last executing test programs:

3m32.073985571s ago: executing program 2 (id=9):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x24, 0x24, 0xd0f, 0x70bd2b, 0x2000, {0x60, 0x0, 0x0, 0x0, {0x0, 0x8}, {0xffff, 0xffff}, {0xd, 0xc}}}, 0x24}, 0x1, 0x0, 0x0, 0x80d1}, 0x3000001c)
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f00000001c0)={0x0})

3m31.690683434s ago: executing program 2 (id=11):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = fanotify_init(0x200, 0x40000)
fanotify_mark(r1, 0x1, 0x48000003, r0, 0x0)
vmsplice(r0, &(0x7f0000001240)=[{&(0x7f0000000100)='p', 0x1}], 0x1, 0x4)

3m31.379179978s ago: executing program 2 (id=12):
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x1e7d, 0x2ced, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x4, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000300)={0x0, 0x22, 0x5, {[@main=@item_4={0x3, 0x0, 0x9, '&i/B'}]}}, 0x0}, &(0x7f0000000680)={0x2c, 0x0, 0x0, 0x0, 0x0, 0x0})

3m29.053703348s ago: executing program 2 (id=24):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200)={[{@nodiscard}, {@noheap}, {@discard_unit_section}, {@discard_unit_section}, {@adaptive_mode}, {@background_gc_on}, {@compress_chksum}, {@nogc_merge}, {@fsync_mode_posix}, {@block_mode}, {@data_flush}, {@heap}, {@jqfmt_vfsold}, {@lazytime}]}, 0x1, 0x550f, &(0x7f000000cf00)="$eJzs3E1vG1UXAODjpGn69faNEAt2HalCSqTaivNRwS5AKz5EqqjAghU4tmO5tT1R7DghKxYsEQv+CQKJFUt+AwvW7BALEDskkGcm0FAQlXBskj6PND5zr6/PnGtVlc5M5ACeWgvJzz+W4npcjojZiLgWkZ2XiiOzkYfnIuJGRMw8cpSK+d8nLkbElYi4Pkqe5ywVb316a3hz/Yc3fvrqm/kLVz/78tvp7RqYtucjorubnx9085i28vigmK8N21nsrg2LmL/RfViM0zweNLezDAe143W1LK628vXp7n5/FHc6tfootto72fxuL79gf9g6zpN94EFtLxs3mttZbPfTLLaO8roOj/L/2476gzxPo8j3QZY+BoPjmM83D5v5fnYfZrHeGxTzed600TwcxWERi8tFPe00sjq2/803/d/2Zru3f5gMm3v9dtpL1ivVFyrV2+XqXtpoDppr5Vq3cXstWWx1RsvKg2atu9FK01anWamn3aVksVWvl6vVZPFOc7td6yXVamW1slxeXyrObiWv3nsn6TSSxVF8ud3bH7Q7/WQn3UvyTywlK5XVF5eSm9Xkrc2tZOv+3bubW2+/d+fdey9tvv5KseixspLFleWVlXJ1ubxSXXp8T/Pndf8fFUX/w/5hYkrTLgDg7NH/A9Nwev3/3v2I0+//Q/8/Fmeq/33C/t/+YUL0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAT63v5j5/LTtZyMdXi/n/FVPPFONSRMxExK9/YTYunsg5W+SZ+5v1c3+q4etSZBlG15gvjisRsVEcv/z/tL8FAAAAOL+++PDGJ3m3nr8sTLsgJim/aTNz7f0x5StFxNzC92PKNjN6eXZMybJ/3xficEzZshtYl8aUbD675XZhTNmezOyJcOmRUMrDzETLAQAAJuJkJzDZLgQAAIBJ+njaBTAdpTh+lHn8LDj7y/s/HghePjECAAAAzqDStAsAAAAATl3W//v9PwAAADjf8t//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnbnKWBuI4AP9b3r7gVyTGvVdxB8fwCC5dGg7gJTiAC7yCF+AMuPMIBgydEUG6MOm0jeZ5kjJMW37MELqYmWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgSN+a3frLxzef+uYcT/2U6Q0AAADQ5dDs1u2bZao/y+df5FOvcr2KiDoiusbus3i8yZzlnOb3/Z+v72/+aMPXiDbh/B3zfDyNiLf5+PFy6F8BAAAA/l/7zXaVRuvpZTl1gxhTmrSpn78rlFdFRLP8XiitPue9LhTW/r8f4kOhtHYCa1EoLE25PZRK+yvt436ZtVtcFVUq6s6PXRpZrO8AAMCIZjfFuKMQAAAAxvR+6gYwjSp+LWVelgLnqcjLe09uagAAAMA/qJq6AQAAAMDg2vH/SPv/nez/BwAAANNI+/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwpEOzW+8321XfnOPp3mO+1nHpTv+eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2Z93FAiBMAiDves7k7n/YaVBY0OTKhA+/sZgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjzu7/8n5gaZ5K518bS80iydmpsnRp758bRH8bXrwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBif15SIASCIArmjP+d9P0PKwl6BhEioOFRRS0aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvuh3v/yfmBpnkrnTxtLxSLJ21di6auw9aBw9GG//BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBi535e46jiAIB/Z2Zna6pijJJDRBQ86MWm29ram3hQggf/BCGk2xq79Uebgy1FzMWb5NyL6FFEUOKt/0PPLfRSbz3soYJnZWZnstM24PprZpt8PvDmfXcY5n3fBEK+814WAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA2fnsaZ8VhcRKn1blb969tFP3th/rCjZ07K0Ur4qTNpB8PLzY/JMvdJQIAAMDhkdX1fUTczXfXij5dLOv/vL6mqPm/fXoS1/X8w3V/3de1f9F++fne83sDLU7GKW56bnM0PP5oKr3/b5bz7Zm/vKJXPvny3UsWC5FG+t72c+O8fJ7J1zdvvtMvwyNtZAsA/BPH6r4K6r+Hin7QZWIAHBq9RuFd1//ZYrc5AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALRhvB1P1nESESu9aVy4ff/axn79jZ07K3U7ff36Tnw5vWdxizwizm2Ohsdbnc18u3zl6oX10Wh4qf3gpYjoavS3qulf+GCGiyM6eT6C/yhIqx/2vOTzeAQd/lICAOBAyqtW1PV389214lyyFPHHdw/W/6824pix/r/34elbzbGa9f+gtRnOv9Wti5+uXr5y9fXNi+vnh+eHH79xYvDm4OSZU6fOrJbvSla9MQEAAODf6VetWf+nS4+u/x9txDFj/f/ZN4MvmmNl6v99TRf9us4EAADgcHv25d9/S/Y5n/T78fn61talweS49/nE5NhBqn/bkao16/9sqeusAAAAgDaMt5MH1v/PNuKYcf3/qe9f+LF5zywiFqr1/2Mbn4zOtjedudbGvxN3PUcAAAC6tVC15vp/Xu7/T/e2PKQR8dork7j6GsCZ6v/s3a9+aI7V3P9/sr0pzqV0efI8yn45orfcdUYAAAAcZE9UrSj2f8131z766ej7ffv/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANr2ZwAAAP//uCM2tw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')

3m26.89121716s ago: executing program 4 (id=39):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e21, @local}], 0x10)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @empty}], 0x10)

3m26.867330411s ago: executing program 2 (id=40):
r0 = syz_io_uring_setup(0x12e, &(0x7f0000000340)={0x0, 0x5cb1, 0x2, 0x3, 0xfffffffd}, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000280))
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0x200, 0x0, 0x4)
io_uring_enter(r0, 0x7e7b, 0xf728, 0x44, 0x0, 0x0)

3m26.646207691s ago: executing program 4 (id=42):
r0 = syz_io_uring_setup(0x8d2, &(0x7f0000000340)={0x0, 0xb51a, 0x10, 0x100005}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000300)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000001c0)=[{0x0}], 0x201}, 0x0, 0x4040092})
io_uring_enter(r0, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)

3m26.475000447s ago: executing program 4 (id=43):
syz_mount_image$ext4(&(0x7f0000000380)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000002c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0xa}}, {@data_err_ignore}, {@grpquota}, {@nomblk_io_submit}, {@user_xattr}, {@bh}, {@errors_remount}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file2\x00', 0x101042, 0x100)
pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
ftruncate(r0, 0x1)

3m25.243122339s ago: executing program 4 (id=47):
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
setuid(0xee01)
cachestat(r0, &(0x7f0000000080)={0x4d, 0x2}, 0x0, 0x0)

3m24.976134039s ago: executing program 4 (id=49):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000300)='rxrpc_client\x00', r0}, 0x18)
r1 = socket$kcm(0x21, 0x2, 0xa)
sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in6={0x21, 0xfffc, 0x2, 0x1c, {0xa, 0xfffc, 0x4, @dev, 0xf5}}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=[{0x18, 0x110, 0x1, "dc"}], 0x18}, 0xfc00)

3m24.512154115s ago: executing program 4 (id=50):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000480)=[@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x2b}}, @in={0x2, 0x4e21, @local}], 0x20)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000280)=0x3fa, 0x4)
listen(r0, 0x4)

3m23.810281239s ago: executing program 32 (id=50):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000480)=[@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x2b}}, @in={0x2, 0x4e21, @local}], 0x20)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000280)=0x3fa, 0x4)
listen(r0, 0x4)

3m23.748028379s ago: executing program 2 (id=53):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, &(0x7f0000000380)={0x0, 0x0, 0x9, {0x9, 0x0, "2a53fb8991f8e0"}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000001640)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x45}, 0x0}, 0x0)

3m23.615204603s ago: executing program 33 (id=53):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, &(0x7f0000000380)={0x0, 0x0, 0x9, {0x9, 0x0, "2a53fb8991f8e0"}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000001640)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x45}, 0x0}, 0x0)

4.164584291s ago: executing program 6 (id=1453):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file2\x00', 0x1010051, &(0x7f0000000700)={[{@errors_remount}, {@delalloc}, {@noblock_validity}, {@dioread_lock}, {@nouid32}, {@nomblk_io_submit}]}, 0x1, 0x546, &(0x7f0000000180)="$eJzs3dFrZFcZAPDv3mR2s7upmaoPtWAttrJbdSdJ47bBh6og+lRQKz4Ja0wmIWSSWZJJuwmLTfFVEES04Is++SL4BwjSF99FKNR3UVGkZvVBoe2VO3Onm0xmkhRncpfk94Oz9557Zu73nQlz5tyZu/cGcGE9GRE3ImIsIp6JiKlie1qU2OuU/HH39+8t5iWJLHvp7SSSYlt3X5eL5bXiaRMR8Y2vRnw3ORp3a2d3baHRqG8W9enWevJOlu3eXF1fWKmv1Dfm5mafm39+/tb8zFD6WY2IF77815/88JdfeeG3n33lT7f/fuN7eVr/zbJXo6cfw9TpeqX9WnSNR8TmKIKVZLzdw45bJecCAMDx8vn+hyPik+35/1SMtWdzAAAAwHmSfWEy3kkiMgAAAODcSiNiMpK0VpzvO1mcsXotIj4aV9NGc6v1meXm9sZS3hZRjUq6vNqoz8RE+9yBalSSvD5bnGPbrT/bU5+LiEcj4sdTV9r12mKzsVT2lx8AAABwQVzrOf7/91Sa1mpF417JyQEAAADDUy07AQAAAGDkHP8DAADA+VfN+tyh66h09JkAAAAAI/C1F1/MS9a9//XSyzvba82Xby7Vt9Zq69uLtcXm5p3aSrO50r5m3/pJ+2s0m3c+Fxvbd6db9a3W9NbO7u315vZG6/bqoVtgAwAAAGfo0U+88cckIvY+f6VdcpeKtkpENnbwweNlZAiMygc6p+cvo8sDOHsHP9+vlJgHcPZM6eHiqpSdAFC6k/4D0MCTd34//FwAAIDRuP6xwb//v71camrAiBW//yenugAIcK6MlZ0AUJrO73/vZR1lZwOcpcpxMwAHBXDupcP5/f+EUwkTAwoAAJRssl2StFYcB0xGmtZqEY+0bwtYSZZXG/WZiPhQRLw1Vbmc12fbz0zM5gEAAAAAAAAAAAAAAAAAAAAAAADglLIsiQwAAAA41yLSv3XvzHV96unJ3u8HLiX/mWovI+KVn73007sLrdbmbL79n+9vb71ebH+2jG8wAAAAgF7d4/TucTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNP9/XuL97Msy/bvLZ5l3H98KSKqRfyidFrGY6K9nIhKRFz9VxLjB56XRMTYEOLvvRYRj/WLn+RpRbXI4lD8SxFpRFwZVvz4gPGjE//aEOLDRfZGPv58sd/7L40n28v+77/xovy/Bo9/6fvj39iA8e+RQTutHK4+/uavpwfGfy3i8fH+4083fpLvr0/8p07Zx+98c3d3UFv2i4jr/ca/5HCs6db6nemtnd2bq+sLK/WV+sbc3Oxz88/P35qfmV5ebdSLf/vG+NHHf/Peg9q7R/p/9Zjxt93/Aa//06fs/7tv3t3/SGe15y8Tlfh5lt14qv/f/7F88emj8buffZ8qPgfyev4apq9/q2/8J371hycG5Zb3f2lA/yd6+n+5p/83Ttn/Z77+/T+f8qEAwBnY2tldW2g06ptWDq5E9aFI4+FdyeedpaeRRBL5yluHmhbKT6yz8mrxHltodN9tQ9rz74qDo1EmX9J4BAAAjM6DSX9vS1JOQgAAAAAAAAAAAAAAAAAAAHABnXgZsEFNaUQ82PLtHxxzNbLemHvldBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Fj/CwAA//8GI9aV")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
readlinkat(r0, &(0x7f00000000c0)='./file2\x00', &(0x7f0000000880)=""/225, 0xe1)
readlink(&(0x7f0000000000)='./file2\x00', &(0x7f0000000100)=""/126, 0x7e)

3.706209799s ago: executing program 5 (id=1460):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x34, r0, 0x203, 0x70bd28, 0x25dfdbfa, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MESH_SETUP={0xc, 0x70, [@NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL={0x5}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x4e808}, 0x4000)

3.464157078s ago: executing program 6 (id=1463):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x0, 0x2})

3.46393291s ago: executing program 5 (id=1464):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10)
r1 = syz_open_dev$ttys(0xc, 0x2, 0x0)
mount$9p_fd(0x0, &(0x7f0000000240)='./cgroup\x00', &(0x7f0000000340), 0x400, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})

3.338483186s ago: executing program 0 (id=1466):
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mdstat\x00', 0x0, 0x0)
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

3.232762996s ago: executing program 5 (id=1467):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
setresgid(0x0, 0x0, 0xee01)
syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000002080)='./file0\x00', 0x0, &(0x7f00000020c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000c00)='./file0\x00', 0x0, 0x800)

3.183972556s ago: executing program 6 (id=1468):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c6e6f71756f74612c64697361626c655f726f6c6c5f666f72776172642c67635f6d657267652c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c646973636172645f756e69743d73656374696f6e2c636865636b706f696e743d64697361626c652c6e6f696e6c696e655f64656e7472792c00ec6da92d1c80a6c720380e3c2c55bf27596d2776ce408c4bb19b149757508e1c7e919c6c2047023baa412d14fa75c8cac6e5f103e13ea52708af0a7c5da8af4ecb6612"], 0x2, 0x5505, &(0x7f0000002480)="$eJzs3M1rI2UYAPAn/djtfrgW8eBtBxahhU1o+rHoreoufmCXsurBk6ZJGrKbZEqTprUnDx7Fg/+JKHjy6N/gwbM38aB4E5TMTHXrBwhNm+3294PJM++bN888b1gWnpmSAC6s+eTXn0txI65ExHREXI/IzkvFkVnPwwsRcTMiph47SsX8nxOXIuJqRNwYJc9zloq3Pr89vLX201u/fPPd5ZlrX3z9/eR2DUzaixHR3cnP97t5TFt5fFjM14btLHZXh0XM3+g+KsZpHvebW1mG/drRuloWV1r5+nRnrz+K251afRRb7e1sfqeXX7A/bB3lyT7wsLabjRvNrSy2+2kWW4d5XQeH+f9th/1BnqdR5PsoSx+DwVHM55sHzXw/O4+yWO8Nivk8b9poHozisIjF5aKedhpZHVsn+aafbG+3e3sHybC522+nvWStUn2pUr1Tru6mjeaguVqudRt3VpOFVme0rDxo1rrrrTRtdZqVetpdTBZa9Xq5Wk0W7ja32rVeUq1WVipL5bXF4ux28vr995JOI1kYxVfbvb1Bu9NPttPdJP/EYrJcWXl5MblVTd7Z2Ew2H9y7t7H57gd337//ysabrxWL/lFWsrC8tLxcri6Vl6uLF2j/nxRFj3H/cCKlSRcAcP7o/4FJOL3+f/dBxOn3/6H/H4tz1f9e9P7/FPYPJ6L/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4sH6Y/fKN7GQ+H18r5p8ppp4rxqWImIqI3//FdFw6lnO6yDP7H+tn/1bDt6XIMoyucbk4rkbEenH89uxpfwsAAADw9Prq45uf5d16/jI/6YI4S/lNm6nrH44p31xEzM7/OKZsU6OX58eULPv3PRMHY8qW3cCaG1Oy/JbbzLiy/S/Tx8LcY6GUh6kzLQcAADgTxzuBs+1CAAAAOEufTroAJqMUR48yj54FZ395/9cDwSvHRgAAAMA5VJp0AQAAAMCpy/p/v/8HAAAAT7f89/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgD3bu5zZxIIoD8LPBC/tPi1Z731b2BmVsCXvcY0QBaYICciAtpAFqILeUEEGExyEQcYjksa1E3yc5k7HMjzcIDjMjDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KX7ar24vfp93TZnt28nz2gAAACAS7bVelH/M0v9r839782tn02/iIgyIi7N3Ufx6Sxz1ORUL8/fnD5fvarhLqJOOLzHpLm+RMSf5nr80fWnAAAAAB/XZrmap9l6+jMbuiD6lBZtym9/M+UVEVHNHjKllYe8X5nC6u/3OP5nSqsXsKaZwtKS2zhX2pvUP/fjqt30pClSU1582bHIbGMHAAB6NDpr+p2FAAAA0Kd/QxfAMIp43so8bgVOUtNs730+6wEAAADvUDF0AQAAAEDn6vl/T+f/7Z3/BwAAAMNI5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQpW21XmyWq3nbnN2+nTyjAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCf25x0FQiAMwmDv+s5k7n9YadDU1KQKhI+/MRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjzu7/8n5gaZ5K518bS80iydmpsnRp758bRH8bXrwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNiflxQIgSCIgjnjfyd9/8NKgp5BhAhoeFRRiwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvuh3v/yfmBpnkrnTxtLxSLJ21di6auw9aBw9GG//BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNi5n9c4qjgA4G9mdra2Kq5R9hARBQ96sdttbe1NPCjBg3+CENJtjd36o83BliLm4k1y7kX0KCIo8db/IecEcom3HPYQwbMyszPZyQ9w/TWzST4fePO+Owzzvm8WQr7zXgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBp9PYkTrJDZxzHxbnNvYdLWb91qM88Xtuez1oWR3UmfTK8WP0QdZtLBAAAgLMjKev7EMJOur6Q9XEnr//T8pqs5v/26XFc1vOH6/6yL2v/rP3y8+7z+wN1xuNkN725PBxcOppK6/+b5Wx75i+vaOVPPn/3kuRfSPze6nOjNH+e0dcbG++08/BcHdkCAP/ExbIvgvL3oazvN5kYAGdGq1J4l/V/0mk2JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA6jFbDk2UchRDmW5M4s7X3cOm4/vHa9nzZrj16tBa+nNwzu0UaQri5PBxcqnU2s+3e/Qe3F4fDwd36g5dCCE2N/lYx/dsfTHFxCI08H8F/FMTFlz0r+ZyMoMEfSgAAnEpp0bK6fiddX8jORXMh/PHdwfr/1Uocpqz/dz+8tlkdq1r/92ub4ezrrdz5tHfv/oPXl+8s3hrcGnz8xuX+m/0r169evd7L35X0vDEBAADg32kXrVr/x3NH1/8vVOIwZf3/2Tf9L6pjJer/Y00W/ZrOBAAA4Gx79uXff4uOOR+12+HzxZWVu/3xcf/z5fGxgVT/tnNFq9b/yVzTWQEAAAB1GK1GB9b/b1TiMOX6/1Pfv/Bj9Z5JCOF8sf5/cemT4Y36pjPT6vhz4qbnCAAAQLPOF626/p/m+//j/S0PcQjhtVfGcfFvAKeq/5N3v/qhOlZ1//+V+qY4k+Lu+HnkfTeEVrfpjAAAADjNnihaVuz/mq4vfPTThffb9v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O3PAAAA//9WwT6Z")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x7b)
pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
lseek(r0, 0x8183, 0x3)

