last executing test programs: 5.601664425s ago: executing program 2 (id=688): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000000)=0x10000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000140)={@host, 0x1}) ioctl$IOCTL_VMCI_CTX_REMOVE_NOTIFICATION(r0, 0x7b0, 0x0) 5.532802208s ago: executing program 2 (id=691): openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = syz_io_uring_setup(0x279, &(0x7f0000000300)={0x0, 0x76e2, 0x10000, 0x3}, &(0x7f0000000640)=0x0, &(0x7f0000000600)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r0, 0x2def, 0x0, 0x0, 0x0, 0x0) 5.3095979s ago: executing program 2 (id=693): r0 = socket$inet(0x2, 0x5, 0x0) r1 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x7d, &(0x7f0000000000)=@assoc_value, &(0x7f0000000140)=0x8) 5.077293603s ago: executing program 2 (id=696): r0 = semget$private(0x0, 0x4000000009, 0x208) semop(r0, &(0x7f0000000000)=[{0x0, 0xfffb}, {0x1, 0x0, 0x800}], 0x2) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sysvipc/sem\x00', 0x0, 0x0) read$FUSE(r1, &(0x7f0000001980)={0x2020}, 0x2020) 4.663697052s ago: executing program 1 (id=705): syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./file2\x00', 0x10400, &(0x7f0000000280)={[{@noinline_data}, {@nocheckpoint_merge}, {@alloc_mode_def}, {@checkpoint_diasble}, {@flush_merge}, {@fault_injection={'fault_injection', 0x3d, 0x4f1}}, {@noinline_dentry}, {@noacl}, {@six_active_logs}, {@alloc_mode_def}, {@noextent_cache}, {@compress_chksum}, {@checkpoint_diasble}]}, 0x1, 0x550c, &(0x7f00000089c0)="$eJzs3M1rI2UYAPAn7Xa/XYt48LYDi9DKJjT9WPRWdRc/sEtZ9eBJ0yQN2U0ypUnT2pMHj+LB/0QUPHn0b/Dg2Zt4ULwJSmYmuvUDhKaN3f5+MHnmffPmmecNy8IzUxLAuTWf/PJTKW7ElYiYjYjrEdl5qTgy63l4LiJuRsTMY0epmP9j4mJEXI2IG6Pkec5S8dZnt4e31n588+evv7104drnX303vV0D0/Z8RHR38vP9bh7TVh4fFvO1YTuL3dVhEfM3uo+KcZrH/eZWlmG/Nl5Xy+JKK1+f7uz1R3G7U6uPYqu9nc3v9PIL9oetcZ7sAw9ru9m40dzKYrufZrF1mNd1cJj/33bYH+R5GkW+D7P0MRiMYz7fPGjm+9l5lMV6b1DM53nTRvNgFIdFLC4X9bTTyOrYOs43/f/2Vru3d5AMm7v9dtpL1irVFyvVO+XqbtpoDpqr5Vq3cWc1WWh1RsvKg2atu95K01anWamn3cVkoVWvl6vVZOFuc6td6yXVamWlslReWyzObiev3X836TSShVF8pd3bG7Q7/WQ73U3yTywmy5WVlxaTW9Xk7Y3NZPPBvXsbm++8f/e9+y9vvPFqsehvZb0Qy0vLy+XqUnm5uniO9v9xUXSyMLH9w7GUpl0AwNmj/wem4eT6/90HESff/4f+fyLOVP87LmuC/e953z8ci/4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODc+n7ui9ezk/l8fK2Yf6qYeqYYlyJiJiJ++wezcfFIztkiz9y/rJ/7Sw3flCLLMLrGpeK4GhHrxfHr0yf9LQAAAMCT68uPbn6ad+v5y/y0C+I05TdtZq5/MKF8pYiYm/9hQtlmRi/PTihZ9u/7QhxMKFt2A+vyhJLlt9wuTCrbfzJ7JFx+LJTyMHOq5QAAAKfiaCdwul0IAAAAp+mTaRfAdJRi/Chz/Cw4+8v7Px8IXjkyAgAAAM6g0rQLAAAAAE5c1v/7/T8AAAB4suW//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzOzv3cJg5EcQB+Nnhh/2nRau/byt6gjC1hj3uMKCBNUEAOpIU0QA3klhIiiPA4BCIOkTy2lej7JGcylvnxBsFhZqQBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALt1X68Xt1e/rtjm7fTt5RgMAAABcsq3Wi/qfWep/be5/b279bPpFRJQRcWnuPopPZ5mjJqd6ef7m9PnqVQ13EXXC4T0mzfUlIv401+OPrj8FAAAA+Lg2y9U8zdbTn9nQBdGntGhTfvubKa+IiGr2kCmtPOT9yhRWf7/H8T9TWr2ANc0UlpbcxrnS3qT+uR9X7aYnTZGa8uLLjkVmGzsAANCj0VnT7ywEAACAPv0bugCGUcTzVuZxK3CSmmZ77/NZDwAAAHiHiqELAAAAADpXz/97Ov9v7/w/AAAAGEY6/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAubav1YrNczdvm7Pbt5BkNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwxP68o0AIhEEY7F3fmcz9DysNmpqaVIHw8TcGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX+/OSAiEQBFEwZ/zvpO9/WEnQM4gQAQ2PKmrRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXO/fzGkcVBwD8zc7OxlbFNcoeIqLgQS92u62tvYkHJXjwTxBCuq2xW3+0OdhSxFy8Sc69iB5FBCXe+j/0nEAu8ZbDHiJ4jszszO7kB7j+6Mwm+XzgzfvuMMz7vlkI+c57CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBh+O4kjtNDexQ38nObew+W037rUJ96tL69kLY0jqpM+mR4ufwh6ozDvTqSAQAA4GyIi/o+hLCTbCymfaOd1f9JcU1a83//7Cgu6vnDdX/RF7V/2n77dffF8UDt0TjpTW+sDPoXj6bSfHKznG3P/e0VzezJZ+9e4uwLaXyw9sIwyZ5n9O3jx++1snCuimwBgH/jQtHnQfH7UNr36kwMgDOjWSq8i/o/btebEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAVhmvh6SKOQggLzUmc2tp7sHxc/2h9e6FoVx8+XA9fT+6Z3iIJIdxYGfQvVjqb2Xb33v1bS4NB/071wSshhLpGfyef/q2Pprg4hFqej+D/Cfbn8i97RvI5IUGNP5QAADiVkryldf1OsrGYnovmQ9j/4WD9/3opDlPW/7sfX90sj1Wu/3uVzXD2dVdvf969e+/+myu3l272b/Y/fetS7+3e5WtXrlzrZu9Kut6YAAAA8N+08lau/xvzR9f/z5fiMGX9/8V3va/KY8Xq/2NNFv3qzgQAAOBse/7VP/+IjjkftVrhy6XV1Tu90XH8+dLoWEOq/9hc3sr1fzxfd1YAAABAFYZr0YH1/+ulOEy5/v/Mjy/9XL5nHEI4l6//X1j+bHC9uunMtCr+nLjuOQIAAFCvc3krr/8n2f7/xnjLQyOE8MZrozj/N4BT1f/x+9/8VB6rvP//cnVTnEmNzuh5ZH0nhGan7owAAAA4zZ7KW1rs/55sLH7yy/kPW/b/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFTtrwAAAP//RAE/8A==") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0) getdents64(r0, 0x0, 0x0) 4.591777571s ago: executing program 5 (id=706): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) syz_usb_connect(0x0, 0x2d, &(0x7f0000000880)=ANY=[@ANYBLOB="12010000974281408205050083e50102030109021b0002000000000904000000eca19d000904ba"], 0x0) 4.466025103s ago: executing program 0 (id=709): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020002000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}}, 0x0) syz_emit_ethernet(0xc6, &(0x7f0000000440)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xe}, @val={@val={0x88a8, 0x4, 0x1, 0x2}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0xfffc, 0x0, 0x4, 0x6, 0x0, @multicast1, @private=0xa010102}, {0x0, 0x4, 0x9c, 0x0, @wg=@initiation={0x1, 0x4, "44ad2d7b99c6faa8c453c2416237b50539d7db8c5171d2a1a2de1c95494671d9", "48dd5dde41d9f1fe83cdf1124bc3fffa5b3d7c7f11667eb052c34a293f322a0fb83886c1ecc66eb0005fb69cf6598056", "aa427f6725087d614110cce8251c76e6fcea0276aed216ba86c09374", {"d580995ebd1ccf5ac1a2410cdb63ab45", "b6f9bf187a554122009eb5ee31c58557"}}}}}}}, 0x0) 4.361275977s ago: executing program 0 (id=711): syz_mount_image$nilfs2(&(0x7f0000000040), &(0x7f0000000100)='./file1\x00', 0x3214212, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0, @ANYRES32], 0x7, 0xf11, &(0x7f0000001100)="$eJzs3U1sHNUdAPA368/EJl7zaaCEFFoRKNghidT0FgTqEXHpHRQSGmEoauiBiI/QA6ISokiIU8WBigulUorUSqBKFeqp7alVbz2hXqhUpVKiXhopcWXnvfX62ZNdT9az3t3fT/r77Zs3O///eCNnZnb2bQBGVmPt59GjC0UIH3zx/hOvPVv8bnXZva01Dqz9LGKvGUKYaOsX2fa+iguuXHz1xFZtEQ6v/Uz98OSF1nNnQgjnwoHwZWiGT5eWL33y4eMHP3tr+vZ3zz7/+g7tfku+HwAAMIzO/2X5Hw/+688Pz18+v/94mGotT8fnzdificf9h+KBcjpeboSN/aIt2k1m643FaGTrjWXrjWd5xkvyTWTbmShZb7JDvrG2ZVvtJwAAAAyidF7bDEVjcUO/0VhcvHbev+qrucli8cXTy6fO9KlQAAAAoLL/vrF2060QQgghhBBCiB5G6x7lXVCLEKuxMtff6w8AAADA6MnnC9vkXG9n6mptrdld/guPNbZ+PvRA3f/+5R+s/B+/6S8OAADVDevRZNqvdByd5jHI5xEcy5633eP/Rrad8W3WWTav4KDMN1hWZ/573a3K6t/u69gvZfXn82HuVmX15/N07lZl9U/VXEdVZfVP11xHVWX176m5jqrK6t9bcx1VldU/U3MdVZXVP1tzHVWV1X9TzXVUVVb/vprrqKqs/kG5rbas/mbNdVRVVv98zXVUVVb/zTXXUVVZ/bfUXEdVZfXfWnMd/XJPbNPvYX823n7+nJ/TDco5HgAAAIy6/5n/TwghhBBiCOK2XVCDEEKI3Rxv9PsCBAAAANB36XMB6VPvK1EaH+swPt5hfKLD+GSH8akO4wAAAEAIv3/71J3vFeuf87/R+fDSvFFp/qXtzmOUz0e43fw3Ou9Z2tq1+i9tO/+gzFsGAADAaCm+/+XVh5746OX5y+f3H287+74az3fTPKDj8drA57Gf7guYzfpFOoc+vjFPo2S9/PrATWXbe+oGdxQAAABGWDp/b4Zi7ZS70eo3GouL6+fjC2GiOHV6+eSh2E/fz/KnuYmp1eWP1ls2AAAAsA3r5/tFY3GL8//0Pb4LYbJYfPH08qkz1/qzreUTjfbrAnPry4v26wLNbPnhkuVHYj99f+cP5/asLV888aPlZ3u98wAAADAizrxy9vlnlpdP/njLB+nT7NdbZzsP0ucLtvOsEIrQm+weeOBBtw/6+EcJAADYEV9//f7ET47M/uHa5//X579Ln/8/EPvNOLffX+MK6T6B9DmATZ/Xf3pjnrmy9V7auF4zW28sxlRW93TbdkLbfIPpefNl+ZobtzNZkm8myzeb5cvnKRjP1k/59mXL8/kJ03pz2fJ8HsbxLEeR5b8vAAAAQLmll194aenMK2cfOf3CM8+dfO7ki0cOH/vesWOHHv3uo0tr9/Uvtd/dDwAAAAyi9Zt++10JAAAAAAAAAAAAAAAAAAAAjK46vk6s3/sIAAAAo+4/b4QQzgkhSuLaV2D2frvr30TZ/30Uwxt7dkENQggheh2XrzM2tgvqE0Ls2lhZyb9pHgAAAGBnXbn46on2dpNzRU/ztbYW3429GvOmdvaRv8+vRlrtwmMbr5fs7Wk1jLq6//3LP1j5P36zt/mn04Ou//41Nm7geLW8Dyz9aqE9/13jXebP9/+pavkPZvkfCN3lX/koy/90tfwPZvn3dpl/0/6/VC3/QzH/QuwfvL/b/Btf/6nYpv3Y02X+72T7/2zoNn+2/80uE2YejvkBYBQ1+l3ADklHCek4eib20/7Gw82Q3/2w3eP/Rrad8RuufON203HQHbGfjpdms7zJduufybZ3U8U6c4NyV0lZ/b16HXdaWf0TNddRVVn9kzXXUVVZ/VM111FVWf3TNddRVVn93Z6H9ltZ/YNyXbms/pma66iqrP7Zmuuoqqz+7f4/3i9l9e+ruY6qyuqfq7mOqsrqr3hZrXZl9c/XXEdVZfXfXHMdVZXVf0vNdVRVVv+tNdfRL3fHtux8OJ1/zsWx1G9m/aktfpfDem0BAAAABs2/zf8nBiWOzva/BiGE6Fns2QU1iNGO+O5P3+sQYjhiZeXqyqp+1yHE9WJlpd9XIOinnf00MwC7lb//o83rP9q8/qPN68/1pHv4i6yfjHUYH+8wPtFhfDIbz/+9TnUYvyXb7kqUxm/tMH5bh/F9Hcbv6DC+0GH8zg7jd3UYv7vDOAAAAKPh9tg6PwQAAIDh9dqvP3/ntw88fXH+8vn9x8PkpnnnD8X+VHxv/e3Yz+e9Tybie/4/jf1fxvaPsf1ntr77TwAAAGDnpe+J8f4/AAAADK/0PaXO/wEAAGB4zcfW+T8AAAAMr5tj6/wfAAAAhlgxvfXi2KbrAvfFttt5/QCA3e8bsb0ntvtje29svxnbdBxwf2y/VVN9AEDv/OIHPzv2XrE+3/+RbPxKXJ7aTc5du1JQNDbO5L8ntntj++0u68m/D6Db/Mm+LvPsVP65G8wPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyPxtrPo0cXihA++OL9J34++c7fVpfd21rjwNrPIvaaIYSJ1vPS6Hr/N3HFKxdfPdHeXo1tEQ6HIhSt5eHJC61MMyGEc+FA+DI0w6dLy5c++fDxg5+9NX37u2eff30HfwUb9g8AAACG0f8DAAD//+bVG3I=") syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x84c00, 0x0, 0x0, 0x0, &(0x7f0000000000)) syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./bus/file0\x00', 0x80008, 0x0, 0x0, 0x0, &(0x7f0000000000)) rename(&(0x7f0000000000)='./bus/file0\x00', &(0x7f0000000080)='./file0\x00') 4.080260177s ago: executing program 0 (id=713): syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000080)='./file0\x00', 0xa00004, &(0x7f0000007ac0)={[{@anchor={'anchor', 0x3d, 0x2}}, {@iocharset={'iocharset', 0x3d, 'maciceland'}}, {@utf8}, {@uid}, {@unhide}, {@utf8}, {@unhide}, {@iocharset={'iocharset', 0x3d, 'iso8859-13'}}, {@adinicb}, {@gid_forget}, {@lastblock={'lastblock', 0x3d, 0x5}}, {@iocharset={'iocharset', 0x3d, 'maccroatian'}}, {@anchor={'anchor', 0x3d, 0x2}}]}, 0x1, 0xc4d, &(0x7f0000000f40)="$eJzs3U9sHNd9B/DfGy3FldxWTJwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQwWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xr546nTaZsOhh9AYAOCBuDz2tVNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+/LzQ+e7eak98wH199pn49WxKxcbL83enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvnZr8vr1hcaZ585u2nx74L3+J44PXBh65uTT3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORopnv/+z1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnz32Fq6mt/6UZ2HL1UDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/ijilUjx87dPxLV8n6nuNV+MeKXMH0a8WeaLEan8YpyLeHeb7xGPploU8efl9b+wliar+0H3vnLp642vzlyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcRnIsXL//ZH1bjiqMalH7sw9PsDv9w7ZvypD9lPWfa5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vv2wGwMAAAAAAAAAAAAAAAAAAPCxVsRPI8UL75xIy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIt6PFN/55lqKFBHNiIno5Er/w24dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFDqT0X8IFI0/qB5Z10tIlL1b8eJ8pdz0Txc5iejOVTmi9G8mLNVZa357YfQfnanLxXxk0jRX3/rzgXP17+v8+nO1yDe/NbGp8/WOnmou3Hgvf4njh+7MDTy+ad2Wk7bNWDwUnvm1u3G+PDIyFjP6lo++id71g3k4xZ703UiYuH1N15rTU9Pzd//QvkVuM/q3Su5i6M/yIVUe2SaamEvFqJ2IJrxcPq+Sf1h3JzYd+Xz/91I8dvv/Hv3gd95/tfjlzqf7jzh4xd/svH8f2Hrju7x+V/bWi8//8snwXbP/yd71r2QfzfSV4uoL96c6zseUV94/Y2T7ZutG1M3pmbOnTr1laGhr5w91Xc4on69PT3Vs7QnpwsAAAAAAAAAAAAAAADgwUlF/G6kaP1kLTUi4nY1XmvgwtAzJ58+FIeq8Vabxm2/OnblYuOl2Ztz81MLC1OTjfGZ9rXZyal7PVy9Gu41PjyyL535UEf2uf1H6i/Nzr0+377xh4vbbj9av3h1YXG+dW37zXEkiohm75rBqsHjwyNVo6fbrZmq6ui2g+k/ur5UxH9EimvnGukLeV0e/791hP+m8f9LW3e0h+P/P390Y/zfJ3qKlsdMqYhfRIrf+oun4gtVO4/GXecsl/ubSDF4/nO5XBwuy3Xb0HmvQGdkYFn2fyLFP7y/uWx3POSTG2VPf6ST+wgor/+xSPGDP/te/Hpet/n9D9tf/6Nbd7RP73/4VM+6o5veV7DrrpOv/8lI8eKTb8VvVGv+7wPf/9F9Y8OJTuGN93Ps0/X/1Z51A/m4v7lXnQcAAAAAAAAAAHiE9aUi/jZS/Giklp7P6+7l7/9Nbt3RPv39r0/3rJvcm/mKPnRh1ycVAAAAAA6IvlTETyPFjcW37oyh3jz+u2f85+9sjP8cTlu2Vn/O9yvVewP28s//eg3k407svtsAAAAAAAAAAAAAAAAAAABwoKRUxPN5PvWJajz/5I7zqa9Eipf/69lcLh0vy3XngR+ofq1fnp05eXF6erYei62r01ONsbnWtamy7qcixdpffy7XLar51bvzzXfmeN+Yi30+Uoz8XbdsZy727tzknfnA6+vrEafLsp+IFP/595vL5qmp89zR1X7PlGX/KlJ845+2L3t8o+zZsuz3IsWPv9Holj1alu2+H/XTG2WfuzZb7MNVAQAAAAAAAAAAAAAAAAAA4OOmLxXxp5Hiv28u3xnLn+f/7+v5WHnzWz3z/W9xu5rnf6Ca/3+n5fuZ/796r8DSTkcFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDHU4oi3ogUc5fX0kp/+bmjfqk9c+v2+PDI9tWOpKrmoap8+VM/febsuS8/P3S+mx9cf699Jl4du3Kx8dLszbn5qYWFqcnG+Ez72uzk1D3vYbf1txqsTkDj5mu3Jq9fX2icee7sps23B97rf+L4wIWhZ04+3S07PjwyMtZTptZ330e/S9ph/eEo4i8jxbPf/1n6UX9EEbs/Fx/y3dlvR6pODFadGB8eqToy3W7NLJYbR7snooho9FRqds/RA7gWu9KMWCqbXzZ4sOze2FxrvnV1eqox2ppfbC+2Z2dGU6e1ZX8aUcT5FLEcEav9d++uL4p4LVJ899ha+uf+iEPd8/Cly2NfO3Vm53YU+9jHe1C2s9EXsVw8AtfsAOuPIv4xUvz87RPxL/0Rtej8xBcjXinzhxFvRud6p/KLcS7i3W2+RzyaalHE/5bX/8Jaeru/vB907yuXvt746sz12Z6y3fvKI/98eJAO+L2pHkX8uLrjr6V/9d81AAAAAAAAAAAAAAAAwAFSxK9FihfeOZGq8cF3xhS3Z240rrSuTneG9XXH/nXHTK+vr683UiebOSdyLuVczrmSczVnFLl+zmaZ9fX1ifx5KedyzpWcqznjUK6fs5lzIudSzuWcKzlXc0Yt18/ZzDmRcynncs6VnKs544CM3QMAAAAAAAAAAAAAAAAAAB4vRfVPiu98cy2t93fml56ITq6YD/Sx9/8BAAD//9kg9g0=") r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0) fcntl$setlease(r0, 0x400, 0x1) link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00') 3.99225048s ago: executing program 2 (id=714): syz_mount_image$xfs(&(0x7f0000000040), &(0x7f0000009740)='./file2\x00', 0x4000000, &(0x7f0000000400)={[{@pquota}, {@discard}, {@nolargeio}, {@grpid}, {@noquota}, {@noalign}, {@lazytime}, {@attr2}]}, 0x1, 0x97ee, &(0x7f0000012f40)="$eJzs3QW8rGWheP994ACHDkGwACkxSQkD6VBESVFCkJYUEAGlQwkVFAEFFFCQ7u4u6e7u7o7/58AB8bjgcn9/74XLWuvj2bNn5t2zn3m+87zu2e9mZsl5F51zYGCcgTd68/SfnbPr7csuNuaC6x678+Dr9tphoYeGXTzyGyfjzj7sdI5hp3MODAwMGnY7g964bPBsxxw7wsDggaH/+2djjDraCGMMDIw27Oyw2xmY+Y2T0fd/c7vXhosHOunQb7f9G/9eb8yhNzL0k6WXe2WtgYGBIW/7+qHjmvbf7qi0JeeYb95/Wr3lNsKwqwf987rXTwe/8W/0fQcGRt974J0fH0O3HeltX/u/2dDvOc7kA4vf/j587/9zLTnHfAsM5z90LY447LKZh67x4degseEf5zssuvoDw6Zw0LCJG/y29fJ+PO7/n1pyjnkXHHjndTyw0Dyb3P/a6/vNwXMPDAyeZ2Bg8LwDA4Pne7896j/T+/rgq6qqqvelOeacYehz9hGG+3lgyJs/19LPhRe8PN3dAwODF3rjeeLg5d58LlhVVVVVVVVVH8zmmHOGueD5/zjv9vx/0pO3Hrfn/1VVVVVVVVX/d1pgjjlnGPpcf7jn/xO92/P/xx88dL83/vZ/9pnf+KpX3987UVVVVVVVVVXv2rwL4PP/Sd/t+f9Fx0x6ac//q6qqqqqqqv7vtMhrr7222dteZ2/YxVO/eT09/z/1vluXed8GXFVVVVVVVVX/7V595KTT/vma7xMPDPd676837PcCg4444/LL37eBfjAa9O+/D9n8/R7T/9+GOg85aNKBgbUWf7+HUu9D/2deq77+R8rfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/MW9w/H/t17//9SjVnjzveA/M+UM15/0z698/b3/By+0wCNbvE9Dfz/6sB7/H1ht0MDAMN9xVhsYGFhojkUWm3pgYOCk62eYcoqBt66bZeh1Xx1vxNffIP7N/0xknnH5hjef7I3ToQ+UgfHfuo0jXr/9BV7bZ8RBww3ibY173H77rbrkczMOfzrVO9+PEd76bMxjH3zzv2UZYbiNhrzDF795+2/el+Gdh4196qFjn2b9NdeZZr2NNv7iamsuv8pKq6y01qzTzzTdjLPOOtNM06y82horTfvGx3eas0lf/zjXe5mzMYafs0fmePucDX/f3mnOJn33OXv9Fne5cMg33pyzwf/NOZvr3eds0tWGfaNxZx9pYLnX52bQwMC4c480sOHQM9ONMjAw7jzDtp1o6LZfG2+EgYGd/nlHh342yluPwUGbD91myXkXnfON3dTAwD9P/9k7vJ/9yMNGPvuw0zmGnc75xrcZZ+CfD8XBsx1z7AhD5+JfpmOMUUcbYYyBgdGGnR12OwOzvnEy2slvbvcO77M+3EBff5mV7d/493pjDgwMjD70k4mXP3WboVP/v/A+7f9P////b16zDHrr8Tho2L9h27zhNcd8C/zze70+DUPnbsRhl8081OQ//Nb2/9K/jXfSIQOTvst43+V1cV6PHl9rnDTBlv+p18Wh8U70LuN9l9fxfcfxLnH37g+8cVP/sfEOt69b8PWPs7+Xfd3Au+/rRqQbWOmSTw2/r/vWOw/xX3aXb87RKMNt9E77uon2nGTzobc/+7vv6xYcOvaR/mVfN8LAwLhzvbmvG7rjm3ekgZ2Gnpl+6Jn5Rho4YOiZGV4/M+rAGUPPfGmFtddYcegF8//742DqQf/yB5qwzuYdbp0Nett9HzTc33cOfuN09H3ffA+nd9hvDhp2t/7LfQU9bsd5l/G+y/tP4TwPvWzFI4dM8J96/yka75B3H+87vV/2O453x2dPvf0/PN631tlIb5uu+d/LOpv0X9fZ0Ls44ttWxnv9OWxF2P6Nzyd669Y22PTBt36mGGm42/2vfqaY/93X2TirDfd12+09MOjd5ma+9zI3n/y3fdAWb5+b9/rz1tSTv3H9iO8yN6PMuuxUb87NyP/NuZnvvzs3sw+M+K9zM3hgnoGBgSmG7R/mfS9zM9G7z817fdyMBtu/8flKb1009w4Hnffm3Aw/F//V3Mz7352bSd963Ezx+nWTjTAw8sgDGy6//vrrTvfGxzfPTv/Gx3dfg3O/l7kc5z8zlx8f/E5z+c+H6hh3X7rvf7EG/22f/ubtz/3fncuBt+ZyYLXhF0t9UOv3f+7yd5e/u/zd5e8uf3f5i3uH4/9vvf7/buN8dedhv9wY6dJJJtz2/R7v+9yH+vj/MN9/Of6/7YSTXDrCwFvXvevx2Te2+UAen535jZPR939zu+GPD/JA3/n47N6zzrz1/9Lx2f+n3lyr7+H3cO3/3eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/uLe4fj/tG/+HcB90y385LADoSM9tNVSC7/f432f+1Af/x/m+y/H/xdeaquHRhh467p3Pf7/xjaO4/93vjTvjh/k4/9vrtWO/9d/Uf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3lL+4djv/P/ubfARx66O4bv/n3AFePu/1J7/d43+c+rMf/e/9/b+3/3eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/uKGHf8fGO7tLb/b4wKD4///t3sH/4Xzxyz+i+SPWfwXzR+z+C+WP2bxXzx/zOK/RP6Yxf97+WMW/yXzxyz+388fs/j/IH/M4r9U/pjFf+n8MYv/MvljFv9l88cs/j/MH7P4L5c/ZvFfPn/M4v+j/DGL/wr5Yxb/FfPHLP4r5Y9Z/FfOH7P4r5I/ZvFfNX/M4r9a/pjF/8f5Yxb/1fPHLP5r5I9Z/NfMH7P4r5U/ZvFfO3/M4r9O/pjF/yf5Yxb/dfPHLP7r5Y9Z/NfPH7P4/zR/zOK/Qf6Yxf9n+WMW/w3zxyz+G+WPWfw3zh+z+P88f8zi/4v8MYv/JvljFv9N88cs/pvlj1n8N88fs/hvkT9m8d8yf8ziv1X+mMV/6/wxi/82+WMW/23zxyz+v8wfs/j/Kn/M4r9d/pjFf/v8MYv/DvljFv8d88cs/r/OH7P4/yZ/zOL/2/wxi/9O+WMW/53zxyz+v8sfs/j/Pn/M4r9L/pjF/w/5Yxb/XfPHLP675Y9Z/HfPH7P4/zF/zOL/p/wxi/8e+WMW/z3zxyz+e+WPWfz/nD9m8f9L/pjFf+/8MYv/PvljFv9988cs/n/NH7P4/y1/zOK/X/6YxX///DGL/9/zxyz+B+SPWfwPzB+z+B+UP2bxPzh/zOJ/SP6Yxf/Q/DGL/2H5Yxb/w/PHLP5H5I9Z/I/MH7P4H5U/ZvE/On/M4n9M/pjF/9j8MYv/cfljFv/j88cs/ifkj1n8T8wfs/iflD9m8T85f8zif0r+mMX/1Pwxi/9p+WMW/9Pzxyz+Z+SPWfzPzB+z+J+VP2bxPzt/zOJ/Tv6Yxf/c/DGL/3n5Yxb/8/PHLP4X5I9Z/C/MH7P4X5Q/ZvH/R/6Yxf/i/DGL/yX5Yxb/S/PHLP6X5Y9Z/C/PH7P4X5E/ZvG/Mn/M4n9V/pjF/+r8MYv/NfljFv9r88cs/tflj1n8r88fs/jfkD9m8b8xf8zif1P+mMX/5vwxi/8t+WMW/1vzxyz+t+WPWfxvzx+z+N+RP2bxvzN/zOJ/V/6Yxf/u/DGL/z35Yxb/e/PHLP735Y9Z/O/PH7P4P5A/ZvF/MH/M4v9Q/pjF/+H8MYv/I/ljFv9H88cs/o/lj1n8H88fs/g/kT9m8X8yf8zi/1T+mMX/6fwxi/8z+WMW/2fzxyz+z+WPWfyfzx+z+L+QP2bxfzF/zOL/Uv6Yxf/l/DGL/yv5Yxb/V/PHLP6v5Y9J/AcN5I9Z/Aflj1n8R8gfs/iPmD9m8R+cP2bxHyl/zOI/cv6YxX+U/DGL/5D8MYv/qPljFv/R8scs/qPnj1n8x8gfs/iPmT9m8R8rf8ziP3b+mMV/nPwxi/+4+WMW//Hyxyz+H8kfs/iPnz9m8Z8gf8zi/9H8MYv/hPljFv+J8scs/h/LH7P4fzx/zOL/ifwxi/8n88cs/p/KH7P4T5w/ZvGfJH/M4j9p/pjF/9P5Yxb/yd70H/I+jesDmsV/8tY/ZvGfIn/M4j9l/pjFf6r8MYv/Z/LHLP5T549Z/D+bP2bx/1z+mMX/8/ljFv8v5I9Z/L+YP2bx/1L+mMV/mvwxi/+0+WMW/+nyxyz+0+ePWfxnyB+z+M+YP2bx/3L+mMV/pvwxi//M+WMW/1nyxyz+s+aPWfy/kj9m8f9q/pjF/2v5Yxb/r+ePWfxnyx+z+H8jf8ziP3v+mMV/jvwxi/+c+WMW/7nyxyz+c+ePWfznyR+z+M+bP2bxny9/zOI/f/6YxX+B/DGL/zfzxyz+38ofs/gvmD9m8f92/pjFf6H8MYv/d/LHLP7fzR+z+C+cP2bxXyR/zOK/aP6YxX+x/DGL/+L5Yxb/JfLHLP7fyx+z+C+ZP2bx/37+mMX/B/ljFv+l8scs/kvnj1n8l8kfs/gvmz9m8f9h/pjFf7n8MYv/8vljFv8f5Y9Z/FfIH7P4r5g/ZvFfKX/M4r9y/pjFf5X8MYv/qvljFv/V8scs/j/OH7P4r54/ZvFfI3/M4r9m/pjFf638MYv/2vljFv918scs/j/JH7P4r5s/ZvFfL3/M4r9+/pjF/6f5Yxb/DfLHLP4/yx+z+G+YP2bx3yh/zOK/cf6Yxf/n+WMW/1/kj1n8N8kfs/hvmj9m8d8sf8ziv3n+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfy3yR+z+G+bP2bx/2X+mMX/V/ljFv/t8scs/tvnj1n8d8gfs/jvmD9m8f91/pjF/zf5Yxb/3+aPWfx3yh+z+O+cP2bx/13+mMX/9/ljFv9d8scs/n/IH7P475o/ZvHfLX/M4r97/pjF/4/5Yxb/P+WPWfz3yB+z+O+ZP2bx3yt/zOL/5/wxi/9f8scs/nvnj1n898kfs/jvmz9m8f9r/pjF/2/5Yxb//fLHLP77549Z/P/+r/73/q+P6wOaxf+A1j9m8T8wf8zif1D+mMX/4Pwxi/8h+WMW/0Pzxyz+h+WPWfwPzx+z+B+RP2bxPzJ/zOJ/VP6Yxf/o/DGL/zH5Yxb/Y/PHLP7H5Y9Z/I/PH7P4n5A/ZvE/MX/M4n9S/pjF/+T8MYv/KfljFv9T88cs/qflj1n8T88fs/ifkT9m8T8zf8zif1b+mMX/7Pwxi/85+WMW/3Pzxyz+5+WPWfzPzx+z+F+QP2bxvzB/zOJ/Uf6YxP/18v/3JP6DLs4fs/hfkj9m8b80f8zif1n+mMX/8vwxi/8V+WMW/yvzxyz+V+WPWfyvzh+z+F+TP2bxvzZ/zOJ/Xf6Yxf/6/DGL/w35Yxb/G/PHLP435Y9Z/G/OH7P435I/ZvG/NX/M4n9b/pjF//b8MYv/HfljFv8788cs/nflj1n8784fs/jfkz9m8b83f8zif1/+mMX//vwxi/8D+WMW/wfzxyz+D+WPWfwfzh+z+D+SP2bxfzR/zOL/WP6Yxf/x/DGL/xP5Yxb/J/PHLP5P5Y9Z/J/OH7P4P5M/ZvF/Nn/M4v9c/pjF//n8MYv/C/mPTBda/F/MH7P4v5Q/ZvF/OX/M4v9K/pjF/9X8MYv/a/ljEv/XP83/37P4D8ofs/iPkD9m8R8xf8ziPzh/zOI/Uv6YxX/k/DGL/yj5Yxb/IfljFv9R88cs/qPlj1n8R88fs/iPkT9m8R8zf8ziP1b+mMV/7Pwxi/84+WMW/3Hzxyz+4+WPWfw/kj9m8R8/f8ziP0H+mMX/o/ljFv8J88cs/hPlj1n8P5Y/ZvH/eP6Yxf8T+WMW/0/mj1n8P5U/ZvGfOH/M4j9J/pjFf9L8MYv/p/PHLP6T5Y9Z/CfPH7P4T5E/ZvGfMn/M4j9V/pjF/zP5Yxb/qfPHLP6fzR+z+H8uf8zi//n8MYv/F/LHLP5fzB+z+H8pf8ziP03+mMV/2vyxQefsOtLAwMCH3n+6/DHL+p8+f8ziP0P+mMV/xvwxi/+X88cs/jPlj1n8Z84fs/jPkj9m8Z81f8zi/5X8MYv/V/PHLP5fyx+z+H89f8ziP1v+mMX/G/ljFv/Z88cs/nPkj1n858wfs/jPlT9m8Z87f8ziP0/+mMV/3vwxi/98+WMW//nzxyz+C+SPWfy/mT9m8f9W/pjFf8H8MYv/t/PHLP4L5Y9Z/L+TP2bx/27+mMV/4fwxi/8i+WMW/0Xzxyz+i+WPWfwXzx+z+C+RP2bx/17+mMV/yfwxi//388cs/j/IH7P4L5U/ZvFfOn/M4r9M/pjFf9n8MYv/D/PHLP7L5Y9Z/JfPH7P4/yh/zOK/Qv6YxX/F/DGL/0r5Yxb/lfPHLP6r5I9Z/FfNH7P4r5Y/ZvH/cf6YxX/1/DGL/xr5Yxb/NfPHLP5r5Y9Z/NfOH7P4r5M/ZvH/Sf6YxX/d/DGL/3r5Yxb/9fPHLP4/zR+z+G+QP2bx/1n+mMV/w/wxi/9G+WMW/43zxyz+P88fs/j/In/M4r9J/pjFf9P8MYv/ZvljFv/N88cs/lvkj1n8t8wfs/hvlT9m8d86f8ziv03+mMV/2/wxi/8v88cs/r/KH7P4b5c/ZvHfPn/M4r9D/pjFf8f8MYv/r/PHLP6/yR+z+P82f8ziv1P+mMV/5/wxi//v8scs/r/PH7P475I/ZvH/Q/6YxX/X/DGL/275Yxb/3fPHLP5/zB+z+P8pf8ziv0f+mMV/z/wxi/9e+WMW/z/nj1n8/5I/ZvHfO3/M4r9P/pjFf9/8MYv/X/PHLP5/yx+z+O+XP2bx3z9/zOL/9/wxi/8B+WMW/wPzxyz+B+WPWfwPzh+z+B+SP2bxPzR/zOJ/WP6Yxf/w/DGL/xH5Yxb/I/PHLP5H5Y9Z/I/OH7P4H5M/ZvE/Nn/M4n9c/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/ifkj9m8T81f8zif1r+mMX/9Pwxi/8Z+WMW/zPzxyz+Z+WPWfzPzh+z+J+TP2bxPzd/zOJ/Xv6Yxf/8/DGL/wX5Yxb/C/PHLP4X5Y9Z/P+RP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4X5U/ZvG/On/M4n9N/pjF/9r8MYv/dfljFv/r88cs/jfkj1n8b8wfs/jflD9m8b85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+d+SPWfzvzB+z+N+VP2bxvzt/zOJ/T/6Yxf/e/DGL/335Yxb/+/PHLP4P5I9Z/B/MH7P4P5Q/ZvF/OH/M4v9I/pjF/9H8MYv/Y/ljFv/H88cs/k/kj1n8n8wfs/g/lT9m8X86f8zi/0z+mMX/2fwxi/9z+WMW/+fzxyz+L+SPWfxfzB+z+L+UP2bxfzl/zOL/Sv6Yxf/V/DGL/2v5YxL/EQfyxyz+g/LHLP4j5I9Z/EfMH7P4D84fs/iPlD9m8R85f8ziP0r+mMV/SP6YxX/U/DGL/2j5Yxb/0fPHLP5j5I9Z/MfMH7P4j5U/ZvEfO3/M4j9O/pjFf9z8MYv/ePljFv+P5I9Z/MfPH7P4T5A/ZvH/aP6YxX/C/DGL/0T5Yxb/j+WPWfw/nj9m8f9E/pjF/5P5Yxb/T+WPWfwnzh+z+E+SP2bxnzR/zOL/6fwxi/9k+WMW/8nzxyz+U+SPWfynzB+z+E+VP2bx/0z+mMV/6vwxi/9n88cs/p/LH7P4fz5/zOL/hfwxi/8X88cs/l/KH7P4T5M/ZvGfNn/M4j9d/pjFf/r8MYv/DPljFv8Z88cs/l/OH7P4z5Q/ZvGfOX/M4j9L/pjFf9b8MYv/V/LHLP5fzR+z+H8tf8zi//X8MYv/bPljFv9v5I9Z/GfPH7P4z5E/ZvGfM3/M4j9X/pjFf+78MYv/PPljFv9588cs/vPlj1n8588fs/gvkD9m8f9m/pjF/1v5Yxb/BfPHLP7fzh+z+C+UP2bx/07+mMX/u/ljFv+F88cs/ovkj1n8F80fs/gvlj9m8V88f8ziv0T+mMX/e/ljFv8l88cs/t/PH7P4/yB/zOK/VP6YxX/p/DGL/zL5Yxb/ZfPHLP4/zB+z+C+XP2bxXz5/zOL/o/wxi/8K+WMW/xXzxyz+K+WPWfxXzh+z+K+SP2bxXzV/zOK/Wv6Yxf/H+WMW/9Xzxyz+a+SPWfzXzB+z+K+VP2bxXzt/zOK/Tv6Yxf8n+WMW/3Xzxyz+6+WPWfzXzx+z+P80f8ziv0H+mMX/Z/ljFv8N88cs/hvlj1n8N84fs/j/PH/M4v+L/DGL/yb5Yxb/TfPHLP6b5Y9Z/DfPH7P4b5E/ZvHfMn/M4r9V/pjFf+v8MYv/NvljFv9t88cs/r/MH7P4/yp/zOK/Xf6YxX/7/DGL/w75Yxb/HfPHLP6/zh+z+P8mf8zi/9v8MYv/TvljFv+d88cs/r/LH7P4/z5/zOK/S/6Yxf8P+WMW/13zxyz+u+WPWfx3zx+z+P8xf8zi/6f8MYv/HvljFv8988cs/nvlj1n8/5w/ZvH/S/6YxX/v/DGL/z75Yxb/ffPHLP5/zR+z+P8tf