last executing test programs:

1m14.998637037s ago: executing program 4 (id=14):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x4c, 0x10, 0x40d, 0x2, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0x4}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0x14, 0x5, 0x0, 0x1, [@IFLA_BRPORT_PRIORITY={0x6}, @IFLA_BRPORT_STATE={0x5, 0x1, 0x3}]}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x806}, 0x0)

1m14.454874865s ago: executing program 4 (id=18):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000000)=0x10000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000100)={@local})
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r0, 0x7b2, &(0x7f0000000180)={0x0, 0x3, 0xfffffffffffffcc8, 0x3})

1m14.174127279s ago: executing program 4 (id=21):
r0 = open(&(0x7f00000002c0)='./file0\x00', 0x1491ff, 0x22)
fcntl$setlease(r0, 0x400, 0x0)
open(&(0x7f00009e1000)='./file0\x00', 0x0, 0x0)
fcntl$setlease(r0, 0x400, 0x1)

1m14.03822365s ago: executing program 4 (id=22):
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file1\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c00a3a2a4e7417e941910c27d130b55ac2d5f7a61e59ec6d5de07239091924c32eeb367d16409d6d3ec1fb755f9a7989ebc4e96918e268f0b7acebf67c07bc4731250f87d27b5e9e61000e70f0c6a4e2432073d0d3e18f864e9ef64637d14e5485f36e53c821cb5898685c055a367ea51b653eff6581710f6c3824bc667bd24219163c60803099f985567be0d978e301b4f6603628606afadb04eee58f42f1853f2e8598a5e250e0f4c9a", @ANYRES64, @ANYRESOCT, @ANYRES16, @ANYRESHEX, @ANYRESDEC, @ANYRESDEC, @ANYRES64, @ANYRESHEX=0x0], 0x41, 0x14fe, &(0x7f0000002ac0)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXdFnk91st9g99gu7zW63O+xOu8vu/jXO3sc++5XNsl/bw/Z7e8B+Yw/ao/aQ/e7XOHt/R+2P9pj9yR63J+xJe8qetj/bM/bsr/vP3vspe8lett4KApKkSFNAuSg3xVAeiqXrKI6up7yUjyJ0A8XTjZSfbqICVJAKUWFKoCJUlAwhWSIKqRgVpyjdTCXoFkqkklSKSpOjMpREt1JZuo3K0e1Unu6gCnQnVaRKVJmq0F1Ule6manQPVad7qQbVpFpUm+6jOnQ/1aUHqB49SPXpIWpAD1NDeoQa0aPUmB6jJvQ4NaUnqBk1pxbUklrRk9SanqI21Jba0dPUnp6hDvQsJdNz1JGep070AnWmF6kLvURd6WXqRt2pB71CPelV6kW9KYX6UF96jfpRfxpAA2kQvU6D6Q0aQm/SUBpGw+ktGkFv00h6h0bRaBpD79JYGkfjaQJNpEmUSu/RZHqfptAHNJWm0XSaQWk0k2bRhzSb5tBc+ojm0cc0nxbQQlpE6fQJLaYllEGf0lL6jDJpGS2nFbSSVtFqWkNraR2tpw20kTbRZtpCW+lz2kbbaQftpF20m/bQF7SXvqR99BVl0de0n/5EB+gbOkjf0iH6jg7T93SEfqCj9CMdo5/oOJ2gk3SKTtPPdIbO0jk6TxfoF7pIl+gyeRIhhDJUoQ6DMFeYO4wJ84Sx4XVhXHh9mDfMF0bCG8L48MYwf3hTWCAsGBYKC4cJYZGwaGhCDG1IYRgWC4uH0fDmsER4S5gYlgxLhaVDF5YJk8Jbw7LhbWG58PawfHhHWCG8M6wYVgorh1XCu8Kq4d1htfCesHp4b1gjrBnWCmuH94V1wvvDuuEDYb3wwbBc+FDYIHw4bBg+EjYKHw0bh4+FTcLHw6bhE2GzsHnYImwZtgqfDFuHT4VtwrZhu/DpsH34TNghfDZMDp8LO4bPX3U8JewT9g1fC18LvX9ALYwuiqZHP4kuji6JZkQ/jS6NfhbNjC6LLo+uiK6Mroqujq6Jro2ui66PbohujG6Kbo5uiXpfO7dw4KRTTrvA5XK5XYzL42LddS7OXe/yunwu4m5w8e5Gl9/d5Aq4gq6QK+wSXBFX1BmHzjpyoSvmiruou9mVcLe4RFfSlXKlnXNlXJJr6Vq5Vq61e8q1cW1dO/e0e9o9455xz7pn3XOuo3vedXIvuM7uRdfFveReci+7bq676+FecT3dq66X6+1SXIrr6/q6fq6fG+AGuEFukBvsBrshbogb6oa64W64G+FGuJFupBvlRrkxbowb68a68W68m+gmulSX6ia7yW6Km+Kmuqluupvu0lyam+Vmudlutpvr5rp5bp6b7+a7hW6hS3fpbrFb7DJchlvqlrpMl+mWu+VupVvpVrvVbq1b69a79W6j2+g2u81uq9vqtrltbofb4Xa5XW6P2+P2ur1un9vnslyW2+/2uwPugDvovnWH3HfusPveHXE/uKPuR3fM/eSOuxPupDvlTruf3Rl31p1z590F94u76C65y8671Mh7kcmR9yNTIh9EpkamRaZHZkTSIjMjsyIfRmZH5kTmRj6KzIt8HJkfWRBZGFkUSY98ElkcWRLJiHwaWRr5LJIZWRZZHlkRWRlZFfG+yLbQF/PFfdTf7Ev4W3yiL+lL+dLe+TI+yd/qy/rbfDl/uy/v7/AV/J2+oq/kK/snfDPf3LfwLX0r/6Rv7Z/ybXxb384/7dv7Z3wH/6xP9s/5jv5538m/4Dv7F30X/5Lv6l/23Xx338O/4nv6V30v39un+D6+r3/N9/P9/QA/0A/yr/vB/g0/xL/ph/phfrh/y4/wb/uR/h0/yo/2Y/y7fqwf58f7CX6in+RT/Xt+sn/fT/Ef+Kl+mp/uZ/g0P9PP8h/62X6On+s/8vP8x36+X+AX+kU+3X/iF/slPsN/6pf6z3ymX+aX+xV+pV/lV/s1fq1f59f7DX6j3+Q3+y1+q//cb/Pb/Q6/0+/yu/0e/4Xf67/0+/xXPst/7ff7P/kD/ht/0H/rD/nv/GH/vT/if/BH/Y/+mP/JH/cn/El/yp/2P/sz/qw/58/7C/4Xf9Ff8pf5Z9YYY4wxxv4h6irjff6bHPnnfl8hxPXbCx/6r+MbC/zW7587oX1ECPFc766P/t5q1EhJSfnzsZlKBMUXCCEiV/JziSvxMtFOPCOSRVtR9i/jMX91rv6y+wW6yvzRO4SI/auc7Pzf4yvz3/Z3999fjpt31fkXCJFY/EpOHnElvjJ/uf9m/oKtrzJ/nm9ShWjzVzlx4kp8Zf4k8ZR4XiT/zZGMMcYYY4wxxthv+svKna92f5t9f56gr+TkFlfiv3d/zhhjjDHGGGOMsf9dXuze49knk5PbdubO/1TH5/vtrf7fsh7ucOcf6Fzrr0yMMcYYY4yxf7crF/3XeiWMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxljO9f/i14n9fq6r/a1BxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7D/V/wkAAP//dR87dA==")
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100))

1m13.495079208s ago: executing program 4 (id=25):
syz_usb_connect(0x1, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000009a65d0860040800dee20102030109021b05000000000009040000f678eaf500090584", @ANYBLOB="521c"], &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
syz_open_dev$evdev(&(0x7f0000000040), 0x4, 0x800)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r0, 0xffffffffffffffff, 0x0)

1m12.77824563s ago: executing program 4 (id=26):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x7, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}, 'macvlan1\x00'}}, 0x1e)
sendmmsg(r0, &(0x7f0000008640)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000000c0)="d4", 0x1}], 0x1}}], 0x1, 0x10001)
recvmmsg(r0, &(0x7f0000000900)=[{{0x0, 0xfffffffffffffe1f, 0x0}, 0x1}], 0x3fffffffffffcb3, 0x40, 0x0)

1m12.090732613s ago: executing program 32 (id=26):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x7, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}, 'macvlan1\x00'}}, 0x1e)
sendmmsg(r0, &(0x7f0000008640)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000000c0)="d4", 0x1}], 0x1}}], 0x1, 0x10001)
recvmmsg(r0, &(0x7f0000000900)=[{{0x0, 0xfffffffffffffe1f, 0x0}, 0x1}], 0x3fffffffffffcb3, 0x40, 0x0)

7.409153309s ago: executing program 3 (id=495):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000100)="00884a", 0xffffff9a}], 0x1)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r1, 0x0)

5.482343405s ago: executing program 6 (id=522):
r0 = memfd_create(&(0x7f0000000540)='\x01\xfd\xae.+\xa6\x8c\xb6?2\x199\x94S,|x?Ue[\xbd\xe1!\x033\xbc\'#\xff\x17\x9b%\xf3[d \x06\x00\x00\x00\x97A\xc2\xd8\xf0Uq!\xe4\xc4\xb1\xa2\x1c\xffC;\x94Q\r\xb6}\x9c\xecC\v\xcf\xeb\xe4\x9aR\xe5,\x82\x03\x00\x19\x8d\xe8\xc6\xb9\xe4\xb4\x99\x8a\x19P\xb8\x8cx\b\x99\x04R\x05\xaf\xa2\xea5\f\xcc\x1a\x9b\x00Uf\xa5\xf7\x80Tgiz\nX\b\x91\xfd0\x8e\xb6\xa3\v#\x16\xdf\xb4\xc0\xe6\xb4\xef\xa8i\xd8\xa2\xd2(\x98\x9bA\x8f\x13\xeb\xf4b/\xef!\x8f\xf6]-\xf1k\xb62\x89gEv\x13\xf4\xc7\xb2\xf5\\\x17\x90\xb5\xa6\xa8\xb8o\x0f\xe2 \xe7\x9c$\xd7\xf2@\xf7cdv[\t\x00\x8d\xf3\xcc1\r$\x1e\xff\xf0P\xb2\x97\xb8\xbc\xeb\x91\x87\x8bu\xbf\xd4\'\xff\x1f\f\x016\x9dQ\xeeT\xe8\bY\x00\xb2\x06\xa6\xbel\x9b.o\xbe\x80\x9dx\xd5O\xd6h\\I\xc9\x8d\a\x1d\xc9k\x83\xfc\xa4\xad4\x03\xa2X\x0f\x82\xdbs\xc7\x83L\x9e\xa2\xd1\xb3\xac\x8d\xd8\xb4\xb4\xea\x90Q\xd8\xc7\xeb%\x8bOp\x1ab\x96\xcf\xbb\x15\xcf\xfcN\xed\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00s\xaf\xa2\x14]p+\x96\x1ei|n\xda\xee\\\xae\x96*\x82*\xb8j\xda\xaa\x14\x1f\x1d\xf8\xf8\xae\xfcH\xc4\xb3j\xe8\xcfO\xef\x0e\xafe\xb5*\x89\x18\xb2w\x96\b\x1by\xeaT\xdd\xb3g6\xbc\x85\xb2Y\xccv\x06\x00\x00\x00\xc5e\x90\xc51\x9f\v_# \b\xa5\xbcP,|\xe9\xd6s\x1f\x1f\xbe\xd3\x80\xb1\xa8 \xce|df\x903\v\x02\xea.\x03X\xb5\xe4,8\xb7\xadEI\xdcA\xa7\xcc\xd7\xf9n\x1b\x95\xf8\x11Z\xe6:\x03\xce\xfe\x02\x8ctdy~_oC\x9e\xef\xf0\xa2K\xe9;\x8e:\x01\x03C\x92\xeb\x16\x1c\xbf\xbe\xef\xccUxhg\xdfY\xe6\x83\xa6z\xff\x01\x9d o_{!O\xaajU\x84 \xe9\xb59r\x9cw\x18Z\xd3\xcd\x0e\xba\\\xdb\xf0\xe1\x86\t\xaf\vi\xdc\xbf?\xf5\n\xbd^\x05\xc0\xceuC}\xa8\xc7\xad\x86\xd7\x15&\xb9]1\x05J\x96\xf0\x84\xc1\f\xa6p\x96?\x00\x00\x00\x00\x00\x00\x00\x12\x88\xc8\x9c\xc9Cn\xd4\xa47V\'+\xcc\xbf\r\xa9\x10\x1d\xcf\xebKlb\xe5:\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00G\xdf\xbb\xc0_\x99F\xf4n]\x14\xbc\xcd\xd3\x9f\x9fe\xc5\xe6\xe8Mb\xc6\x82\x82\xcb\xcaXe\xe1\xa2\xaa\x02\x86\xb8\x18\xe2C\xeb\xa9\x17&\x01&\'w\xa1t0\x80\xf0\x93\x80\x9f\x9b\xe0\x9f\xea\xb9\x9eD]#V\xda\x92\xca\xc6\xfa.\xd6\xe31\xfe\xe8\x02\xebX\xbd\nz\x01O\xd3r\xa2\xa9u\x93>m\xd7q\'\xdf\xfajo\xd8n\xa7\xecJi\xde\xdf\x7f\xe3\xc4*Z 4\xe8S$\xa1H=\xdf\x05\xf3\xe3T\xd1\xdd\xc6f\xa4\xb4\x96\\\xa0\xf9\x0f\x17\x11{\xb6\x9d\xd21\xc1\x90Vj\x13r\x00\x00\xde\x03\xab\xff\x8as0\xc6E\xca\"\xd9*\x9a\x15\xb95r\x8f\xaaj\x82\xd6\xd2%\xed\xa2WQ\xec2\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xccX\xfdRB\xffU\xe9\xfa\x1f\xf6\xce\b\xde@\x061\xc6z\xe4\xe0\xc9?\xa7\x94>\x9c\xd1\xa5o\x04\xaaim\xae\xfe\xc7f\xa3\x96\xd7\xb4c)r{\r#\xddI&\n\xf2\xec\xd4\xff\x9f\x136zZ-2\x80\xfbH+\x9b8\xf3\xed\xdf\xa2my\xb28c[\xc3\xfe\xb5M\x84\x97\xa5\'s\xe9\xdc=)I\xabLt2\x9c\v\xd9S', 0x6)
fallocate(r0, 0x0, 0x9, 0x4)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
syz_open_dev$vbi(&(0x7f00000000c0), 0x2, 0x2)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)

5.221072353s ago: executing program 6 (id=523):
syz_mount_image$f2fs(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x8, &(0x7f0000000540)={[{@fault_injection={'fault_injection', 0x3d, 0x4ee}}, {@extent_cache}, {@alloc_mode_def}, {@six_active_logs}, {@six_active_logs}, {@nodiscard}, {@jqfmt_vfsv1}, {@noacl}, {@checkpoint_diasble}, {@alloc_mode_def}, {@noextent_cache}, {@nouser_xattr}, {@jqfmt_vfsold}, {@fastboot}, {@memory_low}, {@inline_xattr_size={'inline_xattr_size', 0x3d, 0x9}}], [{@smackfsfloor={'smackfsfloor', 0x3d, '*'}}, {@measure}, {@subj_user={'subj_user', 0x3d, 'dioread_nolock'}}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@euid_gt}]}, 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f0000000180)=0xfffffff9)
r1 = open(&(0x7f0000000040)='./file0\x00', 0x143082, 0x80)
ioctl$F2FS_IOC_DEFRAGMENT(r1, 0xc010f508, &(0x7f0000000140)={0x0, 0x100000000})

4.533363885s ago: executing program 3 (id=528):
socket$inet_mptcp(0x2, 0x1, 0x106)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25047c0000100036800c00020007009300000000000c0001800600060008", @ANYRES64=r1], 0x30}, 0x1, 0x0, 0x0, 0x200488d1}, 0xc080)

4.26859446s ago: executing program 3 (id=531):
r0 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfad6}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = socket$rds(0x15, 0x5, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x44, 0x0, r3, 0x0, 0x0})
io_uring_enter(r0, 0xdb4, 0x0, 0x0, 0x0, 0x0)

3.76638102s ago: executing program 3 (id=535):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000300)={&(0x7f00000001c0)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000003c0)={r1, <r2=>0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETPLANE(r0, 0xc03064b7, &(0x7f0000000200)={r1, r2, r3, 0x401, 0x80000002, 0x80000002, 0x0, 0x0, 0x0, 0xb, 0x200420, 0x200})