3.080662732s ago: executing program 1 (id=1469):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xa00002, &(0x7f0000000180)={[{@usrjquota}, {@abort}, {@nombcache}, {@noload}, {@noblock_validity}, {@grpjquota}, {@oldalloc}, {@nouid32}, {@bsdgroups}, {@barrier_val={'barrier', 0x3d, 0x53}}]}, 0xfa, 0x496, &(0x7f0000000940)="$eJzs3M9vFFUcAPDvTH/x01bFHyBIFY3EHy0tP+TgRaMJB01M9IDxVNuFVBZqaE2EEK0e8GhIvBv/C+NJL0S9aOJV74aEGC6gXtbMzixdll26LdtuYT+fZNo381533nfevOmbebsbQM8azX4kEdsi4o+IGM5Xby0wmv+6ce3C9D/XLkwnUam883dSLXf92oXpWtHa323NVyqVYn2oyX4vvh8xVS6Xzhbr4wunPxqfP3f+pdnTUydLJ0tnJo8ePXRwz+CRycMdiTOL6/quT+d27zz23qW3po9f+uDnJI087miIo1NG86Pb1LOd3lmXba9LJ/31OXt/XUo3OxPopr6IyJproNr/h6MvNt/MG443vuhq5YA1ValUKkNxuVX2YgW4jyXR7RoA3VH7R5/d/9aWdRt8bABXX81vgLK4bxRLntMfaZ7YO9Bwf7utg/sfjYjji/9+ky2xRs8hAADq/ZCNf15sNv5L49E8MZj9eKCYQxmJiAcj4qGIeDgidkTEIxHVso9FxOMr3H/jDMnt45/0yqqDa0M2/nulmNsqlk0NRUb6qkcjHwOOxEByYrZcOlAck/0xMHRiNilN3GEfP77++1et8urHf9mS1aE2FsylV/obpk1mphamVhtvo6ufR+zqvyX+4vgnUZvGSSJiZ0TsWuU+Zp/vb5m3fPx30Ppl21b5NuK5vP0XoyH+mmRpfjI7N+rmJydePjJ5eHxTlEsHxmtnxe1++e3i2632f1fxd0DW/luiefsXRpJNEfPnzp+qztfOr+jls64TF//8suU9TRF/1r1anv99S+f/se3F+T+YvFvdMFhkfDK1sHB2ImIwefP27ZNLr1Zbr5XP4t+/r1n8afUaVzsST0TE7ojYExFPZjeFRd2fioinI2LfHQ7CT6898+Ey8Tdp//WZK83in1mu/aO+/Vee6Dt1+fvl48+6Vqvr36Fqan+xpZ3rX7sVvJtjBwAAAPeK/D3wSTp2M52mY2P5e/h3xJa0PDe/8MKJuY/PzOTz3iMxkNaedA3XPQ+dKJ4Nj1QfHJRLkzfX8/yDxXPjr/s2V9fHpufKM90OHnrc1hb9P/NXX7drB6y5DsyjAfco/R96l/4PvSnR/6Gntdv/V/rmbmDja9b/P2tZeuy7Na0MsK6M/6F3tdH/F/NfrUcFwL3J/3/oXfo/9KSWn41P7+oj/+ue+K/4PsONUp/7PxHphqhGm4nh2BDVWE2iv+0vs1hBojKc9/9sy1DTMt2+MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTG/wEAAP//KzXg0Q==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f00000002c0)=""/191, 0xbf)
getdents64(r0, 0x0, 0x0)

2.94808477s ago: executing program 5 (id=1470):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000600)=@newqdisc={0x148, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_red={{0x8}, {0x11c, 0x2, [@TCA_RED_STAB={0x104, 0x2, "2f6f0394e6f809a7184df863b57290ee5348a1a83beb441691ca11e20f64742e5ec9e6d553ea6461077672618d9831213d3b3144e2a6e1eedaaadf6a5cc56860d38cf443b350555e2d8c2e151d5f1b17afef39f34fc264dfbd6e778a68e6313b4c868a70cd2df82934a03e587c97fb6b0d5c165c9d58e7285dcb5860babd406c57b20d0c84cbb4804d528983604e6e1a03085a226a3bf15a8f560051f47db92816c7388489e1a1c87ad2a7a176fcfd2836d37155ffc344ca7070522c2ef75937d79abffed64bc6aab8e249c0150ac6937ed0385acdde0d23cdeab3747718811f184731b48e71600389acb4e6e0e66b2e0dff61d748efb9458ecd12c5fc1f16ef"}, @TCA_RED_PARMS={0x14, 0x1, {0x3, 0x3, 0x6f, 0xe, 0x18, 0x9, 0x8}}]}}]}, 0x148}}, 0x0)

2.764011687s ago: executing program 1 (id=1471):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0, <r1=>0x0], 0x2})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000200), 0x4, r1})

2.494586214s ago: executing program 0 (id=1472):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1}, 0x18)
sendmmsg(r0, &(0x7f0000003e00)=[{{&(0x7f00000002c0)=@can, 0x80, &(0x7f0000000340)=[{&(0x7f0000001640)="06910864e1b4477b865663992e84eaa0dd475f05bbeaa60a6737054f29769ae353ca7a865a4f444cf8024c287987a8580d1f1e008752225f91592a7767b8e50742a437bed9feec15f3268321579cee8c1e321eba5fd996e4cba1612d344e777a1c3ed16f1c935250dc1e4dae1c59b955c8e89840302bc5caa00d0bfc86cbc6eb0d7aeb986ba2970e8b4a07e5eb41613546ab41be5e0f173d7bec3412ce04784ee4e605e62fd2b79dc9eb61930c010fbbdc5b209f018e51b522f797d9c43f35c16ca75ce8f02a0f0024d8f70e044d50c356758ee7e53f3f9510bd605ca5fd59a266f5526fbe400a3838b42ca412c9fccbd0bcf620a7751c6940e06fc8f50ecb3af7550e6a5ccf2c22bc22ce845abca4e777aeac2aafa4d7ec0349cc2166eb3a52c5c261ffc0fbe5520a0bd18fb046e98e858776fbea95b5fa1ccc2063ef00a53ad5f7cdfc71f32053f9a4e50190ee307bc937de4a6e6ef11fc5b5bfe5e4ac1053ff77e074de7da92174145f4728fca5ca37a5f563f8407cd776d73d07a7192cabffa18fb3fc99b63229e4565f1a3e34d68d0b722eb14dda4d4b032f04926a485784410e4bf888ec7ef4a0c7531bdac41f181e4d05951c2cd3bd0b54a34b925efb0f2063e064d0a5b8c3636d1bfc1b1b5bae60dbc6341af69c7b66dd7c166cd8358b3a5dcec7a8cbae9b7560814b690476e6ede18a61fa2f4b929ea17236b47398712cdd43ec35fc2b3b2d633af080ec03053cbee034476d35ce2178e14437ef771533beecc6e0fadd8693341c18129821099e0cbdf21bb21885b6cafd1ef196c9fa1b10e403732a732bb6fc3730160973286374f92c9f552763958987b5e7ef370cd19bbfffb5ea7875284fed6ace4ded9b5e7c9b5e858810597a6489bdc3dff895b22c4fb23d8d75dac200b68e50713aca1da116051ff8478b535cbd170045767ac5c94c2c9e62ce74ce2587a080f6678aa3fc6d258f6cb82055cefca29254e05de98d6a98e76d08f20bba70fc04e726e3a760940b2a9a46c6cf60f3e7c30628d59af84769cc2882e7834bc9bd77a11ee0cdf8bcdddfe6469bd0872f85c4b7e95debd3115d1897f837f431ae74456f4ff391cbded23deb1e22d3062779254259aa6124ae0b4448910dc6307c2f95fa46eda31aa32b05750a9ae7efd91972b4ff175b0dcafefd54eaccb15adcc71bbd6785f13bb85920dd6a539b7ff245fc5000c837cdd0c959c212493119e3445ace66e6b9fc4b64d7a2eec2424ab6d9a52012affc5e3c9743d7921c2a0a15d0a751657f0cad16e56837aa41fb26efb7348b47319719130a2672f2ec7155edac487b0eae591037ba1dbd288433b40a34b0d4f6de6a17dbebceb0e1cd7f9cf6f8475d8c86534d86aa15bfe3e02f13628929afe6c8735a5d2dc15cc32a1c2e7a321b99943348c8a994441973851787de3306cf265fef18f145ca5edae76223a3094ae3cf07aaf1692e89ec55048b977c40d2417e6f57712fae78f6ae8290ef03439481f1b9852858c901e0c3f8eb4246e807ca86814b72e24cf7b41180fb683b421ee89bedf8e66fc42d48e7886e2491903ab32e93633527ed554c1898b7d56f7332ff553d86170117368e9033c1125e1a34d2e399a4a5c22b5eb42881f65e63c872c62ab1bcb95058495b5c49e628280666714c808ff0b18a0fdb63603e325706c0a7b4aaa59046b25f4dd68876f90ad49b8088e04a1910eda5963251d3211ed8819e70555b06756073df095b32085abad840f23eb2a300c3378a9aa6e0e6a2b2fb6379046a8a607c2609e71786da467a77921459fc94f448f7128e42ab9e275f2a6d59ca5c5d3d80b2837e2fb55ec6355d2b41b995158a519b92de60befb948028f92526d0ec7d5948bebc7ee283d6c64abd578bb2cc9125f183c74644b400be8a26ab537a074fc1323d4fe1072aedfffa074587c10a43885c2580dcba1d98d7008aa7c05e410765d9746eec9fdf4e95b58ca9b7613523455fc89c56633d42f3157abf87b448d1c7a1694f0f70cf78d57d71dd85bf86b84dad34280ea4c3f044c4cef63ebc484ad267792ffedf30785457c16feb77765aa075719607a2593d64a2016641dc957de78f9358749b8afac3f9944e6cb3979db93705fb346647d9010b3dc0feebc98868fbe2cc95ccd09dd63e4295101e7d9487ef19f6596c73868ff686416e6a334f12051f97c2f6b5d3d833204cc4e137480c309350feccac570e92eab195071bc09f117e720e732185be2f0fc298812d1a3fb50be8d8ad5db6f260def0a0535c61d53f6509decd22e7078db0869a6c6b4c1a1f0c25b105ab3338e3ca0ef0782a38cd74b1290b73365d6b187ff9ff318ef07f5b88f7ffdba223e316a6462fe0bafe252623c08799aa2649be9bfc0af99794c87bb2e94a78ac1296be185ed66c2e4be59694bd963235542af8f3615a73e4359f1e8012e7d34ea3aa53adfef602798e902e05a4581a01747136869a0be79ec1dc9bb7144ed3fe526c8a23450a2604f0e714944fe25c", 0x6fa}, {0x0}], 0x2}}], 0x1, 0x8084)

2.484443156s ago: executing program 5 (id=1473):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x1808014, &(0x7f0000000600)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461002018bbdecde39739fcd1df176dde746ec834120600000000003b048000000000000072462abc30ef5b65c70f73ecea54b5e5bec5aca9836c319f653557e79a002208ceae6dda659bd5ba0f4ce5c2080002223dc60000000000000044cd0a1e36868736000000f6a55493b4b81d5b9fa9b40fe4d76afc3a989c6d60044e89eb96e44d01a1174e3797ffa86870b82939f41ffa0f3d726f085663c29cbdc4c766a7eb77cc369c71e57fafab52f325ca91e684160191acf5ae7469c82ab4145b595b987d75912afdcc1c061835294cc0c618aba204f8adaa20c80108d356cd887ba217c8f569e6d0caf75052a77056b06e7068c40f807d9e539f8f5b64a8ee0725aa8d00000000007cb6ac0d90ea79b8027cf75964dd86c2ed2b5e75779677a28c76b848dd03dab190b5f02ec52830f3ff01eaae1c3df076000000000000000000000000000083a48a6b926c668b9ba42490175018ea3619f9d80a0b894e212178e1a19909d764666264fa29e2c055fd7f8e67c2acfb75f0a8d41692f4542a575ee42ed94a0014fba44985cca9df12fe93bfaccf0122a6e7e593613ac011170182f99766e86fb125cc6799c43aa4dc708dc4a00a6decad26f0378072a571da000000aec3dfbae348b5b494f6fddb9f56142a47a40ef81690a7eca421bd0ad198afa58ce69d61c29deaa93c0efea0f1415e90fd0400bad5f796374bb196e60e537b8ffca80a5ec3c5c063aab2c87a7824c4fbfab7264185e1b2e59012acbf3732abe75b848de8ec4aaba2e3c8cd14dd9bf9499952815b9fb34057a585a9c18a11f3d496825b3fcb0c8aa89e079fd78997da864b302139b2b10597100846b55f7d0b050b7b0ef7e9c897c50b53404acdd701425323201b33465fddec69c37cb13fd441a830af5ea73f4ac82d7926eb0db1141003d148473077a76c3bee7e37dc799abb47bd67cde7958c50fb2d15c9cc196e4bff1d00"/716], 0x5, 0x558b, &(0x7f00000079c0)="$eJzs3EtvG2UXAOAzTtP71y9CLNh1pAopkWqrTi+CFQVacRGtKi4LVuDYruXW9kSx64auumCJWPBPEEisWPIbWMASdogFiB1SkWcmULdJC63jQPs80vjMHL8+874jK9KZiRzAU2sp/e2XJI7FoYhYiIijSeT7SblF3I44X4x9LiKOR0Tlri0p838m9kfE4Yg4Nile1EzKtz47OT5x9uc3f/362wP7jnz+1Xd7unBgTz0fEf31Yv9mv4hZJw93Fsp8Y9zNY//MuIzrUzX6WZG/2V7LK9xsbI1r5PF0pxifrd8YTuLVXqM5iZ3u1Ty/PihOOBx3tupMPpBea2zkx632Wh67wyyPnVvFeTdvFX/bbg1HRZ1WWe+jvHyMRluxyLc328V61q/nsTkYlfmibtZqb07iuIzl6aKZ9Vr5PNYe9Sr/+73VHdzYTMftjWE3G6Rna/UXavVz1fpG1mqP2meqjX7r3Jl0udObDKuO2o3++U6WdXrtWjPrr6TLnWazWq+nyxfaa93GIK3Xa6drp6pnV8q9k+lrl99Le610eRJf6Q5ujLq9YXo120iLT6ykq7XTL66kJ+rpO5eupFfevnjx0pV3P7jw/uWXL73xajnovmmly6unVler9VPV1frKU7T+j8tJ/4P1J9unf/j+8S4bFHb4ggGws/v6/7i3/w/9PzBzD+j/49pD+v/+9fJ4d/r/2Lb/r0z3/zHL/n/SUun/H97/Vvag/10M/f8urh8ey6P1//tnPg8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAObux8UvXs93lorjI2X+f2XqmfI4iYhKRNzZxkLsn6q5UNZZ3GH84j1z+CaJvMLkHAfK7XBEnC+33/+/21cBAAAAnlxf3j7+adGtFy9Lez0h5qm4aVM5+uGM6iURsbj004yqVSYvz86oWP793hebM6qW38A6OKNixS23fbOq9rcsTIWDd4WkCJW5TgcAAJiL6U5gvl0IAAAA8/TJA999aW7zYM6S2HqUufUsOP/P+78eCB6aeg8AAAD4D0r2egIAAADArsv7f7//BwAAAE+24vf/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YOd+ctMGojgAPxsM/auiqvtepTs4Ro/QZZeFA/QSHIGeoFIvwBmolEWOkIQIe4LkBKRIjHGCvk+ynRlHP88AmzeWBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu/a9Wsz+/vv4+Mebv7fY0maYDAAAAHLCpVrP6j0nTfp/6P6auz6ldREQZEYdq90GMWpmDlFMd+f/q0Rj+RdQJu/5xOt5FxLd03Hzq+lMAAACAy7VeLKdNtd6c0hLAVb+j4kyaRZvyw/dMeUVEVJPrTGnl7vQlU1j9+x7Gz0xp9QLWm0xhzZLb8PC9Ua6HtA1al4eZzOsvsW6V3TwXAADoU7sSOFKFAAAAcAF+9D0AzuFpaV/sT/v3jOPmkl4Ivm21AAAAgFeo6HsAAAAAQOfq+v8l7f9X2P8PAAAAsmv2/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBLm2o1Wy+W02P358/MudueJt+MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB79ucdBUIgDMJg7/rOZO5/WGnQ0NikCoSPvzEYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN787i//J6bGmWTutbH0PJKsnRpbp8beuXH0h/H1awAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYn5cUCIEgiII5438nff/DSoKeQYQIaHhUUYsGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAL/rdL/8npsaZZO60sXQ8kqxdNbauGnsPGkcPxtu/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYt2PfNqowAOCffbbbFBAhoEgEUJE6wEJTt7R0RQgUMfAnIEWpUwIuhTYDrSJKFjaUuQuCESEkUNjyP3RupC5l65AhSEwMQXe+S8+JoVFp79zm95Oe3+fz9b3vna0qn98ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKCw9W682szjJH2YHMTFsdvbKwtpv7mnT22s3ZlJWxo3Ks77CfBa+cnx6foSAQAA4PBIivo+Iu621+fSvjmZ1f/t4py05v/huUFc1PN76/7N7ZWj+UszRf3/+2/3XtqdaDLJ5kkHXVzq907tT6X1mJY49p5/4Bmt7Mpn370k2RvS/HD1xa12dj0b39269X4nC49UkS0A8DBOFn0eFH8PpX23zsQAODRapcK7qP+TyXpzAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKjC1mo8U8SNiJhp3Y9Tm9srC6P6b9buzGzk7dzNm2vlMdMh2hGxuNTvnapwLeOruJrXP5vv93tXrl6rOjgeESNeunGwf57k6f/rOZ2IGDpy4uUR43x8gLn2jLMvyD+eUe01nEjX98CTG0NHGvsu+Hs7A3V8AKoKmvn7My75PMqg+Ow9+pEr/u8IAICnXjtvaSV6t70+lx5rTEXs/Dhc/79RimOo7t+5MTgyeL5Rqv/vfXLudnmucv3frWh9T4LZ5UtfzF69dv2tpUvzF3sXe5+/fbr7TvfM+bNnz89m35XMLkbTNyYAAAD8D528lev/5tT+/f9jpTj+Y/+/XP9/+X336/Jcifp/pPubfnVnAgAAcBh1dqMXXv/rz8aIMxqdTnw1v7x8pTt43H1+evBYaboP6UjeyvV/MlV3VgAAAEAVtlYbQ/v/F0pxHHD//9mfXvmlPGYSERMRlyOid3Lhcv9CdcsZa1X8UDmbqFP3SgEAAKjLRN7K+//t7P7/5u4tD82IePNExN/5b/jjgPV/8sG3P5fnKt//f6bSVY6f5vTgemT9dERruu6MAAAAeJodzVta7P/RXp/79NdjH3Xc/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQtX8CAAD//4ztMoY=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61)
truncate(&(0x7f0000000900)='./file1\x00', 0x3000000)

2.300578987s ago: executing program 1 (id=1474):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000180)=@bpf_lsm={0x6, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2031}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r0}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20048054}, 0x0)

2.300289835s ago: executing program 0 (id=1475):
r0 = socket(0x28, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000040)=0x5, 0x4)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000240)={0x4})

2.194038745s ago: executing program 0 (id=1476):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x44000)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020002000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}}, 0x0)
syz_emit_ethernet(0x66, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0008004503005800000000202f"], 0x0)

1.928358379s ago: executing program 0 (id=1478):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syz_tun\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000340)=@newlink={0x44, 0x10, 0x503, 0x70bd29, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14615}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x44}}, 0x0)

1.866648638s ago: executing program 6 (id=1479):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000080)={0x1, 0x0, [{0xd, 0x0, 0x10001, 0x7c, 0x9}]})

1.866003757s ago: executing program 1 (id=1480):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001480)=@base={0x12, 0x22, 0x4, 0x9}, 0x50)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000011c0)={r0, &(0x7f00000001c0), &(0x7f0000000000)=@udp=r1}, 0x20)
recvmmsg(r1, &(0x7f0000000040), 0x400006a, 0x40001140, 0x0)

1.320160359s ago: executing program 3 (id=1482):
r0 = memfd_secret(0x80000)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000740)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000000703000008ff0200ad0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d3001000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9751f008554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a65f78238b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c505000000b8fab4d4d897db2c544c0e0895a9044f50c50b8eac8c63d2b1cd06a39702bd547f5ebaa69520bbb15f4f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564bd98a621483fb2a5ff221e0d831f24759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91e0eb18e21dfdab3c84ec11377fbb00000000848060962bcbc47cefd1a2a7bd3b646614bf7cd3495663de5b63f6b5910daee8ebb7ba84a8b5b6f2d1fbc22a51a500f94c871d5e1d31ab5d7a89965bbdbf355a8544e1688a61f459f3618b3a5416eb143180d3d2c5f4e0b1a556422038801703e109e23944e53f230a3537a5412c7d0bf278c6c1684dd8de90aaa33f47dc2c7b5e4f73784fd31aa2f9d1b1623734f9cf84718b2bad31f651e3607f3ac6c427cb6c0652d21ecd4b29e96c0a3781ee820faab71040768f6b08a69fdfd0b2b7be25f19500c1b8330994efb57a53c1a67bda909630f75738ab40e7ab63d527d6c1e8cf611f05c1b6d0da1ba84d405b4d834162c88022a4625a5f7c431c39f3f9a7789f9b668ec4da9f1a981086dcf4c5a940691f9638ce34dba904483f2ed4e7a713b7eac29c5e122f1b6acd6f1da2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000280)={r1, r0, 0x2e, 0x4608, @void}, 0x10)
close_range(r1, 0xffffffffffffffff, 0x0)

1.293126197s ago: executing program 0 (id=1483):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000413f5f201d0650c16fce0102030109021b00010000100009043300011870f500090582020002"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xfffffd49, &(0x7f0000000040)=ANY=[])

1.137893539s ago: executing program 3 (id=1484):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20040051}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020000000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}, 0x1, 0x0, 0x0, 0x40050}, 0x0)
syz_emit_ethernet(0x86, &(0x7f00000005c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x1, 0x8, 0x78, 0x68, 0x0, 0x5, 0x11, 0x0, @empty, @rand_addr=0x64010100}, {0x4e23, 0x4e23, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x3, "d34b0b34303092ab49faa1dcded6dd2567fe901d15d06e3f7c8bb3f65e842711", '\x00', {"da0f73d3f8785312647bb48684481ebd", "51ac5cb5885f33b33c76a4f3b9168ef1"}}}}}}}, 0x0)

