last executing test programs:

1m51.722920236s ago: executing program 2 (id=3):
sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="98000000", @ANYRES16, @ANYBLOB="2da52abd7000fbdbdf250300000008000100000000000800010000000000340007800c"], 0x98}, 0x1, 0x0, 0x0, 0x4008040}, 0x4000)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000001100050000000000feffffff07000000", @ANYRES32=r2, @ANYBLOB="003000000000000014001a80100005"], 0x34}, 0x1, 0x0, 0x0, 0x800c000}, 0x0)

1m51.476318412s ago: executing program 2 (id=6):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x80003, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x1, 0x8000, 0x2000, &(0x7f0000d1b000/0x2000)=nil})
syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x4008032, 0xffffffffffffffff, 0x0)

1m51.040576519s ago: executing program 2 (id=8):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x40)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f00000000c0)='cpu.stat\x00', 0x275a, 0x0)
preadv(r1, &(0x7f0000000100), 0xa, 0x0, 0x0)

1m50.867121923s ago: executing program 2 (id=9):
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000280)='./file0\x00', &(0x7f0000000000)='./file0/../file0\x00')

1m50.651941644s ago: executing program 2 (id=10):
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0)={[{@delalloc}, {@nombcache}, {@barrier}, {@dioread_lock}, {@inlinecrypt}, {@resgid}, {@data_err_ignore}, {@jqfmt_vfsv0}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001600)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.kill\x00', 0x275a, 0x0)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0xffffffffffffffda, 0x0, {0x7, 0x2b, 0x9, 0x21001001, 0x3, 0x0, 0x0, 0x3, 0x0, 0x0, 0x2, 0xfffffff7}}, 0x50)
ftruncate(r0, 0xc17a)
lseek(r0, 0x8, 0x4)

1m50.149713745s ago: executing program 2 (id=11):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000000c0)={0x1, 0x0, @pic={0xd8, 0x3, 0x2, 0x8, 0x7f, 0x1, 0x8, 0x7f, 0x2, 0x8, 0x5, 0x2, 0x2, 0x7f, 0x9, 0xe2}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000340)={0x0, 0x0, @ioapic={0xeeee0000, 0x3, 0x6, 0x5, 0x0, [{0x6, 0xe, 0x4, '\x00', 0x1}, {0xe, 0x2, 0x59, '\x00', 0x4}, {0x8, 0xf, 0x8, '\x00', 0xb}, {0x8, 0x1}, {0x4, 0x5, 0x6, '\x00', 0xcb}, {0x3, 0x2, 0x8, '\x00', 0x88}, {0x6, 0xf, 0x8}, {0x4, 0x1, 0x7}, {0x4, 0x8, 0x6, '\x00', 0x10}, {0x6, 0x30, 0xff, '\x00', 0x1}, {0x7, 0x4, 0xd4}, {0xc, 0x0, 0xa, '\x00', 0x87}, {0x6, 0x1, 0x3, '\x00', 0xf9}, {0x3, 0x6, 0xe, '\x00', 0x3}, {0x9, 0x2, 0x2, '\x00', 0xd}, {0x20, 0x80, 0x5, '\x00', 0x4}, {0x27, 0xff, 0xb5, '\x00', 0x9}, {0x0, 0x6, 0xd, '\x00', 0x8}, {0xf, 0xf8, 0x4, '\x00', 0xb2}, {0x6, 0x6, 0xb, '\x00', 0x80}, {0xf, 0x0, 0x2, '\x00', 0x6}, {0x5, 0xee, 0x19, '\x00', 0x34}, {0x4d, 0xa, 0x9}, {0x0, 0x88, 0xc3, '\x00', 0x8}]}})

1m49.635071232s ago: executing program 32 (id=11):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000000c0)={0x1, 0x0, @pic={0xd8, 0x3, 0x2, 0x8, 0x7f, 0x1, 0x8, 0x7f, 0x2, 0x8, 0x5, 0x2, 0x2, 0x7f, 0x9, 0xe2}})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000340)={0x0, 0x0, @ioapic={0xeeee0000, 0x3, 0x6, 0x5, 0x0, [{0x6, 0xe, 0x4, '\x00', 0x1}, {0xe, 0x2, 0x59, '\x00', 0x4}, {0x8, 0xf, 0x8, '\x00', 0xb}, {0x8, 0x1}, {0x4, 0x5, 0x6, '\x00', 0xcb}, {0x3, 0x2, 0x8, '\x00', 0x88}, {0x6, 0xf, 0x8}, {0x4, 0x1, 0x7}, {0x4, 0x8, 0x6, '\x00', 0x10}, {0x6, 0x30, 0xff, '\x00', 0x1}, {0x7, 0x4, 0xd4}, {0xc, 0x0, 0xa, '\x00', 0x87}, {0x6, 0x1, 0x3, '\x00', 0xf9}, {0x3, 0x6, 0xe, '\x00', 0x3}, {0x9, 0x2, 0x2, '\x00', 0xd}, {0x20, 0x80, 0x5, '\x00', 0x4}, {0x27, 0xff, 0xb5, '\x00', 0x9}, {0x0, 0x6, 0xd, '\x00', 0x8}, {0xf, 0xf8, 0x4, '\x00', 0xb2}, {0x6, 0x6, 0xb, '\x00', 0x80}, {0xf, 0x0, 0x2, '\x00', 0x6}, {0x5, 0xee, 0x19, '\x00', 0x34}, {0x4d, 0xa, 0x9}, {0x0, 0x88, 0xc3, '\x00', 0x8}]}})

8.907836879s ago: executing program 3 (id=1039):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
setns(r1, 0x8020000)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x8000, &(0x7f0000001dc0)={0x8, 0x72, 0x80000}, 0x20)

8.709442191s ago: executing program 3 (id=1045):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file1\x00', 0x101880a, &(0x7f0000000400)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c61636c2c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474722c6673796e635f6d6f64653d706f7369782c646973636172645f756e69743d7365676d656e742c6261636b67726f756e645f67633d6f6e2c6e6f696e6c696e655f78617474722c646973636172645f756e69743d626c6f636b2c6673796e635f6d6f64653d7374726963742c617467632c657874656e745f63616368652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303031343033302c00271d57a599b8b169a579679e220c689eaaec4fa6229021e75c68a687d319b615573b0b0ceefba8e2e2419434463974ef8174b66469344931de0ccad650792761"], 0x1, 0x550b, &(0x7f00000079c0)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x183341, 0x0)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x105042, 0x19)
write$binfmt_format(r1, &(0x7f0000000000)='1\x00', 0xb000)

7.125663551s ago: executing program 3 (id=1054):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0x2, 0x0, 0x25dfdbfe, {{@in6=@private0, @in=@remote, 0x0, 0x400, 0x0, 0x0, 0xa, 0x60, 0x0, 0x3b, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, 0x9}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9"], 0xb8}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x25dfdbfe, {{@in6=@private0={0xfc, 0x0, '\x00', 0x40}, @in=@remote, 0x0, 0x400, 0x0, 0x0, 0xa, 0x60, 0x0, 0x0, 0x0, 0xee01}, {}, {}, 0x1}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)

5.863546269s ago: executing program 3 (id=1066):
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0)
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x81)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000100)={0x2c, &(0x7f0000000440)=ANY=[@ANYBLOB="00000100000004"], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000900)={0x34, &(0x7f0000000000)=ANY=[@ANYBLOB="40140d000000"], 0x0, 0x0, 0x0, 0x0, 0x0})

3.928222464s ago: executing program 3 (id=1090):
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f00000001c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1fd2, 0x6007, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x101, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0xc}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x18, &(0x7f0000000100)=ANY=[@ANYBLOB="000657"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2000007, 0x4110, r1, 0xf78f000)

3.245776977s ago: executing program 1 (id=1105):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
personality(0x4000000)
ppoll(0x0, 0x0, &(0x7f0000000240)={0x0, 0x3938700}, 0x0, 0x0)

3.037784497s ago: executing program 1 (id=1109):
r0 = socket$inet_icmp(0x2, 0x2, 0x1)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000004c0)={'wlan1\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_KEY(r3, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000780)={0x28, r1, 0x1, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}, 0x1, 0x0, 0x0, 0x4010}, 0x4)

2.841753058s ago: executing program 1 (id=1112):
r0 = socket$key(0xf, 0x3, 0x2)
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000080)='./file2\x00', 0x4800, &(0x7f0000000100)=ANY=[], 0x1, 0x6bb, &(0x7f00000018c0)="$eJzs3c1vXFfdB/DvHY8dT9ombpq0eR5VqtVIgIhI7FgpmA0BIWSkCqGyYG0lTmNlkhbHRW6FqMPrtov+Ad1kg1ghsWITqbBgA7vukJeVkNh0g1kNujN3XjJ+m+bF45TPJ7pzzj3nnnN/93fvnbfImgD/s5bOp34/RZbOv75Rrm/dW2hu3Vu41a0nOZZkM6knqSUp/t1qtT5OriRFb5piqNzhw9XFNz75bOvTzlq9Wtrb1/YbN6TabnOoebPbNptkoiofwQPzXX3k+Ype5FeSnKtKGLvJJK3WZFo9P/nrs72esvNkp2zsNnr68AIFnpii87pZvhjXBttnkuPVjV6+D+i+8tbGEuQIjo243fA7CAAAAHjajPIZ+OR2trNRnDiEcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOALYbP/+/9FtdS69dkU3d//n6raUtWPllc+3+b3n1QcAAAAAAAAAHCIXtnOdjZyorveKtr/5/9qe+V0+/GZvJM7WclaLmQjy1nPetYyn2RmYKKpjeX19bX5EUZe2nXkpQMCPVaVjcdz3AAAAAAAAADwBfOLLPX//x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI6CIpnoFCnuDjTPpFZPMp1kqmzYTP7erT/N7o87AAAAADgEJ7eznY2c6K63ipxO8mL7O4DpvJPbWc9q1tPMSq61vxfofOqvbd1baG7dW7hVLjvn/fa/HlidPiCM9ozpfPew+57Ptrdo5HpW2y0XcjVvpZlrqbVHls5W8XRnHYrrbhlT8a3KiAm6VpXlkX9QlTu8P+Jk+xv+MqWx/xcsM+2MTPYyMlfFVmbj+e6Z2f0MDZ2dgwzvaT61XmCnh/Y0FPBD5fx4VZbH85u9cj4Ww5m4NHD1vbh/zpMv//H3P56r6kfnkEYzUZWt9mNjZyYWBjLx0iiZuNG8ffPG9Tvnn7ZM7DDXzsSZ3vpSvpcf5Xxm88OsZTU/zXLWs5LZfLddW65OfjFwe++RqSudYnK33S71E9fN+1R1hU5UrZ8nplfbY09kNT/IW7mWlbzW/ncp8/l6LudyFgfO8Jn9z3D7rq89cNf3XwFaz+2axnNfqSrl095vq3JXe3Y8KWVenx/I6+Bz7ky7b7Cln6VTB2epTMsDz41/2j+U+v9XlXIfvxw49+M3nIn5gUy8sF8muhfynebtm2s3lt8ebXenPhgY/usj9ZRaXi+nypOV7gnqXx1l3wvdvqF8lX2ne321HX1nen2dO3Vzzzt1qnoPt3OmS+2+l3btW2j3nR3o2+391sHv5gAYs+NfPT7V+Gfjb42PGr9q3Gi8Pv2dY9849vJUJv88+c363MSXai8Xf8hH+Xn/8z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDw7rz73s3lZnNlbajSarXe36Or2TqZ7NH1cJXanmGUlfoBoe6oZPYfz5QDui2t9Lq6P2f2GIM/qPJ/zyajj6p+gSedlvrjzfMYK/9ptVpVS7HHNr/7y85EPTdS6qZGvzYOqExXV3jlSKSuqtQPeadjekICDs3F9VtvX7zz7ntfW721/ObKmyu3Fy9fXpxbvPzawsXrq82Vuc7juKMEnoT+i/64IwEAAAAAAAAAAABGNdrfA+SR/pxg3McIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPN2Wzqd+P0Xm5y7Mletb9xaa5dKt97esJ6klKX6WFB8nV9JZMjMwXbHXfj5cXXzjk8+2Pu3PVS75/tUDxo1ms1oym2SiU959XPNdrcp9FfsdQtE7wjJh57qJg3H7bwAAAP//EOj9JQ==")
creat(&(0x7f0000000180)='./file2\x00', 0x71283578ac7c5cd)
rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='./file2\x00')
close_range(r0, 0xffffffffffffffff, 0x0)

2.645796362s ago: executing program 1 (id=1116):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x77, 0x29, 0x4, 0x20, 0x424, 0x9901, 0xc257, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x43, 0x0, 0x2, 0x31, 0x7d, 0x55, 0x0, [], [{{0x9, 0x5, 0x2, 0x2, 0x200, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f00000006c0)={0x34, &(0x7f0000000880)={0x40, 0x6, 0x4, "83a4a9b1"}, 0x0, 0x0, 0x0, 0x0, 0x0})

2.445699621s ago: executing program 0 (id=1119):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="380000001000030400000000fedbdf2500000300", @ANYRES32=0x0, @ANYBLOB="2010000000000000180012804755000000000000764a0000080000000080"], 0x38}, 0x1, 0x0, 0x0, 0x40001}, 0x40080)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000300)={0x1, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000040)={0x32b, @tick=0x387, 0xff})

2.411524332s ago: executing program 0 (id=1121):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000140)=[{0xe, 0x6, 0x3, 0x7fff0000}]})
r0 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x20)
connect$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0xb}, 0x20)
syz_emit_ethernet(0x8e, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaa1acd1f78800d86dd608a37f200587300fe8000000000000000000000000000bbfe8000000000000000000000000000aa00000000", @ANYRES8], 0x0)

2.303758602s ago: executing program 0 (id=1123):
syz_emit_vhci(&(0x7f0000000300)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0xa}, @l2cap_cid_le_signaling={{0x6}, @l2cap_ecred_reconf_rsp={{0x1a, 0x4, 0x2}, {0x7}}}}, 0xf)
r0 = syz_io_uring_setup(0x45b4, &(0x7f00000035c0)={0x0, 0xfffffffc, 0x10100}, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000300)=@hci={0x1f, 0x2}})
io_uring_enter(r0, 0x291c, 0x0, 0x0, 0x0, 0x0)

2.069413463s ago: executing program 3 (id=1124):
r0 = gettid()
timer_create(0x2, &(0x7f000049efa0)={0x0, 0x8, 0x4, @tid=r0}, &(0x7f0000044000)=<r1=>0x0)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)
timer_settime(0x0, 0xffffffffffffffff, &(0x7f0000000080)={{0x77359400}, {0x0, 0x9}}, 0x0)
timer_settime(r1, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)