3.506256347s ago: executing program 3 (id=538):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x4)
syz_mount_image$bcachefs(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="766572626f73656a6f75726e616c5f7472616e736163735d60b65f6e616d65732c6e6f7265636f766572792c636f6d7072657373696f6c7a342c657261737572655f636f64652c636f6de512657373696f6e3d7a7374642c696e6c696e655f646174612c7265636f6e7374727563745f617072657373696f6e3d677a69702c6e6f636f772c72772c736d61636b5e5b402d6673636f6e746578743d756e636f6e66e9fe0a645f752c6170707261690200626a5f726f6c653d2c6f626a5f757365723d2c00cceb994f8efdbbc6ae4181a26bbff460c1c8ed816462d332da99e1c9d501b2f84401795039cbed6e6bdb8b98cafc2fc66729648fd8244e38a8ad980cdef833014e304f756960f2584bf7275e4b37d13a426e4e2a2d93218f5e4a81f5baf87c4fab66d374902a56a667b4922816529ad484fab6ab007b93cdced73d03040000000000000000000000000000000000000000000000000019c4277c4d2e96d1dcd16563a14b130bda5d889bd58ba50b97f065cce24e6dc61254f44888e00ae531c6c4358c0be3cd09d5cc920b7dedc2a86e8b70dc9df9ba790bace81fa504d9d3a4840fe2f17a400afea4266379fcfdf8292027f4780275e2cc5517bcd09f30a39e45349a89e4219573ef", @ANYRES32=0x0, @ANYRESOCT, @ANYBLOB="8bc2e8ee7032225ca99d1f616eb269c3f770179f574bfb6f8241aef087bda6616493bf2e322377b61ca60749b1c7e9a7d025bede48ffef709e57ecbbf4fd4c1012be6466fd4fce8a9371c63b4c27a03ff38966a0e5acdcd6e79706e1e38e0115abd668a81dc1b3845df85f0e6afdbcf2e39f1e3860cc1e9e356cba75c24cab9a3544334aa6a3fec809e9c3134068e984f9b9678898d489d33892eee3b85695f24f5d9141bc8bd489b5d4b0e8e3c34c49d44d8137bc63ed141473108ac2590ea205371f4783b234f5ca5a2f9c41cc7d9e260730c069357fcdd8537de229aa38120ad7e4", @ANYRESHEX], 0xff, 0x59dd, &(0x7f0000000580)="$eJzs3X+MHNWdIPBX3T2enhmPPTawOBDGg8G7LGziMb9Ewmnj3dtNVsAiR6yymHMCBo9ZJ7axbLNgwy5mD3JwQERWWe2SRCcSEXQkToQEF3BQCD/O5hISxCWHTgRduCP5IydCsAL4UMRlVjNdr6enpmuqp6fH2ObzkT3V73X1932r6nV1vdc90wEAAID3hP23bj948Ql//oN/GHnrpr/4zuabQ195vL4aVxhIl9e/WxlyKHVXlowvs/3iD274+i+GrvrT7z/Y+7W3960/ecNP/+yYqx779AV77/nSk2/2P/y7V4rixv50+kQ5eS0JofrdA//02X3PHj9Wl4QQysnA7hAWJYufXJRkQgz9NoSwPi0cW5l850NvnbVhbHnzHd2T6hdmgujv723VtJ/tOnjdGeFnf7Lmlh8t/dY3u/a8untilaTa0J9CWHBF4+O7Qgg96f8xsbctiQ9Ol6tDCL0NjzuvIK9TWsx/RU75xHQ5L132FcSJ9y/LlEuZ9bLlqCuz7C1ob7by8mh3vSLzM+XsyWi28vKM9YvS5SPp8vQZxi/H/0koJaFST39TMtFHQsNxS0Iyfiyr9XKpfmxDuv2ZcpIplzLlcldmu8bbTTtaOUkm18f1MvXxdFxJ609uPFc3cUlO/fvSZTV9or4dyyF7o6Zvyo36do2LeR2YJpdDodRwDmpWXz/w6cHoS+v6ksVTHjPaRLxv35o7l5fXPrV/ICeP5MEkjZ+0FX/XDxfN/9Q3br92SV78K0pp/FIaP/aapKX4L1/43OuX3f7VL+bGvzvGL7eV/5mP97524dO3LsvdPwfi/qm0FX/dK8/ctfTYK/f05MW/N8avthV/1d7nuvsPPv5Ebv7Dcf/0tBX/pfM/+vMHXnj01dz4IcbvbSv+2r1bP9c9ePC03PhPxP3T11b8l9/Yc+6Lg4O/HGp8wGn9E/Gfj/H724p//+57PnzfwjsuyO2fq+P+GWgr/kWnPnbL/IOPnpR37kzu7dQrJ8B70zHpNdZtabndceZsNYwX/mWoUrtKmp/+7+9kQ5mLz7F2FnQyPgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEI4747997P98YuC1SlruTm+8VKotY/28EJKeEML2Heu27di45eqhT19z7bYtPem9O7btHDr7j4a2jWzdtG7n2L3DHzirds/ikNSWyUlT2u4eHR0tDUyui+3921P3/Gz5ef/3VyEMH/eTwUpu/ivu2XzfsU1+ZiSrRj+y+dqLf3LOV9LtGkjzGmiS1+jo6GjIyevXl75z3z8e+MVpIQz/3nR5PfPSH39vUkLjFRNxUqXuUEuoO+ltmkc964EQusYekOZV2bBx08jw9Pt37PHlnO34dze8+tsN13/+ndr+reZuR4v7t2fV6KbSP6+56P//8421iqK83q3jXrS/41bE/OL+q6b7e0G6XQtytquSs123/uiJF757wu1v7g7DlTeWTm27aLu60g7ZlbyvpXZjC73Jokn11XT9eMTj41bs2Lx1xfaduz6wcfO6q0euHtnyoZVnrzx3+Jxzz1kxvuUrOrz9sf3fb3H7D01/Wvi3ux+JP1vrT0V5Fe2PsbyK90djRnnPv95LPvuFD93z9MW1iqJ+Hteun0/SZe/YcV4ZGvrb1H3VbLuK9kMIYajZfnj9zQvC8f9z4y1F56HGI9P4MyNZNfrsst985bwvL/k3tYpDcp5vTKjN83w964l8xvdXNT0eo4fp/u0O5XS7+prmtfLZp7vu3P+rv6vnN29euH7djh3bVtZ+zk8znZ+c2DSvbG3crqXjP8sh3S2h3k2b9NcxXaGWX/b8GVfP7tW+9L6+ZHHT7cqK9+1bc+fy8tqn9uft6eQ/1lrsCf21ZfL+qSuVmj2wXE+4WfuH6/OvqH8MfuzLD3/i4W+fPaV/nFn7WbRdSc52feuF+7/wtc//h293brs+9sfPDfzmf/3N8lrFkXJeqWed5pM0nlfODKHo+bc0NN+O3Odfs77bwvMv287E+s3jDWXKfaHc1vP1zMd7X7vw6VuX5T5fD7TwfB1346RSueD5erj0n8cyz6+kMjmPuXt+TeooyarR7992zO4nb1p9Qq2iqF/X127Wr89qYfyRs13fu+zFwWuG/v3/6Nx54+t/9NDlP1236u9rFZOPe8+UvPKPe8ylM8e9mu7fas7+rWed5lNq3L8fvOqaTetr9Yfv9W+6LBj/xFPJ9p27PrNu06aRbdtb265WX09jO9m93O7raTy7LS7YrtKU7eqON3Z2+kYr+6vV51vMf33b+2vy860vJG29Luz64aL5n/rG7dcOTHlU2tAVpTR+KY0/9VwxXfyXL3zu9ctu/+oXc+PfHeNX2sp/3SvP3LX02Cv35Ma/N0njV9uKv2rvc939Bx9/Ijf+cMy/p634L53/0Z8/8MKjr+bGDzF+X1vxX35jz7kvDg7+Mjf+80naztg1UggPvXXWhlo5GZ+Hqzbk0TUpr5AtJ5lyKVMuN5ZLtbnWegPlJJlcH9dL609uyKWZv86pj1dh1SW15duxHLI3pq8/3JQazv3N6ouuUwEAjnbx/f94DRrf/x9JL5TyZxpgwmzHYUty4sZx2MR8zrxJ9y9J48fHx3nAwQ+G4bHlzUO1C/2m8xPpZOdok3nO+HzIznPGdk47ZXKe7c5zFs2/L8uUY161+fJKwzg0NXVcUwktzL9PbWf6+ffM5hfPjw/dNiWtoYZ5q+zx60pnzJp93iGTb2UsQnfOyDQ7LxY/zzG4IKweb2+6/pEabfI5mngcsp+jie2ckDlxtvs5mtn2j5j2NP1jPOXi9zemHr8wzf6dOH7No2WP3wyOd3Vs/Tl7f/bBOC8263nDpqe0qfOGMzxftjxvOLfvh5mXzImfPsE6MG+4cJp5w67ZzhvG+rgdlRbnEz+RU1971u6ul9uaTyxP3Ix5HZgml0PBfCJwtIrj//gaMTb+H7sA/3+Z9YquQ7NXjTFe7ueEys3zKRp3TP2cXm9br+Nr9279XPfgwdNyr3OeaPVzP1snlXoLPvdTtB+XZ8qF+zFngqZovJdtp2i/Zz+X0Rf629rv9+++58P3Lbzjgtz9vrr2Qlq8378wqdRfsN+PgPFC8/gdHC+c3yy+8cJhMV6Y6/mzd+1zDOkHn+ZqPPJXOfUz/XxD75Qb9e0ad8SNR7oObV4AwJEjjv/r76+m4///HVdIryOKxq2nZ8oxXu64Nef6JG/c+pfp8vrM+n3pb1TM9Lr5olMfu2X+wUdPyh233NvqOPQ/TyoNFI5DZzduzh1HrO7M58VzxxH1cdbsxom5+dfHibMbp+fGr4/TZzeOzt0/9XH07OYBcuPX5wGO9HFuwXxdprFYbHW+7qgdR6e/PjtX4+hLcupnOo7um3Kjvl3jjKMBAN5dcfwfL+Pi+P/pzHqzfZ89d1zQoev27N8Dqcd//lCNK+d63DfX49a5HtePz0uMLmyyznTxW5+XONLHxXM9LzS382Tv+XFx2qhxMQAAh7M4/o9/iTB//D+78Umz8VvXpPHJ0To+72naQrz3MBufz+HnBo708fmRPv9l/O998WLG/wAAR7c4/o+/9hj//t9/TcvZv1t/9I7Tj6j30Y3Ts/GPmnF65+fZQpufA2gcB5oHaK6leYCGr3kxDwAAwLuha3ykNPX37D+ZLrO/Z5/3e/mX5azfqkp6eXzljm0jI5dfu3X9uh0jl2+5Zv3I9suv27Zxx46RLbX1ZjtuzB23pOPGrlBJ90fz9bLjtoXp30NYmPP3ELLrx7Anjt+Y+vcQss32FPwdgYnjlz7gP03fft7xK02zfrP+kXe88+L/dc76Uf34X/U3Z16+YfvlG7ds3LFx3aaNu0Ymrzc2au2dwfelxt3y60vfua87tPh9qZkfU5Rm/r2/jXm0/L2tU/IoTcmjK90fed/PnmTyWJRmsijve5Rz8v7Bf//Hvz119J0HQhg+rvz+We2/ZNXof7l05C937P/J1rH8S9PmX18zzavo+0qz68ftqWy6ZvuOMzZcc+2W7DdKtifOZ5Tq5Tmaz0if/uUW5yfW5tTP9HMK5Sk3Dk8tzk888sahTgwA4DAX3/+P17Px/cPPpxdQsb71cfrs3j/OHacPtzZOz34vWdE4Pbt+3N5Wx+nVmY7TC9ovGqc3W7/ZOD1v3J0X/69y1p+p1vvJ7D7nkdtPrmitn2S/z6Con2TXb95PSrn9JJllP8m2X9RPmq3frJ/kHfe8+B/PWT9P6/1hdp/Lye0Pd7fWH/4wUy7qD9n1Z3reKM2yP2TbL+oPzdZv1h/yjm9e/Itz1m/V5P4x1jHG+8XI5ddds+0zDevN9fflzT6/uf3+j3a1nv/cfu5r7vOf28+VzX3+s/tcWW7+z+ecQDqQf2VS/nP7/S7tOmTztemHzYo+f1Y0j7smp36m87jzptw4PLX8OTOg4+L4P77dE8f/d6TLTr8NdCR8T1rT+Hd35u/r+x6z2V3HeD1Pl81eNA8DXs8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWtNdWTK+3H/r9oMXn/DnP/iHkbdu+ovvbL75D274+i+GrvrT7z/Y+7W3960/ecNP/+yYqx779AV77/nSk2/2P/y7VwoDD4z/rJyeFqshJK8lIVS/e+CfPrvv2ePH6pIQQjkZ2B3ComTxk4uSTITh34YQ1tfznHznQ2+dtWFsefMd3ZPqF2aCZLcr9JVjPo15hnB94RZxBKqm/WzXwevOCD/7kzW3/Gjpt77ZtefV3ROrJNWG/hTCgisaH98VQuhJ/4+JvW1JfHC6XB1C6G143HkFeZ0y/d31brwic0csn5gu56XLvoL24v3LMuVSZr1sOerKLHsL2suqzHD9vDzaXa/I/Ew5ezKqmelWTMjLM9YvSpePpMvTZxi/HP8noZSESj39TclEHwkNxy0JyfixrNbLpfqxDen2Z8pJplzKlMtdme0abzftaOUkmVwf18vUx9NxJa0/eTzHcu52X5JT/750WU2fqG/HcsjeqOmbcqO+XeNiXgdyMzk0Sg3noGb19QOfHoy+tK4vWTzlMaNNxPv2rblzeXntU/sHcvJIHkzS+Elb8Xf9cNH8T33j9muX5MW/opTGL7UV/+ULn3v9stu/+sXc+HfH+OW24p/5eO9rFz5967Lc/XMg7p9KW/HXvfLMXUuPvXJPbv731uK/EKptxV+197nu/oOPP5Gb/3DcPz1txX/p/I/+/IEXHn01N36I8Xvbir9279bPdQ8ePC03/hNx//e113/e2HPui4ODvxzKi/98jN/fVvz7d9/z4fsW3nFB7vFdHffPQFvxLzr1sVvmH3z0pGpe/Hs79coJ8N50THqNdVtabnecOVsN44V/GarUrvnmp//7O9lQxlg7C+YwPgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAR6cf33j2Jy/9yMfXVJIQkpx1RpuI95XnrVo11Ea761555q6lx165p7FuSRtxAAAAgGJxHF6q11TDknBd0hNObLp+nCM4MZaSyfXZOYQYJztH0G6cUofilDsUp9KhOF0dijOvQ3G6OxSnWhCnGlqL0zNNnMpYr2gxn95p82k9Tl+H4szvUJz+9uM8u6YhzoKCOHH+ryifhR3aroFp47TeDxfNLE72NFOPs7hD+RzToTjHdijOcR2K83ttxJnXJM7xM4gzME0+2TnlmfbD/nTNE/LijN8oF8apJOX6Hc3m049P2zlplu30FbTTX/R63GI7PS22c0rmcaUZtlNtsZ3fn2U7SYvt/OEs2ykVtBP77fXZ/GI7sTR9O5UYZ+fs4tSfR7s6FOeGDsW5sUNx/q5Dcf6+Q3FummUcgFbF8f/EeG8gdC8YGyfVzjjZWYA43l06/nPq613eCSnGe3+mfl5RvOxAPRNv6Uzzm3JlPzneskx916R4lfp4ZJp41cZ4yzN3Fm5vdkIhk9/pmfruonjZiQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmEM/vvHsT176kY+vCUkY+9fUaBPxvvK8VauG2mh335o7l5fXPrW/sa670kYgAAAAoFAch3fVa6qhu7IydCfzJq1XTecBqmm5PFBbDi4Iq8eWyVBpvNybLJr2cZXxx/UvDGHz1hXbd+76wMbN664euXpky4dWnr3y3OFzzj1nxYaNm0aGaz9D6C6IF0IYn37YvnPXZ9Zt2jSybXutMpv/kvRxS9Jykj5u8INheGx5c5r/4oL2SlPam7sbrRw/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPhXdu0uRK6zfAD4e2ZmZ6bb5p/5069paDZDPkrUokncSqqle0Cw0CYhS0FmqmsJNsHipgltIrGOTcC2JihiSyBEcmEkFluLN/2wRewHgUiNBtwYpC1aRC+UVitpyYWkjGRnzuzMZCazHUs2jb/fxfl43ud9n/OeQOA5OwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADn01R1dKI8Nl4ZjkKIeuTUukjG0tk4Lg1Q94vPb/1ebuTU8tZYLjPAQgAAAEBfSR8+1IzkQy6TDulwzfTd4tAyEGb6fgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4H9Ivn6aqo5OlMfGK5dGIUQ9UmtdJGPpbByXBij/xjtPfurVkZG/tcaKA6wDAAAA9Jf04almJB+KYUkYiq5py0u+DSzomN+Zl6yzcJZ5nd8OeuUt6Zf3/T/HZ57tulmu95E+eesa5x0BAAAAPvyS/j/TjBRCLjOvZ//fr69P8hZ15KUb50F+KwAAAAD8d5L+P9eMFEMuU2z267Pt9xd35CXz+/3dPpm/rMf8fn/PX9s4+zs9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHx4TFVHJ8pj45V0FELUI6fWRTKWzsZxaYC6q14Y/sdthx9a3BrLZQZYCAAAAOgr6cNnWu98yGWGw1C4dLrvH7nlwNOff/rZ0RBCvc3PZsOODdu23buqfkzyVh49PPTdI29986y8lfXjnG0QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4wExVRyfKY+OVS6IQohBS3XJqXSRj6Wwclwao+/pnPveXx08892ZrrDjIBgAAAIC+kj48akbyoRiyIRuumr5r7fXP6PxAEJ2fxwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADm0H1fv/+rGyYnN97rYrJwYTzG+7mIGv+MF8rzuLhoLub4PyYAAOADtyhEofY+Xb1+rp8aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4EExVRyfKY+OVfBRC1COn1kUyls7GcWmAuvHzx3LzTr3wUmusOMA6AAAAQH9JHz7T++dDMQyFoXDl9F23bwLT/X/hPD4kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcEGZqo5OlMfGK/OiEKIeObUukrF0No5LA9R9bNf+Tx+a/51bW2O5zAALAQAAAH0lfXi2GcmHXOajIReubdxPtk+I0o1z9+8CM/O2tk0bnuW8+aHaNi8963q7W2bVds7spj4vn6xXqJ+b80q7O95IJpRa5hVDs3ypbV7Y2zZrXp/nDAAAADCHkv4/14wUQi6Ta+lzf9KWX9DnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9TFVHJ8pj45UoCiHqkVPrIhlLZ+O4NEDd+3/z/5d96ad7trfGigOsAwAAAPSX9OEzvX8+FMPC8H9h4XTfHwrt+UneP8unDz36r78uD2HFVcdHMp3L/jC5+NXrN7/YeQgh1Z6dCmF+o17Uo96vf/doemnt9OMhrLgyfe1Z9cK567UvGdeeKW9cu+3I8a19Xg4AAABcJJL+f6gZKYRc5p6e/X/Seffp/5umG/D5X9v18ysax0ZH3jEjVWjUS/Wo99mlT/5p2eq/v3Wm/z9XvU/s33zoiraC9UiHKK6Nbd6+7vgNB1PJruv10x31k/fyhW+8+e9NOx45Xa+fD/lGfEEm06X+2ccOl8S1ydS+ypr39lXb62d67P+h37504pcL9rx7pv47i4ab9a87x/7PXX/49of33rj/8Lr2+iGEUrf6b797a7j6D3c/2Ln/4Y6FW99867FDFNeOLj55cPWB4k3t9aOO+sn7/9mJx/b++JFvP5vUT34rsnxJt/qhS/1UR/1Xdl++6+Wd6xe010/12P+Ld7w6sqX0rd937v+utlUzPd/C2ft/4vqn7nxtQ/xA5xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDFZao6OlEeG6+kohCiHjm1LpKxdDaOSwPUfeO2Y2/fsedHP6jf5aaPxYF2AAAAAPST9OEzvX8+FEM2ZMPwdN//THnj2m1Hjm8Nhfpo1DhnJrfct+1jm7Zsv+euOXpyAAAAYLaS/j/TjBRCLrM0DDX6/7HN29cdv+FgKun/U0n/v+nuyY0rQjPvld2X73p55/oFze8EIUz/LCB/Ju+TM3m33HyscPKPX1nWNW/VTN7RxScPrj5QvCnJC615K0Pz+8QT1z9152sb4geaz9ea9/Evb5lsfJ5I1h2+/eG9N+4/vK65j8Z5uLFukjeZ2ldZ896+apKXbpzzjX0DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGebqo5OlMfGKyEdQtQjp9ZFMpbOxnFpgLprlv7iwctOPbewNZbLDLAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2EHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoK+/UXIlUVxwH8nJnZdtzZ1V0NsiJdrSjsISmIqJeKitAIoSdDwtJ8iIIgorCH1tBIrOglyHqRqKDaQijITRIt1uif9NJDBQXVQyDSQrlILxszc+40e3dvk3ctqD4fGM78zsz93t+998y9uwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/yJ9nXdHdz04fdt5N33y+D0nH7vlvft3XPLo6z+Obrnh4/0Dr5ya3Lpq29c3Ltty8N51E3tfPPLr0DthrGf0I+1hTSrrIcQTMYT6+1PPPTH56TnNuRhCqMbhsRBG4tIjIzGXsPa3EMLWVPTXZn/49skrtzXHHXv6Z80vyYXkjys0qlk/bcOz++W/pZ7W2fbphy8L316/cefnK996s2/8eNcCjvWu9RTC4s3d2zd/IYvSqylbbcuzjdO4IYQw0LXd1T36uvAv9n95QX1+Gs9KY6NHTvb56lxdyX0vX2f6cuNAj/0tVFEfZb/Xy2Cuzt+MFqqoz2x+JI3vpnHNaeZXs1cMlRhqnfbvi3+skdB13WKIrWtZ79SVrqdB+/hzdczVlVxd7csdV2u/aaFVY5w9n30vN5/djmtpflX3vXoetxfMn5vGevqhnsrqkH/T1pjzpnNcLVlfU3/Syz+h0nUPmm++c+HTxWikuUZcOmebmTlqM9lnkxufuri66YOjwwV9xP0x5cfTyJ/p5G//bGTwzjd2P7S8KH9zJeVXSuV/t/7Yz3fsfumFwvxns/xqqfwrDg2cWP/hrtWF52cqOz+1Uvl3ff/R0yvPvnt8vmvdyt+X5ddL5V83cax/aPrQ4cL+12bnZ1Gp/G+uvfmH1748cLwwP2T5A6XyN0088Ez/iulLC/MPt38KjdYKLbF+fhm/6qsVK34aLcr/Ijv/Q/Pkx575r47tveblJXvWFa7PDdn5GS7V/60XHdw5OH3ggqJ7Z9x3pp6cAP9Py9LfWE+muuz/mQvV9f/C86O19hNoML2GzuSOcpr7Wfw35gMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAAQkAAACAoP+v2xEoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBUAAAA//+TWid5")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)

3.025212219s ago: executing program 6 (id=542):
getgroups(0x2, &(0x7f0000000000)=[0x0, <r0=>0x0])
setregid(r0, 0x0)
r1 = socket(0x840000000002, 0x3, 0xff)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000100)={0x0, 0x0, <r2=>0x0}, &(0x7f0000000140)=0xc)
setresgid(0x0, 0x0, r2)

1.742622163s ago: executing program 3 (id=547):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0xa, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve0\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f0000000180)="0b036812e0ff64000200475400f6a13bb10000000800894f4820", 0x1fffe, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14)

1.467370023s ago: executing program 2 (id=549):
r0 = socket$rds(0x15, 0x5, 0x0)
syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000000c0)=0x2, 0x4)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ioctl$sock_proto_private(r0, 0x89e0, &(0x7f0000001080))

1.304330392s ago: executing program 5 (id=550):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000013000100000000000000000007000000", @ANYRES32, @ANYBLOB="000000000000000014001a80100005800c00068008"], 0x34}}, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000013000100000000000000000007000000", @ANYRES32=r1, @ANYBLOB="000000000000000014001a80100004800c0002"], 0x34}}, 0x0)

1.30357307s ago: executing program 1 (id=551):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = dup3(r0, r1, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_VENDOR(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000000000000000670000000800010002000000080003"], 0x30}}, 0x400c810)

1.121497795s ago: executing program 5 (id=552):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000840)={0x30, r1, 0x1, 0x70bd28, 0x25dfdbf7, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_TTL={0x5, 0x6, 0xd5}, @NL80211_MESHCONF_ELEMENT_TTL={0x5, 0xf, 0xfa}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4801}, 0x0)

1.119079203s ago: executing program 2 (id=553):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0, 0x0, 0x4100000000}, 0x18)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

1.01334361s ago: executing program 1 (id=554):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x50)

1.012699874s ago: executing program 0 (id=555):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18020000200000000000000000000000850000004100000095000000000000004be98911ed5a3cf4451d51e400827eef4df9eb3fd52b8f0a456c3a6cfd127868ad3fe3f9a9b946c97f9fc091e4c3f4b0a0d7ed298717a480c48868562f04005972b6a5265519fee4cb1b8b93f0b164770fd40c7a8060ce72beff7cda177e28a1a97b2c8c56a3f15b2f7a9b7ae2cf52d08555d3c3315e95095217bff8c9441a45fd00000000000000979ed4e35d21d13d428af521c553b9420385390207dc1634aee0244045e5c380e6090329d37b29a56c16d5c7bee160b91246bd2c205047bd92581165c774b1fd46072c161f1d33e6d5c1a5db7a714e3ed5468408f279bd9f98ec3c5ffd79cd37810f03000000b65d147fa05253a600adfb03775847b220369339529d434f3190c81c3dd501a780cfaaaa916c8a33ee4b52d18e160428893f33d206d3a7195e7f69c831099bdc940000aa2c2e61509bf6c58b100000000000000000000000005e3210346531c1eb14fbec6eb35d6f3e3853512c6bf186bd8b75d17aeeaa07"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000003940)={r2, r1, 0x25, 0x2, @val=@netfilter={0x7, 0x0, 0x100}}, 0x20)
syz_emit_ethernet(0x4a, &(0x7f00000022c0)=ANY=[], 0x0)

912.279305ms ago: executing program 5 (id=556):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$unix(0x1, 0x2, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002abd7000fddbdf250700000008000300", @ANYRES32=r3, @ANYBLOB="0c009900ff070000700000001400040073797a6b616c6c65723000000000000008000500060000001c00178004000300040007"], 0x60}, 0x1, 0x0, 0x0, 0x81}, 0x24044884)

911.395716ms ago: executing program 2 (id=557):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)='\\', 0x1}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r0, &(0x7f0000000280)="ca", &(0x7f0000000000)=""/3, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r0, &(0x7f0000000140), &(0x7f0000000000)=""/6, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={r0, &(0x7f0000000100), &(0x7f0000000000), 0x2}, 0x20)

897.977523ms ago: executing program 6 (id=558):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="ffffffffffffbbbbbbbbbbbb88a84e008100f1064305"], 0x16)

853.814461ms ago: executing program 1 (id=559):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000200000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'netdevsim0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@gettclass={0x24, 0x2a, 0x1, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r2, {0x0, 0x5}, {0xe, 0x12}, {0xb, 0xffe6}}}, 0x24}}, 0x4000010)

812.634577ms ago: executing program 0 (id=560):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'ansi_cprng\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000003c0)="93378e66cf9b48cb59638401fcd1730172853a9fa89527996042ab60ae29f9c1", 0x20)
r1 = accept4(r0, 0x0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000002a80)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)=""/68, 0x44}], 0x1}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000100)=""/13, 0xd}], 0x1}}], 0x2, 0x220, 0x0)

708.667225ms ago: executing program 5 (id=561):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_INPUT(r0, &(0x7f0000001980)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa10100000009b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad7c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af801034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0)
r1 = socket(0x18, 0x1, 0x1)
getsockopt$inet_int(r1, 0x111, 0x32, 0x0, &(0x7f0000000380))

674.492444ms ago: executing program 1 (id=562):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
r2 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000580)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@dfltuid}, {@privport}, {@uname={'uname', 0x3d, '$):(]'}}, {@posixacl}, {@uname={'uname', 0x3d, 'access=any'}}]}})

665.568984ms ago: executing program 2 (id=563):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xf0f024})
r1 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
ioctl$VIDIOC_S_SELECTION(r1, 0xc040565f, &(0x7f0000000940)={0xa, 0x0, 0x7, {0x8000, 0x1000, 0x4, 0x86c}})
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000100)={0x2, @vbi={0x9, 0x7, 0x80000000, 0x34524742, [0x1000, 0x7], [0x9, 0xfff], 0x108}})

647.717618ms ago: executing program 0 (id=564):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000a80)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0xffffffffffffff2b)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r0)
r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r1, &(0x7f0000001fc0)=""/184, 0x20002078)

570.376945ms ago: executing program 5 (id=565):
r0 = syz_clone(0x0, &(0x7f0000001100), 0x0, 0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f00000009c0)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000380)=r0, 0x12)

487.283633ms ago: executing program 0 (id=566):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000140)='./file1\x00', 0x81c00a, &(0x7f00000003c0)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c696f636861727365743d69736f383835392d312c666d61736b3d30303030303030303030303030303030303030303036362c6e6f6e756d7461696c3d302c756e695f786c6174653d302c666d61736b3d30303030303030303030303030303030303030303030332c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c757466383d312c636865636b3d7374726963742c757466383d302c756e695f786c6174653d312c756e695f786c6174653d302c666c7573682c757466383d302c726f6469722c747a3d5554432c00e696e27e745267d0e7f7d60cf64c4d116172285e0a94b37c3f04b4e454913b1615b6c103a4be033c3f79c81a7a0dc9f3282eb2b984b8df829f11f7b15ceaa2ddb341548691e92d41d923144fa5f6aa8b37c7698e74a04d87cb16f3c338160646d1719f9aa1097cb78032fa4c9c60c14840662537510c0ac9f95a646f5231c0c9eb096b898803099b3050797137354ed2fb2a3dd97ad790f0758b4561eb7180b4b366c9ac840ca3d57727827ab961af0bb24ac6b14796d3bedfa4addb1c2f59217a563ca0a3729d45669905a6f0f3dbf3fd22ab36dfe7cf80913ecb4656ca"], 0x6, 0x2cf, &(0x7f0000002080)="$eJzs3T9rJGUYAPBnNrN//AO7hZUIDmhhdVyutdlD7kBM5bGFWmjw7kCyi3AHAUUcrxI7v4CfQBD8DrY2dpaCH8DyhIORmZ3ZP8nsJpFsxMvv1+TJvO8z7zMzL8mkyLOfvDY7up/Fwydf/RGDQRKdcYzjaRKj6ETjm1gz/j4AgP+zp0URfxVzLcO/f7chL4mIwY5rAwB244zf/7V0Gf58JWUBADt074MP37t9cHDn/SwbxN3Zt8eT8i/78ut8/PbD+Cym8SBuxjCeRVQvCt2o3hbK8G5RFHmalUbx5iw/npSZs49/rc//y8t1sB/DGFXR4m2jyn/34M5+NreSn5d1vFivPy7XvxXDeGWRvJZ/qyU/Jr14642V+m/EMH77ND6Padyviljmf72fZe+UrzgfleWV+Ul+POlX85aKvWbx/AqfDwAAAAAAAAAAAAAAAAAAAAAAz6cbde+cflT9e8pDdf+dvWflN93IGqP1/jzz/KQ50Wp/oKIo8iJ+aPrr3MyyrKgnLvPTeDVdbSwIAAAAAAAAAAAAAAAAAAAA19fjL748OpxOHzy6lKDpBpBGxN/3Iv7tecYrR16P7ZP79ZqH02mnDtfnpKtHYq+Zk0RsLSPSRTODS7s/G4IXTtVcBz/+1JbVW39waazMGZy9aLd9rcsMmt11dJhE65z+oubBfJNUjSCWc3pxzrV6m4aKuMj267UODbdllXv99HleqoJ8w50vg0i2Ffb2n/M7Vx9JTl5Fr7qrrendOoi2wqq90f4sTgQxmKef/lmR6NYBAAAAAAAAAAAAAAAAAAA7tfzv35bBJ1tTO0V/Z2UBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJVafv7/BYK8Tj7H5F48evwfXyIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADXwD8BAAD//2T0YAU=")
mount$nfs(&(0x7f0000000100)='..@', 0x0, 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./bus\x00', 0x23)