980.779976ms ago: executing program 3 (id=1485):
r0 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x0, 0x0, @remote, 0x10001}, 0x1c)

824.142782ms ago: executing program 3 (id=1486):
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0)
fsetxattr(r0, &(0x7f0000000000)=@known='security.selinux\x00', &(0x7f0000000080)='@\x00', 0x3c8, 0x0)

771.188474ms ago: executing program 1 (id=1487):
syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000180)='./bus\x00', 0x4040, &(0x7f00000015c0)=ANY=[], 0x2, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir")
r0 = landlock_create_ruleset(&(0x7f0000000040)={0x7f4a, 0x0, 0x2}, 0x18, 0x0)
landlock_restrict_self(r0, 0x5)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)

568.774263ms ago: executing program 3 (id=1488):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000580)=[@in={0x2, 0x4e21, @local}], 0x10)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x12}}], 0x10)

499.423284ms ago: executing program 5 (id=1489):
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x141080)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000200)=0x5)
openat$audio(0xffffffffffffff9c, &(0x7f0000000100), 0x80002, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000080), 0x24080, 0x0)

469.54634ms ago: executing program 1 (id=1490):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f00000000c0)=@arm64_fp_extra={0x60200000001000d5, 0x0})

407.409455ms ago: executing program 3 (id=1491):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x63b7, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
syz_io_uring_setup(0x239, &(0x7f0000000180)={0x0, 0x1c28, 0x8200, 0xfffffffd}, 0x0, 0x0)

110.519255ms ago: executing program 6 (id=1492):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=@bridge_dellink={0x34, 0x13, 0x5, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@IFLA_AF_SPEC={0x14, 0x1a, 0x0, 0x1, [@AF_INET={0x10, 0x5, 0x0, 0x1, {0xc, 0x7, 0x0, 0x1, [{0x8, 0x1}]}}]}]}, 0x34}}, 0x0)

0s ago: executing program 6 (id=1493):
clock_settime(0x0, &(0x7f0000000240)={0x77359400})
clock_adjtime(0x0, &(0x7f0000000640)={0x7, 0x9, 0x380000, 0x8, 0xfffffffffffffff9, 0xfffffffffffffff7, 0x9, 0x0, 0xae, 0x6, 0x7, 0x0, 0xfffffffffffff04f, 0x7, 0x80000000, 0xfffffffffffffff8, 0xffffffffffffffff, 0x2, 0x0, 0x100, 0x4, 0x2, 0x5, 0x3, 0x8, 0x8})
clock_adjtime(0x0, &(0x7f0000000900)={0x6, 0x20000000e, 0xf, 0x0, 0xf, 0x8000000000000000, 0xa, 0x2, 0x9, 0x4, 0x5, 0x8000000000000000, 0xc, 0x9, 0x7, 0x9, 0x8, 0x3, 0xd24f, 0xfffffffffffffffa, 0x0, 0x5, 0x7, 0x7, 0x3, 0x6})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)

kernel console output (not intermixed with test programs):