8ziv1/+mMV///wxi//f88cs/gfkj1n8D8wfs/gflD9m8T84f8zif0j+mMX/0Pwxi/9h+WMW/8Pzxyz+R+SPWfyPzB+z+B+VP2bxPzp/zOJ/TP6Yxf/Y/DGL/3H5Yxb/4/PHLP4n5I9Z/E/MH7P4n5Q/ZvE/OX/M4n9K/pjF/9T8MYv/afljFv/T88cs/mfkj1n8z8wfs/iflT9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+F+SPWfwvzB+z+F+UP2bx/0f+mMX/4vwxi/8l+WMW/0vzxyz+l+WPWfwvzx+z+F+RP2bxvzJ/zOJ/Vf6Yxf/q/DGL/zX5Yxb/a/PHLP7X5Y9Z/K/PH7P435A/ZvG/MX/M4n9T/pjF/+b8MYv/LfljFv9b88cs/rflj1n8b88fs/jfkT9m8b8zf8zif1f+mMX/7vwxi/89+WMW/3vzxyz+9+WPWfzvzx+z+D+QP2bxfzB/zOL/UP6Yxf/h/DGL/yP5Yxb/R/PHLP6P5Y9Z/B/PH7P4P5E/ZvF/Mn/M4v9U/pjF/+n8MYv/M/ljFv9n88cs/s/lj1n8n88fs/i/kD9m8X8xf8zi/1L+mMX/5fwxi/8r+WMW/1fzxyz+r+WPSfwHD+SPWfwHvTf/kf/HxvUBzeI/Qusfs/iPmD9m8R+cP2bxHyl/zOI/cv6YxX+U/DGL/5D8MYv/qPljFv/R8scs/qPnj1n8x8gfs/iPmT9m8R8rf8ziP3b+mMV/nPwxi/+4+WMW//Hyxyz+H8kfs/iPnz9m8Z8gf8zi/9H8MYv/hPljFv+J8scs/h/LH7P4fzx/zOL/ifwxi/8n88cs/p/KH7P4T5w/ZvGfJH/M4j9p/pjF/9P5Yxb/yfLHLP6T549Z/KfIH7P4T5k/ZvGfKn/M4v+Z/DGL/9T5Yxb/z+aPWfw/lz9m8f98/pjF/wv5Yxb/L+aPWfy/lD9m8Z8mf8ziP23+mMV/uvwxi//0+WMW/xnyxyz+M+aPWfy/nD9m8Z8pf8ziP3P+mMV/lvwxi/+s+WMW/6/kj1n8v5o/ZvH/Wv6Yxf/r+WMW/9nyxyz+38gfs/jPnj9m8Z8jf8ziP2f+mMV/rvwxi//c+WMW/3nyxyz+8+aPWfznyx+z+M+fP2bxXyB/zOL/zfwxi/+38scs/gvmj1n8v50/ZvFfKH/M4v+d/DGL/3fzxyz+C+ePWfwXyR+z+C+aP2bxXyx/zOK/eP6YxX+J/DGL//fyxyz+S+aPWfy/nz9m8f9B/pjFf6n8MYv/0vljFv9l8scs/svmj1n8f5g/ZvFfLn/M4r98/pjF/0f5Yxb/FfLHLP4r5o9Z/FfKH7P4r5w/ZvFfJX/M4r9q/pjFf7X8MYv/j/PHLP6r549Z/NfIH7P4r5k/ZvFfK3/M4r92/pjFf538MYv/T/LHLP7r5o9Z/NfLH7P4r58/ZvH/af6YxX+D/DGL/8/yxyz+G+aPWfw3yh+z+G+cP2bx/3n+mMX/F/ljFv9N8scs/pvmj1n8N8sfs/hvnj9m8d8if8ziv2X+mMV/q/wxi//W+WMW/23yxyz+2+aPWfx/mT9m8f9V/pjFf7v8MYv/9vljFv8d8scs/jvmj1n8f50/ZvH/Tf6Yxf+3+WMW/53yxyz+O+ePWfx/lz9m8f99/pjFf5f8MYv/H/LHLP675o9Z/HfLH7P4754/ZvH/Y/6Yxf9P+WMW/z3yxyz+e+aPWfz3yh+z+P85f8zi/5f8MYv/3vljFv998scs/vvmj1n8/5o/ZvH/W/6YxX+//DGL//75Yxb/v+ePWfwPyB+z+B+YP2bxPyh/zOJ/cP6Yxf+Q/DGL/6H5Yxb/w/LHLP6H549Z/I/IH7P4H5k/ZvE/Kn/M4n90/pjF/5j8MYv/sfljFv/j8scs/sfnj1n8T8gfs/ifmD9m8T8pf8zif3L+mMX/lPwxi/+p+WMW/9Pyxyz+p+ePWfzPyB+z+J+ZP2bxPyt/zOJ/dv6Yxf+c/DGL/7n5Yxb/8/LHLP7n549Z/C/IH7P4X5g/ZvG/KH/M4v+P/DGL/8X5Yxb/S/LHLP6X5o9Z/C/LH7P4X54/ZvG/In/M4n9l/pjF/6r8MYv/1fljFv9r8scs/tfmj1n8r8sfs/hfnz9m8b8hf8zif2P+mMX/pvwxi//N+WMW/1vyxyz+t+aPWfxvyx+z+N+eP2bxvyN/zOJ/Z/6Yxf+u/DGL/935Yxb/e/LHLP735o9Z/O/LH7P4358/ZvF/IH/M4v9g/pjF/6H8MYv/w/ljFv9H8scs/o/mj1n8H8sfs/g/nj9m8X8if8zi/2T+mMX/qfwxi//T+WMW/2fyxyz+z+aPWfyfyx+z+D+fP2bxfyF/zOL/Yv6Yxf+l/DGL/8v5Yxb/V/LHLP6v5o9Z/F/LH5P4jzSQP2bxH5Q/ZvEfIX/M4j9i/pjFf3D+mMV/pPwxi//I+WMW/1Hyxyz+Q/LHLP6j5o9Z/EfLH7P4j54/ZvEfI3/M4j9m/pjFf6z8MYv/2PljFv9x8scs/uPmj1n8x8sfs/h/JH/M4j9+/pjFf4L8MYv/R/PHLP4T5o9Z/CfKH7P4fyx/zOL/8fwxi/8n8scs/p/MH7P4fyp/zOI/cf6YxX+S/DGL/6T5Yxb/T+ePWfwnyx+z+E+eP2bxnyJ/zOI/Zf6YxX+q/DGL/2fyxyz+U+ePWfw/mz9m8f9c/pjF//P5Yxb/L+SPWfy/mD9m8f9S/pjFf5r8MYv/tPljFv/p8scs/tPnj1n8Z8gfs/jPmD9m8f9y/pjFf6b8MYv/zPljFv9Z8scs/rPmj1n8v5I/ZvH/av6Yxf9r+WMW/6/nj1n8Z8sfs/h/I3/M4j97/pjFf478MYv/nPljFv+58scs/nPnj1n858kfs/jPmz9m8Z8vf8ziP3/+mMV/gfwxi/8388cs/t/KH7P4L5g/ZvH/dv6YxX+h/DGL/3fyxyz+33X5D36vG1r8F3b5v+cs/ovkj1n8F80fs/gvlj9m8V88f8ziv0T+mMX/e/ljFv8l88cs/t/PH7P4/yB/zOK/VP6YxX/p/DGL/zL5Yxb/ZfPHLP4/zB+z+C+XP2bxXz5/zOL/o/wxi/8K+WMW/xXzxyz+K+WPWfxXzh+z+K+SP2bxXzV/zOK/Wv6Yxf/H+WMW/9Xzxyz+a+SPWfzXzB+z+K+VP2bxXzt/zOK/Tv6Yxf8n+WMW/3Xzxyz+6+WPWfzXzx+z+P80f8ziv0H+mMX/Z/ljFv8N88cs/hvlj1n8N84fs/j/PH/M4v+L/DGL/yb5Yxb/TfPHLP6b5Y9Z/DfPH7P4b5E/ZvHfMn/M4r9V/pjFf+v8MYv/NvljFv9t88cs/r/MH7P4/yp/zOK/Xf6YxX/7/DGL/w75Yxb/HfPHLP6/zh+z+P8mf8zi/9v8MYv/TvljFv+d88cs/r/LH7P4/z5/zOK/S/6Yxf8P+WMW/13zxyz+u+WPWfx3zx+z+P8xf8zi/6f8MYv/HvljFv8988cs/nvlj1n8/5w/ZvH/S/6YxX/v/DGL/z75Yxb/ffPHLP5/zR+z+P8tf8ziv1/+mMV///wxi//f88cs/gfkj1n8D8wfs/gflD9m8T84f8zif0j+mMX/0Pwxi/9h+WMW/8Pzxyz+R+SPWfyPzB+z+B+VP2bxPzp/zOJ/TP6Yxf/Y/DGL/3H5Yxb/4/PHLP4n5I9Z/E/MH7P4n5Q/ZvE/OX/M4n9K/pjF/9T8MYv/afljFv/T88cs/mfkj1n8z8wfs/iflT9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+F+SPWfwvzB+z+F+UP2bx/0f+mMX/4vwxi/8l+WMW/0vzxyz+l+WPWfwvzx+z+F+RP2bxvzJ/zOJ/Vf6Yxf/q/DGL/zX5Yxb/a/PHLP7X5Y9Z/K/PH7P435A/ZvG/MX/M4n9T/pjF/+b8MYv/LfljFv9b88cs/rflj1n8b88fs/jfkT9m8b8zf8zif1f+mMX/7vwxi/89+WMW/3vzxyz+9+WPWfzvzx+z+D+QP2bxfzB/zOL/UP6Yxf/h/DGL/yP5Yxb/R/PHLP6P5Y9Z/B/PH7P4P5E/ZvF/Mn/M4v9U/pjF/+n8MYv/M/ljFv9n88cs/s/lj1n8n88fs/i/kD9m8X8xf8zi/1L+mMX/5fwxi/8r+WMW/1fzxyz+r+WPSfxHHsgfs/gPyh+z+I+QP2bxHzF/zOI/OH/M4j9S/pjFf+T8MYv/KPljFv8h+WMW/1Hzxyz+o+WPWfxHzx+z+I+RP2bxHzN/zOI/Vv6YxX/s/DGL/zj5Yxb/cfPHLP7j5Y9Z/D+SP2bxHz9/zOI/Qf6Yxf+j+WMW/wnzxyz+E+WPWfw/lj9m8f94/pjF/xP5Yxb/T+aPWfw/lT9m8Z84f8ziP0n+mMV/0vwxi/+n88cs/pPlj1n8J88fs/hPkT9m8Z8yf8ziP1X+mMX/M/ljFv+p88cs/p/NH7P4fy5/zOL/+fwxi/8X8scs/l/MH7P4fyl/zOI/Tf6YxX/a/DGL/3T5Yxb/6fPHLP4z5I9Z/GfMH7P4fzl/zOI/U/6YxX/m/DGL/yz5Yxb/WfPHLP5fyR+z+H81f8zi/7X8MYv/1/PHLP6z5Y9Z/L+RP2bxn/2/9h/lf3RcH9As/nO0/jGL/5z5Yxb/ufLHLP5z549Z/OfJH7P4z5s/ZvGfL3/M4j9//pjFf4H8MYv/N/PHLP7fyh+z+C+YP2bx/3b+mMV/ofwxi/938scs/t/NH7P4L5w/ZvFfJH/M4r9o/pjFf7H8MYv/4vljFv8l8scs/t/LH7P4L5k/ZvH/fv6Yxf8H+WMW/6Xyxz6k/oOGsx556fyxD6n/6719/S+TP2bxXzZ/zOL/w/wxi/9y+WMW/+Xzxyz+P8ofs/ivkD826JxBw2bmw+2/Yv6YZf2vlD9m8V85f8ziv0r+mMV/1fwxi/9q+WMW/x/nj1n8V88fs/ivkT9m8V8zf8ziv1b+mMV/7fwxi/86+WMW/5/kj1n8180fs/ivlz9m8V8/f8zi/9P8MYv/BvljFv+f5Y9Z/DfMH7P4b5Q/ZvHfOH/M4v/z/DGL/y/yxyz+m+SPWfw3zR+z+G+WP2bx3zx/zOK/Rf6YxX/L/DGL/1b5Yxb/rfPHLP7b5I9Z/LfNH7P4/zJ/zOL/q/wxi/92+WMW/+3zxyz+O+SPWfx3zB+z+P86f8zi/5v8MYv/b/PHLP475Y9Z/HfOH7P4/y5/zOL/+/wxi/8u+WMW/z/kj1n8d80fs/jvlj9m8d89f8zi/8f8MYv/n/LHLP575I9Z/PfMH7P475U/ZvH/c/6Yxf8v+WMW/73zxyz+++SPWfz3zR+z+P81f8zi/7f8MYv/fvljFv/988cs/n/PH7P4H5A/ZvE/MH/M4n9Q/pjF/+D8MYv/IfljFv9D88cs/oflj1n8D88fs/gfkT9m8T8yf8zif1T+mMX/6Pwxi/8x+WMW/2Pzxyz+x+WPWfyPzx+z+J+QP2bxPzF/zOJ/Uv6Yxf/k/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4n5E/ZvE/M3/M4n9W/pjF/+z8MYv/OfljFv9z88cs/uflj1n8z88fs/hfkD9m8b8wf8zif1H+mMX/H/ljFv+L88cs/pfkj1n8L80fs/hflj9m8b88f8zif0X+mMX/yvwxi/9V79F/8P/UuD6gWfyvbv1jFv9r8scs/tfmj1n8r8sfs/hfnz9m8b8hf8zif2P+mMX/pvwxi//N+WMW/1vyxyz+t+aPWfxvyx+z+N+eP2bxvyN/zOJ/Z/6Yxf+u/DGL/935Yxb/e/LHLP735o9Z/O/LH7P4358/ZvF/IH/M4v9g/pjF/6H8MYv/w/ljFv9H8scs/o/mj1n8H8sfs/g/nj9m8X8if8zi/2T+mMX/qfwxi//T+Q+MCpdZ/J/JH7P4P5s/ZvF/Ln/M4v98/pjF/4X8MYv/i/ljFv+X8scs/i/nj1n8X8kfs/i/mj9m8X8tf0ziP8pA/pjFf1D+mMV/hPwxi/+I+WMW/8H5Yxb/kfLHLP4j549Z/EfJH7P4D8kfs/iPmj9m8R8tf8ziP3r+mMV/jPwxi/+Y+WMW/7Hyxyz+Y+ePWfzHyR+z+I+b/7CG/Ms5i/94+WMW/4/kj1n8x88fs/hPkD9m8f9o/pjFf8L8MYv/RPljFv+P5Y9Z/D+eP2bx/0T+mMX/k/ljFv9P5Y9Z/CfOH7P4T5I/ZvGfNH/M4v/p/DGL/2T5Yxb/yfPHLP5T5I9Z/KfMH7P4T5U/ZvH/TP6YxX/q/DGL/2fzxyz+n8sfs/h/Pn/M4v+F/DGL/xfzxyz+X8ofs/hPkz9m8Z82f8ziP13+mMV/+vwxi/8M+WMW/xnzxyz+X84fs/jPlD9m8Z85f8ziP0v+mMV/1vwxi/9X8scs/l/NH7P4fy1/zOL/9fwxi/9s+WMW/2/kj1n8Z88fs/jPkT9m8Z8zf8ziP1f+mMV/7vwxi/88+WMW/3nzxyz+8+WPWfznzx+z+C+QP2bx/2b+mMX/W/ljFv8F88cs/t/OH7P4L5Q/ZvH/Tv6Yxf+7+WMW/4Xzxyz+i+SPWfwXzR+z+C+WP2bxXzx/zOK/RP6Yxf97+WMW/yXzxyz+388fs/j/IH/M4r9U/pjFf+n8MYv/MvljFv9l88cs/j/MH7P4L5c/ZvFfPn/M4v+j/DGL/wr5Yxb/FfPHLP4r5Y9Z/FfOH7P4r5I/ZvFfNX/M4r9a/pjF/8f5Yxb/1fPHLP5r5I9Z/NfMH7P4r5U/ZvFfO3/M4r9O/pjF/yf5Yxb/dfPHLP7r5Y9Z/NfPH7P4/zR/zOK/Qf6Yxf9n+WMW/w3zxyz+G+WPWfw3zh+z+P88f8zi/4v8MYv/JvljFv9N88cs/pvlj1n8N88fs/hvkT9m8d8yf8ziv1X+mMV/6/wxi/826N8jwuK/bdqYxf+X+WMW/1/lj1n8t8sfs/hvnz9m8d/hDf9XXnu/xvUBzeK/Y+sfs/j/On/M4v+b/DGL/2/zxyz+O+WPWfx3zh+z+P8uf8zi//v8MYv/LvljFv8/5I9Z/HfNH7P475Y/ZvHfPX/M4v/H/DGL/5/yxyz+e+SPWfz3zB+z+O+VP2bx//N78h/pf25cH9As/n9p/WMW/73zxyz+++SPWfz3zR+z+P81f8zi/7f8MYv/fvljFv/988cs/n/PH7P4H5A/ZvE/MH/M4n9Q/pjF/+D8MYv/IfljFv9D88cs/oflj1n8D88fs/gfkT9m8T8yf8zif1T+mMX/6Pwxi/8x+WMW/2Pzxyz+x+WPWfyPzx+z+J+QP2bxPzF/zOJ/Uv6Yxf/k/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4n5E/ZvE/M3/M4n9W/pjF/+z8MYv/OfljFv9z88cs/uflj1n8z88fs/hfkD9m8b8wf8zif1H+mMX/H/ljFv+L88cs/pfkj1n8L80fs/hflj9m8b88f8zif0X+mMX/yvwxi/9V+WMW/6vzxyz+1+SPWfyvzR+z+F+XP2bxvz5/zOJ/Q/6Yxf/G/DGL/035Yxb/m/PHLP635I9Z/G/NH7P435Y/ZvG/PX/M4n9H/pjF/878MYv/XfljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8zi/0D+mMX/wfwxi/9D+WMW/4fzxyz+j+SPWfwfzR+z+D+WP2bxfzx/zOL/RP6Yxf/J/DGL/1P5Yxb/p/PHLP7P5I9Z/J/NH7P4P5c/ZvF/Pn/M4v9C/pjF/8X8MYv/S/ljFv+X88cs/q/kj1n8X80fs/i/lj8m8R8ykD9m8R+UP2bxHyF/zOI/Yv6YxX9w/pjFf6T8MYv/yPljFv9R8scs/kPyxyz+o+aPWfxHyx+z+I+eP2bxHyN/zOI/Zv6YxX+s/DGL/9j5Yxb/cfLHLP7j5o9Z/MfLH7P4fyR/zOI/fv6YxX+C/DGL/0fzxyz+E+aPWfwnyh+z+H8sf8zi//H8MYv/J/LHLP6fzB+z+H8qf8ziP3H+mMV/kvwxi/+k+WMW/0/nj1n8J8sfs/hPnj9m8Z8if8ziP2X+mMV/qvwxi/9n8scs/lPnj1n8P5s/ZvH/XP6Yxf/z+WMW/y/kj1n8v5g/ZvH/Uv6YxX+a/DGL/7T5Yxb/6fLHLP7T549Z/GfIH7P4z5g/ZvH/cv6YxX+m/DGL/8z5Yxb/WfLHLP6z5o9Z/L+SP2bx/+q7+u/+Pz+uD2gW/6+1/jGL/9fzxyz+s+WPWfy/kT9m8Z89f8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+M+XP2bxnz9/zOK/QP6Yxf+b+WMW/2/lj1n8F8wfs/h/O3/M4r9Q/pjF/zv5Yxb/7+aPWfwXzh+z+C+SP2bxXzR/zOK/WP6YxX/x/DGL/xL5Yxb/7+WPWfyXzB+z+H8/f8zi/4P8MYv/UvljFv+l88cs/svkj1n8l80fs/j/MH/M4r9c/pjFf/n8MYv/j/LHLP4r5I9Z/FfMH7P4r5Q/ZvFfOX/M4r9K/pjFf9X8MYv/avljFv8f549Z/FfPH7P4r5E/ZvFfM3/M4r9W/pjFf+38MYv/OvljFv+f5I9Z/NfNH7P4r5c/ZvFfP3/M4v/T/DGL/wb5Yxb/n+WPWfw3zB+z+G+UP2bx3zh/zOL/8/wxi/8v8scs/pvkj1n8N80fs/hvlj9m8d88f8ziv0X+mMV/y/wxi/9W+WMW/63zxyz+2+SPWfy3zR+z+P8yf8zi/6v8MYv/dvljFv/t88cs/jvkj1n8d8wfs/j/On/M4v+b/DGL/2/zxyz+O+WPWfx3zh+z+P8uf8zi//v8MYv/LvljFv8/5I9Z/HfNH7P475Y/ZvHfPX/M4v/H/DGL/5/yxyz+e+SPWfz3zB+z+O+VP2bx/3P+mMX/L/ljFv+988cs/vvkj1n8980fs/j/NX/M4v+3/DGL/375Yxb//fPHLP5/zx+z+B+QP2bxPzB/zOJ/UP6Yxf/g/DGL/yH5Yxb/Q/PHLP6H5Y9Z/A/PH7P4H5E/ZvE/Mn/M4n9U/pjF/+j8MYv/MfljFv9j88cs/sflj1n8j88fs/ifkD9m8T8xf8zif1L+mMX/5Pwxi/8p+WMW/1Pzxyz+p+WPWfxPzx+z+J+RP2bxPzN/zOJ/Vv6Yxf/s/DGL/zn5Yxb/c/PHLP7n5Y9Z/M/PH7P4X5A/ZvG/MH/M4n9R/pjF/x/5Yxb/i/PHLP6X5I9Z/C/NH7P4X5Y/ZvG/PH/M4n9F/pjF/8r8MYv/VfljFv+r88cs/tfkj1n8r80fs/hflz9m8b8+f8zif0P+mMX/xvwxi/9N+WMW/5vzxyz+t+SPWfxvzR+z+N+WP2bxvz1/zOJ/R/6Yxf/O/DGL/135Yxb/u/PHLP735I9Z/O/NH7P435c/ZvG/P3/M4v/Au/mP9b8wrg9oFv8HW/+Yxf+h/DGL/8P5Yxb/R/LHDP6DBg8MeTR/zOA/dP0/lj9m8X88f8zi/0T+mMX/yfwxi/9T+WMW/6fzxyz+z+SPWfyfzR+z+D+XP2bxfz5/zOL/Qv6Yxf/F/DGL/0v5Yxb/l/PHLP6v5I9Z/F/NH7P4v5Y/JvEfdSB/zOI/KH/M4j9C/pjFf8T8MYv/4Pwxi/9I+WMW/5Hzxyz+o+SPWfyH5I9Z/EfNH7P4j5Y/ZvEfPX/M4j9G/pjFf8z8MYv/WPljFv+x88cs/uPkj1n8x80fs/iPlz9m8f9I/pjFf/z8MYv/BPljFv+P5o9Z/CfMH7P4T5Q/ZvH/WP6Yxf/j+WMW/0/kj1n8P5k/ZvH/VP6YxX/i/DGL/yT5Yxb/SfPHLP6fzh+z+E+WP2bxnzx/zOI/Rf6YxX/K/DGL/1T5Yxb/z+SPWfynzh+z+H82f8zi/7n8MYv/5/PHLP5fkPlP9x63s/h/Ueb/XrP4fyl/zOI/Tf6YxX/agYHN3q8hfZCz+E/X+scs/tPnj1n8Z8gfs/jPmD9m8f9y/pjFf6b8MYv/zPljFv9Z8scs/rPmj1n8v5I/ZvH/av6Yxf9r+WMW/6/nj1n8Z8sfs/h/I3/M4j97/pjFf478MYv/nPljFv+58scs/nPnj1n858kfs/jPmz9m8Z8vf8ziP3/+mMV/gfwxi/8388cs/t/KH7P4L5g/ZvH/dv6YxX+h/DGL/3fyxyz+380fs/gvnD9m8V8kf8ziv2j+mMV/sfwxi//i+WMW/yXyxyz+38sfs/gvmT9m8f9+/pjF/wf5Yxb/pfLHLP5L549Z/JfJH7P4L5s/ZvH/Yf6YxX+5/DGL//L5Yxb/H+WPWfxXyB+z+K+YP2bxXyl/zOK/cv6YxX+V/DGL/6r5Yxb/1fLHLP4/zh+z+K+eP2bxXyN/zOK/Zv6YxX+t/DGL/9r5Yxb/dfLHLP4/yR+z+K+bP2bxXy9/zOK/fv6Yxf+n+WMW/w3yxyz+P8sfs/hvmD9m8d8of8ziv3H+mMX/5/ljFv9f5I9Z/DfJH7P4b5o/ZvHfLH/M4r95/pjFf4v8MYv/lvljFv+t8scs/lvnj1n8t8kfs/hvmz9m8f9l/pjF/1f5Yxb/7fLHLP7b549Z/HfIH7P475g/ZvH/df6Yxf83+WMW/9/mj1n8d8ofs/jvnD9m8f9d/pjF//f5Yxb/XfLHLP5/yB+z+O+aP2bx3y1/zOK/e/6Yxf+P+WMW/z/lj1n898gfs/jvmT9m8d8rf8zi/+f8MYv/X/LHLP57549Z/PfJH7P475s/ZvH/a/6Yxf9v+WMW//3yxyz+++ePWfz/nj9m8T8gf8zif2D+mMX/oPwxi//B+WMW/0Pyxyz+h+aPWfwPyx+z+B+eP2bxPyJ/zOJ/ZP6Yxf+o/DGL/9H5Yxb/Y/LHLP7H5o9Z/I/LH7P4H58/ZvE/IX/M4n9i/pjF/6T8MYv/yfljH17/PS5826WjnpI/9uH1/9f1f2r+mMX/tPwxi//p+WMW/zPyxyz+Z+aPWfzPyh+z+J+dP2bxPyd/zOJ/bv6Yxf+8/DGL//n5Yxb/C/LHLP4X5o9Z/C/KH7P4/yN/zOJ/cf6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/K/IH7P4X5k/ZvG/Kn/M4n91/pjF/5r8MYv/tfljFv/r8scs/tfnj1n8b8gfs/jfmD9m8b8pf8zif3P+mMX/lvwxi/+t+WMW/9vyxyz+t+ePWfzvyB+z+N+ZP2bxvyt/zOJ/d/6Yxf+e/DGL/735Yxb/+/LHLP73549Z/B/IH7P4P5g/ZvF/KH/M4v9w/pjF/5H8MYv/o/ljFv/H8scs/o/nj1n8n8gfs/g/mT9m8X8qf8zi/3T+mMX/mfwxi/+z+WMW/+fyxyz+z+ePWfxfyB+z+L+YP2bxfyl/zOL/cv6Yxf+V/DGL/6v5Yxb/1/LHJP6jDeSPWfwH5Y9Z/EfIH7P4j5g/ZvEfnD9m8R8pf8ziP3L+mMV/FJX/qO95S4v/EJX/e8/iP2r+mMV/tPwxi//o+WMW/zHyxyz+Y+aPWfzHyh+z+I+dP2bxHyd/zOI/bv6YxX+8/DGL/0fyxyz+4+ePWfwnyB+z+H80f8ziP2H+mMV/ovwxi//H8scs/h/PH7P4fyJ/zOL/yfwxi/+n8scs/hPnj1n8J8kfs/hPmj9m8f90/pjFf7L8MYv/5PljFv8p8scs/lPmj1n8p8ofs/h/Jn/M4j91/pjF/7P5Yxb/z+WPWfw/nz9m8f9C/pjF/4v5Yxb/L+WPWfynyR+z+E+bP2bxny5/zOI/ff6YxX+G/DGL/4z5Yxb/L+ePWfxnyh+z+M+cP2bxnyV/zOI/a/6Yxf8r+WMW/6/mj1n8v5Y/ZvH/ev6YxX+2/DGL/zfyxyz+s+ePWfznyB+z+M+ZP2bxnyt/zOI/d/6YxX+e/DGL/7z5Yxb/+fLHLP7z549Z/BfIH7P4fzN/zOL/rfwxi/+C+WMW/2/nj1n8F8ofs/h/J3/M4v/d/DGL/8L5Yxb/RfLHLP6L5o9Z/BfLH7P4L54/ZvFfIn/M4v+9/DGL/5L5Yxb/7+ePWfx/kD9m8V8qf8ziv3T+mMV/mfwxi/+y+WMW/x/mj1n8l8sfs/gvnz9m8f9R/pjFf4X8MYv/ivljFv+V8scs/ivnj1n8V8kfs/ivmj9m8V8tf8zi/+P8MYv/6vljFv818scs/mvmj1n818ofs/ivnT9m8V8nf8zi/5P8MYv/uvljFv/18scs/uvnj1n8f5o/ZvHfIH/M4v+z/DGL/4b5Yxb/jfLHLP4b549Z/H+eP2bx/0X+mMV/k/wxi/+m+WMW/83yxyz+m+ePWfy3yB+z+G+ZP2bx3yp/zOK/df6YxX+b/DGL/7b5Yxb/X+aPWfx/lT9m8d8uf8ziv33+mMV/h/wxi/+O+WMW/1/nj1n8f5M/ZvH/bf6YxX+n/DGL/875Yxb/3+WPWfx/nz9m8d8lf8zi/4f8MYv/rvljFv/d8scs/rvnj1n8/5g/ZvH/U/6YxX+P/DGL/575Yxb/vfLHLP5/zh+z+P8lf8ziv3f+mMV/n/wxi/+++WMW/7/mj1n8/5Y/ZvHfL3/M4r9//pjF/+/5Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J/8Nv8R3o9xfUCz+J/S+scs/qfmj1n8T8sfs/ifnj9m8T8jf8zif2b+mMX/rPwxi//Z+WMW/3Pyxyz+5+aPWfzPyx+z+J+fP2bxvyB/zOJ/Yf6Yxf+i/DGL/z/yxyz+F+ePWfwvyR+z+F+aP2bxvyx/zOJ/ef6Yxf+K/DGL/5X5Yxb/q/LHLP5X549Z/K/JH7P4X5s/ZvG/Ln/M4n99/pjF/4b8MYv/jfljFv+b8scs/jfnj1n8b8kfs/jfmj9m8b8tf8zif3v+mMX/jvwxi/+d+WMW/7vyxyz+d+ePWfzvyR+z+N+bP2bxvy9/zOJ/f/6Yxf+B/DGL/4P5Yxb/h/LHLP4P549Z/B/JH7P4P5o/ZvF/LH/M4v94/pjF/4n8MYv/k/ljFv+n8scs/k/nj1n8n8kfs/g/mz9m8X8uf8zi/3z+mMX/hfwxi/+LQv9R38M2Fv+XhP7vJYv/y/ljFv9X8scs/q/mj1n8X8sfk/iPPpA/ZvEflD9m8R8hf8ziP2L+mMV/cP6YxX+k/DGL/8j5Yxb/UfLHLP5D8scs/qPmj1n8R8sfs/iPnj9m8R8jf8ziP2b+mMV/rPwxi//Y+WMW/3Hyxyz+4+aPWfzHyx+z+H8kf8ziP37+mMV/gvwxi/9H88cs/hPmj1n8J8ofs/h/LH/M4v/x/DGL/yfyxyz+n8wfs/h/Kn/M4j9x/pjFf5L8MYv/pPljFv9P549Z/CfLH7P4T54/ZvGfIn/M4j9l/pjFf6r8MYv/Z/LHLP5T549Z/D+bP2bx/1z+mMX/8/ljFv8v5I9Z/L+YP2bx/1L+mMV/mvwxi/+0+WMW/+nyxyz+0+ePWfxnyB+z+M+YP2bx/3L+mMV/pvwxi//M+WMW/1nyxyz+s+aPWfy/kj9m8Z97SP6Uxf9rrX/M4v/1/DGL/2z5Yxb/b+SPWfxnzx+z+M+RP2bxnzN/zOI/V/6YxX/u/DGL/zz5Yxb/efPHLP7z5Y9Z/OfPH7P4L5A/ZvH/Zv6Yxf9b+WMW/wXzxyz+384fs/gvlD9m8f9O/pjF/7v5Yxb/hfPHLP6L5I9Z/BfNH7P4L5Y/ZvFfPH/M4r9E/pjF/3v5Yxb/JfPHLP7fzx+z+P8gf8ziv1T+mMV/6fwxi/8y+WMW/2Xzxyz+P8wfs/gvlz9m8V8+f8zi/6P8MYv/CvljFv8V88cs/ivlj1n8V84fs/ivkj9m8V81f8ziv1r+mMX/x/ljFv/V88cs/mvkj1n818wfs/ivlT9m8V87f8ziv07+mMX/J/ljFv9188cs/uvlj1n8188fs/j/NH/M4r9B/pjF/2f5Yxb/DfPHLP4b5Y9Z/DfOH7P4/zx/zOL/i/wxi/8m+WMW/03zxyz+m+WPWfw3zx+z+G+RP2bx3zJ/zOK/Vf6YxX/r/DGL/zb5Yxb/bfPHLP6/zB+z+P8qf8ziv13+mMV/+/wxi/8O+WMW/x3zxyz+v84fs/j/Jn/M4v/b/LEPnf/bkN/uv1P+2IfO/x3W/875Yxb/3+WPWfx/nz9m