x420
[  415.147679][    C0]  dummy_timer+0x862/0x4550
[  415.147711][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  415.147737][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  415.147767][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  415.147796][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  415.147822][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  415.147858][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  415.147884][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  415.147918][    C0]  ? __pfx_dummy_timer+0x10/0x10
[  415.147951][    C0]  ? __pfx_dummy_timer+0x10/0x10
[  415.147981][    C0]  ? __pfx_dummy_timer+0x10/0x10
[  415.148010][    C0]  __hrtimer_run_queues+0x52c/0xc60
[  415.148035][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  415.148068][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  415.148090][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  415.148113][    C0]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  415.148141][    C0]  hrtimer_run_softirq+0x187/0x2b0
[  415.148169][    C0]  handle_softirqs+0x286/0x870
[  415.148194][    C0]  ? __irq_exit_rcu+0xca/0x1f0
[  415.148220][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  415.148245][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  415.148268][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  415.148300][    C0]  __irq_exit_rcu+0xca/0x1f0
[  415.148323][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  415.148349][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  415.148373][    C0]  irq_exit_rcu+0x9/0x30
[  415.148394][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  415.148417][    C0]  </IRQ>
[  415.148424][    C0]  <TASK>
[  415.148432][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  415.148454][    C0] RIP: 0010:finish_task_switch+0x26b/0x950
[  415.148474][    C0] Code: 0f 84 3c 01 00 00 48 85 db 0f 85 63 01 00 00 0f 1f 44 00 00 4c 8b 75 d0 4c 89 e7 e8 2f 3a de 09 e8 da b7 35 00 fb 4c 8b 65 c0 <49> 8d bc 24 18 16 00 00 48 89 f8 48 c1 e8 03 42 0f b6 04 28 84 c0
[  415.148493][    C0] RSP: 0018:ffffc9001d9f74f8 EFLAGS: 00000282
[  415.148511][    C0] RAX: eee3a7babbdbfd00 RBX: 0000000000000000 RCX: eee3a7babbdbfd00
[  415.148525][    C0] RDX: 0000000000000000 RSI: ffffffff8d996535 RDI: ffffffff8be28d80
[  415.148539][    C0] RBP: ffffc9001d9f7550 R08: ffffffff8fa1ddf7 R09: 1ffffffff1f43bbe
[  415.148554][    C0] R10: dffffc0000000000 R11: fffffbfff1f43bbf R12: ffff8880504b1e00
[  415.148569][    C0] R13: dffffc0000000000 R14: ffff8881436c9e00 R15: ffff8880b863ab58
[  415.148594][    C0]  ? finish_task_switch+0x266/0x950
[  415.148616][    C0]  __schedule+0x1705/0x4cf0
[  415.148644][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  415.148668][    C0]  ? __schedule+0x171b/0x4cf0
[  415.148687][    C0]  ? preempt_schedule_irq+0xb5/0x150
[  415.148707][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  415.148730][    C0]  ? __pfx___schedule+0x10/0x10
[  415.148750][    C0]  ? irqentry_exit+0x74/0x90
[  415.148772][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  415.148806][    C0]  preempt_schedule_irq+0xb5/0x150
[  415.148828][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  415.148851][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  415.148880][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  415.148914][    C0]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  415.148943][    C0]  irqentry_exit+0x6f/0x90
[  415.148965][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  415.148988][    C0] RIP: 0010:__local_bh_disable_ip+0x8c/0x190
[  415.149011][    C0] Code: 66 43 c7 44 3c 09 f3 f3 43 c6 44 3c 0b f3 65 8b 05 69 22 1a 11 a9 00 00 0f 00 0f 85 e4 00 00 00 48 c7 44 24 40 00 00 00 00 9c <8f> 44 24 40 4c 8b 74 24 40 fa 65 01 1d 43 22 1a 11 65 8b 05 3c 22