1.929636453s ago: executing program 0 (id=1125):
syz_mount_image$xfs(&(0x7f0000009700), &(0x7f0000000140)='./file0\x00', 0x6010000, &(0x7f0000000200)={[{@filestreams}, {@pqnoenforce}, {@sysvgroups}, {@swalloc}, {@inode32}, {@gquota}, {@prjquota}, {@usrquota}, {@filestreams}, {@nolargeio}]}, 0x1, 0x975c, &(0x7f0000025d80)="$eJzs/QWcbXWhuP/PgUM3giBSUmKSEqJIhyJKihKCtKSACCgdSqigCCjd3d2d0t3d3R3/14EDKj5wvd/f/V+8Ps/zYmbPjlnz2Z/3Wou9Z83Ze6n5FptrYGDMgfd6//RvXbTbvcstPtpC6528y+Bb9t5x4SeGXjz8eydjzTH0dM6hp3MNDAwMGrqcQe9dNnj2k04eZmDwwJD//taoI408zKgDAyMPPTt0OQMzv3cyyiHv3+6dD8UDnXTIj9vhvY93G23IQoZ8sczyb609MDAw4t99/5BxTftPd1TaUnPOP9/frD5wG2bo1YP+dt27p4Pf+xjlgIGBUfYb+Oj1Y8hth/u77/3fbMjPHHPygSXu/QR+9v+5lppz/gU/5D9kWxx26GUzD9nGP7wNGvvwer7jYms8NnQKBw2duMF/t718Euv9/1NLzTnfQgMfvR0PLDzvpo++8+5+c/A8AwOD5x0YGDzfwMDg+T9pj/qf6RNd+aqqquoTac65ZhjynH2YDz0eGPH9x7X0uPCyN6d7cGBg8MLvPU8cvPz7zwWrqqqqqqqq6t+zOeeaYW54/j/mxz3/n/TMbcbq+X9VVVVVVVXV/50WnHOuGYY81//Q8//xP+75/7OPH33we3/7P8fM733X25/snaiqqqqqqqqqj22+BfH5/6Qf9/z/ipMmvbrn/1VVVVVVVVX/d1r0nXfe2fzvXmdv6MVTv389Pf8/+5G7l/3EBlxVVVVVVVVV/+3efuqMc/72mu8TD3zo9d7fbejvBQYdd961135iA/33aNA//z5ki096TP9fG+I84hGTDgysvcQnPZT6BPo/81r19f+X8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/cR9x/P+D1/8/+4QV338v+M9POcOtZ/ztO9997//BCy/41Jaf0NA/if5Tj/8PrD5oYGCo75irDwwMLDznootPPTAwcMatM0w5xcAH180y5LrZxh723TeIf/+ficw7Fi94i8neOx2yogyM88Eyjnt3+Qu+s/+wgz40iL9rrFMOPni1pV6Z8cOnU330/Rjmg69GO/nx9/8tyzAfutGIH/HN7y///fvyYeehY596yNin2WCtdadZf+NNvrL6WiusuvKqK6896/QzTTfjrLPONNM0q6y+5srTvvf5o+Zs0nc/z/2vzNmoH56zp+b8+zn78H37qDmb9OPn7N0l7nr5iN96f84G/zfnbO6Pn7NJVx/6g8aaY7iB5d+dm0EDA2PNM9zARkPOTDfCwMBY8w697fhDbvuNsYcZGNj5b3d0yFcjfLAODtpiyG2Wmm+xud7bTQ0M/O30b33E+9kPP3Tkcww9nXPo6Vzv/ZgxB/62Kg6e/aSThxkyF/8wHaOONPIwow4MjDz07NDlDMz63snIZ75/u494n/UPDfTdl1nZ4b2PdxttYGBglCFfTLzC2dsOmfr/hfdp/3/6//8/ec0y6IP1cdDQj6G3ec9rzvkX/NvPencahszdsEMvm3mIyf/wW9v/Q/803klHHJj0Y8b7Ma+L8260fq15xrhb/U+9Lg6Nd/yPGe/HvI7vR453yQf3eOy9Rf2PjfdD+7qF3v08x7+yrxv4+H3dsLSAla+a6MP7uu989BD/YXf5/hyN8KEbfdS+bvy9JtliyPLn+Ph93UJDxj7cP+zrhhkYGGvu9/d1Q3Z88w03sPOQM9MPOTP/cAOHDTkzw7tnRho4b8iZr664zporDblggX9eD6Ye9A9/oAnb2Xwf2s4G/d19H/Shv+8c/N7pKAe8/x5OH7HfHDT0bv2X+wpab8f8mPF+zPtP4TwPuWyl40cc93/q/adovCN+/Hg/6v2yP3K8O7189r3/w+P9YDsb7u+ma4F/ZTub9B+3syF3cdi/2zL+1cdhK8Ht3/t6/A+WtuFmj3/wmGK4Dy33v3pMscDHb2djrv6h79t+v4FBHzc38/8rczPhP+2Dtvz7uflXH29NPfl71w/7MXMzwqzLTfX+3Az/35yb+f+7czPHwLD/ODeDB+YdGBiYYuj+Yb5/ZW7G//i5+VfXm5Hh9u99vfIHF82z4xGXvD83H56L/2pu5vvvzs2kH6w3U7x73WTDDAw//MBGK2ywwXrTvff5/bPTv/f547fBef6VuRzzf2YuJxj8UXP5t1V11AevPuC/2Ab/aZ/+/vLn+e/O5cAHczmw+oc3lvp3rd//ucvfXf7u8neXv7v83eUv7iOO/3/w+v+7jznbLkN/uTHc1ZOMt90nPd5PuP/o4/9Dff/h+P92401y9TADH1z3scdn37vNv+Xx2ZnfOxnlkPdv9+HjgzzQjz4+u9+sM2/zv3R89v+p97fVf+H3cO3/3eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/uI+4vj/tO//HcAj0y3y/NADocM9sfXSi3zS4/2E+48+/j/U9x+O/y+y9NZPDDPwwXUfe/z/vds4jv/f/8Z8O/07H/9/f1vt+H/9F+XvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/uI+4vj/HO//HcDRR++xyft/D3DjWDuc8UmP9xPuP/X4f+//7639v7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y1/c0OP/Ax96e8vvt15gcPz//3Yf4b9I/pjFf9H8MYv/YvljFv/F88cs/kvkj1n8l8wfs/j/IH/M4r9U/pjF/4f5Yxb/H+WPWfyXzh+z+C+TP2bxXzZ/zOK/XP6Yxf/H+WMW/+Xzxyz+K+SPWfx/kj9m8V8xf8ziv1L+mMV/5fwxi/8q+WMW/1Xzxyz+q+WPWfxXzx+z+P80f8ziv0b+mMV/zfwxi/9a+WMW/7Xzxyz+6+SPWfzXzR+z+P8sf8ziv17+mMV//fwxi/8G+WMW/5/nj1n8N8wfs/j/In/M4r9R/pjFf+P8MYv/JvljFv9f5o9Z/H+VP2bx3zR/zOK/Wf6YxX/z/DGL/xb5Yxb/LfPHLP5b5Y9Z/LfOH7P4b5M/ZvHfNn/M4r9d/pjF/9f5Yxb/3+SPWfy3zx+z+O+QP2bx3zF/zOK/U/6Yxf+3+WMW/9/lj1n8f58/ZvHfOX/M4r9L/pjF/w/5Yxb/P+aPWfx3zR+z+P8pf8ziv1v+mMV/9/wxi/8e+WMW/z/nj1n8/5I/ZvHfM3/M4r9X/pjFf+/8MYv/PvljFv9988cs/vvlj1n8988fs/gfkD9m8T8wf8zif1D+mMX/4Pwxi/8h+WMW/0Pzxyz+h+WPWfwPzx+z+B+RP2bxPzJ/zOJ/VP6Yxf/o/DGL/zH5Yxb/Y/PHLP7H5Y9Z/I/PH7P4n5A/ZvE/MX/M4n9S/pjF/+T8MYv/KfljFv9T88cs/qflj1n8T88fs/ifkT9m8T8zf8zif1b+mMX/7Pwxi/85+WMW/3Pzxyz+5+WPWfzPzx+z+F+QP2bxvzB/zOJ/Uf6Yxf/i/DGL/yX5Yxb/S/PHLP6X5Y9Z/C/PH7P4X5E/ZvH/a/6Yxf/K/DGL/1X5Yxb/q/PHLP7X5I9Z/K/NH7P4X5c/ZvG/Pn/M4n9D/pjF/8b8MYv/TfljFv+b88cs/rfkj1n8b80fs/jflj9m8b89f8zif0f+mMX/zvwxi/9d+WMW/7vzxyz+9+SPWfzvzR+z+N+XP2bxvz9/zOL/QP6Yxf/B/DGL/0P5Yxb/h/PHLP6P5I9Z/B/NH7P4P5Y/ZvF/PH/M4v9E/pjF/8n8MYv/U/ljFv+n88cs/s/kj1n8n80fs/g/lz9m8X8+f8zi/0L+mMX/xfwxi/9L+WMW/5fzxyz+r+SPWfxfzR+z+L+WP2bxfz1/zOL/Rv6Yxf/N/DGL/1v5Yxb/t/PHLP7v5I9J/AcN5I9Z/Aflj1n8h8kfs/gPmz9m8R+cP2bxHy5/zOI/fP6YxX+E/DGL/4j5Yxb/kfLHLP4j549Z/EfJH7P4j5o/ZvEfLX/M4j96/pjFf4z8MYv/mPljFv+x8scs/mPnj1n8P5U/ZvEfJ3/M4j9u/pjF/9P5Yxb/8fLHLP7j549Z/D+TP2bxnyB/zOL/2fwxi/+E+WMW/4nyxyz+E+ePWfwnyR+z+E+aP2bx/1z+mMV/svf9R/yExvVvmsV/8rZ/zOI/Rf6YxX/K/DGL/1T5Yxb/z+ePWfynzh+z+H8hf8zi/8X8MYv/l/LHLP5fzh+z+H8lf8zi/9X8MYv/NPljFv9p88cs/tPlj1n8p88fs/jPkD9m8Z8xf8zi/7X8MYv/TPljFv+Z88cs/rPkj1n8Z80fs/h/PX/M4j9b/pjF/xv5Yxb/b+aPWfxnzx+z+H8rf8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+M+XP2bxnz9/zOK/QP6YxX/B/DGL/7fzxyz+38kfs/gvlD9m8f9u/pjFf+H8MYv/9/LHLP7fzx+z+C+SP2bxXzR/zOK/WP6YxX/x/DGL/xL5Yxb/JfPHLP4/yB+z+C+VP2bx/2H+mMX/R/ljFv+l88cs/svkj1n8l80fs/gvlz9m8f9x/pjFf/n8MYv/CvljFv+f5I9Z/FfMH7P4r5Q/ZvFfOX/M4r9K/pjFf9X8MYv/avljFv/V88cs/j/NH7P4r5E/ZvFfM3/M4r9W/pjFf+38MYv/OvljFv9188cs/j/LH7P4r5c/ZvFfP3/M4r9B/pjF/+f5Yxb/DfPHLP6/yB+z+G+UP2bx3zh/zOK/Sf6Yxf+X+WMW/1/lj1n8N80fs/hvlj9m8d88f8ziv0X+mMV/y/wxi/9W+WMW/63zxyz+2+SPWfy3zR+z+G+XP2bx/3X+mMX/N/ljFv/t88cs/jvkj1n8d8wfs/jvlD9m8f9t/pjF/3f5Yxb/3+ePWfx3zh+z+O+SP2bx/0P+mMX/j/ljFv9d88cs/n/KH7P475Y/ZvHfPX/M4r9H/pjF/8/5Yxb/v+SPWfz3zB+z+O+VP2bx3zt/zOK/T/6YxX/f/DGL/375Yxb//fPHLP4H5I9Z/A/MH7P4H5Q/ZvE/OH/M4n9I/pjF/9B/9H/4f31c/6ZZ/A9r+8cs/ofnj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/mPwxi/+x+WMW/+Pyxyz+x+ePWfxPyB+z+J+YP2bxPyl/zOJ/cv6Yxf+U/DGL/6n5Yxb/0/LHLP6n549Z/M/IH7P4n5k/ZvE/K3/M4n92/pjF/5z8MYv/ufljFv/z8scs/ufnj1n8L8gfs/hfmD9m8b8of8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+T+L9b/v+cxH/QlfljFv+r8scs/lfnj1n8r8kfs/hfmz9m8b8uf8zif33+mMX/hvwxi/+N+WMW/5vyxyz+N+ePWfxvyR+z+N+aP2bxvy1/zOJ/e/6Yxf+O/DGL/535Yxb/u/LHLP53549Z/O/JH7P435s/ZvG/L3/M4n9//pjF/4H8MYv/g/ljFv+H8scs/g/nj1n8H8kfs/g/mj9m8X8sf8zi/3j+mMX/ifwxi/+T+WMW/6fyxyz+T+ePWfyfyR+z+D+bP2bxfy5/zOL/fP6Yxf+F/DGL/4v5Yxb/l/LHLP4v549Z/F/JH7P4v5o/ZvF/Lf/h6UKL/+v5Yxb/N/LHLP5v5o9Z/N/KH7P4v50/ZvF/J39M4v/ul/n/cxb/QfljFv9h8scs/sPmj1n8B+ePWfyHyx+z+A+fP2bxHyF/zOI/Yv6YxX+k/DGL/8j5Yxb/UfLHLP6j5o9Z/EfLH7P4j54/ZvEfI3/M4j9m/pjFf6z8MYv/2PljFv9P5Y9Z/MfJH7P4j5s/ZvH/dP6YxX+8/DGL//j5Yxb/z+SPWfwnyB+z+H82f8ziP2H+mMV/ovwxi//E+WMW/0nyxyz+k+aPWfw/lz9m8Z8sf8ziP3n+mMV/ivwxi/+U+WMW/6nyxyz+n88fs/hPnT9m8f9C/pjF/4v5Yxb/L+WPWfy/nD9m8f9K/pjF/6v5Yxb/afLHLP7T5o8Numi34QYGBv7j/afLH7Ns/9Pnj1n8Z8gfs/jPmD9m8f9a/pjFf6b8MYv/zPljFv9Z8scs/rPmj1n8v54/ZvGfLX/M4v+N/DGL/zfzxyz+s+ePWfy/lT9m8Z8jf8ziP2f+mMV/rvwxi//c+WMW/3nyxyz+8+aPWfznyx+z+M+fP2bxXyB/zOK/YP6Yxf/b+WMW/+/kj1n8F8ofs/h/N3/M4r9w/pjF/3v5Yxb/7+ePWfwXyR+z+C+aP2bxXyx/zOK/eP6YxX+J/DGL/5L5Yxb/H+SPWfyXyh+z+P8wf8zi/6P8MYv/0vljFv9l8scs/svmj1n8l8sfs/j/OH/M4r98/pjFf4X8MYv/T/LHLP4r5o9Z/FfKH7P4r5w/ZvFfJX/M4r9q/pjFf7X8MYv/6vljFv+f5o9Z/NfIH7P4r5k/ZvFfK3/M4r92/pjFf538MYv/uvljFv+f5Y9Z/NfLH7P4r58/ZvHfIH/M4v/z/DGL/4b5Yxb/X+SPWfw3yh+z+G+cP2bx3yR/zOL/y/wxi/+v8scs/pvmj1n8N8sfs/hvnj9m8d8if8ziv2X+mMV/q/wxi//W+WMW/23yxyz+2+aPWfy3yx+z+P86f8zi/5v8MYv/9vljFv8d8scs/jvmj1n8d8ofs/j/Nn/M4v+7/DGL/+/zxyz+O+ePWfx3yR+z+P8hf8zi/8f8MYv/rvljFv8/5Y9Z/HfLH7P4754/ZvHfI3/M4v/n/DGL/1/yxyz+e+aPWfz3yh+z+O+dP2bx3yd/zOK/b/6YxX+//DGL//75Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bxPyV/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/hfmj1n8L8ofs/hfnD9m8b8kf8zif2n+mMX/svwxi//l+WMW/yvyxyz+f80fs/hfmT9m8b8qf8zif3X+mMX/mvwxi/+1+WMW/+vyxyz+1+ePWfxvyB+z+N+YP2bxvyl/zOJ/c/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/O/IH7P435k/ZvG/K3/M4n93/pjF/578MYv/vfljFv/78scs/vfnj1n8H8gfs/g/mD9m8X8of8zi/3D+mMX/kfwxi/+j+WMW/8fyxyz+j+ePWfyfyB+z+D+ZP2bxfyp/zOL/dP6Yxf+Z/DGL/7P5Yxb/5/LHLP7P549Z/F/IH7P4v5g/ZvF/KX/M4v9y/pjF/5X8MYv/q/ljFv/X8scs/q/nj1n838gfs/i/mT9m8X8rf8zi/3b+mMX/nfwxif+wA/ljFv9B+WMW/2Hyxyz+w+aPWfwH549Z/IfLH7P4D58/ZvEfIX/M4j9i/pjFf6T8MYv/yPljFv9R8scs/qPmj1n8R8sfs/iPnj9m8R8jf8ziP2b+mMV/rPwxi//Y+WMW/0/lj1n8x8kfs/iPmz9m8f90/pjFf7z8MYv/+PljFv/P5I9Z/CfIH7P4fzZ/zOI/Yf6YxX+i/DGL/8T5Yxb/SfLHLP6T5o9Z/D+XP2bxnyx/zOI/ef6YxX+K/DGL/5T5Yxb/qfLHLP6fzx+z+E+dP2bx/0L+mMX/i/ljFv8v5Y9Z/L+cP2bx/0r+mMX/q/ljFv9p8scs/tPmj1n8p8sfs/hPnz9m8Z8hf8ziP2P+mMX/a/ljFv+Z8scs/jPnj1n8Z8kfs/jPmj9m8f96/pjFf7b8MYv/N/LHLP7fzB+z+M+eP2bx/1b+mMV/jvwxi/+c+WMW/7nyxyz+c+ePWfznyR+z+M+bP2bxny9/zOI/f/6YxX+B/DGL/4L5Yxb/b+ePWfy/kz9m8V8of8zi/938MYv/wvljFv/v5Y9Z/L+fP2bxXyR/zOK/aP6YxX+x/DGL/+L5Yxb/JfLHLP5L5o9Z/H+QP2bxXyp/zOL/w/wxi/+P8scs/kvnj1n8l8kfs/gvmz9m8V8uf8zi/+P8MYv/8vljFv8V8scs/j/JH7P4r5g/ZvFfKX/M4r9y/pjFf5X8MYv/qvljFv/V8scs/qvnj1n8f5o/ZvFfI3/M4r9m/pjFf638MYv/2vljFv918scs/uvmj1n8f5Y/ZvFfL3/M4r9+/pjFf4P8MYv/z/PHLP4b5o9Z/H+RP2bx3yh/zOK/cf6YxX+T/DGL/y/zxyz+v8ofs/hvmj9m8d8sf8ziv3n+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfy3yR+z+G+bP2bx3y5/zOL/6/wxi/9v8scs/tvnj1n8d8gfs/jvmD9m8d8pf8zi/9v8MYv/7/LHLP6/zx+z+O+cP2bx3yV/zOL/h/wxi/8f88cs/rvmj1n8/5Q/ZvHfLX/M4r97/pjFf4/8MYv/n/PHLP5/yR+z+O+ZP2bx3yt/zOK/d/6YxX+f/DGL/775Yxb//fLHLP77549Z/A/IH7P4H5g/ZvE/KH/M4n9w/pjF/5D8MYv/ofljFv/D8scs/ofnj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/mPwxi/+x+WMW/+Pyxyz+x+ePWfxPyB+z+J+YP2bxPyl/zOJ/cv6Yxf+U/DGL/6n5Yxb/0/LHLP6n549Z/M/IH7P4n5k/ZvE/K3/M4n92/pjF/5z8MYv/ufljFv/z8scs/ufnj1n8L8gfs/hfmD9m8b8of8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+z+P81f8zif2X+mMX/qvwxi//V+WMW/2vyxyz+1+aPWfyvyx+z+F+fP2bxvyF/zOJ/Y/6Yxf+m/DGL/835Yxb/W/LHLP635o9Z/G/LH7P4354/ZvG/I3/M4n9n/pjF/678MYv/3fljFv978scs/vfmj1n878sfs/jfnz9m8X8gf8zi/2D+mMX/ofwxi//D+WMW/0fyxyz+j+aPWfwfyx+z+D+eP2bxfyJ/zOL/ZP6Yxf+p/DGL/9P5Yxb/Z/LHLP7P5o9Z/J/LH7P4P58/ZvF/IX/M4v9i/pjF/6X8MYv/y/ljFv9X8scs/q/mj1n8X8sfs/i/nj9m8X8jf8zi/2b+mMX/rfwxi//b+WMW/3fyxyT+gwfyxyz+g/LHLP7D5I9Z/IfNH7P4D84fs/gPlz9m8R8+f8ziP0L+mMV/xPwxi/9I+WMW/5Hzxyz+o+SPWfxHzR+z+I+WP2bxHz1/zOI/Rv6YxX/M/DGL/1j5Yxb/sfPHLP6fyh+z+I+TP2bxHzd/zOL/6fwxi/94+WMW//Hzxyz+n8kfs/hPkD9m8f9s/pjFf8L8MYv/RPljFv+J88cs/pPkj1n8J80fs/h/Ln/M4j9Z/pjFf/L8MYv/FPljFv8p88cs/lPlj1n8P58/ZvGfOn/M4v+F/DGL/xfzxyz+X8ofs/h/OX/M4v+V/DGL/1fzxyz+0+SPWfynzR+z+E+XP2bxnz5/zOI/Q/6YxX/G/DGL/9fyxyz+M+WPWfxnzh+z+M+SP2bxnzV/zOL/9fwxi/9s+WMW/2/kj1n8v5k/ZvGfPX/M4v+t/DGL/xz5Yxb/OfPHLP5z5Y9Z/OfOH7P4z5M/ZvGfN3/M4j9f/pjFf/78MYv/AvljFv8F88cs/t/OH7P4fyd/zOK/UP6Yxf+7+WMW/4Xzxyz+38sfs/h/P3/M4r9I/pjFf9H8MYv/YvljFv/F88cs/kvkj1n8l8wfs/j/IH/M4r9U/pjF/4f5Yxb/H+WPWfyXzh+z+C+TP2bxXzZ/zOK/XP6Yxf/H+WMW/+Xzxyz+K+SPWfx/kj9m8V8xf8ziv1L+mMV/5fwxi/8q+WMW/1Xzxyz+q+WPWfxXzx+z+P80f8ziv0b+mMV/zfwxi/9a+WMW/7Xzxyz+6+SPWfzXzR+z+P8sf8ziv17+mMV//fwxi/8G+WMW/5/nj1n8N8wfs/j/In/M4r9R/pjFf+P8MYv/JvljFv9f5o9Z/H+VP2bx3zR/zOK/Wf6YxX/z/DGL/xb5Yxb/LfPHLP5b5Y9Z/LfOH7P4b5M/ZvHfNn/M4r9d/pjF/9f5Yxb/3+SPWfy3zx+z+O+QP2bx3zF/zOK/U/6Yxf+3+WMW/9/lj1n8f58/ZvHfOX/M4r9L/pjF/w/5Yxb/P+aPWfx3zR+z+P8pf8ziv1v+mMV/9/wxi/8e+WMW/z/nj1n8/5I/ZvHfM3/M4r9X/pjFf+/8MYv/PvljFv9988cs/vvlj1n8988fs/gfkD9m8T8wf8zif1D+mMX/4Pwxi/8h+WMW/0Pzxyz+h+WPWfwPzx+z+B+RP2bxPzJ/zOJ/VP6Yxf/o/DGL/zH5Yxb/Y/PHLP7H5Y9Z/I/PH7P4n5A/ZvE/MX/M4n9S/pjF/+T8MYv/KfljFv9T88cs/qflj1n8T88fs/ifkT9m8T8zf8zif1b+mMX/7Pwxi/85+WMW/3Pzxyz+5+WPWfzPzx+z+F+QP2bxvzB/zOJ/Uf6Yxf/i/DGL/yX5Yxb/S/PHLP6X5Y9Z/C/PH7P4X5E/ZvH/a/6Yxf/K/DGL/1X5Yxb/q/PHLP7X5I9Z/K/NH7P4X5c/ZvG/Pn/M4n9D/pjF/8b8MYv/TfljFv+b88cs/rfkj1n8b80fs/jflj9m8b89f8zif0f+mMX/zvwxi/9d+WMW/7vzxyz+9+SPWfzvzR+z+N+XP2bxvz9/zOL/QP6Yxf/B/DGL/0P5Yxb/h/PHLP6P5I9Z/B/NH7P4P5Y/ZvF/PH/M4v9E/pjF/8n8MYv/U/ljFv+n88cs/s/kj1n8n80fs/g/lz9m8X8+f8zi/0L+mMX/xfwxi/9L+WMW/5fzxyz+r+SPWfxfzR+z+L+WP2bxfz1/zOL/Rv6Yxf/N/DGL/1v5Yxb/t/PHLP7v5I9J/IcbyB+z+A/KH7P4D5M/ZvEfNn/M4j84f8ziP1z+mMV/+Pwxi/8I+WMW/xHzxyz+I+WPWfxHzh+z+I+SP2bxHzV/zOI/Wv6YxX/0/DGL/xj5Yxb/MfPHLP5j5Y9Z/MfOH7P4fyp/zOI/Tv6YxX/c/DGL/6fzxyz+4+WPWfzHzx+z+H8mf8ziP0H+mMX/s/ljFv8J88cs/hPlj1n8J84fs/hPkj9m8Z80f8zi/7n8MYv/ZPljFv/J88cs/lPkj1n8p8wfs/hPlT9m8f98/pjFf+r8MYv/F/LHLP5fzB+z+H8pf8zi/+X8MYv/V/LHLP5fzR+z+E+TP2bxnzZ/zOI/Xf6YxX/6/DGL/wz5Yxb/GfPHLP5fyx+z+M+UP2bxnzl/zOI/S/6YxX/W/DGL/9fzxyz+s+WPWfy/kT9m8f9m/pjFf/b8MYv/t/LHLP5z5I9Z/OfMH7P4z5U/ZvGfO3/M4j9P/pjFf978MYv/fPljFv/588cs/gvkj1n8F8wfs/h/O3/M4v+d/DGL/0L5Yxb/7+aPWfwXzh+z+H8vf8zi//38MYv/IvljFv9F88cs/ovlj1n8F88fs/gvkT9m8V8yf8zi/4P8MYv/UvljFv8f5o9Z/H+UP2bxXzp/zOK/TP6YxX/Z/DGL/3L5Yxb/H+ePWfyXzx+z+K+QP2bx/0n+mMV/xfwxi/9K+WMW/5Xzxyz+q+SPWfxXzR+z+K+WP2bxXz1/zOL/0/wxi/8a+WMW/zXzxyz+a+WPWfzXzh+z+K+TP2bxXzd/zOL/s/wxi/96+WMW//Xzxyz+G+SPWfx/nj9m8d8wf8zi/4v8MYv/RvljFv+N88cs/pvkj1n8f5k/ZvH/Vf6YxX/T/DGL/2b5Yxb/zfPHLP5b5I9Z/LfMH7P4b5U/ZvHfOn/M4r9N/pjFf9v8MYv/dvljFv9f549Z/H+TP2bx3z5/zOK/Q/6YxX/H/DGL/075Yxb/3+aPWfx/lz9m8f99/pjFf+f8MYv/LvljFv8/5I9Z/P+YP2bx3zV/zOL/p/wxi/9u+WMW/93zxyz+e+SPWfz/nD9m8f9L/pjFf8/8MYv/XvljFv+988cs/vvkj1n8980fs/jvlz9m8d8/f8zif0D+mMX/wPwxi/9B+WMW/4Pzxyz+h+SPWfwPzR+z+B+WP2bxPzx/zOJ/RP6Yxf/I/DGL/1H5Yxb/o/PHLP7H5I9Z/I/NH7P4H5c/ZvE/Pn/M4n9C/pjF/8T8MYv/SfljFv+T88cs/qfkj1n8T80fs/iflj9m8T89f8zif0b+mMX/zPwxi/9Z+WMW/7Pzxyz+5+SPWfzPzR+z+J+XP2bxPz9/zOJ/Qf6Yxf/C/DGL/0X5Yxb/i/PHLP6X5I9Z/C/NH7P4X5Y/ZvG/PH/M4n9F/pjF/6/5Yxb/K/PHLP5X5Y9Z/K/OH7P4X5M/ZvG/Nn/M4n9d/pjF//r8MYv/DfljFv8b88cs/jflj1n8b84fs/jfkj9m8b81f8zif1v+mMX/9vwxi/8d+WMW/zvzxyz+d+WPWfzvzh+z+N+TP2bxvzd/zOJ/X/6Yxf/+/DGL/wP5Yxb/B/PHLP4P5Y9Z/B/OH7P4P5I/ZvF/NH/M4v9Y/pjF//H8MYv/E/ljFv8n88cs/k/lj1n8n84fs/g/kz9m8X82f8zi/1z+mMX/+fwxi/8L+WMW/xfzxyz+L+WPWfxfzh+z+L+SP2bxfzV/zOL/Wv6Yxf/1/DGL/xv5Yxb/N/PHLP5v5Y9Z/N/OH7P4v5M/JvEffiB/zOI/KH/M4j9M/pjFf9j8MYv/4Pwxi/9w+WMW/+Hzxyz+I+SPWfxHzB+z+I+UP2bxHzl/zOI/Sv6YxX/U/DGL/2j5Yxb/0fPHLP5j5I9Z/MfMH7P4j5U/ZvEfO3/M4v+p/DGL/zj5Yxb/cfPHLP6fzh+z+I+XP2bxHz9/zOL/mfwxi/8E+WMW/8/mj1n8J8wfs/hPlD9m8Z84f8ziP0n+mMV/0vwxi//n8scs/pPlj1n8J88fs/hPkT9m8Z8yf8ziP1X+mMX/8/ljFv+p88cs/l/IH7P4fzF/zOL/pfwxi/+X88cs/l/JH7P4fzV/zOI/Tf6YxX/a/DGL/3T5Yxb/6fPHLP4z5I9Z/GfMH7P4fy1/zOI/U/6YxX/m/DGL/yz5Yxb/WfPHLP5fzx+z+M+WP2bx/0b+mMX/m/ljFv/Z88cs/t/KH7P4z5E/ZvGfM3/M4j9X/pjFf+78MYv/PPljFv9588cs/vPlj1n8588fs/gvkD9m8V8wf8zi/+38MYv/d/LHLP4L5Y9Z/L+bP2bxXzh/zOL/vfwxi//388cs/ovkj1n8F80fs/gvlj9m8V88f8ziv0T+mMV/yfwxi/8P8scs/kvlj1n8f5g/ZvH/Uf6YxX/p/LH/UP9BH7Iefpn8sf9Q/3f7++1/2fwxi/9y+WMW/x/nj1n8l88fs/ivkD9m8f9J/pjFf8X8sUEXDRo6M//Z/ivlj1m2/5Xzxyz+q+SPWfxXzR+z+K+WP2bxXz1/zOL/0/wxi/8a+WMW/zXzxyz+a+WPWfzXzh+z+K+TP2bxXzd/zOL/s/wxi/96+WMW//Xzxyz+G+SPWfx/nj9m8d8wf8zi/4v8MYv/RvljFv+N88cs/pvkj1n8f5k/ZvH/Vf6YxX/T/DGL/2b5Yxb/zfPHLP5b5I9Z/LfMH7P4b5U/ZvHfOn/M4r9N/pjFf9v8MYv/dvljFv9f549Z/H+TP2bx3z5/zOK/Q/6YxX/H/DGL/075Yxb/3+aPWfx/lz9m8f99/pjFf+f8MYv/LvljFv8/5I9Z/P+YP2bx3zV/zOL/p/wxi/9u+WMW/93zxyz+e+SPWfz/nD9m8f9L/pjFf8/8MYv/XvljFv+988cs/vvkj1n8980fs/jvlz9m8d8/f8zif0D+mMX/wPwxi/9B+WMW/4Pzxyz+h+SPWfwPzR+z+B+WP2bxPzx/zOJ/RP6Yxf/I/DGL/1H5Yxb/o/PHLP7H5I9Z/I/NH7P4H5c/ZvE/Pn/M4n9C/pjF/8T8MYv/SfljFv+T88cs/qfkj1n8T80fs/iflj9m8T89f8zif0b+mMX/zPwxi/9Z+WMW/7Pzxyz+5+SPWfzPzR+z+J+XP2bxPz9/zOJ/Qf6Yxf/C/DGL/0X5Yxb/i/PHLP6X5I9Z/C/NH7P4X5Y/ZvG/PH/M4n9F/pjF/6/5Yxb/K/PHLP5X5Y9Z/K/OH7P4X5M/ZvG/Nn/M4n9d/pjF//r8MYv/DfljFv8b88cs/jflj1n8b84fs/jfkj9m8b81f8zif1v+mMX/9vwxi/8d+WMW/zvzxyz+d+WPWfzvzh+z+N+TP2bxvzd/zOJ/X/6Yxf/+/DGL/wP5Yxb/B/PHLP4P5Y9Z/B/OH7P4P5I/ZvF/NH/M4v9Y/pjF//H8MYv/E/ljFv8n88cs/k/lj1n8n84fs/g/kz9m8X82f8zi/1z+mMX/+fwxi/8L+WMW/xfzHxgJLrP4v5Q/ZvF/OX/M4v9K/pjF/9X8MYv/a/ljFv/X88cs/m/kj1n838wfs/i/lT9m8X87f8zi/07+mMR/hIH8MYv/oPwxi/8w+WMW/2Hzxyz+g/PHLP7D5Y9Z/IfPH7P4j5A/ZvEfMX/M4j9S/pjFf+T8MYv/KPljFv9R88cs/qPlj1n8R88fs/iPkT9m8R8zf8ziP1b+QxvxH85Z/MfOH7P4fyp/zOI/Tv6YxX/c/DGL/6fzxyz+4+WPWfzHzx+z+H8mf8ziP0H+mMX/s/ljFv8J88cs/hPlj1n8J84fs/hPkj9m8Z80f8zi/7n8MYv/ZPljFv/J88cs/lPkj1n8p8wfs/hPlT9m8f98/pjFf+r8MYv/F/LHLP5fzB+z+H8pf8zi/+X8MYv/V/LHLP5fzR+z+E+TP2bxnzZ/zOI/Xf6YxX/6/DGL/wz5Yxb/GfPHLP5fyx+z+M+UP2bxnzl/zOI/S/6YxX/W/DGL/9fzxyz+s+WPWfy/kT9m8f9m/pjFf/b8MYv/t/LHLP5z5I9Z/OfMH7P4z5U/ZvGfO3/M4j9P/pjFf978MYv/fPljFv/588cs/gvkj1n8F8wfs/h/O3/M4v+d/DGL/0L5Yxb/7+aPWfwXzh+z+H8vf8zi//38MYv/IvljFv9F88cs/ovlj1n8F88fs/gvkT9m8V8yf8zi/4P8MYv/UvljFv8f5o9Z/H+UP2bxXzp/zOK/TP6YxX/Z/DGL/3L5Yxb/H+ePWfyXzx+z+K+QP2bx/0n+mMV/xfwxi/9K+WMW/5Xzxyz+q+SPWfxXzR+z+K+WP2bxXz1/zOL/0/wxi/8a+WMW/zXzxyz+a+WPWfzXzh+z+K+TP2bxXzd/zOL/s/wxi/96+WMW//Xzxyz+G+SPWfx/nj9m8d8wf8zi/4v8MYv/RvljFv+N88cs/pvkj1n8f5k/ZvH/Vf6YxX/T/DGL/2b5Yxb/zfPHLP5b5I9Z/LfMH7P4b5U/ZvHfOn/M4r9N/pjFf1v0b42w+G+XNmbx/3X+mMX/N/ljFv/t88cs/jvkj1n8d3zP/613Pqlx/Ztm8d+p7R+z+P82f8zi/7v8MYv/7/PHLP47549Z/HfJH7P4/yF/zOL/x/wxi/+u+WMW/z/lj1n8d8sfs/jvnj9m8d8jf8zi/+f8MYv/X/LHLP575o9Z/PfKH7P4750/ZvHfJ3/M4r9v/pjFf7/8MYv//vljFv8D8scs/gfmj1n8D8ofs/gfnD9m8T8kf8zif2j+mMX/sPwxi//h+WMW/yPyxyz+R+aPWfyPyh+z+B+dP2bxPyZ/zOJ/bP6Yxf+4/DGL//H5Yxb/E/LHLP4n5o9Z/E/KH7P4n5w/ZvE/JX/M4n9q/pjF/7T8MYv/6fljFv8z8scs/mfmj1n8z8ofs/ifnT9m8T8nf8zif27+mMX/vPwxi//5+WMW/wvyxyz+F+aPWfwvyh+z+F+cP2bxvyR/zOJ/af6Yxf+y/DGL/+X5Yxb/K/LHLP5/zR+z+F+ZP2bxvyp/zOJ/df6Yxf+a/DGL/7X5Yxb/6/LHLP7X549Z/G/IH7P435g/ZvG/KX/M4n9z/pjF/5b8MYv/rfljFv/b8scs/rfnj1n878gfs/jfmT9m8b8rf8zif3f+mMX/nvwxi/+9+WMW//vyxyz+9+ePWfwfyB+z+D+YP2bxfyh/zOL/cP6Yxf+R/DGL/6P5Yxb/x/LHLP6P549Z/J/IH7P4P5k/ZvF/Kn/M4v90/pjF/5n8MYv/s/ljFv/n8scs/s/nj1n8X8gfs/i/mD9m8X8pf8zi/3L+mMX/lfwxi/+r+WMW/9fyxyz+r+ePWfzfyB+z+L+ZP2bxfyt/zOL/dv6Yxf+d/DGJ/4gD+WMW/0H5Yxb/YfLHLP7D5o9Z/Afnj1n8h8sfs/gPnz9m8R8hf8ziP2L+mMV/pPwxi//I+WMW/1Hyxyz+o+aPWfxHyx+z+I+eP2bxHyN/zOI/Zv6YxX+s/DGL/9j5Yxb/T+WPWfzHyR+z+I+bP2bx/3T+mMV