al/block/loop5'
[  232.001514][ T8516] netlink: 12 bytes leftover after parsing attributes in process `syz.0.782'.
[  232.034064][ T8516] netlink: 12 bytes leftover after parsing attributes in process `syz.0.782'.
[  232.071273][ T6126] ocfs2: Unmounting device (7,5) on (node local)
[  232.187320][ T8524] program syz.0.786 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  232.936254][ T5991] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  233.101400][ T5991] usb 7-1: Using ep0 maxpacket: 8
[  233.112935][ T8551] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add()
[  233.176164][ T5991] usb 7-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  233.187182][ T5991] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  233.199951][ T5991] usb 7-1: Product: syz
[  233.204463][ T5991] usb 7-1: Manufacturer: syz
[  233.210482][ T5991] usb 7-1: SerialNumber: syz
[  233.222363][ T5991] usb 7-1: config 0 descriptor??
[  233.447752][ T5991] usb 7-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  233.525326][ T8564] netlink: 20 bytes leftover after parsing attributes in process `syz.0.803'.
[  233.551323][ T8564] netlink: 36 bytes leftover after parsing attributes in process `syz.0.803'.
[  233.662188][ T8567] netlink: 'syz.5.804': attribute type 1 has an invalid length.
[  233.776754][ T8568] input: syz1 as /devices/virtual/input/input12
[  233.855423][ T5991] dvb_usb_rtl28xxu 7-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  233.926676][ T5991] usb 7-1: USB disconnect, device number 8
[  234.116697][ T8581] netlink: 12 bytes leftover after parsing attributes in process `syz.5.810'.
[  234.530438][ T8591] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  234.696511][ T8571] loop3: detected capacity change from 0 to 32768
[  234.725661][ T8598] netlink: 8 bytes leftover after parsing attributes in process `syz.0.820'.
[  234.731798][ T8571] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.806 (8571)
[  234.773556][ T8598] netlink: 20 bytes leftover after parsing attributes in process `syz.0.820'.
[  234.840107][ T8571] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  234.925108][ T8571] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  235.213826][ T8571] BTRFS info (device loop3): enabling ssd optimizations
[  235.235742][ T8571] BTRFS info (device loop3): enabling free space tree
[  235.263533][ T8571] BTRFS info (device loop3): use zstd compression, level 3
[  235.550656][ T8596] loop5: detected capacity change from 0 to 32768
[  235.661706][ T8596] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  235.683146][ T5882] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  235.808099][ T8643] loop0: detected capacity change from 0 to 64
[  235.881953][ T8643] hfs: filesystem is marked locked, mounting read-only.
[  235.895894][ T8596] XFS (loop5): Ending clean mount
[  235.942019][ T8596] XFS (loop5): Quotacheck needed: Please wait.
[  235.962731][ T8643] hfs: walked past end of dir
[  236.093917][ T8596] XFS (loop5): Quotacheck: Done.
[  236.401085][ T6126] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  236.826217][ T8663] loop3: detected capacity change from 0 to 256
[  236.877010][ T8663] exfat: Deprecated parameter 'utf8'
[  236.993632][ T8663] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xd9b3646f, utbl_chksum : 0xe619d30d)
[  237.100087][ T8649] loop1: detected capacity change from 0 to 32768
[  237.145906][   T30] audit: type=1800 audit(1759322848.951:16): pid=8663 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.841" name="file1" dev="loop3" ino=1048628 res=0 errno=0
[  237.233542][ T8649] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  237.588472][ T5878] Bluetooth: hci1: command 0x0406 tx timeout
[  237.716109][ T5866] ocfs2: Unmounting device (7,1) on (node local)
[  237.922526][ T5869] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  238.095135][ T5869] usb 4-1: Using ep0 maxpacket: 16
[  238.107720][ T5869] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  238.129188][ T5869] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  238.186061][ T5869] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  238.210826][ T5869] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  238.257984][ T5869] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  238.286837][ T8703] loop5: detected capacity change from 0 to 128
[  238.325642][ T5869] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  238.365108][ T5869] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  238.384182][ T5869] usb 4-1: Manufacturer: syz
[  238.442407][ T5869] usb 4-1: config 0 descriptor??
[  238.782795][ T8712] loop5: detected capacity change from 0 to 4096
[  238.835304][ T5869] rc_core: IR keymap rc-hauppauge not found
[  238.866447][ T5869] Registered IR keymap rc-empty
[  238.887717][ T8718] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  238.887788][ T5869] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  238.975126][ T5869] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  239.047291][ T5869] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  239.116230][ T5869] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input13
[  239.173459][ T5869] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  239.229280][ T5869] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  239.275303][ T5869] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  239.295153][ T5869] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  239.335429][ T5869] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  239.395484][ T5869] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  239.414105][ T8731] loop6: detected capacity change from 0 to 764
[  239.435142][ T5869] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  239.460644][ T5869] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  239.495553][ T5869] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  239.509317][ T8731] Symlink component flag not implemented
[  239.525216][ T8731] Symlink component flag not implemented
[  239.539052][ T5869] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  239.542322][ T8731] Symlink component flag not implemented (128)
[  239.570233][ T5869] mceusb 4-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  239.580435][ T8731] Symlink component flag not implemented (122)
[  239.614977][ T5869] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  239.668757][ T5869] usb 4-1: USB disconnect, device number 11
[  239.687770][ T8735] loop1: detected capacity change from 0 to 2048
[  239.788864][ T8735] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  240.001059][ T8722] loop0: detected capacity change from 0 to 40427
[  240.037517][ T5866] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  240.055095][ T8722] F2FS-fs (loop0): invalid crc value
[  240.115067][ T5942] usb 7-1: new low-speed USB device number 9 using dummy_hcd
[  240.183566][ T8750] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  240.298739][ T5942] usb 7-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  240.334977][ T5942] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  240.386046][ T8722] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  240.409578][ T5942] usb 7-1: config 0 descriptor??
[  240.432180][ T8722] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  240.589373][ T5864] syz-executor: attempt to access beyond end of device
[  240.589373][ T5864] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  240.614497][ T5864] CPU: 0 UID: 0 PID: 5864 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  240.614531][ T5864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  240.614561][ T5864] Call Trace:
[  240.614655][ T5864]  <TASK>
[  240.614668][ T5864]  dump_stack_lvl+0x189/0x250
[  240.614708][ T5864]  ? __pfx_dump_stack_lvl+0x10/0x10
[  240.614737][ T5864]  ? __pfx_queue_work_on+0x10/0x10
[  240.614757][ T5864]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  240.614791][ T5864]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  240.614834][ T5864]  f2fs_handle_critical_error+0x37c/0x540
[  240.614871][ T5864]  f2fs_write_end_io+0x886/0xb60
[  240.614922][ T5864]  __submit_merged_bio+0x27a/0x6a0
[  240.614954][ T5864]  __submit_merged_write_cond+0x255/0x530
[  240.615002][ T5864]  f2fs_write_data_pages+0x261d/0x3000
[  240.615078][ T5864]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  240.615164][ T5864]  ? __mod_zone_page_state+0xd7/0x140
[  240.615206][ T5864]  ? folios_put_refs+0x58b/0x670
[  240.615257][ T5864]  ? __lock_acquire+0xab9/0xd20
[  240.615302][ T5864]  ? do_raw_spin_lock+0x121/0x290
[  240.615345][ T5864]  ? do_raw_spin_unlock+0x122/0x240
[  240.615373][ T5864]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  240.615404][ T5864]  do_writepages+0x32e/0x550
[  240.615444][ T5864]  ? do_raw_spin_unlock+0x122/0x240
[  240.615478][ T5864]  filemap_fdatawrite+0x199/0x240
[  240.615503][ T5864]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  240.615616][ T5864]  ? do_raw_spin_unlock+0x122/0x240
[  240.615653][ T5864]  f2fs_sync_dirty_inodes+0x31f/0x830
[  240.615708][ T5864]  f2fs_write_checkpoint+0x93e/0x2440
[  240.615739][ T5864]  ? __lock_acquire+0xab9/0xd20
[  240.615830][ T5864]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  240.615954][ T5864]  kill_f2fs_super+0x2cc/0x6d0
[  240.615997][ T5864]  ? __pfx_kill_f2fs_super+0x10/0x10
[  240.616055][ T5864]  ? shrinker_free+0x2ce/0x3e0
[  240.616096][ T5864]  deactivate_locked_super+0xbc/0x130
[  240.616139][ T5864]  cleanup_mnt+0x425/0x4c0
[  240.616175][ T5864]  ? lockdep_hardirqs_on+0x9c/0x150
[  240.616211][ T5864]  task_work_run+0x1d4/0x260
[  240.616247][ T5864]  ? __pfx_task_work_run+0x10/0x10
[  240.616274][ T5864]  ? __x64_sys_umount+0x122/0x160
[  240.616306][ T5864]  ? exit_to_user_mode_loop+0x40/0x130
[  240.616347][ T5864]  exit_to_user_mode_loop+0xe9/0x130
[  240.616381][ T5864]  do_syscall_64+0x2bd/0xfa0
[  240.616411][ T5864]  ? lockdep_hardirqs_on+0x9c/0x150
[  240.616440][ T5864]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.616464][ T5864]  ? clear_bhb_loop+0x60/0xb0
[  240.616497][ T5864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.616520][ T5864] RIP: 0033:0x7fb6d7b901f7
[  240.616556][ T5864] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  240.616585][ T5864] RSP: 002b:00007fff03a68ae8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  240.616611][ T5864] RAX: 0000000000000000 RBX: 00007fb6d7c11d7d RCX: 00007fb6d7b901f7
[  240.616628][ T5864] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff03a68ba0
[  240.616644][ T5864] RBP: 00007fff03a68ba0 R08: 0000000000000000 R09: 0000000000000000
[  240.616658][ T5864] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff03a69c30
[  240.616674][ T5864] R13: 00007fb6d7c11d7d R14: 000000000003ab80 R15: 00007fff03a69c70
[  240.616720][ T5864]  </TASK>
[  241.028909][ T5864] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  241.253195][ T8760] loop5: detected capacity change from 0 to 32768
[  241.285471][ T5942] asix 7-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  241.327184][ T5942] asix 7-1:0.0 (unnamed net_device) (uninitialized): Failed to write GPIO value 0x0080: ffffffb9
[  241.369080][ T5942] asix 7-1:0.0: probe with driver asix failed with error -71
[  241.391091][ T5942] usb 7-1: USB disconnect, device number 9
[  241.566963][ T8760] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[  241.566990][ T8760]   allowing incompatible features above 0.0: (unknown version)
[  241.567004][ T8760]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  241.650505][ T8760] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0
[  241.674234][ T8760] bcachefs (loop5): initializing new filesystem
[  241.703411][ T8760] bcachefs (loop5): going read-write
[  241.748127][ T8760] bcachefs (loop5): marking superblocks
[  241.793297][ T8760] bcachefs (loop5): initializing freespace
[  241.820762][ T8760] bcachefs (loop5): done initializing freespace
[  241.853099][ T8760] bcachefs (loop5): reading snapshots table
[  241.907028][ T8760] bcachefs (loop5): reading snapshots done
[  241.947372][ T8779] loop1: detected capacity change from 0 to 256
[  241.987766][ T8779] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d)
[  242.041783][ T8760] bcachefs (loop5):  loop5: Superblock write was silently dropped! (seq 0 expected 42)
[  242.106737][ T8760] bcachefs (loop5): done starting filesystem
[  242.315516][ T8785] Driver unsupported XDP return value 0 on prog  (id 77) dev N/A, expect packet loss!
[  242.490730][ T6126] bcachefs (loop5): shutting down
[  242.500735][ T6126] bcachefs (loop5): going read-only
[  242.541815][ T6126] bcachefs (loop5): finished waiting for writes to stop
[  242.591139][   T30] audit: type=1326 audit(1759322854.401:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8793 comm="syz.1.885" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3ba058eec9 code=0x0
[  242.642969][ T6126] bcachefs (loop5): flushing journal and stopping allocators, journal seq 3
[  243.222896][ T6126] bcachefs (loop5): flushing journal and stopping allocators complete, journal seq 3
[  243.241060][ T6126] bcachefs (loop5): clean shutdown complete, journal seq 4
[  243.249439][ T6126] bcachefs (loop5): marking filesystem clean
[  243.309484][ T6126] bcachefs (loop5): shutdown complete
[  243.560423][ T8807] loop1: detected capacity change from 0 to 1024
[  243.970211][ T8819] loop6: detected capacity change from 0 to 128
[  244.909777][ T8821] loop1: detected capacity change from 0 to 32768
[  244.936951][ T8821] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.899 (8821)
[  244.981544][ T8821] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  245.005146][ T8821] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  245.097558][ T8847] loop6: detected capacity change from 0 to 4096
[  245.165616][ T8821] BTRFS info (device loop1): rebuilding free space tree
[  245.287138][ T8821] BTRFS info (device loop1): enabling ssd optimizations
[  245.305194][ T8821] BTRFS info (device loop1): using spread ssd allocation scheme
[  245.312949][ T8821] BTRFS info (device loop1): turning off barriers
[  245.345184][ T8821] BTRFS info (device loop1): turning on sync discard
[  245.365008][ T8821] BTRFS info (device loop1): enabling free space tree
[  245.372024][ T8821] BTRFS info (device loop1): force clearing of disk cache
[  245.410328][ T8821] BTRFS info (device loop1): enabling auto defrag
[  245.443759][ T8821] BTRFS info (device loop1): use zstd compression, level 3
[  245.745865][ T8821] BTRFS warning (device loop1): failed to trim 2 block group(s), last error -512
[  245.755159][ T8866] vxcan1: tx address claim with dest, not broadcast
[  245.815818][ T8844] loop0: detected capacity change from 0 to 32768
[  245.937138][ T8844] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  245.987464][ T8821] BTRFS warning (device loop1): failed to trim 1 device(s), last error -512
[  246.146600][ T5866] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  246.231307][ T8844] XFS (loop0): Ending clean mount
[  246.398003][ T5864] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  246.408241][ T8883] loop5: detected capacity change from 0 to 512
[  246.435272][ T8883] EXT4-fs: Ignoring removed orlov option
[  246.506809][ T8883] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  246.567893][ T8883] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  246.665655][ T8883] EXT4-fs (loop5): 1 orphan inode deleted
[  246.695434][ T8883] EXT4-fs (loop5): 1 truncate cleaned up
[  246.777532][ T8883] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  246.864490][ T8883] EXT4-fs error (device loop5): ext4_lookup:1787: inode #14: comm syz.5.887: invalid fast symlink length 39
[  246.899489][ T8895] loop6: detected capacity change from 0 to 512
[  246.923800][ T8883] EXT4-fs (loop5): Remounting filesystem read-only
[  246.934293][ T8896] EXT4-fs warning (device loop5): empty_inline_dir:1767: bad inline directory (dir #12) - inode 13, rec_len 16, name_len 53inline size 60
[  247.039214][ T8895] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  247.106136][ T8895] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  247.145344][ T8895] ext4 filesystem being mounted at /138/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  247.158356][ T6126] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.772463][ T8912] netlink: 'syz.0.926': attribute type 4 has an invalid length.
[  247.897351][ T6128] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  248.031769][ T8918] netlink: 48 bytes leftover after parsing attributes in process `syz.1.930'.
[  248.284677][ T8929] netlink: 44 bytes leftover after parsing attributes in process `syz.3.933'.
[  248.368658][ T8931] kvm: user requested TSC rate below hardware speed
[  248.446802][ T8904] loop5: detected capacity change from 0 to 40427
[  248.477259][ T8904] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  248.502129][ T8904] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  248.517916][ T5942] kernel write not supported for file /snd/seq (pid: 5942 comm: kworker/1:4)
[  248.521589][ T8904] F2FS-fs (loop5): invalid crc value
[  248.776808][ T8904] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  248.824378][ T8904] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  248.864670][ T8904] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  249.343210][ T5883] block nbd0: Receive control failed (result -32)
[  249.756263][ T8949] loop1: detected capacity change from 0 to 32768
[  249.838235][ T8949] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  249.957752][ T8949] XFS (loop1): Ending clean mount
[  249.963172][ T8972] IPVS: persistence engine module ip_vs_pe_ not found
[  250.018687][ T8949] XFS (loop1): Quotacheck needed: Please wait.
[  250.144651][ T8949] XFS (loop1): Quotacheck: Done.
[  250.315679][ T5866] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  250.515150][ T5983] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  250.609757][ T8990] tipc: Started in network mode
[  250.630044][ T8990] tipc: Node identity 1, cluster identity 4711
[  250.656834][ T8990] tipc: Node number set to 1
[  250.675068][ T5983] usb 4-1: Using ep0 maxpacket: 8
[  250.693354][ T8990] tipc: Cannot configure node identity twice
[  250.699586][ T5983] usb 4-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  250.699640][ T5983] usb 4-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  250.699688][ T5983] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  250.699713][ T5983] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  250.766909][ T5983] usbtmc 4-1:16.0: bulk endpoints not found
[  251.535193][ T5942] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  251.695510][ T5942] usb 2-1: Using ep0 maxpacket: 32
[  251.701539][ T9009] Failed to get privilege flags for destination (handle=0x2:0xd)
[  251.703592][ T5942] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  251.719895][ T5942] usb 2-1: config 0 has no interface number 0
[  251.751925][ T5942] usb 2-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=2c.d8
[  251.761563][ T5942] usb 2-1: New USB device strings: Mfr=193, Product=2, SerialNumber=3
[  251.777650][ T5942] usb 2-1: Product: syz
[  251.794468][ T5942] usb 2-1: Manufacturer: syz
[  251.804953][ T5942] usb 2-1: SerialNumber: syz
[  251.830453][ T5942] usb 2-1: config 0 descriptor??
[  251.854338][ T5942] usb 2-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  251.896588][ T5942] usb 2-1: selecting invalid altsetting 1
[  251.943386][ T5942] usb 2-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  252.006298][ T5942] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  252.030836][ T5942] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  252.074995][ T5942] usb 2-1: media controller created
[  252.205425][ T5942] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  252.316636][ T9019] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  252.349288][ T9019] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  252.367475][ T5942] usb 2-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  252.409921][ T5942] zl10353_read_register: readreg error (reg=127, ret==-71)
[  252.480747][ T9019] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  252.487823][ T5942] usb 2-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  252.562860][ T9019] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  252.648067][ T9019] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  252.690878][ T9019] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  252.761920][ T9019] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  252.768605][ T9019] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  252.814359][ T5942] usb 2-1: USB disconnect, device number 6
[  252.899717][ T9019] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  253.058747][ T9025] loop5: detected capacity change from 0 to 4096
[  253.105045][ T9025] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512).
[  253.242166][   T30] audit: type=1800 audit(1759322865.051:18): pid=9025 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.971" name="file1" dev="loop5" ino=30 res=0 errno=0
[  253.318536][ T5869] usb 4-1: USB disconnect, device number 12
[  253.838348][ T9045] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  253.845100][ T5869] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  254.014984][ T5869] usb 4-1: Using ep0 maxpacket: 16
[  254.056152][ T5869] usb 4-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  254.068254][ T5869] usb 4-1: config 0 interface 0 altsetting 9 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  254.087823][ T9052] loop5: detected capacity change from 0 to 2048
[  254.114776][ T5869] usb 4-1: config 0 interface 0 has no altsetting 0
[  254.125121][ T5869] usb 4-1: New USB device found, idVendor=1b1c, idProduct=1b34, bcdDevice= 0.00
[  254.135147][ T5869] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  254.151799][ T9048] loop6: detected capacity change from 0 to 4096
[  254.163898][ T9052] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  254.174824][ T5869] usb 4-1: config 0 descriptor??
[  254.228683][   T30] audit: type=1800 audit(1759322866.041:19): pid=9052 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.984" name="bus" dev="loop5" ino=1367 res=0 errno=0
[  254.387051][ T5883] Bluetooth: hci0: command 0x0406 tx timeout
[  254.547711][ T5883] Bluetooth: hci2: command 0x0406 tx timeout
[  254.553344][ T9030] loop1: detected capacity change from 0 to 40427
[  254.612115][ T5869] corsair 0003:1B1C:1B34.000D: item fetching failed at offset 0/5
[  254.637763][ T9030] F2FS-fs (loop1): invalid crc value
[  254.656723][ T5869] corsair 0003:1B1C:1B34.000D: parse failed
[  254.691690][ T5869] corsair 0003:1B1C:1B34.000D: probe with driver corsair failed with error -22
[  254.705842][ T5883] Bluetooth: hci1: command 0x0406 tx timeout
[  254.785080][ T5883] Bluetooth: hci3: command 0x0c1a tx timeout
[  254.905429][   T44] usb 4-1: USB disconnect, device number 13
[  255.011819][ T9030] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  255.038764][ T9030] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  255.086126][ T9068] nbd: socks must be embedded in a SOCK_ITEM attr
[  255.096753][ T9068] block nbd1: shutting down sockets
[  255.296070][ T9066] loop5: detected capacity change from 0 to 32768
[  255.369285][ T5866] syz-executor: attempt to access beyond end of device
[  255.369285][ T5866] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  255.451236][ T5866] CPU: 0 UID: 0 PID: 5866 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  255.451269][ T5866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  255.451284][ T5866] Call Trace:
[  255.451292][ T5866]  <TASK>
[  255.451302][ T5866]  dump_stack_lvl+0x189/0x250
[  255.451338][ T5866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  255.451364][ T5866]  ? __pfx_queue_work_on+0x10/0x10
[  255.451384][ T5866]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  255.451411][ T5866]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  255.451451][ T5866]  f2fs_handle_critical_error+0x37c/0x540
[  255.451482][ T5866]  f2fs_write_end_io+0x886/0xb60
[  255.451529][ T5866]  __submit_merged_bio+0x27a/0x6a0
[  255.451560][ T5866]  __submit_merged_write_cond+0x255/0x530
[  255.451605][ T5866]  f2fs_write_data_pages+0x261d/0x3000
[  255.451670][ T5866]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  255.451711][ T5866]  ? is_bpf_text_address+0x292/0x2b0
[  255.451775][ T5866]  ? __mod_zone_page_state+0xd7/0x140
[  255.451812][ T5866]  ? folios_put_refs+0x58b/0x670
[  255.451858][ T5866]  ? __lock_acquire+0xab9/0xd20
[  255.451900][ T5866]  ? do_raw_spin_lock+0x121/0x290
[  255.451952][ T5866]  ? do_raw_spin_unlock+0x122/0x240
[  255.451978][ T5866]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  255.452006][ T5866]  do_writepages+0x32e/0x550
[  255.452040][ T5866]  ? do_raw_spin_unlock+0x122/0x240
[  255.452071][ T5866]  filemap_fdatawrite+0x199/0x240
[  255.452093][ T5866]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  255.452177][ T5866]  ? do_raw_spin_unlock+0x122/0x240
[  255.452207][ T5866]  f2fs_sync_dirty_inodes+0x31f/0x830
[  255.452252][ T5866]  f2fs_write_checkpoint+0x93e/0x2440
[  255.452280][ T5866]  ? __lock_acquire+0xab9/0xd20
[  255.452343][ T5866]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  255.452436][ T5866]  kill_f2fs_super+0x2cc/0x6d0
[  255.452471][ T5866]  ? __pfx_kill_f2fs_super+0x10/0x10
[  255.452520][ T5866]  ? shrinker_free+0x2ce/0x3e0
[  255.452555][ T5866]  deactivate_locked_super+0xbc/0x130
[  255.452593][ T5866]  cleanup_mnt+0x425/0x4c0
[  255.452626][ T5866]  ? lockdep_hardirqs_on+0x9c/0x150
[  255.452657][ T5866]  task_work_run+0x1d4/0x260