[  415.149028][    C0] RSP: 0018:ffffc9001d9f78f8 EFLAGS: 00000246
[  415.149044][    C0] RAX: 0000000080000000 RBX: 0000000000000200 RCX: 0000000000080000
[  415.149057][    C0] RDX: ffffc9000cddc000 RSI: 0000000000000200 RDI: ffffffff899581d7
[  415.149071][    C0] RBP: ffffc9001d9f79b0 R08: ffff8880504b1e07 R09: 1ffff1100a0963c0
[  415.149087][    C0] R10: dffffc0000000000 R11: ffffed100a0963c1 R12: 1ffff92003b3ef20
[  415.149102][    C0] R13: ffffc9000e2bc030 R14: ffffffff899581d7 R15: dffffc0000000000
[  415.149118][    C0]  ? bpf_test_run+0x197/0x7b0
[  415.149151][    C0]  ? bpf_test_run+0x197/0x7b0
[  415.149180][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  415.149202][    C0]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  415.149224][    C0]  ? __local_bh_enable_ip+0x12d/0x1c0
[  415.149247][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  415.149272][    C0]  ? bpf_test_timer_continue+0x136/0x350
[  415.149303][    C0]  ? bpf_test_run+0x197/0x7b0
[  415.149332][    C0]  bpf_test_run+0x23c/0x7b0
[  415.149372][    C0]  ? __pfx_bpf_test_run+0x10/0x10
[  415.149406][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  415.149429][    C0]  ? csum_partial+0x239/0x2c0
[  415.149465][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  415.149489][    C0]  ? skb_checksum+0x7c1/0x8c0
[  415.149518][    C0]  ? slab_build_skb+0x273/0x3e0
[  415.149552][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  415.149580][    C0]  ? convert___skb_to_skb+0x3d/0x590
[  415.149616][    C0]  bpf_prog_test_run_skb+0xb30/0x1560
[  415.149660][    C0]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  415.149693][    C0]  bpf_prog_test_run+0x2c7/0x340
[  415.149719][    C0]  __sys_bpf+0x4a4/0x860
[  415.149758][    C0]  ? __pfx___sys_bpf+0x10/0x10
[  415.149805][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  415.149831][    C0]  ? rcu_is_watching+0x15/0xb0
[  415.149864][    C0]  __x64_sys_bpf+0x7c/0x90
[  415.149896][    C0]  do_syscall_64+0xfa/0x3b0
[  415.149929][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  415.149954][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  415.149977][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  415.150004][    C0]  ? exc_page_fault+0x9f/0xf0
[  415.150030][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  415.150054][    C0] RIP: 0033:0x7f1077b8e9a9
[  415.150075][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  415.150095][    C0] RSP: 002b:00007f1078a3d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  415.150119][    C0] RAX: ffffffffffffffda RBX: 00007f1077db5fa0 RCX: 00007f1077b8e9a9
[  415.150138][    C0] RDX: 0000000000000050 RSI: 00002000000004c0 RDI: 000000000000000a
[  415.150153][    C0] RBP: 00007f1077c10d69 R08: 0000000000000000 R09: 0000000000000000
[  415.150168][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  415.150183][    C0] R13: 0000000000000000 R14: 00007f1077db5fa0 R15: 00007ffce0a605e8
[  415.150216][    C0]  </TASK>
[  415.150225][    C0] 
[  415.929422][    C0] Allocated by task 5841:
[  415.933741][    C0]  kasan_save_track+0x3e/0x80
[  415.938424][    C0]  __kasan_kmalloc+0x93/0xb0
[  415.943018][    C0]  __kmalloc_cache_noprof+0x230/0x3d0
[  415.948396][    C0]  xpad_probe+0x428/0x1fc0
[  415.952813][    C0]  usb_probe_interface+0x644/0xbc0
[  415.957931][    C0]  really_probe+0x26d/0x9a0
[  415.962444][    C0]  __driver_probe_device+0x18c/0x2f0
[  415.967742][    C0]  driver_probe_device+0x4f/0x430
[  415.972764][    C0]  __device_attach_driver+0x2ce/0x530
[  415.978131][    C0]  bus_for_each_drv+0x251/0x2e0
[  415.982979][    C0]  __device_attach+0x2b8/0x400
[  415.987736][    C0]  bus_probe_device+0x185/0x260