/vPwxi//4+WMW/8/kj1n8J8gfs/h/Nn/M4j9h/pjFf6L8MYv/xPljFv9J8scs/pPmj1n8P5c/ZvGfLH/M4j95/pjFf4r8MYv/lPljFv+p8scs/p/PH7P4T50/ZvH/Qv6Yxf+L+WMW/y/lj1n8v5w/ZvH/Sv6Yxf+r+WMW/2nyxyz+0+aPWfynyx+z+E+fP2bxnyF/zOI/Y/6Yxf9r+WMW/5nyxyz+M+ePWfxnyR+z+M+aP2bx/3r+mMV/tvwxi/838scs/t/MH7P4z54/ZvH/Vv6YxX+O/DGL/5z5Yxb/ufLHLP5z549Z/OfJH7P4z5s/ZvGfL3/M4j9//pjFf4H8MYv/gvljFv9v549Z/L+TP2bxXyh/zOL/3fwxi//C+WMW/+/lj1n8v58/ZvFfJH/M4r9o/pjFf7H8MYv/4vljFv8l8scs/kvmj1n8f5A/ZvFfKn/M4v/D/DGL/4/yxyz+S+ePWfyXyR+z+C+bP2bxXy5/zOL/4/wxi//y+WMW/xXyxyz+P8kfs/ivmD9m8V8pf8ziv3L+mMV/lfwxi/+q+WMW/9Xyxyz+q+ePWfx/mj9m8V8jf8ziv2b+mMV/rfwxi//a+WMW/3Xyxyz+6+aPWfx/lj9m8V8vf8ziv37+mMV/g/wxi//P88cs/hvmj1n8f5E/ZvHfKH/M4r9x/pjFf5P8MYv/L/PHLP6/yh+z+G+aP2bx3yx/zOK/ef6YxX+L/DGL/5b5Yxb/rfLHLP5b549Z/LfJH7P4b5s/ZvHfLn/M4v/r/DGL/2/yxyz+2+ePWfx3yB+z+O+YP2bx3yl/zOL/2/wxi//v8scs/r/PH7P475w/ZvHfJX/M4v+H/DGL/x/zxyz+u+aPWfz/lD9m8d8tf8ziv3v+mMV/j/wxi/+f88cs/n/JH7P475k/ZvHfK3/M4r93/pjFf5/8MYv/vvljFv/98scs/vvnj1n8D8gfs/gfmD9m8T8of8zif3D+mMX/kPwxi/+h+WMW/8Pyxyz+h+ePWfyPyB+z+B+ZP2bxPyp/zOJ/dP6Yxf+Y/DGL/7H5Yxb/4/LHLP7H549Z/E/IH7P4n5g/ZvE/KX/M4n9y/pjF/5T8MYv/qfljFv/T8scs/qfnj1n8z8gfs/ifmT9m8T8rf8zif3b+mMX/nPwxi/+5+WMW//Pyxyz+5+ePWfwvyB+z+F+YP2bxvyh/zOJ/cf6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/K/IH7P4/zV/zOJ/Zf6Yxf+q/DGL/9X5Yxb/a/LHLP7X5o9Z/K/LH7P4X58/ZvG/IX/M4n9j/pjF/6b8MYv/zfljFv9b8scs/rfmj1n8b8sfs/jfnj9m8b8jf8zif2f+mMX/rvwxi//d+WMW/3vyxyz+9+aPWfzvyx+z+N+fP2bxfyB/zOL/YP6Yxf+h/DGL/8P5Yxb/R/LHLP6P5o9Z/B/LH7P4P54/ZvF/In/M4v9k/pjF/6n8MYP/oMEDIz6dP2bwH7L9P5M/ZvF/Nn/M4v9c/pjF//n8MYv/C/ljFv8X88cs/i/lj1n8X84fs/i/kj9m8X81f8zi/1r+mMX/9fwxi/8b+WMW/zfzxyz+b+WPWfzfzh+z+L+TPybxH2kgf8ziPyh/zOI/TP6YxX/Y/DGL/+D8MYv/cPljFv/h88cs/iPkj1n8R8wfs/iPlD9m8R85f8ziP0r+mMV/1Pwxi/9o+WMW/9Hzxyz+Y+SPWfzHzB+z+I+VP2bxHzt/zOL/qfwxi/84+WMW/3Hzxyz+n84fs/iPlz9m8R8/f8zi/5n8MYv/BPljFv/P5o9Z/CfMH7P4T5Q/ZvGfOH/M4j9J/pjFf9L8MYv/5/LHLP6T5Y9Z/CfPH7P4T5E/ZvGfMn/M4j9V/pjF//P5Yxb/qfPHLP5fyB+z+H8xf8zi/6X8MYv/l/PHLP5fyR+z+H81f8ziP03+mMV/2oGBzT+pIf07Z/Gfru0fs/hPnz9m8Z8hf8ziP2P+mMX/a/ljFv+Z8scs/jPnj1n8Z8kfs/jPmj9m8f96/pjFf7b8MYv/N/LHLP7fzB+z+M+eP2bx/1b+mMV/jvwxi/+c+WMW/7nyxyz+c+ePWfznyR+z+M+bP2bxny9/zOI/f/6YxX+B/DGL/4L5Yxb/b+ePWfy/kz9m8V8of8zi/938MYv/wvljFv/v5Y9Z/L+fP2bxXyR/zOK/aP6YxX+x/DGL/+L5Yxb/JfLHLP5L5o9Z/H+QP2bxXyp/zOL/w/wxi/+P8scs/kvnj1n8l8kfs/gvmz9m8V8uf8zi/+P8MYv/8vljFv8V8scs/j/JH7P4r5g/ZvFfKX/M4r9y/pjFf5X8MYv/qvljFv/V8scs/qvnj1n8f5o/ZvFfI3/M4r9m/pjFf638MYv/2vljFv918scs/uvmj1n8f5Y/ZvFfL3/M4r9+/pjFf4P8MYv/z/PHLP4b5o9Z/H+RP2bx3yh/zOK/cf6YxX+T/DGL/y/zxyz+v8ofs/hvmj9m8d8sf8ziv3n+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfy3yR+z+G+bP2bx3y5/zOL/6/wxi/9v8scs/tvnj1n8d8gfs/jvmD9m8d8pf8zi/9v8MYv/7/LHLP6/zx+z+O+cP2bx3yV/zOL/h/wxi/8f88cs/rvmj1n8/5Q/ZvHfLX/M4r97/pjFf4/8MYv/n/PHLP5/yR+z+O+ZP2bx3yt/zOK/d/6YxX+f/DGL/775Yxb//fLHLP77549Z/A/IH7P4H5g/ZvE/KH/M4n9w/pjF/5D8MYv/ofljFv/D8scs/ofnj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/mPwxi/+x+WMW/+Pyxyz+x+ePWfxPyB+z+J+YP2bxPyl/zOJ/cv6Yxf+U/DGL/6n5Yxb/0/LHLP6n549Z/M/IH7P4n5k/ZvE/K3/M4n92/pjF/5z8MYv/ufljFv/z8scs/ufnj1n8L8gfs/hfmD9m8b8of8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+z+P81f8zif2X+mMX/qvwxi//V+WMW/2vyxyz+1+aPWfyvyx+z+F+fP2bxvyF/zOJ/Y/6Yxf+m/DGL/835Yxb/W/LHLP635o9Z/G/LH7P4354/ZvG/I3/M4n9n/pjF/678MYv/3fljFv978scs/vfmj1n878sfs/jfnz9m8X8gf8zi/2D+mMX/ofwxi//D+WMW/0fyxyz+j+aPWfwfyx+z+D+eP2bxfyJ/zOL/ZP6Yxf+p/DGL/9P5Yxb/Z/LHLP7P5o9Z/J/LH7P4P58/ZvF/IX/M4v9i/pjF/6X8MYv/y/ljFv9X8scs/q/mj1n8X8sfs/i/nj9m8X8jf8zi/2b+mMX/rfwxi//b+WMW/3fyxyT+Iw/kj1n8B+WPWfyHyR+z+A+bP2bxH5w/ZvEfLn/M4j98/pjFf4T8MYv/iPljFv+R8scs/iPnj1n8R8kfs/iPmj9m8R8tf8ziP3r+mMV/jPwxi/+Y+WMW/7Hyxyz+Y+ePWfw/lT9m8R8nf8ziP27+mMX/0/ljFv/x8scs/uPnj1n8P5M/ZvGfIH/M4v/Z/DGL/4T5Yxb/ifLHLP4T549Z/CfJH7P4T5o/ZvH/XP6YxX+y/DGL/+T5Yxb/KfLHLP5T5o9Z/KfKH7P4fz5/zOI/df6Yxf8L+WMW/y/mj1n8v5Q/ZvH/cv6Yxf8r+WMW/6/mj1n8p8kfs/hPmz9m8Z8uf8ziP33+mMV/hvwxi/+M+WMW/6/lj1n8Z8ofs/jPnD9m8Z8lf8ziP2v+mMX/6/ljFv/Z8scs/t/IH7P4fzN/zOI/e/6Yxf9b+WMW/znyxyz+c+aPWfznyh+z+M+dP2bxnyd/zOI/b/6YxX++/DGL//z5Yxb/BfLHLP4L5o9Z/L+dP2bx/07+mMV/ofwxi/9388cs/gvnj1n8v5c/ZvH/fv6YxX+R/DGL/6L5Yxb/xfLHLP6L549Z/JfIH7P4L5k/ZvH/Qf6YxX+p/DGL/w/zxyz+P8ofs/gvnT9m8V8mf8ziv2z+mMV/ufwxi/+P88cs/svnj1n8V8gfs/j/JH/M4r9i/pjFf6X8MYv/yvljFv9V8scs/qvmj1n8V8sfs/ivnj9m8f9p/pjFf438MYv/mvljFv+18scs/mvnj1n818kfs/ivmz9m8f9Z/pjFf738MYv/+vljFv8N8scs/j/PH7P4b5g/ZvH/Rf6YxX+j/DGL/8b5Yxb/TfLHLP6/zB+z+P8qf8ziv2n+mMV/s/wxi//m+WMW/y3yxyz+W+aPWfy3yh+z+G+dP2bx3yZ/zOK/bf6YxX+7/DGL/6/zxyz+v8kfs/hvnz9m8d8hf8ziv2P+mMV/p/wxi/9v88cs/r/LH7P4/z5/zOK/c/6YxX+X/DGL/x/yxyz+f8wfs/jvmj9m8f9T/pjFf7f8MYv/7vljFv898scs/n/OH7P4/yV/zOK/Z/6YxX+v/DGL/975Yxb/ffLHLP775o9Z/PfLH7P4758/ZvE/IH/M4n9g/pjF/6D8MYv/wfljFv9D8scs/ofmj1n8D8sfs/gfnj9m8T8if8zif2T+mMX/qPwxi//R+WMW/2Pyxyz+x+aPWfyPyx+z+B+fP2bxPyF/zOJ/Yv6Yxf+k/DGL/8n5Yxb/U/LHLP6n5o9Z/E/LH7P4n54/ZvE/I3/M4n9m/pjF/6z8MYv/2fljFv9z8scs/ufmj1n8z8sfs/ifnz9m8b8gf8zif2H+mMX/ovwxi//F+WMW/0vyxyz+l+aPWfwvyx+z+F+eP2bxvyJ/zOL/1/wxi/+V+WMW/6vyxyz+V+ePWfyvyR+z+F+bP2bxvy5/zOJ/ff6Yxf+G/DGL/435Yxb/m/LHLP43549Z/G/JH7P435o/ZvG/LX/M4n97/pjF/478MYv/nfljFv+78scs/nfnj1n878kfs/jfmz9m8b8vf8zif3/+mMX/gfwxi/+D+WMW/4fyxyz+D+ePWfwfyR+z+D+aP2bxfyx/zOL/eP6Yxf+J/DGL/5P5Yxb/p/LHLP5P549Z/J/JH7P4P5s/ZvF/Ln/M4v98/pjF/4X8MYv/i/ljFv+X8scs/i/nj1n8X8kfs/i/mj9m8X8tf8zi/3r+mMX/jfwxi/+b+WMW/7fyxyz+b+ePWfzfyR+T+I8ykD9m8R+UP2bxHyZ/zOI/bP6YxX9w/pjFf7j8MYv/8PljFv8R8scs/iPmj1n8R8ofs/iPnD9m8R8lf8ziP2r+mMV/tPwxi//o+WMW/zHyxyz+Y+aPWfzHyh+z+I+dP2bx/1T+mMV/nPwxi/+4+WMW/0/nj1n8x8sfs/iPnz9m8f9M/pjFf4L8MYv/Z/PHLP4T5o9Z/CfKH7P4T5w/ZvGfJH/M4j9p/pjF/3P5Yxb/yfLHLP6T549Z/KfIH7P4T5k/ZvGfKn/M4v/5/DGL/9T5Yxb/L+SPWfy/mD9m8f9S/pjF/8v5Yxb/r+SPWfy/mj9m8Z8mf8ziP23+mMV/uvwxi//0+WMW/xnyxyz+M+aPWfy/lj9m8Z8pf8ziP3P+mMV/lvwxi/+s+WMW/6/nj1n8Z8sfs/h/I3/M4v/N/DGL/+z5Yxb/b+WPWfznyB+z+M+ZP2bxnyt/zOI/d/6YxX+e/DGL/7z5Yxb/+fLHLP7z549Z/BfIH7P4L5g/ZvH/dv6Yxf87+WMW/4Xyxyz+380fs/gvnD9m8f9e/pjF//v5Yxb/RfLHLP6L5o9Z/BfLH7P4L54/ZvFfIn/M4r9k/pjF/wf5Yxb/pfLHLP4/zB+z+P8of8ziv3T+mMV/mfwxi/+y+WMW/+Xyxyz+P84fs/gvnz9m8V8hf8zi/5P8MYv/ivljFv+V8scs/ivnj1n8V8kfs/ivmj9m8V8tf8ziv3r+mMX/p/ljFv818scs/mvmj1n818ofs/ivnT9m8V8nf8ziv27+mMX/Z/ljFv/18scs/uvnj1n8N8gfs/j/PH/M4r9h/pjF/xf5Yxb/jfLHLP4b549Z/DfJH7P4/zJ/zOL/q/wxi/+m+WMW/83yxyz+m+ePWfy3yB+z+G+ZP2bx3yp/zOK/df6YxX+b/DGL/7b5Yxb/7fLHLP6/zh+z+P8mf8ziv33+mMV/h/wxi/+O+WMW/53yxyz+v80fs/j/Ln/M4v/7/DGL/875Yxb/XfLHLP5/yB+z+P8xf8ziv2v+mMX/T/ljFv/d8scs/rvnj1n898gfs/j/OX/M4v+X/DGL/575Yxb/vfLHLP57549Z/PfJH7P475s/ZvHfL3/M4r9//pjF/4D8MYv/gfljFv+D8scs/gfnj1n8D8kfs/gfmj9m8T8sf8zif3j+mMX/iPwxi/+R+WMW/6Pyxyz+R+ePWfyPyR+z+B+bP2bxPy5/zOJ/fP6Yxf+E/DGL/4n5Yxb/k/LHLP4n549Z/E/JH7P4n5o/ZvE/LX/M4n96/pjF/4z8MYv/mflj7/sPjDgw8J/sf1b+mGX7Pzt/zOJ/Tv6Yxf/c/DGL/3n5Yxb/8/PHLP4X5I9Z/C/MH7P4X5Q/ZvG/OH/M4n9J/pjF/9L8MYv/ZfljFv/L88cs/lfkj1n8/5o/ZvG/Mn/M4n9V/pjF/+r8MYv/NfljFv9r88cs/tflj1n8r88fs/jfkD9m8b8xf8zif1P+mMX/5vwxi/8t+WMW/1vzxyz+t+WPWfxvzx+z+N+RP2bxvzN/zOJ/V/6Yxf/u/DGL/z35Yxb/e/PHLP735Y9Z/O/PH7P4P5A/ZvF/MH/M4v9Q/pjF/+H8MYv/I/ljFv9H88cs/o/ljzn8k/+oHP4DozzRWoBZ/J/MH7P4P5U/ZvF/On/M4v9M/pjF/9n8MYv/c/ljFv/n88cs/i/kj1n8X8wfs/i/lD9m8X85f8zi/0r+mMX/1fwxi/9r+WMW/9fzxyz+b+SPWfzfzB+z+L+VP2bxfzt/zOL/Tv6YxH/Ugfwxi/+g/DGL/zD5Yxb/YfPHLP6D88cs/sPlj1n8h88fs/iPkD9m8R8xf8ziP1L+mMV/5Pwxi/8o+WMW/1Hzxyz+o+WPWfxHzx+z+I+RP2bxHzN/zOI/Vv6YxX/s/DGL/6fyxyz+4+SPWfzHzR+z+H86f8ziP17+mMV//Pwxi/9n8scs/hPkj1n8P5s/ZvGfMH/M4j9R/pjFf+L8MYv/JPljFv9J88cs/p/LH7P4T5Y/ZvGfPH/M4j9F/pjFf8r8MYv/VPljFv/P549Z/KfOH7P4fyF/zOL/xfwxi/+X8scs/l/OH7P4fyV/zOL/1fwxi/80+WMW/2nzxyz+0+WPWfynzx+z+M+QP2bxnzF/zOL/tfwxi/9M+WMW/5nzxyz+s+SPWfxnzR+z+H89f8ziP1v+mMX/G/ljFv9v5o9Z/GfPH7P4fyt/zOI/R/6YxX/O/DGL/1z5Yxb/ufPHLP7z5I9Z/OfNH7P4z5c/ZvGfP3/M4r9A/pjFf8H8MYv/t/PHLP7fyR+z+C+UP2bx/27+mMV/4fwxi//38scs/t/PH7P4L5I/ZvFfNH/M4r9Y/pjFf/H8MYv/EvljFv8l88cs/j/IH7P4L5U/ZvH/Yf6Yxf9H+WMW/6Xzxyz+y+SPWfyXzR+z+C+XP2bx/3H+mMV/+fwxi/8K+WMW/5/kj1n8V8wfs/ivZPT/F+6wxX9lo/+/kMV/lfwxi/+q+WMW/9Xyxyz+q+ePWfx/mj9m8V8jf8ziv2b+mMV/rfwxi//a+WMW/3Xyxyz+6+aPWfx/lj9m8V8vf8ziv37+mMV/g/wxi//P88cs/hvmj1n8f5E/ZvHfKH/M4r9x/pjFf5P8MYv/L/PHLP6/yh+z+G+aP2bx3yx/zOK/ef6YxX+L/DGL/5b5Yxb/rfLHLP5b549Z/LfJH7P4b5s/ZvHfLn/M4v/r/DGL/2/yxyz+2+ePWfx3yB+z+O+YP2bx3yl/zOL/2/wxi//v8scs/r/PH7P475w/ZvHfJX/M4v+H/DGL/x/zxyz+u+aPWfz/lD9m8d8tf8ziv3v+mMV/j/wxi/+f88cs/n/JH7P475k/ZvHfK3/M4r93/pjFf5/8MYv/vvljFv/98scs/vvnj1n8D8gfs/gfmD9m8T8of8zif3D+mMX/kPwxi/+h+WMW/8Pyxyz+h+ePWfyPyB+z+B+ZP2bxPyp/zOJ/dP6Yxf+Y/DGL/7H5Yxb/4/LHLP7H549Z/E/IH7P4n5g/ZvE/KX/M4n9y/pjF/5T8MYv/qfljFv/T8scs/qfnj1n8z8gfs/ifmT9m8T8rf8zif3b+mMX/nPwxi/+5+WMW//Pyxyz+5+ePWfwvyB+z+F+YP2bxvyh/zOJ/cf6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/K/IH7P4/zV/zOJ/Zf6Yxf+q/DGL/9X5Yxb/a/LHLP7X5o9Z/K/LH7P4X58/ZvG/IX/M4n9j/pjF/6b8MYv/zfljFv9b8scs/rfmj1n8b8sfs/jfnj9m8b8jf8zif2f+mMX/rvwxi//d+WMW/3vyxyz+9+aPWfzvyx+z+N+fP2bxfyB/zOL/YP6Yxf+h/DGL/8P5Yxb/R/LHLP6P5o9Z/B/LH7P4P54/ZvF/In/M4v9k/pjF/6n8MYv/0/ljFv9n8scs/s/mj1n8n8sfs/g/nz9m8X8hf8zi/2L+mMX/pfwxi//L+WMW/1fyxyz+r+aPWfxfyx+z+L+eP2bxfyN/zOL/Zv6Yxf+t/DGL/9v5Yxb/d/LHJP6jDeSPWfwH5Y9Z/IfJH7P4D5s/ZvEfnD9m8R8uf8ziP3z+mMV/hPwxi/+I+WMW/5Hyxyz+I+ePWfxHyR+z+I+aP2bxHy1/zOI/ev6YxX+M/DGL/5j5Yxb/sfLHLP5j549Z/D+VP2bxHyd/zOI/bv6Yxf/T+WMW//Hyxyz+4+ePWfw/kz9m8Z8gf8zi/9n8MYv/hPljFv+J8scs/hPnj1n8J8kfs/hPmj9m8f9c/pjFf7L8MYv/5PljFv8p8scs/lPmj1n8p8ofs/h/Pn/M4j91/pjF/wv5Yxb/L+aPWfy/lD9m8f9y/pjF/yv5Yxb/r+aPWfynyR+z+E+bP2bxny5/zOI/ff6YxX+G/DGL/4z5Yxb/r+WPWfxnyh+z+M+cP2bxnyV/7B/8h1425ic8pv9PfYT/rPljlu3/6/ljFv/Z8scs/t/IH7P4fzN/zOI/e/6Yxf9b+WMW/znyxyz+c+aPWfznyh+z+M+dP2bxnyd/zOI/b/6YxX++/DGL//z5Yxb/BfLHLP4L5o9Z/L+dP2bx/07+mMV/ofwxi/9388cs/gvnj1n8v5c/ZvH/fv6YxX+R/DGL/6L5Yxb/xfLHLP6L549Z/JfIH7P4L5k/ZvH/Qf6YxX+p/DGL/w/zxyz+P8ofs/gvnT9m8V8mf8ziv2z+mMV/ufwxi/+P88cs/svnj1n8V8gfs/j/JH/M4r9i/pjFf6X8MYv/yvljFv9V8scs/qvmj1n8V8sfs/ivnj9m8f9p/pjFf438MYv/mvljFv+18scs/mvnj1n818kfs/ivmz9m8f9Z/pjFf738MYv/+vljFv8N8scs/j/PH7P4b5g/ZvH/Rf6YxX+j/DGL/8b5Yxb/TfLHLP6/zB+z+P8qf8ziv2n+mMV/s/wxi//m+WMW/y3yxyz+W+aPWfy3yh+z+G+dP2bx3yZ/zOK/bf6YxX+7/DGL/6/zxyz+v8kfs/hvnz9m8d8hf8ziv2P+mMV/p/wxi/9v88cs/r/LH7P4/z5/zOK/c/6YxX+X/LH/VP8RP+T/h/yx/1T/gQ/5/zF/zOK/a/6Yxf9P+WMW/93yxyz+u+ePWfz3yB+z+P85f8zi/5f8MYv/nvljFv+98scs/nvnj1n898kfs/jvmz9m8d8vf8ziv3/+mMX/gPwxi/+B+WMW/4Pyxyz+B+ePWfwPyR+z+B+aP2bxPyx/zOJ/eP6Yxf+I/DGL/5H5Yxb/o/LHLP5H549Z/I/JH7P4H5s/ZvE/Ln/M4n98/pjF/4T8MYv/ifljFv+T8scs/ifnj1n8T8kfs/ifmj9m8T8tf8zif3r+mMX/jPwxi/+Z+WMW/7Pyxyz+Z+ePWfzPyR+z+J+bP2bxPy9/zOJ/fv6Yxf+C/DGL/4X5Yxb/i/LHLP4X549Z/C/JH7P4X5o/ZvG/LH/M4n95/pjF/4r8MYv/X/PHLP5X5o9Z/K/KH7P4X50/ZvG/Jn/M4n9t/pjF/7r8MYv/9fljFv8b8scs/jfmj1n8b8ofs/jfnD9m8b8lf8zif2v+mMX/tvwxi//t+WMW/zvyxyz+d+aPWfzvyh+z+N+dP2bxvyd/zOJ/b/6Yxf++/DGL//35Yxb/B/LHLP4P5o9Z/B/KH7P4P5w/ZvF/5MP+W/wvj+vfNIv/o23/mMX/sfwxi//j+WMW/yfyxyz+T+aPWfyfyh+z+D+dP2bxfyZ/zOL/bP6Yxf+5/DGL//P5Yxb/F/LHLP4v5o9Z/F/KH7P4v5w/ZvF/JX/M4v9q/pjF/7X8MYv/6/ljFv838scs/m/mj1n838ofs/i/nT9m8X8nf0ziP/pA/pjFf1D+mMV/mPwxi/+w+WMW/8H5Yxb/4fLHLP7D549Z/EfIH7P4j5g/ZvEfKX/M4j9y/pjFf5T8MYv/qPljFv/R8scs/qPnj1n8x8gfs/iPmT9m8R8rf8ziP3b+mMX/U/ljFv9x8scs/uPmj1n8P50/ZvEfL3/M4j9+/pjF/zP5Yxb/CfLHLP6fzR+z+E+YP2bxnyh/zOI/cf6YxX+S/DGL/6T5Yxb/z+WPWfwnyx+z+E+eP2bxnyJ/zOI/Zf6YxX+q/DGL/+fzxyz+U+ePWfy/kD9m8f9i/pjF/0v5Yxb/L+ePWfy/kj9m8f9q/pjFf5r8MYv/tPljFv/p8scs/tPnj1n8Z8gfs/jPmD9m8f9a/pjFf6b8MYv/zPljFv9Z8scs/rPmj1n8v54/ZvGfLX/M4v+N/DGL/zfzxyz+s+ePWfy/lT9m8Z8jf8ziP2f+mMV/rvwxi//c+WMW/3nyxyz+8+aPWfznyx+z+M+fP2bxXyB/zOK/YP6Yxf/b+WMW/+/kj1n8F8ofs/h/N3/M4r9w/pjF/3v5Yxb/7+ePWfwXyR+z+C+aP2bxXyx/zOK/eP6YxX+J/DGL/5L5Yxb/H+SPWfyXyh+z+P8wf8zi/6P8MYv/0vljFv9l8scs/svmj1n8l8sfs/j/OH/M4r98/pjFf4X8MYv/T/LHLP4r5o9Z/FfKH7P4r5w/ZvFfJX/M4r9q/pjFf7X8MYv/6vljFv+f5o9Z/NfIH7P4r5k/ZvFfK3/M4r92/pjFf538MYv/uvljFv+f5Y9Z/NfLH7P4r58/ZvHfIH/M4v/z/DGL/4b5Yxb/X+SPWfw3yh+z+G+cP2bx3yR/zOL/y/wxi/+v8scs/pvmj1n8N8sfs/hvnj9m8d8if8ziv2X+mMV/q/wxi//W+WMW/23yxyz+2+aPWfy3yx+z+P86f8zi/5v8MYv/9vljFv8d8scs/jvmj1n8d8ofs/j/Nn/M4v+7/DGL/+/zxyz+O+ePWfx3yR+z+P8hf8zi/8f8MYv/rvljFv8/5Y9Z/HfLH7P4754/ZvHfI3/M4v/n/DGL/1/yxyz+e+aPWfz3yh+z+O+dP2bx3yd/zOK/b/6YxX+//DGL//75Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bxPyV/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/hfmj1n8L8ofs/hfnD9m8b8kf8zif2n+mMX/svwxi//l+WMW/yvyxyz+f80fs/hfmT9m8b8qf8zif3X+mMX/mvwxi/+1+WMW/+vyxyz+1+ePWfxvyB+z+N+YP2bxvyl/zOJ/c/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/O/IH7P435k/ZvG/K3/M4n93/pjF/578MYv/vfljFv/78scs/vfnj1n8H8gfs/g/mD9m8X8of8zi/3D+mMX/kfwxi/+j+WMW/8fyxyz+j+ePWfyfyB+z+D+ZP2bxfyp/zOL/dP6Yxf+Z/DGL/7P5Yxb/5/LHLP7P549Z/F/IH7P4v5g/ZvF/KX/M4v9y/pjF/5X8MYv/q/ljFv/X8scs/q/nj1n838gfs/i/mT9m8X8rf8zi/3b+mMX/nfwxif8YA/ljFv9B+WMW/2Hyxyz+w+aPWfwH549Z/IfLH7P4D58/ZvEfIX/M4j9i/pjFf6T8MYv/yPljFv9R8scs/qPmj1n8R8sfs/iPnj9m8R8jf8ziP2b+mMV/rPwxi//Y+WMW/0/lj1n8x8kfs/iPmz9m8f90/pjFf7z8MYv/+PljFv/P5I9Z/CfIH7P4fzZ/zOI/Yf6YxX+i/DGL/8T5Yxb/SfLHLP6T5o9Z/D+X//+PnbsP97qu7zj+454sZ592Xeo122UXGnNtRiKjUQtRUTzenDLRzHuEw01yIzcSYApstFLHpkvdLNjEwjFnq5Y43Fx3KxqWNVsjtlY5xbUwxhwsMmfsOnAOwdnbc+182ffr8v14/ME5v9/x/Ut5Xi9/Py+uq1CW/sP0D2Xpf5z+oSz9j9c/lKX/a/UPZek/XP9Qlv6/oH8oS/8T9A9l6f+L+oey9H+d/qEs/X9J/1CW/r+sfyhL/xP1D2Xp/3r9Q1n6j9A/lKX/G/QPZel/kv6hLP1H6h/K0v9k/UNZ+o/SP5Sl/6/oH8rSf7T+oSz936h/KEv/X9U/lKX/GP1DWfq/Sf9Qlv5v1j+Upf+v6R/K0v8t+oey9B+rfyhL/1P0D2XpP07/UJb+p+ofytL/NP1DWfqfrn8oS//x+oey9D9D/1CW/mfqH8rSf4L+oSz9z9I/lKV/m/6hLP3P1j+Upf85+oey9D9X/1CW/ufpH8rSv13/UJb+b9U/lKX/2/QPZel/vv6hLP3frn8oS/8L9A9l6T9R/1CW/hfqH8rS/yL9Q1n6v0P/UJb+F+sfytL/nfqHsvS/RP9Qlv6X6h/K0v8y/UNZ+l+ufyhL/yv0D2Xpf6X+oSz9r9I/lKX/JP1DWfpfrX8oS//J+oey9J+ifyhL/w79Q1n6T9U/lKX/NP1DWfpP1z+Upf8M/UNZ+r9L/1CW/tfoH8rSf6b+oSz9Z+kfytJ/tv6hLP3n6B/K0v9a/UNZ+s/VP5Sl/zz9Q1n6z9c/lKX/Av1DWfpfp38oS/+F+oey9H+3/qEs/RfpH8rSf7H+oSz9l+gfytL/ev1DWfq/R/9Qlv436B/K0v9G/UNZ+i/VP5Sl/zL9Q1n6L9c/lKX/r+sfytL/N/QPZem/Qv9Qlv7v1T+Upf9v6h/K0v99+oey9H+//qEs/W/SP5Sl/836h7L0v0X/UJb+v6V/KEv/lfqHsvT/bf1DWfr/jv6hLP1v1T+Upf9t+oey9P9d/UNZ+n9A/1CW/rfrH8rS/w79Q1n636l/KEv/39M/lKX/7+sfytL/Lv1DWfp/UP9Qlv4f0j+Upf8q/UNZ+q/WP5Sl/x/oH8rS/w/1D2Xpf7f+oSz91+gfytL/Hv1DWfp/WP9Qlv4f0T+Upf9a/UNZ+t+rfyhL/z/SP5Sl/zr9Q1n6/7H+oSz979M/lKX/n+gfytL/fv1DWfp/VP9Qlv5/qn8oS/+P6R/K0v/j+oey9P+E/qEs/f9M/1CW/p/UP5Sl/wP6h7L0X69/KEv/B/UPZen/5/qHsvTfoH8oS/+H9A9l6f8X+oey9P9L/UNZ+j+sfyhL/7/SP5Sl/6f0D2Xp/2n9Q1n6f0b/UJb+n9U/lKX/5/QPZen/1/qHsvT/vP6hLP2/oH8oS/+N+oey9P+i/qEs/f9G/1CW/pv0D2Xp/4j+oSz9v6R/KEv/L+sfytL/Uf1DWfp/Rf9Qlv5f1T+Upf/f6h/K0v8x/UNZ+n9N/1CW/n+nfyhL/6/rH8rS/+/1D2Xpv1n/UJb+39A/lKX/Fv1DWfr/g/6hLP3/Uf9Qlv7f1D+Upf8/6R/K0v9b+oey9P+2/qEs/b+jfyhL/8f1D2Xp/8/6h7L0f0L/UJb+T+ofytJ/q/6hLP2f0j+Upf+/6B/K0v+7+oey9P9X/UNZ+n9P/1CW/tv0D2Xp/7T+oSz9v69/KEv/7fqHsvT/N/1DWfrv0D+Upf+/6x/K0v8Z/UNZ+v+H/qEs/XfqH8rSf5f+oSz9/1P/UJb+P9A/lKX/bv1DWfr/UP9Qlv7P6h/K0v9H+oey9H9O/1CW/v+lfyhL/+f1D2Xp/2P9Q1n679E/lKT/K1v6h7L076d/KEv//vqHsvQfoH8oS/+B+oey9B+kfyhL/8H6h7L0H6J/KEv/ofqHsvR/mf6hLP0P0z+Upf/L9Q9l6f8K/UNZ+h+ufyhL/5/RP5Sl/xH6h15y/QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6/mb94yTWTZs7smOcb3/jGN/u/ebH/zQQAAPxf+8mH/hf77wQAAAAAAAAAAAAAAAAAAADyauL/TuzF/mcEAAAAAAAAAAAAAICfdm3tp24f0O+gpwYc+ODnH+3Y+3XU7ounr137YOn+2vXjc4KX7H/ggz179uxZ/czY8V0Ph7Rarc7/tVd2PR7a87jz9Zcdu+rofY/KuM/f+fgVEw8/d9762wZ+Y/Ut7U8P2vvsoNZVU2fM7HhD/1arnD6otajzwUn9Wq1y5qDWrZ0PRnY+mDCota7zwcl7H7ys9ZnOB6+fPGfmlM4nzqr8ewYvFW3ty1oDDlps66B/Gxy4/2XHPjG9+2svL9n9agNbXfsftv5LR/X4WbcX2H/365dTe+6/z/+AwAvq2/6f3dL9tZeX/B/v/x/etHtJ9LMX3n/365fT7B/qE3z+P2ijPT/39/j8/5rgJfffnzJ00+2d+2+78L5Xdz018H/z+f8nr19O77n//gd9/u/8HD+++/P/kFarnHGIvx2QSlv78u29vf/3vv+BP9fjpt+B+7/nK1tf0bn/e59rreh6alAf9z++t/f/m3r8vQJ909a+Zk+P9/8+7L81PHjJ/fvftv7wvZ//t94/+cgDftaX/Z/Rc/8jFsy6dsT8xUtOnDFr0rSOaR2zx4wcfdKoMWNGjx6x9xPBvl8P8TcFkji09//WYT1u+rVaHfvvN953y/jO/e94aMVHup4a2sf9n9nr+/9rvP9DaFj/1uDBrUWTFiyYd9K+X7sfjtz3676/LNh/H/77/7gTuv6y7j8z7NdqHb3/fvgVY4Z07v/6uWVD11OD+7j/Cb3uf9zBf1YJ9M0hvv9P6XFz0P5P2Xbjws79H/+DV23teqqv//1/Vq/7v9v7PxyKtvZWrW+infs/ecjys6tdlzZ//gf1aWL/x+68dVe163K2/UN9mtj/xJVvvrradTnH/qE+Tez/wVlXrqx2Xc61f6hPE/t//md3HVPtupxn/1CfJvb/2HefWlvturTbP9Snif1/8K72k6tdl7faP9Snif2feN0Px1a7Lm+zf6hPE/uf+vIL1lW7LufbP9Snif2fvee0I6tdl7fbP9Snif33W/69ZdWuywX2D/VpYv9PTlo5p9p1mWj/UJ8m9r/u2OHPVrsuF9o/1KeJ/a94+o0Tql2Xi+wf6tPE/r96x6rHql2Xd9g/1KeJ/X/isletqnZdLrZ/qE8T+//RsIcOq3Zd3mn/UJ8m9r9587oHql2XS+wf6tPE/levGzCs2nW51P6hPk3sf+lZ0x6tdl0us3+oTxP7HzX6y5dWuy6X2z/Up4n9H/25bz1V7bpcYf9Qnyb2f8HDC+dXuy5X2j/Up4n9Lzzm4z+udl2usn+oTxP7f0vHMdOrXZdJ9g/1aWL/5bbDNle7LlfbP9Snif1fsmPNuGrXZbL9Q32a2P+GI77wsWrXZYr9Q32a2P/OubPHVLsuHfYP9Wli/99579L3VbsuU+0f6tPE/m9/7uul2nWZZv9Qnyb2v23kJZdVuy7T7R/q08T+15z7zCPVrssM+4f6NLH/lRseX1DturzL/qE+Tex/48Zznqh2Xa6xf6hPE/s/fviIw6tdl5n2D/VpYv9zLl7xoWrXZZb9Q32a2P/p99/x2mrXZbb9Q32a2P/Qr439ZLXrMsf+oT5N7P/TY9//qWrX5Vr7h/o0sf9d4447odp1mWv/UJ8m9r/lgZF3Vrsu8+wf6tPE/j/wyF0Vr8t8+4f6NLH/ua97fke167LA/qE+Tez/TRMvWlztulxn/1CfJvZ/5N0Tvljtuiy0f6hPE/u//NvfP7/adXm3/UN9mtj/cUdd/epq12WR/UN9mtj/9Bmbbq52XRbbP9Snif2PX71lVLXrssT+oT5N7P+IJ+ffU+26XG//UJ8m9r99wFHnVbsu77F/qE8T+7/3hoe/We263GD/UJ8m9n/zTR/tqHZdbrR/qE8T+//s7sE7q12XpfYPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/zQ4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAPHAgAAAADC/K2D6N0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICjAAAA//8mu+jL")
r0 = open(&(0x7f00000000c0)='.\x00', 0x10000, 0x0)
getdents(r0, 0x0, 0x0)
r1 = open(&(0x7f0000000040)='.\x00', 0x0, 0x28)
fsync(r1)