[  255.452688][ T5866]  ? __pfx_task_work_run+0x10/0x10
[  255.452713][ T5866]  ? __x64_sys_umount+0x122/0x160
[  255.452741][ T5866]  ? exit_to_user_mode_loop+0x40/0x130
[  255.452776][ T5866]  exit_to_user_mode_loop+0xe9/0x130
[  255.452807][ T5866]  do_syscall_64+0x2bd/0xfa0
[  255.452834][ T5866]  ? lockdep_hardirqs_on+0x9c/0x150
[  255.452861][ T5866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.452883][ T5866]  ? clear_bhb_loop+0x60/0xb0
[  255.452910][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.452931][ T5866] RIP: 0033:0x7f3ba05901f7
[  255.452953][ T5866] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  255.452972][ T5866] RSP: 002b:00007ffc82f24818 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  255.452995][ T5866] RAX: 0000000000000000 RBX: 00007f3ba0611d7d RCX: 00007f3ba05901f7
[  255.453011][ T5866] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc82f248d0
[  255.453025][ T5866] RBP: 00007ffc82f248d0 R08: 0000000000000000 R09: 0000000000000000
[  255.453038][ T5866] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc82f25960
[  255.453053][ T5866] R13: 00007f3ba0611d7d R14: 000000000003e4f8 R15: 00007ffc82f259a0
[  255.453090][ T5866]  </TASK>
[  255.453099][ T5866] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  255.588682][ T9083] loop0: detected capacity change from 0 to 1024
[  255.677295][ T9066] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,checksum_err_retry_nr=12,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,degraded=yes,nojournal_transaction_names
[  255.677330][ T9066]   allowing incompatible features above 0.0: (unknown version)
[  255.677344][ T9066]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  255.677376][ T9066] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0
[  255.677414][ T9066] bcachefs (loop5): initializing new filesystem
[  255.689231][ T9066] bcachefs (loop5): going read-write
[  255.978483][   T30] audit: type=1800 audit(1759322867.781:20): pid=9083 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.993" name=4277216C0BBA6AD052FA7A6D77F0B19C8B2381ABC46DFA7E4BC6C37BBAB3F908F48D1A6055A6457C5D503502300A69DC517CC08B955DF0D19AE4C120C512ECEFFBF3FC154E4BA08F2497B14E95CFDEF1C26E8623EAB9941404CA9D84DF9A2C44E453A0CFFFBF23E5BF1E872EE040A582EDA3D84714E82DDE4C02836E5F66775F4DF1BDCFBC28EB5CED2B332944D3AB2B9EFE3CBB2111FE dev="loop0" ino=26 res=0 errno=0
[  256.055351][ T9066] bcachefs (loop5): marking superblocks
[  256.073651][ T9066] bcachefs (loop5): initializing freespace
[  256.146517][ T9066] bcachefs (loop5): done initializing freespace
[  256.247766][ T9066] bcachefs (loop5): reading snapshots table
[  256.253881][ T9066] bcachefs (loop5): reading snapshots done
[  256.324633][ T9066] bcachefs (loop5): done starting filesystem
[  256.446243][ T9066] syz.5.989 (9066) used greatest stack depth: 14872 bytes left
[  256.461810][ T6126] bcachefs (loop5): shutting down
[  256.468998][ T5883] Bluetooth: hci0: command 0x0406 tx timeout
[  256.475437][ T6126] bcachefs (loop5): going read-only
[  256.481136][ T6126] bcachefs (loop5): finished waiting for writes to stop
[  256.491003][ T6126] bcachefs (loop5): flushing journal and stopping allocators, journal seq 2
[  256.567958][ T9075] loop6: detected capacity change from 0 to 32768
[  256.615447][ T9075] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  256.627193][ T5883] Bluetooth: hci2: command 0x0406 tx timeout
[  256.657392][ T6126] bcachefs (loop5): flushing journal and stopping allocators complete, journal seq 3
[  256.727982][ T6126] bcachefs (loop5): clean shutdown complete, journal seq 4
[  256.766233][ T6126] bcachefs (loop5): marking filesystem clean
[  256.786226][ T5883] Bluetooth: hci1: command 0x0406 tx timeout
[  256.853953][ T9075] XFS (loop6): Ending clean mount
[  256.865013][ T5883] Bluetooth: hci3: command 0x0c1a tx timeout
[  256.891286][ T9075] XFS (loop6): Quotacheck needed: Please wait.
[  256.907322][ T6126] bcachefs (loop5): shutdown complete
[  256.974418][ T9075] XFS (loop6): Quotacheck: Done.
[  257.029985][ T9075] XFS (loop6): User initiated shutdown received.
[  257.068286][ T9075] XFS (loop6): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:472).  Shutting down filesystem.
[  257.125233][ T9075] XFS (loop6): Please unmount the filesystem and rectify the problem(s)
[  257.197813][ T6128] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  257.468686][ T9102] loop0: detected capacity change from 0 to 32768
[  257.524181][ T9102] non-latin1 character 0x365 found in JFS file name
[  257.560250][ T9102] mount with iocharset=utf8 to access
[  258.645626][ T9130] loop6: detected capacity change from 0 to 32768
[  258.951137][ T5883] Bluetooth: hci3: command 0x0c1a tx timeout
[  259.074564][ T9130] bcachefs (loop6): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[  259.074593][ T9130]   allowing incompatible features above 0.0: (unknown version)
[  259.074615][ T9130]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  259.243294][ T9144] loop1: detected capacity change from 0 to 32768
[  259.334753][ T9130] bcachefs (loop6): Using encoding defined by superblock: utf8-12.1.0
[  259.343944][ T9130] bcachefs (loop6): initializing new filesystem
[  259.373711][ T9126] loop3: detected capacity change from 0 to 32768
[  259.374438][ T9130] bcachefs (loop6): going read-write
[  259.420195][ T9130] bcachefs (loop6): marking superblocks
[  259.434051][ T9144] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  259.513097][ T9130] bcachefs (loop6): initializing freespace
[  259.576679][ T9130] bcachefs (loop6): done initializing freespace
[  259.610435][ T9130] bcachefs (loop6): reading snapshots table
[  259.626902][ T9126] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  259.635734][ T9126] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  259.643137][ T9130] bcachefs (loop6): reading snapshots done
[  259.719060][ T9130] bcachefs (loop6):  loop6: Superblock write was silently dropped! (seq 0 expected 42)
[  259.785354][ T5866] ocfs2: Unmounting device (7,1) on (node local)
[  259.808908][ T9130] bcachefs (loop6): done starting filesystem
[  259.891149][ T9126] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  259.969152][ T5983] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  259.997404][ T5983] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  260.270979][ T6128] bcachefs (loop6): shutting down
[  260.274075][ T5983] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 276ms
[  260.295644][ T5983] gfs2: fsid=syz:syz.0: jid=0: Done
[  260.303346][ T9126] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  260.312604][ T6128] bcachefs (loop6): going read-only
[  260.322807][ T6128] bcachefs (loop6): finished waiting for writes to stop
[  260.337609][ T6128] bcachefs (loop6): flushing journal and stopping allocators, journal seq 3
[  260.433505][ T6128] bcachefs (loop6): flushing journal and stopping allocators complete, journal seq 3
[  260.504127][ T6128] bcachefs (loop6): clean shutdown complete, journal seq 4
[  260.540848][ T6128] bcachefs (loop6): marking filesystem clean
[  260.618715][ T6128] bcachefs (loop6): shutdown complete
[  260.756973][ T9189] loop5: detected capacity change from 0 to 512
[  261.034968][ T5869] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  261.115681][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  261.124111][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  261.228086][ T5869] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  261.238789][ T5869] usb 2-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  261.248097][ T5869] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  261.267154][ T5869] usb 2-1: config 0 descriptor??
[  261.398777][ T9193] loop5: detected capacity change from 0 to 32768
[  261.433289][ T9193] 
[  261.433289][ T9193]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  261.433289][ T9193] 
[  261.500557][ T9193] 
[  261.500557][ T9193]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  261.500557][ T9193] 
[  261.515556][ T9193] 
[  261.515556][ T9193]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  261.515556][ T9193] 
[  261.544955][ T9193] 
[  261.544955][ T9193]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  261.544955][ T9193] 
[  261.611768][ T9193] JFS: metapage_get_blocks failed
[  261.627925][ T9193] 
[  261.627925][ T9193]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  261.627925][ T9193] 
[  261.694476][ T9193] 
[  261.694476][ T9193]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  261.694476][ T9193] 
[  261.714477][ T5869] lenovo 0003:17EF:6047.000E: hidraw0: USB HID v0.00 Device [HID 17ef:6047] on usb-dummy_hcd.1-1/input0
[  261.717745][ T9193] 
[  261.717745][ T9193]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  261.717745][ T9193] 
[  261.743345][ T9197] ERROR: (device loop5): diWrite: ixpxd invalid
[  261.743345][ T9197] 
[  261.757270][ T9193] 
[  261.757270][ T9193]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  261.757270][ T9193] 
[  261.768177][ T9197] ERROR: (device loop5): txCommit: 
[  261.768177][ T9197] 
[  261.790994][ T9197] ERROR: (device loop5): diFree: invalid inoext
[  261.790994][ T9197] 
[  261.806154][ T9193] 
[  261.806154][ T9193]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  261.806154][ T9193] 
[  261.844755][  T112] 
[  261.844755][  T112]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  261.844755][  T112] 
[  261.893260][   T37] ERROR: (device loop5): diWrite: ixpxd invalid
[  261.893260][   T37] 
[  261.901571][ T5869] lenovo 0003:17EF:6047.000E: Failed to switch F7/9/11 mode: -71
[  261.912680][   T37] ERROR: (device loop5): txCommit: 
[  261.912680][   T37] 
[  261.922883][   T37] jfs_write_inode: jfs_commit_inode failed!
[  261.931470][ T5869] lenovo 0003:17EF:6047.000E: Failed to switch middle button: -71
[  261.936913][ T6126] 
[  261.936913][ T6126]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  261.936913][ T6126] 
[  261.954553][ T6126] 
[  261.954553][ T6126]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  261.954553][ T6126] 
[  261.955095][ T5869] lenovo 0003:17EF:6047.000E: Fn-lock setting failed: -71
[  261.994451][ T5869] lenovo 0003:17EF:6047.000E: Sensitivity setting failed: -71
[  262.019494][ T5869] usb 2-1: USB disconnect, device number 7
[  262.287985][ T9199] loop3: detected capacity change from 0 to 32768
[  263.131500][ T9204] loop5: detected capacity change from 0 to 32768
[  263.171036][ T9216] loop3: detected capacity change from 0 to 512
[  263.257330][ T9216] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  263.283666][ T9216] ext4 filesystem being mounted at /192/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  263.453028][ T9216] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #2: comm syz.3.1032: corrupted inode contents
[  263.534620][ T9216] EXT4-fs error (device loop3): ext4_dirty_inode:6509: inode #2: comm syz.3.1032: mark_inode_dirty error
[  263.605685][ T9216] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #2: comm syz.3.1032: corrupted inode contents
[  263.658111][ T9235] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #2: comm syz.3.1032: corrupted inode contents
[  263.729273][ T9235] EXT4-fs error (device loop3): ext4_dirty_inode:6509: inode #2: comm syz.3.1032: mark_inode_dirty error
[  263.792142][ T9235] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #2: comm syz.3.1032: corrupted inode contents
[  263.959557][ T5882] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.225407][ T5869] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[  264.393371][ T5869] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  264.405061][ T5869] usb 6-1: config 1 has an invalid descriptor of length 48, skipping remainder of the config
[  264.435119][ T5869] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  264.465777][ T5869] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 12336, setting to 64
[  264.494205][ T5869] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  264.503670][ T5869] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  264.532785][ T5869] usb 6-1: Product: syz
[  264.550940][ T5869] usb 6-1: Manufacturer: syz
[  264.573882][ T5869] cdc_wdm 6-1:1.0: skipping garbage
[  264.588590][ T5869] cdc_wdm 6-1:1.0: skipping garbage
[  264.610881][ T5869] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  264.627347][ T5869] cdc_wdm 6-1:1.0: Unknown control protocol
[  264.804644][ T9255] loop1: detected capacity change from 0 to 512
[  264.806093][ T5869] usb 6-1: USB disconnect, device number 3
[  264.823105][ T9255] EXT4-fs: Ignoring removed mblk_io_submit option
[  264.856796][ T9255] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[  264.876734][ T9255] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #13: comm syz.1.1052: attempt to clear invalid blocks 2 len 1
[  264.906637][ T9255] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  264.968861][ T9258] loop0: detected capacity change from 0 to 4096
[  264.978503][ T9255] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.1052: invalid indirect mapped block 1819239214 (level 0)
[  264.995209][  T981] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  265.015170][ T9258] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  265.031224][ T9258] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 4096)
[  265.046708][ T9255] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.1052: invalid indirect mapped block 1819239214 (level 1)
[  265.102747][ T9255] EXT4-fs (loop1): 1 truncate cleaned up
[  265.125103][ T9259] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  265.132072][ T9255] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  265.160280][ T9257] NILFS (loop0): DAT doesn't have a block to manage vblocknr = 524288
[  265.174970][ T9257] NILFS error (device loop0): nilfs_bmap_truncate: broken bmap (inode number=15)
[  265.202852][ T9257] Remounting filesystem read-only
[  265.213378][  T981] usb 4-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  265.223569][ T9257] NILFS (loop0): error -5 truncating bmap (ino=15)
[  265.230351][  T981] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  265.243793][ T9255] EXT4-fs (loop1): Quota file not on filesystem root. Journaled quota will not work
[  265.257901][  T981] usb 4-1: Product: syz
[  265.262162][  T981] usb 4-1: Manufacturer: syz
[  265.274991][  T981] usb 4-1: SerialNumber: syz
[  265.317737][  T981] usb 4-1: config 0 descriptor??
[  265.336071][ T5864] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer
[  265.478927][ T5866] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.496222][ T9261] loop0: detected capacity change from 0 to 64
[  265.614746][   T44] usb 4-1: USB disconnect, device number 14
[  265.632543][ T9231] loop6: detected capacity change from 0 to 65536
[  265.771992][ T9231] XFS (loop6): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  265.772175][ T9275] loop0: detected capacity change from 0 to 2048
[  265.814708][ T5867] udevd[5867]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  265.838349][ T9275] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  265.885470][ T9275] ext4 filesystem being mounted at /219/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  265.907029][ T9231] XFS (loop6): Ending clean mount
[  266.240229][ T5864] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.276972][ T6128] XFS (loop6): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  266.794579][ T9300] loop6: detected capacity change from 0 to 1024
[  266.854119][ T9304] loop0: detected capacity change from 0 to 1024
[  266.878267][ T9300] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  266.963560][ T9300] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  267.012071][ T9304] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  267.133575][   T30] audit: type=1800 audit(1759322878.911:21): pid=9304 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1069" name="file0" dev="loop0" ino=13 res=0 errno=0
[  267.208166][ T6128] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.257240][ T5864] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.862723][ T9290] loop3: detected capacity change from 0 to 32768
[  267.884986][ T9303] loop5: detected capacity change from 0 to 40427
[  267.906931][ T9303] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  267.953620][ T9290] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  267.958627][ T9303] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  268.002826][ T9303] F2FS-fs (loop5): invalid crc value
[  268.044028][ T9290] XFS (loop3): Ending clean mount
[  268.386254][ T5882] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  268.503004][ T9303] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  268.560759][ T9303] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  268.603797][ T9303] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  268.676232][ T5983] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  268.787249][   T30] audit: type=1800 audit(1759322880.591:22): pid=9303 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1068" name="file1" dev="loop5" ino=10 res=0 errno=0
[  268.834948][ T5983] usb 7-1: Using ep0 maxpacket: 16
[  268.847326][ T5983] usb 7-1: config 166 has an invalid interface number: 177 but max is 1
[  268.860238][ T5983] usb 7-1: config 166 has an invalid interface number: 34 but max is 1
[  268.870966][ T5983] usb 7-1: config 166 has no interface number 0
[  268.877422][ T5983] usb 7-1: config 166 has no interface number 1
[  268.884021][ T5983] usb 7-1: config 166 interface 177 altsetting 4 has an invalid descriptor for endpoint zero, skipping
[  268.900396][ T5983] usb 7-1: config 166 interface 177 altsetting 4 has an invalid descriptor for endpoint zero, skipping
[  268.932649][ T5983] usb 7-1: config 166 interface 34 altsetting 1 has a duplicate endpoint with address 0x9, skipping
[  268.978833][ T5983] usb 7-1: config 166 interface 34 altsetting 1 has an endpoint descriptor with address 0xA6, changing to 0x86
[  269.025031][ T5983] usb 7-1: config 166 interface 34 altsetting 1 endpoint 0x86 has invalid maxpacket 23105, setting to 1024
[  269.042022][ T9347] loop1: detected capacity change from 0 to 256
[  269.055403][ T5983] usb 7-1: config 166 interface 34 altsetting 1 bulk endpoint 0x86 has invalid maxpacket 1024
[  269.074997][ T5983] usb 7-1: config 166 interface 34 altsetting 1 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  269.112039][ T5983] usb 7-1: config 166 interface 34 altsetting 1 endpoint 0x85 has invalid wMaxPacketSize 0
[  269.123488][ T9347] exfat: Deprecated parameter 'namecase'
[  269.136142][ T5983] usb 7-1: config 166 interface 34 altsetting 1 has 5 endpoint descriptors, different from the interface descriptor's value: 4
[  269.153659][ T5983] usb 7-1: config 166 interface 177 has no altsetting 0
[  269.162832][ T5983] usb 7-1: config 166 interface 34 has no altsetting 0
[  269.188051][ T9347] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x8d1bf2bd, utbl_chksum : 0xe619d30d)
[  269.205652][ T5983] usb 7-1: New USB device found, idVendor=0bda, idProduct=0138, bcdDevice=30.12
[  269.215381][ T5983] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  269.232118][ T5983] usb 7-1: Product: syz
[  269.245790][ T5983] usb 7-1: Manufacturer: syz
[  269.255028][ T5983] usb 7-1: SerialNumber: syz
[  269.494316][ T5983] ums-realtek 7-1:166.177: USB Mass Storage device detected
[  269.646889][ T9342] loop0: detected capacity change from 0 to 32768
[  269.699749][ T5983] ums-realtek 7-1:166.34: USB Mass Storage device detected
[  269.725720][ T9342] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  269.747083][ T9342] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  269.816391][ T9342] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms
[  269.836974][  T981] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  269.845611][  T981] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  269.993578][ T5983] ums-realtek 7-1:166.34: probe with driver ums-realtek failed with error -5
[  270.022365][  T981] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 176ms
[  270.066422][  T981] gfs2: fsid=syz:syz.0: jid=0: Done
[  270.084295][ T9342] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  270.109396][ T5983] uvcvideo 7-1:166.34: Found UVC 0.00 device syz (0bda:0138)
[  270.130550][ T5983] uvcvideo 7-1:166.34: No valid video chain found.
[  270.167016][ T5983] usb 7-1: USB disconnect, device number 10
[  270.320552][ T9342] gfs2: fsid=syz:syz.0: found 1 quota changes
[  270.445009][ T5869] usb 4-1: new full-speed USB device number 15 using dummy_hcd
[  270.636192][ T5869] usb 4-1: config 1 interface 0 altsetting 108 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  270.648033][ T5869] usb 4-1: config 1 interface 0 altsetting 108 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  270.666006][ T5869] usb 4-1: config 1 interface 0 has no altsetting 0
[  270.687816][ T5869] usb 4-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.40
[  270.705371][ T5869] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  270.733902][ T5869] usb 4-1: Product: syz
[  270.755472][ T5869] usb 4-1: Manufacturer: syz
[  270.760148][ T5869] usb 4-1: SerialNumber: syz
[  270.766721][ T9371] loop1: detected capacity change from 0 to 40427
[  270.788163][ T9371] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504)
[  270.801916][ T9371] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  270.824638][ T9371] F2FS-fs (loop1): invalid crc value
[  270.854776][ T9367] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  271.128410][ T5869] usbhid 4-1:1.0: can't add hid device: -71
[  271.156437][ T5869] usbhid 4-1:1.0: probe with driver usbhid failed with error -71
[  271.171345][ T9371] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  271.212449][ T5869] usb 4-1: USB disconnect, device number 15
[  271.230521][ T9371] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  271.280647][ T9371] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  271.340673][ T9393] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1096'.
[  271.462487][ T5866] syz-executor: attempt to access beyond end of device
[  271.462487][ T5866] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  271.498094][ T5866] CPU: 1 UID: 0 PID: 5866 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  271.498126][ T5866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  271.498140][ T5866] Call Trace:
[  271.498150][ T5866]  <TASK>
[  271.498159][ T5866]  dump_stack_lvl+0x189/0x250
[  271.498197][ T5866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  271.498224][ T5866]  ? __pfx_queue_work_on+0x10/0x10
[  271.498243][ T5866]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  271.498271][ T5866]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  271.498314][ T5866]  f2fs_handle_critical_error+0x37c/0x540
[  271.498347][ T5866]  f2fs_write_end_io+0x886/0xb60
[  271.498399][ T5866]  __submit_merged_bio+0x27a/0x6a0
[  271.498436][ T5866]  __submit_merged_write_cond+0x255/0x530
[  271.498482][ T5866]  f2fs_write_data_pages+0x261d/0x3000
[  271.498552][ T5866]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  271.498595][ T5866]  ? is_bpf_text_address+0x292/0x2b0
[  271.498661][ T5866]  ? __mod_zone_page_state+0xd7/0x140
[  271.498700][ T5866]  ? folios_put_refs+0x58b/0x670
[  271.498744][ T5866]  ? __pfx_folios_put_refs+0x10/0x10
[  271.498774][ T5866]  ? rcu_is_watching+0x15/0xb0
[  271.498806][ T5866]  ? __lock_acquire+0xab9/0xd20
[  271.498869][ T5866]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  271.498898][ T5866]  do_writepages+0x32e/0x550
[  271.498936][ T5866]  ? do_raw_spin_unlock+0x122/0x240
[  271.498967][ T5866]  filemap_fdatawrite+0x199/0x240
[  271.498990][ T5866]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  271.499080][ T5866]  ? do_raw_spin_unlock+0x122/0x240
[  271.499112][ T5866]  f2fs_sync_dirty_inodes+0x31f/0x830
[  271.499159][ T5866]  f2fs_write_checkpoint+0x93e/0x2440
[  271.499204][ T5866]  ? __lock_acquire+0xab9/0xd20
[  271.499269][ T5866]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  271.499373][ T5866]  kill_f2fs_super+0x2cc/0x6d0
[  271.499417][ T5866]  ? __pfx_kill_f2fs_super+0x10/0x10
[  271.499469][ T5866]  ? shrinker_free+0x2ce/0x3e0
[  271.499505][ T5866]  deactivate_locked_super+0xbc/0x130
[  271.499545][ T5866]  cleanup_mnt+0x425/0x4c0
[  271.499579][ T5866]  ? lockdep_hardirqs_on+0x9c/0x150
[  271.499612][ T5866]  task_work_run+0x1d4/0x260
[  271.499645][ T5866]  ? __pfx_task_work_run+0x10/0x10
[  271.499668][ T5866]  ? __x64_sys_umount+0x122/0x160
[  271.499698][ T5866]  ? exit_to_user_mode_loop+0x40/0x130
[  271.499734][ T5866]  exit_to_user_mode_loop+0xe9/0x130
[  271.499764][ T5866]  do_syscall_64+0x2bd/0xfa0
[  271.499789][ T5866]  ? lockdep_hardirqs_on+0x9c/0x150
[  271.499817][ T5866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.499839][ T5866]  ? clear_bhb_loop+0x60/0xb0
[  271.499868][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.499889][ T5866] RIP: 0033:0x7f3ba05901f7
[  271.499909][ T5866] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  271.499930][ T5866] RSP: 002b:00007ffc82f24818 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  271.499953][ T5866] RAX: 0000000000000000 RBX: 00007f3ba0611d7d RCX: 00007f3ba05901f7
[  271.499968][ T5866] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc82f248d0
[  271.499982][ T5866] RBP: 00007ffc82f248d0 R08: 0000000000000000 R09: 0000000000000000
[  271.499995][ T5866] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc82f25960
[  271.500010][ T5866] R13: 00007f3ba0611d7d R14: 0000000000042400 R15: 00007ffc82f259a0
[  271.500053][ T5866]  </TASK>