441.626269ms ago: executing program 1 (id=567):
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000080)='./file1\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000900, 0x0, &(0x7f0000000340)={0x4, 0x0, 0x8, 0x0, 0x0, 0x2, 0x0, 0x3ff, 0x6})

441.474597ms ago: executing program 2 (id=568):
r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
ioctl$sock_bt_hidp_HIDPCONNADD(r0, 0x400448c8, &(0x7f0000000340)={r1, r1, 0xc, 0x30, &(0x7f00000009c0)="160000000000000000b2317233f54c843626ac7a395c5e5813bc3845128e05bad960a992250417d49077e5115119c680", 0x9, 0x1, 0x16c0, 0x5505, 0x8b, 0x1, 0x0, 'syz0\x00'})
ioctl$sock_bt_hidp_HIDPCONNDEL(r0, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}})

330.15248ms ago: executing program 6 (id=569):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000300)={0x0, 0xfffffffc, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f00000000c0)={0x32b, @tick=0xf, 0x0, {0x6, 0x4e}, 0x0, 0x0, 0xc})

245.581877ms ago: executing program 0 (id=570):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000400)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000140)={0x28, 0x6, r1, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x800})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000280)={0x28, 0x6, r1, 0x0, &(0x7f0000000380)="19", 0x1, 0x5})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000240)={0x28, 0x6, r1, 0x0, &(0x7f0000000e00)="b0", 0x1, 0x8})

245.009125ms ago: executing program 1 (id=571):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x7, &(0x7f0000000940)=@framed={{0x18, 0x7}, [@ringbuf_query]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$inet_tcp_int(r0, 0x6, 0x24, &(0x7f0000000280)=0x1, 0x4)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x300, 0x0, 0x0)

190.237718ms ago: executing program 5 (id=572):
syz_mount_image$nilfs2(&(0x7f000000b900), &(0x7f0000000f00)='./file0\x00', 0x3210052, &(0x7f000000b800)=ANY=[], 0x3, 0xebd, &(0x7f0000004540)="$eJzs3U9sHNUZAPA3a6/txCZeAwUDJaTQikDBDkmkprcgUI+IS++gkNAIQ1FDD0T8MT0gKiGKhDhVHKi4UCqlSK0EqlShntqeWvXWE+qFSlUqBfVSpMRV7PfWu8+e7npsz9q7v5/07ds3b3a+b7yRMzOefRuAkdVYfTx5cr4I4d1P33n05aeK315fdld7jSOrj0XstUIIzY5+kW3v87jg6pWXzmzWFuH46mPqh8cut187HUJYDkfCZ6EVPlpc+vLD9x45+vHrU7e8dfGZV3Zp99vy/QAAgGF06c9Lf7/vn396YO6rS4dPh8n28nR83or96XjcfyweKKfj5Ubo7hcd0WkiW28sRiNbbyxbbzzLM16Sr5ltp1my3kSPfGMdyzbbTwAAANiP0nltKxSNha5+o7GwsHbef93nsxPFwnPnl85dGFChAAAAQGX/eXX1plshhBBCCCGEEEIMcazMDvoKBAAAADBq8vnCNlje2Zm62ltr9Zf/8sONzV8PO6Duf//y76/8H7zmNw4AANUN69Fk2q90HJ3mMcjnERzLXrfV4/9Gtp3xLdZZNq/gfplvsKzO/Oe6V5XVv9X3cVDK6s/nw9yryurP5+ncq8rqn6y5jqrK6p+quY6qyuo/UHMdVZXVf7DmOqoqq3+65jqqKqt/puY6qiqr/4aa66iqrP5DNddRVVn9++W22rL6WzXXUVVZ/XM111FVWf031lxHVWX131RzHVWV1X9zzXUMyp2xTT+Hw9l45/lzfk63X87xAAAAYNT91/x/QgghhBBCCCHE0Merg74AAQAAAAxc+lxA+tT7SpTGx3qMj/cYb/YYn+gxPtljHAAAAAjhd2+cu+3tYv1z/tudDy/NG5XmX9rqPEb5fIRbzb/dec+2m3+/zFsGAADAaCm+99m1+x99/4W5ry4dPt1x9nstnu+meUDH47WBT2I/3Rcwk/WLdA59ujtPo2S9/PrADWXbe3ybOwoAAAAjLJ2/t0LRWOg4726FRmNhYf18fD40i3Pnl84ei/30/Sx/nG1OXl/+UM11AwAAAP1bP9/f/Pw/fY/vfJgoFp47v3Tuwlp/pr282ei8LjC7vrzovC7QypYfL1l+IvbT93f+YPbA6vKFMz9cemqndx4AAABGxIUXLz7z5NLS2R954oknnrSfDPo3EwAAsNO++OKd5o9PzPx+7fP/6/Pfpc//H4n9Vpzb7y9xhXSfQPocwIbP6z/RnWe2bL3nu9drZeuNxZjM6p7q2E7omG8wvW6uLF+rezsTJfmms3wzWb58noLxbP2U71C2PJ+fMK03my3P52Ecz3IUWf67AwAAAJRbfOHZ5xcvvHjxwfPPPvn02afPPnfi+Knvnjp17KHvPLS4el//Yufd/QAAAMB+tH7T76ArAQAAAAAAAAAAAAAAAAAAgNFVx9eJDXofAQAAYNT9+9UQwrIQoiTWvgJz8HUIIYQQQvSOsT1QgxBiz8bKSv5N8wAAAAC76+qVl850thssFzuar7211lpzLeZN7cyDf5u7Hmm1yw93Xy85uKPVMOrq/vcv//7K/8FrO5t/Kj3p+/dfo3sDp6vlvXfxl/Od+W8f7zN/vv+PV8t/NMt/b+gv/8r7Wf4nquW/L8t/sM/8G/b/+Wr574/552P/6D395u9+/ydjm/bjQJ/5v53t/1Oh3/zZ/rf6TJh5IOYHgFHUGHQBuyQdJaTj6OnYT/sbDzdDfvfDVo//G9l2xrddefd203HQrbGfjpdmsrzJVuufzrZ3Q8U6c/vlrpKy+nfqfdxtZfU3a66jqrL6J2quo6qy+idrrqOqsvqnaq6jqrL6+z0PHbSy+vfLdeWy+qdrrqOqsvpnaq6jqrL6t/r/+KCU1X+o5jqqKqt/tuY6qiqrv+JltdqV1T9Xcx1VldV/Y811VFVW/00111FVWf0311zHoNwR27Lz4XT+ORvHUr+V9Sc3+VkO67UFAAAA2G/+Zf4/IYQQQgghhBBi6GNlZdBXIBik3f00MwB7ld//o837P9q8/6PN+8//k+7hL7J+MtZjfLzHeLPH+EQ2nv97newxflO23ZUojd/cY/xrPcYP9Ri/tcf4fI/x23qM395j/I4e4wAAAIyGW2Lr/BAAAACG18u/+uTN39z7xJW5ry4dPh0mNsw7fyz2J+Pf1t+I/Xze+6QZ/+b/k9j/RWz/ENt/ZOu7/wQAAAB2X/qeGH//BwAAgOGVvqfU+T8AAAAMr7nYOv8HAACA4XVjbJ3/AwAAwBArpjZfHNt0XeDu2PY7rx8AsPd9PbZ3xvZwbO+K7Tdim44D7ontN2uqDwDYOT///k9PvV2sz/d/Ihu/GpendoPltSsFRaN7Jv8DsT0Y22/1WU/+fQD95k8O9Zlnt/LPbjM/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA8GquPJ0/OFyG8++k7j/5s4s2/Xl92V3uNI6uPRey1QgjN9uvS6Hr/13HFq1deOtPZXottEY6HIhTt5eGxy+1M0yGE5XAkfBZa4aPFpS8/fO+Rox+/PnXLWxefeWUXfwRd+wcAAADD6H8BAAD//8WNHkw=")
syz_mount_image$exfat(0x0, &(0x7f0000000080)='./bus\x00', 0x84c00, 0x0, 0x0, 0x0, &(0x7f0000000000))
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./bus/file0\x00', 0x8000a, 0x0, 0x1, 0x0, &(0x7f0000000000))
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x10000, 0x0)
renameat2(r0, &(0x7f0000000240)='./bus/file0\x00', r0, &(0x7f00000001c0)='./file0\x00', 0x0)

18.411903ms ago: executing program 2 (id=573):
r0 = timerfd_create(0x8, 0x0)
timerfd_settime(r0, 0x3, &(0x7f00000000c0)={{0x0, 0x989680}, {0x77359400}}, 0x0)
clock_settime(0x0, &(0x7f0000000100)={0x77359400})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
timerfd_settime(r0, 0x3, &(0x7f0000000300)={{}, {0x77359400}}, 0x0)

6.591541ms ago: executing program 6 (id=574):
syz_io_uring_setup(0x6148, &(0x7f0000000340)={0x0, 0x13ea, 0x2, 0x2, 0x3c6}, 0x0, 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x4200, 0x11cfa, 0x0, 0x8000008, 0x7, 0x4, 0x1, 0x0, 0x7cce8c743ee810df})
unshare(0x20000400)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

0s ago: executing program 0 (id=575):
r0 = syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f00000015c0)='./file0\x00', 0x0, &(0x7f00000001c0)={[{@clear_cache}, {@user_subvol_rm}, {@compress_force_algo={'compress-force', 0x3d, 'zlib'}}, {@noautodefrag}, {@autodefrag}, {@autodefrag}, {@max_inline={'max_inline', 0x3d, [0x70, 0x32, 0x37, 0x0, 0x32, 0x36, 0x32, 0x36, 0x2d, 0x37]}}, {@nodatacow}], [{@dont_hash}, {@subj_type={'subj_type', 0x3d, 'autodefrag'}}, {@hash}, {@context={'context', 0x3d, 'system_u'}}]}, 0x0, 0x559e, &(0x7f00000103c0)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
ioctl$BTRFS_IOC_QUOTA_CTL(r0, 0xc0109428, &(0x7f0000000580)={0x1})
chdir(&(0x7f0000000040)='./file0\x00')
truncate(&(0x7f0000000000)='./file1\x00', 0xfbaf)
unlink(&(0x7f0000000140)='./file1\x00')

kernel console output (not intermixed with test programs):