1.417795429s ago: executing program 4 (id=1128):
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000500)=@raw={'raw\x00', 0x3c1, 0x3, 0x2a8, 0x0, 0x2b8, 0xb0000010, 0x0, 0x5c8f0200, 0x3b0, 0x3a8, 0x3a8, 0x3b0, 0x3a8, 0x3, 0x0, {[{{@ipv6={@remote, @mcast1, [], [0x0, 0xff000000], 'vlan1\x00', 'veth0_to_team\x00', {}, {}, 0x73, 0x0, 0x2}, 0x0, 0xa8, 0xc8, 0x700}, @unspec=@NOTRACK={0x20}}, {{@uncond, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x2, 0x7, 0x6e9a, 0x101, 'pptp\x00', 'syz0\x00', {0x2}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x308)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x24, &(0x7f0000000080)=0x1, 0x4)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f0000000040), 0x4e, 0x14322, 0x0)

1.257029105s ago: executing program 4 (id=1130):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vxcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f0000000340)={0x1d, r1, 0x0, {0x1, 0x0, 0x4}, 0x2}, 0x18)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$can_j1939(r0, &(0x7f0000000400)={&(0x7f0000000380)={0x1d, r1, 0x0, {0x0, 0x0, 0x1}, 0xff}, 0x18, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x0, 0x41}, 0x4000080)

1.045503013s ago: executing program 4 (id=1131):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000180)={{{@in=@rand_addr=0x64010102, @in6=@private2, 0x0, 0x0, 0x4e22, 0xc, 0x2, 0x0, 0x0, 0x89, 0x0, 0xee01}, {0x2e6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x800000000}, {0x0, 0x0, 0x0, 0x2000000002}}, {{@in=@loopback, 0x0, 0x33}, 0x0, @in=@broadcast, 0x0, 0x3, 0x1, 0x0, 0xfffffc01}}, 0xe8)
listen(r0, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)={@local, @broadcast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10}}}}}}, 0x0)

901.689902ms ago: executing program 0 (id=1132):
setresgid(0x0, 0xee00, 0x0)
r0 = semget$private(0x0, 0x1, 0xb9f)
semop(r0, &(0x7f0000000180)=[{0x0, 0x203}, {}], 0x2)
setresuid(0x0, 0xee01, 0xee00)
semctl$GETVAL(r0, 0x1, 0xc, 0x0)

851.616923ms ago: executing program 4 (id=1133):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r1=>0x0})
r2 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r2, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x5}})
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@dellink={0x20, 0x11, 0x1, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, 0x1480, 0x2104}}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x80)

549.876084ms ago: executing program 5 (id=1135):
r0 = socket(0xa, 0x1, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f00000001c0)={0x3, {{0xa, 0x4e24, 0x2, @mcast1, 0xff7ffffd}}, {{0xa, 0x4e08, 0x4a3, @local, 0x4f1}}}, 0x108)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f00000005c0)={0x3, {{0xa, 0x4e23, 0xc, @mcast1, 0xfffffff8}}, 0x0, 0x3, [{{0xa, 0x4e21, 0x3, @dev={0xfe, 0x80, '\x00', 0x16}, 0xf}}, {{0xa, 0x8001, 0x2, @loopback, 0x30000}}, {{0xa, 0x4e21, 0xb, @loopback, 0x2}}]}, 0x210)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000180)={0x3, {{0xa, 0x4e20, 0xa3f, @mcast1, 0xbfd}}, {{0xa, 0x4e24, 0x20, @loopback, 0xfffffe01}}}, 0x108)

499.518729ms ago: executing program 5 (id=1136):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x3, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffff0003}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_collapse_huge_page_isolate\x00', r0}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0x3, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffff0003, 0x0, 0x0, 0x0, 0xffffffff}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_collapse_huge_page_isolate\x00', r1}, 0x18)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)

417.264199ms ago: executing program 4 (id=1137):
r0 = io_uring_setup(0xf08, &(0x7f00000003c0)={0x0, 0xfb6e, 0x38c1, 0x4, 0xf0})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000000)={&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f000000c000/0x1000)=nil, &(0x7f000001f000/0x1000)=nil, &(0x7f0000015000/0x3000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f000000c000/0x4000)=nil, &(0x7f000001d000/0x3000)=nil, &(0x7f0000012000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0}, 0x68)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x80}, 0x4000080)
io_uring_register$IORING_REGISTER_FILES(r0, 0x20, &(0x7f0000000000)=[r0], 0x1)

399.34914ms ago: executing program 5 (id=1138):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000140)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000100)='%+9llu \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000900)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

289.807839ms ago: executing program 5 (id=1139):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x40, 0x0, 0x7, 0x100}, {0x6, 0x9, 0x0, 0x10001}]}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe80, 0x6000, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e088641100050e72210283ac141440e0", 0x0, 0x11, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x48)

289.364269ms ago: executing program 1 (id=1140):
r0 = syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000400)='./file3\x00', 0x2218448, &(0x7f00000003c0)=ANY=[], 0xfd, 0x1de, &(0x7f0000000440)="$eJzsljurE0EUx/8zk7vJFUWwtLHwggq6d3ejIsgF01hZCD6ChWAwa4iuBpIUJiAxn8DezsKPIWjrh5Boo02stF6Zx2YnIZt3iHDPrzj578zZ2fNYzgYEQRxbfnz/O4j/HP0sADiJA+TN+i+R+nDL/1vh95svd26X3z3++DU/cPennRnHiz8/B+BzSaA9unf87gPzex98pB+A45LRZTC4Rj8Bx0OjQzA8Mvq5pRvS33Wf1aPQfdqIqlJ40vjSBNIUJ+Mb9hmqVnzM2m91ui8qURQ2tyjm1W9Y4jhK4hPj+y50tJ5VPx8cvtFFMNwz+gbySW10Saz8z+bS/MXM/B0sleTNy8CSFZGhLPGIM6cyW+UAWK0xe5vrPd6aV3ab71CGEFAi6eiGThYZWwKbzUIOpjk+yO2gqmu9UdN7IWZ259MtfU+yEvf0tfI5ndHcuLdghA5WySudT/EHhgvW/NSj5L361MgWHrY63Sv1l5VaWAtfBUHxunfV864Fh2oQaTtj/u2r+XQiPX/qN0niMAevK+1209d2dB1oOzlxmYlv2Oe4eD5dcybOLSRiL13jypeNbRMEQfxPnANTM1nN5USYrwms/7p3dxgjQRAEQRAEQRAEQRDr8S8AAP//p+Y+dA==")
r1 = open(&(0x7f0000000340)='./file1\x00', 0x4000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
sendfile(r0, r1, 0x0, 0xcedd)

167.714614ms ago: executing program 1 (id=1141):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000795d6c08450c4a616dc4010203010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000400)={0x2c, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000800)={0x84, &(0x7f0000000280), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

161.757899ms ago: executing program 4 (id=1142):
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x80c406, &(0x7f0000000540)=ANY=[@ANYBLOB='dots,dots,dmask=000000000200000,nodots,discard,nfs=nostale_ro,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c646f733178666c6f70707900000000000000003030ffffffff303030303031373737373737373756c0f39fdb37372c004c0f1208ec0c34b7df4ba1c1e6b76697434db8574db9bcaef6a61a12c3f260bebc7ac5b1b11361119b83f1cf9f686b715b8e58fd37cea6623dc422c2ddbcefe94e5c255b5e8c90613e6b598b3b7a2c05de53dab7"], 0x1, 0x291, &(0x7f0000000280)="$eJzs3M9r034YwPGn6dZ0+7Ifpy/oxQe96CXMelQPVTYQC0q3inoQMpZpaG1HErQVwZw97e8YHr0J4j+w/8LbEGSnnYyszbKs+4Wza2f7fkHJkzz5tE8SUp5PId16uv66uupbq3YgRl7FEAllR2RWXNmTiZe5dpxLtsvdgoRyY+7N9sfFZ88fFkul+bLqQnHpVkFVp698ffv+09VvwX9PPk+bpmzOvtj6Wfi++f/mpa1fS69cX11f641AbV1uNAJ7ueboiutXLdXHNcf2HXXrvuMdyK/WGmtrLbXrK1OTa57j+2rXW2pIS4OG5uOq6mpZlk5N7sZ5GSG5Px5R2SiX7eK5FIMLw/OKdlZEJg7dDZWNwVQEAAAG6fj+30j22ev/je7+X+SU/v9DvNf0l573/1lJ+v+q0+7/A6+l9kvbTff/ONHZ+n/jfIrB38iEqZV7B1KeV5w4ehD9PwAAAAAAAAAAAAAAAAAAAAAA/4KdKJqJomhmd2mISBSvmyKSTa0fMXSknq0fVunrH6VeZnyBT7j+GAKpB/fyIj/CZqVZybSXnfzCg9L8nLalHvzbbjYr2SR/s5PXg/lxmYzzhSPzObl+rZPfzd1/VErn15uVCVk5sfKwV6cAAAAAAIChZ2liNtmYl2R+b1lqSne+PX/vROH+7wNd8/sxuTzWv+MAAAAAAADH81vvqnat5nj9CbJ9/KwzByJnG347MntSRlZETtmnvCgy+BN1KDDlQpQxzMGdnr1hlBHpbBmPvwy67gIAAAAAw2V/PjDoSgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGF39+OuyQR8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcFH8DgAA//8sg70h")
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000100)='.\x00', 0x10820, &(0x7f00000009c0)=ANY=[], 0x0, 0x0, &(0x7f0000000000))
sendmsg$NL80211_CMD_SET_BEACON(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000800)={0x804, 0x0, 0x8, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_PROBE_RESP={0x7e5, 0x91, "a9b77b100859444bb59d0f5cc998d143d5566ffeac21e46d7c08bbc3dca5ff274526182155c15b2f93b69deb6c1ee6e508cb8312f7cfe29d260e95ac3f5aa20a86d5349a87fd10e7c07df236f726569048c3cdf96121fa5587f75e35ed708fce157b023bb325467c2cd3464377130340708b032136656a0b58daefff3d590c88d3aa6269e3de6585f65308dbe499e78ab146ad950e0afc42a8f7537278efdaf0e95a7e2bd9861da4a079e0a1aee4536c72b2ab366e907420e0795ec54fc345925423439e6ff94f345da38c43e94ec672f32d6a7eed6bef923d08aded4531b6f391a5fcad53a7b47739308f2a8b1f8f9c87031e502847127b0772cea967f511fd829dd1f21ce5355d67c6d889f0a78924e8e417fbd16acf963821c72a55a2cc8895d71f1e1b6121d7b7e5af17219d804894396c4e45bd2e431ef3a6e12ca65cc9b14be16373c2102c79ca0d988a7f85aaa485a9724d840baea4ca3a90afdb65eb7f0efb1d658fe581e7e2ea46e9b213f13c6733d56c07b1961d7a27a052fe6105a47b0d947c1094c89e8559de59cd17c43203668bda9286295a0f93bc372ba9dff96f557842ed1a2c3a7c7bf332b20261f1fcc614e169c35446ee8c466a36098a64033b6792a67828ade84c6185d5fd3253c7148246debec02a7bac4d4acfa5503d16028284214e8b34247d045f99e4190833764471ec78a4ff499f9f38fe318938e069d47cd9fa848e135cd5cef01c12892353ea57beef617b1beb7ef7b454f4f1e48f137083977da01238ba9e693289d48eeeaf29b1c0c72dbbf1a9677c91e3318cb5ad24aef41cec65b58a7812018f59eee36f5a575d51bf9db8185708182f612095b1cc91cfc04bb4270429811e3a41ee0da83f49fd6189a2a6c7ece8da591754888896c737454dba6593bf38e469d0278e05635faebbd633319838fcd79e99669eee89ea7946a74d468be28dbbf2a2c668b79a3d42a12499b16864c18117ddf4377a3a28e5f0278c3103596d767915672572ccfdb1d0029de789bb915ed1dcb530f760ab63b414325790e631595796ebab118c8164f7828796f6f33a8ace73875f4fca8f90191ee0ea4d838c6aa43be416d864f1fadbfeedd8ac9814827035ccc2c2e3a6f24c04075fd5cdbd2747225c637c7f5f15d4864eff7dec555cc32fd13b4256dd29f9f8bce57dc9f61818e64fdcddf53729fb8fba0e1d808a10832c2be1ff548fb5c4189726a9c0e12c0113791c671c9b2807e112de7ca6f50ab411610d290a6021b44739bac7646c306e9383a2ce45c50b5638f39c92391c0295b5b28b01c7748b2786e3ccbb17bea67c2442d8eb7294991e11e1ddf56748793a009ee4ce467fbe2a840fdf9b1a77b2bd7f11c9a382ecbf036a4f2d8402bb721bf522fca18261c550555b7c4057d35690d442410a8ae6d5bec4a8ef8fbb8f1153c6eb64eefea7ad9e73fd7bc9a8f69b7bca3a9c40b98ee3d607aa2654848c16cfa8764ba97edc19a7c34a4e5e819646d638494f08a1a2671cc8b055a9a4730d655e25dee89eceeb49f804535f17d16e65f6a515ad2ecf822842985b1e7bfb7f51f9502358b7efbcb80feb90dc0d9c9c99a7801638bd44f030e003161d5e14d51ee5a28c8ceab319c9191acd7de6d87fdf42001036daca284e6f38e32143f55062fa4831c77d39e1f7bbee7e15a43aab5c849821e55924c64ac43ffc24c330ed089cb9f4a57d4155e4d238e507778682ba290e47241844e047cd2ad6cc83f5d1ca110799606ab9310dbed0e2ecbce625434383275f01301d9b8387f4b43d2e71f0f67330caf5032d7c0b0a33d21d7681b41a2fa3fe2b4148d2382566df8a2a0e797001b5d6699e7e0b6338ad80c2fb062b36cde818a72fad1c45aad40af0df67228c6941afb405567b4f20413bdbfecaa45009366b6902c56dd18ffa4799a19fe2ed55f5e03cbee8a0092de5deaae69fbb351028884ab1cabaa5e89729f1900dd2666942f9dfb091f5383fd9e3da855cf87a491f0cecff879f171998bad2429caeb07d42671403c3210b55b5ad185c0e36b2d72626fea63571b2ca0bfe9fb4bed887669876740ee8dee1eae8bc05f0310181b8201140a54936f7b1b48cfc813a941b3637518439f8288187f23b38b463644eb4d6df25760f69015a621c08bf7cdaf5ce85efd48c57a47f50430c73e4ab9533cf5ea35e8e223f5ee9009b1a96b18253fffde97de96ccde217c080573de78d8a3aa437c229a2e85a90bcb03b3516fc4e326f6a7a6c7f0378c2eb2bdd47703c64cd73cb9689c31a233eaffccbec529090b5f7351217a1396b4c58a33d351d691d8996ae6e2095f04a2f826a6bc0b5473180b9a66563598d05f44619bf3766451cb572e39c46cc59a68de87e56e8ebba1d5931bddad74980a36b79b08b40a89253c52a7037962c06b9667330a897ae0887d530de16ba5f445c43a7189b3c4d65589d9e56ba653fc8e2f70846d0db0f17a40e450bc4596e6351c42e9b647b607d942c6d121cad88686065a9363088175ead7f7c5319076ecb577f700757b41c017317b4df139ad71ce37b74073c60ed474f2874dbe4b373f57843f077219d50db909a23152e5e3139f8b8e444762807f995239a0ff1f43660b93d7d799760785a807692709b9708038a6c76285a4e3766af959869cfc306cf245710cc734ca16cbf33b322775bead95ed12be3cd4bae8d6bd260004ded2bf828f8af446572ecec141a9960d612809f38d9fe37f92759f2ae5d6526e8f2c21b7ae7c9c47c218c3bc454c49bbfa0451a109eb213512a2396e849a5662e203736339f451d164753e318af5e7a90e175052cf46c98a8a80eb4ce"}]}, 0x804}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
writev(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)="14", 0x1f68}], 0x2)

109.649085ms ago: executing program 5 (id=1143):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000dfff75390000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10)
r1 = io_uring_setup(0x5111, &(0x7f0000000100)={0x0, 0x9c54, 0x100, 0x2, 0x1ec})
io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f00000001c0)=[0xffffffffffffffff], 0x1)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r1, 0x6, &(0x7f000000aa80)={0x80002, 0x0, &(0x7f0000000600)=[0xffffffffffffffff]}, 0x1)

42.018119ms ago: executing program 5 (id=1144):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback, 0x7ff}], 0x2c)
sendto$inet6(r0, &(0x7f0000000000)='\x00', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback, 0x5}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000580)={0x41, 0x80, 0x0, 0x6, 0x0, 0x0, 0x0, 0x74, 0x3, 0x0, 0x9}, 0xe)
recvmmsg(r0, &(0x7f0000000340)=[{{0x0, 0x0, 0x0}, 0xf}, {{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000080)=""/32, 0x20}], 0x1, &(0x7f0000000440)=""/238, 0xee}, 0x2}], 0x2, 0x40000040, 0x0)

0s ago: executing program 0 (id=1145):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000000)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x46, 0x0, "2431d0edd9b36cb74d7df7671eacf04be3b08353efa3641776f56c7556fd3713097bd0072577bc6fefb4cdc9e94e420b0ea4fbc5b07a32056eff5e6c42784b46ddab72b1b8fc87f208ad6db80d8dfe25"}, 0xd8)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f00000002c0)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10}}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