[  415.992594][    C0]  device_add+0x7b6/0xb50
[  415.996929][    C0]  usb_set_configuration+0x1a87/0x20e0
[  416.002393][    C0]  usb_generic_driver_probe+0x8d/0x150
[  416.007860][    C0]  usb_probe_device+0x1c4/0x390
[  416.012719][    C0]  really_probe+0x26d/0x9a0
[  416.017213][    C0]  __driver_probe_device+0x18c/0x2f0
[  416.022491][    C0]  driver_probe_device+0x4f/0x430
[  416.027508][    C0]  __device_attach_driver+0x2ce/0x530
[  416.032881][    C0]  bus_for_each_drv+0x251/0x2e0
[  416.037739][    C0]  __device_attach+0x2b8/0x400
[  416.042499][    C0]  bus_probe_device+0x185/0x260
[  416.047354][    C0]  device_add+0x7b6/0xb50
[  416.051691][    C0]  usb_new_device+0xa39/0x16c0
[  416.056457][    C0]  hub_event+0x2958/0x4a20
[  416.060882][    C0]  process_scheduled_works+0xae1/0x17b0
[  416.066429][    C0]  worker_thread+0x8a0/0xda0
[  416.071019][    C0]  kthread+0x711/0x8a0
[  416.075091][    C0]  ret_from_fork+0x3fc/0x770
[  416.079679][    C0]  ret_from_fork_asm+0x1a/0x30
[  416.084445][    C0] 
[  416.086795][    C0] Freed by task 14433:
[  416.090851][    C0]  kasan_save_track+0x3e/0x80
[  416.095540][    C0]  kasan_save_free_info+0x46/0x50
[  416.100565][    C0]  __kasan_slab_free+0x62/0x70
[  416.105340][    C0]  kfree+0x18e/0x440
[  416.109242][    C0]  xpad_disconnect+0x350/0x480
[  416.114007][    C0]  usb_unbind_interface+0x26e/0x8f0
[  416.119207][    C0]  device_release_driver_internal+0x4d9/0x7c0
[  416.125267][    C0]  bus_remove_device+0x34d/0x410
[  416.130205][    C0]  device_del+0x511/0x8e0
[  416.134543][    C0]  usb_disable_device+0x3e9/0x8a0
[  416.139570][    C0]  usb_disconnect+0x330/0x950
[  416.144241][    C0]  hub_event+0x1cf5/0x4a20
[  416.148658][    C0]  process_scheduled_works+0xae1/0x17b0
[  416.154199][    C0]  worker_thread+0x8a0/0xda0
[  416.158786][    C0]  kthread+0x711/0x8a0
[  416.162859][    C0]  ret_from_fork+0x3fc/0x770
[  416.167445][    C0]  ret_from_fork_asm+0x1a/0x30
[  416.172211][    C0] 
[  416.174523][    C0] The buggy address belongs to the object at ffff88807d484800
[  416.174523][    C0]  which belongs to the cache kmalloc-1k of size 1024
[  416.188570][    C0] The buggy address is located 92 bytes inside of
[  416.188570][    C0]  freed 1024-byte region [ffff88807d484800, ffff88807d484c00)
[  416.202370][    C0] 
[  416.204685][    C0] The buggy address belongs to the physical page:
[  416.211085][    C0] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7d480
[  416.219845][    C0] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  416.228343][    C0] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  416.236318][    C0] page_type: f5(slab)
[  416.240295][    C0] raw: 00fff00000000040 ffff88801a441dc0 0000000000000000 dead000000000001
[  416.248877][    C0] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  416.257460][    C0] head: 00fff00000000040 ffff88801a441dc0 0000000000000000 dead000000000001
[  416.266126][    C0] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  416.274794][    C0] head: 00fff00000000003 ffffea0001f52001 00000000ffffffff 00000000ffffffff
[  416.283465][    C0] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  416.292128][    C0] page dumped because: kasan: bad access detected
[  416.298537][    C0] page_owner tracks the page as allocated
[  416.304248][    C0] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 3500, tgid 3500 (kworker/u8:7), ts 106849431844, free_ts 106767236950
[  416.323712][    C0]  post_alloc_hook+0x240/0x2a0
[  416.328493][    C0]  get_page_from_freelist+0x21e4/0x22c0
[  416.334037][    C0]  __alloc_frozen_pages_noprof+0x181/0x370
[  416.339873][    C0]  alloc_pages_mpol+0x232/0x4a0
[  416.344752][    C0]  allocate_slab+0x8a/0x3b0
[  416.349260][    C0]  ___slab_alloc+0xbfc/0x1480