ce loop2): rebuilding free space tree
[  112.888966][ T6195] BTRFS info (device loop2): disabling free space tree
[  112.896026][ T6195] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  112.947831][ T6195] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  113.318745][ T6224] loop0: detected capacity change from 0 to 40427
[  113.326349][ T5841] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  113.354277][ T6224] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x3fffff
[  113.379995][ T6224] F2FS-fs (loop0): Image doesn't support compression
[  113.414418][ T6224] F2FS-fs (loop0): heap/no_heap options were deprecated
[  113.422455][ T6224] F2FS-fs (loop0): Image doesn't support compression
[  113.445086][ T6224] F2FS-fs (loop0): invalid crc value
[  113.545063][ T6215] 8021q: adding VLAN 0 to HW filter on device bond0
[  113.583196][ T6215] bond0: (slave rose0): Enslaving as an active interface with an up link
[  113.648980][ T6248] loop1: detected capacity change from 0 to 64
[  113.682532][ T6224] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  113.898832][ T6224] syz.0.69: attempt to access beyond end of device
[  113.898832][ T6224] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  113.974600][ T6224] CPU: 1 UID: 0 PID: 6224 Comm: syz.0.69 Not tainted 6.15.0-rc2-syzkaller-00404-g8560697b23dc #0 PREEMPT(full) 
[  113.974634][ T6224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  113.974649][ T6224] Call Trace:
[  113.974658][ T6224]  <TASK>
[  113.974669][ T6224]  dump_stack_lvl+0x241/0x360
[  113.974716][ T6224]  ? __pfx_dump_stack_lvl+0x10/0x10
[  113.974753][ T6224]  ? srso_alias_return_thunk+0x5/0xfbef5
[  113.974781][ T6224]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  113.974821][ T6224]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  113.974868][ T6224]  ? srso_alias_return_thunk+0x5/0xfbef5
[  113.974896][ T6224]  ? f2fs_hw_is_readonly+0x3a3/0x470
[  113.974939][ T6224]  f2fs_handle_critical_error+0x392/0x5a0
[  113.974986][ T6224]  f2fs_write_end_io+0x563/0x790
[  113.975035][ T6224]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  113.975079][ T6224]  ? bio_endio+0x7e4/0x890
[  113.975106][ T6224]  ? bio_endio+0x82a/0x890
[  113.975136][ T6224]  __submit_merged_bio+0x2a9/0x710
[  113.975165][ T6224]  ? f2fs_submit_merged_write_cond+0x101/0x380
[  113.975207][ T6224]  f2fs_submit_merged_write_cond+0x29f/0x380
[  113.975257][ T6224]  f2fs_write_data_pages+0x2f99/0x38d0
[  113.975349][ T6224]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  113.975414][ T6224]  ? __pfx_stack_trace_save+0x10/0x10
[  113.975444][ T6224]  ? __bfs+0x14c/0x270
[  113.975561][ T6224]  ? srso_alias_return_thunk+0x5/0xfbef5
[  113.975590][ T6224]  ? __lock_acquire+0xad5/0xd80
[  113.975632][ T6224]  ? srso_alias_return_thunk+0x5/0xfbef5
[  113.975658][ T6224]  ? do_raw_spin_lock+0x151/0x370
[  113.975699][ T6224]  ? srso_alias_return_thunk+0x5/0xfbef5
[  113.975726][ T6224]  ? do_raw_spin_unlock+0x13c/0x8b0
[  113.975762][ T6224]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  113.975802][ T6224]  do_writepages+0x366/0x890
[  113.975856][ T6224]  ? __pfx_do_writepages+0x10/0x10
[  113.975886][ T6224]  ? srso_alias_return_thunk+0x5/0xfbef5
[  113.975913][ T6224]  ? __lock_acquire+0xad5/0xd80
[  113.975955][ T6224]  ? srso_alias_return_thunk+0x5/0xfbef5
[  113.975982][ T6224]  ? do_raw_spin_lock+0x151/0x370
[  113.976030][ T6224]  ? srso_alias_return_thunk+0x5/0xfbef5
[  113.976044][ T6087] chnl_net:caif_netlink_parms(): no params data found
[  113.976058][ T6224]  ? do_raw_spin_unlock+0x13c/0x8b0
[  113.976099][ T6224]  filemap_fdatawrite+0x1f2/0x2a0
[  113.976138][ T6224]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  113.976233][ T6224]  ? srso_alias_return_thunk+0x5/0xfbef5
[  113.976259][ T6224]  ? do_raw_spin_unlock+0x13c/0x8b0
[  113.976302][ T6224]  f2fs_sync_dirty_inodes+0x34f/0x860
[  113.976364][ T6224]  f2fs_write_checkpoint+0x857/0x1da0
[  113.976434][ T6224]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  113.976469][ T6224]  ? srso_alias_return_thunk+0x5/0xfbef5
[  113.976560][ T6224]  ? __pfx_down_write+0x10/0x10
[  113.976607][ T6224]  f2fs_issue_checkpoint+0x372/0x5a0
[  113.976636][ T6224]  ? __pfx_f2fs_issue_checkpoint+0x10/0x10
[  113.976662][ T6224]  ? srso_alias_return_thunk+0x5/0xfbef5
[  113.976688][ T6224]  ? down_read+0x813/0xa50
[  113.976736][ T6224]  ? srso_alias_return_thunk+0x5/0xfbef5
[  113.976763][ T6224]  ? __up_read+0x2c4/0x6b0
[  113.976801][ T6224]  ? srso_alias_return_thunk+0x5/0xfbef5
[  113.976828][ T6224]  ? f2fs_sync_fs+0x214/0x3f0
[  113.976871][ T6224]  f2fs_do_sync_file+0xaac/0x1b00
[  113.976931][ T6224]  ? __pfx_f2fs_do_sync_file+0x10/0x10
[  113.977030][ T6224]  ? __fget_files+0x2a/0x420
[  113.977056][ T6224]  ? srso_alias_return_thunk+0x5/0xfbef5
[  113.977083][ T6224]  ? __fget_files+0x39d/0x420
[  113.977104][ T6224]  ? __fget_files+0x2a/0x420
[  113.977132][ T6224]  ? srso_alias_return_thunk+0x5/0xfbef5
[  113.977159][ T6224]  ? f2fs_sync_file+0xe9/0x160
[  113.977201][ T6224]  __x64_sys_fsync+0x190/0x1f0
[  113.977234][ T6224]  do_syscall_64+0xf3/0x210
[  113.977269][ T6224]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.977292][ T6224] RIP: 0033:0x7f60a178e169
[  113.977313][ T6224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.977332][ T6224] RSP: 002b:00007f60a253c038 EFLAGS: 00000246 ORIG_RAX: 000000000000004a
[  113.977357][ T6224] RAX: ffffffffffffffda RBX: 00007f60a19b5fa0 RCX: 00007f60a178e169
[  113.977375][ T6224] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005
[  113.977389][ T6224] RBP: 00007f60a1810a68 R08: 0000000000000000 R09: 0000000000000000
[  113.977407][ T6224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  113.977421][ T6224] R13: 0000000000000000 R14: 00007f60a19b5fa0 R15: 00007ffe59285b18
[  113.977464][ T6224]  </TASK>
[  114.007572][ T6224] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  114.327089][ T5145] Bluetooth: hci5: command tx timeout
[  115.084734][ T6087] bridge0: port 1(bridge_slave_0) entered blocking state
[  115.133980][ T6267] loop2: detected capacity change from 0 to 32768
[  115.140702][ T6087] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.179027][ T6087] bridge_slave_0: entered allmulticast mode
[  115.186952][ T6087] bridge_slave_0: entered promiscuous mode
[  115.198910][ T6267] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.72 (6267)
[  115.253633][ T6287] loop3: detected capacity change from 0 to 128
[  115.282770][ T6287] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  115.316239][ T6267] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  115.359476][ T6287] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  115.373828][ T6267] BTRFS info (device loop2): using crc32c (crc32c-x86_64) checksum algorithm
[  115.435799][ T6267] BTRFS info (device loop2): disk space caching is enabled
[  115.470259][ T6267] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  115.602981][ T6087] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.658145][ T6087] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.706162][ T6087] bridge_slave_1: entered allmulticast mode
[  115.743295][ T6087] bridge_slave_1: entered promiscuous mode
[  115.891881][ T6267] BTRFS info (device loop2): rebuilding free space tree
[  115.959946][ T6267] BTRFS info (device loop2): disabling free space tree
[  115.978466][ T6317] netlink: 12 bytes leftover after parsing attributes in process `syz.3.86'.
[  115.998107][ T6267] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  116.019789][ T6267] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  116.066626][ T6313] netlink: 8 bytes leftover after parsing attributes in process `syz.5.88'.
[  116.234405][ T6087] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  116.348646][ T6087] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  116.393572][ T6323] loop5: detected capacity change from 0 to 512
[  116.469195][ T6323] EXT4-fs error (device loop5): ext4_iget_extra_inode:4693: inode #15: comm syz.5.91: corrupted in-inode xattr: invalid ea_ino
[  116.547242][ T6323] EXT4-fs error (device loop5): ext4_orphan_get:1395: comm syz.5.91: couldn't read orphan inode 15 (err -117)
[  116.656059][ T6323] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.693770][ T6333] loop1: detected capacity change from 0 to 512
[  116.722345][ T6087] team0: Port device team_slave_0 added
[  116.764206][ T6333] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  116.775699][ T6087] team0: Port device team_slave_1 added
[  116.908428][ T6333] EXT4-fs error (device loop1): __ext4_iget:5025: inode #16: block 589858: comm syz.1.93: invalid block
[  116.920756][ T5841] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  116.974067][ T5838] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.978528][ T6333] EXT4-fs error (device loop1): ext4_orphan_get:1395: comm syz.1.93: couldn't read orphan inode 16 (err -117)
[  117.033346][ T6333] EXT4-fs (loop1): 1 orphan inode deleted
[  117.042194][ T6333] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  117.195766][ T6087] batman_adv: batadv0: Adding interface: batadv_slave_0
[  117.224734][ T6087] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  117.317514][ T6087] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  117.356691][ T6346] loop3: detected capacity change from 0 to 256
[  117.359385][ T6087] batman_adv: batadv0: Adding interface: batadv_slave_1
[  117.388489][ T6087] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  117.455761][ T5843] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.514343][ T6087] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  117.562842][ T6346] FAT-fs (loop3): Directory bread(block 64) failed
[  117.601436][ T6346] FAT-fs (loop3): Directory bread(block 65) failed
[  117.641965][ T6346] FAT-fs (loop3): Directory bread(block 66) failed
[  117.697497][ T6346] FAT-fs (loop3): Directory bread(block 67) failed
[  117.704160][ T6346] FAT-fs (loop3): Directory bread(block 68) failed
[  117.767475][ T6346] FAT-fs (loop3): Directory bread(block 69) failed
[  117.774151][ T6346] FAT-fs (loop3): Directory bread(block 70) failed
[  117.847534][ T6346] FAT-fs (loop3): Directory bread(block 71) failed
[  117.887684][ T6346] FAT-fs (loop3): Directory bread(block 72) failed
[  117.953427][ T6346] FAT-fs (loop3): Directory bread(block 73) failed
[  117.977857][ T6363] loop2: detected capacity change from 0 to 256
[  118.065101][ T6087] hsr_slave_0: entered promiscuous mode
[  118.112348][ T6087] hsr_slave_1: entered promiscuous mode
[  118.149503][ T6087] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  118.190551][ T6087] Cannot create hsr debugfs directory
[  119.259710][ T6087] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  119.348098][ T6087] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  119.447248][ T6087] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  119.531539][ T6364] loop5: detected capacity change from 0 to 32768
[  119.547555][ T6087] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  119.554472][ T6391] loop3: detected capacity change from 0 to 4096
[  119.649558][ T6391] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512).
[  119.661446][ T6364] XFS (loop5): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  119.720221][ T6380] loop2: detected capacity change from 0 to 32768
[  119.787957][ T6380] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  119.833449][ T6369] loop0: detected capacity change from 0 to 40427
[  119.903810][ T6369] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x3fffff
[  119.917865][ T6364] XFS (loop5): Ending clean mount
[  119.951533][ T6369] F2FS-fs (loop0): Image doesn't support compression
[  119.954998][ T6364] XFS (loop5): Quotacheck needed: Please wait.
[  119.958534][ T6369] F2FS-fs (loop0): Image doesn't support compression
[  120.001497][ T6369] F2FS-fs (loop0): invalid crc value
[  120.014206][ T6380] XFS (loop2): Ending clean mount
[  120.080491][ T6380] XFS (loop2): Quotacheck needed: Please wait.
[  120.096784][ T6364] XFS (loop5): Quotacheck: Done.
[  120.174066][ T6087] 8021q: adding VLAN 0 to HW filter on device bond0
[  120.195591][ T6380] XFS (loop2): Quotacheck: Done.
[  120.310427][ T6087] 8021q: adding VLAN 0 to HW filter on device team0
[  120.351869][ T3537] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.359042][ T3537] bridge0: port 1(bridge_slave_0) entered forwarding state
[  120.430134][ T6369] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  120.455221][ T5841] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  120.474433][ T3537] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.481611][ T3537] bridge0: port 2(bridge_slave_1) entered forwarding state
[  120.506666][ T6425] loop3: detected capacity change from 0 to 64
[  120.583000][ T5838] XFS (loop5): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  120.769960][ T6369] F2FS-fs (loop0): inject no more block in inc_valid_node_count of f2fs_new_node_page+0x220/0xfe0
[  120.937823][   T30] audit: type=1326 audit(1745087317.555:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6429 comm="syz.3.119" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f901538e169 code=0x0
[  121.096035][ T5839] syz-executor: attempt to access beyond end of device
[  121.096035][ T5839] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  121.139380][ T5839] CPU: 1 UID: 0 PID: 5839 Comm: syz-executor Not tainted 6.15.0-rc2-syzkaller-00404-g8560697b23dc #0 PREEMPT(full) 
[  121.139415][ T5839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  121.139428][ T5839] Call Trace:
[  121.139437][ T5839]  <TASK>
[  121.139446][ T5839]  dump_stack_lvl+0x241/0x360
[  121.139490][ T5839]  ? __pfx_dump_stack_lvl+0x10/0x10
[  121.139524][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[  121.139552][ T5839]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  121.139590][ T5839]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  121.139627][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[  121.139674][ T5839]  ? f2fs_hw_is_readonly+0x3a3/0x470
[  121.139713][ T5839]  f2fs_handle_critical_error+0x392/0x5a0
[  121.139753][ T5839]  f2fs_write_end_io+0x563/0x790
[  121.139796][ T5839]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  121.139835][ T5839]  ? bio_endio+0x7e4/0x890
[  121.139862][ T5839]  ? bio_endio+0x82a/0x890
[  121.139896][ T5839]  __submit_merged_bio+0x2a9/0x710
[  121.139924][ T5839]  ? f2fs_submit_merged_write_cond+0x101/0x380
[  121.139961][ T5839]  f2fs_submit_merged_write_cond+0x29f/0x380
[  121.140005][ T5839]  f2fs_write_data_pages+0x2f99/0x38d0
[  121.140084][ T5839]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  121.140135][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[  121.140162][ T5839]  ? __bfs+0x14c/0x270
[  121.140230][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[  121.140257][ T5839]  ? __mod_memcg_lruvec_state+0x301/0x4f0
[  121.140313][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[  121.140340][ T5839]  ? __lock_acquire+0xad5/0xd80
[  121.140379][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[  121.140406][ T5839]  ? do_raw_spin_lock+0x151/0x370
[  121.140444][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[  121.140471][ T5839]  ? do_raw_spin_unlock+0x13c/0x8b0
[  121.140504][ T5839]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  121.140543][ T5839]  do_writepages+0x366/0x890
[  121.140586][ T5839]  ? __pfx_do_writepages+0x10/0x10
[  121.140614][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[  121.140641][ T5839]  ? __lock_acquire+0xad5/0xd80
[  121.140680][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[  121.140706][ T5839]  ? do_raw_spin_lock+0x151/0x370
[  121.140748][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[  121.140775][ T5839]  ? do_raw_spin_unlock+0x13c/0x8b0
[  121.140814][ T5839]  filemap_fdatawrite+0x1f2/0x2a0
[  121.140851][ T5839]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  121.140934][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[  121.140962][ T5839]  ? do_raw_spin_unlock+0x13c/0x8b0
[  121.141001][ T5839]  f2fs_sync_dirty_inodes+0x34f/0x860
[  121.141058][ T5839]  f2fs_write_checkpoint+0x857/0x1da0
[  121.141121][ T5839]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  121.141212][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[  121.141241][ T5839]  ? kill_f2fs_super+0x290/0x6d0
[  121.141269][ T5839]  kill_f2fs_super+0x2b8/0x6d0
[  121.141299][ T5839]  ? __pfx_kill_f2fs_super+0x10/0x10
[  121.141330][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[  121.141357][ T5839]  ? shrinker_free+0x2ca/0x3d0
[  121.141383][ T5839]  deactivate_locked_super+0xc6/0x130
[  121.141416][ T5839]  cleanup_mnt+0x422/0x4c0
[  121.141444][ T5839]  ? lockdep_hardirqs_on+0x9d/0x150
[  121.141473][ T5839]  task_work_run+0x253/0x310
[  121.141514][ T5839]  ? __pfx_task_work_run+0x10/0x10
[  121.141551][ T5839]  ? srso_alias_return_thunk+0x5/0xfbef5
[  121.141584][ T5839]  syscall_exit_to_user_mode+0x13f/0x340
[  121.141614][ T5839]  do_syscall_64+0x100/0x210
[  121.141647][ T5839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.141671][ T5839] RIP: 0033:0x7f60a178f497
[  121.141692][ T5839] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  121.141711][ T5839] RSP: 002b:00007ffe59284da8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  121.141737][ T5839] RAX: 0000000000000000 RBX: 00007f60a1810854 RCX: 00007f60a178f497
[  121.141754][ T5839] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe59284e60
[  121.141769][ T5839] RBP: 00007ffe59284e60 R08: 0000000000000000 R09: 0000000000000000
[  121.141785][ T5839] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe59285ef0
[  121.141801][ T5839] R13: 00007f60a1810854 R14: 000000000001d83a R15: 00007ffe59285f30
[  121.141839][ T5839]  </TASK>
[  121.145378][ T5839] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  121.540731][ T6403] loop1: detected capacity change from 0 to 32768
[  121.731505][ T6447] netlink: 8 bytes leftover after parsing attributes in process `syz.5.118'.
[  121.823595][ T6403] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[  121.834392][ T6087] 8021q: adding VLAN 0 to HW filter on device batadv0
[  121.959218][ T6403] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  122.185626][ T5843] ocfs2: Unmounting device (7,1) on (node local)
[  122.815354][ T6470] loop3: detected capacity change from 0 to 4096
[  122.959092][ T6479] netlink: 4 bytes leftover after parsing attributes in process `syz.2.128'.
[  123.118330][ T5902] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  123.170132][ T6087] veth0_vlan: entered promiscuous mode
[  123.249539][ T6087] veth1_vlan: entered promiscuous mode
[  123.341214][ T5902] usb 6-1: Using ep0 maxpacket: 32
[  123.366959][ T5902] usb 6-1: config 0 interface 0 has no altsetting 0
[  123.431583][ T5902] usb 6-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  123.469759][ T5902] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.492297][ T6087] veth0_macvtap: entered promiscuous mode
[  123.512284][ T5902] usb 6-1: Product: syz
[  123.516769][ T5902] usb 6-1: Manufacturer: syz
[  123.550048][ T6087] veth1_macvtap: entered promiscuous mode
[  123.573928][ T5902] usb 6-1: SerialNumber: syz
[  123.603269][ T5902] usb 6-1: config 0 descriptor??
[  123.641500][ T6087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  123.703373][ T6087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  123.761299][ T6087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  123.783835][ T6087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  123.794649][ T6087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  123.806441][ T6087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  123.816707][ T6087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  123.829115][ T6087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  123.840154][ T6087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  123.861361][ T6087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  123.863552][ T6500] loop1: detected capacity change from 0 to 4096
[  123.878790][ T6087] batman_adv: batadv0: Interface activated: batadv_slave_0
[  124.003299][ T6087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  124.061032][ T5902] gs_usb 6-1:0.0: Configuring for 3 interfaces
[  124.067614][ T6087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.096816][ T6087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  124.116063][ T6502] loop0: detected capacity change from 0 to 4096
[  124.136752][ T6087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.161064][ T6087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  124.177653][ T6087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.196461][ T6507] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  124.207876][ T6087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  124.225848][ T6087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.236182][ T6087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  124.261862][ T6087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  124.274008][   T12] ntfs3(loop1): ino=5, mi_enum_attr
[  124.283486][ T6087] batman_adv: batadv0: Interface activated: batadv_slave_1
[  124.305055][   T12] ntfs3(loop1): ino=5, mi_enum_attr
[  124.334226][   T12] ntfs3(loop1): ino=1e, failed to open parent directory r=5 to update
[  124.358897][ T6087] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  124.376149][ T6087] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  124.385935][ T6087] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  124.407475][ T6087] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  124.465583][ T5902] gs_usb 6-1:0.0: Couldn't get extended bit timing const for channel 0 (-EPROTO)
[  124.483266][ T5902] gs_usb 6-1:0.0: probe with driver gs_usb failed with error -71
[  124.513494][ T5902] usb 6-1: USB disconnect, device number 3
[  124.717170][ T6515] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  124.791223][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  124.855342][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  124.984813][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  124.998983][ T6524] loop1: detected capacity change from 0 to 256
[  125.010142][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  125.077379][ T6524] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xc0d18ace, utbl_chksum : 0xe619d30d)
[  125.167979][ T5902] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  125.357603][ T5902] usb 3-1: Using ep0 maxpacket: 16
[  125.397805][ T5902] usb 3-1: config 0 interface 0 altsetting 234 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  125.468246][ T5902] usb 3-1: config 0 interface 0 altsetting 234 endpoint 0x81 has invalid wMaxPacketSize 0
[  125.494206][ T5902] usb 3-1: config 0 interface 0 has no altsetting 0
[  125.542937][ T5902] usb 3-1: New USB device found, idVendor=0458, idProduct=501a, bcdDevice= 0.00
[  125.592822][ T5902] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.684262][ T5902] usb 3-1: config 0 descriptor??
[  126.140391][ T6522] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  126.207871][ T6522] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  126.267352][ T5902] kye 0003:0458:501A.0002: control desc unexpectedly large
[  126.362138][ T6565] loop6: detected capacity change from 0 to 64
[  126.382951][ T5902] input: HID 0458:501a as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0458:501A.0002/input/input6
[  126.500318][ T6565] hfs: request for non-existent node 24 in B*Tree
[  126.507447][ T6565] hfs: request for non-existent node 24 in B*Tree
[  126.545065][ T5902] kye 0003:0458:501A.0002: input,hiddev0,hidraw0: USB HID v0.01 Device [HID 0458:501a] on usb-dummy_hcd.2-1/input0
[  126.568519][ T6565] hfs: request for non-existent node 25 in B*Tree
[  126.602095][ T6565] hfs: request for non-existent node 25 in B*Tree
[  126.621783][ T5902] usb 3-1: USB disconnect, device number 2
[  126.657787][ T5903] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  126.765241][ T6536] loop5: detected capacity change from 0 to 32768
[  126.837519][ T5903] usb 1-1: Using ep0 maxpacket: 16
[  126.885711][ T5903] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  126.932687][ T5903] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  126.968516][ T5903] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  126.995213][ T5903] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.051584][ T5903] usb 1-1: Product: syz
[  127.075131][ T5903] usb 1-1: Manufacturer: syz
[  127.092096][ T5903] usb 1-1: SerialNumber: syz
[  127.135079][ T5903] usb 1-1: config 0 descriptor??
[  127.177059][ T5903] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  127.223083][ T5903] em28xx 1-1:0.0: Audio interface 0 found (Vendor Class)
[  127.612241][ T6564] loop3: detected capacity change from 0 to 32768
[  127.613923][ T6561] loop1: detected capacity change from 0 to 32768
[  127.655302][ T6561] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.154 (6561)
[  127.754193][ T6564] BTRFS: device /dev/loop3 (7:3) using temp-fsid 1a83f5e8-8a02-404e-94c2-ee0ae510ba76
[  127.782190][ T6561] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  127.793140][ T6564] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.155 (6564)
[  127.818951][ T5903] em28xx 1-1:0.0: chip ID is em2874
[  127.847607][ T6561] BTRFS info (device loop1): using crc32c (crc32c-x86_64) checksum algorithm
[  127.885257][ T6564] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  127.914305][ T6561] BTRFS info (device loop1): disk space caching is enabled
[  127.918107][ T6564] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm
[  127.951474][ T6561] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  127.999754][ T6564] BTRFS info (device loop3): using free-space-tree
[  128.043257][ T5902] usb 1-1: USB disconnect, device number 3
[  128.051296][ T5902] em28xx 1-1:0.0: Disconnecting em28xx
[  128.141557][ T5902] em28xx 1-1:0.0: Freeing device
[  128.258801][ T6601] loop5: detected capacity change from 0 to 512
[  128.352025][ T6601] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  128.471644][ T6601] EXT4-fs (loop5): 1 truncate cleaned up