0x83 has an invalid bInterval 0, changing to 7
[  117.893811][ T6445] loop0: detected capacity change from 0 to 32768
[  117.916264][    T9] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  117.927426][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.948003][    T9] usb 5-1: Product: syz
[  117.955803][    T9] usb 5-1: Manufacturer: syz
[  117.969047][    T9] usb 5-1: SerialNumber: syz
[  117.974299][ T6445] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  117.982974][    T9] usb 5-1: config 0 descriptor??
[  117.987058][    T9] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  118.036858][ T6445] XFS (loop0): Ending clean mount
[  118.046107][    T9] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class)
[  118.066467][ T5922] kernel write not supported for file /vcs (pid: 5922 comm: kworker/0:6)
[  118.233351][ T5819] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  118.311501][ T6451] loop3: detected capacity change from 0 to 32768
[  118.329079][ T6451] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.159 (6451)
[  118.380330][ T6451] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  118.423637][ T6451] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  118.530054][ T6451] BTRFS info (device loop3): rebuilding free space tree
[  118.621313][ T6451] BTRFS info (device loop3): disabling free space tree
[  118.636825][    T9] em28xx 5-1:0.0: unknown em28xx chip ID (71)
[  118.659713][ T6451] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  118.706057][ T6451] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  118.757832][ T6451] BTRFS info (device loop3): enabling ssd optimizations
[  118.767963][ T6451] BTRFS info (device loop3): turning on async discard
[  118.775616][ T6451] BTRFS info (device loop3): force clearing of disk cache
[  118.783343][ T6451] BTRFS info (device loop3): enabling auto defrag
[  118.789929][ T6451] BTRFS info (device loop3): max_inline set to 4096
[  118.875001][    T9] em28xx 5-1:0.0: Config register raw data: 0xfffffffb
[  118.902838][    T9] em28xx 5-1:0.0: AC97 chip type couldn't be determined
[  118.919085][    T9] em28xx 5-1:0.0: No AC97 audio processor
[  118.945517][    T9] usb 5-1: USB disconnect, device number 5
[  118.963212][    T9] em28xx 5-1:0.0: Disconnecting em28xx
[  118.996192][    T9] em28xx 5-1:0.0: Freeing device
[  119.070848][ T5833] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  119.581498][ T6523] loop1: detected capacity change from 0 to 1024
[  119.652147][ T5897] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  119.814395][ T5897] usb 4-1: Using ep0 maxpacket: 32
[  119.832190][ T5897] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  119.871506][ T5897] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.906347][ T5897] usb 4-1: config 0 descriptor??
[  120.127261][ T5897] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  120.164632][ T5897] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  120.183229][ T5897] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  120.205640][ T5897] usb 4-1: media controller created
[  120.248876][ T5897] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  120.292032][    T9] usb 1-1: new full-speed USB device number 4 using dummy_hcd
[  120.330385][ T5897] az6027: usb out operation failed. (-71)
[  120.342426][ T5897] az6027: usb out operation failed. (-71)
[  120.359158][ T5897] stb0899_attach: Driver disabled by Kconfig
[  120.369441][ T5897] az6027: no front-end attached
[  120.369441][ T5897] 
[  120.386505][ T5897] az6027: usb out operation failed. (-71)
[  120.401928][ T5897] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  120.415204][ T5897] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input7
[  120.462013][ T5897] dvb-usb: schedule remote query interval to 400 msecs.
[  120.479372][ T5897] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  120.497788][ T5897] usb 4-1: USB disconnect, device number 5
[  120.521923][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  120.552097][    T9] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2
[  120.561075][    T9] usb 1-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  120.604151][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  120.650918][    T9] usb 1-1: config 0 descriptor??
[  120.693876][    T9] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  120.700576][    T9] dvb-usb: bulk message failed: -22 (3/0)
[  120.708370][ T5897] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  120.738293][    T9] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  120.785384][    T9] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  120.796009][    T9] usb 1-1: media controller created
[  120.808158][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  120.838359][    T9] dvb-usb: bulk message failed: -22 (6/0)
[  120.857858][    T9] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  120.878607][ T6542] loop1: detected capacity change from 0 to 512
[  120.895452][    T9] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input8
[  120.918140][ T6528] loop4: detected capacity change from 0 to 40427
[  120.954848][ T6528] F2FS-fs: heap/no_heap options were deprecated
[  120.973793][ T6542] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  120.988578][ T6534] loop0: detected capacity change from 0 to 2048
[  121.001304][ T6542] ext4 filesystem being mounted at /43/w��5�T��)�`)Y�F�nA��@T<�3�ڂ$���r�cnH�<�p�r��>�wC�" ��-������8 supports timestamps until 2038-01-19 (0x7fffffff)
[  121.001548][    T9] dvb-usb: schedule remote query interval to 150 msecs.
[  121.031154][ T6528] F2FS-fs (loop4): Invalid log_blocksize (64), supports only 12
[  121.051310][ T6528] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  121.059510][ T6548] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  121.098544][ T6528] F2FS-fs (loop4): invalid crc value
[  121.099341][ T5824] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.105207][    T9] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  121.155325][    T9] usb 1-1: USB disconnect, device number 4
[  121.218019][    T9] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  121.318748][ T6528] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  121.333404][ T6528] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  121.352179][ T6528] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  121.406801][ T6561] netlink: 4 bytes leftover after parsing attributes in process `syz.3.191'.
[  121.536829][ T5830] syz-executor: attempt to access beyond end of device
[  121.536829][ T5830] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  121.556299][ T6563] loop3: detected capacity change from 0 to 512
[  121.571997][ T5830] CPU: 1 UID: 0 PID: 5830 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  121.572027][ T5830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  121.572044][ T5830] Call Trace:
[  121.572052][ T5830]  <TASK>
[  121.572060][ T5830]  dump_stack_lvl+0x189/0x250
[  121.572172][ T5830]  ? __pfx_dump_stack_lvl+0x10/0x10
[  121.572205][ T5830]  ? __pfx_queue_work_on+0x10/0x10
[  121.572232][ T5830]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  121.572262][ T5830]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  121.572304][ T5830]  f2fs_handle_critical_error+0x37c/0x540
[  121.572343][ T5830]  f2fs_write_end_io+0x886/0xb60
[  121.572386][ T5830]  __submit_merged_bio+0x27a/0x6a0
[  121.572423][ T5830]  __submit_merged_write_cond+0x255/0x530
[  121.572463][ T5830]  f2fs_write_data_pages+0x261d/0x3000
[  121.572518][ T5830]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  121.572554][ T5830]  ? is_bpf_text_address+0x292/0x2b0
[  121.572607][ T5830]  ? __mod_zone_page_state+0xd7/0x140
[  121.572644][ T5830]  ? unwind_next_frame+0xa5/0x2390
[  121.572670][ T5830]  ? rcu_is_watching+0x15/0xb0
[  121.572698][ T5830]  ? __kasan_check_byte+0x12/0x40
[  121.572734][ T5830]  ? __lock_acquire+0xab9/0xd20
[  121.572769][ T5830]  ? do_raw_spin_lock+0x121/0x290
[  121.572799][ T5830]  ? do_raw_spin_unlock+0x122/0x240
[  121.572817][ T5830]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  121.572840][ T5830]  do_writepages+0x32e/0x550
[  121.572882][ T5830]  ? do_raw_spin_unlock+0x122/0x240
[  121.572908][ T5830]  filemap_fdatawrite+0x199/0x240
[  121.572940][ T5830]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  121.573024][ T5830]  ? do_raw_spin_unlock+0x122/0x240
[  121.573071][ T5830]  f2fs_sync_dirty_inodes+0x31f/0x830
[  121.573111][ T5830]  f2fs_write_checkpoint+0x93e/0x2440
[  121.573134][ T5830]  ? __lock_acquire+0xab9/0xd20
[  121.573191][ T5830]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  121.573274][ T5830]  kill_f2fs_super+0x2cc/0x6d0
[  121.573304][ T5830]  ? __pfx_kill_f2fs_super+0x10/0x10
[  121.573346][ T5830]  ? shrinker_free+0x2ce/0x3e0
[  121.573375][ T5830]  deactivate_locked_super+0xbc/0x130
[  121.573403][ T5830]  cleanup_mnt+0x425/0x4c0
[  121.573425][ T5830]  ? lockdep_hardirqs_on+0x9c/0x150
[  121.573458][ T5830]  task_work_run+0x1d4/0x260
[  121.573485][ T5830]  ? __pfx_task_work_run+0x10/0x10
[  121.573512][ T5830]  ? exit_to_user_mode_loop+0x55/0x4f0
[  121.573544][ T5830]  exit_to_user_mode_loop+0xff/0x4f0
[  121.573570][ T5830]  ? rcu_is_watching+0x15/0xb0
[  121.573606][ T5830]  do_syscall_64+0x2e9/0xfa0
[  121.573639][ T5830]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.573660][ T5830]  ? clear_bhb_loop+0x60/0xb0
[  121.573685][ T5830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.573706][ T5830] RIP: 0033:0x7f9c529909f7
[  121.573735][ T5830] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  121.573752][ T5830] RSP: 002b:00007ffc8b5d0918 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  121.573779][ T5830] RAX: 0000000000000000 RBX: 00007f9c52a11d7d RCX: 00007f9c529909f7
[  121.573794][ T5830] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc8b5d09d0
[  121.573807][ T5830] RBP: 00007ffc8b5d09d0 R08: 0000000000000000 R09: 0000000000000000
[  121.573820][ T5830] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc8b5d1a60
[  121.573834][ T5830] R13: 00007f9c52a11d7d R14: 000000000001da51 R15: 00007ffc8b5d1aa0
[  121.573871][ T5830]  </TASK>
[  121.573880][ T5830] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  121.626302][ T6563] EXT4-fs: Ignoring removed bh option
[  121.948674][ T6563] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  121.999827][ T6563] EXT4-fs (loop3): 1 truncate cleaned up
[  122.011592][ T6560] loop1: detected capacity change from 0 to 32768
[  122.030965][ T6563] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  122.273461][ T5833] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.382926][ T6580] loop3: detected capacity change from 0 to 64
[  122.738652][   T52] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  122.749821][   T52] CPU: 0 UID: 0 PID: 52 Comm: kworker/u9:0 Not tainted syzkaller #0 PREEMPT(full) 
[  122.749851][   T52] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  122.749866][   T52] Workqueue: hci3 hci_rx_work
[  122.749892][   T52] Call Trace:
[  122.749901][   T52]  <TASK>
[  122.749910][   T52]  dump_stack_lvl+0x189/0x250
[  122.749957][   T52]  ? __pfx_dump_stack_lvl+0x10/0x10
[  122.749990][   T52]  ? __pfx__printk+0x10/0x10
[  122.750022][   T52]  ? kernfs_path_from_node+0x250/0x290
[  122.750046][   T52]  ? kernfs_path_from_node+0x2f/0x290
[  122.750076][   T52]  sysfs_create_dir_ns+0x259/0x280
[  122.750104][   T52]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  122.750131][   T52]  ? do_raw_spin_unlock+0x122/0x240
[  122.750159][   T52]  kobject_add_internal+0x59f/0xb70
[  122.750191][   T52]  kobject_add+0x155/0x220
[  122.750218][   T52]  ? __pfx_kobject_add+0x10/0x10
[  122.750239][   T52]  ? _raw_spin_unlock+0x28/0x50
[  122.750271][   T52]  ? get_device_parent+0x366/0x3a0
[  122.750297][   T52]  device_add+0x408/0xb80
[  122.750323][   T52]  hci_conn_add_sysfs+0xd5/0x210
[  122.750361][   T52]  le_conn_complete_evt+0xf26/0x14d0
[  122.750407][   T52]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  122.750451][   T52]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  122.750482][   T52]  ? __asan_memcpy+0x40/0x70
[  122.750522][   T52]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  122.750552][   T52]  ? skb_pull_data+0xfb/0x200
[  122.750579][   T52]  hci_le_conn_complete_evt+0x187/0x480
[  122.750615][   T52]  hci_event_packet+0x78f/0x1260
[  122.750642][   T52]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  122.750672][   T52]  ? __pfx_hci_event_packet+0x10/0x10
[  122.750699][   T52]  ? lockdep_hardirqs_on+0x9c/0x150
[  122.750734][   T52]  ? hci_send_to_monitor+0xe2/0x590
[  122.750767][   T52]  hci_rx_work+0x45d/0xfc0
[  122.750804][   T52]  ? process_one_work+0x868/0x15d0
[  122.750829][   T52]  process_one_work+0x94a/0x15d0
[  122.750860][   T52]  ? __lock_acquire+0xab9/0xd20
[  122.750911][   T52]  ? __pfx_process_one_work+0x10/0x10
[  122.750955][   T52]  ? assign_work+0x3a1/0x410
[  122.750988][   T52]  worker_thread+0x9b0/0xee0
[  122.751047][   T52]  kthread+0x711/0x8a0
[  122.751072][   T52]  ? __pfx_worker_thread+0x10/0x10
[  122.751099][   T52]  ? __pfx_kthread+0x10/0x10
[  122.751121][   T52]  ? _raw_spin_unlock_irq+0x23/0x50
[  122.751148][   T52]  ? lockdep_hardirqs_on+0x9c/0x150
[  122.751176][   T52]  ? __pfx_kthread+0x10/0x10
[  122.751197][   T52]  ret_from_fork+0x599/0xb30
[  122.751227][   T52]  ? __pfx_ret_from_fork+0x10/0x10
[  122.751266][   T52]  ? __switch_to_asm+0x39/0x70
[  122.751282][   T52]  ? __switch_to_asm+0x33/0x70
[  122.751296][   T52]  ? __pfx_kthread+0x10/0x10
[  122.751313][   T52]  ret_from_fork_asm+0x1a/0x30
[  122.751354][   T52]  </TASK>
[  122.751463][   T52] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  122.924599][ T6596] syzkaller1: entered promiscuous mode
[  122.929021][   T52] Bluetooth: hci3: failed to register connection device
[  122.967144][ T6596] syzkaller1: entered allmulticast mode
[  123.208504][ T6575] loop0: detected capacity change from 0 to 40427
[  123.232801][ T6575] F2FS-fs (loop0): build fault injection rate: 771
[  123.257429][ T6575] F2FS-fs (loop0): invalid crc value
[  123.583223][ T6575] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  123.618601][ T6575] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  123.772622][ T5819] syz-executor: attempt to access beyond end of device
[  123.772622][ T5819] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  123.794310][ T5819] CPU: 0 UID: 0 PID: 5819 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  123.794340][ T5819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  123.794353][ T5819] Call Trace:
[  123.794362][ T5819]  <TASK>
[  123.794371][ T5819]  dump_stack_lvl+0x189/0x250
[  123.794413][ T5819]  ? __pfx_dump_stack_lvl+0x10/0x10
[  123.794445][ T5819]  ? __pfx_queue_work_on+0x10/0x10
[  123.794470][ T5819]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  123.794499][ T5819]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  123.794540][ T5819]  f2fs_handle_critical_error+0x37c/0x540
[  123.794580][ T5819]  f2fs_write_end_io+0x886/0xb60
[  123.794622][ T5819]  __submit_merged_bio+0x27a/0x6a0
[  123.794659][ T5819]  __submit_merged_write_cond+0x255/0x530
[  123.794697][ T5819]  f2fs_write_data_pages+0x261d/0x3000
[  123.794757][ T5819]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  123.794793][ T5819]  ? is_bpf_text_address+0x292/0x2b0
[  123.794846][ T5819]  ? __mod_zone_page_state+0xd7/0x140
[  123.794889][ T5819]  ? folios_put_refs+0x58b/0x670
[  123.794929][ T5819]  ? __lock_acquire+0xab9/0xd20
[  123.794971][ T5819]  ? do_raw_spin_lock+0x121/0x290
[  123.795005][ T5819]  ? do_raw_spin_unlock+0x122/0x240
[  123.795026][ T5819]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  123.795049][ T5819]  do_writepages+0x32e/0x550
[  123.795089][ T5819]  ? do_raw_spin_unlock+0x122/0x240
[  123.795116][ T5819]  filemap_fdatawrite+0x199/0x240
[  123.795145][ T5819]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  123.795227][ T5819]  ? do_raw_spin_unlock+0x122/0x240
[  123.795254][ T5819]  f2fs_sync_dirty_inodes+0x31f/0x830
[  123.795294][ T5819]  f2fs_write_checkpoint+0x93e/0x2440
[  123.795315][ T5819]  ? stack_depot_save_flags+0x40/0x860
[  123.795373][ T5819]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  123.795441][ T5819]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  123.795463][ T5819]  ? kfree+0x19a/0x6e0
[  123.795504][ T5819]  kill_f2fs_super+0x2cc/0x6d0
[  123.795533][ T5819]  ? __pfx_kill_f2fs_super+0x10/0x10
[  123.795576][ T5819]  ? shrinker_free+0x2ce/0x3e0
[  123.795604][ T5819]  deactivate_locked_super+0xbc/0x130
[  123.795629][ T5819]  cleanup_mnt+0x425/0x4c0
[  123.795651][ T5819]  ? lockdep_hardirqs_on+0x9c/0x150
[  123.795683][ T5819]  task_work_run+0x1d4/0x260
[  123.795709][ T5819]  ? __pfx_task_work_run+0x10/0x10
[  123.795736][ T5819]  ? exit_to_user_mode_loop+0x55/0x4f0
[  123.795766][ T5819]  exit_to_user_mode_loop+0xff/0x4f0
[  123.795791][ T5819]  ? rcu_is_watching+0x15/0xb0
[  123.795825][ T5819]  do_syscall_64+0x2e9/0xfa0
[  123.795856][ T5819]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.795876][ T5819]  ? clear_bhb_loop+0x60/0xb0
[  123.795901][ T5819]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.795919][ T5819] RIP: 0033:0x7f13d1f909f7
[  123.795939][ T5819] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  123.795961][ T5819] RSP: 002b:00007ffe19029e18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  123.795982][ T5819] RAX: 0000000000000000 RBX: 00007f13d2011d7d RCX: 00007f13d1f909f7
[  123.795996][ T5819] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe19029ed0
[  123.796007][ T5819] RBP: 00007ffe19029ed0 R08: 0000000000000000 R09: 0000000000000000
[  123.796020][ T5819] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe1902af60
[  123.796032][ T5819] R13: 00007f13d2011d7d R14: 000000000001e31e R15: 00007ffe1902afa0
[  123.796068][ T5819]  </TASK>
[  123.796185][ T5819] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  124.667386][ T6625] loop3: detected capacity change from 0 to 4096
[  124.689739][ T6625] EXT4-fs: Ignoring removed nomblk_io_submit option
[  124.709181][ T6625] EXT4-fs (loop3): Test dummy encryption mode enabled
[  124.741590][ T6625] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  124.762055][ T6625] System zones: 0-5
[  124.781234][ T6625] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  125.006633][ T6632] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input9
[  125.020689][ T6634] loop1: detected capacity change from 0 to 1024
[  125.050907][ T5833] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.704357][ T6672] loop3: detected capacity change from 0 to 2048
[  125.737146][ T6672] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  125.871179][ T6683] tipc: Started in network mode
[  125.878074][ T6683] tipc: Node identity ac1414aa, cluster identity 4711
[  125.878966][ T6680] loop4: detected capacity change from 0 to 4096
[  125.887168][ T6683] tipc: Enabled bearer <udp:syz2>, priority 10
[  125.927449][ T6680] NILFS (loop4): invalid segment: Checksum error in segment payload
[  125.937555][ T6680] NILFS (loop4): trying rollback from an earlier position
[  125.980140][ T6686] Zero length message leads to an empty skb
[  126.004349][ T6680] NILFS (loop4): recovery complete
[  126.025333][ T6689] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  126.502739][ T6693] loop3: detected capacity change from 0 to 32768
[  126.583884][ T6693] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  126.634407][ T6693] XFS (loop3): Ending clean mount
[  126.642487][ T6693] XFS (loop3): Quotacheck needed: Please wait.
[  126.706605][ T6693] XFS (loop3): Quotacheck: Done.
[  126.714678][ T6693] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  127.635788][    T9] tipc: Node number set to 2886997162
[  128.579447][ T6688] loop1: detected capacity change from 0 to 262144
[  128.690185][ T6688] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  128.702531][ T6688] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  129.209899][ T6706] loop0: detected capacity change from 0 to 32768
[  129.233468][ T6706] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.247 (6706)
[  129.274866][ T6706] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  129.305890][ T6706] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  129.434911][ T6706] BTRFS info (device loop0): rebuilding free space tree
[  129.474316][ T6706] BTRFS info (device loop0): allowing degraded mounts
[  129.481170][ T6706] BTRFS info (device loop0): enabling ssd optimizations
[  129.515304][ T6706] BTRFS info (device loop0): enabling free space tree
[  129.562011][ T6706] BTRFS info (device loop0): force clearing of disk cache
[  129.592165][ T6706] BTRFS info (device loop0): use zstd compression, level 3
[  129.599473][ T6706] BTRFS info (device loop0): max_inline set to 0
[  129.604280][ T6725] loop4: detected capacity change from 0 to 32768
[  129.635409][ T6725] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  129.733027][ T6725] XFS (loop4): Ending clean mount
[  129.824100][ T6725] XFS (loop4): Quotacheck needed: Please wait.
[  129.909905][ T6725] XFS (loop4): Quotacheck: Done.
[  129.971377][ T5819] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  130.098502][ T5830] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  130.433292][ T6761] loop3: detected capacity change from 0 to 8192
[  131.201902][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  131.262586][ T6779] syzkaller1: entered promiscuous mode
[  131.268176][ T6779] syzkaller1: entered allmulticast mode
[  131.572800][ T6790] loop1: detected capacity change from 0 to 16
[  131.593934][ T6790] erofs (device loop1): mounted with root inode @ nid 36.
[  131.606671][ T6790] erofs (device loop1): per-inode big pcluster without sb feature for nid 36
[  131.620420][ T6790] erofs (device loop1): per-inode big pcluster without sb feature for nid 36
[  131.629823][ T6790] erofs (device loop1): read error -117 @ 43 of nid 36
[  131.847095][   T30] audit: type=1326 audit(1762775986.918:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.4.264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c5298f6c9 code=0x7ffc0000
[  131.899842][   T30] audit: type=1326 audit(1762775986.938:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.4.264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9c5292b779 code=0x7ffc0000
[  131.949176][ T6802] loop1: detected capacity change from 0 to 512
[  131.965556][   T30] audit: type=1326 audit(1762775986.948:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.4.264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9c5292b779 code=0x7ffc0000
[  132.014584][   T30] audit: type=1326 audit(1762775986.948:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.4.264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c5298f6c9 code=0x7ffc0000
[  132.041058][ T6802] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  132.092306][   T30] audit: type=1326 audit(1762775986.948:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.4.264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9c5292b779 code=0x7ffc0000
[  132.172701][ T6802] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  132.192311][ T6802] ext4 filesystem being mounted at /60/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  132.231555][   T30] audit: type=1326 audit(1762775986.948:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.4.264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c5298f6c9 code=0x7ffc0000
[  132.266145][   T30] audit: type=1326 audit(1762775986.948:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.4.264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9c5292b779 code=0x7ffc0000
[  132.288621][   T30] audit: type=1326 audit(1762775986.948:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.4.264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c5298f6c9 code=0x7ffc0000
[  132.313670][   T30] audit: type=1326 audit(1762775986.948:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.4.264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9c5292b779 code=0x7ffc0000
[  132.346226][   T30] audit: type=1326 audit(1762775986.948:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.4.264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9c5292b779 code=0x7ffc0000
[  132.466791][ T6802] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000d40000 ro.
[  132.584184][ T5824] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  132.719406][ T5958] IPVS: starting estimator thread 0...
[  132.730033][ T6835] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  132.739215][ T6835] tipc: Enabled bearer <udp:s>, priority 10
[  132.823189][ T6836] IPVS: using max 25 ests per chain, 60000 per kthread
[  132.862083][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  132.911938][ T5958] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  132.967133][ T6846] overlayfs: failed to decode file handle (len=19, type=0, flags=0, err=-22)
[  133.066402][ T5958] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  133.092698][ T5958] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  133.114421][ T5958] usb 5-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  133.132015][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  133.140473][ T5958] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  133.149984][ T5958] usb 5-1: Product: syz
[  133.162318][ T5958] usb 5-1: Manufacturer: syz
[  133.168021][ T5958] usb 5-1: SerialNumber: syz
[  133.185591][ T5958] usb 5-1: config 0 descriptor??
[  133.193766][ T6830] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  133.201295][ T6830] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  133.425419][ T6830] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  133.438576][ T6830] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  133.662074][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  134.283997][ T5958] dm9601 5-1:0.0 (unnamed net_device) (uninitialized): Error reading MODE_CTRL
[  134.314832][ T5958] usb 5-1: USB disconnect, device number 6
[  134.455421][ T6880] loop0: detected capacity change from 0 to 32768
[  134.483157][ T6880] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  134.564796][ T6880] XFS (loop0): Ending clean mount
[  134.585556][ T6880] XFS (loop0): Quotacheck needed: Please wait.
[  134.638480][ T6880] XFS (loop0): Quotacheck: Done.
[  134.741975][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  134.752632][ T6884] loop1: detected capacity change from 0 to 32768
[  134.770659][ T5819] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  134.807858][ T6884] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  134.862655][ T6884] XFS (loop1): Ending clean mount
[  135.011668][ T5824] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  135.172521][ T5897] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  135.376489][ T5897] usb 5-1: config index 0 descriptor too short (expected 45, got 36)
[  135.402496][ T5897] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  135.441926][ T5897] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  135.465460][ T5897] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  135.497204][ T5897] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  135.532045][ T5897] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  135.542522][ T5897] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.573111][ T5897] usb 5-1: config 0 descriptor??
[  135.589138][ T6907] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  135.781990][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  136.022581][ T5897] plantronics 0003:047F:FFFF.0004: reserved main item tag 0xd
[  136.066970][ T5897] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  136.084426][ T6929] Illegal XDP return value 4294967274 on prog  (id 40) dev syz_tun, expect packet loss!
[  136.268510][ T6931] xt_hashlimit: max too large, truncated to 1048576
[  136.305529][ T5922] usb 5-1: USB disconnect, device number 7
[  136.433569][ T6924] loop0: detected capacity change from 0 to 32768
[  136.448278][ T6924] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  136.498472][ T6924] XFS (loop0): Ending clean mount
[  136.509876][ T6924] XFS (loop0): Quotacheck needed: Please wait.
[  136.547270][ T6924] XFS (loop0): Quotacheck: Done.
[  136.553095][ T6943] netlink: 7 bytes leftover after parsing attributes in process `syz.1.322'.
[  136.614175][ T5819] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  136.662047][ T5897] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  136.821980][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  136.861939][ T5897] usb 4-1: Using ep0 maxpacket: 8
[  136.876267][ T5897] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  136.905832][ T5897] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.933422][ T5897] usb 4-1: Product: syz
[  136.947310][ T5897] usb 4-1: Manufacturer: syz
[  136.956953][ T5897] usb 4-1: SerialNumber: syz
[  136.968441][ T5897] usb 4-1: config 0 descriptor??
[  137.042054][ T6953] loop4: detected capacity change from 0 to 1024
[  137.055396][ T6953] EXT4-fs: Ignoring removed bh option
[  137.072226][ T6953] EXT4-fs: Ignoring removed nobh option
[  137.078199][ T6953] EXT4-fs: Ignoring removed bh option
[  137.102641][ T6953] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.150266][ T6967] loop1: detected capacity change from 0 to 512
[  137.173563][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.189680][ T5897] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  137.233727][ T6967] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.258906][ T6967] ext4 filesystem being mounted at /70/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  137.304139][ T6967] EXT4-fs error (device loop1): ext4_do_update_inode:5636: inode #2: comm syz.1.332: corrupted inode contents
[  137.319532][ T6967] EXT4-fs error (device loop1): ext4_dirty_inode:6521: inode #2: comm syz.1.332: mark_inode_dirty error
[  137.332101][ T6967] EXT4-fs error (device loop1): ext4_do_update_inode:5636: inode #2: comm syz.1.332: corrupted inode contents
[  137.346551][ T6967] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #2: comm syz.1.332: mark_inode_dirty error
[  137.428518][ T5824] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.601505][ T5897] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  137.624378][ T5897] usb 4-1: USB disconnect, device number 6