[  271.500062][ T5866] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  271.869389][ T5866] CPU: 0 UID: 0 PID: 5866 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  271.869419][ T5866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  271.869431][ T5866] Call Trace:
[  271.869440][ T5866]  <TASK>
[  271.869450][ T5866]  dump_stack_lvl+0x189/0x250
[  271.869485][ T5866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  271.869512][ T5866]  ? __pfx_queue_work_on+0x10/0x10
[  271.869531][ T5866]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  271.869566][ T5866]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  271.869606][ T5866]  f2fs_handle_critical_error+0x37c/0x540
[  271.869638][ T5866]  f2fs_write_end_io+0x886/0xb60
[  271.869686][ T5866]  __submit_merged_bio+0x27a/0x6a0
[  271.869716][ T5866]  __submit_merged_write_cond+0x255/0x530
[  271.869777][ T5866]  f2fs_write_data_pages+0x261d/0x3000
[  271.869842][ T5866]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  271.869882][ T5866]  ? is_bpf_text_address+0x292/0x2b0
[  271.869946][ T5866]  ? __mod_zone_page_state+0xd7/0x140
[  271.869982][ T5866]  ? folios_put_refs+0x58b/0x670
[  271.870026][ T5866]  ? __pfx_folios_put_refs+0x10/0x10
[  271.870056][ T5866]  ? rcu_is_watching+0x15/0xb0
[  271.870087][ T5866]  ? __lock_acquire+0xab9/0xd20
[  271.870161][ T5866]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  271.870189][ T5866]  do_writepages+0x32e/0x550
[  271.870223][ T5866]  ? do_raw_spin_unlock+0x122/0x240
[  271.870254][ T5866]  filemap_fdatawrite+0x199/0x240
[  271.870277][ T5866]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  271.870354][ T5866]  ? do_raw_spin_unlock+0x122/0x240
[  271.870385][ T5866]  f2fs_sync_dirty_inodes+0x31f/0x830
[  271.870431][ T5866]  f2fs_write_checkpoint+0x93e/0x2440
[  271.870459][ T5866]  ? __lock_acquire+0xab9/0xd20
[  271.870521][ T5866]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  271.870612][ T5866]  kill_f2fs_super+0x2cc/0x6d0
[  271.870647][ T5866]  ? __pfx_kill_f2fs_super+0x10/0x10
[  271.870695][ T5866]  ? shrinker_free+0x2ce/0x3e0
[  271.870730][ T5866]  deactivate_locked_super+0xbc/0x130
[  271.870769][ T5866]  cleanup_mnt+0x425/0x4c0
[  271.870802][ T5866]  ? lockdep_hardirqs_on+0x9c/0x150
[  271.870832][ T5866]  task_work_run+0x1d4/0x260
[  271.870863][ T5866]  ? __pfx_task_work_run+0x10/0x10
[  271.870888][ T5866]  ? __x64_sys_umount+0x122/0x160
[  271.870916][ T5866]  ? exit_to_user_mode_loop+0x40/0x130
[  271.870950][ T5866]  exit_to_user_mode_loop+0xe9/0x130
[  271.870980][ T5866]  do_syscall_64+0x2bd/0xfa0
[  271.871007][ T5866]  ? lockdep_hardirqs_on+0x9c/0x150
[  271.871033][ T5866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.871055][ T5866]  ? clear_bhb_loop+0x60/0xb0
[  271.871082][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.871103][ T5866] RIP: 0033:0x7f3ba05901f7
[  271.871133][ T5866] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  271.871153][ T5866] RSP: 002b:00007ffc82f24818 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  271.871177][ T5866] RAX: 0000000000000000 RBX: 00007f3ba0611d7d RCX: 00007f3ba05901f7
[  271.871192][ T5866] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc82f248d0
[  271.871212][ T5866] RBP: 00007ffc82f248d0 R08: 0000000000000000 R09: 0000000000000000
[  271.871226][ T5866] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc82f25960
[  271.871240][ T5866] R13: 00007f3ba0611d7d R14: 0000000000042400 R15: 00007ffc82f259a0
[  271.871278][ T5866]  </TASK>
[  271.871287][ T5866] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  272.606212][ T9407] bridge0: entered promiscuous mode
[  272.668330][ T9391] loop0: detected capacity change from 0 to 40427
[  272.690266][ T9391] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  272.714703][ T9391] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  272.758955][ T9391] F2FS-fs (loop0): invalid crc value
[  272.987079][ T9391] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  273.028329][ T9391] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  273.045346][ T9391] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  273.095134][ T5983] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  273.140972][ T9401] loop3: detected capacity change from 0 to 40427
[  273.187542][ T9401] F2FS-fs (loop3): invalid crc value
[  273.283477][ T5983] usb 7-1: config 220 has an invalid interface number: 76 but max is 2
[  273.299948][ T5983] usb 7-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  273.316130][ T5983] usb 7-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  273.332949][ T5983] usb 7-1: config 220 has no interface number 2
[  273.350065][ T5983] usb 7-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  273.382738][ T5983] usb 7-1: config 220 interface 0 has no altsetting 0
[  273.402062][ T5983] usb 7-1: config 220 interface 76 has no altsetting 0
[  273.419259][ T5983] usb 7-1: config 220 interface 1 has no altsetting 0
[  273.440442][ T5983] usb 7-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  273.448025][ T9401] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  273.456707][ T5983] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  273.496554][ T5983] usb 7-1: Product: syz
[  273.502310][ T9401] F2FS-fs (loop3): Start checkpoint disabled!
[  273.510691][ T9401] F2FS-fs (loop3): f2fs_disable_checkpoint() finish, err:0
[  273.511930][ T5983] usb 7-1: Manufacturer: syz
[  273.541414][ T5983] usb 7-1: SerialNumber: syz
[  273.545362][ T9401] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  273.618801][   T30] audit: type=1800 audit(1759322885.431:23): pid=9401 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1100" name="file1" dev="loop3" ino=10 res=0 errno=0
[  273.656962][ T9401] syz.3.1100: attempt to access beyond end of device
[  273.656962][ T9401] loop3: rw=2049, sector=77824, nr_sectors = 800 limit=40427
[  273.726758][   T37] kworker/u8:3: attempt to access beyond end of device
[  273.726758][   T37] loop3: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  273.787580][ T5983] uvcvideo 7-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  273.790194][   T37] kworker/u8:3: attempt to access beyond end of device
[  273.790194][   T37] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  273.810073][ T5983] uvcvideo 7-1:220.0: No valid video chain found.
[  273.810168][ T5983] usb 7-1: selecting invalid altsetting 0
[  273.865202][   T37] CPU: 1 UID: 0 PID: 37 Comm: kworker/u8:3 Not tainted syzkaller #0 PREEMPT(full) 
[  273.865231][   T37] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  273.865253][   T37] Workqueue: writeback wb_workfn (flush-7:3)
[  273.865296][   T37] Call Trace:
[  273.865305][   T37]  <TASK>
[  273.865314][   T37]  dump_stack_lvl+0x189/0x250
[  273.865346][   T37]  ? __pfx_dump_stack_lvl+0x10/0x10
[  273.865371][   T37]  ? __pfx_queue_work_on+0x10/0x10
[  273.865390][   T37]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  273.865415][   T37]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  273.865454][   T37]  f2fs_handle_critical_error+0x37c/0x540
[  273.865486][   T37]  f2fs_write_end_io+0x886/0xb60
[  273.865536][   T37]  __submit_merged_bio+0x27a/0x6a0
[  273.865569][   T37]  __submit_merged_write_cond+0x255/0x530
[  273.865615][   T37]  f2fs_write_data_pages+0x261d/0x3000
[  273.865687][   T37]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  273.865731][   T37]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  273.865808][   T37]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  273.865847][   T37]  ? trace_f2fs_writepages+0x7f/0x200
[  273.865873][   T37]  ? f2fs_write_node_pages+0x478/0x6e0
[  273.865927][   T37]  ? save_fpregs_to_fpstate+0xa3/0x210
[  273.865961][   T37]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  273.865988][   T37]  do_writepages+0x32e/0x550
[  273.866018][   T37]  ? reacquire_held_locks+0x127/0x1d0
[  273.866038][   T37]  ? writeback_sb_inodes+0x384/0x1010
[  273.866075][   T37]  __writeback_single_inode+0x145/0xff0
[  273.866100][   T37]  ? do_raw_spin_unlock+0x122/0x240
[  273.866132][   T37]  writeback_sb_inodes+0x6c7/0x1010
[  273.866192][   T37]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  273.866282][   T37]  ? rcu_is_watching+0x15/0xb0
[  273.866316][   T37]  wb_writeback+0x43b/0xaf0
[  273.866352][   T37]  ? queue_io+0x3b1/0x590
[  273.866380][   T37]  ? __pfx_wb_writeback+0x10/0x10
[  273.866416][   T37]  ? _raw_spin_unlock_irq+0x23/0x50
[  273.866449][   T37]  wb_workfn+0x409/0xef0
[  273.866504][   T37]  ? __pfx_wb_workfn+0x10/0x10
[  273.866544][   T37]  ? __lock_acquire+0xab9/0xd20
[  273.866591][   T37]  ? process_scheduled_works+0x9ef/0x17b0
[  273.866634][   T37]  ? _raw_spin_unlock_irq+0x23/0x50
[  273.866657][   T37]  ? process_scheduled_works+0x9ef/0x17b0
[  273.866689][   T37]  ? process_scheduled_works+0x9ef/0x17b0
[  273.866725][   T37]  process_scheduled_works+0xae1/0x17b0
[  273.866796][   T37]  ? __pfx_process_scheduled_works+0x10/0x10
[  273.866853][   T37]  worker_thread+0x8a0/0xda0
[  273.866891][   T37]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  273.866928][   T37]  ? __kthread_parkme+0x7b/0x200
[  273.866932][ T5983] usb 7-1: selecting invalid altsetting 0
[  273.866963][   T37]  kthread+0x711/0x8a0
[  273.866988][   T37]  ? __pfx_worker_thread+0x10/0x10
[  273.867019][   T37]  ? __pfx_kthread+0x10/0x10
[  273.867048][   T37]  ? _raw_spin_unlock_irq+0x23/0x50
[  273.867077][   T37]  ? lockdep_hardirqs_on+0x9c/0x150
[  273.867107][   T37]  ? __pfx_kthread+0x10/0x10
[  273.867136][   T37]  ret_from_fork+0x4bc/0x870
[  273.867178][   T37]  ? __pfx_ret_from_fork+0x10/0x10
[  273.867227][   T37]  ? __switch_to_asm+0x39/0x70
[  273.867265][   T37]  ? __switch_to_asm+0x33/0x70
[  273.867294][   T37]  ? __pfx_kthread+0x10/0x10
[  273.867324][   T37]  ret_from_fork_asm+0x1a/0x30
[  273.867384][   T37]  </TASK>
[  273.867395][   T37] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  273.901338][ T5983] usbtest 7-1:220.1: probe with driver usbtest failed with error -22
[  274.213328][ T9429] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1110'.
[  274.251366][ T5983] usb 7-1: USB disconnect, device number 11
[  275.366185][ T9431] loop5: detected capacity change from 0 to 32768
[  275.779495][ T9466] loop3: detected capacity change from 0 to 1024
[  276.037200][ T9471] loop5: detected capacity change from 0 to 256
[  276.170017][ T9471] FAT-fs (loop5): Directory bread(block 64) failed
[  276.198104][ T9471] FAT-fs (loop5): Directory bread(block 65) failed
[  276.235586][ T9471] FAT-fs (loop5): Directory bread(block 66) failed
[  276.242211][ T9471] FAT-fs (loop5): Directory bread(block 67) failed
[  276.290077][ T9471] FAT-fs (loop5): Directory bread(block 68) failed
[  276.314233][ T9447] loop6: detected capacity change from 0 to 40427
[  276.323143][ T9471] FAT-fs (loop5): Directory bread(block 69) failed
[  276.333656][ T9471] FAT-fs (loop5): Directory bread(block 70) failed
[  276.361738][ T9447] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  276.382268][ T9471] FAT-fs (loop5): Directory bread(block 71) failed
[  276.402901][ T9447] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  276.415629][ T9471] FAT-fs (loop5): Directory bread(block 72) failed
[  276.439905][ T9471] FAT-fs (loop5): Directory bread(block 73) failed
[  276.460119][ T9447] F2FS-fs (loop6): invalid crc value
[  276.694712][ T9458] loop0: detected capacity change from 0 to 32768
[  276.767809][ T9447] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  276.867965][ T9447] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  276.895715][ T9447] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  277.013745][ T9447] syz.6.1116: attempt to access beyond end of device
[  277.013745][ T9447] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  277.247030][ T6128] syz-executor: attempt to access beyond end of device
[  277.247030][ T6128] loop6: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  277.315030][ T6128] CPU: 0 UID: 0 PID: 6128 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  277.315062][ T6128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  277.315075][ T6128] Call Trace:
[  277.315083][ T6128]  <TASK>
[  277.315092][ T6128]  dump_stack_lvl+0x189/0x250
[  277.315128][ T6128]  ? __pfx_dump_stack_lvl+0x10/0x10
[  277.315154][ T6128]  ? __pfx_queue_work_on+0x10/0x10
[  277.315172][ T6128]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  277.315200][ T6128]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  277.315240][ T6128]  f2fs_handle_critical_error+0x37c/0x540
[  277.315272][ T6128]  f2fs_write_end_io+0x886/0xb60
[  277.315321][ T6128]  __submit_merged_bio+0x27a/0x6a0
[  277.315340][ T6128]  ? up_write+0x1c4/0x420
[  277.315368][ T6128]  __submit_merged_write_cond+0x44c/0x530
[  277.315412][ T6128]  f2fs_sync_node_pages+0x1479/0x15e0
[  277.315475][ T6128]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  277.315543][ T6128]  ? f2fs_write_checkpoint+0xdad/0x2440
[  277.315577][ T6128]  ? up_write+0x1c4/0x420
[  277.315606][ T6128]  f2fs_write_checkpoint+0xdde/0x2440
[  277.315634][ T6128]  ? __lock_acquire+0xab9/0xd20
[  277.315698][ T6128]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  277.315794][ T6128]  kill_f2fs_super+0x2cc/0x6d0
[  277.315844][ T6128]  ? __pfx_kill_f2fs_super+0x10/0x10
[  277.315894][ T6128]  ? shrinker_free+0x2ce/0x3e0
[  277.315930][ T6128]  deactivate_locked_super+0xbc/0x130
[  277.315968][ T6128]  cleanup_mnt+0x425/0x4c0
[  277.316001][ T6128]  ? lockdep_hardirqs_on+0x9c/0x150
[  277.316033][ T6128]  task_work_run+0x1d4/0x260
[  277.316064][ T6128]  ? __pfx_task_work_run+0x10/0x10
[  277.316089][ T6128]  ? __x64_sys_umount+0x122/0x160
[  277.316118][ T6128]  ? exit_to_user_mode_loop+0x40/0x130
[  277.316151][ T6128]  exit_to_user_mode_loop+0xe9/0x130
[  277.316183][ T6128]  do_syscall_64+0x2bd/0xfa0
[  277.316210][ T6128]  ? lockdep_hardirqs_on+0x9c/0x150
[  277.316237][ T6128]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  277.316259][ T6128]  ? clear_bhb_loop+0x60/0xb0
[  277.316287][ T6128]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  277.316309][ T6128] RIP: 0033:0x7fcfea1901f7
[  277.316328][ T6128] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  277.316347][ T6128] RSP: 002b:00007ffeefee2888 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  277.316371][ T6128] RAX: 0000000000000000 RBX: 00007fcfea211d7d RCX: 00007fcfea1901f7
[  277.316386][ T6128] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffeefee2940
[  277.316400][ T6128] RBP: 00007ffeefee2940 R08: 0000000000000000 R09: 0000000000000000
[  277.316413][ T6128] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffeefee39d0
[  277.316427][ T6128] R13: 00007fcfea211d7d R14: 0000000000043a74 R15: 00007ffeefee3a10
[  277.316466][ T6128]  </TASK>
[  277.316768][ T6128] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  277.850610][ T9502] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  277.880762][ T9484] loop3: detected capacity change from 0 to 32768
[  277.968591][ T9484] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  278.133847][ T9484] XFS (loop3): Ending clean mount
[  278.163065][ T9484] XFS (loop3): Quotacheck needed: Please wait.
[  278.211334][ T9514] loop5: detected capacity change from 0 to 256
[  278.298718][ T9514] FAT-fs (loop5): Directory bread(block 64) failed
[  278.305482][ T9484] XFS (loop3): Quotacheck: Done.
[  278.333440][ T9514] FAT-fs (loop5): Directory bread(block 65) failed
[  278.344093][ T9514] FAT-fs (loop5): Directory bread(block 66) failed
[  278.375380][ T9514] FAT-fs (loop5): Directory bread(block 67) failed
[  278.404128][ T9514] FAT-fs (loop5): Directory bread(block 68) failed
[  278.420324][ T9514] FAT-fs (loop5): Directory bread(block 69) failed
[  278.438195][ T9514] FAT-fs (loop5): Directory bread(block 70) failed
[  278.444799][ T9514] FAT-fs (loop5): Directory bread(block 71) failed
[  278.503624][ T9514] FAT-fs (loop5): Directory bread(block 72) failed
[  278.510803][ T5882] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  278.518830][ T9514] FAT-fs (loop5): Directory bread(block 73) failed
[  278.640664][ T9492] loop1: detected capacity change from 0 to 32768
[  278.773492][ T9492] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  278.902301][ T9492] XFS (loop1): Ending clean mount
[  278.940683][ T9504] loop0: detected capacity change from 0 to 40427
[  278.954511][ T9492] XFS (loop1): Quotacheck needed: Please wait.
[  279.045477][ T9504] F2FS-fs (loop0): invalid crc value
[  279.089701][ T9492] XFS (loop1): Quotacheck: Done.
[  279.308977][ T9531] loop3: detected capacity change from 0 to 512
[  279.316383][   T60] kworker/u8:4: attempt to access beyond end of device
[  279.316383][   T60] loop5: rw=1, sector=1224, nr_sectors = 32 limit=256
[  279.340975][ T9531] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  279.351459][ T9533] loop6: detected capacity change from 0 to 1024
[  279.354300][ T5866] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  279.373942][   T60] kworker/u8:4: attempt to access beyond end of device
[  279.373942][   T60] loop5: rw=1, sector=1320, nr_sectors = 32 limit=256
[  279.388602][   T60] kworker/u8:4: attempt to access beyond end of device
[  279.388602][   T60] loop5: rw=1, sector=1384, nr_sectors = 32 limit=256
[  279.392813][ T9504] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  279.403210][   T60] kworker/u8:4: attempt to access beyond end of device
[  279.403210][   T60] loop5: rw=1, sector=1448, nr_sectors = 32 limit=256
[  279.425053][   T60] kworker/u8:4: attempt to access beyond end of device
[  279.425053][   T60] loop5: rw=1, sector=1512, nr_sectors = 32 limit=256
[  279.442022][   T60] kworker/u8:4: attempt to access beyond end of device
[  279.442022][   T60] loop5: rw=1, sector=1576, nr_sectors = 32 limit=256
[  279.483651][ T9531] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  279.506882][   T60] kworker/u8:4: attempt to access beyond end of device
[  279.506882][   T60] loop5: rw=1, sector=1640, nr_sectors = 32 limit=256
[  279.517258][ T9504] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  279.528369][ T9531] ext4 filesystem being mounted at /213/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  279.583935][   T60] kworker/u8:4: attempt to access beyond end of device
[  279.583935][   T60] loop5: rw=1, sector=1704, nr_sectors = 32 limit=256
[  279.975334][ T5864] CPU: 0 UID: 0 PID: 5864 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  279.975367][ T5864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  279.975380][ T5864] Call Trace:
[  279.975389][ T5864]  <TASK>
[  279.975399][ T5864]  dump_stack_lvl+0x189/0x250
[  279.975433][ T5864]  ? __pfx_dump_stack_lvl+0x10/0x10
[  279.975458][ T5864]  ? __pfx_queue_work_on+0x10/0x10
[  279.975476][ T5864]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  279.975510][ T5864]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  279.975551][ T5864]  f2fs_handle_critical_error+0x37c/0x540
[  279.975584][ T5864]  f2fs_write_end_io+0x886/0xb60
[  279.975635][ T5864]  __submit_merged_bio+0x27a/0x6a0
[  279.975668][ T5864]  __submit_merged_write_cond+0x255/0x530
[  279.975714][ T5864]  f2fs_write_data_pages+0x261d/0x3000
[  279.975787][ T5864]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  279.975879][ T5864]  ? stack_trace_save+0x9c/0xe0
[  279.975904][ T5864]  ? __pfx_stack_trace_save+0x10/0x10
[  279.975946][ T5864]  ? kasan_save_stack+0x4d/0x60
[  279.975969][ T5864]  ? kasan_save_stack+0x3e/0x60
[  279.975990][ T5864]  ? kasan_record_aux_stack+0xbd/0xd0
[  279.976037][ T5864]  ? __lock_acquire+0xab9/0xd20
[  279.976091][ T5864]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  279.976119][ T5864]  do_writepages+0x32e/0x550
[  279.976156][ T5864]  ? do_raw_spin_unlock+0x122/0x240
[  279.976189][ T5864]  filemap_fdatawrite+0x199/0x240
[  279.976230][ T5864]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  279.976312][ T5864]  ? do_raw_spin_unlock+0x122/0x240
[  279.976345][ T5864]  f2fs_sync_dirty_inodes+0x31f/0x830
[  279.976395][ T5864]  f2fs_write_checkpoint+0x93e/0x2440
[  279.976422][ T5864]  ? __lock_acquire+0xab9/0xd20
[  279.976487][ T5864]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  279.976601][ T5864]  kill_f2fs_super+0x2cc/0x6d0
[  279.976639][ T5864]  ? __pfx_kill_f2fs_super+0x10/0x10
[  279.976692][ T5864]  ? shrinker_free+0x2ce/0x3e0
[  279.976730][ T5864]  deactivate_locked_super+0xbc/0x130
[  279.976770][ T5864]  cleanup_mnt+0x425/0x4c0
[  279.976804][ T5864]  ? lockdep_hardirqs_on+0x9c/0x150
[  279.976836][ T5864]  task_work_run+0x1d4/0x260
[  279.976868][ T5864]  ? __pfx_task_work_run+0x10/0x10
[  279.976890][ T5864]  ? __x64_sys_umount+0x122/0x160
[  279.976913][ T5864]  ? exit_to_user_mode_loop+0x40/0x130
[  279.976941][ T5864]  exit_to_user_mode_loop+0xe9/0x130
[  279.976966][ T5864]  do_syscall_64+0x2bd/0xfa0
[  279.976988][ T5864]  ? lockdep_hardirqs_on+0x9c/0x150
[  279.977009][ T5864]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.977028][ T5864]  ? clear_bhb_loop+0x60/0xb0
[  279.977050][ T5864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.977067][ T5864] RIP: 0033:0x7fb6d7b901f7
[  279.977083][ T5864] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  279.977098][ T5864] RSP: 002b:00007fff03a68ae8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  279.977118][ T5864] RAX: 0000000000000000 RBX: 00007fb6d7c11d7d RCX: 00007fb6d7b901f7
[  279.977129][ T5864] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff03a68ba0
[  279.977140][ T5864] RBP: 00007fff03a68ba0 R08: 0000000000000000 R09: 0000000000000000
[  279.977151][ T5864] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff03a69c30
[  279.977162][ T5864] R13: 00007fb6d7c11d7d R14: 0000000000044531 R15: 00007fff03a69c70
[  279.977194][ T5864]  </TASK>
[  279.978990][ T5864] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  280.371073][ T5882] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.422142][ T9551] input: syz1 as /devices/virtual/input/input14
[  281.143862][ T9547] loop1: detected capacity change from 0 to 32768
[  281.185071][ T9547] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1147 (9547)
[  281.235585][ T9547] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  281.247022][ T9547] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  281.334594][ T9569] loop5: detected capacity change from 0 to 1024
[  281.430926][ T9553] loop3: detected capacity change from 0 to 32768
[  281.443731][ T9576] netlink: 48 bytes leftover after parsing attributes in process `syz.6.1163'.
[  281.468460][ T9553] (syz.3.1151,9553,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  281.518370][ T9553] (syz.3.1151,9553,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  281.545761][ T9547] BTRFS info (device loop1): enabling ssd optimizations
[  281.599245][ T9547] BTRFS info (device loop1): enabling free space tree
[  281.644276][ T9553] JBD2: Ignoring recovery information on journal
[  281.673610][   T36] hfsplus: b-tree write err: -5, ino 4
[  281.773857][ T9547] BTRFS error (device loop1): balance: mixed groups data and metadata options must be the same
[  281.888304][ T9553] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[  281.928684][ T9600] loop0: detected capacity change from 0 to 128
[  281.944548][ T9600] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  282.038746][ T5866] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  282.055508][   T44] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  282.075132][ T9600] FAT-fs (loop0): FAT read failed (blocknr 128)
[  282.240533][   T13] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  282.252163][   T44] usb 6-1: Using ep0 maxpacket: 8
[  282.264548][ T5882] ocfs2: Unmounting device (7,3) on (node local)
[  282.290909][   T44] usb 6-1: unable to get BOS descriptor or descriptor too short
[  282.329278][   T44] usb 6-1: config 4 has an invalid interface number: 30 but max is 0
[  282.354952][   T44] usb 6-1: config 4 has no interface number 0
[  282.361391][   T44] usb 6-1: config 4 interface 30 has no altsetting 0
[  282.418363][   T44] usb 6-1: string descriptor 0 read error: -22
[  282.445214][   T44] usb 6-1: New USB device found, idVendor=9022, idProduct=d484, bcdDevice=f9.88
[  282.475456][   T44] usb 6-1: New USB device strings: Mfr=72, Product=153, SerialNumber=219
[  282.541541][   T44] dvb-usb: found a 'TeVii S482 (tuner 2)' in warm state.
[  282.584700][   T44] dw2102: su3000_power_ctrl: 1, initialized 0
[  282.608459][   T44] dvb-usb: bulk message failed: -22 (2/0)
[  282.679744][   T44] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  282.696207][   T44] dvbdev: DVB: registering new adapter (TeVii S482 (tuner 2))
[  282.714043][   T44] usb 6-1: media controller created
[  282.724310][   T44] dvb-usb: bulk message failed: -22 (6/0)
[  282.747726][   T44] dw2102: i2c transfer failed.
[  282.797814][   T44] dvb-usb: bulk message failed: -22 (6/0)
[  282.803619][   T44] dw2102: i2c transfer failed.
[  282.836263][   T44] dvb-usb: bulk message failed: -22 (6/0)
[  282.855016][   T44] dw2102: i2c transfer failed.
[  282.859903][   T44] dvb-usb: bulk message failed: -22 (6/0)
[  282.881936][   T44] dw2102: i2c transfer failed.
[  282.888728][   T44] dvb-usb: bulk message failed: -22 (6/0)
[  282.894513][   T44] dw2102: i2c transfer failed.
[  282.906959][   T44] dvb-usb: bulk message failed: -22 (6/0)
[  282.912803][   T44] dw2102: i2c transfer failed.
[  282.913233][ T9617] loop0: detected capacity change from 0 to 128
[  282.945019][   T44] dvb-usb: MAC address: 02:02:02:02:02:02
[  282.983873][ T9617] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  283.060734][   T44] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  283.135323][ T9617] ext4 filesystem being mounted at /237/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  283.210378][   T44] dvb-usb: bulk message failed: -22 (3/0)