8d8lf8zi/4f8MYv/rvljFv/d8scs/rvnj1n8/5g/ZvH/U/6YxX+P/DGL/575Yxb/vfLHLP5/zh+z+P8lf8ziv3f+mMV/n/wxi/+++WMW/7/mj1n8/5Y/ZvHfL3/M4r9//pjF/+/5Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP/am/8CQgYEPs/8p+WOW9X9q/pjF/7T8MYv/6fljFv8z8scs/mfmj1n8z8ofs/ifnT9m8T8nf8zif27+mMX/vPwxi//5+WMW/wvyxyz+F+aPWfwvyh+z+P8jf8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+z+F+ZP2bxvyp/zOJ/df6Yxf+a/DGL/7X5Yxb/6/LHLP7X549Z/G/IH7P435g/ZvG/KX/M4n9z/pjF/5b8MYv/rfljFv/b8scs/rfnj1n878gfs/jfmT9m8b8rf8zif3f+mMX/nvwxi/+9+WMW//vyxyz+9+ePWfwfyB9z+Cf/Tjn8B0Z/qEcBZvF/OH/M4v9I/pjF/9H8MYv/Y/ljFv/H88cs/k/kj1n8n8wfs/g/lT9m8X86f8zi/0z+mMX/2fwxi/9z+WMW/+fzxyz+L+SPWfxfzB+z+L+UP2bxfzl/zOL/Sv6Yxf/V/DGL/2v5YxL/MQbyxyz+g/LHLP4j5I9Z/EfMH7P4D84fs/iPlD9m8R85f8ziP0r+mMV/SP6YxX/U/DGL/2j5Yxb/0fPHLP5j5I9Z/MfMH7P4j5U/ZvEfO3/M4j9O/pjFf9z8MYv/ePljFv+P5I9Z/MfPH7P4T5A/ZvH/aP6YxX/C/DGL/0T5Yxb/j+WPWfw/nj9m8f9E/pjF/5P5Yxb/T+WPWfwnzh+z+E+SP2bxnzR/zOL/6fwxi/9k+WMW/8nzxyz+U+SPWfynzB+z+E+VP2bx/0z+mMV/6vwxi/9n88cs/p/LH7P4fz5/zOL/hfwxi/8X88cs/l/KH7P4T5M/ZvGfNn/M4j9d/pjFf/r8MYv/DPljFv8Z88cs/l/OH7P4z5Q/ZvGfOX/M4j9L/pjFf9b8MYv/V/LHLP5fzR+z+H8tf8zi//X8MYv/bPljFv9v5I9Z/GfPH7P4z5E/ZvGfM3/M4j9X/pjFf+78MYv/PPljFv9588cs/vPlj1n8588fs/gvkD9m8f9m/pjF/1v5Yxb/BfPHLP7fzh+z+C+UP2bx/07+mMX/u/ljFv+F88cs/ovkj1n8F80fs/gvlj9m8V88f8ziv0T+mMX/e/ljFv8l88cs/t/PH7P4/yB/zOK/VP6YxX/p/DGL/zL5Yxb/ZfPHLP4/zB+z+C+XP2bxXz5/zOL/o/wxi/8K+WMW/xWN/u/hDlv8VzL6v4cs/ivnj1n8V8kfs/ivmj9m8V8tf8zi/+P8MYv/6vljFv818scs/mvmj1n818ofs/ivnT9m8V8nf8zi/5P8MYv/uvljFv/18scs/uvnj1n8f5o/ZvHfIH/M4v+z/DGL/4b5Yxb/jfLHLP4b549Z/H+eP2bx/0X+mMV/k/wxi/+m+WMW/83yxyz+m+ePWfy3yB+z+G+ZP2bx3yp/zOK/df6YxX+b/DGL/7b5Yxb/X+aPWfx/lT9m8d8uf8ziv33+mMV/h/wxi/+O+WMW/1/nj1n8f5M/ZvH/bf6YxX+n/DGL/875Yxb/3+WPWfx/nz9m8d8lf8zi/4f8MYv/rvljFv/d8scs/rvnj1n8/5g/ZvH/U/6YxX+P/DGL/575Yxb/vfLHLP5/zh+z+P8lf8ziv3f+mMV/n/wxi/+++WMW/7/mj1n8/5Y/ZvHfL3/M4r9//pjF/+/5Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bxPyV/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/hfmj1n8L8ofs/j/I3/M4n9x/pjF/5L8MYv/pfljFv/L8scs/pfnj1n8r8gfs/hfmT9m8b8qf8zif3X+mMX/mvwxi/+1+WMW/+vyxyz+1+ePWfxvyB+z+N+YP2bxvyl/zOJ/c/6Yxf+W/LEPt//tb146xq35Yx9u/7ca47b8MYv/7fljFv878scs/nfmj1n878ofs/jfnT9m8b8nf8zif2/+2IfUf8rhLh3jvvyxD6n/6719/d+fP2bxfyB/zOL/YP6Yxf+h/DGL/8P5Yxb/R/LHLP6P5o9Z/B/LH7P4P54/ZvF/In/M4v9k/pjF/6n8MYv/0/ljFv9n8scs/s/mj1n8n8sfs/g/nz9m8X8hf8zi/2L+mMX/pfwxi//L+WMW/1fyxyz+r+aPWfxfyx+T+I85kD9m8R+UP2bxHyF/zOI/Yv6YxX9w/pjFf6T8MYv/yPljFv9R8scs/kPyxyz+o+aPWfxHyx+z+I+eP2bxHyN/zOI/Zv6YxX+s/DGL/9j5Yxb/cfLHLP7j5o9Z/MfLH7P4fyR/zOI/fv6YxX+C/DGL/0fzxyz+E+aPWfwnyh+z+H8sf8zi//H8MYv/J/LHLP6fzB+z+H8qf8ziP3H+mMV/kvwxi/+k+WMW/0/nj1n8J8sfs/hPnj9m8Z8if8ziP2X+mMV/qvwxi/9n8scs/lPnj1n8P5s/ZvH/XP6Yxf/z+WMW/y/kj1n8v5g/ZvH/Uv6YxX+a/DGL/7T5Yxb/6fLHLP7T549Z/GfIH7P4z5g/ZvH/cv6YxX+m/DGL/8z5Yxb/WfLH/sV/2GXjvM9j+v/VO/jPmj9mWf9fyR+z+H81f8zi/7X8MYv/1/PHLP6z5Y9Z/L+RP2bxnz1/zOI/R/6YxX/O/DGL/1z5Yxb/ufPHLP7z5I9Z/OfNH7P4z5c/ZvGfP3/M4r9A/pjF/5v5Yxb/b+WPWfwXzB+z+H87f8ziv1D+mMX/O/ljFv/v5o9Z/BfOH7P4L5I/ZvFfNH/M4r9Y/pjFf/H8MYv/EvljFv/v5Y9Z/JfMH7P4fz9/zOL/g/wxi/9S+WMW/6Xzxyz+y+SPWfyXzR+z+P8wf8ziv1z+mMV/+fwxi/+P8scs/ivkj1n8V8wfs/ivlD9m8V85f8ziv0r+mMV/1fwxi/9q+WMW/x/nj1n8V88fs/ivkT9m8V8zf8ziv1b+mMV/7fwxi/86+WMW/5/kj1n8180fs/ivlz9m8V8/f8zi/9P8MYv/BvljFv+f5Y9Z/DfMH7P4b5Q/ZvHfOH/M4v/z/DGL/y/yxyz+m+SPWfw3zR+z+G+WP2bx3zx/zOK/Rf6YxX/L/DGL/1b5Yxb/rfPHLP7b5I9Z/LfNH7P4/zJ/zOL/q/wxi/92+WMW/+3zxyz+O+SPWfx3zB+z+P86f8zi/5v8MYv/b/PHLP475Y9Z/HfOH/uw+g8Zzv93+WMfVv+B4fx/nz9m8d8lf8zi/4f8MYv/rvljFv/d8scs/rvnj1n8/5g/ZvH/U/6YxX+P/DGL/575Yxb/vfLHLP5/zh+z+P8lf8ziv3f+mMV/n/wxi/+++WMW/7/mj1n8/5Y/ZvHfL3/M4r9//pjF/+/5Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bxPyV/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/hfmj1n8L8ofs/j/I3/M4n9x/pjF/5L8MYv/pfljFv/L8scs/pfnj1n8r8gfs/hfmT9m8b8qf8zif3X+mMX/mvwxi/+1+WMW/+vyxyz+1+ePWfxvyB+z+N+YP2bxvyl/zOJ/c/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/O/IH7P435k/ZvG/K3/M4n93/pjF/578MYv/vfljFv/7hvff/H95XB/QLP73t/4xi/8D+WMW/wfzxyz+D+WPWfwfzh+z+D+SP2bxfzR/zOL/WP6Yxf/x/DGL/xP5Yxb/J/PHLP5P5Y9Z/J/OH7P4P5M/ZvF/Nn/M4v9c/pjF//n8MYv/C/ljFv8X88cs/i/lj1n8X84fs/i/kj9m8X81f8zi/1r+mMR/rIH8MYv/oPwxi/8I+WMW/xHzxyz+g/PHLP4j5Y9Z/EfOH7P4j5I/ZvEfkj9m8R81f8ziP1r+mMV/9Pwxi/8Y+WMW/zHzxyz+Y+WPWfzHzh+z+I+TP2bxHzd/zOI/Xv6Yxf8j+WMW//Hzxyz+E+SPWfw/mj9m8Z8wf8ziP1H+mMX/Y/ljFv+P549Z/D+RP2bx/2T+mMX/U/ljFv+J88cs/pPkj1n8J80fs/h/On/M4j9Z/pjFf/L8MYv/FPljFv8p88cs/lPlj1n8P5M/ZvGfOn/M4v/Z/DGL/+fyxyz+n88fs/h/IX/M4v/F/DGL/5fyxyz+0+SPWfynzR+z+E+XP2bxnz5/zOI/Q/6YxX/G/DGL/5fzxyz+M+WPWfxnzh+z+M+SP2bxnzV/zOL/lfwxi/9X88cs/l/LH7P4fz1/zOI/W/6Yxf8bav/lRn+nayz+s6v93zmL/xz5Yxb/OfPHLP5z5Y9Z/OfOH7P4z5M/ZvGfN3/M4j9f/pjFf/78MYv/AvljFv9v5o9Z/L+VP2bxXzB/zOL/7fwxi/9C+WMW/+/kj1n8v5s/ZvFfOH/M4r9I/pjFf9H8MYv/YvljFv/F88cs/kvkj1n8v5c/ZvFfMn/M4v/9/DGL/w/yxyz+S+WPWfyXzh+z+C+TP2bxXzZ/zOL/w/wxi/9y+WMW/+Xzxyz+P8ofs/ivkD9m8V8xf8ziv1L+mMV/5fwxi/8q+WMW/1Xzxyz+q+WPWfx/nD9m8V89f8ziv0b+mMV/zfwxi/9a+WMW/7Xzxyz+6+SPWfx/kj9m8V83f8ziv17+mMV//fwxi/9P88cs/hvkj1n8f5Y/ZvHfMH/M4r9R/pjFf+P8MYv/z/MfGBgY9d8usfj/In/M4r9J/pjFf9P8MYv/ZvljFv/N88cs/lvkj1n8t8wfs/hvlT9m8d86f8ziv03+mMV/2/wxi/8v88cs/r/KH7P4b5c/ZvHfPn/M4r9D/pjFf8f8MYv/r/PHLP6/yR+z+P82f8ziv1P+mMV/5/wxi//v8scs/r/PH7P475I/ZvH/Q/6YxX/X/DGL/275Yxb/3fPHLP5/zB+z+P8pf8ziv0f+mMV/z/wxi/9e+WMW/z/nj1n8/5I/ZvHfO3/M4r9P/pjFf9/8MYv/X/PHLP5/yx+z+O+XP2bx3z9/zOL/9/wxi/8B+WMW/wPzxyz+B+WPWfwPzh+z+B+SP2bxPzR/zOJ/WP6Yxf/w/DGL/xH5Yxb/I/PHLP5H5Y9Z/I/OH7P4H5M/ZvE/Nn/M4n9c/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/ifkj9m8T81f8zif1r+mMX/9Pwxi/8Z+WMW/zPzxyz+Z+WPWfzPzh+z+J+TP2bxPzd/zOJ/Xv6Yxf/8/DGL/wX5Yxb/C/PHLP4X5Y9Z/P+RP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4X5U/ZvG/On/M4n9N/pjF/9r8MYv/dfljFv/r88cs/jfkj1n8b8wfs/jflD9m8b85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+d+SPWfzvzB+z+N+VP2bxvzt/zOJ/T/6Yxf/e/DGL/335Yxb/+/PHLP4P5I9Z/B/MH7P4P5Q/ZvF/OH/M4v9I/pjF/9H8MYv/Y/ljFv/H88cs/k/kj1n8n8wfs/g/lT9m8X86f8zi/0z+mMX/2fwxi/9z+WMW/+fzxyz+L+SPWfxfzB+z+L+UP2bxfzl/zOL/Sv6Yxf/V/DGL/2v5YxL/sQfyxyz+g/LHLP4j5I9Z/EfMH7P4D84fs/iPlD9m8R85f8ziP0r+mMV/SP6YxX/U/DGL/2j5Yxb/0fPHLP5j5I9Z/MfMH7P4j5U/ZvEfO3/M4j9O/pjFf9z8MYv/ePljFv+P5I9Z/MfPH7P4T5A/ZvH/aP7Y/8fO3Yd7Xdd3HP9xT5azT7sudWnDoTHXZiQyGrUQFcXjzSkTzbxHPQLJjdxIgCmw0Uodmy51s2ATC8ecrVricHPdrWhY1myN2FrlFNfCGHOwyJyx68A5BGdvz7XzZd+vm+/H4w/O+f2O71/K83r5+3lxXWXpf5j+oSz9D9c/lKX/z+gfytL/1fqHsvQ/Qv9Qlv5H6h/K0v81+oey9P9Z/UNZ+g/TP5Sl/1H6h7L0/zn9Q1n6D9c/lKX/0fqHsvQ/Rv9Qlv6v1T+Upf8I/UNZ+v+8/qEs/Y/VP5Sl/y/oH8rS/3X6h7L0/0X9Q1n6/5L+oSz9j9M/lKX/6/UPZek/Uv9Qlv5v0D+Upf/x+oey9B+lfyhL/xP0D2XpP1r/UJb+v6x/KEv/MfqHsvR/o/6hLP1/Rf9Qlv5j9Q9l6f8m/UNZ+r9Z/1CW/r+qfyhL/7foH8rSf5z+oSz9T9Q/lKX/eP1DWfqfpH8oS/+T9Q9l6X+K/qEs/SfoH8rS/1T9Q1n6n6Z/KEv/ifqHsvQ/Xf9Qlv5t+oey9D9D/1CW/mfqH8rS/yz9Q1n6n61/KEv/dv1DWfq/Vf9Qlv5v0z+Upf85+oey9H+7/qEs/c/VP5Sl/yT9Q1n6n6d/KEv/8/UPZen/Dv1DWfpfoH8oS/936h/K0v9C/UNZ+l+kfyhL/4v1D2Xpf4n+oSz9L9U/lKX/ZfqHsvS/XP9Qlv6T9Q9l6X+F/qEs/a/UP5Sl/1X6h7L079A/lKX/1fqHsvSfon8oS/+p+oey9J+mfyhL/3fpH8rS/xr9Q1n6T9c/lKX/DP1DWfrP1D+Upf8s/UNZ+l+rfyhL/9n6h7L0n6N/KEv/ufqHsvSfp38oS//r9A9l6T9f/1CW/u/WP5Sl/wL9Q1n6L9Q/lKX/Iv1DWfpfr38oS//36B/K0v8G/UNZ+t+ofyhL/8X6h7L0X6J/KEv/pfqHsvT/Nf1DWfr/uv6hLP2X6R/K0v+9+oey9P8N/UNZ+r9P/1CW/u/XP5Sl/036h7L0v1n/UJb+t+gfytL/N/UPZem/XP9Qlv6/pX8oS//f1j+