[  137.861954][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  138.126846][ T7000] netlink: 28 bytes leftover after parsing attributes in process `syz.1.345'.
[  138.176809][ T7000] netlink: 4 bytes leftover after parsing attributes in process `syz.1.345'.
[  138.252431][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  138.264608][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  138.658980][ T7008] loop4: detected capacity change from 0 to 1024
[  138.768952][ T7012] netlink: 8 bytes leftover after parsing attributes in process `syz.1.351'.
[  138.901961][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  139.256095][ T7025] loop3: detected capacity change from 0 to 2048
[  139.277259][ T7025] EXT4-fs: Ignoring removed bh option
[  139.294489][   T10] usb 2-1: new full-speed USB device number 3 using dummy_hcd
[  139.349058][ T7025] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.387445][ T7030] loop0: detected capacity change from 0 to 512
[  139.426863][ T7030] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  139.442044][ T7025] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  139.485778][   T10] usb 2-1: config 7 has an invalid interface number: 101 but max is 0
[  139.505624][   T10] usb 2-1: config 7 has no interface number 0
[  139.515553][ T7025] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 159 with max blocks 1 with error 28
[  139.563159][ T7025] EXT4-fs (loop3): This should not happen!! Data will be lost
[  139.563159][ T7025] 
[  139.563871][   T10] usb 2-1: New USB device found, idVendor=0fd9, idProduct=002c, bcdDevice= 6.6b
[  139.574098][ T7025] EXT4-fs (loop3): Total free blocks count 0
[  139.588289][ T7025] EXT4-fs (loop3): Free/Dirty block details
[  139.594409][ T7025] EXT4-fs (loop3): free_blocks=2415919104
[  139.600962][ T7025] EXT4-fs (loop3): dirty_blocks=32
[  139.606383][ T7030] FAT-fs (loop0): error, invalid access to FAT (entry 0x0fffff00)
[  139.610137][ T7031] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  139.615312][ T7025] EXT4-fs (loop3): Block reservation details
[  139.649883][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.652235][ T7025] EXT4-fs (loop3): i_reserved_data_blocks=2
[  139.668338][   T10] usb 2-1: Product: syz
[  139.676000][   T10] usb 2-1: Manufacturer: syz
[  139.680736][   T10] usb 2-1: SerialNumber: syz
[  139.900621][ T7038] input: syz0 as /devices/virtual/input/input11
[  139.942027][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  139.972098][   T10] as10x_usb: device has been detected
[  139.978471][   T10] dvbdev: DVB: registering new adapter (Elgato EyeTV DTT Deluxe)
[  140.035938][   T10] usb 2-1: DVB: registering adapter 1 frontend 0 (Elgato EyeTV DTT Deluxe)...
[  140.120712][   T10] as10x_usb: error during firmware upload part1
[  140.127777][   T10] Registered device Elgato EyeTV DTT Deluxe
[  140.130904][   T10] usb 2-1: USB disconnect, device number 3
[  140.310456][   T10] Unregistered device Elgato EyeTV DTT Deluxe
[  140.319423][   T10] as10x_usb: device has been disconnected
[  140.981952][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  141.334406][ T7043] loop3: detected capacity change from 0 to 131072
[  141.377209][ T7043] F2FS-fs (loop3): Segment count (31) mismatch with total segments from devices (0)
[  141.389401][ T7043] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  141.400567][ T7043] F2FS-fs (loop3): invalid crc value
[  141.443344][ T7055] loop1: detected capacity change from 0 to 256
[  141.533335][ T7043] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  141.548679][ T7043] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  141.556606][ T7043] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  141.577871][   T30] kauditd_printk_skb: 23 callbacks suppressed
[  141.577890][   T30] audit: type=1800 audit(1762775996.648:40): pid=7055 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.368" name="file1" dev="loop1" ino=1048614 res=0 errno=0
[  141.615779][ T7055] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  141.641568][ T7055] FAT-fs (loop1): Filesystem has been set read-only
[  141.657200][ T7043] F2FS-fs (loop3): checksum invalid, nid = 4, ino_of_node = 4, efdbe231 vs. 15bb5891
[  141.698236][ T7043] F2FS-fs (loop3): checksum invalid, nid = 4, ino_of_node = 4, efdbe231 vs. 15bb5891
[  142.022269][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  143.061989][    C1] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  143.503099][ T7127] netlink: 'syz.1.382': attribute type 1 has an invalid length.
[  144.032011][   T10] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  144.121288][ T7139] loop4: detected capacity change from 0 to 32768
[  144.131343][ T7139] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.387 (7139)
[  144.148473][ T7139] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  144.159672][ T7139] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  144.181931][   T10] usb 1-1: Using ep0 maxpacket: 32
[  144.190692][   T10] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  144.206751][   T10] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  144.213516][ T7165] loop3: detected capacity change from 0 to 64
[  144.220905][   T10] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  144.232761][   T10] usb 1-1: Product: syz
[  144.239409][   T10] usb 1-1: Manufacturer: syz
[  144.244725][   T10] usb 1-1: SerialNumber: syz
[  144.252893][   T10] usb 1-1: config 0 descriptor??
[  144.259015][ T7143] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  144.272180][   T10] hub 1-1:0.0: bad descriptor, ignoring hub
[  144.278174][   T10] hub 1-1:0.0: probe with driver hub failed with error -5
[  144.287705][ T7139] BTRFS info (device loop4): enabling ssd optimizations
[  144.306661][ T7139] BTRFS info (device loop4): turning on async discard
[  144.319779][ T7139] BTRFS info (device loop4): enabling free space tree
[  144.385879][   T30] audit: type=1800 audit(1762775999.458:41): pid=7139 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.387" name="bus" dev="loop4" ino=263 res=0 errno=0
[  144.415835][   T30] audit: type=1800 audit(1762775999.478:42): pid=7139 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.387" name="bus" dev="loop4" ino=263 res=0 errno=0
[  144.592265][ T5958] usb 1-1: USB disconnect, device number 5
[  144.664743][ T5830] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  145.882860][ T5922] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  146.043825][ T5922] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  146.069077][ T5922] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  146.095238][ T5922] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  146.122742][ T5922] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  146.146447][ T5922] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.179997][ T5922] usb 1-1: config 0 descriptor??
[  146.516833][ T7216] smc: net device bond0 applied user defined pnetid S
[  146.548867][ T7216] smc: net device bond0 erased user defined pnetid S
[  146.655989][ T5922] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  146.739945][ T7210] loop4: detected capacity change from 0 to 32768
[  146.775316][ T7210] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  146.886423][ T7210] XFS (loop4): Ending clean mount
[  146.924929][   T30] audit: type=1800 audit(1762776001.998:43): pid=7210 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.411" name="file1" dev="loop4" ino=6150 res=0 errno=0
[  147.032149][ T5830] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  147.644253][ T7246] geneve2: entered promiscuous mode
[  147.660145][ T7246] geneve2: entered allmulticast mode
[  147.804183][ T7252] loop1: detected capacity change from 0 to 64
[  147.954837][   T30] audit: type=1326 audit(1762776003.028:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7256 comm="syz.5.429" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb032d8f6c9 code=0x0
[  147.984303][    C0] plantronics 0003:047F:FFFF.0005: usb_submit_urb(ctrl) failed: -1
[  148.217498][ T7265] loop3: detected capacity change from 0 to 2048
[  148.318359][ T7265] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  148.458195][ T7265] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  148.541950][   T10] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  148.562571][ T7265] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  148.563728][ T7261] loop1: detected capacity change from 0 to 32768
[  148.609707][ T7265] EXT4-fs (loop3): This should not happen!! Data will be lost
[  148.609707][ T7265] 
[  148.647766][ T7261] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.431 (7261)
[  148.676241][ T7265] EXT4-fs (loop3): Total free blocks count 0
[  148.703761][   T10] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  148.712714][ T7265] EXT4-fs (loop3): Free/Dirty block details
[  148.718729][   T10] usb 5-1: config 0 has no interface number 0
[  148.727847][ T7261] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  148.747037][   T10] usb 5-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  148.757696][ T7261] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  148.766795][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.776585][    T9] usb 1-1: USB disconnect, device number 6
[  148.792177][ T7265] EXT4-fs (loop3): free_blocks=2415919504
[  148.812251][ T7265] EXT4-fs (loop3): dirty_blocks=32
[  148.814886][   T10] usb 5-1: Product: syz
[  148.833034][ T7265] EXT4-fs (loop3): Block reservation details
[  148.839552][   T10] usb 5-1: Manufacturer: syz
[  148.845169][   T10] usb 5-1: SerialNumber: syz
[  148.863816][   T10] usb 5-1: config 0 descriptor??
[  148.889758][ T7265] EXT4-fs (loop3): i_reserved_data_blocks=2
[  148.925116][ T7261] BTRFS info (device loop1): enabling ssd optimizations
[  148.938649][ T7261] BTRFS info (device loop1): turning on async discard
[  148.945784][ T7261] BTRFS info (device loop1): enabling free space tree
[  149.020852][   T30] audit: type=1800 audit(1762776004.088:45): pid=7261 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.431" name="bus" dev="loop1" ino=263 res=0 errno=0
[  149.082029][   T10] usb 5-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  149.118748][   T30] audit: type=1800 audit(1762776004.088:46): pid=7261 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.431" name="bus" dev="loop1" ino=263 res=0 errno=0
[  149.122697][   T10] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  149.175871][ T7105] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 28
[  149.245186][   T10] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  149.265745][   T10] usb 5-1: media controller created
[  149.335710][   T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  149.353025][ T5824] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  149.443970][   T10] i2c i2c-1: ec100: i2c rd failed=-71 reg=33
[  149.529170][   T10] usb 5-1: USB disconnect, device number 8
[  149.867325][ T7318] loop0: detected capacity change from 0 to 256
[  149.948649][ T7316] loop1: detected capacity change from 0 to 4096
[  149.998244][ T7316] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[  150.032111][ T7316] ntfs3(loop1): ino=3, mi_enum_attr
[  150.320905][ T7329] loop3: detected capacity change from 0 to 256
[  150.363763][ T7329] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  150.451753][ T7331] loop0: detected capacity change from 0 to 4096
[  150.476174][ T7331] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512).
[  150.542410][   T30] audit: type=1800 audit(1762776005.608:47): pid=7331 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.455" name="file1" dev="loop0" ino=30 res=0 errno=0
[  150.719264][ T7336] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  151.222553][ T5925] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  151.392217][ T5925] usb 2-1: Using ep0 maxpacket: 16
[  151.401098][ T5925] usb 2-1: config 0 has an invalid interface number: 251 but max is 0
[  151.412870][ T5925] usb 2-1: config 0 has no interface number 0
[  151.421720][ T5925] usb 2-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[  151.437158][ T7341] loop0: detected capacity change from 0 to 32768
[  151.458792][ T5925] usb 2-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  151.482479][ T7341] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.456 (7341)
[  151.485352][ T5925] usb 2-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  151.521374][ T5925] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.530059][ T5925] usb 2-1: Product: syz
[  151.535235][ T5925] usb 2-1: Manufacturer: syz
[  151.535490][ T7341] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  151.539891][ T5925] usb 2-1: SerialNumber: syz
[  151.543437][ T5925] usb 2-1: config 0 descriptor??
[  151.558964][ T7366] netlink: 'syz.3.470': attribute type 12 has an invalid length.
[  151.568633][ T7341] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  151.584700][ T7346] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  151.592566][ T7346] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  151.694839][ T7341] BTRFS info (device loop0): enabling ssd optimizations
[  151.713692][ T7341] BTRFS info (device loop0): turning on async discard
[  151.720569][ T7341] BTRFS info (device loop0): enabling free space tree
[  151.810327][   T30] audit: type=1800 audit(1762776006.878:48): pid=7341 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.456" name="bus" dev="loop0" ino=263 res=0 errno=0
[  151.810899][ T7346] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  151.888358][ T7346] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  151.891595][   T30] audit: type=1800 audit(1762776006.878:49): pid=7341 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.456" name="bus" dev="loop0" ino=263 res=0 errno=0
[  152.134274][ T5819] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  152.531535][ T5925] asix 2-1:0.251 (unnamed net_device) (uninitialized): Invalid PHY address 0x72
[  152.693040][ T7407] tipc: Started in network mode
[  152.698205][ T7407] tipc: Node identity aaaaaaaaaa2b, cluster identity 4711
[  152.754039][ T7407] tipc: Enabled bearer <eth:netdevsim0>, priority 10
[  152.761436][ T5897] usb 2-1: USB disconnect, device number 4
[  152.779993][ T7408] tipc: Cannot configure node identity twice
[  152.787487][ T7408] tipc: Cannot configure node identity twice
[  152.971271][ T7397] loop3: detected capacity change from 0 to 32768
[  153.389005][ T7403] loop4: detected capacity change from 0 to 32768
[  153.421243][ T7403] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  153.548890][ T7403] XFS (loop4): Ending clean mount
[  153.595282][ T7403] XFS (loop4): Quotacheck needed: Please wait.
[  153.678755][ T7403] XFS (loop4): Quotacheck: Done.
[  153.715875][   T30] audit: type=1800 audit(1762776008.788:50): pid=7403 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.481" name="file1" dev="loop4" ino=9286 res=0 errno=0
[  153.759479][ T7403] XFS (loop4): User initiated shutdown received.
[  153.779753][ T7403] XFS (loop4): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:472).  Shutting down filesystem.
[  153.812097][ T7403] XFS (loop4): Please unmount the filesystem and rectify the problem(s)
[  153.850641][ T5830] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  153.873570][ T5897] tipc: Node number set to 8497834
[  154.012514][ T5897] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  154.202150][ T5897] usb 1-1: Using ep0 maxpacket: 32
[  154.213806][ T5897] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[  154.222314][ T5897] usb 1-1: config 0 has no interface number 0
[  154.249296][ T5897] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  154.262190][ T5897] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  154.272938][ T5897] usb 1-1: Product: syz
[  154.278072][ T5897] usb 1-1: Manufacturer: syz
[  154.292927][ T5897] usb 1-1: SerialNumber: syz
[  154.303963][ T5897] usb 1-1: config 0 descriptor??
[  154.320064][ T5897] smsc95xx v2.0.0
[  154.731616][ T5897] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  154.750022][ T5897] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  154.897679][ T7488] loop1: detected capacity change from 0 to 128
[  154.911078][ T7488] EXT4-fs: Ignoring removed orlov option
[  154.941199][ T7488] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  154.954364][ T7488] ext4 filesystem being mounted at /102/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  155.080195][ T5824] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  155.110836][ T7494] loop4: detected capacity change from 0 to 8
[  155.189049][ T5897] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  155.200503][ T5897] smsc95xx 1-1:0.67: probe with driver smsc95xx failed with error -71
[  155.236020][ T5897] usb 1-1: USB disconnect, device number 7
[  155.454735][ T7506] loop4: detected capacity change from 0 to 128
[  155.498156][ T7506] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  155.522846][ T7506] ext4 filesystem being mounted at /103/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  155.548943][ T7512] loop1: detected capacity change from 0 to 2048
[  155.630746][ T7512] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  155.712070][ T7512] ext4 filesystem being mounted at /104/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  155.826488][ T5830] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  155.913438][ T5824] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.160070][ T7539] sctp: [Deprecated]: syz.3.532 (pid 7539) Use of struct sctp_assoc_value in delayed_ack socket option.
[  156.160070][ T7539] Use struct sctp_sack_info instead
[  156.501540][ T7544] loop0: detected capacity change from 0 to 512
[  156.543640][ T7544] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  156.609016][ T7544] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  156.642255][ T7544] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.536: bg 0: block 248: padding at end of block bitmap is not set
[  156.761498][ T7538] loop4: detected capacity change from 0 to 32768
[  156.777337][ T7544] Quota error (device loop0): write_blk: dquota write failed
[  156.780919][ T7538] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.534 (7538)
[  156.798617][ T7544] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  156.832866][ T5958] usb 2-1: new full-speed USB device number 5 using dummy_hcd
[  156.840612][ T7544] EXT4-fs error (device loop0): ext4_acquire_dquot:6946: comm syz.0.536: Failed to acquire dquot type 1
[  156.881406][ T7538] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  156.899083][ T7544] EXT4-fs (loop0): 1 truncate cleaned up
[  156.902042][ T7538] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  156.925660][ T7544] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  156.991216][ T7544] EXT4-fs (loop0): shut down requested (1)
[  157.029192][ T5958] usb 2-1: config 150 has an invalid interface number: 204 but max is 2
[  157.036048][ T7538] BTRFS info (device loop4): rebuilding free space tree
[  157.042077][ T5958] usb 2-1: config 150 has 2 interfaces, different from the descriptor's value: 3
[  157.071956][ T5958] usb 2-1: config 150 has no interface number 0
[  157.078479][ T5958] usb 2-1: config 150 interface 204 has no altsetting 0
[  157.114441][ T5958] usb 2-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb
[  157.115914][ T7538] BTRFS info (device loop4): disabling free space tree
[  157.124018][ T5958] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  157.152944][ T7538] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  157.161863][ T5958] usb 2-1: Product: syz
[  157.166827][ T5958] usb 2-1: Manufacturer: syz
[  157.194032][ T5958] usb 2-1: SerialNumber: syz
[  157.195570][ T5819] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  157.211544][ T7538] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  157.256723][ T7538] BTRFS info (device loop4): setting nodatasum
[  157.284586][ T7538] BTRFS info (device loop4): setting nodatacow
[  157.290829][ T7538] BTRFS info (device loop4): turning off barriers
[  157.318157][ T7538] BTRFS info (device loop4): force clearing of disk cache
[  157.354271][ T7571] netlink: 'syz.3.542': attribute type 12 has an invalid length.
[  157.420223][ T5958] xr_serial 2-1:150.204: skipping garbage
[  157.427209][ T5958] xr_serial 2-1:150.204: xr_serial converter detected
[  157.491627][ T5830] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  157.749905][ T7577] loop3: detected capacity change from 0 to 4096
[  157.797765][ T7577] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.844739][ T7577] EXT4-fs (loop3): shut down requested (1)
[  157.883404][ T7577] EXT4-fs (loop3): resizing filesystem from 512 to 0 blocks
[  157.891176][ T7577] EXT4-fs warning (device loop3): ext4_resize_fs:2042: can't shrink FS - resize aborted
[  157.982453][ T5833] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.238827][ T5958] xr_serial ttyUSB0: Failed to set reg 0x0e: -71
[  158.246667][ T5958] xr_serial ttyUSB0: probe with driver xr_serial failed with error -71
[  158.263874][ T5958] usb 2-1: USB disconnect, device number 5
[  158.275483][ T5958] xr_serial 2-1:150.204: device disconnected
[  158.317853][ T7595] loop8: detected capacity change from 0 to 8
[  158.329869][ T7595] Dev loop8: unable to read RDB block 8
[  158.335675][ T7595]  loop8: unable to read partition table
[  158.343131][ T7595] loop8: partition table beyond EOD, truncated
[  158.349454][ T7595] loop_reread_partitions: partition scan of loop8 (�被x�^>��� ) failed (rc=-5)
[  158.586449][ T7603] loop4: detected capacity change from 0 to 2048
[  158.608209][ T7603] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  158.667688][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.964664][ T7617] loop4: detected capacity change from 0 to 65
[  158.978869][ T7617] BFS-fs: bfs_fill_super(): NOTE: filesystem loop4 was created with 512 inodes, the real maximum is 511, mounting anyway
[  159.170841][ T7625] overlayfs: failed to decode file handle (len=6, type=248, flags=0, err=-61)
[  159.256289][ T7632] loop1: detected capacity change from 0 to 512
[  159.271902][ T7632] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  159.294984][ T7632] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  159.311587][ T7632] EXT4-fs (loop1): 1 truncate cleaned up
[  159.326144][ T7632] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  159.347070][ T7632] syz.1.569 (pid 7632) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  159.402033][ T5925] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  159.444602][ T5824] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.562090][ T5925] usb 5-1: Using ep0 maxpacket: 32
[  159.573604][ T5925] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  159.591997][ T5925] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  159.613051][ T5925] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  159.632341][ T5925] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.655625][ T5925] usb 5-1: config 0 descriptor??
[  159.702155][   T52] Bluetooth: hci5: command 0x1003 tx timeout
[  159.708536][ T5143] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  160.027101][ T7643] loop1: detected capacity change from 0 to 32768
[  160.051490][ T7643] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  160.088519][ T5925] savu 0003:1E7D:2D5A.0006: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.4-1/input0
[  160.100895][ T7643] XFS (loop1): Ending clean mount
[  160.115340][ T7643] XFS (loop1): Quotacheck needed: Please wait.
[  160.150001][ T7643] XFS (loop1): Quotacheck: Done.
[  160.216750][ T5824] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  160.324109][ T5939] usb 5-1: USB disconnect, device number 9
[  160.600739][    T9] IPVS: starting estimator thread 0...
[  160.702143][ T7670] IPVS: using max 24 ests per chain, 57600 per kthread
[  160.833419][ T7678] loop0: detected capacity change from 0 to 1024
[  160.841757][ T7678] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  160.858763][ T7678] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  160.869866][ T7678] EXT4-fs (loop0): orphan cleanup on readonly fs
[  160.879405][ T7678] EXT4-fs error (device loop0): ext4_free_blocks:6706: comm syz.0.585: Freeing blocks not in datazone - block = 0, count = 4096
[  160.900033][ T7678] EXT4-fs (loop0): 1 orphan inode deleted
[  160.908651][ T7678] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  160.952841][ T5819] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.176757][ T7690]  nullb0: [POWERTEC] p1
[  161.194801][ T7692] loop4: detected capacity change from 0 to 1024
[  161.313989][ T7696] netlink: 7064 bytes leftover after parsing attributes in process `syz.5.592'.
[  161.333235][ T5997] hfsplus: b-tree write err: -5, ino 4
[  161.383464][ T7674] loop1: detected capacity change from 0 to 40427
[  161.422692][ T7674] F2FS-fs (loop1): Image doesn't support compression
[  161.429447][ T7674] F2FS-fs (loop1): build fault injection rate: 690
[  161.444350][ T7674] F2FS-fs (loop1): build fault injection type: 0x35f7
[  161.473601][ T7674] F2FS-fs (loop1): invalid crc value
[  161.576051][ T7674] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  161.594526][ T7674] F2FS-fs (loop1): Start checkpoint disabled!
[  161.621048][ T7674] F2FS-fs (loop1): f2fs_disable_checkpoint() finish, err:0
[  161.639542][ T7674] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  161.666223][ T7674] F2FS-fs (loop1): inject no more block in inc_valid_block_count of f2fs_reserve_new_blocks+0x11a/0xab0
[  161.719764][ T5997] kworker/u8:7: attempt to access beyond end of device
[  161.719764][ T5997] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  161.750134][ T5997] CPU: 1 UID: 0 PID: 5997 Comm: kworker/u8:7 Not tainted syzkaller #0 PREEMPT(full) 
[  161.750164][ T5997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  161.750177][ T5997] Workqueue: writeback wb_workfn (flush-7:1)
[  161.750208][ T5997] Call Trace:
[  161.750216][ T5997]  <TASK>
[  161.750224][ T5997]  dump_stack_lvl+0x189/0x250
[  161.750262][ T5997]  ? __pfx_dump_stack_lvl+0x10/0x10
[  161.750293][ T5997]  ? __pfx_queue_work_on+0x10/0x10
[  161.750319][ T5997]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  161.750347][ T5997]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  161.750387][ T5997]  f2fs_handle_critical_error+0x37c/0x540
[  161.750425][ T5997]  f2fs_write_end_io+0x886/0xb60
[  161.750467][ T5997]  __submit_merged_bio+0x27a/0x6a0
[  161.750506][ T5997]  __submit_merged_write_cond+0x255/0x530
[  161.750545][ T5997]  f2fs_write_data_pages+0x261d/0x3000
[  161.750605][ T5997]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  161.750642][ T5997]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  161.750707][ T5997]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  161.750754][ T5997]  ? trace_f2fs_writepages+0x7f/0x200
[  161.750796][ T5997]  ? f2fs_write_node_pages+0x478/0x6e0
[  161.750833][ T5997]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  161.750879][ T5997]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  161.750902][ T5997]  do_writepages+0x32e/0x550
[  161.750940][ T5997]  ? reacquire_held_locks+0x127/0x1d0
[  161.750969][ T5997]  ? writeback_sb_inodes+0x3bc/0x1950
[  161.751002][ T5997]  __writeback_single_inode+0x143/0x12d0
[  161.751031][ T5997]  ? do_raw_spin_unlock+0x122/0x240
[  161.751057][ T5997]  writeback_sb_inodes+0x984/0x1950
[  161.751112][ T5997]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  161.751184][ T5997]  ? rcu_is_watching+0x15/0xb0
[  161.751225][ T5997]  wb_writeback+0x43b/0xaf0
[  161.751261][ T5997]  ? queue_io+0x3c1/0x590
[  161.751289][ T5997]  ? __pfx_wb_writeback+0x10/0x10
[  161.751323][ T5997]  ? _raw_spin_unlock_irq+0x23/0x50
[  161.751355][ T5997]  wb_workfn+0x409/0xef0
[  161.751394][ T5997]  ? __pfx_wb_workfn+0x10/0x10
[  161.751422][ T5997]  ? __lock_acquire+0xab9/0xd20
[  161.751459][ T5997]  ? process_one_work+0x868/0x15d0
[  161.751492][ T5997]  ? _raw_spin_unlock_irq+0x23/0x50
[  161.751524][ T5997]  ? process_one_work+0x868/0x15d0
[  161.751548][ T5997]  process_one_work+0x94a/0x15d0
[  161.751573][ T5997]  ? __lock_acquire+0xab9/0xd20
[  161.751621][ T5997]  ? __pfx_process_one_work+0x10/0x10
[  161.751658][ T5997]  ? assign_work+0x3a1/0x410
[  161.751690][ T5997]  worker_thread+0x9b0/0xee0
[  161.751748][ T5997]  kthread+0x711/0x8a0
[  161.751772][ T5997]  ? __pfx_worker_thread+0x10/0x10
[  161.751809][ T5997]  ? __pfx_kthread+0x10/0x10
[  161.751831][ T5997]  ? _raw_spin_unlock_irq+0x23/0x50
[  161.751859][ T5997]  ? lockdep_hardirqs_on+0x9c/0x150
[  161.751886][ T5997]  ? __pfx_kthread+0x10/0x10
[  161.751906][ T5997]  ret_from_fork+0x599/0xb30
[  161.751934][ T5997]  ? __pfx_ret_from_fork+0x10/0x10
[  161.751970][ T5997]  ? __switch_to_asm+0x39/0x70
[  161.751988][ T5997]  ? __switch_to_asm+0x33/0x70
[  161.752005][ T5997]  ? __pfx_kthread+0x10/0x10
[  161.752024][ T5997]  ret_from_fork_asm+0x1a/0x30
[  161.752066][ T5997]  </TASK>
[  162.088238][ T5997] F2FS-fs (loop1): Remounting filesystem read-only
[  163.216440][ T7740] overlayfs: failed to clone upperpath
[  163.326028][ T7746] loop3: detected capacity change from 0 to 128
[  163.371842][ T7746] syz.3.614: attempt to access beyond end of device
[  163.371842][ T7746] loop3: rw=2049, sector=737, nr_sectors = 8 limit=128
[  163.473449][ T5997] kworker/u8:7: attempt to access beyond end of device
[  163.473449][ T5997] loop3: rw=1, sector=145, nr_sectors = 592 limit=128
[  163.856922][ T7764] tipc: Started in network mode
[  163.867391][ T7764] tipc: Node identity ac1414aa, cluster identity 4711
[  163.885311][ T7764] tipc: Enabled bearer <udp:syz2>, priority 10
[  164.412849][ T7754] loop3: detected capacity change from 0 to 32768
[  164.444705][ T7754] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  164.568926][ T7762] loop1: detected capacity change from 0 to 32768
[  164.586352][ T7754] XFS (loop3): Ending clean mount
[  164.610674][ T7754] XFS (loop3): Quotacheck needed: Please wait.
[  164.646036][ T7762] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  164.706011][ T7754] XFS (loop3): Quotacheck: Done.
[  164.755469][ T7762] XFS (loop1): Ending clean mount
[  164.793444][ T7762] XFS (loop1): Quotacheck needed: Please wait.
[  164.912075][ T7762] XFS (loop1): Quotacheck: Done.
[  164.930317][ T5833] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  165.093800][ T5824] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  165.795710][ T5897] tipc: Node number set to 2886997162