[  416.353936][    C0]  __kmalloc_noprof+0x305/0x4f0
[  416.358799][    C0]  ieee802_11_parse_elems_full+0x152/0x2aa0
[  416.364699][    C0]  ieee80211_ibss_rx_queued_mgmt+0x462/0x2ae0
[  416.370760][    C0]  ieee80211_iface_work+0x806/0xfe0
[  416.375952][    C0]  cfg80211_wiphy_work+0x2df/0x460
[  416.381060][    C0]  process_scheduled_works+0xae1/0x17b0
[  416.386626][    C0]  worker_thread+0x8a0/0xda0
[  416.391235][    C0]  kthread+0x711/0x8a0
[  416.395312][    C0]  ret_from_fork+0x3fc/0x770
[  416.399903][    C0]  ret_from_fork_asm+0x1a/0x30
[  416.404697][    C0] page last free pid 5828 tgid 5828 stack trace:
[  416.411046][    C0]  __free_frozen_pages+0xc71/0xe70
[  416.416167][    C0]  __put_partials+0x161/0x1c0
[  416.420843][    C0]  put_cpu_partial+0x17c/0x250
[  416.425624][    C0]  __slab_free+0x2f7/0x400
[  416.430040][    C0]  qlist_free_all+0x97/0x140
[  416.434633][    C0]  kasan_quarantine_reduce+0x148/0x160
[  416.440094][    C0]  __kasan_slab_alloc+0x22/0x80
[  416.444949][    C0]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  416.450410][    C0]  jbd2__journal_start+0x146/0x5b0
[  416.455520][    C0]  __ext4_journal_start_sb+0x227/0x5c0
[  416.460981][    C0]  ext4_dirty_inode+0x93/0x110
[  416.465759][    C0]  __mark_inode_dirty+0x2d1/0xdf0
[  416.470783][    C0]  file_update_time+0x40c/0x490
[  416.475632][    C0]  ext4_page_mkwrite+0x1fa/0x1110
[  416.480660][    C0]  do_page_mkwrite+0x14d/0x310
[  416.485413][    C0]  do_wp_page+0x268d/0x5800
[  416.489923][    C0] 
[  416.492238][    C0] Memory state around the buggy address:
[  416.497859][    C0]  ffff88807d484700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  416.505925][    C0]  ffff88807d484780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  416.513988][    C0] >ffff88807d484800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  416.522045][    C0]                                                     ^
[  416.528970][    C0]  ffff88807d484880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  416.537031][    C0]  ffff88807d484900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  416.545090][    C0] ==================================================================
[  416.553150][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  416.560343][    C0] CPU: 0 UID: 0 PID: 14684 Comm: syz.4.3251 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  416.570322][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  416.580459][    C0] Call Trace:
[  416.583732][    C0]  <IRQ>
[  416.586569][    C0]  dump_stack_lvl+0x99/0x250
[  416.591174][    C0]  ? __asan_memcpy+0x40/0x70
[  416.595810][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[  416.601101][    C0]  ? __pfx__printk+0x10/0x10
[  416.605710][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  416.611362][    C0]  panic+0x2db/0x790
[  416.615260][    C0]  ? __pfx_panic+0x10/0x10
[  416.619727][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  416.625363][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  416.630997][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  416.636887][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  416.643216][    C0]  ? print_memory_metadata+0x314/0x400
[  416.648676][    C0]  ? do_raw_spin_lock+0x23d/0x290
[  416.653706][    C0]  check_panic_on_warn+0x89/0xb0
[  416.658652][    C0]  ? do_raw_spin_lock+0x23d/0x290
[  416.663683][    C0]  end_report+0x78/0x160
[  416.667940][    C0]  kasan_report+0x129/0x150
[  416.672452][    C0]  ? do_raw_spin_lock+0x23d/0x290
[  416.677492][    C0]  do_raw_spin_lock+0x23d/0x290
[  416.682370][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  416.688007][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  416.693387][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  416.699021][    C0]  _raw_spin_lock_irqsave+0xb3/0xf0