[  128.534133][ T6601] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  128.560472][ T6561] BTRFS info (device loop1): rebuilding free space tree
[  128.653068][ T6561] BTRFS info (device loop1): disabling free space tree
[  128.698399][ T6561] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  128.744899][ T6561] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  128.817970][ T6575] loop6: detected capacity change from 0 to 40427
[  128.876041][ T6575] F2FS-fs (loop6): build fault injection attr: rate: 690, type: 0x3fffff
[  128.926356][ T6575] F2FS-fs (loop6): heap/no_heap options were deprecated
[  128.966628][ T5838] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.967908][ T5840] BTRFS info (device loop3): last unmount of filesystem 1a83f5e8-8a02-404e-94c2-ee0ae510ba76
[  129.006899][ T6575] F2FS-fs (loop6): invalid crc value
[  129.519078][ T5843] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  129.638167][ T6575] F2FS-fs (loop6): Start checkpoint disabled!
[  129.699795][ T6575] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  129.871903][ T6575] F2FS-fs (loop6): inject page alloc in f2fs_grab_cache_folio of f2fs_new_node_page+0x1c2/0xfe0
[  130.165374][   T62] kworker/u8:4: attempt to access beyond end of device
[  130.165374][   T62] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  130.214129][   T62] CPU: 0 UID: 0 PID: 62 Comm: kworker/u8:4 Not tainted 6.15.0-rc2-syzkaller-00404-g8560697b23dc #0 PREEMPT(full) 
[  130.214162][   T62] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  130.214178][   T62] Workqueue: writeback wb_workfn (flush-7:6)
[  130.214213][   T62] Call Trace:
[  130.214222][   T62]  <TASK>
[  130.214232][   T62]  dump_stack_lvl+0x241/0x360
[  130.214275][   T62]  ? __pfx_dump_stack_lvl+0x10/0x10
[  130.214311][   T62]  ? srso_alias_return_thunk+0x5/0xfbef5
[  130.214338][   T62]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  130.214376][   T62]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  130.214415][   T62]  ? srso_alias_return_thunk+0x5/0xfbef5
[  130.214442][   T62]  ? f2fs_hw_is_readonly+0x3a3/0x470
[  130.214485][   T62]  f2fs_handle_critical_error+0x392/0x5a0
[  130.214531][   T62]  f2fs_write_end_io+0x563/0x790
[  130.214580][   T62]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  130.214625][   T62]  ? bio_endio+0x7e4/0x890
[  130.214655][   T62]  ? bio_endio+0x82a/0x890
[  130.214686][   T62]  __submit_merged_bio+0x2a9/0x710
[  130.214715][   T62]  ? f2fs_submit_merged_write_cond+0x101/0x380
[  130.214756][   T62]  f2fs_submit_merged_write_cond+0x29f/0x380
[  130.214806][   T62]  f2fs_write_data_pages+0x2f99/0x38d0
[  130.214911][   T62]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  130.215021][   T62]  ? srso_alias_return_thunk+0x5/0xfbef5
[  130.215049][   T62]  ? stack_trace_save+0x11a/0x1d0
[  130.215077][   T62]  ? lockdep_hardirqs_on+0x9d/0x150
[  130.215137][   T62]  ? srso_alias_return_thunk+0x5/0xfbef5
[  130.215170][   T62]  ? __update_page_owner_handle+0x5a/0x550
[  130.215218][   T62]  ? __lock_acquire+0xad5/0xd80
[  130.215262][   T62]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  130.215302][   T62]  do_writepages+0x366/0x890
[  130.215349][   T62]  ? __pfx_do_writepages+0x10/0x10
[  130.215381][   T62]  ? __page_table_check_zero+0xb8/0x510
[  130.215418][   T62]  ? srso_alias_return_thunk+0x5/0xfbef5
[  130.215453][   T62]  ? srso_alias_return_thunk+0x5/0xfbef5
[  130.215480][   T62]  ? __lock_acquire+0xad5/0xd80
[  130.215529][   T62]  ? srso_alias_return_thunk+0x5/0xfbef5
[  130.215556][   T62]  ? reacquire_held_locks+0x12a/0x1e0
[  130.215579][   T62]  ? writeback_sb_inodes+0x43f/0x1360
[  130.215626][   T62]  __writeback_single_inode+0x14f/0x10d0
[  130.215672][   T62]  writeback_sb_inodes+0x822/0x1360
[  130.215710][   T62]  ? srso_alias_return_thunk+0x5/0xfbef5
[  130.215765][   T62]  ? srso_alias_return_thunk+0x5/0xfbef5
[  130.215805][   T62]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  130.215904][   T62]  ? rcu_is_watching+0x15/0xb0
[  130.215929][   T62]  ? srso_alias_return_thunk+0x5/0xfbef5
[  130.215956][   T62]  ? queue_io+0x3d9/0x5a0
[  130.216002][   T62]  wb_writeback+0x415/0xb90
[  130.216045][   T62]  ? queue_io+0x3b1/0x5a0
[  130.216080][   T62]  ? __pfx_wb_writeback+0x10/0x10
[  130.216138][   T62]  wb_workfn+0x412/0x10b0
[  130.216199][   T62]  ? __pfx_wb_workfn+0x10/0x10
[  130.216222][   T62]  ? srso_alias_return_thunk+0x5/0xfbef5
[  130.216249][   T62]  ? register_lock_class+0x54/0x330
[  130.216292][   T62]  ? srso_alias_return_thunk+0x5/0xfbef5
[  130.216319][   T62]  ? __lock_acquire+0xad5/0xd80
[  130.216374][   T62]  ? srso_alias_return_thunk+0x5/0xfbef5
[  130.216418][   T62]  ? process_scheduled_works+0x9cb/0x18e0
[  130.216456][   T62]  process_scheduled_works+0xac5/0x18e0
[  130.216540][   T62]  ? __pfx_process_scheduled_works+0x10/0x10
[  130.216593][   T62]  ? assign_work+0x367/0x3d0
[  130.216641][   T62]  worker_thread+0x870/0xd50
[  130.216689][   T62]  ? __kthread_parkme+0x1a8/0x200
[  130.216720][   T62]  ? __pfx_worker_thread+0x10/0x10
[  130.216745][   T62]  kthread+0x7b9/0x940
[  130.216778][   T62]  ? __pfx_worker_thread+0x10/0x10
[  130.216804][   T62]  ? __pfx_kthread+0x10/0x10
[  130.216830][   T62]  ? __pfx_kthread+0x10/0x10
[  130.216858][   T62]  ? __pfx_kthread+0x10/0x10
[  130.216892][   T62]  ? __pfx_kthread+0x10/0x10
[  130.216920][   T62]  ? srso_alias_return_thunk+0x5/0xfbef5
[  130.216948][   T62]  ? lockdep_hardirqs_on+0x9d/0x150
[  130.216972][   T62]  ? __pfx_kthread+0x10/0x10
[  130.217003][   T62]  ret_from_fork+0x4d/0x80
[  130.217026][   T62]  ? __pfx_kthread+0x10/0x10
[  130.217055][   T62]  ret_from_fork_asm+0x1a/0x30
[  130.217104][   T62]  </TASK>
[  130.628907][   T62] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  130.853997][ T6665] loop1: detected capacity change from 0 to 128
[  130.887493][ T5904] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  130.957493][ T5902] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  131.028264][ T6665] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  131.067521][ T5904] usb 1-1: Using ep0 maxpacket: 16
[  131.079868][ T6669] bridge0: port 3(vlan2) entered blocking state
[  131.091616][ T6669] bridge0: port 3(vlan2) entered disabled state
[  131.102624][ T6669] vlan2: entered allmulticast mode
[  131.118226][ T6669] gretap0: entered allmulticast mode
[  131.119570][ T5902] usb 6-1: config 6 has an invalid interface number: 108 but max is 0
[  131.122883][ T5904] usb 1-1: config 0 interface 0 has no altsetting 0
[  131.133088][ T6665] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  131.150975][ T5904] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  131.157789][ T5902] usb 6-1: config 6 has no interface number 0
[  131.160589][ T5904] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.186314][ T5904] usb 1-1: config 0 descriptor??
[  131.194421][ T5902] usb 6-1: config 6 interface 108 has no altsetting 0
[  131.210166][ T6669] vlan2: entered promiscuous mode
[  131.228194][ T6669] gretap0: entered promiscuous mode
[  131.247794][ T6669] bridge0: port 3(vlan2) entered blocking state
[  131.252057][   T30] audit: type=1800 audit(1745087327.885:5): pid=6665 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.165" name="file1" dev="loop1" ino=94 res=0 errno=0
[  131.254617][ T6669] bridge0: port 3(vlan2) entered forwarding state
[  131.278213][ T5902] usb 6-1: New USB device found, idVendor=0856, idProduct=ac30, bcdDevice=d2.1d
[  131.327848][ T5902] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  131.377473][ T5902] usb 6-1: Product: syz
[  131.381700][ T5902] usb 6-1: Manufacturer: syz
[  131.386387][ T5902] usb 6-1: SerialNumber: syz
[  131.656948][ T5904] hid (null): invalid report_size 13050
[  131.824193][ T5902] mos7840 6-1:6.108: required endpoints missing
[  131.904130][ T5902] usb 6-1: USB disconnect, device number 4
[  131.916092][ T5904] usb 1-1: USB disconnect, device number 4
[  132.230902][ T6695] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  132.485577][ T6693] loop3: detected capacity change from 0 to 32768
[  132.672607][ T6707] netlink: 116 bytes leftover after parsing attributes in process `syz.0.183'.
[  132.795138][ T6693] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,data_checksum=xxhash,str_hash=crc64,norecovery,nojournal_transaction_names,nocow
[  132.795138][ T6693]   allowing incompatible features above 0.0: (unknown version)
[  132.819278][ T6693] bcachefs (loop3): invalid journal entry, version=1.7: mi_btree_bitmap type=btree_keys in superblock: k->u64s 0, fixing
[  132.832094][ T6693] bcachefs (loop3): recovering from clean shutdown, journal seq 10
[  132.841893][ T6693] bcachefs (loop3): Version upgrade from 1.19: autofix_errors to 1.7: mi_btree_bitmap incomplete
[  132.841893][ T6693] Doing compatible version upgrade from 1.19: autofix_errors to 1.25: extent_flags
[  132.841893][ T6693]   running recovery passes: check_extents_to_backpointers
[  132.903615][ T6693] bcachefs (loop3): bcachefs (loop3): error validating btree node at btree alloc level 0/0
[  132.903646][ T6693]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0
[  132.903666][ T6693]   node offset 8/24 bset u64s 375 bset byte offset 184: keys out of order: u64s 11 type alloc_v4 0:32:0 len 0 ver 0 > u64s 11 type alloc_v4 0:2:0 len 0 ver 0, fixing
[  132.947893][ T6693] bcachefs (loop3): bcachefs (loop3): error validating btree node at btree alloc level 0/0
[  132.947915][ T6693]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0
[  132.947935][ T6693]   node offset 16/24 bset u64s 60 bset byte offset 360: keys out of order: u64s 12 type alloc_v4 0:196642:0 len 0 ver 0 > u64s 12 type alloc_v4 0:37:0 len 0 ver 0, fixing
[  132.994839][ T6693] bcachefs (loop3): btree_node_read_work: rewriting btree node at due to error
[  132.994839][ T6693]   btree=alloc level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0
[  133.048187][ T6693] bcachefs (loop3): accounting_read... done
[  133.087186][ T6693] bcachefs (loop3): alloc_read... done
[  133.092840][ T6693] bcachefs (loop3): snapshots_read... done
[  133.099129][ T6693] bcachefs (loop3): Fixed errors, running fsck a second time to verify fs is clean
[  133.108857][ T6693] bcachefs (loop3): done starting filesystem
[  133.237537][ T6707] netlink: 8 bytes leftover after parsing attributes in process `syz.0.183'.
[  133.487822][ T5840] bcachefs (loop3): shutting down
[  133.506624][ T6720] capability: warning: `syz.6.186' uses deprecated v2 capabilities in a way that may be insecure
[  133.831345][ T5840] bcachefs (loop3): shutdown complete
[  133.894085][ T6688] loop1: detected capacity change from 0 to 40427
[  133.977301][ T6732] usb usb8: usbfs: process 6732 (syz.6.191) did not claim interface 0 before use
[  134.275912][ T6688] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  134.650764][ T6744] loop6: detected capacity change from 0 to 4096
[  134.771982][ T6725] loop0: detected capacity change from 0 to 32768
[  134.808714][ T6744] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[  134.845570][ T6725] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.189 (6725)
[  134.881826][ T6744] ntfs3(loop6): Failed to initialize $Extend/$ObjId.
[  134.930420][ T6725] BTRFS info (device loop0): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  135.035198][ T6725] BTRFS info (device loop0): using crc32c (crc32c-x86_64) checksum algorithm
[  135.067714][ T6725] BTRFS info (device loop0): using free-space-tree
[  135.283520][ T6734] loop5: detected capacity change from 0 to 32768
[  135.377620][ T6734] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  135.762481][ T6734] XFS (loop5): Ending clean mount
[  135.822498][ T5839] BTRFS info (device loop0): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  135.836703][ T6734] XFS (loop5): Quotacheck needed: Please wait.
[  135.966372][ T6734] XFS (loop5): Quotacheck: Done.
[  136.247261][ T6792] netlink: 8 bytes leftover after parsing attributes in process `syz.0.198'.
[  136.324959][ T5838] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  136.386118][ T6795] loop6: detected capacity change from 0 to 512
[  136.520812][ T6795] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  136.536302][ T6760] loop2: detected capacity change from 0 to 32768
[  136.579334][ T6760] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.195 (6760)
[  136.602263][ T6797] loop1: detected capacity change from 0 to 2048
[  136.657577][ T6795] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.677866][ T6760] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  136.723849][ T6795] ext4 filesystem being mounted at /12/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.745844][ T6797] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  136.752599][ T6760] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  136.851562][ T6760] BTRFS info (device loop2): using free-space-tree
[  136.857853][   T30] audit: type=1800 audit(1745087333.485:6): pid=6797 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.202" name="file1" dev="loop1" ino=1346 res=0 errno=0
[  137.106033][ T6087] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.347721][ T1291] aoe: packet could not be sent on bond0.  consider increasing tx_queue_len
[  137.356882][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  137.378393][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  137.524593][ T6830] loop0: detected capacity change from 0 to 512
[  137.613850][ T6830] EXT4-fs: Ignoring removed nobh option
[  137.621224][ T5841] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  137.769673][ T6830] EXT4-fs error (device loop0): ext4_do_update_inode:5211: inode #16: comm syz.0.207: corrupted inode contents
[  137.830164][ T6830] EXT4-fs (loop0): Remounting filesystem read-only
[  137.831309][ T6843] process 'syz.6.211' launched './file0' with NULL argv: empty string added
[  137.858688][ T6830] EXT4-fs (loop0): 1 truncate cleaned up
[  137.882840][ T1315] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  137.933330][ T6830] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.937444][ T1315] Quota error (device loop0): write_blk: dquota write failed
[  138.017493][ T1315] Quota error (device loop0): remove_free_dqentry: Can't write block (5) with free entries
[  138.037565][ T6830] ext4 filesystem being mounted at /32/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.064820][ T1315] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  138.132802][ T1315] Quota error (device loop0): write_blk: dquota write failed
[  138.167363][ T1315] Quota error (device loop0): free_dqentry: Can't move quota data block (5) to free list
[  138.214847][ T1315] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  138.264689][ T1315] Quota error (device loop0): v2_write_file_info: Can't write info structure
[  138.334349][ T1315] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  138.459760][ T5839] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.591134][ T6855] loop5: detected capacity change from 0 to 4096
[  138.622524][ T6858] (unnamed net_device) (uninitialized): ARP target 9.0.0.0 is already present
[  138.686250][ T6858] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (9)
[  138.745891][ T6863] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  139.320150][ T5831] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  139.437546][ T5902] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  139.527987][ T5831] usb 2-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  139.537230][ T5831] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.567485][ T5831] usb 2-1: Product: syz
[  139.571712][ T5831] usb 2-1: Manufacturer: syz
[  139.576317][ T5831] usb 2-1: SerialNumber: syz
[  139.608750][ T5902] usb 4-1: Using ep0 maxpacket: 16
[  139.624578][ T5902] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  139.628731][ T5831] usb 2-1: config 0 descriptor??
[  139.669485][ T5902] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  139.713215][ T5902] usb 4-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00
[  139.755002][ T5902] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.805288][ T5902] usb 4-1: config 0 descriptor??
[  139.896072][ T6894] loop2: detected capacity change from 0 to 512
[  140.012319][ T5906] usb 2-1: USB disconnect, device number 3
[  140.079569][ T6894] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  140.122705][ T6899] xt_CT: You must specify a L4 protocol and not use inversions on it
[  140.178517][ T6894] ext4 filesystem being mounted at /32/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  140.389891][ T5145] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  140.458184][ T5902] usb 4-1: string descriptor 0 read error: -71
[  140.497519][ T5902] usb 4-1: Max retries (5) exceeded reading string descriptor 200
[  140.508829][ T5902] letsketch 0003:6161:4D15.0004: probe with driver letsketch failed with error -32
[  140.533835][ T5902] usb 4-1: USB disconnect, device number 2
[  140.597155][ T5841] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  140.737548][ T5831] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  140.904670][ T5831] usb 6-1: config 0 has an invalid interface number: 255 but max is 0
[  140.924044][ T5831] usb 6-1: config 0 has no interface number 0
[  140.937063][ T5831] usb 6-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30
[  140.960634][ T5831] usb 6-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  141.003899][ T5831] usb 6-1: config 0 interface 255 has no altsetting 0
[  141.015881][ T5831] usb 6-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b
[  141.057567][ T5968] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[  141.065130][ T5831] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.123590][ T5831] usb 6-1: config 0 descriptor??
[  141.163990][ T5831] ums-realtek 6-1:0.255: USB Mass Storage device detected
[  141.272542][ T5968] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  141.306280][ T5968] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  141.332696][ T5968] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  141.347467][ T5968] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.367103][ T5831] usb 6-1: USB disconnect, device number 5
[  141.372276][ T6933] loop0: detected capacity change from 0 to 512
[  141.405659][ T5968] usb 3-1: Product: syz
[  141.431092][ T6933] EXT4-fs error (device loop0): ext4_iget_extra_inode:4693: inode #15: comm syz.0.241: corrupted in-inode xattr: invalid ea_ino
[  141.444544][ T5968] usb 3-1: Manufacturer: syz
[  141.444568][ T5968] usb 3-1: SerialNumber: syz
[  141.473594][ T6933] EXT4-fs error (device loop0): ext4_orphan_get:1395: comm syz.0.241: couldn't read orphan inode 15 (err -117)
[  141.530061][ T6933] EXT4-fs (loop0): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.666732][ T5968] usb 3-1: 0:2 : does not exist
[  141.693213][ T5968] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[  141.695185][ T5839] EXT4-fs (loop0): unmounting filesystem 00000007-0000-0000-0000-000000000000.
[  141.848057][ T5968] usb 3-1: USB disconnect, device number 3
[  142.142669][ T6911] udevd[6911]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  142.163960][ T6952] loop0: detected capacity change from 0 to 1024
[  142.177488][ T5849] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  142.245178][ T6952] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.292947][ T6925] loop6: detected capacity change from 0 to 32768
[  142.357549][ T5849] usb 4-1: Using ep0 maxpacket: 32
[  142.378435][   T30] audit: type=1800 audit(1745087339.005:7): pid=6952 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.249" name="file1" dev="loop0" ino=15 res=0 errno=0
[  142.379324][ T5849] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86
[  142.412957][ T6925] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  142.416175][ T5849] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  142.430637][ T6952] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.249: bg 0: block 260: invalid block bitmap
[  142.442185][ T5849] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[  142.455106][ T5849] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has an invalid bInterval 255, changing to 11
[  142.496750][ T5849] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 59391, setting to 1024
[  142.518469][ T5849] usb 4-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  142.528033][ T5849] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.536269][ T5849] usb 4-1: Product: syz
[  142.541499][ T5849] usb 4-1: Manufacturer: syz
[  142.546423][ T5849] usb 4-1: SerialNumber: syz
[  142.555444][ T5849] usb 4-1: config 0 descriptor??
[  142.857247][ T5839] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.892514][ T6925] XFS (loop6): Ending clean mount
[  142.903348][ T6925] XFS (loop6): Quotacheck needed: Please wait.
[  142.983562][ T5849] iforce 4-1:0.0: usb_submit_urb failed: -32
[  142.991487][ T6925] XFS (loop6): Quotacheck: Done.
[  143.017658][ T5849] input input7: Device does not respond to id packet M
[  143.025605][ T6979] loop5: detected capacity change from 0 to 64
[  143.238418][ T6087] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  143.262690][ T5849] iforce 4-1:0.0: usb_submit_urb failed: -71
[  143.281964][ T5849] input input7: Device does not respond to id packet B
[  143.343945][ T5849] iforce 4-1:0.0: usb_submit_urb failed: -71
[  143.357487][ T5849] input input7: Device does not respond to id packet N
[  143.378056][ T5849] iforce 4-1:0.0: usb_submit_urb failed: -71
[  143.384490][ T5849] iforce 4-1:0.0: usb_submit_urb failed: -71
[  143.407866][ T5849] iforce 4-1:0.0: usb_submit_urb failed: -71
[  143.414278][ T5849] iforce 4-1:0.0: usb_submit_urb failed: -71
[  143.424792][ T5849] input: Unknown I-Force Device [%04x:%04x] as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input7
[  143.487798][ T5849] usb 4-1: USB disconnect, device number 3
[  143.537543][ T5902] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  143.594258][ T6954] loop1: detected capacity change from 0 to 40427
[  143.627810][ T6954] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504)
[  143.650164][ T6954] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  143.701628][ T6954] F2FS-fs (loop1): build fault injection attr: rate: 17008, type: 0x3fffff
[  143.736655][ T6954] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x1f8
[  143.747555][ T5902] usb 3-1: Using ep0 maxpacket: 32
[  143.759346][ T5902] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  143.761536][ T6954] F2FS-fs (loop1): invalid crc value
[  143.801423][ T6989] loop5: detected capacity change from 0 to 2048
[  143.808441][ T5902] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  143.845250][ T5902] usb 3-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00
[  143.905734][ T5902] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.988742][ T5902] usb 3-1: config 0 descriptor??
[  144.186593][ T6954] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  144.221545][ T6954] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  144.373014][ T6954] syz.1.250: attempt to access beyond end of device
[  144.373014][ T6954] loop1: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  144.470828][ T5902] hid-u2fzero 0003:10C4:8ACF.0005: hidraw0: USB HID v0.00 Device [HID 10c4:8acf] on usb-dummy_hcd.2-1/input0
[  144.520569][ T5902] hid-u2fzero 0003:10C4:8ACF.0005: U2F Zero LED initialised
[  144.567718][ T5902] hid-u2fzero 0003:10C4:8ACF.0005: U2F Zero RNG initialised
[  144.579264][ T6954] syz.1.250: attempt to access beyond end of device
[  144.579264][ T6954] loop1: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  144.636436][ T5906] usb 3-1: USB disconnect, device number 4
[  144.884098][ T5843] syz-executor: attempt to access beyond end of device
[  144.884098][ T5843] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  144.920663][ T5843] CPU: 0 UID: 0 PID: 5843 Comm: syz-executor Not tainted 6.15.0-rc2-syzkaller-00404-g8560697b23dc #0 PREEMPT(full) 
[  144.920697][ T5843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  144.920712][ T5843] Call Trace:
[  144.920722][ T5843]  <TASK>
[  144.920732][ T5843]  dump_stack_lvl+0x241/0x360
[  144.920779][ T5843]  ? __pfx_dump_stack_lvl+0x10/0x10
[  144.920816][ T5843]  ? srso_alias_return_thunk+0x5/0xfbef5
[  144.920844][ T5843]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  144.920890][ T5843]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  144.920930][ T5843]  ? srso_alias_return_thunk+0x5/0xfbef5
[  144.920957][ T5843]  ? f2fs_hw_is_readonly+0x3a3/0x470
[  144.921000][ T5843]  f2fs_handle_critical_error+0x392/0x5a0
[  144.921046][ T5843]  f2fs_write_end_io+0x563/0x790
[  144.921094][ T5843]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  144.921137][ T5843]  ? bio_endio+0x7e4/0x890
[  144.921167][ T5843]  ? bio_endio+0x82a/0x890
[  144.921198][ T5843]  __submit_merged_bio+0x2a9/0x710
[  144.921227][ T5843]  ? f2fs_submit_merged_write_cond+0x101/0x380
[  144.921268][ T5843]  f2fs_submit_merged_write_cond+0x29f/0x380
[  144.921317][ T5843]  f2fs_write_data_pages+0x2f99/0x38d0
[  144.921409][ T5843]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  144.921513][ T5843]  ? srso_alias_return_thunk+0x5/0xfbef5
[  144.921540][ T5843]  ? __mod_memcg_lruvec_state+0x301/0x4f0
[  144.921576][ T5843]  ? __pfx___mod_memcg_lruvec_state+0x10/0x10
[  144.921609][ T5843]  ? srso_alias_return_thunk+0x5/0xfbef5
[  144.921660][ T5843]  ? __mod_zone_page_state+0xda/0x150
[  144.921697][ T5843]  ? srso_alias_return_thunk+0x5/0xfbef5
[  144.921723][ T5843]  ? folios_put_refs+0x711/0x800
[  144.921762][ T5843]  ? lockdep_hardirqs_on+0x9d/0x150
[  144.921790][ T5843]  ? __pfx_folios_put_refs+0x10/0x10
[  144.921812][ T5843]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  144.921849][ T5843]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  144.921894][ T5843]  do_writepages+0x366/0x890
[  144.921940][ T5843]  ? __pfx_do_writepages+0x10/0x10
[  144.921969][ T5843]  ? srso_alias_return_thunk+0x5/0xfbef5
[  144.921995][ T5843]  ? __lock_acquire+0xad5/0xd80