[  165.855111][ T7809] loop6: detected capacity change from 0 to 2640
[  165.869509][ T7809] buffer_io_error: 6 callbacks suppressed
[  165.869530][ T7809] Buffer I/O error on dev loop6, logical block 0, async page read
[  165.902246][ T7809] Buffer I/O error on dev loop6, logical block 0, async page read
[  165.910280][ T7809] Buffer I/O error on dev loop6, logical block 0, async page read
[  165.952017][ T7809] Buffer I/O error on dev loop6, logical block 0, async page read
[  165.968000][ T7813] loop4: detected capacity change from 0 to 4096
[  165.970426][ T7809] Buffer I/O error on dev loop6, logical block 0, async page read
[  165.988183][ T7813] EXT4-fs: Ignoring removed nomblk_io_submit option
[  166.003241][ T7809] Buffer I/O error on dev loop6, logical block 0, async page read
[  166.013215][ T7813] EXT4-fs (loop4): Test dummy encryption mode enabled
[  166.038004][ T7809] Buffer I/O error on dev loop6, logical block 0, async page read
[  166.058342][ T7813] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  166.062090][ T7809] Buffer I/O error on dev loop6, logical block 0, async page read
[  166.091999][ T7809] ldm_validate_partition_table(): Disk read failed.
[  166.094238][ T7813] System zones: 
[  166.108991][ T7809] Buffer I/O error on dev loop6, logical block 0, async page read
[  166.122046][ T7809] Buffer I/O error on dev loop6, logical block 0, async page read
[  166.134465][ T7809] Dev loop6: unable to read RDB block 0
[  166.141943][ T7813] 0-5
[  166.152479][ T7809]  loop6: unable to read partition table
[  166.158491][ T7809] loop_reread_partitions: partition scan of loop6 (3�����) failed (rc=-5)
[  166.184961][ T7813] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.444182][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.542058][    T9] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  166.725610][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  166.781948][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  166.813579][    T9] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  166.851750][    T9] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  166.860923][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  166.913244][    T9] usb 4-1: config 0 descriptor??
[  166.918738][ T7840] 9p: Bad value for 'rfdno'
[  167.081999][ T5925] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  167.242206][ T5925] usb 2-1: Using ep0 maxpacket: 32
[  167.273833][ T5925] usb 2-1: config 0 has an invalid interface number: 51 but max is 0
[  167.293743][ T5925] usb 2-1: config 0 has no interface number 0
[  167.298400][ T7851] Bluetooth: MGMT ver 1.23
[  167.309919][ T5925] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  167.333655][ T5925] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.341756][ T5925] usb 2-1: Product: syz
[  167.381569][    T9] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  167.396166][ T5925] usb 2-1: Manufacturer: syz
[  167.401922][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[  167.402162][   T30] audit: type=1326 audit(1762776022.448:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7853 comm="syz.0.653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13d1f8f6c9 code=0x7ffc0000
[  167.410857][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  167.456666][ T5925] usb 2-1: SerialNumber: syz
[  167.469777][   T30] audit: type=1326 audit(1762776022.448:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7853 comm="syz.0.653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f13d1f2b779 code=0x7ffc0000
[  167.492437][   T30] audit: type=1326 audit(1762776022.448:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7853 comm="syz.0.653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13d1f8f6c9 code=0x7ffc0000
[  167.517268][   T30] audit: type=1326 audit(1762776022.448:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7853 comm="syz.0.653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f13d1f2b779 code=0x7ffc0000
[  167.579289][ T5925] usb 2-1: config 0 descriptor??
[  167.594386][   T30] audit: type=1326 audit(1762776022.448:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7853 comm="syz.0.653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f13d1f2b779 code=0x7ffc0000
[  167.627744][ T5925] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  167.699810][   T30] audit: type=1326 audit(1762776022.448:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7853 comm="syz.0.653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f13d1f2b779 code=0x7ffc0000
[  167.723180][   T30] audit: type=1326 audit(1762776022.448:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7853 comm="syz.0.653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13d1f8f6c9 code=0x7ffc0000
[  167.745665][   T30] audit: type=1326 audit(1762776022.448:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7853 comm="syz.0.653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13d1f8f6c9 code=0x7ffc0000
[  167.771612][   T30] audit: type=1326 audit(1762776022.448:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7853 comm="syz.0.653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13d1f8f6c9 code=0x7ffc0000
[  167.825108][   T30] audit: type=1326 audit(1762776022.468:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7853 comm="syz.0.653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13d1f8f6c9 code=0x7ffc0000
[  167.872473][ T5925] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  167.916012][ T5925] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  168.060375][    C0] quatech-serial ttyUSB0: qt2_process_read_urb - status message too short
[  168.475330][ T7883] loop4: detected capacity change from 0 to 1024
[  168.664495][ T5925] IPVS: starting estimator thread 0...
[  168.756930][ T7891] IPVS: using max 33 ests per chain, 79200 per kthread
[  168.805519][    C0] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71
[  168.813808][    T9] usb 2-1: USB disconnect, device number 6
[  168.831178][    T9] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  168.871494][    T9] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  168.897341][    T9] quatech2 2-1:0.51: device disconnected
[  169.458691][ T5897] usb 4-1: USB disconnect, device number 7
[  169.491346][ T7912] loop3: detected capacity change from 0 to 512
[  169.538157][ T7912] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.582062][ T7912] ext4 filesystem being mounted at /128/w��5�T��)�`)Y�F�nA��@T<�3�ڂ$���r�cnH�<�p�r��>�wC�" ��-������8 supports timestamps until 2038-01-19 (0x7fffffff)
[  169.680485][ T7899] loop1: detected capacity change from 0 to 32768
[  169.692821][ T7899] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.674 (7899)
[  169.696297][ T5833] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.731918][ T7899] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  169.762286][ T7899] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  169.852579][ T7899] BTRFS info (device loop1): enabling ssd optimizations
[  169.862705][ T7899] BTRFS info (device loop1): turning on async discard
[  169.869532][ T7899] BTRFS info (device loop1): enabling free space tree
[  170.264868][ T5824] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  170.451170][ T7950] netlink: 20 bytes leftover after parsing attributes in process `syz.4.689'.
[  170.456368][ T7949] loop3: detected capacity change from 0 to 2048
[  170.565818][ T7953] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  170.796677][ T7957] netlink: 4 bytes leftover after parsing attributes in process `syz.1.690'.
[  171.090577][ T7968] loop4: detected capacity change from 0 to 512
[  171.213764][ T7968] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.337804][ T7968] ext4 filesystem being mounted at /148/w��5�T��)�`)Y�F�nA��@T<�3�ڂ$���r�cnH�<�p�r��>�wC�" ��-������8 supports timestamps until 2038-01-19 (0x7fffffff)
[  171.421419][ T5958] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  171.466774][ T5958] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  171.608890][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.932249][ T7994] netlink: 8 bytes leftover after parsing attributes in process `syz.4.703'.
[  172.452756][ T8005] all (unregistering): Released all slaves
[  172.882507][ T8018] loop3: detected capacity change from 0 to 512
[  172.893916][ T8018] EXT4-fs (loop3): blocks per group (34) and clusters per group (32768) inconsistent
[  173.172564][ T8022] mmap: syz.5.719 (8022) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  173.892024][ T8043] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  173.982694][ T8047] Invalid logical block size (9)
[  174.188529][ T8026] loop3: detected capacity change from 0 to 32768
[  174.213869][ T8052] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  174.431427][ T8034] loop1: detected capacity change from 0 to 32768
[  174.509894][ T8034] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  174.577294][ T8034] XFS (loop1): Ending clean mount
[  174.594839][ T8034] XFS (loop1): Quotacheck needed: Please wait.
[  174.635045][ T8034] XFS (loop1): Quotacheck: Done.
[  174.685128][   T30] kauditd_printk_skb: 37 callbacks suppressed
[  174.685147][   T30] audit: type=1800 audit(1762776029.758:98): pid=8034 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.725" name="file1" dev="loop1" ino=9286 res=0 errno=0
[  174.808528][   T30] audit: type=1800 audit(1762776029.878:99): pid=8034 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.725" name="file1" dev="loop1" ino=9286 res=0 errno=0
[  174.867107][ T5824] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  174.956927][   T30] audit: type=1800 audit(1762776030.028:100): pid=8077 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.742" name="nullb0" dev="tmpfs" ino=764 res=0 errno=0
[  175.395683][ T8093] ptrace attach of "./syz-executor exec"[5833] was attempted by "����                  X   
   0                                                                                                                                                                                                                                                                               
Ė�^T\x0dLr��ם�N�                                                                                                                                                                                                ����                  Y   
   0                                                                                                                                                                                                                                                                               
Ė�^T\x0dLr��ם�N�                                                                                                                        
[  175.425782][ T8091] loop4: detected capacity change from 0 to 4096
[  175.582882][ T8091] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.711759][ T8091] EXT4-fs error (device loop4): ext4_get_first_dir_block:3549: inode #12: block 80: comm syz.4.746: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  175.789292][ T8091] EXT4-fs error (device loop4): ext4_get_first_dir_block:3552: inode #12: comm syz.4.746: directory missing '..'
[  175.899424][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.850927][ T8155] fuse: Bad value for 'fd'
[  176.939623][ T8153] loop3: detected capacity change from 0 to 4096
[  176.994813][ T8161] loop4: detected capacity change from 0 to 512
[  177.018080][ T8153] ntfs3(loop3): ino=5, "/" ntfs_readdir
[  177.293915][ T8177] loop4: detected capacity change from 0 to 64
[  177.331942][    T9] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  177.405424][ T5922] usb 4-1: new full-speed USB device number 8 using dummy_hcd
[  177.454800][ T8187] loop4: detected capacity change from 0 to 64
[  177.492743][   T30] audit: type=1800 audit(1762776032.568:101): pid=8187 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.792" name="file1" dev="loop4" ino=22 res=0 errno=0
[  177.496362][    T9] usb 2-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7
[  177.552396][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.563519][    T9] usb 2-1: Product: syz
[  177.568602][    T9] usb 2-1: Manufacturer: syz
[  177.573539][    T9] usb 2-1: SerialNumber: syz
[  177.593157][    T9] usb 2-1: config 0 descriptor??
[  177.600638][ T5922] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  177.614068][ T5922] usb 4-1: config 1 has no interface number 0
[  177.624209][ T5922] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  177.636452][ T5922] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  177.681960][ T5922] usb 4-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  177.691339][ T5922] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  177.728866][ T5922] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  177.741600][ T5922] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  177.760650][ T5922] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.772010][ T5922] usb 4-1: Product: syz
[  177.776260][ T5922] usb 4-1: Manufacturer: syz
[  177.797849][ T5922] usb 4-1: SerialNumber: syz
[  177.826735][ T8169] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  178.046173][ T8169] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  178.272082][ T8169] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  178.656870][    T9] usb 2-1: f81604_read: reg: 100f failed: -EPROTO
[  178.684721][ T8169] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  178.690232][    T9] usb 2-1: f81604_read: reg: 200f failed: -EPROTO
[  178.705452][ T5922] cdc_ncm 4-1:1.1: bind() failure
[  178.731885][    T9] usb 2-1: USB disconnect, device number 7
[  178.747023][    T9] usb 2-1: f81604_read: reg: 100f failed: -ENODEV
[  178.806448][    T9] usb 2-1: f81604_read: reg: 200f failed: -ENODEV
[  178.906303][ T5897] usb 4-1: USB disconnect, device number 8
[  179.242580][ T8249] syzkaller1: entered promiscuous mode
[  179.248120][ T8249] syzkaller1: entered allmulticast mode
[  179.609553][ T8260] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  179.661911][ T8260] overlayfs: maximum fs stacking depth exceeded
[  179.801388][ T8258] loop4: detected capacity change from 0 to 8192
[  181.087465][ T8268] loop3: detected capacity change from 0 to 131072
[  181.165891][ T8268] F2FS-fs (loop3): invalid crc value
[  181.260913][ T8268] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  181.277512][ T8268] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  181.295458][ T8268] F2FS-fs (loop3): lookup inode (7) has corrupted xattr
[  181.309071][   T30] audit: type=1800 audit(1762776036.378:102): pid=8268 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.831" name="file1" dev="loop3" ino=7 res=0 errno=0
[  181.330884][ T8268] F2FS-fs (loop3): lookup inode (7) has corrupted xattr
[  181.334366][ T8272] loop1: detected capacity change from 0 to 32768
[  182.418233][ T8301] loop4: detected capacity change from 0 to 32768
[  182.456889][ T8301] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.846 (8301)
[  182.501983][ T8301] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  182.524233][ T8301] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  182.683855][ T8301] BTRFS info (device loop4): enabling ssd optimizations
[  182.721907][ T8301] BTRFS info (device loop4): turning on async discard
[  182.728747][ T8301] BTRFS info (device loop4): enabling free space tree
[  182.873124][ T5830] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  183.310002][ T8353] netlink: 4 bytes leftover after parsing attributes in process `syz.0.862'.
[  183.340416][ T8339] loop3: detected capacity change from 0 to 32768
[  183.364970][ T8355] netlink: 36 bytes leftover after parsing attributes in process `syz.1.863'.
[  183.374351][ T8339] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.842 (8339)
[  183.404530][ T8339] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  183.435490][ T8339] BTRFS info (device loop3): using blake2b (blake2b-256-lib) checksum algorithm
[  183.536978][ T8365] syzkaller1: entered promiscuous mode
[  183.552765][ T8365] syzkaller1: entered allmulticast mode
[  183.588348][ T8339] BTRFS info (device loop3): enabling ssd optimizations
[  183.605873][ T8339] BTRFS info (device loop3): turning on async discard
[  183.621928][ T8339] BTRFS info (device loop3): enabling free space tree
[  183.641983][ T8339] BTRFS info (device loop3): use zstd compression, level 3
[  184.073854][ T5833] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  184.301950][ T5897] usb 2-1: new full-speed USB device number 8 using dummy_hcd
[  184.502574][ T5897] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  184.526756][ T5897] usb 2-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  184.584599][ T5897] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.642890][ T5897] usb 2-1: config 0 descriptor??
[  184.669860][ T8383] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  185.177387][ T5897] elan 0003:04F3:0755.0009: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.1-1/input0
[  185.376378][ T5897] usb 2-1: USB disconnect, device number 8
[  185.631701][ T8419] loop4: detected capacity change from 0 to 1024
[  185.657650][ T8419] EXT4-fs: inline encryption not supported
[  185.664071][ T8419] EXT4-fs: Ignoring removed nobh option
[  185.669792][ T8419] EXT4-fs: Ignoring removed bh option
[  185.711590][ T8419] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  185.813616][ T8429] netlink: 7064 bytes leftover after parsing attributes in process `syz.0.888'.
[  185.827003][ T5830] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.956127][ T8432]  nullb0: [POWERTEC] p1
[  185.964275][ T8433] netlink: 80 bytes leftover after parsing attributes in process `syz.0.890'.
[  186.002552][ T8433] netlink: 80 bytes leftover after parsing attributes in process `syz.0.890'.
[  186.710150][ T8437] loop4: detected capacity change from 0 to 32768
[  186.721946][ T8437] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.892 (8437)
[  186.745284][ T8437] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  186.765301][ T8437] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  186.798539][ T8435] loop1: detected capacity change from 0 to 32768
[  186.833358][ T8435] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  186.889646][ T8435] XFS (loop1): Ending clean mount
[  186.900090][ T8437] BTRFS info (device loop4): rebuilding free space tree
[  186.934428][ T8437] BTRFS info (device loop4): disabling free space tree
[  186.941407][ T8437] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  186.955329][ T8437] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  186.988240][ T8437] BTRFS info (device loop4): enabling ssd optimizations
[  186.996293][ T8437] BTRFS info (device loop4): turning on async discard
[  186.996603][ T5824] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  187.014240][ T8437] BTRFS info (device loop4): force clearing of disk cache
[  187.021508][ T8437] BTRFS info (device loop4): enabling auto defrag
[  187.029175][ T8437] BTRFS info (device loop4): max_inline set to 4096
[  187.298961][ T5830] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  187.675155][ T8492] vivid-003: =================  START STATUS  =================
[  187.695702][ T8492] vivid-003: Radio HW Seek Mode: Bounded
[  187.724990][ T8492] vivid-003: Radio Programmable HW Seek: false
[  187.737568][ T8492] vivid-003: RDS Rx I/O Mode: Block I/O
[  187.750865][ T8492] vivid-003: Generate RBDS Instead of RDS: false
[  187.768289][ T8492] vivid-003: RDS Reception: true
[  187.786411][ T8492] vivid-003: RDS Program Type: 0 inactive
[  187.805215][ T8492] vivid-003: RDS PS Name:  inactive
[  187.820956][ T8492] vivid-003: RDS Radio Text:  inactive
[  187.854205][ T8492] vivid-003: RDS Traffic Announcement: false inactive
[  187.861078][ T8492] vivid-003: RDS Traffic Program: false inactive
[  187.881978][ T8492] vivid-003: RDS Music: false inactive
[  187.890547][ T8492] vivid-003: ==================  END STATUS  ==================
[  188.289159][ T8520] batadv_slave_1: entered promiscuous mode
[  188.303847][ T8520] veth0: entered promiscuous mode
[  188.317684][ T8518] veth0: left promiscuous mode
[  188.329105][ T8518] batadv_slave_1: left promiscuous mode
[  189.037383][ T8513] loop3: detected capacity change from 0 to 32768
[  189.047859][ T8540] netlink: 64 bytes leftover after parsing attributes in process `syz.5.929'.
[  189.062182][ T8513] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.917 (8513)
[  189.092214][ T8513] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  189.120508][ T8513] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm
[  189.139660][ T8513] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  189.264127][ T8513] BTRFS info (device loop3): rebuilding free space tree
[  189.284783][ T8513] BTRFS info (device loop3): disabling free space tree
[  189.304749][ T8513] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  189.314796][ T8513] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  189.344766][ T8513] BTRFS info (device loop3): allowing degraded mounts
[  189.385098][ T8513] BTRFS info (device loop3): enabling ssd optimizations
[  189.392630][ T8513] BTRFS info (device loop3): turning on async discard
[  189.402913][ T8513] BTRFS info (device loop3): enabling disk space caching
[  189.410569][ T8513] BTRFS info (device loop3): force clearing of disk cache
[  189.422038][ T8513] BTRFS info (device loop3): use zlib compression, level 3
[  189.598694][ T5833] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  190.304108][ T8578] netlink: 104 bytes leftover after parsing attributes in process `syz.3.940'.
[  190.379354][ T8560] loop4: detected capacity change from 0 to 32768
[  190.446678][ T8560] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  190.564128][ T8560] XFS (loop4): Ending clean mount
[  190.607501][ T8560] XFS (loop4): Quotacheck needed: Please wait.
[  190.687622][ T8560] XFS (loop4): Quotacheck: Done.
[  190.760971][ T8570] loop1: detected capacity change from 0 to 32768
[  190.787941][ T5830] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  190.810208][ T8570] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  190.894481][ T8570] XFS (loop1): Ending clean mount
[  190.907867][ T8570] XFS (loop1): Quotacheck needed: Please wait.
[  191.078346][ T8570] XFS (loop1): Quotacheck: Done.
[  191.176727][ T5824] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  191.837885][ T8621] loop3: detected capacity change from 0 to 4096
[  191.868121][ T8621] EXT4-fs (loop3): Test dummy encryption mode enabled
[  191.895254][ T8621] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  191.928112][ T8621] System zones: 0-5
[  191.953434][ T8621] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.257618][ T5833] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.595126][ T8634] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[  192.799009][ T8634] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[  192.868121][ T8634] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[  192.872634][ T8637] netlink: 'syz.1.958': attribute type 83 has an invalid length.
[  192.930147][ T8634] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[  192.989762][ T8634] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[  193.026721][ T8634] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[  193.054661][ T8634] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[  193.083477][ T8634] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[  193.093482][ T8634] UDF-fs: warning (device nbd3): udf_fill_super: No partition found (1)
[  193.319528][ T8629] loop4: detected capacity change from 0 to 32768
[  193.366313][ T8629] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  193.384461][ T8629] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  193.482646][ T8629] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  193.516307][    T9] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  193.538577][    T9] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  193.731934][ T5143] Bluetooth: hci2: link tx timeout
[  193.739165][ T5143] Bluetooth: hci2: killing stalled connection 10:aa:aa:aa:aa:aa
[  193.750908][ T5143] Bluetooth: hci2: link tx timeout
[  193.756128][ T5143] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  193.768687][    T9] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 230ms
[  193.777861][    T9] gfs2: fsid=syz:syz.0: jid=0: Done
[  193.785568][ T8629] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  194.481029][ T8653] loop1: detected capacity change from 0 to 32768
[  194.542015][ T8653] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.965 (8653)
[  194.566193][ T8653] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  194.591914][ T8653] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  194.687061][ T8693] pim6reg: entered allmulticast mode
[  194.706080][ T8693] pim6reg: left allmulticast mode
[  194.714987][ T8653] BTRFS info (device loop1): enabling ssd optimizations
[  194.731236][ T8653] BTRFS info (device loop1): turning on async discard
[  194.749238][ T8653] BTRFS info (device loop1): enabling free space tree
[  194.805930][ T8667] loop3: detected capacity change from 0 to 40427
[  194.815420][ T8667] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[  194.824988][ T8667] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  194.836517][ T8667] F2FS-fs (loop3): invalid crc value
[  195.000932][ T5824] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  195.033819][ T8667] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  195.068923][ T8667] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  195.080210][ T8667] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  195.252058][ T5833] syz-executor: attempt to access beyond end of device
[  195.252058][ T5833] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  195.293373][ T5833] CPU: 0 UID: 0 PID: 5833 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  195.293402][ T5833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  195.293413][ T5833] Call Trace:
[  195.293421][ T5833]  <TASK>
[  195.293429][ T5833]  dump_stack_lvl+0x189/0x250
[  195.293466][ T5833]  ? __pfx_dump_stack_lvl+0x10/0x10
[  195.293493][ T5833]  ? __pfx_queue_work_on+0x10/0x10
[  195.293517][ T5833]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  195.293544][ T5833]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  195.293581][ T5833]  f2fs_handle_critical_error+0x37c/0x540
[  195.293617][ T5833]  f2fs_write_end_io+0x886/0xb60
[  195.293655][ T5833]  __submit_merged_bio+0x27a/0x6a0
[  195.293690][ T5833]  __submit_merged_write_cond+0x255/0x530
[  195.293725][ T5833]  f2fs_write_data_pages+0x261d/0x3000
[  195.293778][ T5833]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  195.293809][ T5833]  ? is_bpf_text_address+0x292/0x2b0
[  195.293857][ T5833]  ? __mod_zone_page_state+0xd7/0x140
[  195.293896][ T5833]  ? folios_put_refs+0x58b/0x670
[  195.293939][ T5833]  ? __lock_acquire+0xab9/0xd20
[  195.293972][ T5833]  ? do_raw_spin_lock+0x121/0x290
[  195.294001][ T5833]  ? do_raw_spin_unlock+0x122/0x240
[  195.294020][ T5833]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  195.294041][ T5833]  do_writepages+0x32e/0x550
[  195.294078][ T5833]  ? do_raw_spin_unlock+0x122/0x240
[  195.294101][ T5833]  filemap_fdatawrite+0x199/0x240
[  195.294128][ T5833]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  195.294202][ T5833]  ? do_raw_spin_unlock+0x122/0x240
[  195.294226][ T5833]  f2fs_sync_dirty_inodes+0x31f/0x830
[  195.294261][ T5833]  f2fs_write_checkpoint+0x93e/0x2440
[  195.294282][ T5833]  ? __lock_acquire+0xab9/0xd20
[  195.294333][ T5833]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  195.294412][ T5833]  kill_f2fs_super+0x2cc/0x6d0
[  195.294439][ T5833]  ? __pfx_kill_f2fs_super+0x10/0x10
[  195.294478][ T5833]  ? shrinker_free+0x2ce/0x3e0
[  195.294505][ T5833]  deactivate_locked_super+0xbc/0x130
[  195.294529][ T5833]  cleanup_mnt+0x425/0x4c0
[  195.294548][ T5833]  ? lockdep_hardirqs_on+0x9c/0x150
[  195.294579][ T5833]  task_work_run+0x1d4/0x260
[  195.294602][ T5833]  ? __pfx_task_work_run+0x10/0x10
[  195.294627][ T5833]  ? exit_to_user_mode_loop+0x55/0x4f0
[  195.294655][ T5833]  exit_to_user_mode_loop+0xff/0x4f0
[  195.294681][ T5833]  ? rcu_is_watching+0x15/0xb0
[  195.294713][ T5833]  do_syscall_64+0x2e9/0xfa0
[  195.294742][ T5833]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.294760][ T5833]  ? clear_bhb_loop+0x60/0xb0
[  195.294784][ T5833]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.294802][ T5833] RIP: 0033:0x7f9c36b909f7
[  195.294820][ T5833] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  195.294836][ T5833] RSP: 002b:00007fff24926378 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  195.294857][ T5833] RAX: 0000000000000000 RBX: 00007f9c36c11d7d RCX: 00007f9c36b909f7
[  195.294870][ T5833] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff24926430
[  195.294881][ T5833] RBP: 00007fff24926430 R08: 0000000000000000 R09: 0000000000000000
[  195.294893][ T5833] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff249274c0
[  195.294905][ T5833] R13: 00007f9c36c11d7d R14: 000000000002fa38 R15: 00007fff24927500
[  195.294945][ T5833]  </TASK>
[  195.294954][ T5833] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  195.785572][ T5143] Bluetooth: hci2: command 0x0406 tx timeout
[  195.895229][ T8740] loop1: detected capacity change from 0 to 256
[  195.955128][ T8740] exFAT-fs (loop1): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d)
[  196.218640][ T8744] netlink: 20 bytes leftover after parsing attributes in process `syz.1.998'.
[  196.617347][ T8754] loop1: detected capacity change from 0 to 1024
[  196.714369][ T8754] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  196.800171][   T30] audit: type=1326 audit(1762776051.868:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8764 comm="syz.3.1007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c36b8f6c9 code=0x7ffc0000
[  196.842078][   T30] audit: type=1326 audit(1762776051.908:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8764 comm="syz.3.1007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f9c36b8f6c9 code=0x7ffc0000
[  196.881978][   T30] audit: type=1326 audit(1762776051.908:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8764 comm="syz.3.1007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c36b8f6c9 code=0x7ffc0000