[  416.704219][    C0]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  416.710112][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  416.715747][    C0]  ? kcov_remote_stop+0x78/0x6d0
[  416.720702][    C0]  __wake_up_common_lock+0x2f/0x1f0
[  416.725946][    C0]  __usb_hcd_giveback_urb+0x4d7/0x690
[  416.731349][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  416.736989][    C0]  ? __pfx___usb_hcd_giveback_urb+0x10/0x10
[  416.742900][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  416.748567][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  416.754199][    C0]  ? usb_hcd_giveback_urb+0x10e/0x420
[  416.759582][    C0]  dummy_timer+0x862/0x4550
[  416.764096][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  416.769737][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  416.775374][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  416.781021][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  416.786659][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  416.792074][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  416.797728][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  416.803365][    C0]  ? __pfx_dummy_timer+0x10/0x10
[  416.808319][    C0]  ? __pfx_dummy_timer+0x10/0x10
[  416.813268][    C0]  ? __pfx_dummy_timer+0x10/0x10
[  416.818216][    C0]  __hrtimer_run_queues+0x52c/0xc60
[  416.823417][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  416.829062][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  416.834801][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  416.840438][    C0]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  416.846249][    C0]  hrtimer_run_softirq+0x187/0x2b0
[  416.851367][    C0]  handle_softirqs+0x286/0x870
[  416.856134][    C0]  ? __irq_exit_rcu+0xca/0x1f0
[  416.860906][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  416.866203][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  416.871837][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  416.877069][    C0]  __irq_exit_rcu+0xca/0x1f0
[  416.881662][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  416.886869][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  416.892518][    C0]  irq_exit_rcu+0x9/0x30
[  416.896851][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  416.902507][    C0]  </IRQ>
[  416.905431][    C0]  <TASK>
[  416.908357][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  416.914343][    C0] RIP: 0010:finish_task_switch+0x26b/0x950
[  416.920152][    C0] Code: 0f 84 3c 01 00 00 48 85 db 0f 85 63 01 00 00 0f 1f 44 00 00 4c 8b 75 d0 4c 89 e7 e8 2f 3a de 09 e8 da b7 35 00 fb 4c 8b 65 c0 <49> 8d bc 24 18 16 00 00 48 89 f8 48 c1 e8 03 42 0f b6 04 28 84 c0
[  416.940634][    C0] RSP: 0018:ffffc9001d9f74f8 EFLAGS: 00000282
[  416.946712][    C0] RAX: eee3a7babbdbfd00 RBX: 0000000000000000 RCX: eee3a7babbdbfd00
[  416.954688][    C0] RDX: 0000000000000000 RSI: ffffffff8d996535 RDI: ffffffff8be28d80
[  416.962660][    C0] RBP: ffffc9001d9f7550 R08: ffffffff8fa1ddf7 R09: 1ffffffff1f43bbe
[  416.970632][    C0] R10: dffffc0000000000 R11: fffffbfff1f43bbf R12: ffff8880504b1e00
[  416.978601][    C0] R13: dffffc0000000000 R14: ffff8881436c9e00 R15: ffff8880b863ab58
[  416.986582][    C0]  ? finish_task_switch+0x266/0x950
[  416.991792][    C0]  __schedule+0x1705/0x4cf0
[  416.996305][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.001942][    C0]  ? __schedule+0x171b/0x4cf0
[  417.006715][    C0]  ? preempt_schedule_irq+0xb5/0x150
[  417.011996][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  417.017893][    C0]  ? __pfx___schedule+0x10/0x10
[  417.022750][    C0]  ? irqentry_exit+0x74/0x90
[  417.027342][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.032986][    C0]  preempt_schedule_irq+0xb5/0x150