[  144.922037][ T5843]  ? srso_alias_return_thunk+0x5/0xfbef5
[  144.922064][ T5843]  ? do_raw_spin_lock+0x151/0x370
[  144.922110][ T5843]  ? srso_alias_return_thunk+0x5/0xfbef5
[  144.922136][ T5843]  ? do_raw_spin_unlock+0x13c/0x8b0
[  144.922179][ T5843]  filemap_fdatawrite+0x1f2/0x2a0
[  144.922218][ T5843]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  144.922252][ T5843]  ? mlock_drain_local+0x79/0x490
[  144.922348][ T5843]  ? srso_alias_return_thunk+0x5/0xfbef5
[  144.922375][ T5843]  ? do_raw_spin_unlock+0x13c/0x8b0
[  144.922418][ T5843]  f2fs_sync_dirty_inodes+0x34f/0x860
[  144.922480][ T5843]  f2fs_write_checkpoint+0x857/0x1da0
[  144.922550][ T5843]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  144.922658][ T5843]  ? srso_alias_return_thunk+0x5/0xfbef5
[  144.922687][ T5843]  ? kill_f2fs_super+0x290/0x6d0
[  144.922719][ T5843]  kill_f2fs_super+0x2b8/0x6d0
[  144.922752][ T5843]  ? __pfx_kill_f2fs_super+0x10/0x10
[  144.922786][ T5843]  ? srso_alias_return_thunk+0x5/0xfbef5
[  144.922813][ T5843]  ? shrinker_free+0x2ca/0x3d0
[  144.922841][ T5843]  deactivate_locked_super+0xc6/0x130
[  144.922883][ T5843]  cleanup_mnt+0x422/0x4c0
[  144.922912][ T5843]  ? lockdep_hardirqs_on+0x9d/0x150
[  144.922943][ T5843]  task_work_run+0x253/0x310
[  144.922986][ T5843]  ? __pfx_task_work_run+0x10/0x10
[  144.923026][ T5843]  ? srso_alias_return_thunk+0x5/0xfbef5
[  144.923060][ T5843]  syscall_exit_to_user_mode+0x13f/0x340
[  144.923091][ T5843]  do_syscall_64+0x100/0x210
[  144.923126][ T5843]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.923149][ T5843] RIP: 0033:0x7f7f5a78f497
[  144.923170][ T5843] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  144.923189][ T5843] RSP: 002b:00007fff165525f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  144.923214][ T5843] RAX: 0000000000000000 RBX: 00007f7f5a810854 RCX: 00007f7f5a78f497
[  144.923231][ T5843] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff165526b0
[  144.923247][ T5843] RBP: 00007fff165526b0 R08: 0000000000000000 R09: 0000000000000000
[  144.923262][ T5843] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff16553740
[  144.923278][ T5843] R13: 00007f7f5a810854 R14: 0000000000023551 R15: 00007fff16553780
[  144.923322][ T5843]  </TASK>
[  145.349059][ T5843] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  145.489413][ T7002] loop6: detected capacity change from 0 to 32768
[  145.498890][ T7002] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.263 (7002)
[  145.722956][ T7002] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  145.867668][ T7002] BTRFS info (device loop6): using crc32c (crc32c-x86_64) checksum algorithm
[  145.876541][ T7002] BTRFS info (device loop6): using free-space-tree
[  146.100818][ T7044] netlink: 36 bytes leftover after parsing attributes in process `syz.2.274'.
[  146.378851][ T7002] BTRFS info (device loop6): rebuilding free space tree
[  146.653385][ T7065] input: syz0 as /devices/virtual/input/input8
[  146.677819][ T5902] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  146.703455][   T30] audit: type=1800 audit(1745087343.325:8): pid=7002 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.263" name="file1" dev="loop6" ino=260 res=0 errno=0
[  146.839685][ T5902] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  146.875669][ T5902] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.910795][ T5902] usb 4-1: config 0 descriptor??
[  146.955427][ T6087] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  147.422123][ T5902] [drm:udl_init] *ERROR* Selecting channel failed
[  147.468327][ T5906] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  147.607139][ T5902] [drm] Initialized udl 0.0.1 for 4-1:0.0 on minor 2
[  147.634811][ T5902] [drm] Initialized udl on minor 2
[  147.665575][ T5906] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  147.696753][ T5902] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  147.719981][ T5906] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  147.766640][ T5902] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  147.774163][ T5906] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.811478][    T9] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  147.843682][ T5906] usb 2-1: config 0 descriptor??
[  147.850124][ T5902] usb 4-1: USB disconnect, device number 4
[  147.868333][    T9] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  148.324358][ T5906] keytouch 0003:0926:3333.0006: fixing up Keytouch IEC report descriptor
[  148.381023][ T5906] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.0006/input/input9
[  148.419201][    T9] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  148.567256][ T7105] loop3: detected capacity change from 0 to 1024
[  148.628670][    T9] usb 6-1: config 0 interface 0 has no altsetting 0
[  148.635490][ T7107] tun0: tun_chr_ioctl cmd 1074025676
[  148.647658][    T9] usb 6-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75
[  148.678102][ T7107] tun0: owner set to 0
[  148.697561][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.770884][    T9] usb 6-1: config 0 descriptor??
[  148.846540][ T5906] keytouch 0003:0926:3333.0006: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0
[  148.947977][ T5906] usb 2-1: USB disconnect, device number 4
[  149.077629][ T1315] hfsplus: b-tree write err: -5, ino 8
[  149.289254][ T7118] loop6: detected capacity change from 0 to 1024
[  149.576200][ T7118] hfsplus: cannot replace xattr
[  149.656013][    T9] video4linux radio48: keene_cmd_main failed (-71)
[  149.686542][    T9] radio-keene 6-1:0.0: V4L2 device registered as radio48
[  149.729282][    T9] usb 6-1: USB disconnect, device number 6
[  150.302096][ T7147] syz.2.302 uses obsolete (PF_INET,SOCK_PACKET)
[  150.754138][ T7165] loop2: detected capacity change from 0 to 1024
[  150.765874][ T7167] loop6: detected capacity change from 0 to 256
[  150.868583][ T7167] exfat: Deprecated parameter 'utf8'
[  150.982230][ T7172] netlink: 8 bytes leftover after parsing attributes in process `syz.3.312'.
[  151.057062][ T7167] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d)
[  151.084960][ T7172] syz_tun: entered promiscuous mode
[  151.122992][   T12] hfsplus: b-tree write err: -5, ino 4
[  151.362544][ T7186] loop3: detected capacity change from 0 to 64
[  151.605909][ T7193] loop5: detected capacity change from 0 to 512
[  151.656456][ T7193] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  151.709256][ T7193] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  151.780552][ T7193] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended
[  151.848979][ T7193] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  151.891857][ T7193] System zones: 0-2, 18-18, 34-34
[  151.903765][ T7193] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  151.950784][ T7193] EXT4-fs (loop5): 1 truncate cleaned up
[  151.963304][ T7211] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  151.969914][ T7193] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  152.274192][ T5838] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.048075][ T7256] loop5: detected capacity change from 0 to 4096
[  153.075242][ T7265] block device autoloading is deprecated and will be removed.
[  153.084510][ T7260] loop2: detected capacity change from 0 to 2048
[  153.137902][ T7260] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  153.143475][ T7256] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  153.192515][ T7256] ntfs3(loop5): Failed to load $Extend (-22).
[  153.214003][ T7256] ntfs3(loop5): Failed to initialize $Extend.
[  153.294920][ T5841] UDF-fs: warning (device loop2): udf_evict_inode: Inode 1367 (mode 100000) has inode size 1083 different from extent length 1536. Filesystem need not be standards compliant.
[  153.891072][ T7294] tun0: tun_chr_ioctl cmd 2148553947
[  154.075152][ T7304] loop2: detected capacity change from 0 to 1024
[  154.082914][ T7305] netlink: 20 bytes leftover after parsing attributes in process `syz.6.361'.
[  154.178932][ T7305] netlink: 20 bytes leftover after parsing attributes in process `syz.6.361'.
[  154.193157][ T7304] syz.2.360: attempt to access beyond end of device
[  154.193157][ T7304] loop2: rw=0, sector=201326592, nr_sectors = 2 limit=1024
[  154.230622][ T7255] loop0: detected capacity change from 0 to 32768
[  154.264565][ T7304] Buffer I/O error on dev loop2, logical block 100663296, async page read
[  154.271222][ T7255] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.343 (7255)
[  154.301571][   T30] audit: type=1326 audit(1745087350.925:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7307 comm="syz.5.363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ed358e169 code=0x7ffc0000
[  154.317777][ T7309] syz.2.360: attempt to access beyond end of device
[  154.317777][ T7309] loop2: rw=0, sector=201326592, nr_sectors = 2 limit=1024
[  154.398686][ T7255] BTRFS info (device loop0): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  154.410483][ T7309] Buffer I/O error on dev loop2, logical block 100663296, async page read
[  154.418460][   T30] audit: type=1326 audit(1745087350.925:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7307 comm="syz.5.363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ed358e169 code=0x7ffc0000
[  154.443436][ T7309] hfsplus: unable to mark blocks free: error -5
[  154.463515][ T7255] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  154.503597][ T7304] syz.2.360: attempt to access beyond end of device
[  154.503597][ T7304] loop2: rw=0, sector=201326592, nr_sectors = 2 limit=1024
[  154.527678][ T7255] BTRFS info (device loop0): using free-space-tree
[  154.537628][   T30] audit: type=1326 audit(1745087350.935:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7307 comm="syz.5.363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f9ed358e169 code=0x7ffc0000
[  154.573542][ T7304] Buffer I/O error on dev loop2, logical block 100663296, async page read
[  154.666021][   T30] audit: type=1326 audit(1745087350.935:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7307 comm="syz.5.363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ed358e169 code=0x7ffc0000
[  154.676272][ T7309] hfsplus: can't free extent
[  154.694056][   T30] audit: type=1326 audit(1745087350.935:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7307 comm="syz.5.363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f9ed358e169 code=0x7ffc0000
[  154.716424][   T30] audit: type=1326 audit(1745087350.935:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7307 comm="syz.5.363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ed358e169 code=0x7ffc0000
[  154.739602][   T30] audit: type=1326 audit(1745087350.935:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7307 comm="syz.5.363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f9ed358e169 code=0x7ffc0000
[  154.778414][   T30] audit: type=1326 audit(1745087350.985:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7307 comm="syz.5.363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ed358e169 code=0x7ffc0000
[  154.805416][   T30] audit: type=1326 audit(1745087350.985:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7307 comm="syz.5.363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ed358e169 code=0x7ffc0000
[  154.887517][ T5968] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  155.003684][ T7255] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_LZO (0x8)
[  155.052221][ T5968] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  155.089572][ T5968] usb 2-1: config 0 interface 0 has no altsetting 0
[  155.128128][ T5968] usb 2-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce
[  155.148290][ T5968] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  155.184597][ T5968] usb 2-1: Product: syz
[  155.197501][ T5968] usb 2-1: Manufacturer: syz
[  155.207213][ T5968] usb 2-1: SerialNumber: syz
[  155.225596][ T5968] usb 2-1: config 0 descriptor??
[  155.240231][ T5839] BTRFS info (device loop0): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  155.270803][ T5968] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state.
[  155.348269][ T5968] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  155.389437][ T5968] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0)
[  155.403915][ T5968] usb 2-1: media controller created
[  155.508511][ T5968] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  155.784026][ T5968] DVB: Unable to find symbol tda10046_attach()
[  155.796883][ T7366] sch_fq: defrate 0 ignored.
[  155.827779][ T5968] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0'
[  155.877896][ T5968] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected.
[  155.914290][ T7318] loop6: detected capacity change from 0 to 40427
[  156.000584][ T7318] F2FS-fs (loop6): invalid crc value
[  156.283199][ T7382] netlink: 60 bytes leftover after parsing attributes in process `syz.3.379'.
[  156.307550][ T7318] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  156.360569][ T5968] dvb_usb_m920x 2-1:0.0: probe with driver dvb_usb_m920x failed with error -71
[  156.365350][ T7318] syz.6.365: attempt to access beyond end of device
[  156.365350][ T7318] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  156.405935][ T5968] usb 2-1: USB disconnect, device number 5
[  156.550319][ T7395] netlink: 'syz.3.383': attribute type 1 has an invalid length.
[  156.567602][ T7395] netlink: 224 bytes leftover after parsing attributes in process `syz.3.383'.
[  156.586146][ T6087] syz-executor: attempt to access beyond end of device
[  156.586146][ T6087] loop6: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  156.652276][ T6087] CPU: 0 UID: 0 PID: 6087 Comm: syz-executor Not tainted 6.15.0-rc2-syzkaller-00404-g8560697b23dc #0 PREEMPT(full) 
[  156.652313][ T6087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  156.652328][ T6087] Call Trace:
[  156.652337][ T6087]  <TASK>
[  156.652347][ T6087]  dump_stack_lvl+0x241/0x360
[  156.652392][ T6087]  ? __pfx_dump_stack_lvl+0x10/0x10
[  156.652429][ T6087]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.652457][ T6087]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  156.652496][ T6087]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  156.652535][ T6087]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.652562][ T6087]  ? f2fs_hw_is_readonly+0x3a3/0x470
[  156.652602][ T6087]  f2fs_handle_critical_error+0x392/0x5a0
[  156.652645][ T6087]  f2fs_write_end_io+0x563/0x790
[  156.652691][ T6087]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  156.652733][ T6087]  ? bio_endio+0x7e4/0x890
[  156.652761][ T6087]  ? bio_endio+0x82a/0x890
[  156.652790][ T6087]  __submit_merged_bio+0x2a9/0x710
[  156.652819][ T6087]  ? f2fs_submit_merged_write_cond+0x101/0x380
[  156.652857][ T6087]  f2fs_submit_merged_write_cond+0x29f/0x380
[  156.652902][ T6087]  f2fs_write_data_pages+0x2f99/0x38d0
[  156.652982][ T6087]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  156.653069][ T6087]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.653097][ T6087]  ? __mod_memcg_lruvec_state+0x301/0x4f0
[  156.653135][ T6087]  ? __pfx___mod_memcg_lruvec_state+0x10/0x10
[  156.653168][ T6087]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.653213][ T6087]  ? __mod_zone_page_state+0xda/0x150
[  156.653251][ T6087]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.653279][ T6087]  ? rcu_is_watching+0x15/0xb0
[  156.653319][ T6087]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  156.653358][ T6087]  do_writepages+0x366/0x890
[  156.653387][ T6087]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.653414][ T6087]  ? lock_release+0x4e/0x3e0
[  156.653458][ T6087]  ? __pfx_do_writepages+0x10/0x10
[  156.653488][ T6087]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.653516][ T6087]  ? __lock_acquire+0xad5/0xd80
[  156.653555][ T6087]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.653583][ T6087]  ? do_raw_spin_lock+0x151/0x370
[  156.653625][ T6087]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.653653][ T6087]  ? do_raw_spin_unlock+0x13c/0x8b0
[  156.653692][ T6087]  filemap_fdatawrite+0x1f2/0x2a0
[  156.653730][ T6087]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  156.653812][ T6087]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.653839][ T6087]  ? do_raw_spin_unlock+0x13c/0x8b0
[  156.653879][ T6087]  f2fs_sync_dirty_inodes+0x34f/0x860
[  156.653935][ T6087]  f2fs_write_checkpoint+0x857/0x1da0
[  156.653998][ T6087]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  156.654084][ T6087]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.654112][ T6087]  ? kfree+0x198/0x430
[  156.654138][ T6087]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  156.654165][ T6087]  ? kill_f2fs_super+0x290/0x6d0
[  156.654194][ T6087]  kill_f2fs_super+0x2b8/0x6d0
[  156.654225][ T6087]  ? __pfx_kill_f2fs_super+0x10/0x10
[  156.654257][ T6087]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.654285][ T6087]  ? shrinker_free+0x2ca/0x3d0
[  156.654311][ T6087]  deactivate_locked_super+0xc6/0x130
[  156.654345][ T6087]  cleanup_mnt+0x422/0x4c0
[  156.654374][ T6087]  ? lockdep_hardirqs_on+0x9d/0x150
[  156.654404][ T6087]  task_work_run+0x253/0x310
[  156.654444][ T6087]  ? __pfx_task_work_run+0x10/0x10
[  156.654481][ T6087]  ? srso_alias_return_thunk+0x5/0xfbef5
[  156.654514][ T6087]  syscall_exit_to_user_mode+0x13f/0x340
[  156.654545][ T6087]  do_syscall_64+0x100/0x210
[  156.654579][ T6087]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.654602][ T6087] RIP: 0033:0x7fd840d8f497
[  156.654624][ T6087] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  156.654644][ T6087] RSP: 002b:00007ffedfa8b158 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  156.654671][ T6087] RAX: 0000000000000000 RBX: 00007fd840e10854 RCX: 00007fd840d8f497
[  156.654688][ T6087] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffedfa8b210
[  156.654705][ T6087] RBP: 00007ffedfa8b210 R08: 0000000000000000 R09: 0000000000000000
[  156.654721][ T6087] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffedfa8c2a0
[  156.654738][ T6087] R13: 00007fd840e10854 R14: 0000000000026335 R15: 00007ffedfa8c2e0
[  156.654777][ T6087]  </TASK>
[  156.654787][ T6087] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  157.167832][ T7404] netlink: 16 bytes leftover after parsing attributes in process `syz.0.386'.
[  157.239852][ T7404] veth0: entered promiscuous mode
[  157.249384][ T7404] veth0: left promiscuous mode
[  157.304379][ T7410] loop3: detected capacity change from 0 to 512
[  157.342182][ T7410] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  157.371590][ T7410] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  157.388906][ T7410] EXT4-fs (loop3): orphan cleanup on readonly fs
[  157.397485][    T9] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  157.450493][ T7410] EXT4-fs warning (device loop3): ext4_enable_quotas:7170: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  157.556671][ T7410] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  157.599031][    T9] usb 3-1: Using ep0 maxpacket: 32
[  157.608377][ T7410] EXT4-fs error (device loop3): ext4_ext_check_inode:524: inode #13: comm syz.3.388: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  157.662392][    T9] usb 3-1: config 0 interface 0 has no altsetting 0
[  157.694565][ T7410] EXT4-fs error (device loop3): ext4_orphan_get:1395: comm syz.3.388: couldn't read orphan inode 13 (err -117)
[  157.719183][    T9] usb 3-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  157.725837][ T7424] loop0: detected capacity change from 0 to 128
[  157.740363][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  157.754982][    T9] usb 3-1: Product: syz
[  157.761390][ T7424] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  157.771477][ T7410] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  157.784550][    T9] usb 3-1: Manufacturer: syz
[  157.802334][    T9] usb 3-1: SerialNumber: syz
[  157.831145][    T9] usb 3-1: config 0 descriptor??
[  157.918508][ T7410] EXT4-fs (loop3): shut down requested (1)
[  158.286975][ T7391] loop5: detected capacity change from 0 to 40427
[  158.295951][ T5840] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.317508][ T5831] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  158.330499][ T7430] loop1: detected capacity change from 0 to 32768
[  158.369596][ T7391] F2FS-fs (loop5): build fault injection attr: rate: 690, type: 0x3fffff
[  158.383521][ T7391] F2FS-fs (loop5): heap/no_heap options were deprecated
[  158.393254][    T9] gs_usb 3-1:0.0: Configuring for 1 interfaces
[  158.486173][ T7430] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=gzip,erasure_code,norecovery,nojournal_transaction_names,nocow
[  158.486173][ T7430]   allowing incompatible features above 0.0: (unknown version)
[  158.498508][ T5831] usb 1-1: Using ep0 maxpacket: 16
[  158.512115][ T7430] bcachefs (loop1): recovering from clean shutdown, journal seq 10
[  158.525716][ T7430] bcachefs (loop1): Version upgrade required:
[  158.525716][ T7430] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  158.525716][ T7430] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.25: extent_flags
[  158.525716][ T7430]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[  158.527360][ T7391] F2FS-fs (loop5): invalid crc value
[  158.631777][ T7430] bcachefs (loop1): bcachefs (loop1): error validating btree node at btree alloc level 0/0
[  158.631803][ T7430]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0
[  158.631824][ T7430]   node offset 8/24 bset u64s 375 bset byte offset 184: keys out of order: u64s 11 type alloc_v4 0:32:0 len 0 ver 0 > u64s 11 type alloc_v4 0:2:0 len 0 ver 0, fixing
[  158.674963][ T7430] bcachefs (loop1): btree_node_read_work: rewriting btree node at due to error
[  158.674963][ T7430]   btree=alloc level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0
[  158.676768][ T5831] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  158.706815][ T7430] bcachefs (loop1): running explicit recovery pass check_topology (2), currently at recovery_pass_empty (0)
[  158.722791][ T7430] bcachefs (loop1): bcachefs (loop1): error validating btree node on loop1 at btree freespace level 0/0
[  158.722824][ T7430]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key 0:3703155162349568:0 durability: 1 ptr: 0:29:0 gen 0
[  158.722846][ T7430]   node offset 0/32: incorrect min_key: got POS_MIN should be 0:3703155162349568:0, btree topology error: 
[  158.763116][ T7430] bcachefs (loop1): flagging btree freespace lost data
[  158.772017][ T7430] bcachefs (loop1): error reading btree root btree=freespace level=0: btree_node_read_error, fixing
[  158.779365][ T5831] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  158.801592][ T7430] bcachefs (loop1): check_topology... done
[  158.809566][ T7430] bcachefs (loop1): accounting_read... done
[  158.812474][ T5831] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  158.817313][ T7430] bcachefs (loop1): alloc_read... done
[  158.828244][ T5831] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.832038][ T7430] bcachefs (loop1): snapshots_read... done
[  158.845924][ T7430] bcachefs (loop1): Fixed errors, running fsck a second time to verify fs is clean
[  158.858245][ T7430] bcachefs (loop1): done starting filesystem
[  158.865902][    T9] gs_usb 3-1:0.0: Disabling termination support for channel 0 (-EPROTO)
[  158.875108][    T9] gs_usb 3-1:0.0: Couldn't get extended bit timing const for channel 0 (-EPROTO)
[  158.896701][    T9] gs_usb 3-1:0.0: probe with driver gs_usb failed with error -71
[  158.927628][    T9] usb 3-1: USB disconnect, device number 5
[  158.950758][ T5831] usb 1-1: Product: syz
[  158.967467][ T5831] usb 1-1: Manufacturer: syz
[  158.972139][ T5831] usb 1-1: SerialNumber: syz
[  159.014754][ T5831] usb 1-1: config 0 descriptor??
[  159.041225][ T5831] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  159.064283][ T7457] loop3: detected capacity change from 0 to 1024
[  159.070811][ T5831] em28xx 1-1:0.0: Audio interface 0 found (Vendor Class)
[  159.088759][ T7457] EXT4-fs: Ignoring removed nobh option
[  159.103863][ T5843] bcachefs (loop1): shutting down
[  159.113727][ T7457] EXT4-fs: Ignoring removed nomblk_io_submit option
[  159.145445][ T7457] EXT4-fs (loop3): stripe (4) is not aligned with cluster size (16), stripe is disabled
[  159.174510][ T7391] F2FS-fs (loop5): Start checkpoint disabled!
[  159.200017][ T7391] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  159.226862][ T7457] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  159.261941][ T5843] bcachefs (loop1): shutdown complete
[  159.322212][ T7391] F2FS-fs (loop5): inject orphan in f2fs_acquire_orphan_inode of __f2fs_tmpfile+0x1d0/0x3b0
[  159.466963][   T12] kworker/u8:0: attempt to access beyond end of device
[  159.466963][   T12] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  159.525061][   T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted 6.15.0-rc2-syzkaller-00404-g8560697b23dc #0 PREEMPT(full) 
[  159.525098][   T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  159.525115][   T12] Workqueue: writeback wb_workfn (flush-7:5)
[  159.525161][   T12] Call Trace:
[  159.525170][   T12]  <TASK>
[  159.525182][   T12]  dump_stack_lvl+0x241/0x360
[  159.525223][   T12]  ? __pfx_dump_stack_lvl+0x10/0x10
[  159.525259][   T12]  ? srso_alias_return_thunk+0x5/0xfbef5
[  159.525287][   T12]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  159.525328][   T12]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  159.525367][   T12]  ? srso_alias_return_thunk+0x5/0xfbef5
[  159.525395][   T12]  ? f2fs_hw_is_readonly+0x3a3/0x470
[  159.525434][   T12]  f2fs_handle_critical_error+0x392/0x5a0
[  159.525478][   T12]  f2fs_write_end_io+0x563/0x790
[  159.525524][   T12]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  159.525566][   T12]  ? bio_endio+0x7e4/0x890
[  159.525594][   T12]  ? bio_endio+0x82a/0x890
[  159.525624][   T12]  __submit_merged_bio+0x2a9/0x710
[  159.525653][   T12]  ? f2fs_submit_merged_write_cond+0x101/0x380
[  159.525692][   T12]  f2fs_submit_merged_write_cond+0x29f/0x380
[  159.525736][   T12]  f2fs_write_data_pages+0x2f99/0x38d0