[  283.254090][   T44] dw2102: command 0x0e transfer failed.
[  283.268594][   T44] dvb-usb: bulk message failed: -22 (3/0)
[  283.274486][   T44] dw2102: command 0x0e transfer failed.
[  283.373019][ T5864] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  283.642704][ T9636] loop3: detected capacity change from 0 to 64
[  283.656947][   T44] dvb-usb: bulk message failed: -22 (3/0)
[  283.665250][   T44] dw2102: command 0x0e transfer failed.
[  283.677547][   T44] dvb-usb: bulk message failed: -22 (3/0)
[  283.699393][ T9625] loop1: detected capacity change from 0 to 32768
[  283.701155][   T44] dw2102: command 0x0e transfer failed.
[  283.723327][ T9625] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  283.726203][   T44] dvb-usb: bulk message failed: -22 (1/0)
[  283.802784][   T44] dw2102: command 0x51 transfer failed.
[  283.830864][   T44] dvb-usb: bulk message failed: -22 (5/0)
[  283.869176][   T44] dw2102: i2c probe for address 0x68 failed.
[  283.900571][   T44] dvb-usb: bulk message failed: -22 (5/0)
[  283.934512][   T44] dw2102: i2c probe for address 0x69 failed.
[  283.958222][   T44] dvb-usb: bulk message failed: -22 (5/0)
[  283.975564][   T44] dw2102: i2c probe for address 0x6a failed.
[  283.993178][   T44] dw2102: probing for demodulator failed. Is the external power switched on?
[  283.996125][ T5866] ocfs2: Unmounting device (7,1) on (node local)
[  284.019206][   T44] dvb-usb: no frontend was attached by 'TeVii S482 (tuner 2)'
[  284.187822][   T44] rc_core: IR keymap rc-tt-1500 not found
[  284.202872][   T44] Registered IR keymap rc-empty
[  284.220976][   T44] rc rc0: TeVii S482 (tuner 2) as /devices/platform/dummy_hcd.5/usb6/6-1/rc/rc0
[  284.279044][   T44] input: TeVii S482 (tuner 2) as /devices/platform/dummy_hcd.5/usb6/6-1/rc/rc0/input15
[  284.333237][   T44] dvb-usb: schedule remote query interval to 250 msecs.
[  284.369757][   T44] dw2102: su3000_power_ctrl: 0, initialized 1
[  284.395788][   T44] dvb-usb: TeVii S482 (tuner 2) successfully initialized and connected.
[  284.484136][   T44] usb 6-1: USB disconnect, device number 4
[  284.759748][   T44] dvb-usb: TeVii S482 (tuner 2) successfully deinitialized and disconnected.
[  285.034300][ T9662] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1191'.
[  285.147184][ T9666] loop1: detected capacity change from 0 to 512
[  285.240351][ T9666] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  285.325078][ T9666] ext4 filesystem being mounted at /283/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  285.486197][ T5866] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  285.696366][ T9665] loop5: detected capacity change from 0 to 32768
[  285.729445][ T9665] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  285.785599][   T10] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  285.923507][ T9665] XFS (loop5): Ending clean mount
[  285.939647][ T9693] netlink: 'syz.0.1201': attribute type 1 has an invalid length.
[  285.955977][   T10] usb 4-1: Using ep0 maxpacket: 32
[  285.968059][   T10] usb 4-1: config 0 has an invalid interface number: 51 but max is 0
[  285.980184][ T9693] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1201'.
[  285.992713][   T10] usb 4-1: config 0 has no interface number 0
[  286.008484][   T10] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  286.018658][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  286.026761][   T10] usb 4-1: Product: syz
[  286.031239][   T10] usb 4-1: Manufacturer: syz
[  286.075521][ T5983] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  286.087044][   T10] usb 4-1: SerialNumber: syz
[  286.130390][   T10] usb 4-1: config 0 descriptor??
[  286.138113][ T9699] loop6: detected capacity change from 0 to 16
[  286.155665][ T9699] MTD: Attempt to mount non-MTD device "/dev/loop6"
[  286.164143][ T6126] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  286.188849][   T10] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  286.302364][ T5983] usb 2-1: config index 0 descriptor too short (expected 39, got 27)
[  286.315020][ T5983] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  286.349084][ T5983] usb 2-1: config 0 interface 0 has no altsetting 0
[  286.378731][ T5983] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  286.391028][ T5878] Bluetooth: hci3: Opcode 0x206a failed: -110
[  286.412051][   T10] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  286.431605][ T5983] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  286.464972][ T5878] Bluetooth: hci3: command 0x0c1a tx timeout
[  286.471330][ T5983] usb 2-1: Product: syz
[  286.484426][   T10] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  286.493862][ T5983] usb 2-1: Manufacturer: syz
[  286.502652][ T5983] usb 2-1: SerialNumber: syz
[  286.531473][ T5983] usb 2-1: config 0 descriptor??
[  286.577189][ T5983] hub 2-1:0.0: bad descriptor, ignoring hub
[  286.583211][ T5983] hub 2-1:0.0: probe with driver hub failed with error -5
[  286.618378][ T5983] usb 2-1: selecting invalid altsetting 0
[  286.770330][ T9709] program syz.5.1204 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  286.782519][    C0] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71
[  286.786448][ T5942] usb 4-1: USB disconnect, device number 16
[  286.807212][ T5983] usb 2-1: USB disconnect, device number 8
[  286.864501][ T5942] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  286.912260][ T5942] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  286.953273][ T5942] quatech2 4-1:0.51: device disconnected
[  287.459420][ T9721] loop4: detected capacity change from 0 to 524287936
[  287.648765][ T9725] loop1: detected capacity change from 0 to 164
[  287.672697][ T9717] loop5: detected capacity change from 0 to 32768
[  287.687135][ T9715] loop6: detected capacity change from 0 to 32768
[  287.704107][ T9717] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  287.724174][   T30] audit: type=1800 audit(1759322899.531:24): pid=9715 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1211" name="file1" dev="loop6" ino=4 res=0 errno=0
[  287.932669][ T9717] XFS (loop5): Ending clean mount
[  287.951298][ T9717] XFS (loop5): Quotacheck needed: Please wait.
[  288.036161][ T9717] XFS (loop5): Quotacheck: Done.
[  288.232630][ T6126] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  288.667464][ T9744] loop3: detected capacity change from 0 to 1024
[  288.729104][ T9744] hfsplus: bad catalog entry type
[  288.857187][   T37] hfsplus: b-tree write err: -5, ino 4
[  288.899990][ T9738] loop6: detected capacity change from 0 to 32768
[  289.208105][ T9746] loop5: detected capacity change from 0 to 32768
[  289.217129][ T9746] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1222 (9746)
[  289.289742][ T9738] bcachefs (loop6): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[  289.289769][ T9738]   allowing incompatible features above 0.0: (unknown version)
[  289.289783][ T9738]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  289.297933][ T9740] loop1: detected capacity change from 0 to 32768
[  289.316136][ T9746] BTRFS info (device loop5): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  289.349822][ T9738] bcachefs (loop6): Using encoding defined by superblock: utf8-12.1.0
[  289.358669][ T9746] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm
[  289.358918][ T9738] bcachefs (loop6): initializing new filesystem
[  289.397742][ T9738] bcachefs (loop6): going read-write
[  289.438150][ T9738] bcachefs (loop6): marking superblocks
[  289.514311][ T9738] bcachefs (loop6): initializing freespace
[  289.542331][ T9740] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  289.562789][ T9738] bcachefs (loop6): done initializing freespace
[  289.606398][ T9738] bcachefs (loop6): reading snapshots table
[  289.614307][ T9738] bcachefs (loop6): reading snapshots done
[  289.645694][ T9746] BTRFS info (device loop5): enabling ssd optimizations
[  289.655756][ T9746] BTRFS info (device loop5): enabling free space tree
[  289.734250][ T9740] XFS (loop1): Ending clean mount
[  289.754034][ T9738] bcachefs (loop6):  loop6: Superblock write was silently dropped! (seq 0 expected 42)
[  289.819954][ T9738] bcachefs (loop6): done starting filesystem
[  289.991917][ T5866] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  290.106570][ T6126] BTRFS info (device loop5): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  290.244729][ T6128] bcachefs (loop6): shutting down
[  290.284495][ T6128] bcachefs (loop6): going read-only
[  290.315447][ T6128] bcachefs (loop6): finished waiting for writes to stop
[  290.358099][ T6128] bcachefs (loop6): flushing journal and stopping allocators, journal seq 3
[  290.606849][ T6128] bcachefs (loop6): flushing journal and stopping allocators complete, journal seq 3
[  290.625167][ T6128] bcachefs (loop6): clean shutdown complete, journal seq 4
[  290.633303][ T6128] bcachefs (loop6): marking filesystem clean
[  290.829742][ T6128] bcachefs (loop6): shutdown complete
[  291.893852][ T9836] loop0: detected capacity change from 0 to 8192
[  291.950108][ T9836]  loop0: p1 p3 p4
[  291.954069][ T9836] loop0: partition table partially beyond EOD, truncated
[  291.962130][ T9836] loop0: p1 size 3506438656 extends beyond EOD, truncated
[  291.972614][ T9836] loop0: p3 start 218103808 is beyond EOD, truncated
[  291.989639][ T9836] loop0: p4 size 50331648 extends beyond EOD, truncated
[  292.038101][ T9840] program syz.1.1249 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  292.221099][ T9845] loop1: detected capacity change from 0 to 512
[  292.258706][ T8576] udevd[8576]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  292.272277][ T9038] udevd[9038]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  292.316845][ T9845] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.1251: casefold flag without casefold feature
[  292.388963][ T9845] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1251: couldn't read orphan inode 15 (err -117)
[  292.481384][ T9845] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  292.565585][ T9855] loop5: detected capacity change from 0 to 128
[  292.575607][ T9845] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2853: Unable to expand inode 2. Delete some EAs or run e2fsck.
[  292.622955][ T9855] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  292.663610][ T9855] ext4 filesystem being mounted at /245/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  292.717562][ T5866] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.775171][   T30] audit: type=1800 audit(1759322904.571:25): pid=9855 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1255" name="file1" dev="loop5" ino=12 res=0 errno=0
[  292.901792][ T6126] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  293.813685][ T9878] kvm: user requested TSC rate below hardware speed
[  293.884265][ T9884] loop5: detected capacity change from 0 to 64
[  294.204519][ T9889] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1269'.
[  294.330214][ T9889] team0 (unregistering): Port device team_slave_0 removed
[  294.354104][ T9889] team0 (unregistering): Port device team_slave_1 removed
[  295.327844][ T9926] loop0: detected capacity change from 0 to 512
[  295.390882][ T9926] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  295.463238][ T9926] ext4 filesystem being mounted at /257/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  295.471484][ T9932] loop5: detected capacity change from 0 to 1024
[  295.548140][ T5864] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.578131][ T9932] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  295.985661][   T44] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  296.052610][ T6126] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.127794][ T9962] loop3: detected capacity change from 0 to 8
[  296.156623][   T44] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  296.167908][   T44] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  296.184932][   T44] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  296.194794][ T9962] unable to read id index table
[  296.196868][   T44] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  296.256312][   T44] usb 2-1: config 0 descriptor??
[  296.437202][ T9971] netlink: 'syz.6.1303': attribute type 39 has an invalid length.
[  296.633051][   T30] audit: type=1326 audit(1759322908.441:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9974 comm="syz.0.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6d7b8eec9 code=0x7ffc0000
[  296.678298][   T30] audit: type=1326 audit(1759322908.441:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9974 comm="syz.0.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6d7b8eec9 code=0x7ffc0000
[  296.678767][   T44] cp2112 0003:10C4:EA90.000F: unknown main item tag 0x0
[  296.747304][   T30] audit: type=1326 audit(1759322908.471:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9974 comm="syz.0.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7fb6d7b8eec9 code=0x7ffc0000
[  296.755424][ T9977] loop3: detected capacity change from 0 to 128
[  296.781309][   T44] cp2112 0003:10C4:EA90.000F: unknown main item tag 0x0
[  296.820537][   T44] cp2112 0003:10C4:EA90.000F: unknown main item tag 0x0
[  296.824989][   T30] audit: type=1326 audit(1759322908.471:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9974 comm="syz.0.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6d7b8eec9 code=0x7ffc0000
[  296.832774][   T44] cp2112 0003:10C4:EA90.000F: unknown main item tag 0x0
[  296.875676][ T9977] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  296.919333][ T9977] hpfs: filesystem error: improperly stopped
[  296.931152][ T9977] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  296.939638][   T30] audit: type=1326 audit(1759322908.471:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9974 comm="syz.0.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6d7b8eec9 code=0x7ffc0000
[  296.941272][   T44] cp2112 0003:10C4:EA90.000F: unknown main item tag 0x0
[  296.980793][ T9979] loop0: detected capacity change from 0 to 512
[  296.998027][ T9977] hpfs: You really don't want any checks? You are crazy...
[  297.018201][ T9977] hpfs: hpfs_map_sector(): read error
[  297.024356][ T9977] hpfs: code page support is disabled
[  297.030959][   T30] audit: type=1326 audit(1759322908.481:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9974 comm="syz.0.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=438 compat=0 ip=0x7fb6d7b8eec9 code=0x7ffc0000
[  297.040365][ T9977] hpfs: hpfs_map_4sectors(): unaligned read
[  297.062498][   T44] cp2112 0003:10C4:EA90.000F: unknown main item tag 0x0
[  297.070032][   T44] cp2112 0003:10C4:EA90.000F: unknown main item tag 0x0
[  297.081101][ T9977] hpfs: hpfs_map_4sectors(): unaligned read
[  297.096619][   T44] cp2112 0003:10C4:EA90.000F: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.1-1/input0
[  297.100075][ T9979] EXT4-fs warning (device loop0): dx_probe:861: inode #2: comm syz.0.1308: dx entry: limit 0 != root limit 125
[  297.109020][ T9977] hpfs: filesystem error: unable to find root dir
[  297.165507][ T9979] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.1308: Corrupt directory, running e2fsck is recommended
[  297.175562][   T30] audit: type=1326 audit(1759322908.481:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9974 comm="syz.0.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6d7b8eec9 code=0x7ffc0000
[  297.182675][   T44] cp2112 0003:10C4:EA90.000F: Part Number: 0x00 Device Version: 0x00
[  297.222384][   T30] audit: type=1326 audit(1759322908.491:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9974 comm="syz.0.1306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6d7b8eec9 code=0x7ffc0000
[  297.248546][ T9979] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[  297.298125][ T9979] EXT4-fs error (device loop0): ext4_iget_extra_inode:5075: inode #15: comm syz.0.1308: corrupted in-inode xattr: invalid ea_ino
[  297.323930][ T9977] hpfs: hpfs_map_4sectors(): unaligned read
[  297.332070][ T9977] hpfs: filesystem error: invalid bitmap block pointer 00000000 -> 7b3184b5 at aib
[  297.371865][ T9979] EXT4-fs (loop0): Remounting filesystem read-only
[  297.384805][   T44] cp2112 0003:10C4:EA90.000F: error requesting SMBus config
[  297.420926][ T9979] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  297.439289][   T44] cp2112 0003:10C4:EA90.000F: probe with driver cp2112 failed with error -71
[  297.485263][   T44] usb 2-1: USB disconnect, device number 9
[  297.519502][ T9979] EXT4-fs warning (device loop0): dx_probe:861: inode #2: comm syz.0.1308: dx entry: limit 0 != root limit 125
[  297.567696][ T9979] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.1308: Corrupt directory, running e2fsck is recommended
[  297.659692][ T9966] syz.5.1300 (9966): drop_caches: 2
[  297.683792][ T5864] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.454782][T10017] loop6: detected capacity change from 0 to 2048
[  298.568512][T10017] UDF-fs: error (device loop6): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  298.585917][T10017] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[  298.629016][T10017] UDF-fs: Scanning with blocksize 512 failed
[  298.664467][T10017] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  299.131773][T10004] loop3: detected capacity change from 0 to 32768
[  299.172452][T10004] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  299.423446][T10004] XFS (loop3): Ending clean mount
[  299.678188][T10004] XFS (loop3): Quotacheck needed: Please wait.
[  299.843836][T10004] XFS (loop3): Quotacheck: Done.
[  300.123695][ T5882] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  300.319786][T10053] loop5: detected capacity change from 0 to 512
[  300.381762][T10053] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c01c, mo2=0002]
[  300.395063][T10053] System zones: 0-7
[  300.406883][T10053] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  300.569776][T10053] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  300.676339][T10058] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c01c, mo2=0002]
[  300.691614][T10058] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  300.808977][ T6126] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.862489][T10051] loop0: detected capacity change from 0 to 32768
[  301.183992][T10073] loop5: detected capacity change from 0 to 64
[  301.446200][T10055] loop1: detected capacity change from 0 to 32768
[  301.531062][T10055] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  301.566005][T10084] loop5: detected capacity change from 0 to 128
[  301.686099][T10055] XFS (loop1): Ending clean mount
[  301.695269][T10084] FAT-fs (loop5): error, corrupted directory (invalid entries)
[  301.723218][T10089] loop3: detected capacity change from 0 to 1024
[  301.759806][T10084] FAT-fs (loop5): Filesystem has been set read-only
[  301.774136][T10055] XFS (loop1): Quotacheck needed: Please wait.
[  301.829575][T10072] loop6: detected capacity change from 0 to 32768
[  301.883490][T10072] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1345 (10072)
[  301.942615][T10055] XFS (loop1): Quotacheck: Done.
[  301.961498][T10072] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  302.040169][T10072] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm
[  302.315865][ T5942] kernel read not supported for file /binder/failed_transaction_log (pid: 5942 comm: kworker/1:4)
[  302.329266][   T44] kernel write not supported for file /binder/failed_transaction_log (pid: 44 comm: kworker/1:1)
[  302.334941][T10072] BTRFS info (device loop6): enabling ssd optimizations
[  302.379054][T10072] BTRFS info (device loop6): enabling free space tree
[  302.435462][T10112] loop5: detected capacity change from 0 to 1024
[  302.469757][ T5866] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  302.636591][ T3020] hfsplus: b-tree write err: -5, ino 4
[  302.680312][ T6128] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  302.882605][T10119] loop5: detected capacity change from 0 to 4096
[  302.952983][T10123] loop0: detected capacity change from 0 to 512
[  302.995590][T10119] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  303.045199][T10123] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.1359: iget: bad i_size value: 38620345925642
[  303.116019][T10119] EXT4-fs error (device loop5): __ext4_iget:5435: inode #14: block 1886221359: comm syz.5.1356: invalid block
[  303.142278][T10130] loop3: detected capacity change from 0 to 1024
[  303.171139][T10123] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.1359: couldn't read orphan inode 15 (err -117)
[  303.248973][T10123] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  303.338999][ T6126] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  303.388579][T10123] EXT4-fs (loop0): shut down requested (0)
[  303.522284][T10134] loop6: detected capacity change from 0 to 256
[  303.744957][ T5983] usb 4-1: new low-speed USB device number 17 using dummy_hcd
[  303.745815][ T5864] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  303.937296][ T5983] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  303.949303][T10149] gfs2: path_lookup on € returned error -2
[  303.955596][ T5983] usb 4-1: config 0 has no interface number 0
[  303.976244][ T5983] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  304.001530][ T5983] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  304.053075][ T5983] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  304.113737][ T5983] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  304.136114][ T5983] usb 4-1: config 0 descriptor??
[  304.142976][T10135] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  304.174720][ T5983] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  304.419887][   T44] usb 4-1: USB disconnect, device number 17
[  304.597907][T10164] loop6: detected capacity change from 0 to 128
[  304.610427][T10144] loop5: detected capacity change from 0 to 32768
[  304.631787][   T30] audit: type=1800 audit(1759322916.441:34): pid=10164 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1375" name="file1" dev="loop6" ino=1048635 res=0 errno=0
[  304.931674][T10172] Bluetooth: hci0: load_link_keys: too big key_count value 2816
[  305.103533][T10176] Invalid logical block size (6)
[  305.361476][T10184] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  305.411812][T10184] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  305.839578][T10192] loop5: detected capacity change from 0 to 2048
[  305.851541][T10174] loop1: detected capacity change from 0 to 40427
[  305.892395][T10192] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  305.899564][T10174] F2FS-fs (loop1): invalid crc value
[  305.935051][T10192] ext4 filesystem being mounted at /271/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  306.118143][T10174] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  306.147801][T10174] F2FS-fs (loop1): Start checkpoint disabled!
[  306.177786][T10174] F2FS-fs (loop1): f2fs_disable_checkpoint() finish, err:0
[  306.198394][T10174] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  306.227591][ T6126] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  306.346030][   T30] audit: type=1800 audit(1759322918.151:35): pid=10174 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1381" name="file1" dev="loop1" ino=10 res=0 errno=0
[  306.556038][   T37] bio_check_eod: 36 callbacks suppressed
[  306.556056][   T37] kworker/u8:3: attempt to access beyond end of device
[  306.556056][   T37] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  306.674940][   T37] CPU: 0 UID: 0 PID: 37 Comm: kworker/u8:3 Not tainted syzkaller #0 PREEMPT(full) 
[  306.674971][   T37] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  306.674985][   T37] Workqueue: writeback wb_workfn (flush-7:1)
[  306.675028][   T37] Call Trace:
[  306.675036][   T37]  <TASK>
[  306.675046][   T37]  dump_stack_lvl+0x189/0x250
[  306.675077][   T37]  ? __pfx_dump_stack_lvl+0x10/0x10
[  306.675101][   T37]  ? __pfx_queue_work_on+0x10/0x10
[  306.675119][   T37]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  306.675147][   T37]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  306.675183][   T37]  f2fs_handle_critical_error+0x37c/0x540
[  306.675213][   T37]  f2fs_write_end_io+0x886/0xb60
[  306.675259][   T37]  __submit_merged_bio+0x27a/0x6a0
[  306.675289][   T37]  __submit_merged_write_cond+0x255/0x530
[  306.675333][   T37]  f2fs_write_data_pages+0x261d/0x3000
[  306.675404][   T37]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  306.675478][   T37]  ? __lock_acquire+0xab9/0xd20
[  306.675533][   T37]  ? unwind_next_frame+0xa5/0x2390
[  306.675577][   T37]  ? rcu_is_watching+0x15/0xb0
[  306.675601][   T37]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  306.675628][   T37]  do_writepages+0x32e/0x550
[  306.675656][   T37]  ? reacquire_held_locks+0x127/0x1d0
[  306.675674][   T37]  ? writeback_sb_inodes+0x384/0x1010
[  306.675707][   T37]  __writeback_single_inode+0x145/0xff0
[  306.675731][   T37]  ? do_raw_spin_unlock+0x122/0x240
[  306.675762][   T37]  writeback_sb_inodes+0x6c7/0x1010
[  306.675814][   T37]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  306.675882][   T37]  ? rcu_is_watching+0x15/0xb0
[  306.675913][   T37]  wb_writeback+0x43b/0xaf0
[  306.675946][   T37]  ? queue_io+0x3b1/0x590
[  306.675973][   T37]  ? __pfx_wb_writeback+0x10/0x10
[  306.676003][   T37]  ? _raw_spin_unlock_irq+0x23/0x50
[  306.676034][   T37]  wb_workfn+0x409/0xef0
[  306.676084][   T37]  ? __pfx_wb_workfn+0x10/0x10
[  306.676123][   T37]  ? __lock_acquire+0xab9/0xd20
[  306.676165][   T37]  ? process_scheduled_works+0x9ef/0x17b0