Upf+t+oey9L9N/1CW/r+jfyhL/w/oH8rS/3b9Q1n636F/KEv/O/UPZen/u/qHsvT/Pf1DWfrfpX8oS/8P6h/K0v9D+oey9F+hfyhL/5X6h7L0/339Q1n6/4H+oSz979Y/lKX/Kv1DWfrfo38oS/8P6x/K0v8j+oey9F+tfyhL/3v1D2Xp/4f6h7L0X6N/KEv/P9I/lKX/ffqHsvT/Y/1DWfrfr38oS/+P6h/K0v9P9A9l6f8x/UNZ+n9c/1CW/p/QP5Sl/5/qH8rS/5P6h7L0f0D/UJb+a/UPZen/oP6hLP3/TP9Qlv7r9A9l6f+Q/qEs/f9c/1CW/n+hfyhL/4f1D2Xp/5f6h7L0/5T+oSz9P61/KEv/z+gfytL/s/qHsvT/nP6hLP3/Sv9Qlv6f1z+Upf8X9A9l6b9e/1CW/l/UP5Sl/1/rH8rSf4P+oSz9H9E/lKX/l/QPZen/Zf1DWfo/qn8oS/+v6B/K0v+r+oey9P8b/UNZ+j+mfyhL/6/pH8rS/2/1D2Xp/3X9Q1n6/53+oSz9N+ofytL/G/qHsvTfpH8oS/+/1z+Upf8/6B/K0v+b+oey9P9H/UNZ+n9L/1CW/t/WP5Sl/3f0D2Xp/7j+oSz9/0n/UJb+T+gfytL/Sf1DWfpv1j+Upf9T+oey9P9n/UNZ+n9X/1CW/v+ifyhL/+/pH8rSf4v+oSz9n9Y/lKX/9/UPZem/Vf9Qlv7/qn8oS/9t+oey9P83/UNZ+j+jfyhL/3/XP5Sl/3b9Q1n679A/lKX/f+gfytL/B/qHsvTfqX8oS/8f6h/K0v9Z/UNZ+v9I/1CW/s/pH8rS/z/1D2Xp/7z+oSz9f6x/KEv/XfqHkvR/ZUv/UJb+/fQPZenfX/9Qlv4D9A9l6T9Q/1CW/oP0D2XpP1j/UJb+Q/QPZek/VP9Qlv4v0z+Upf9B+oey9H+5/qEs/V+hfyhL/4P1D2Xp/1P6h7L0P0T/0EuuPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP81cxcuumby9Okdc3zjG9/4Zu83L/a/mQAAgP9tP/nQ/2L/nQAAAAAAAAAAAAAAAAAAAEBeTfzfib3Y/4wAAAAAAAAAAAAAAPD/XVv7SVsH9NvvqQH7PnjNox27v47eecHU1asfLN1fu358ZvCS/fd9sGvXrl0rnxk3oevhkFar1fm/9squx0N7Hne+/pJhKw7f86iM//ydj1866eCz5qy9beA3Vt7S/vSg3c8Oal1+9bTpHW/o32qVUwa1FnQ+OL5fq1VOG9S6tfPBqM4HEwe11nQ+OGH3g5e1PtP54PVXzpp+VecTp1f+PYOXirb2Ja0B+y22td+/Dfbd/5JhT0zt/trLS3a/2sBW1/6Hr/3SYT1+1u0F9t/9+uWknvvv8z8g8IL6tv9nN3V/7eUl/9v7/4c37FwU/eyF99/9+uVk+4f6BJ//99toz8/9PT7/HxW85N77E4duuL1z/23n3Xdk11MD/yef/3/y+uWUnvvvv9/n/87P8RO6P/8PabXKqQf42wGptLUv3drb+3/v+x/46h43/fbd/z1f2fyKzv3f+1xrWddTg/q4/wm9vf/f1OPvFeibtvZVu3q8//dh/60RwUvu3f+WtQfv/vy/+f4rD93nZ33Z/6k99z9y3oxrR85duOi4aTMmT+mY0jFz7Kgxx48eO3bMmJG7PxHs+fUAf1MgiQN7/28d1OOmX6vVsfd+/X23TOjc/7aHln2k66mhfdz/ab2+/x/l/R9Cw/u3Bg9uLZg8b96c4/f82v1w1J5f9/xlwf778N//Rx/b9Zd1/5lhv1br8L33Iy4dO6Rz/9fPLuu6nhrcx/1P7HX/4/f/s0qgbw7w/f+qHjf77f/ELTfO79z/MT941eaup/r63/+n97r/u73/w4Foa2/V+ibauf8Thiw9o9p1afPnf1CfJvY/bPutO6pdlzPsH+rTxP4nLX/zFdWuy5n2D/VpYv8PzrhsebXrcpb9Q32a2P/zP73jiGrX5Wz7h/o0sf/HvvvU6mrXpd3+oT5N7P+Dd7WfUO26vNX+oT5N7P+46344rtp1eZv9Q32a2P/VLz93TbXrco79Q32a2P8Zu04+tNp1ebv9Q32a2H+/pd9bUu26nGv/UJ8m9v/k5OWzql2XSfYP9Wli/2uGjXi22nU5z/6hPk3sf9nTb5xY7bqcb/9Qnyb2/9U7VjxW7bq8w/6hPk3s/xMXv2pFtetygf1DfZrY/4+GP3RQtevyTvuH+jSx/40b1zxQ7bpcaP9Qnyb2v3LNgOHVrstF9g/1aWL/i0+f8mi163Kx/UN9mtj/6DFfvqjadbnE/qE+Tez/8M9966lq1+VS+4f6NLH/cx+eP7fadbnM/qE+Tex//hEf/3G163K5/UN9mtj/WzqOmFrtuky2f6hPE/svtx20sdp1ucL+oT5N7P/CbavGV7suV9o/1KeJ/a875Asfq3ZdrrJ/qE8T+98+e+bYatelw/6hPk3s/zvvXfy+atflavuH+jSx/9uf+3qpdl2m2D/Up4n9bxl14cXVrstU+4f6NLH/VWc980i16zLN/qE+Tex/+brH51W7Lu+yf6hPE/tfv/7MJ6pdl2vsH+rTxP6PGTHy4GrXZbr9Q32a2P+sC5Z9qNp1mWH/UJ8m9n/K/Xe8ttp1mWn/UJ8m9j/0a+M+We26zLJ/qE8T+//0uPd/qtp1udb+oT5N7H/H+KOPrXZdZts/1KeJ/W96YNSd1a7LHPuH+jSx/w88clfF6zLX/qE+Tex/9uue31btusyzf6hPE/t/06TzF1a7LtfZP9Snif0fevfEL1a7LvPtH+rTxP4v+fb3z6l2Xd5t/1CfJvZ/9GFXHFntuiywf6hPE/ufOm3DzdWuy0L7h/o0sf8JKzeNrnZdFtk/1KeJ/R/y5Nx7ql2X6+0f6tPE/rcOOOzsatflPfYP9Wli//fe8PA3q12XG+wf6tPE/m++6aMd1a7LjfYP9Wli/5/dOXh7teuy2P4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/2IHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBYwEAAAAAYf7WQfRuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAUAAD//3II6Vg=") setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001040)=ANY=[], 0x841, 0x0) setxattr$security_ima(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140), &(0x7f0000000300)=ANY=[], 0x700, 0x0) setxattr$security_ima(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140), &(0x7f00000013c0)=ANY=[], 0x7b6, 0x0) 3.644290238s ago: executing program 3 (id=716): r0 = socket$inet_sctp(0x2, 0x5, 0x84) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e22, @empty}, 0x10) setsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000100)=@sack_info={0x0, 0x1, 0x5}, 0xc) sendto$inet(r0, &(0x7f0000000140)="eb", 0x34000, 0x4008004, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10) 3.633107313s ago: executing program 0 (id=717): syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./file0\x00', 0x100000a, &(0x7f00000002c0)={[{@journal_async_commit}, {@heartbeat_none}, {@usrquota}, {@barrier={'barrier', 0x3d, 0x7}}, {@heartbeat_none}, {@inode64}]}, 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzJ6vZpMl2P9ImafoxSQQXLcumT9X6ENeqjabNh7bVVFlnN9vN6uzMujujBYPUIIiCoARBxQ+qQulLLYiBvtQiFPxAWoVSUbS+iBSq4INBG+jKzNybnXtntneyk7S0/f2gnb3n3nPumf3vPXfOPZNCrHZqYaW4sFIsVYrV2ftXbil+rlquL86FwqvktT4/vbkSOcn+tXPkfR/4yD23hPCHY1/70Orq6mpoGA5dHWj7+fy/T8+2vyYKmTqNdru31vLH+iMv/fwtr3REnhMhhB0d/WrYFEL42C9C2BxCGInLRuPXLSGEbSGEKITw6G/+9ePBfrrQ5uy9Lzx37MzhfWemHn/smQvzR9c9MArhu+XdN88vvrh/023Pv+MynR4AAF7RB48fufvo5IHwZBSGzg10fl7fGb8mn4/vfNun7np4YG3/Kr3Z9CqGCgAAABlr8//h6OUu63XJylqyJPjEAyfufipa229i+/p26K4jt79/8kC8/ht17L81Lvrnezc111Cz677Z9d+RTP3u679r53n4q8/+svLWjfc/6V9y3uEQFSZS24XCxEQIx6Za27uirYVydaX2zvur9crJjZ/3jSKdf3b1fm1Bv9f8RzPV89b/d3/i8z/bMtDPOxgL2b/axnax80+ZLtL5rz+W/+RLUU/5j2Xq5eV/x9Pbz/9qcz/vIHtGLkU6/9aFuK/9gGJrAGjk/82B/Px3ZNrPy//7U+cePbGB7/80xpnhqNHXwdQI8HJcvs5XmMhI598KIjV0xr/I9a7//2XyvybTfl7+d1b/8bu/9XH/X2/8H5/qp803j3T+rSCKqSPWrv+RQv71f22m/bz8f3vqz89+sq97dWf+jf6Pu//3JJ1/fCNOD57N32Sv4//OTPt5+e8au++hhQ30+8Nb4n4ORWGs7Vun5xq3sKG19ermlKaxe2kDJ3kTSOff+q2lLp2h1kvz+h/OH/93ZdrPy/+hPV9/z+m+vv/bffyfNP73JJ3/lmbZpeT/Uib/3Zn28/L/4em//+W+yzz+N7YPyr8n6fy3duxfe/5T6Gn+d12mft7zn32jTz3y1z7m/0n/kvMmz3+S5xDjUev5D92l879q3eN6vf/vydTLu/6/9Z/nn97fz/gfDXoC0Id0/ttahV0mgL3mf32m/bz8v3DPlz/+pw3M/5qf+AaT/Nvm/5tb5UeN/z1J57+9VZj6x1APNv/fvP9Hnbn/N5P/DZn28/K/cGhi4CuX+f7f6P94l0fZdErnP7TucY38f9/D/f/GTL28/L+496cv3tzX5/8QJs31Nyyd/9XrHte8/gfz878pUy8v/+9849dPPNhH/9/eR12y+bfu9anLKf5s3uv8v5hpPy//H42fP7v/Csz/bnX/70k6/9aq+aXkn53/7820n5f/9478YHngCjz/uUP+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzIavw6HqDCR2i4UJiZCGIu3d4Wt0Uzp5PRMuTr7mZUQdsTlxTAazZerM6Xy9EKlenJuulQuV2dDuCbevyMMRivlam16sbR07cW2tkSn5krLtZm5Ui2EsDMuvz5sT9qaWagtlpaaxyZ1ropKn61Xa6WJ+srccth9sXxbUj6/XK0vXXexrasL1eWlU6XK9MmF5XdPTk5Ohj0X+zwSzT1Qm6vUWr1t7W3USeoOR21vprn7hrbzfbpaX66Uys3yG9vqlKuzpXJbnZvazldbrldmS7W56XJ1Pjlfsa1u23tr7t4b7xsPI6n3l9TNOhi/3n7o+EePHz7Qsb8YpfOu1BfnJrd3/5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4I3rydve9e0QwkBrqxBCOJj8EMX/pZy994Xnjp05vO/M1OOPPXNh/mi3YwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYuZ+XKro4DsBnxve+FkgpbYRcBoaI6E7Cgn4RSeU1smWb1kGtEjIoCgwjWhYEQVC7qCBoFVT+BVELl62qTS1aGERQMTqTlzvCDS90zHkeGM4Mc++ZLwzcO3M+hwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB+nN2x2JW1l3ZtXtq6+0PozM/9H0IYTZb3P+/tCD0hhK9fZk6HVdpCT1P/bybnxstXTX7v7R9/eH00WXv9xXeL63aHJB1qON6ZpOnQ0Nr736juDD6bHkxCSGMXQhQLY0/O1EIIHbELIYqfH+cvZr/v/8UuhCj6P9ztyu5/LXYhRLF196e+Wv6MR/Wcr18YbPzvb/UI3sYjOuvQ25NX3qVuauW9zN//k3zzPlgNsyeOvH8euwiimZ2bOhq7BgAA4O861yL/D1uW9+9fTkJPdzn3/9aU//c29b96/r/i3vYbYzNthRDbSmOT2fHwvnb63PhODVy9/bpmvKeq5P/VJv+vNvl/tcn/q03+X23yfzKv5P+V9PjmnsUXsYsgGvk/AABUz6HjE1P14ZHs5X/Tj85yXt+Xt/U8T39wa3rgUcO4kfzw33b42MSBg8Mj+X0vDwiurP+QLp39ns/3aG4Lk03zLlqt/9D7dGH+Wmf5E/U/nL9R1Fdc1/oPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAvdueehkEwCsPod1sRtdGqaMLCT4IPNDAiACnMaEAHEwZgIAQUMJBzlnuTZ3kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5/tXeV18f2mM9Foj0lR22bV/jqfZz9y3w/I+e9y4FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZ24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KkAAAD//8Oayzs=") syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x804051, 