[  159.525816][   T12]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  159.525871][   T12]  ? cfg80211_inform_single_bss_data+0x1629/0x1ed0
[  159.525930][   T12]  ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10
[  159.525993][   T12]  ? cfg80211_inform_bss_data+0x3ad/0x5860
[  159.526038][   T12]  ? srso_alias_return_thunk+0x5/0xfbef5
[  159.526066][   T12]  ? __lock_acquire+0xad5/0xd80
[  159.526099][   T12]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  159.526144][   T12]  do_writepages+0x366/0x890
[  159.526187][   T12]  ? __pfx_do_writepages+0x10/0x10
[  159.526219][   T12]  ? unwind_next_frame+0xb8/0x23b0
[  159.526254][   T12]  ? srso_alias_return_thunk+0x5/0xfbef5
[  159.526282][   T12]  ? __lock_acquire+0xad5/0xd80
[  159.526326][   T12]  ? srso_alias_return_thunk+0x5/0xfbef5
[  159.526355][   T12]  ? reacquire_held_locks+0x12a/0x1e0
[  159.526380][   T12]  ? writeback_sb_inodes+0x43f/0x1360
[  159.526425][   T12]  __writeback_single_inode+0x14f/0x10d0
[  159.526467][   T12]  writeback_sb_inodes+0x822/0x1360
[  159.526506][   T12]  ? srso_alias_return_thunk+0x5/0xfbef5
[  159.526556][   T12]  ? srso_alias_return_thunk+0x5/0xfbef5
[  159.526594][   T12]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  159.526672][   T12]  ? rcu_is_watching+0x15/0xb0
[  159.526697][   T12]  ? srso_alias_return_thunk+0x5/0xfbef5
[  159.526724][   T12]  ? queue_io+0x3d9/0x5a0
[  159.526765][   T12]  wb_writeback+0x415/0xb90
[  159.526805][   T12]  ? queue_io+0x3b1/0x5a0
[  159.526838][   T12]  ? __pfx_wb_writeback+0x10/0x10
[  159.526890][   T12]  wb_workfn+0x412/0x10b0
[  159.526943][   T12]  ? __pfx_wb_workfn+0x10/0x10
[  159.526966][   T12]  ? srso_alias_return_thunk+0x5/0xfbef5
[  159.526993][   T12]  ? register_lock_class+0x54/0x330
[  159.527034][   T12]  ? srso_alias_return_thunk+0x5/0xfbef5
[  159.527063][   T12]  ? __lock_acquire+0xad5/0xd80
[  159.527113][   T12]  ? srso_alias_return_thunk+0x5/0xfbef5
[  159.527162][   T12]  ? process_scheduled_works+0x9cb/0x18e0
[  159.527200][   T12]  process_scheduled_works+0xac5/0x18e0
[  159.527275][   T12]  ? __pfx_process_scheduled_works+0x10/0x10
[  159.527325][   T12]  ? assign_work+0x367/0x3d0
[  159.527370][   T12]  worker_thread+0x870/0xd50
[  159.527416][   T12]  ? __kthread_parkme+0x1a8/0x200
[  159.527447][   T12]  ? __pfx_worker_thread+0x10/0x10
[  159.527472][   T12]  kthread+0x7b9/0x940
[  159.527502][   T12]  ? __pfx_worker_thread+0x10/0x10
[  159.527527][   T12]  ? __pfx_kthread+0x10/0x10
[  159.527552][   T12]  ? __pfx_kthread+0x10/0x10
[  159.527579][   T12]  ? __pfx_kthread+0x10/0x10
[  159.527605][   T12]  ? __pfx_kthread+0x10/0x10
[  159.527634][   T12]  ? srso_alias_return_thunk+0x5/0xfbef5
[  159.527661][   T12]  ? lockdep_hardirqs_on+0x9d/0x150
[  159.527684][   T12]  ? __pfx_kthread+0x10/0x10
[  159.527713][   T12]  ret_from_fork+0x4d/0x80
[  159.527736][   T12]  ? __pfx_kthread+0x10/0x10
[  159.527765][   T12]  ret_from_fork_asm+0x1a/0x30
[  159.527809][   T12]  </TASK>
[  159.949421][ T5831] em28xx 1-1:0.0: chip ID is em28174
[  159.993150][   T12] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  160.174436][ T5840] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.214843][ T7470] loop2: detected capacity change from 0 to 32768
[  160.255874][ T5906] usb 1-1: USB disconnect, device number 5
[  160.263235][ T5906] em28xx 1-1:0.0: Disconnecting em28xx
[  160.271757][ T5906] em28xx 1-1:0.0: Freeing device
[  160.341013][ T7470] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  160.427523][   T30] audit: type=1800 audit(1745087357.055:18): pid=7470 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.402" name="file1" dev="loop2" ino=17058 res=0 errno=0
[  160.638339][ T5841] ocfs2: Unmounting device (7,2) on (node local)
[  161.112368][ T7494] loop2: detected capacity change from 0 to 256
[  161.323039][ T7502] loop0: detected capacity change from 0 to 8
[  161.357161][ T7502] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  161.575198][ T7510] loop3: detected capacity change from 0 to 8
[  161.635615][ T7510] SQUASHFS error: zlib decompression failed, data probably corrupt
[  161.645932][ T7510] SQUASHFS error: Failed to read block 0x9b: -5
[  161.665994][ T7506] loop6: detected capacity change from 0 to 4096
[  161.696773][ T7510] SQUASHFS error: Unable to read metadata cache entry [99]
[  161.723460][ T7506] ntfs3(loop6): Different NTFS sector size (2048) and media sector size (512).
[  161.737555][ T7510] SQUASHFS error: Unable to read inode 0x127
[  161.793545][ T7514] loop2: detected capacity change from 0 to 64
[  161.835221][ T7506] ntfs3(loop6): Failed to initialize $Extend/$ObjId.
[  161.890735][ T7506] ntfs3(loop6): ino=5, "/" indx_read
[  161.955533][ T7514] syz.2.421: attempt to access beyond end of device
[  161.955533][ T7514] loop2: rw=2049, sector=161, nr_sectors = 1 limit=64
[  162.138525][ T7498] loop5: detected capacity change from 0 to 32768
[  162.145842][ T7498] XFS: attr2 mount option is deprecated.
[  162.159047][   T12] kworker/u8:0: attempt to access beyond end of device
[  162.159047][   T12] loop2: rw=1, sector=163, nr_sectors = 69 limit=64
[  162.191938][ T7498] XFS: ikeep mount option is deprecated.
[  162.217991][ T7498] XFS: noikeep mount option is deprecated.
[  162.304128][ T7498] XFS (loop5): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  162.469897][ T7541] 9pnet_virtio: no channels available for device syz
[  162.523616][ T7498] XFS (loop5): Ending clean mount
[  162.524213][ T7545] netlink: 8 bytes leftover after parsing attributes in process `syz.2.431'.
[  162.580138][ T7498] XFS (loop5): Quotacheck needed: Please wait.
[  162.629579][ T7498] XFS (loop5): Quotacheck: Done.
[  162.759772][ T5838] XFS (loop5): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  162.777372][ T7549] sp0: Synchronizing with TNC
[  163.402768][ T7561] netlink: 54 bytes leftover after parsing attributes in process `syz.5.435'.
[  163.692631][ T7543] loop6: detected capacity change from 0 to 32768
[  163.732405][ T7543] XFS (loop6): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  163.741134][ T5831] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  163.862574][ T7543] XFS (loop6): Ending clean mount
[  163.887723][ T5831] usb 1-1: Using ep0 maxpacket: 8
[  163.916581][ T7543] XFS (loop6): Quotacheck needed: Please wait.
[  163.937550][ T5831] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  163.946658][ T5831] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.979254][ T5831] usb 1-1: Product: syz
[  163.983605][ T5831] usb 1-1: Manufacturer: syz
[  163.992867][ T5831] usb 1-1: SerialNumber: syz
[  164.023563][ T5831] usb 1-1: config 0 descriptor??
[  164.031211][ T7543] XFS (loop6): Quotacheck: Done.
[  164.108043][ T5968] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  164.204437][ T5902] kernel write not supported for file /ppp (pid: 5902 comm: kworker/0:3)
[  164.250479][ T5831] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  164.279649][ T5968] usb 6-1: Using ep0 maxpacket: 16
[  164.287014][ T5968] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  164.307709][ T5968] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  164.327543][ T5968] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  164.347470][ T5968] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  164.367445][ T5968] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  164.398984][ T5968] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  164.409293][ T5968] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  164.417367][ T5968] usb 6-1: Manufacturer: syz
[  164.454524][ T5968] usb 6-1: config 0 descriptor??
[  164.496889][ T6087] XFS (loop6): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  164.654852][ T5831] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  164.672103][ T7576] loop3: detected capacity change from 0 to 32768
[  164.687888][ T5831] usb 1-1: USB disconnect, device number 6
[  164.805543][ T7595] can0: slcan on ptm0.
[  164.837508][ T5968] rc_core: IR keymap rc-hauppauge not found
[  164.843440][ T5968] Registered IR keymap rc-empty
[  164.874875][ T5968] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  164.908003][ T7594] can0 (unregistered): slcan off ptm0.
[  164.917293][ T5968] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  164.959198][ T5968] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0
[  164.988166][ T5968] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input10
[  165.007678][ T5968] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  165.027667][ T5968] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  165.047715][ T5968] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  165.072080][ T5968] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  165.110593][ T5968] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  165.138991][ T5968] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  165.157653][ T5968] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  165.198775][ T5831] usb 3-1: new full-speed USB device number 6 using dummy_hcd
[  165.206679][ T5968] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  165.237533][ T5968] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  165.267554][ T5968] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[  165.303929][ T5968] mceusb 6-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  165.337703][ T5968] mceusb 6-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  165.360335][ T5968] usb 6-1: USB disconnect, device number 7
[  165.381184][ T5831] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  165.407303][ T5831] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  165.450249][ T5831] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  165.485260][ T5831] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  165.541499][ T5831] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  165.557729][ T5831] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  165.565740][ T5831] usb 3-1: Manufacturer: syz
[  165.589149][ T5831] usb 3-1: config 0 descriptor??
[  165.811206][ T7599] loop6: detected capacity change from 0 to 40427
[  165.897051][ T7615] loop3: detected capacity change from 0 to 2048
[  165.950589][ T5831] rc_core: IR keymap rc-hauppauge not found
[  165.959009][ T5831] Registered IR keymap rc-empty
[  165.964328][ T5831] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  166.007595][ T5831] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  166.015926][ T7615] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  166.055959][ T5831] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  166.104774][ T7599] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  166.130704][ T5831] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input11
[  166.177663][   T30] audit: type=1800 audit(1745087362.805:19): pid=7615 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.458" name="file0" dev="loop3" ino=13 res=0 errno=0
[  166.228267][ T6087] syz-executor: attempt to access beyond end of device
[  166.228267][ T6087] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  166.259166][ T6087] CPU: 0 UID: 0 PID: 6087 Comm: syz-executor Not tainted 6.15.0-rc2-syzkaller-00404-g8560697b23dc #0 PREEMPT(full) 
[  166.259203][ T6087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  166.259219][ T6087] Call Trace:
[  166.259228][ T6087]  <TASK>
[  166.259239][ T6087]  dump_stack_lvl+0x241/0x360
[  166.259285][ T6087]  ? __pfx_dump_stack_lvl+0x10/0x10
[  166.259323][ T6087]  ? srso_alias_return_thunk+0x5/0xfbef5
[  166.259352][ T6087]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  166.259393][ T6087]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  166.259433][ T6087]  ? srso_alias_return_thunk+0x5/0xfbef5
[  166.259461][ T6087]  ? f2fs_hw_is_readonly+0x3a3/0x470
[  166.259503][ T6087]  f2fs_handle_critical_error+0x392/0x5a0
[  166.259547][ T6087]  f2fs_write_end_io+0x563/0x790
[  166.259595][ T6087]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  166.259638][ T6087]  ? bio_endio+0x7e4/0x890
[  166.259688][ T6087]  ? bio_endio+0x82a/0x890
[  166.259718][ T6087]  __submit_merged_bio+0x2a9/0x710
[  166.259748][ T6087]  ? f2fs_submit_merged_write_cond+0x101/0x380
[  166.259789][ T6087]  f2fs_submit_merged_write_cond+0x29f/0x380
[  166.259835][ T6087]  f2fs_write_data_pages+0x2f99/0x38d0
[  166.259916][ T6087]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  166.260008][ T6087]  ? srso_alias_return_thunk+0x5/0xfbef5
[  166.260037][ T6087]  ? __mod_memcg_lruvec_state+0x301/0x4f0
[  166.260072][ T6087]  ? __pfx___mod_memcg_lruvec_state+0x10/0x10
[  166.260105][ T6087]  ? srso_alias_return_thunk+0x5/0xfbef5
[  166.260159][ T6087]  ? srso_alias_return_thunk+0x5/0xfbef5
[  166.260187][ T6087]  ? __lock_acquire+0xad5/0xd80
[  166.260229][ T6087]  ? srso_alias_return_thunk+0x5/0xfbef5
[  166.260257][ T6087]  ? do_raw_spin_lock+0x151/0x370
[  166.260297][ T6087]  ? srso_alias_return_thunk+0x5/0xfbef5
[  166.260325][ T6087]  ? do_raw_spin_unlock+0x13c/0x8b0
[  166.260360][ T6087]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  166.260400][ T6087]  do_writepages+0x366/0x890
[  166.260444][ T6087]  ? __pfx_do_writepages+0x10/0x10
[  166.260474][ T6087]  ? srso_alias_return_thunk+0x5/0xfbef5
[  166.260502][ T6087]  ? __lock_acquire+0xad5/0xd80
[  166.260543][ T6087]  ? srso_alias_return_thunk+0x5/0xfbef5
[  166.260570][ T6087]  ? do_raw_spin_lock+0x151/0x370
[  166.260613][ T6087]  ? srso_alias_return_thunk+0x5/0xfbef5
[  166.260642][ T6087]  ? do_raw_spin_unlock+0x13c/0x8b0
[  166.260683][ T6087]  filemap_fdatawrite+0x1f2/0x2a0
[  166.260722][ T6087]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  166.260754][ T6087]  ? mlock_drain_local+0x79/0x490
[  166.260839][ T6087]  ? srso_alias_return_thunk+0x5/0xfbef5
[  166.260868][ T6087]  ? do_raw_spin_unlock+0x13c/0x8b0
[  166.260908][ T6087]  f2fs_sync_dirty_inodes+0x34f/0x860
[  166.260967][ T6087]  f2fs_write_checkpoint+0x857/0x1da0
[  166.261030][ T6087]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  166.261132][ T6087]  ? srso_alias_return_thunk+0x5/0xfbef5
[  166.261161][ T6087]  ? kill_f2fs_super+0x290/0x6d0
[  166.261192][ T6087]  kill_f2fs_super+0x2b8/0x6d0
[  166.261223][ T6087]  ? __pfx_kill_f2fs_super+0x10/0x10
[  166.261255][ T6087]  ? srso_alias_return_thunk+0x5/0xfbef5
[  166.261283][ T6087]  ? shrinker_free+0x2ca/0x3d0
[  166.261311][ T6087]  deactivate_locked_super+0xc6/0x130
[  166.261346][ T6087]  cleanup_mnt+0x422/0x4c0
[  166.261375][ T6087]  ? lockdep_hardirqs_on+0x9d/0x150
[  166.261406][ T6087]  task_work_run+0x253/0x310
[  166.261448][ T6087]  ? __pfx_task_work_run+0x10/0x10
[  166.261486][ T6087]  ? srso_alias_return_thunk+0x5/0xfbef5
[  166.261521][ T6087]  syscall_exit_to_user_mode+0x13f/0x340
[  166.261552][ T6087]  do_syscall_64+0x100/0x210
[  166.261586][ T6087]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.261610][ T6087] RIP: 0033:0x7fd840d8f497
[  166.261632][ T6087] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  166.261653][ T6087] RSP: 002b:00007ffedfa8b158 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  166.261679][ T6087] RAX: 0000000000000000 RBX: 00007fd840e10854 RCX: 00007fd840d8f497
[  166.261696][ T6087] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffedfa8b210
[  166.261713][ T6087] RBP: 00007ffedfa8b210 R08: 0000000000000000 R09: 0000000000000000
[  166.261729][ T6087] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffedfa8c2a0
[  166.261746][ T6087] R13: 00007fd840e10854 R14: 00000000000288e5 R15: 00007ffedfa8c2e0
[  166.261785][ T6087]  </TASK>
[  166.261795][ T6087] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  166.263504][ T5831] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  166.403416][ T7602] loop1: detected capacity change from 0 to 40427
[  166.560643][ T5831] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  166.619948][ T5840] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.626865][ T7602] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x7
[  166.756058][ T7602] F2FS-fs (loop1): invalid crc value
[  166.805367][ T5831] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  166.837576][ T5831] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  166.857671][ T5831] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  166.882644][ T5831] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  166.891309][ T7602] F2FS-fs (loop1): Start checkpoint disabled!
[  166.907864][ T7602] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  166.917554][ T5831] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  166.937680][ T5831] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  166.960355][ T5831] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  166.981134][ T7602] syz.1.454: attempt to access beyond end of device
[  166.981134][ T7602] loop1: rw=2049, sector=45096, nr_sectors = 96 limit=40427
[  167.012692][ T5831] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  167.040258][ T5831] mceusb 3-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  167.053153][ T7638] syz.1.454: attempt to access beyond end of device
[  167.053153][ T7638] loop1: rw=2049, sector=77824, nr_sectors = 40 limit=40427
[  167.068178][ T7637] loop0: detected capacity change from 0 to 1024
[  167.083717][ T5831] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  167.094385][ T7638] syz.1.454: attempt to access beyond end of device
[  167.094385][ T7638] loop1: rw=2049, sector=45096, nr_sectors = 96 limit=40427
[  167.126306][ T5831] usb 3-1: USB disconnect, device number 6
[  167.150220][ T7637] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.312418][   T62] kworker/u8:4: attempt to access beyond end of device
[  167.312418][   T62] loop1: rw=2049, sector=45192, nr_sectors = 8 limit=40427
[  167.368469][   T62] CPU: 0 UID: 0 PID: 62 Comm: kworker/u8:4 Not tainted 6.15.0-rc2-syzkaller-00404-g8560697b23dc #0 PREEMPT(full) 
[  167.368510][   T62] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  167.368527][   T62] Workqueue: writeback wb_workfn (flush-7:1)
[  167.368565][   T62] Call Trace:
[  167.368574][   T62]  <TASK>
[  167.368584][   T62]  dump_stack_lvl+0x241/0x360
[  167.368629][   T62]  ? __pfx_dump_stack_lvl+0x10/0x10
[  167.368671][   T62]  ? srso_alias_return_thunk+0x5/0xfbef5
[  167.368700][   T62]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  167.368741][   T62]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  167.368781][   T62]  ? srso_alias_return_thunk+0x5/0xfbef5
[  167.368808][   T62]  ? f2fs_hw_is_readonly+0x3a3/0x470
[  167.368849][   T62]  f2fs_handle_critical_error+0x392/0x5a0
[  167.368893][   T62]  f2fs_write_end_io+0x563/0x790
[  167.368940][   T62]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  167.368983][   T62]  ? bio_endio+0x7e4/0x890
[  167.369012][   T62]  ? bio_endio+0x82a/0x890
[  167.369041][   T62]  __submit_merged_bio+0x2a9/0x710
[  167.369071][   T62]  ? f2fs_submit_merged_write_cond+0x101/0x380
[  167.369111][   T62]  f2fs_submit_merged_write_cond+0x29f/0x380
[  167.369162][   T62]  f2fs_write_data_pages+0x2f99/0x38d0
[  167.369243][   T62]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  167.369298][   T62]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  167.369355][   T62]  ? __lock_acquire+0xad5/0xd80
[  167.369397][   T62]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  167.369448][   T62]  ? srso_alias_return_thunk+0x5/0xfbef5
[  167.369476][   T62]  ? trace_f2fs_writepages+0x8c/0x220
[  167.369511][   T62]  ? f2fs_write_node_pages+0x4ba/0x730
[  167.369551][   T62]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  167.369580][   T62]  ? __lock_acquire+0xad5/0xd80
[  167.369621][   T62]  ? srso_alias_return_thunk+0x5/0xfbef5
[  167.369649][   T62]  ? has_not_enough_free_secs+0xc26/0x1490
[  167.369690][   T62]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  167.369730][   T62]  do_writepages+0x366/0x890
[  167.369774][   T62]  ? __pfx_do_writepages+0x10/0x10
[  167.369802][   T62]  ? srso_alias_return_thunk+0x5/0xfbef5
[  167.369830][   T62]  ? __lock_acquire+0xad5/0xd80
[  167.369871][   T62]  ? srso_alias_return_thunk+0x5/0xfbef5
[  167.369899][   T62]  ? __lock_acquire+0xad5/0xd80
[  167.369944][   T62]  ? srso_alias_return_thunk+0x5/0xfbef5
[  167.369971][   T62]  ? reacquire_held_locks+0x12a/0x1e0
[  167.369995][   T62]  ? writeback_sb_inodes+0x43f/0x1360
[  167.370041][   T62]  __writeback_single_inode+0x14f/0x10d0
[  167.370084][   T62]  writeback_sb_inodes+0x822/0x1360
[  167.370145][   T62]  ? srso_alias_return_thunk+0x5/0xfbef5
[  167.370188][   T62]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  167.370268][   T62]  ? rcu_is_watching+0x15/0xb0
[  167.370293][   T62]  ? srso_alias_return_thunk+0x5/0xfbef5
[  167.370321][   T62]  ? queue_io+0x3d9/0x5a0
[  167.370363][   T62]  wb_writeback+0x415/0xb90
[  167.370404][   T62]  ? queue_io+0x3b1/0x5a0
[  167.370438][   T62]  ? __pfx_wb_writeback+0x10/0x10
[  167.370491][   T62]  wb_workfn+0x412/0x10b0
[  167.370545][   T62]  ? __pfx_wb_workfn+0x10/0x10
[  167.370568][   T62]  ? srso_alias_return_thunk+0x5/0xfbef5
[  167.370595][   T62]  ? register_lock_class+0x54/0x330
[  167.370637][   T62]  ? srso_alias_return_thunk+0x5/0xfbef5
[  167.370664][   T62]  ? __lock_acquire+0xad5/0xd80
[  167.370714][   T62]  ? srso_alias_return_thunk+0x5/0xfbef5
[  167.370756][   T62]  ? process_scheduled_works+0x9cb/0x18e0
[  167.370795][   T62]  process_scheduled_works+0xac5/0x18e0
[  167.370870][   T62]  ? __pfx_process_scheduled_works+0x10/0x10
[  167.370920][   T62]  ? assign_work+0x367/0x3d0
[  167.370966][   T62]  worker_thread+0x870/0xd50
[  167.371009][   T62]  ? __kthread_parkme+0x1a8/0x200
[  167.371040][   T62]  ? __pfx_worker_thread+0x10/0x10
[  167.371064][   T62]  kthread+0x7b9/0x940
[  167.371096][   T62]  ? __pfx_worker_thread+0x10/0x10
[  167.371121][   T62]  ? __pfx_kthread+0x10/0x10
[  167.371148][   T62]  ? __pfx_kthread+0x10/0x10
[  167.371181][   T62]  ? __pfx_kthread+0x10/0x10
[  167.371210][   T62]  ? __pfx_kthread+0x10/0x10
[  167.371237][   T62]  ? srso_alias_return_thunk+0x5/0xfbef5
[  167.371265][   T62]  ? lockdep_hardirqs_on+0x9d/0x150
[  167.371291][   T62]  ? __pfx_kthread+0x10/0x10
[  167.371321][   T62]  ret_from_fork+0x4d/0x80
[  167.371344][   T62]  ? __pfx_kthread+0x10/0x10
[  167.371374][   T62]  ret_from_fork_asm+0x1a/0x30
[  167.371418][   T62]  </TASK>
[  167.371456][   T62] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  167.818214][   T30] audit: type=1804 audit(1745087364.385:20): pid=7653 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.473" name="/" dev="pidfs" ino=7652 res=1 errno=0
[  167.837892][    C0] vkms_vblank_simulate: vblank timer overrun
[  167.939909][ T5839] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.067882][ T7660] netlink: 'syz.3.475': attribute type 11 has an invalid length.
[  168.087323][ T7660] netlink: 44 bytes leftover after parsing attributes in process `syz.3.475'.
[  168.658035][ T7690] netlink: 4 bytes leftover after parsing attributes in process `syz.6.487'.
[  168.660356][ T7689] loop0: detected capacity change from 0 to 512
[  168.762206][ T7689] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  168.791711][ T7684] loop5: detected capacity change from 0 to 4096
[  168.826818][ T7689] ext4 filesystem being mounted at /88/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  168.828384][ T7695] netlink: 8 bytes leftover after parsing attributes in process `syz.2.489'.
[  168.867191][ T7684] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512).
[  168.894639][ T7695] syz_tun: entered promiscuous mode
[  168.935025][ T7702] netlink: 'syz.3.490': attribute type 10 has an invalid length.
[  168.978425][ T7684] ntfs3(loop5): Failed to initialize $Extend/$Reparse.
[  169.016601][ T5839] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  169.037168][   T30] audit: type=1800 audit(1745087365.665:21): pid=7684 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.485" name="file1" dev="loop5" ino=30 res=0 errno=0
[  169.142885][ T7709] loop6: detected capacity change from 0 to 512
[  169.161683][ T7709] EXT4-fs: Ignoring removed i_version option
[  169.182553][ T7709] EXT4-fs: Ignoring removed nobh option
[  169.220496][ T7709] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  169.274093][ T7709] EXT4-fs (loop6): 1 truncate cleaned up
[  169.321089][ T7709] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  169.520615][ T7726] loop1: detected capacity change from 0 to 256
[  169.545063][ T7726] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  169.562900][ T7725] loop5: detected capacity change from 0 to 1024
[  169.592762][ T7726] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010364, chksum : 0x43f9f21b, utbl_chksum : 0xe619d30d)
[  169.723829][ T6087] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.927602][ T7735] syzkaller1: entered promiscuous mode
[  169.933267][ T7735] syzkaller1: entered allmulticast mode
[  170.579047][ T7751] loop5: detected capacity change from 0 to 1024
[  171.793591][ T7784] loop5: detected capacity change from 0 to 4096
[  171.841510][ T7759] loop2: detected capacity change from 0 to 32768
[  171.889539][ T7759] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.515 (7759)
[  171.924395][ T7784] ntfs3(loop5): ino=1a, mi_enum_attr
[  171.933428][ T7784] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  171.947609][ T5926] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  171.971451][ T7759] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  172.007739][ T7759] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  172.024168][ T7759] BTRFS info (device loop2): using free-space-tree
[  172.047910][ T7788] netlink: 8 bytes leftover after parsing attributes in process `syz.1.527'.
[  172.122487][ T5926] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  172.135710][ T7803] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  172.144027][ T5926] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  172.168994][ T5926] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  172.182872][ T5926] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.195085][ T7786] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  172.209458][ T5926] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  172.251795][ T5922] ntfs3(loop5): ino=5, mi_enum_attr