[  196.941986][   T30] audit: type=1326 audit(1762776051.908:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8764 comm="syz.3.1007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c36b8f6c9 code=0x7ffc0000
[  196.981060][ T5824] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.992085][   T30] audit: type=1326 audit(1762776051.908:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8764 comm="syz.3.1007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=232 compat=0 ip=0x7f9c36b8f6c9 code=0x7ffc0000
[  197.077391][   T30] audit: type=1326 audit(1762776051.978:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8764 comm="syz.3.1007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c36b8f6c9 code=0x7ffc0000
[  197.117831][   T30] audit: type=1326 audit(1762776051.978:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8764 comm="syz.3.1007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c36b8f6c9 code=0x7ffc0000
[  197.401577][ T8759] loop4: detected capacity change from 0 to 32768
[  197.430680][ T8759] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1004 (8759)
[  197.580396][ T8759] BTRFS info (device loop4): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[  197.645395][ T8759] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  197.802357][ T8759] BTRFS info (device loop4): turning off barriers
[  197.808886][ T8759] BTRFS info (device loop4): enabling free space tree
[  197.941917][ T5143] Bluetooth: hci2: command 0x0406 tx timeout
[  197.999535][ T8810] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  198.069480][ T5830] BTRFS info (device loop4): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[  198.159791][ T8818] loop1: detected capacity change from 0 to 128
[  198.205189][ T8818] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  198.227372][ T5997] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  198.691845][   T30] audit: type=1326 audit(1762776053.758:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8837 comm="syz.3.1031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c36b8f6c9 code=0x7ffc0000
[  198.781960][   T30] audit: type=1326 audit(1762776053.758:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8837 comm="syz.3.1031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c36b8f6c9 code=0x7ffc0000
[  198.850259][   T30] audit: type=1326 audit(1762776053.788:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8837 comm="syz.3.1031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=137 compat=0 ip=0x7f9c36b8f6c9 code=0x7ffc0000
[  198.858028][ T8848] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1036'.
[  198.903324][ T8848] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1036'.
[  199.118588][ T8861] netlink: 'syz.5.1042': attribute type 12 has an invalid length.
[  199.142837][ T8861] netlink: 'syz.5.1042': attribute type 29 has an invalid length.
[  199.150715][ T8861] netlink: 148 bytes leftover after parsing attributes in process `syz.5.1042'.
[  199.212144][ T8861] netlink: 'syz.5.1042': attribute type 1 has an invalid length.
[  199.220007][ T8861] netlink: 'syz.5.1042': attribute type 1 has an invalid length.
[  199.626769][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  199.642017][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  199.914687][ T8853] loop4: detected capacity change from 0 to 32768
[  199.982794][ T8853] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  200.111975][ T8853] XFS (loop4): Ending clean mount
[  200.161284][ T8867] loop3: detected capacity change from 0 to 40427
[  200.178737][ T8867] F2FS-fs (loop3): build fault injection rate: 771
[  200.184515][ T8853] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  200.190180][ T8867] F2FS-fs (loop3): invalid crc value
[  200.447498][ T8867] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  200.483143][ T8867] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  200.732406][ T5833] syz-executor: attempt to access beyond end of device
[  200.732406][ T5833] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  200.766785][ T5833] CPU: 0 UID: 0 PID: 5833 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  200.766817][ T5833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  200.766830][ T5833] Call Trace:
[  200.766839][ T5833]  <TASK>
[  200.766848][ T5833]  dump_stack_lvl+0x189/0x250
[  200.766888][ T5833]  ? __pfx_dump_stack_lvl+0x10/0x10
[  200.766921][ T5833]  ? __pfx_queue_work_on+0x10/0x10
[  200.766947][ T5833]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  200.766978][ T5833]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  200.767020][ T5833]  f2fs_handle_critical_error+0x37c/0x540
[  200.767061][ T5833]  f2fs_write_end_io+0x886/0xb60
[  200.767101][ T5833]  __submit_merged_bio+0x27a/0x6a0
[  200.767141][ T5833]  __submit_merged_write_cond+0x255/0x530
[  200.767180][ T5833]  f2fs_write_data_pages+0x261d/0x3000
[  200.767239][ T5833]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  200.767280][ T5833]  ? is_bpf_text_address+0x292/0x2b0
[  200.767330][ T5833]  ? __mod_zone_page_state+0xd7/0x140
[  200.767374][ T5833]  ? folios_put_refs+0x58b/0x670
[  200.767415][ T5833]  ? __lock_acquire+0xab9/0xd20
[  200.767450][ T5833]  ? do_raw_spin_lock+0x121/0x290
[  200.767483][ T5833]  ? do_raw_spin_unlock+0x122/0x240
[  200.767504][ T5833]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  200.767527][ T5833]  do_writepages+0x32e/0x550
[  200.767562][ T5833]  ? do_raw_spin_unlock+0x122/0x240
[  200.767583][ T5833]  filemap_fdatawrite+0x199/0x240
[  200.767607][ T5833]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  200.767676][ T5833]  ? do_raw_spin_unlock+0x122/0x240
[  200.767697][ T5833]  f2fs_sync_dirty_inodes+0x31f/0x830
[  200.767728][ T5833]  f2fs_write_checkpoint+0x93e/0x2440
[  200.767746][ T5833]  ? stack_depot_save_flags+0x40/0x860
[  200.767790][ T5833]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  200.767841][ T5833]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  200.767859][ T5833]  ? kfree+0x19a/0x6e0
[  200.767892][ T5833]  kill_f2fs_super+0x2cc/0x6d0
[  200.767917][ T5833]  ? __pfx_kill_f2fs_super+0x10/0x10
[  200.767951][ T5833]  ? shrinker_free+0x2ce/0x3e0
[  200.767974][ T5833]  deactivate_locked_super+0xbc/0x130
[  200.767994][ T5833]  cleanup_mnt+0x425/0x4c0
[  200.768011][ T5833]  ? lockdep_hardirqs_on+0x9c/0x150
[  200.768039][ T5833]  task_work_run+0x1d4/0x260
[  200.768060][ T5833]  ? __pfx_task_work_run+0x10/0x10
[  200.768081][ T5833]  ? exit_to_user_mode_loop+0x55/0x4f0
[  200.768106][ T5833]  exit_to_user_mode_loop+0xff/0x4f0
[  200.768126][ T5833]  ? rcu_is_watching+0x15/0xb0
[  200.768154][ T5833]  do_syscall_64+0x2e9/0xfa0
[  200.768179][ T5833]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.768195][ T5833]  ? clear_bhb_loop+0x60/0xb0
[  200.768215][ T5833]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.768231][ T5833] RIP: 0033:0x7f9c36b909f7
[  200.768247][ T5833] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  200.768261][ T5833] RSP: 002b:00007fff24926378 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  200.768280][ T5833] RAX: 0000000000000000 RBX: 00007f9c36c11d7d RCX: 00007f9c36b909f7
[  200.768291][ T5833] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff24926430
[  200.768302][ T5833] RBP: 00007fff24926430 R08: 0000000000000000 R09: 0000000000000000
[  200.768312][ T5833] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff249274c0
[  200.768323][ T5833] R13: 00007f9c36c11d7d R14: 0000000000030fd2 R15: 00007fff24927500
[  200.768351][ T5833]  </TASK>
[  200.770670][ T5833] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  201.532973][ T8903] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1057'.
[  201.817892][ T8899] loop1: detected capacity change from 0 to 40427
[  201.894647][ T8899] F2FS-fs (loop1): invalid crc value
[  201.950190][ T8917] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1063'.
[  202.035191][ T8899] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  202.073663][ T8899] F2FS-fs (loop1): Start checkpoint disabled!
[  202.084223][ T8899] F2FS-fs (loop1): f2fs_disable_checkpoint() finish, err:0
[  202.107586][ T8899] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  202.190690][ T5997] kworker/u8:7: attempt to access beyond end of device
[  202.190690][ T5997] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  202.212376][ T5997] CPU: 0 UID: 0 PID: 5997 Comm: kworker/u8:7 Not tainted syzkaller #0 PREEMPT(full) 
[  202.212406][ T5997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  202.212420][ T5997] Workqueue: writeback wb_workfn (flush-7:1)
[  202.212450][ T5997] Call Trace:
[  202.212457][ T5997]  <TASK>
[  202.212466][ T5997]  dump_stack_lvl+0x189/0x250
[  202.212503][ T5997]  ? __pfx_dump_stack_lvl+0x10/0x10
[  202.212533][ T5997]  ? __pfx_queue_work_on+0x10/0x10
[  202.212559][ T5997]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  202.212587][ T5997]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  202.212640][ T5997]  f2fs_handle_critical_error+0x37c/0x540
[  202.212680][ T5997]  f2fs_write_end_io+0x886/0xb60
[  202.212724][ T5997]  __submit_merged_bio+0x27a/0x6a0
[  202.212763][ T5997]  __submit_merged_write_cond+0x255/0x530
[  202.212804][ T5997]  f2fs_write_data_pages+0x261d/0x3000
[  202.212869][ T5997]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  202.212911][ T5997]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  202.212981][ T5997]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  202.213014][ T5997]  ? register_lock_class+0x51/0x320
[  202.213053][ T5997]  ? trace_f2fs_writepages+0x7f/0x200
[  202.213086][ T5997]  ? f2fs_write_node_pages+0x478/0x6e0
[  202.213123][ T5997]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  202.213173][ T5997]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  202.213196][ T5997]  do_writepages+0x32e/0x550
[  202.213234][ T5997]  ? reacquire_held_locks+0x127/0x1d0
[  202.213264][ T5997]  ? writeback_sb_inodes+0x3bc/0x1950
[  202.213303][ T5997]  __writeback_single_inode+0x143/0x12d0
[  202.213332][ T5997]  ? do_raw_spin_unlock+0x122/0x240
[  202.213358][ T5997]  writeback_sb_inodes+0x984/0x1950
[  202.213425][ T5997]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  202.213507][ T5997]  ? rcu_is_watching+0x15/0xb0
[  202.213549][ T5997]  wb_writeback+0x43b/0xaf0
[  202.213587][ T5997]  ? queue_io+0x3c1/0x590
[  202.213627][ T5997]  ? __pfx_wb_writeback+0x10/0x10
[  202.213665][ T5997]  ? _raw_spin_unlock_irq+0x23/0x50
[  202.213700][ T5997]  wb_workfn+0x409/0xef0
[  202.213743][ T5997]  ? __pfx_wb_workfn+0x10/0x10
[  202.213772][ T5997]  ? __lock_acquire+0xab9/0xd20
[  202.213814][ T5997]  ? process_one_work+0x868/0x15d0
[  202.213850][ T5997]  ? _raw_spin_unlock_irq+0x23/0x50
[  202.213884][ T5997]  ? process_one_work+0x868/0x15d0
[  202.213908][ T5997]  process_one_work+0x94a/0x15d0
[  202.213932][ T5997]  ? __lock_acquire+0xab9/0xd20
[  202.213985][ T5997]  ? __pfx_process_one_work+0x10/0x10
[  202.214022][ T5997]  ? assign_work+0x3a1/0x410
[  202.214055][ T5997]  worker_thread+0x9b0/0xee0
[  202.214119][ T5997]  kthread+0x711/0x8a0
[  202.214144][ T5997]  ? __pfx_worker_thread+0x10/0x10
[  202.214171][ T5997]  ? __pfx_kthread+0x10/0x10
[  202.214194][ T5997]  ? _raw_spin_unlock_irq+0x23/0x50
[  202.214220][ T5997]  ? lockdep_hardirqs_on+0x9c/0x150
[  202.214248][ T5997]  ? __pfx_kthread+0x10/0x10
[  202.214270][ T5997]  ret_from_fork+0x599/0xb30
[  202.214300][ T5997]  ? __pfx_ret_from_fork+0x10/0x10
[  202.214343][ T5997]  ? __switch_to_asm+0x39/0x70
[  202.214363][ T5997]  ? __switch_to_asm+0x33/0x70
[  202.214382][ T5997]  ? __pfx_kthread+0x10/0x10
[  202.214404][ T5997]  ret_from_fork_asm+0x1a/0x30
[  202.214450][ T5997]  </TASK>
[  202.214460][ T5997] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  202.341957][  T793] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  202.669992][ T8944] capability: warning: `syz.4.1076' uses deprecated v2 capabilities in a way that may be insecure
[  202.694141][  T793] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  202.708785][  T793] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  202.719750][ T8944] overlayfs: upper fs does not support tmpfile.
[  202.745191][  T793] usb 4-1: config 0 descriptor??
[  202.764468][  T793] cp210x 4-1:0.0: cp210x converter detected
[  202.820376][   T30] kauditd_printk_skb: 9 callbacks suppressed
[  202.820396][   T30] audit: type=1326 audit(1762776057.888:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8948 comm="syz.5.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb032d8f6c9 code=0x7ffc0000
[  202.863012][   T30] audit: type=1326 audit(1762776057.888:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8948 comm="syz.5.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb032d8f6c9 code=0x7ffc0000
[  202.952266][   T30] audit: type=1326 audit(1762776057.948:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8948 comm="syz.5.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7fb032d8f6c9 code=0x7ffc0000
[  202.993493][   T30] audit: type=1326 audit(1762776057.948:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8948 comm="syz.5.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb032d8f6c9 code=0x7ffc0000
[  203.056709][   T30] audit: type=1326 audit(1762776057.948:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8948 comm="syz.5.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb032d8f6c9 code=0x7ffc0000
[  203.079272][   T30] audit: type=1326 audit(1762776057.968:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8948 comm="syz.5.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7fb032d8f6c9 code=0x7ffc0000
[  203.102375][   T30] audit: type=1326 audit(1762776057.968:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8948 comm="syz.5.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb032d8f6c9 code=0x7ffc0000
[  203.156539][   T30] audit: type=1326 audit(1762776057.968:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8948 comm="syz.5.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7fb032d8f6c9 code=0x7ffc0000
[  203.181684][   T30] audit: type=1326 audit(1762776057.968:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8948 comm="syz.5.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb032d8f6c9 code=0x7ffc0000
[  203.189652][  T793] usb 4-1: cp210x converter now attached to ttyUSB0
[  203.208638][   T30] audit: type=1326 audit(1762776057.968:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8948 comm="syz.5.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=260 compat=0 ip=0x7fb032d8f6c9 code=0x7ffc0000
[  203.386439][   T10] usb 4-1: USB disconnect, device number 9
[  203.396777][   T10] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  203.425859][ T8966] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1085'.
[  203.445606][ T8960] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  203.463703][ T8960] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  203.464751][   T10] cp210x 4-1:0.0: device disconnected
[  203.489557][ T8960] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  203.504392][ T8960] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  203.511393][ T8960] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  203.519853][ T8960] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  203.533016][ T8960] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  203.541364][ T8960] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  203.558431][ T8960] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  203.567388][ T8960] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  203.578909][ T8960] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  203.598225][ T8960] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  203.624506][ T8960] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  203.639220][ T8960] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  204.226307][ T8991] input: syz1 as /devices/virtual/input/input12
[  204.235940][ T8991] input: failed to attach handler leds to device input12, error: -6
[  204.244784][ T5897] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  204.406323][ T5897] usb 4-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  204.432030][ T5897] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  204.453507][ T5897] usb 4-1: config 0 descriptor??
[  204.547405][ T9008] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  204.698726][ T9013] netlink: 180 bytes leftover after parsing attributes in process `syz.5.1106'.
[  204.718164][ T9013] netlink: 180 bytes leftover after parsing attributes in process `syz.5.1106'.
[  204.888083][ T5897] hid-multitouch 0003:1FD2:6007.000A: unknown main item tag 0x0
[  204.902508][ T5897] hid-multitouch 0003:1FD2:6007.000A: unknown main item tag 0x0
[  204.910441][ T5897] hid-multitouch 0003:1FD2:6007.000A: unknown main item tag 0x0
[  204.934054][ T5897] hid-multitouch 0003:1FD2:6007.000A: unknown main item tag 0x0
[  204.955533][ T5897] hid-multitouch 0003:1FD2:6007.000A: unknown main item tag 0x0
[  205.000162][ T5897] hid-multitouch 0003:1FD2:6007.000A: hidraw0: USB HID v1.01 Device [HID 1fd2:6007] on usb-dummy_hcd.3-1/input0
[  205.124936][ T9025] loop1: detected capacity change from 0 to 1024
[  205.163575][    T9] usb 4-1: USB disconnect, device number 10
[  205.251747][ T9003] loop4: detected capacity change from 0 to 40427
[  205.282186][ T9003] F2FS-fs (loop4): Image doesn't support compression
[  205.289211][ T9003] F2FS-fs (loop4): build fault injection rate: 690
[  205.318395][ T9003] F2FS-fs (loop4): invalid crc value
[  205.381979][   T52] Bluetooth: hci0: command 0x0c1a tx timeout
[  205.414948][ T9003] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  205.425948][ T9003] F2FS-fs (loop4): Start checkpoint disabled!
[  205.453381][ T9003] F2FS-fs (loop4): f2fs_disable_checkpoint() finish, err:0
[  205.470986][ T9003] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  205.522138][  T793] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  205.536279][   T36] kworker/u8:2: attempt to access beyond end of device
[  205.536279][   T36] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  205.542361][   T52] Bluetooth: hci3: command 0x0c1a tx timeout
[  205.551200][ T5143] Bluetooth: hci1: command 0x0c1a tx timeout
[  205.556870][   T36] CPU: 0 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted syzkaller #0 PREEMPT(full) 
[  205.556901][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  205.556918][   T36] Workqueue: writeback wb_workfn (flush-7:4)
[  205.556953][   T36] Call Trace:
[  205.556963][   T36]  <TASK>
[  205.556976][   T36]  dump_stack_lvl+0x189/0x250
[  205.557020][   T36]  ? __pfx_dump_stack_lvl+0x10/0x10
[  205.557057][   T36]  ? __pfx_queue_work_on+0x10/0x10
[  205.557087][   T36]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  205.557137][   T36]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  205.557187][   T36]  f2fs_handle_critical_error+0x37c/0x540
[  205.557234][   T36]  f2fs_write_end_io+0x886/0xb60
[  205.557287][   T36]  __submit_merged_bio+0x27a/0x6a0
[  205.557334][   T36]  __submit_merged_write_cond+0x255/0x530
[  205.557380][   T36]  f2fs_write_data_pages+0x261d/0x3000
[  205.557472][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  205.557518][   T36]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  205.557605][   T36]  ? rcu_read_lock_sched_held+0x89/0x100
[  205.557658][   T36]  ? __lock_acquire+0xab9/0xd20
[  205.557731][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  205.557758][   T36]  do_writepages+0x32e/0x550
[  205.557802][   T36]  ? reacquire_held_locks+0x127/0x1d0
[  205.557835][   T36]  ? writeback_sb_inodes+0x3bc/0x1950
[  205.557877][   T36]  __writeback_single_inode+0x143/0x12d0
[  205.557911][   T36]  ? do_raw_spin_unlock+0x122/0x240
[  205.557943][   T36]  writeback_sb_inodes+0x984/0x1950
[  205.558020][   T36]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  205.558122][   T36]  ? rcu_is_watching+0x15/0xb0
[  205.558173][   T36]  wb_writeback+0x43b/0xaf0
[  205.558219][   T36]  ? queue_io+0x3c1/0x590
[  205.558255][   T36]  ? __pfx_wb_writeback+0x10/0x10
[  205.558298][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  205.558338][   T36]  wb_workfn+0x409/0xef0
[  205.558387][   T36]  ? __pfx_wb_workfn+0x10/0x10
[  205.558420][   T36]  ? __lock_acquire+0xab9/0xd20
[  205.558467][   T36]  ? process_one_work+0x868/0x15d0
[  205.558506][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  205.558543][   T36]  ? process_one_work+0x868/0x15d0
[  205.558570][   T36]  process_one_work+0x94a/0x15d0
[  205.558598][   T36]  ? __lock_acquire+0xab9/0xd20
[  205.558660][   T36]  ? __pfx_process_one_work+0x10/0x10
[  205.558705][   T36]  ? assign_work+0x3a1/0x410
[  205.558743][   T36]  worker_thread+0x9b0/0xee0
[  205.558813][   T36]  kthread+0x711/0x8a0
[  205.558841][   T36]  ? __pfx_worker_thread+0x10/0x10
[  205.558872][   T36]  ? __pfx_kthread+0x10/0x10
[  205.558897][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  205.558928][   T36]  ? lockdep_hardirqs_on+0x9c/0x150
[  205.558960][   T36]  ? __pfx_kthread+0x10/0x10
[  205.558984][   T36]  ret_from_fork+0x599/0xb30
[  205.559018][   T36]  ? __pfx_ret_from_fork+0x10/0x10
[  205.559064][   T36]  ? __switch_to_asm+0x39/0x70
[  205.559087][   T36]  ? __switch_to_asm+0x33/0x70
[  205.559115][   T36]  ? __pfx_kthread+0x10/0x10
[  205.559140][   T36]  ret_from_fork_asm+0x1a/0x30
[  205.559191][   T36]  </TASK>
[  205.559201][   T36] F2FS-fs (loop4): Remounting filesystem read-only
[  205.621513][ T5143] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  205.625760][   T52] Bluetooth: hci4: command 0x0405 tx timeout
[  205.702179][   T52] Bluetooth: hci2: command 0x0406 tx timeout
[  205.732010][  T793] usb 2-1: Using ep0 maxpacket: 32
[  205.963770][  T793] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[  205.982036][  T793] usb 2-1: config 0 has no interface number 0
[  205.990696][  T793] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  206.022388][  T793] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  206.030449][  T793] usb 2-1: Product: syz
[  206.061842][  T793] usb 2-1: Manufacturer: syz
[  206.066505][  T793] usb 2-1: SerialNumber: syz
[  206.084724][  T793] usb 2-1: config 0 descriptor??
[  206.103672][  T793] smsc95xx v2.0.0
[  206.370941][ T9061] raw_sendmsg: syz.4.1126 forgot to set AF_INET. Fix it!
[  206.513252][  T793] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  206.556219][  T793] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  206.987712][  T793] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000108: -71
[  207.016434][  T793] smsc95xx 2-1:0.67: probe with driver smsc95xx failed with error -71
[  207.043001][  T793] usb 2-1: USB disconnect, device number 9
[  207.126544][ T9076] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  207.135504][ T9076] batman_adv: batadv0: Removing interface: batadv_slave_0
[  207.148724][ T9076] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  207.166464][ T9076] batman_adv: batadv0: Removing interface: batadv_slave_1
[  207.462442][   T52] Bluetooth: hci0: command 0x0c1a tx timeout
[  207.621987][   T52] Bluetooth: hci1: command 0x0c1a tx timeout
[  207.625348][ T5143] Bluetooth: hci3: command 0x0c1a tx timeout
[  207.665256][ T9090] loop1: detected capacity change from 0 to 16
[  207.678233][ T9090] erofs (device loop1): mounted with root inode @ nid 36.
[  207.701996][ T5143] Bluetooth: hci4: command 0x0405 tx timeout
[  207.784101][ T9093] loop4: detected capacity change from 0 to 128
[  207.838711][ T9093] FAT-fs (loop4): error, clusters badly computed (2 != 0)
[  207.881901][ T9093] FAT-fs (loop4): Filesystem has been set read-only
[  207.902700][ T9093] FAT-fs (loop4): error, clusters badly computed (3 != 1)
[  207.911383][ T9093] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI
[  207.923418][ T9093] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  207.931890][ T9093] CPU: 1 UID: 0 PID: 9093 Comm: syz.4.1142 Not tainted syzkaller #0 PREEMPT(full) 
[  207.941213][ T9093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  207.951297][ T9093] RIP: 0010:bio_seg_gap+0x1c6/0x7d0
[  207.956531][ T9093] Code: fd 48 ba 00 00 00 00 00 fc ff df 49 8b 06 48 89 5c 24 20 49 89 de 49 c1 e6 04 48 89 44 24 08 4a 8d 2c 30 48 89 e8 48 c1 e8 03 <80> 3c 10 00 74 12 48 89 ef e8 0c 33 b9 fd 48 ba 00 00 00 00 00 fc
[  207.976164][ T9093] RSP: 0018:ffffc9000452ec60 EFLAGS: 00010246
[  207.982258][ T9093] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000080000
[  207.990251][ T9093] RDX: dffffc0000000000 RSI: 0000000000006520 RDI: ffff888029702b70
[  207.998235][ T9093] RBP: 0000000000000000 R08: ffff888024a409f7 R09: 1ffff1100494813e
[  208.006242][ T9093] R10: dffffc0000000000 R11: ffffed100494813f R12: 0000000000000c00
[  208.014231][ T9093] R13: 0000000000000000 R14: 0000000000000000 R15: ffff888029702b40
[  208.022219][ T9093] FS:  00007f9c50bf66c0(0000) GS:ffff888125fcd000(0000) knlGS:0000000000000000
[  208.031159][ T9093] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  208.037753][ T9093] CR2: 0000200000002000 CR3: 0000000077196000 CR4: 00000000003526f0
[  208.045737][ T9093] Call Trace:
[  208.049024][ T9093]  <TASK>
[  208.051971][ T9093]  bio_attempt_back_merge+0x4ba/0x920
[  208.057464][ T9093]  ? blk_attempt_bio_merge+0x273/0x4c0
[  208.062939][ T9093]  blk_attempt_plug_merge+0x145/0x1d0
[  208.068330][ T9093]  blk_mq_submit_bio+0x1abd/0x26d0
[  208.073454][ T9093]  ? blk_mq_submit_bio+0x46a/0x26d0
[  208.078668][ T9093]  ? __pfx_blk_mq_submit_bio+0x10/0x10
[  208.084136][ T9093]  ? blk_mq_submit_bio+0xd6b/0x26d0
[  208.089344][ T9093]  ? blk_mq_submit_bio+0x46a/0x26d0
[  208.094573][ T9093]  __submit_bio+0x207/0x5a0
[  208.099106][ T9093]  ? __pfx___submit_bio+0x10/0x10
[  208.104142][ T9093]  ? blk_cgroup_bio_start+0x59d/0x640
[  208.109533][ T9093]  ? __submit_bio+0x22e/0x5a0
[  208.114226][ T9093]  submit_bio_noacct_nocheck+0x2fb/0xa50
[  208.119868][ T9093]  ? __pfx_submit_bio_noacct_nocheck+0x10/0x10
[  208.126033][ T9093]  ? submit_bio_noacct+0xe0c/0x1b80
[  208.131246][ T9093]  submit_bio_wait+0x104/0x200
[  208.136027][ T9093]  ? __pfx_submit_bio_wait+0x10/0x10
[  208.141338][ T9093]  ? blk_alloc_discard_bio+0x243/0x2c0
[  208.146834][ T9093]  blkdev_issue_discard+0x113/0x1b0
[  208.152229][ T9093]  ? __pfx_blkdev_issue_discard+0x10/0x10
[  208.157983][ T9093]  fat_free_clusters+0x405/0xb80
[  208.163044][ T9093]  ? __pfx_fat_free_clusters+0x10/0x10
[  208.168529][ T9093]  ? __brelse+0x59/0xa0
[  208.172700][ T9093]  ? fat_mirror_bhs+0x557/0x580
[  208.177583][ T9093]  fat_truncate_blocks+0x7d7/0xaf0
[  208.182711][ T9093]  ? __pfx_fat_truncate_blocks+0x10/0x10
[  208.188386][ T9093]  ? __pfx_unmap_mapping_range+0x10/0x10
[  208.194405][ T9093]  ? generic_write_end+0x211/0x2c0
[  208.199536][ T9093]  fat_write_end+0x108/0x1f0
[  208.204152][ T9093]  generic_perform_write+0x62a/0x900
[  208.209465][ T9093]  ? __pfx_generic_perform_write+0x10/0x10
[  208.215376][ T9093]  ? __pfx_fat_update_time+0x10/0x10
[  208.220682][ T9093]  ? file_update_time+0x416/0x490
[  208.225722][ T9093]  ? __generic_file_write_iter+0xf9/0x230
[  208.231477][ T9093]  ? generic_file_write_iter+0x103/0x550
[  208.237132][ T9093]  generic_file_write_iter+0x117/0x550
[  208.242617][ T9093]  ? __pfx_generic_file_write_iter+0x10/0x10
[  208.248611][ T9093]  ? __pfx_hlock_conflict+0x10/0x10
[  208.253854][ T9093]  ? check_path+0x21/0x40
[  208.258251][ T9093]  ? lockdep_unlock+0x89/0x120
[  208.263113][ T9093]  ? validate_chain+0x897/0x2140
[  208.268068][ T9093]  ? futex_unqueue+0x211/0x240
[  208.272853][ T9093]  do_iter_readv_writev+0x623/0x8c0
[  208.278075][ T9093]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  208.283808][ T9093]  ? rcu_read_lock_any_held+0xb3/0x120
[  208.289290][ T9093]  vfs_writev+0x31a/0x960
[  208.293632][ T9093]  ? __lock_acquire+0xab9/0xd20
[  208.298509][ T9093]  ? __pfx_vfs_writev+0x10/0x10
[  208.303382][ T9093]  ? __fget_files+0x2a/0x420
[  208.308005][ T9093]  ? __fget_files+0x3a0/0x420
[  208.312716][ T9093]  ? __fget_files+0x2a/0x420
[  208.317339][ T9093]  do_writev+0x14d/0x2d0
[  208.321594][ T9093]  ? __pfx_do_writev+0x10/0x10
[  208.326381][ T9093]  ? do_syscall_64+0xbe/0xfa0
[  208.331092][ T9093]  do_syscall_64+0xfa/0xfa0
[  208.335612][ T9093]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.341688][ T9093]  ? clear_bhb_loop+0x60/0xb0
[  208.346376][ T9093]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.352289][ T9093] RIP: 0033:0x7f9c5298f6c9
[  208.356718][ T9093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  208.376527][ T9093] RSP: 002b:00007f9c50bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  208.385044][ T9093] RAX: ffffffffffffffda RBX: 00007f9c52be5fa0 RCX: 00007f9c5298f6c9
[  208.393126][ T9093] RDX: 0000000000000002 RSI: 0000200000000000 RDI: 0000000000000005
[  208.401121][ T9093] RBP: 00007f9c52a11f91 R08: 0000000000000000 R09: 0000000000000000
[  208.409111][ T9093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  208.417114][ T9093] R13: 00007f9c52be6038 R14: 00007f9c52be5fa0 R15: 00007ffc8b5d1688
[  208.425123][ T9093]  </TASK>
[  208.428159][ T9093] Modules linked in:
[  208.433098][ T9093] ---[ end trace 0000000000000000 ]---
[  208.442191][ T9093] RIP: 0010:bio_seg_gap+0x1c6/0x7d0
[  208.447536][ T9093] Code: fd 48 ba 00 00 00 00 00 fc ff df 49 8b 06 48 89 5c 24 20 49 89 de 49 c1 e6 04 48 89 44 24 08 4a 8d 2c 30 48 89 e8 48 c1 e8 03 <80> 3c 10 00 74 12 48 89 ef e8 0c 33 b9 fd 48 ba 00 00 00 00 00 fc
[  208.475263][ T9093] RSP: 0018:ffffc9000452ec60 EFLAGS: 00010246
[  208.486684][ T9093] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000080000
[  208.494887][   T10] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  208.502735][ T9093] RDX: dffffc0000000000 RSI: 0000000000006520 RDI: ffff888029702b70
[  208.513985][ T9093] RBP: 0000000000000000 R08: ffff888024a409f7 R09: 1ffff1100494813e
[  208.522386][ T9093] R10: dffffc0000000000 R11: ffffed100494813f R12: 0000000000000c00
[  208.530573][ T9093] R13: 0000000000000000 R14: 0000000000000000 R15: ffff888029702b40
[  208.540247][ T9093] FS:  00007f9c50bf66c0(0000) GS:ffff888125ecd000(0000) knlGS:0000000000000000
[  208.549779][ T9093] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  208.556516][ T9093] CR2: 00007fb033b7cf98 CR3: 0000000077196000 CR4: 00000000003526f0
[  208.564770][ T9093] Kernel panic - not syncing: Fatal exception
[  208.571214][ T9093] Kernel Offset: disabled
[  208.575544][ T9093] Rebooting in 86400 seconds..