[  306.676205][   T37]  ? _raw_spin_unlock_irq+0x23/0x50
[  306.676228][   T37]  ? process_scheduled_works+0x9ef/0x17b0
[  306.676259][   T37]  ? process_scheduled_works+0x9ef/0x17b0
[  306.676292][   T37]  process_scheduled_works+0xae1/0x17b0
[  306.676365][   T37]  ? __pfx_process_scheduled_works+0x10/0x10
[  306.676417][   T37]  worker_thread+0x8a0/0xda0
[  306.676455][   T37]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  306.676491][   T37]  ? __kthread_parkme+0x7b/0x200
[  306.676523][   T37]  kthread+0x711/0x8a0
[  306.676551][   T37]  ? __pfx_worker_thread+0x10/0x10
[  306.676584][   T37]  ? __pfx_kthread+0x10/0x10
[  306.676610][   T37]  ? _raw_spin_unlock_irq+0x23/0x50
[  306.676635][   T37]  ? lockdep_hardirqs_on+0x9c/0x150
[  306.676660][   T37]  ? __pfx_kthread+0x10/0x10
[  306.676686][   T37]  ret_from_fork+0x4bc/0x870
[  306.676721][   T37]  ? __pfx_ret_from_fork+0x10/0x10
[  306.676762][   T37]  ? __switch_to_asm+0x39/0x70
[  306.676789][   T37]  ? __switch_to_asm+0x33/0x70
[  306.676814][   T37]  ? __pfx_kthread+0x10/0x10
[  306.676841][   T37]  ret_from_fork_asm+0x1a/0x30
[  306.676888][   T37]  </TASK>
[  306.677416][   T37] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  306.815397][T10225] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1401'.
[  307.720359][T10236] loop0: detected capacity change from 0 to 4096
[  307.764907][T10236] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  307.877927][T10236] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  307.909822][T10236] ntfs3(loop0): mft corrupted
[  307.914647][T10236] ntfs3(loop0): Failed to load $Extend (-22).
[  307.974904][T10236] ntfs3(loop0): Failed to initialize $Extend.
[  308.104624][T10236] ntfs3(loop0): ino=1e, mi_enum_attr
[  308.122546][T10223] loop3: detected capacity change from 0 to 32768
[  308.139830][T10251] loop4: detected capacity change from 0 to 524287936
[  308.149102][T10236] ntfs3(loop0): ino=1e, mi_enum_attr
[  308.170869][T10218] loop6: detected capacity change from 0 to 32768
[  308.222805][T10236] ntfs3(loop0): ino=1e, "file1" mi_enum_attr
[  308.251355][T10223] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  308.263035][T10218] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  308.317558][T10236] ntfs3(loop0): ino=1e, "file1" mi_enum_attr
[  308.358227][T10236] ntfs3(loop0): ino=1e, "file1" mi_enum_attr
[  308.448509][T10223] XFS (loop3): Ending clean mount
[  308.487182][T10223] XFS (loop3): Quotacheck needed: Please wait.
[  308.514465][T10218] XFS (loop6): Ending clean mount
[  308.587417][T10218] XFS (loop6): Quotacheck needed: Please wait.
[  308.645665][T10223] XFS (loop3): Quotacheck: Done.
[  308.798550][T10218] XFS (loop6): Quotacheck: Done.
[  308.953323][ T5882] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  309.181323][ T6128] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  309.605641][ T5942] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  309.740312][T10302] loop0: detected capacity change from 0 to 128
[  309.796372][T10302] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  309.804584][ T5942] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  309.849423][ T5942] usb 6-1: config 0 interface 0 has no altsetting 0
[  309.855816][T10302] hpfs: filesystem error: improperly stopped
[  309.886061][ T5942] usb 6-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce
[  309.895019][T10302] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  309.902935][T10302] hpfs: You really don't want any checks? You are crazy...
[  309.911116][ T5942] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  309.944965][ T5942] usb 6-1: Product: syz
[  309.949240][ T5942] usb 6-1: Manufacturer: syz
[  309.986876][ T5942] usb 6-1: SerialNumber: syz
[  309.995780][T10302] hpfs: hpfs_map_sector(): read error
[  310.001229][T10302] hpfs: code page support is disabled
[  310.013193][ T5942] usb 6-1: config 0 descriptor??
[  310.047395][T10302] hpfs: hpfs_map_4sectors(): unaligned read
[  310.048485][ T5942] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state.
[  310.055042][T10302] hpfs: hpfs_map_4sectors(): unaligned read
[  310.100193][T10311] loop1: detected capacity change from 0 to 128
[  310.116821][ T5942] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  310.133238][T10311] EXT4-fs (loop1): Test dummy encryption mode enabled
[  310.161993][T10302] hpfs: filesystem error: unable to find root dir
[  310.180984][ T5942] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0)
[  310.202978][T10311] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[  310.229209][ T5942] usb 6-1: media controller created
[  310.332782][T10311] EXT4-fs (loop1): shut down requested (0)
[  310.397621][ T5942] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  310.496889][ T5866] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  310.691661][ T5942] DVB: Unable to find symbol tda10046_attach()
[  310.719315][ T5942] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0'
[  310.737952][T10331] loop6: detected capacity change from 0 to 256
[  310.764913][ T5942] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected.
[  310.777496][T10331] exfat: Deprecated parameter 'utf8'
[  310.827422][T10331] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  311.013088][ T5942] dvb_usb_m920x 6-1:0.0: probe with driver dvb_usb_m920x failed with error -71
[  311.067868][ T5942] usb 6-1: USB disconnect, device number 5
[  312.056303][T10375] loop1: detected capacity change from 0 to 256
[  312.074289][T10375] exfat: Deprecated parameter 'namecase'
[  312.184365][T10375] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x2b52634e, utbl_chksum : 0xe619d30d)
[  312.230886][   T30] audit: type=1800 audit(1759322924.041:36): pid=10375 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1449" name="file1" dev="loop1" ino=1048639 res=0 errno=0
[  312.479094][T10386] loop6: detected capacity change from 0 to 512
[  312.496251][T10386] EXT4-fs: Ignoring removed nomblk_io_submit option
[  312.539356][T10386] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  312.550551][T10386] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c800e028, mo2=0003]
[  312.581144][T10386] EXT4-fs (loop6): orphan cleanup on readonly fs
[  312.627317][T10386] Quota error (device loop6): v2_read_header: Failed header read: expected=8 got=0
[  312.641302][T10386] EXT4-fs warning (device loop6): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  312.711174][T10386] EXT4-fs (loop6): Cannot turn on quotas: error -22
[  312.744423][T10386] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.1453: bg 0: block 40: padding at end of block bitmap is not set
[  312.796701][T10386] EXT4-fs (loop6): Remounting filesystem read-only
[  312.834626][T10386] EXT4-fs (loop6): 1 truncate cleaned up
[  312.870266][T10386] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  313.074790][ T6128] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  313.561293][T10417] loop1: detected capacity change from 0 to 512
[  313.588437][T10417] EXT4-fs: Ignoring removed oldalloc option
[  313.624924][T10417] EXT4-fs error (device loop1): ext4_iget_extra_inode:5075: inode #15: comm syz.1.1469: corrupted in-inode xattr: e_value size too large
[  313.666827][T10417] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1469: couldn't read orphan inode 15 (err -117)
[  313.686763][T10417] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  313.780037][ T5866] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  313.913043][ T5869] kernel read not supported for file /dsp (pid: 5869 comm: kworker/1:3)
[  313.923240][T10413] loop6: detected capacity change from 0 to 40427
[  314.018035][T10413] F2FS-fs (loop6): invalid crc value
[  314.350460][T10413] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  314.384520][T10413] F2FS-fs (loop6): Start checkpoint disabled!
[  314.416871][T10413] F2FS-fs (loop6): f2fs_disable_checkpoint() finish, err:0
[  314.442525][T10413] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  314.527041][T10433] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  314.652346][   T36] kworker/u8:2: attempt to access beyond end of device
[  314.652346][   T36] loop6: rw=1, sector=77824, nr_sectors = 136 limit=40427
[  314.690016][   T36] kworker/u8:2: attempt to access beyond end of device
[  314.690016][   T36] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  314.729902][   T36] CPU: 1 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted syzkaller #0 PREEMPT(full) 
[  314.729942][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  314.729958][   T36] Workqueue: writeback wb_workfn (flush-7:6)
[  314.730001][   T36] Call Trace:
[  314.730010][   T36]  <TASK>
[  314.730019][   T36]  dump_stack_lvl+0x189/0x250
[  314.730053][   T36]  ? __pfx_dump_stack_lvl+0x10/0x10
[  314.730079][   T36]  ? __pfx_queue_work_on+0x10/0x10
[  314.730097][   T36]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  314.730126][   T36]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  314.730177][   T36]  f2fs_handle_critical_error+0x37c/0x540
[  314.730212][   T36]  f2fs_write_end_io+0x886/0xb60
[  314.730263][   T36]  __submit_merged_bio+0x27a/0x6a0
[  314.730297][   T36]  __submit_merged_write_cond+0x255/0x530
[  314.730342][   T36]  f2fs_write_data_pages+0x261d/0x3000
[  314.730412][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  314.730457][   T36]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  314.730538][   T36]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  314.730578][   T36]  ? trace_f2fs_writepages+0x7f/0x200
[  314.730603][   T36]  ? f2fs_write_node_pages+0x478/0x6e0
[  314.730652][   T36]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  314.730695][   T36]  ? __lock_acquire+0xab9/0xd20
[  314.730738][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  314.730767][   T36]  do_writepages+0x32e/0x550
[  314.730797][   T36]  ? reacquire_held_locks+0x127/0x1d0
[  314.730817][   T36]  ? writeback_sb_inodes+0x384/0x1010
[  314.730856][   T36]  __writeback_single_inode+0x145/0xff0
[  314.730881][   T36]  ? do_raw_spin_unlock+0x122/0x240
[  314.730915][   T36]  writeback_sb_inodes+0x6c7/0x1010
[  314.730977][   T36]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  314.731062][   T36]  ? rcu_is_watching+0x15/0xb0
[  314.731097][   T36]  wb_writeback+0x43b/0xaf0
[  314.731134][   T36]  ? queue_io+0x3b1/0x590
[  314.731163][   T36]  ? __pfx_wb_writeback+0x10/0x10
[  314.731201][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  314.731235][   T36]  wb_workfn+0x409/0xef0
[  314.731291][   T36]  ? __pfx_wb_workfn+0x10/0x10
[  314.731332][   T36]  ? __lock_acquire+0xab9/0xd20
[  314.731379][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  314.731424][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  314.731446][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  314.731476][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  314.731512][   T36]  process_scheduled_works+0xae1/0x17b0
[  314.731588][   T36]  ? __pfx_process_scheduled_works+0x10/0x10
[  314.731654][   T36]  worker_thread+0x8a0/0xda0
[  314.731729][   T36]  kthread+0x711/0x8a0
[  314.731768][   T36]  ? __pfx_worker_thread+0x10/0x10
[  314.731802][   T36]  ? __pfx_kthread+0x10/0x10
[  314.731831][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  314.731856][   T36]  ? lockdep_hardirqs_on+0x9c/0x150
[  314.731881][   T36]  ? __pfx_kthread+0x10/0x10
[  314.731909][   T36]  ret_from_fork+0x4bc/0x870
[  314.731947][   T36]  ? __pfx_ret_from_fork+0x10/0x10
[  314.731991][   T36]  ? __switch_to_asm+0x39/0x70
[  314.732018][   T36]  ? __switch_to_asm+0x33/0x70
[  314.732045][   T36]  ? __pfx_kthread+0x10/0x10
[  314.732072][   T36]  ret_from_fork_asm+0x1a/0x30
[  314.732126][   T36]  </TASK>
[  314.732137][   T36] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  314.782845][T10440] ipvlan2: entered allmulticast mode
[  315.060196][T10440] syz_tun: entered allmulticast mode
[  315.310296][T10427] loop5: detected capacity change from 0 to 40427
[  315.346689][T10427] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  315.380144][T10427] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  315.436961][T10427] F2FS-fs (loop5): invalid crc value
[  315.725642][T10457] loop3: detected capacity change from 0 to 512
[  315.729534][T10427] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  315.788367][T10427] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  315.810348][T10457] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  315.823154][T10427] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  315.834426][T10457] ext4 filesystem being mounted at /284/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  315.900202][T10462] loop1: detected capacity change from 0 to 2048
[  315.933924][T10462] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  315.948687][T10427] syz.5.1473: attempt to access beyond end of device
[  315.948687][T10427] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  315.978176][ T5882] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.048634][ T6126] syz-executor: attempt to access beyond end of device
[  316.048634][ T6126] loop5: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  316.143591][ T6126] CPU: 1 UID: 0 PID: 6126 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  316.143623][ T6126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  316.143636][ T6126] Call Trace:
[  316.143644][ T6126]  <TASK>
[  316.143654][ T6126]  dump_stack_lvl+0x189/0x250
[  316.143690][ T6126]  ? __pfx_dump_stack_lvl+0x10/0x10
[  316.143715][ T6126]  ? __pfx_queue_work_on+0x10/0x10
[  316.143733][ T6126]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  316.143760][ T6126]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  316.143797][ T6126]  f2fs_handle_critical_error+0x37c/0x540
[  316.143828][ T6126]  f2fs_write_end_io+0x886/0xb60
[  316.143875][ T6126]  __submit_merged_bio+0x27a/0x6a0
[  316.143895][ T6126]  ? up_write+0x1c4/0x420
[  316.143924][ T6126]  __submit_merged_write_cond+0x44c/0x530
[  316.143968][ T6126]  f2fs_sync_node_pages+0x1479/0x15e0
[  316.144025][ T6126]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  316.144096][ T6126]  ? f2fs_write_checkpoint+0xdad/0x2440
[  316.144130][ T6126]  ? up_write+0x1c4/0x420
[  316.144159][ T6126]  f2fs_write_checkpoint+0xdde/0x2440
[  316.144185][ T6126]  ? __lock_acquire+0xab9/0xd20
[  316.144246][ T6126]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  316.144335][ T6126]  kill_f2fs_super+0x2cc/0x6d0
[  316.144369][ T6126]  ? __pfx_kill_f2fs_super+0x10/0x10
[  316.144415][ T6126]  ? shrinker_free+0x2ce/0x3e0
[  316.144448][ T6126]  deactivate_locked_super+0xbc/0x130
[  316.144485][ T6126]  cleanup_mnt+0x425/0x4c0
[  316.144516][ T6126]  ? lockdep_hardirqs_on+0x9c/0x150
[  316.144556][ T6126]  task_work_run+0x1d4/0x260
[  316.144588][ T6126]  ? __pfx_task_work_run+0x10/0x10
[  316.144613][ T6126]  ? __x64_sys_umount+0x122/0x160
[  316.144641][ T6126]  ? exit_to_user_mode_loop+0x40/0x130
[  316.144676][ T6126]  exit_to_user_mode_loop+0xe9/0x130
[  316.144706][ T6126]  do_syscall_64+0x2bd/0xfa0
[  316.144732][ T6126]  ? lockdep_hardirqs_on+0x9c/0x150
[  316.144760][ T6126]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.144780][ T6126]  ? clear_bhb_loop+0x60/0xb0
[  316.144808][ T6126]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.144832][ T6126] RIP: 0033:0x7f8932f901f7
[  316.144851][ T6126] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  316.144870][ T6126] RSP: 002b:00007fff0ba6ca38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  316.144893][ T6126] RAX: 0000000000000000 RBX: 00007f8933011d7d RCX: 00007f8932f901f7
[  316.144906][ T6126] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff0ba6caf0
[  316.144920][ T6126] RBP: 00007fff0ba6caf0 R08: 0000000000000000 R09: 0000000000000000
[  316.144933][ T6126] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff0ba6db80
[  316.144948][ T6126] R13: 00007f8933011d7d R14: 000000000004d231 R15: 00007fff0ba6dbc0
[  316.144987][ T6126]  </TASK>
[  316.471431][ T6126] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  421.724813][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  421.731827][    C1] rcu: 	0-...!: (0 ticks this GP) idle=2ecc/1/0x4000000000000000 softirq=47848/47848 fqs=0
[  421.743587][    C1] rcu: 	(detected by 1, t=10502 jiffies, g=44237, q=223 ncpus=2)
[  421.751362][    C1] Sending NMI from CPU 1 to CPUs 0:
[  421.751395][    C0] NMI backtrace for cpu 0
[  421.751412][    C0] CPU: 0 UID: 0 PID: 6126 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  421.751432][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  421.751444][    C0] RIP: 0010:advance_sched+0xa92/0xc90
[  421.751477][    C0] Code: 24 94 1a f8 eb 24 e8 1d 94 1a f8 c6 05 ed 7f 07 06 01 48 c7 c7 e0 49 b7 8c be 65 03 00 00 48 c7 c2 20 4a b7 8c e8 ae 5e f8 f7 <4c> 89 ef e8 96 df c6 ff e8 81 0a da 01 89 c5 31 ff 89 c6 e8 26 98
[  421.751492][    C0] RSP: 0018:ffffc90000007c70 EFLAGS: 00000006
[  421.751508][    C0] RAX: ffffffff89a5bdea RBX: ffffffff89a5bda8 RCX: ffff888027ab8000
[  421.751521][    C0] RDX: 0000000000010000 RSI: ffffffff8c03da40 RDI: ffffffff8c03da00
[  421.751533][    C0] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffff89a5bda8
[  421.751543][    C0] R10: dffffc0000000000 R11: ffffed100b65945e R12: ffff88805b2ca360
[  421.751557][    C0] R13: ffff88805b2ca000 R14: 18731ada68c6b513 R15: ffff88805c5e8800
[  421.751570][    C0] FS:  000055557cbbd500(0000) GS:ffff8881259fc000(0000) knlGS:0000000000000000
[  421.751584][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  421.751595][    C0] CR2: 00007fcfeaff9f98 CR3: 0000000027afc000 CR4: 00000000003526f0
[  421.751610][    C0] Call Trace:
[  421.751618][    C0]  <IRQ>
[  421.751635][    C0]  ? __pfx_advance_sched+0x10/0x10
[  421.751657][    C0]  __hrtimer_run_queues+0x52c/0xc60
[  421.751694][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  421.751719][    C0]  ? read_tsc+0x9/0x20
[  421.751745][    C0]  hrtimer_interrupt+0x45b/0xaa0
[  421.751785][    C0]  __sysvec_apic_timer_interrupt+0x10b/0x410
[  421.751814][    C0]  sysvec_apic_timer_interrupt+0xa1/0xc0
[  421.751836][    C0]  </IRQ>
[  421.751864][    C0]  <TASK>
[  421.751871][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  421.751891][    C0] RIP: 0010:lock_acquire+0x175/0x360
[  421.751916][    C0] Code: 00 00 00 00 9c 8f 44 24 30 f7 44 24 30 00 02 00 00 0f 85 cd 00 00 00 f7 44 24 08 00 02 00 00 74 01 fb 65 48 8b 05 fb 4c 24 11 <48> 3b 44 24 58 0f 85 f2 00 00 00 48 83 c4 60 5b 41 5c 41 5d 41 5e
[  421.751931][    C0] RSP: 0018:ffffc90003f771f8 EFLAGS: 00000206
[  421.751946][    C0] RAX: c2b0c85d6524b500 RBX: 0000000000000000 RCX: c2b0c85d6524b500
[  421.751958][    C0] RDX: 0000000000000000 RSI: ffffffff8dd8f75f RDI: ffffffff8c03da60
[  421.751971][    C0] RBP: ffffffff81742d25 R08: 0000000000000000 R09: ffffffff81742d25
[  421.751983][    C0] R10: ffffc90003f773b8 R11: ffffffff81accc30 R12: 0000000000000002
[  421.751996][    C0] R13: ffffffff8e33d2e0 R14: 0000000000000000 R15: 0000000000000246
[  421.752010][    C0]  ? unwind_next_frame+0xa5/0x2390
[  421.752027][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  421.752058][    C0]  ? unwind_next_frame+0xa5/0x2390
[  421.752082][    C0]  ? unwind_next_frame+0xa5/0x2390
[  421.752097][    C0]  ? task_work_run+0x1d4/0x260
[  421.752117][    C0]  ? unwind_next_frame+0xa5/0x2390
[  421.752132][    C0]  unwind_next_frame+0xc2/0x2390
[  421.752147][    C0]  ? unwind_next_frame+0xa5/0x2390
[  421.752165][    C0]  ? unwind_next_frame+0xa5/0x2390
[  421.752180][    C0]  ? cleanup_mnt+0x425/0x4c0
[  421.752207][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  421.752226][    C0]  arch_stack_walk+0x11c/0x150
[  421.752245][    C0]  ? task_work_run+0x1d4/0x260
[  421.752267][    C0]  stack_trace_save+0x9c/0xe0
[  421.752284][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  421.752303][    C0]  ? stack_depot_save_flags+0x40/0x860
[  421.752328][    C0]  ? __lock_acquire+0xab9/0xd20
[  421.752350][    C0]  kasan_save_track+0x3e/0x80
[  421.752369][    C0]  ? kasan_save_track+0x3e/0x80
[  421.752385][    C0]  ? __kasan_save_free_info+0x46/0x50
[  421.752410][    C0]  ? __kasan_slab_free+0x5c/0x80
[  421.752428][    C0]  ? kmem_cache_free+0x19b/0x690
[  421.752446][    C0]  ? f2fs_destroy_node_manager+0x322/0xcc0
[  421.752462][    C0]  ? f2fs_put_super+0xb2a/0x1190
[  421.752485][    C0]  ? generic_shutdown_super+0x135/0x2c0
[  421.752511][    C0]  ? kill_block_super+0x44/0x90
[  421.752529][    C0]  ? kill_f2fs_super+0x399/0x6d0
[  421.752565][    C0]  ? deactivate_locked_super+0xbc/0x130
[  421.752592][    C0]  ? cleanup_mnt+0x425/0x4c0
[  421.752617][    C0]  ? task_work_run+0x1d4/0x260
[  421.752662][    C0]  ? f2fs_destroy_node_manager+0x322/0xcc0
[  421.752679][    C0]  __kasan_save_free_info+0x46/0x50
[  421.752707][    C0]  __kasan_slab_free+0x5c/0x80
[  421.752728][    C0]  kmem_cache_free+0x19b/0x690
[  421.752748][    C0]  ? do_raw_spin_unlock+0x122/0x240
[  421.752771][    C0]  f2fs_destroy_node_manager+0x322/0xcc0
[  421.752796][    C0]  ? __pfx_f2fs_destroy_node_manager+0x10/0x10
[  421.752829][    C0]  ? f2fs_put_super+0xb22/0x1190
[  421.752854][    C0]  ? kfree+0x19a/0x6d0
[  421.752880][    C0]  f2fs_put_super+0xb2a/0x1190
[  421.752910][    C0]  ? __pfx_f2fs_put_super+0x10/0x10
[  421.752942][    C0]  ? hook_sb_delete+0x1a8/0xbd0
[  421.752964][    C0]  ? __pfx_hook_sb_delete+0x10/0x10
[  421.752981][    C0]  ? evict_inodes+0x67d/0x6d0
[  421.753004][    C0]  ? __pfx_evict_inodes+0x10/0x10
[  421.753031][    C0]  ? __pfx_f2fs_put_super+0x10/0x10
[  421.753056][    C0]  generic_shutdown_super+0x135/0x2c0
[  421.753087][    C0]  kill_block_super+0x44/0x90
[  421.753107][    C0]  kill_f2fs_super+0x399/0x6d0
[  421.753133][    C0]  ? __pfx_kill_f2fs_super+0x10/0x10
[  421.753164][    C0]  ? shrinker_free+0x2ce/0x3e0
[  421.753192][    C0]  deactivate_locked_super+0xbc/0x130
[  421.753222][    C0]  cleanup_mnt+0x425/0x4c0
[  421.753248][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  421.753271][    C0]  task_work_run+0x1d4/0x260
[  421.753294][    C0]  ? __pfx_task_work_run+0x10/0x10
[  421.753315][    C0]  ? __x64_sys_umount+0x122/0x160
[  421.753335][    C0]  ? exit_to_user_mode_loop+0x40/0x130
[  421.753362][    C0]  exit_to_user_mode_loop+0xe9/0x130
[  421.753387][    C0]  do_syscall_64+0x2bd/0xfa0
[  421.753409][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  421.753430][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  421.753448][    C0]  ? clear_bhb_loop+0x60/0xb0
[  421.753468][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  421.753485][    C0] RIP: 0033:0x7f8932f901f7
[  421.753501][    C0] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  421.753516][    C0] RSP: 002b:00007fff0ba6ca38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  421.753533][    C0] RAX: 0000000000000000 RBX: 00007f8933011d7d RCX: 00007f8932f901f7
[  421.753545][    C0] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff0ba6caf0
[  421.753571][    C0] RBP: 00007fff0ba6caf0 R08: 0000000000000000 R09: 0000000000000000
[  421.753582][    C0] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff0ba6db80
[  421.753594][    C0] R13: 00007f8933011d7d R14: 000000000004d231 R15: 00007fff0ba6dbc0
[  421.753617][    C0]  </TASK>
[  421.754388][    C1] rcu: rcu_preempt kthread timer wakeup didn't happen for 10501 jiffies! g44237 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402
[  422.416721][    C1] rcu: 	Possible timer handling issue on cpu=0 timer-softirq=20296
[  422.424625][    C1] rcu: rcu_preempt kthread starved for 10502 jiffies! g44237 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0
[  422.436025][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  422.446008][    C1] rcu: RCU grace-period kthread stack dump:
[  422.451921][    C1] task:rcu_preempt     state:I stack:26856 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00080000
[  422.463878][    C1] Call Trace:
[  422.467170][    C1]  <TASK>
[  422.470115][    C1]  __schedule+0x1798/0x4cc0
[  422.474677][    C1]  ? __lock_acquire+0xab9/0xd20
[  422.479583][    C1]  ? __pfx___schedule+0x10/0x10
[  422.484478][    C1]  ? schedule+0x91/0x360
[  422.488750][    C1]  schedule+0x165/0x360
[  422.492930][    C1]  schedule_timeout+0x12b/0x270
[  422.497798][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[  422.503193][    C1]  ? __pfx_process_timeout+0x10/0x10
[  422.508508][    C1]  ? prepare_to_swait_event+0x341/0x380
[  422.514084][    C1]  rcu_gp_fqs_loop+0x301/0x1540
[  422.518986][    C1]  ? __pfx_rcu_gp_init+0x10/0x10
[  422.523981][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  422.529208][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  422.534531][    C1]  ? _raw_spin_unlock_irq+0x2e/0x50
[  422.539837][    C1]  ? finish_swait+0xcd/0x1f0
[  422.544466][    C1]  rcu_gp_kthread+0x99/0x390
[  422.549103][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  422.554332][    C1]  ? __kthread_parkme+0x7b/0x200
[  422.559303][    C1]  ? __kthread_parkme+0x1a1/0x200
[  422.564350][    C1]  kthread+0x711/0x8a0
[  422.568447][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  422.573676][    C1]  ? __pfx_kthread+0x10/0x10
[  422.578297][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  422.583528][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  422.588749][    C1]  ? __pfx_kthread+0x10/0x10
[  422.593364][    C1]  ret_from_fork+0x4bc/0x870
[  422.597984][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  422.603131][    C1]  ? __switch_to_asm+0x39/0x70
[  422.607922][    C1]  ? __switch_to_asm+0x33/0x70
[  422.612712][    C1]  ? __pfx_kthread+0x10/0x10
[  422.617322][    C1]  ret_from_fork_asm+0x1a/0x30
[  422.622365][    C1]  </TASK>