[  172.277632][   T30] audit: type=1800 audit(1745087368.905:22): pid=7759 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.515" name="file0" dev="loop2" ino=258 res=0 errno=0
[  172.382822][ T5841] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  172.461641][ T5968] usb 1-1: USB disconnect, device number 7
[  172.634693][ T7813] loop5: detected capacity change from 0 to 4096
[  172.773082][ T7817] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  172.788483][ T7780] loop6: detected capacity change from 0 to 40427
[  172.841618][ T7780] F2FS-fs (loop6): build fault injection attr: rate: 690, type: 0x3fffff
[  172.904183][ T7780] F2FS-fs (loop6): invalid crc value
[  173.166640][ T7833] loop2: detected capacity change from 0 to 512
[  173.196823][ T7780] F2FS-fs (loop6): Start checkpoint disabled!
[  173.266240][ T7780] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  173.381583][ T7830] loop3: detected capacity change from 0 to 32768
[  173.456453][ T7833] EXT4-fs (loop2): Test dummy encryption mode enabled
[  173.474784][ T7833] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  173.514763][ T1315] kworker/u8:6: attempt to access beyond end of device
[  173.514763][ T1315] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  173.552462][ T7847] loop0: detected capacity change from 0 to 1024
[  173.562278][ T1315] CPU: 1 UID: 0 PID: 1315 Comm: kworker/u8:6 Not tainted 6.15.0-rc2-syzkaller-00404-g8560697b23dc #0 PREEMPT(full) 
[  173.562311][ T1315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  173.562329][ T1315] Workqueue: writeback wb_workfn (flush-7:6)
[  173.562365][ T1315] Call Trace:
[  173.562375][ T1315]  <TASK>
[  173.562386][ T1315]  dump_stack_lvl+0x241/0x360
[  173.562430][ T1315]  ? __pfx_dump_stack_lvl+0x10/0x10
[  173.562469][ T1315]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.562499][ T1315]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  173.562539][ T1315]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  173.562546][ T7833] EXT4-fs error (device loop2): ext4_orphan_get:1416: comm syz.2.533: bad orphan inode 131083
[  173.562581][ T1315]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.562608][ T1315]  ? f2fs_hw_is_readonly+0x3a3/0x470
[  173.562651][ T1315]  f2fs_handle_critical_error+0x392/0x5a0
[  173.562698][ T1315]  f2fs_write_end_io+0x563/0x790
[  173.562747][ T1315]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  173.562790][ T1315]  ? bio_endio+0x7e4/0x890
[  173.562820][ T1315]  ? bio_endio+0x82a/0x890
[  173.562851][ T1315]  __submit_merged_bio+0x2a9/0x710
[  173.562880][ T1315]  ? f2fs_submit_merged_write_cond+0x101/0x380
[  173.562929][ T1315]  f2fs_submit_merged_write_cond+0x29f/0x380
[  173.562979][ T1315]  f2fs_write_data_pages+0x2f99/0x38d0
[  173.563072][ T1315]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  173.563181][ T1315]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.563208][ T1315]  ? stack_trace_save+0x11a/0x1d0
[  173.563275][ T1315]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.563308][ T1315]  ? __update_page_owner_handle+0x5a/0x550
[  173.563356][ T1315]  ? __lock_acquire+0xad5/0xd80
[  173.563399][ T1315]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  173.563439][ T1315]  do_writepages+0x366/0x890
[  173.563486][ T1315]  ? __pfx_do_writepages+0x10/0x10
[  173.563517][ T1315]  ? __page_table_check_zero+0xb8/0x510
[  173.563553][ T1315]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.563588][ T1315]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.563614][ T1315]  ? __lock_acquire+0xad5/0xd80
[  173.563662][ T1315]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.563689][ T1315]  ? reacquire_held_locks+0x12a/0x1e0
[  173.563712][ T1315]  ? writeback_sb_inodes+0x43f/0x1360
[  173.563760][ T1315]  __writeback_single_inode+0x14f/0x10d0
[  173.563806][ T1315]  writeback_sb_inodes+0x822/0x1360
[  173.563845][ T1315]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.563906][ T1315]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.563947][ T1315]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  173.564041][ T1315]  ? rcu_is_watching+0x15/0xb0
[  173.564066][ T1315]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.564092][ T1315]  ? queue_io+0x3d9/0x5a0
[  173.564137][ T1315]  wb_writeback+0x415/0xb90
[  173.564180][ T1315]  ? queue_io+0x3b1/0x5a0
[  173.564215][ T1315]  ? __pfx_wb_writeback+0x10/0x10
[  173.564274][ T1315]  wb_workfn+0x412/0x10b0
[  173.564336][ T1315]  ? __pfx_wb_workfn+0x10/0x10
[  173.564358][ T1315]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.564385][ T1315]  ? register_lock_class+0x54/0x330
[  173.564428][ T1315]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.564455][ T1315]  ? __lock_acquire+0xad5/0xd80
[  173.564494][ T1315]  ? lockdep_hardirqs_on+0x9d/0x150
[  173.564531][ T1315]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.564575][ T1315]  ? process_scheduled_works+0x9cb/0x18e0
[  173.564612][ T1315]  process_scheduled_works+0xac5/0x18e0
[  173.564697][ T1315]  ? __pfx_process_scheduled_works+0x10/0x10
[  173.564750][ T1315]  ? assign_work+0x367/0x3d0
[  173.564797][ T1315]  worker_thread+0x870/0xd50
[  173.564846][ T1315]  ? __kthread_parkme+0x1a8/0x200
[  173.564877][ T1315]  ? __pfx_worker_thread+0x10/0x10
[  173.564908][ T1315]  kthread+0x7b9/0x940
[  173.564940][ T1315]  ? __pfx_worker_thread+0x10/0x10
[  173.564966][ T1315]  ? __pfx_kthread+0x10/0x10
[  173.564992][ T1315]  ? __pfx_kthread+0x10/0x10
[  173.565020][ T1315]  ? __pfx_kthread+0x10/0x10
[  173.565047][ T1315]  ? __pfx_kthread+0x10/0x10
[  173.565076][ T1315]  ? srso_alias_return_thunk+0x5/0xfbef5
[  173.565102][ T1315]  ? lockdep_hardirqs_on+0x9d/0x150
[  173.565127][ T1315]  ? __pfx_kthread+0x10/0x10
[  173.565157][ T1315]  ret_from_fork+0x4d/0x80
[  173.565180][ T1315]  ? __pfx_kthread+0x10/0x10
[  173.565210][ T1315]  ret_from_fork_asm+0x1a/0x30
[  173.565259][ T1315]  </TASK>
[  173.565269][ T1315] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  173.819898][ T7833] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.960157][ T7830] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,norecovery,nojournal_transaction_names,nocow
[  173.960157][ T7830]   allowing incompatible features above 0.0: (unknown version)
[  174.051346][ T7830] bcachefs (loop3): invalid bkey in superblock btree=dirents level=1: u64s 11 type extent SPOS_MAX len 0 ver 281474976710656: durability: 0 (invalid extent entry 0000000000000000)
[  174.051375][ T7830]   invalid key type for btree internal btree node (extent), deleting
[  174.078026][ T7830] bcachefs (loop3): recovering from clean shutdown, journal seq 10
[  174.086091][ T7830] bcachefs (loop3): Version upgrade from 1.20: directory_size to 1.7: mi_btree_bitmap incomplete
[  174.086091][ T7830] Doing compatible version upgrade from 1.20: directory_size to 1.25: extent_flags
[  174.086091][ T7830]   running recovery passes: check_extents_to_backpointers
[  174.110649][ T7858] loop1: detected capacity change from 0 to 512
[  174.135852][ T1033] hfsplus: b-tree write err: -5, ino 4
[  174.143092][ T7830] bcachefs (loop3): bcachefs (loop3): error validating btree node at btree extents level 0/0
[  174.143114][ T7830]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c6c25c03258c59c5 written 16 min_key POS_MIN durability: 1 ptr: 0:27:0 gen 0
[  174.143135][ T7830]   node offset 8/16 bset u64s 49 bset byte offset 176: keys out of order: u64s 10 type inline_data 1084523085266161668:8:U32_MAX len 8 ver 0 > u64s 7 type inline_data 536870912:8:U32_MAX len 8 ver 0, fixing
[  174.162382][ T7858] EXT4-fs error (device loop1): ext4_map_blocks:675: inode #2: block 3: comm syz.1.545: lblock 0 mapped to illegal pblock 3 (length 1)
[  174.167274][ T7830] bcachefs (loop3): btree_node_read_work: rewriting btree node at due to error
[  174.167274][ T7830]   btree=extents level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c6c25c03258c59c5 written 16 min_key POS_MIN durability: 1 ptr: 0:27:0 gen 0
[  174.187654][    C0] vkms_vblank_simulate: vblank timer overrun
[  174.235643][ T7830] bcachefs (loop3): invalid bkey in btree_node btree=inodes level=0: u64s 18 type inode_v3 0:536870913:U32_MAX len 0 ver 0: (unpack error)
[  174.235671][ T7830]   invalid variable length fields, deleting
[  174.262761][ T7830] bcachefs (loop3): bcachefs (loop3): error validating btree node on loop3 at btree alloc level 0/0
[  174.262784][ T7830]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 9 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0
[  174.262804][ T7830]   node offset 8/9 bset u64s 375: bset past end of btree node (offset 8 len 8 but written 9), shutting down
[  174.262823][ T7830]   inconsistency detected - emergency read only at journal seq 10
[  174.289585][ T7858] EXT4-fs warning (device loop1): dx_probe:793: inode #2: lblock 0: comm syz.1.545: error -117 reading directory block
[  174.299946][ T7830] bcachefs (loop3): flagging btree alloc lost data
[  174.299995][ T7830] bcachefs (loop3): running explicit recovery pass check_topology (2), currently at recovery_pass_empty (0)
[  174.300037][ T7830] bcachefs (loop3): running explicit recovery pass check_allocations (8), currently at recovery_pass_empty (0)
[  174.300061][ T7830] bcachefs (loop3): running explicit recovery pass check_lrus (14), currently at recovery_pass_empty (0)
[  174.300085][ T7830] bcachefs (loop3): running explicit recovery pass check_backpointers_to_extents (16), currently at recovery_pass_empty (0)
[  174.300110][ T7830] bcachefs (loop3): running explicit recovery pass check_alloc_info (13), currently at recovery_pass_empty (0)
[  174.388449][ T7830] bcachefs (loop3): error reading btree root btree=alloc level=0: btree_node_read_error, fixing
[  174.410209][ T7830] bcachefs (loop3): bcachefs (loop3): error validating btree node on loop3 at btree freespace level 0/0
[  174.410232][ T7830]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key 0:3703155162349568:0 durability: 1 ptr: 0:29:0 gen 0
[  174.410254][ T7830]   node offset 0/32 bset u64s 0: checksum error, type none: got  should be , shutting down
[  174.448429][ T7830] bcachefs (loop3): flagging btree freespace lost data
[  174.455773][ T7830] bcachefs (loop3): error reading btree root btree=freespace level=0: btree_node_read_error, fixing
[  174.457969][ T7858] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[  174.475902][ T7830] bcachefs (loop3): bcachefs (loop3): error validating btree node at btree backpointers level 0/0
[  174.475923][ T7830]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0
[  174.475945][ T7830]   node offset 8/24 bset u64s 42 bset byte offset 264: keys out of order: u64s 9 type backpointer 9223090561878065152:8912896:0 len 0 ver 0 > u64s 9 type backpointer 0:8921088:0 len 0 ver 0, fixing
[  174.522038][ T7830] bcachefs (loop3): btree_node_read_work: rewriting btree node at due to error
[  174.522038][ T7830]   btree=backpointers level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0
[  174.524957][ T7858] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  174.562574][ T7830] bcachefs (loop3): check_topology... done
[  174.566493][ T7833] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[  174.568577][ T7830] bcachefs (loop3): accounting_read... done
[  174.589704][ T7830] bcachefs (loop3): alloc_read... done
[  174.595219][ T7830] bcachefs (loop3): snapshots_read... done
[  174.601970][ T7830] bcachefs (loop3): done starting filesystem
[  174.710675][ T7858] EXT4-fs error (device loop1): ext4_map_blocks:675: inode #2: block 3: comm syz.1.545: lblock 0 mapped to illegal pblock 3 (length 1)
[  174.733155][ T7858] EXT4-fs warning (device loop1): ext4_empty_dir:3080: inode #2: lblock 0: comm syz.1.545: error -117 reading directory block
[  174.763773][ T5840] bcachefs (loop3): shutting down
[  174.777570][ T7833] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  174.876523][ T5843] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.903824][ T7868] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 13: comm syz.2.533: path /77/bus: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  174.942283][ T5840] bcachefs (loop3): shutdown complete
[  175.121610][ T5841] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.348329][ T7876] netlink: 12 bytes leftover after parsing attributes in process `syz.1.551'.
[  175.686273][ T7888] netlink: 16 bytes leftover after parsing attributes in process `syz.5.556'.
[  176.165880][ T7909] loop0: detected capacity change from 0 to 256
[  176.227289][ T5902] hid-generic 0005:16C0:5505.0007: unknown main item tag 0x0
[  176.255411][ T5902] hid-generic 0005:16C0:5505.0007: unknown main item tag 0x0
[  176.276640][ T5902] hid-generic 0005:16C0:5505.0007: unknown main item tag 0x0
[  176.284716][ T5902] hid-generic 0005:16C0:5505.0007: unknown main item tag 0x0
[  176.293961][ T5902] hid-generic 0005:16C0:5505.0007: unknown main item tag 0x0
[  176.303173][ T5902] hid-generic 0005:16C0:5505.0007: unknown main item tag 0x0
[  176.312347][ T5902] hid-generic 0005:16C0:5505.0007: unknown main item tag 0x3
[  176.320496][ T5902] hid-generic 0005:16C0:5505.0007: unknown main item tag 0x1
[  176.357677][ T5902] hid-generic 0005:16C0:5505.0007: hidraw0: BLUETOOTH HID v0.8b Device [syz0] on aa:aa:aa:aa:aa:aa
[  176.597082][ T7921] loop5: detected capacity change from 0 to 4096
[  281.637350][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  281.644327][    C0] rcu: 	1-...!: (1 GPs behind) idle=fb24/1/0x4000000000000000 softirq=28257/28268 fqs=0
[  281.655460][    C0] rcu: 	(detected by 0, t=10506 jiffies, g=20329, q=343 ncpus=2)
[  281.663187][    C0] Sending NMI from CPU 0 to CPUs 1:
[  281.663220][    C1] NMI backtrace for cpu 1
[  281.663235][    C1] CPU: 1 UID: 0 PID: 6087 Comm: syz-executor Not tainted 6.15.0-rc2-syzkaller-00404-g8560697b23dc #0 PREEMPT(full) 
[  281.663261][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  281.663275][    C1] RIP: 0010:memset+0xf/0x20
[  281.663305][    C1] Code: 44 88 1f e9 6e 77 e0 f4 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 49 89 f9 40 88 f0 48 89 d1 <f3> aa 4c 89 c8 e9 42 77 e0 f4 0f 1f 80 00 00 00 00 90 90 90 90 90
[  281.663323][    C1] RSP: 0018:ffffc90000a08cd0 EFLAGS: 00000002
[  281.663343][    C1] RAX: ffffffff8c2b6200 RBX: 1ffff110170e4f02 RCX: 0000000000000012
[  281.663359][    C1] RDX: 0000000000000018 RSI: 0000000000000000 RDI: ffff88807e11d346
[  281.663374][    C1] RBP: 1ffff1100fc23a68 R08: ffff88807e11d357 R09: ffff88807e11d340
[  281.663390][    C1] R10: dffffc0000000000 R11: ffffed100fc23a6b R12: ffff8880b8727810
[  281.663407][    C1] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff88807e11d340
[  281.663425][    C1] FS:  000055556d842500(0000) GS:ffff88812509a000(0000) knlGS:0000000000000000
[  281.663444][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  281.663458][    C1] CR2: 00007fd841ae56c0 CR3: 0000000051464000 CR4: 0000000000350ef0
[  281.663476][    C1] Call Trace:
[  281.663484][    C1]  <IRQ>
[  281.663492][    C1]  timerqueue_add+0x200/0x290
[  281.663521][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  281.663547][    C1]  ? rcu_is_watching+0x15/0xb0
[  281.663568][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  281.663593][    C1]  ? enqueue_hrtimer+0x14f/0x3c0
[  281.663617][    C1]  __hrtimer_run_queues+0x6d6/0xd40
[  281.663638][    C1]  ? ktime_get_update_offsets_now+0x2d/0x3b0
[  281.663679][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  281.663699][    C1]  ? sched_clock_cpu+0x77/0x4d0
[  281.663733][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  281.663757][    C1]  ? ktime_get_update_offsets_now+0x38e/0x3b0
[  281.663792][    C1]  hrtimer_interrupt+0x403/0xa40
[  281.663829][    C1]  __sysvec_apic_timer_interrupt+0x112/0x420
[  281.663860][    C1]  sysvec_apic_timer_interrupt+0xa1/0xc0
[  281.663896][    C1]  </IRQ>
[  281.663903][    C1]  <TASK>
[  281.663911][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  281.663934][    C1] RIP: 0010:__sanitizer_cov_trace_const_cmp4+0x8/0x90
[  281.663964][    C1] Code: 44 0a 20 e9 e5 80 4d ff 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 4c 8b 04 24 <65> 48 8b 14 25 08 60 68 93 65 8b 05 d8 9f a5 11 25 00 01 ff 00 74
[  281.663982][    C1] RSP: 0018:ffffc90004abf2d8 EFLAGS: 00000293
[  281.664000][    C1] RAX: ffffffff82139027 RBX: 000000000000001d RCX: ffff88802fae9e00
[  281.664016][    C1] RDX: 0000000000000000 RSI: 000000000000001d RDI: 000000000000001f
[  281.664029][    C1] RBP: ffffc90004abf610 R08: ffffffff8213693b R09: 1ffff1100529efa4
[  281.664046][    C1] R10: dffffc0000000000 R11: ffffed100529efa5 R12: 00007fd841a9d000
[  281.664062][    C1] R13: 00007fd841a9c000 R14: ffffc90004abf4f0 R15: dffffc0000000000
[  281.664083][    C1]  ? copy_pte_range+0x3db/0x6680
[  281.664109][    C1]  ? copy_pte_range+0x2ac7/0x6680
[  281.664139][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  281.664164][    C1]  copy_pte_range+0x3db/0x6680
[  281.664198][    C1]  ? kernel_text_address+0xa7/0xe0
[  281.664228][    C1]  ? __kernel_text_address+0xd/0x40
[  281.664256][    C1]  ? unwind_get_return_address+0x4d/0x90
[  281.664296][    C1]  ? __pfx_copy_pte_range+0x10/0x10
[  281.664322][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  281.664355][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  281.664384][    C1]  ? __lock_acquire+0xad5/0xd80
[  281.664428][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  281.664457][    C1]  copy_page_range+0xe57/0x13a0
[  281.664507][    C1]  ? __pfx_copy_page_range+0x10/0x10
[  281.664547][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  281.664577][    C1]  copy_mm+0x130d/0x22c0
[  281.664614][    C1]  ? __pfx_copy_mm+0x10/0x10
[  281.664644][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  281.664669][    C1]  ? __init_rwsem+0x122/0x160
[  281.664691][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  281.664715][    C1]  ? copy_signal+0x500/0x630
[  281.664739][    C1]  copy_process+0x17de/0x3d10
[  281.664770][    C1]  ? copy_process+0xa07/0x3d10
[  281.664793][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  281.664822][    C1]  ? __pfx_copy_process+0x10/0x10
[  281.664843][    C1]  ? count_memcg_event_mm+0x388/0x440
[  281.664865][    C1]  ? count_memcg_event_mm+0x96/0x440
[  281.664890][    C1]  ? __pfx_count_memcg_event_mm+0x10/0x10
[  281.664918][    C1]  kernel_clone+0x242/0x930
[  281.664945][    C1]  ? __pfx_kernel_clone+0x10/0x10
[  281.664982][    C1]  __x64_sys_clone+0x268/0x2e0
[  281.665012][    C1]  ? __pfx___x64_sys_clone+0x10/0x10
[  281.665034][    C1]  ? lock_vma_under_rcu+0x1f0/0x9a0
[  281.665079][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  281.665107][    C1]  do_syscall_64+0xf3/0x210
[  281.665134][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  281.665155][    C1] RIP: 0033:0x7fd840d849d3
[  281.665174][    C1] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00
[  281.665197][    C1] RSP: 002b:00007ffedfa8c148 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  281.665218][    C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd840d849d3
[  281.665234][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[  281.665247][    C1] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001
[  281.665260][    C1] R10: 000055556d8427d0 R11: 0000000000000246 R12: 0000000000000000
[  281.665274][    C1] R13: 00000000000927c0 R14: 000000000002b137 R15: 00007ffedfa8c2e0
[  281.665301][    C1]  </TASK>
[  281.666211][    C0] rcu: rcu_preempt kthread starved for 10506 jiffies! g20329 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  282.228325][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  282.238300][    C0] rcu: RCU grace-period kthread stack dump:
[  282.244195][    C0] task:rcu_preempt     state:R  running task     stack:26976 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
[  282.257719][    C0] Call Trace:
[  282.260999][    C0]  <TASK>
[  282.263938][    C0]  __schedule+0x1b88/0x5240
[  282.268476][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  282.274128][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  282.279775][    C0]  ? rcu_is_watching+0x15/0xb0
[  282.284546][    C0]  ? schedule+0x163/0x360
[  282.288900][    C0]  ? __pfx___schedule+0x10/0x10
[  282.293782][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  282.299429][    C0]  ? schedule+0x90/0x360
[  282.303691][    C0]  ? schedule+0x90/0x360
[  282.307950][    C0]  schedule+0x163/0x360
[  282.312127][    C0]  schedule_timeout+0x15b/0x2b0
[  282.316991][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[  282.322463][    C0]  ? __pfx_process_timeout+0x10/0x10
[  282.327762][    C0]  ? prepare_to_swait_event+0x1e5/0x340
[  282.333316][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  282.338959][    C0]  ? prepare_to_swait_event+0x308/0x340
[  282.344519][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  282.349750][    C0]  rcu_gp_fqs_loop+0x2e1/0x1340
[  282.354630][    C0]  ? rcu_gp_init+0x1279/0x1690
[  282.359415][    C0]  ? __pfx_rcu_gp_init+0x10/0x10
[  282.364367][    C0]  ? __pfx_rcu_watching_snap_save+0x10/0x10
[  282.370278][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  282.375577][    C0]  ? _raw_spin_unlock_irqrestore+0xde/0x140
[  282.381494][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  282.387136][    C0]  ? finish_swait+0xdb/0x200
[  282.391734][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  282.396953][    C0]  rcu_gp_kthread+0xa7/0x3b0
[  282.401564][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  282.406784][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  282.412427][    C0]  ? __kthread_parkme+0x1a8/0x200
[  282.417486][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  282.422709][    C0]  kthread+0x7b9/0x940
[  282.426794][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  282.432014][    C0]  ? __pfx_kthread+0x10/0x10
[  282.436608][    C0]  ? __pfx_kthread+0x10/0x10
[  282.441209][    C0]  ? __pfx_kthread+0x10/0x10
[  282.445811][    C0]  ? __pfx_kthread+0x10/0x10
[  282.450411][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  282.456226][    C0]  ? lockdep_hardirqs_on+0x9d/0x150
[  282.461436][    C0]  ? __pfx_kthread+0x10/0x10
[  282.466041][    C0]  ret_from_fork+0x4d/0x80
[  282.470504][    C0]  ? __pfx_kthread+0x10/0x10
[  282.475106][    C0]  ret_from_fork_asm+0x1a/0x30
[  282.479894][    C0]  </TASK>
[  282.482912][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  282.489231][    C0] CPU: 0 UID: 0 PID: 7921 Comm: syz.5.572 Not tainted 6.15.0-rc2-syzkaller-00404-g8560697b23dc #0 PREEMPT(full) 
[  282.501127][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  282.511181][    C0] RIP: 0010:smp_call_function_many_cond+0x1baa/0x2d40
[  282.517967][    C0] Code: b6 04 03 84 c0 75 7e 45 8b 65 00 44 89 e6 83 e6 01 31 ff e8 68 dc 0b 00 41 83 e4 01 4c 8b 64 24 68 75 07 e8 18 d8 0b 00 eb 41 <f3> 90 48 b8 00 00 00 00 00 fc ff df 0f b6 04 03 84 c0 75 11 41 f7
[  282.537590][    C0] RSP: 0018:ffffc90003817780 EFLAGS: 00000246
[  282.543677][    C0] RAX: ffffffff81b6e40d RBX: 1ffff110170e7e91 RCX: 0000000000080000
[  282.551776][    C0] RDX: ffffc9000c362000 RSI: 000000000007ffff RDI: 0000000000080000
[  282.559929][    C0] RBP: ffffc90003817968 R08: ffffffff81b6e3d8 R09: 1ffffffff20bfc8e
[  282.567993][    C0] R10: dffffc0000000000 R11: fffffbfff20bfc8f R12: ffff8880b863ad08
[  282.575970][    C0] R13: ffff8880b873f488 R14: ffff8880b863ad00 R15: 0000000000000001
[  282.583945][    C0] FS:  00007f9ed43386c0(0000) GS:ffff888124f9a000(0000) knlGS:0000000000000000
[  282.592874][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  282.599456][    C0] CR2: 00007f9ed3570c40 CR3: 0000000028336000 CR4: 0000000000350ef0
[  282.607435][    C0] Call Trace:
[  282.610717][    C0]  <TASK>
[  282.613657][    C0]  ? __pfx_has_bh_in_lru+0x10/0x10
[  282.618813][    C0]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[  282.625183][    C0]  ? __pfx_invalidate_bh_lru+0x10/0x10
[  282.630649][    C0]  ? __pfx_has_bh_in_lru+0x10/0x10
[  282.635765][    C0]  on_each_cpu_cond_mask+0x3f/0x80
[  282.640901][    C0]  set_blocksize+0x39b/0x410
[  282.645508][    C0]  sb_set_blocksize+0xb5/0x180
[  282.650284][    C0]  init_nilfs+0x55d/0x790
[  282.654632][    C0]  ? __pfx_init_nilfs+0x10/0x10
[  282.659493][    C0]  ? __init_rwsem+0x122/0x160
[  282.664185][    C0]  nilfs_fill_super+0x10b/0x7b0
[  282.669057][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  282.674704][    C0]  ? __pfx_nilfs_fill_super+0x10/0x10
[  282.680095][    C0]  ? sb_set_blocksize+0x109/0x180
[  282.685133][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  282.690770][    C0]  ? setup_bdev_super+0x4e6/0x5d0
[  282.695814][    C0]  nilfs_get_tree+0x4fb/0x920
[  282.700523][    C0]  ? __pfx_nilfs_get_tree+0x10/0x10
[  282.705746][    C0]  ? rcu_is_watching+0x15/0xb0
[  282.710536][    C0]  ? apparmor_capable+0x13b/0x1b0
[  282.715577][    C0]  vfs_get_tree+0x92/0x2b0
[  282.720014][    C0]  do_new_mount+0x2cf/0xb70
[  282.724547][    C0]  ? __pfx_do_new_mount+0x10/0x10
[  282.729601][    C0]  __se_sys_mount+0x38c/0x400
[  282.734292][    C0]  ? __pfx___se_sys_mount+0x10/0x10
[  282.739504][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  282.745147][    C0]  ? __x64_sys_mount+0x20/0xc0
[  282.749920][    C0]  do_syscall_64+0xf3/0x210
[  282.754437][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.760335][    C0] RIP: 0033:0x7f9ed358f90a
[  282.764755][    C0] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  282.784376][    C0] RSP: 002b:00007f9ed4337e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  282.792809][    C0] RAX: ffffffffffffffda RBX: 00007f9ed4337ef0 RCX: 00007f9ed358f90a
[  282.800795][    C0] RDX: 000020000000b900 RSI: 0000200000000f00 RDI: 00007f9ed4337eb0
[  282.808905][    C0] RBP: 000020000000b900 R08: 00007f9ed4337ef0 R09: 0000000003210052
[  282.816880][    C0] R10: 0000000003210052 R11: 0000000000000246 R12: 0000200000000f00
[  282.824868][    C0] R13: 00007f9ed4337eb0 R14: 0000000000000ebd R15: 000020000000b800
[  282.832871][    C0]  </TASK>