[  417.038098][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  417.043816][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.049451][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.055083][    C0]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  417.060896][    C0]  irqentry_exit+0x6f/0x90
[  417.065318][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  417.071302][    C0] RIP: 0010:__local_bh_disable_ip+0x8c/0x190
[  417.077289][    C0] Code: 66 43 c7 44 3c 09 f3 f3 43 c6 44 3c 0b f3 65 8b 05 69 22 1a 11 a9 00 00 0f 00 0f 85 e4 00 00 00 48 c7 44 24 40 00 00 00 00 9c <8f> 44 24 40 4c 8b 74 24 40 fa 65 01 1d 43 22 1a 11 65 8b 05 3c 22
[  417.096906][    C0] RSP: 0018:ffffc9001d9f78f8 EFLAGS: 00000246
[  417.102990][    C0] RAX: 0000000080000000 RBX: 0000000000000200 RCX: 0000000000080000
[  417.110965][    C0] RDX: ffffc9000cddc000 RSI: 0000000000000200 RDI: ffffffff899581d7
[  417.118960][    C0] RBP: ffffc9001d9f79b0 R08: ffff8880504b1e07 R09: 1ffff1100a0963c0
[  417.126935][    C0] R10: dffffc0000000000 R11: ffffed100a0963c1 R12: 1ffff92003b3ef20
[  417.134904][    C0] R13: ffffc9000e2bc030 R14: ffffffff899581d7 R15: dffffc0000000000
[  417.142882][    C0]  ? bpf_test_run+0x197/0x7b0
[  417.147578][    C0]  ? bpf_test_run+0x197/0x7b0
[  417.152303][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  417.157505][    C0]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  417.163310][    C0]  ? __local_bh_enable_ip+0x12d/0x1c0
[  417.168682][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  417.174403][    C0]  ? bpf_test_timer_continue+0x136/0x350
[  417.180041][    C0]  ? bpf_test_run+0x197/0x7b0
[  417.184720][    C0]  bpf_test_run+0x23c/0x7b0
[  417.189244][    C0]  ? __pfx_bpf_test_run+0x10/0x10
[  417.194283][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.199922][    C0]  ? csum_partial+0x239/0x2c0
[  417.204607][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.210239][    C0]  ? skb_checksum+0x7c1/0x8c0
[  417.215020][    C0]  ? slab_build_skb+0x273/0x3e0
[  417.219882][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.225534][    C0]  ? convert___skb_to_skb+0x3d/0x590
[  417.230852][    C0]  bpf_prog_test_run_skb+0xb30/0x1560
[  417.236247][    C0]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  417.242066][    C0]  bpf_prog_test_run+0x2c7/0x340
[  417.247007][    C0]  __sys_bpf+0x4a4/0x860
[  417.251266][    C0]  ? __pfx___sys_bpf+0x10/0x10
[  417.256051][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.261683][    C0]  ? rcu_is_watching+0x15/0xb0
[  417.266450][    C0]  __x64_sys_bpf+0x7c/0x90
[  417.270876][    C0]  do_syscall_64+0xfa/0x3b0
[  417.275388][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  417.280583][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  417.286654][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.292292][    C0]  ? exc_page_fault+0x9f/0xf0
[  417.296970][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  417.302871][    C0] RIP: 0033:0x7f1077b8e9a9
[  417.307293][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  417.326908][    C0] RSP: 002b:00007f1078a3d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  417.335362][    C0] RAX: ffffffffffffffda RBX: 00007f1077db5fa0 RCX: 00007f1077b8e9a9
[  417.343423][    C0] RDX: 0000000000000050 RSI: 00002000000004c0 RDI: 000000000000000a
[  417.351393][    C0] RBP: 00007f1077c10d69 R08: 0000000000000000 R09: 0000000000000000
[  417.359358][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  417.367324][    C0] R13: 0000000000000000 R14: 00007f1077db5fa0 R15: 00007ffce0a605e8
[  417.375308][    C0]  </TASK>
[  417.378566][    C0] Kernel Offset: disabled
[  417.382888][    C0] Rebooting in 86400 seconds..