0x0, 0x1, 0x0, &(0x7f0000000d40)) mount(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x2236824, 0x0) rmdir(&(0x7f0000000400)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 2.97031091s ago: executing program 3 (id=719): r0 = socket(0x1e, 0x1, 0x0) r1 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0x8}) setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000380)=0x3, 0x4) 2.834573542s ago: executing program 1 (id=720): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000f00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x4, 0x7, 0x7ffc1ff3}]}) migrate_pages(0x0, 0x3, 0x0, &(0x7f00000002c0)=0x5) 1.847690514s ago: executing program 5 (id=721): openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0) syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) pselect6(0x40, &(0x7f00000002c0)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, &(0x7f0000000240)={0x1f, 0x0, 0x0, 0x0, 0x65}, 0x0, 0x0) 1.794999587s ago: executing program 3 (id=723): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'netdevsim0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="480000001c00110c0000001400000f0007000000", @ANYRES32=r2, @ANYBLOB="800202000a00020057"], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x0) 1.702050181s ago: executing program 5 (id=724): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) sysfs$1(0x1, 0x0) 1.652851042s ago: executing program 4 (id=725): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f0000000c00)=[{&(0x7f0000000380)='b', 0x1}], 0x1, &(0x7f0000000200)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r1], 0x18, 0x20040000}}], 0x1, 0x4) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r2, 0x0, 0x39000, 0x0) 1.599969136s ago: executing program 3 (id=726): unshare(0x22020600) socket$inet6(0xa, 0x3, 0x8000000003c) syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0x0) pselect6(0x40, &(0x7f0000000100)={0x0, 0x200000008, 0x0, 0x4cb, 0x8, 0x0, 0x1}, 0x0, &(0x7f0000000240)={0x1f, 0xfffffffffffffffe, 0x9, 0x0, 0x0, 0x10, 0x4}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0) 1.538187455s ago: executing program 4 (id=727): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000440)={0x28, 0x7, r1, 0x0, &(0x7f0000000480)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL', 0x1c, 0x2}) ioctl$IOMMU_IOAS_COPY(r0, 0x3b83, &(0x7f00000004c0)={0x28, 0x7, 0x0, r1, 0x1c, 0x3, 0x2}) 1.186165894s ago: executing program 5 (id=728): r0 = syz_io_uring_setup(0x757, &(0x7f00000000c0)={0x0, 0xa4a7, 0x8, 0x0, 0x1af}, &(0x7f0000000000)=0x0, &(0x7f00000001c0)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) io_uring_enter(r0, 0x47ba, 0x3e80, 0x1, 0x0, 0x5) io_uring_register$IORING_UNREGISTER_IOWQ_AFF(r0, 0x12, 0x0, 0x0) 1.060007488s ago: executing program 2 (id=729): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f0000001000/0x4000)=nil) 1.059621403s ago: executing program 4 (id=730): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = syz_io_uring_setup(0x39, &(0x7f0000000580)={0x0, 0xe7b7, 0x13500}, &(0x7f0000000240), &(0x7f0000001880)) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r0, 0x21, &(0x7f0000000440), 0x1) 1.04550339s ago: executing program 0 (id=731): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newlink={0x4c, 0x10, 0xffffffffffffffff, 0x70bd2d, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x21, 0x31863}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x1}, 0x40040) 994.392494ms ago: executing program 1 (id=732): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="5c0000001000010027bd7000fbdbdfa500000000", @ANYRES32=r2, @ANYBLOB="104e0600016201003c001280110001006272696467655f736c617665000000002400058006000200010000000500010002000000080022"], 0x5c}, 0x1, 0x0, 0x0, 0x404c000}, 0x2) 993.939948ms ago: executing program 3 (id=733): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x53b, &(0x7f0000000b80)="$eJzs3cFvHFcZAPBvNl7HSZzaBQ5QqaWiRUkF2Y1r2locSpEQnCohyj0Ye2NZWXste93GVgXrvwAJIUDiBBcuSPwBSCgSF44IKRKcQSoCIUhBggN00OzO2mY9a2/SjTde/37SZN6b2Znvexu/2Zmdp9kAzq3nI+KNiPggTdOXImImX17Kp2h1pux17z94dymbkkjTt/6WRJIv6+4ryedX8s2mIuJrX4n4ZnI07tbO7p3Fer22mderzbWN6tbO7o3VtcWV2kptfX5+7tWF1xZeWbg5lHZejYjXv/Sn73/np19+/ZeffeePt/5y/VtZWtP5+sPteEgTx63sNL18capng81HDPYkytpT7lYuDbbN3mPMBwCA/rJz/I9ExKci4qWYiQvHn84CAAAAZ1D6hen4TxKRFpvssxwAAAA4Q0rtMbBJqZKPBZiOUqlS6Yzh/VhcLtUbW83P3G5sry93xsrORrl0e7Veu5mPFZ6NcpLV59rlg/rLPfX5iHg6Ir43c6ldryw16suj/vIDAAAAzokrPdf//5zpXP8DAAAAY2Z21AkAAAAAj53rfwAAABh/rv8BAABgrH31zTezKe3+/vXy2zvbdxpv31iubd2prG0vVZYamxuVlUZjpf3MvrWT9ldvNDY+F+vbd6vN2lazenVn99ZaY3u9eWs1pk6lQQAAAMART3/y3u+TiGh9/lJ7ykyOOingVEzsl5J8XtD7//BUZ/7eKSUFnIoLA7zmvYvFy50nwNk20bugT18Hxk951AkAI5ecsL7v4J3fdGalIecDAAAM37VPFN//P/l8vuWUH844nRjOr577/+nMqBIBTl37/v+gA3mcLMBYKQ80AhAYZx/2/v/J0vShEgIAAIZuuj0lpUr+9d50lEqVSsTV9s8ClJPbq/XazYh4KiJ+N1O+mNXn2lsmJ14zAAAAAAAAAAAAAAAAAAAAAAAAAAAdaZpECgAAAIy1iNKfk191nuV/bebF6d7vByaTf7d/EngyIt750Vs/uLvYbG7OZcv/vr+8+cN8+cuj+AYDAAAA6NW9Tm/P/zXqbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYN+8/eHepOw3w8kvDivvXL0bEbFH8iZhqz6eiHBGX/5HExKHtkoi4MIT4rb2I+HhR/CRLaz9kUfxhvAmtvaSVthXGj9n8XSiKf2UI8eE8u5cdf94o6v+leL49L+5/ExH/V39U/Y9/sX/8u9Cn/18dMMYz939e7Rt/L+KZieLjXzd+0if+CwPG/8bXd3f7rUt/HHGt+/nTPuIdjnBQqjbXNqpbO7s3VtcWV2ortfX5+blXF15beGXhZvX2ar2W/1sY47vP/uKD49p/ufDzL8mz6d/+Fwv2V/SZ9N/7dx98tFtpHY1//YWC+L/+Sf6Ko/FLeZxP5+Vs/bVuudUpH/bcz3773HHtXz5of/lh/v+v99tpryMd5dlB/3QAgMdga2f3zmK9Xtsc20J2lf4EpPEohcl4ItIY38K3s8L9Ye0wTdM061MFq+5FxCD7SWLILS0V53NQ6HsEGPWRCQAAGLaDk/5RZwIAAAAAAAAAAAAAAAAAAADn12k8Za035sEjkJNhPEIbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAo/hcAAP//Yw3Xfw==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, &(0x7f00000001c0)={@id={0x2, 0x0, @b}}) unlink(&(0x7f0000000080)='./file1\x00') 826.357001ms ago: executing program 4 (id=734): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000080)=@framed, 0x0}, 0x94) r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = dup(r0) ioctl$PTP_EXTTS_REQUEST2(r1, 0xc0603d0f, &(0x7f0000000040)) 561.894258ms ago: executing program 5 (id=735): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)={0x44, r1, 0x5, 0x0, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_TX_RATES={0x1c, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x18, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x8000, 0x0, 0xa630, 0x4005, 0x0, 0x8, 0xb48]}}]}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x30008004}, 0x0) 469.898805ms ago: executing program 4 (id=736): r0 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x8c, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0xfe, [0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3], 0x0, [0x8, 0x4, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ab6, 0x2]}}]}}]}, 0x8c}}, 0x0) 469.601849ms ago: executing program 1 (id=737): munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) r0 = socket$inet6(0xa, 0x2, 0x3a) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x100430, @empty, 0x9}, 0x1c) sendto$inet6(r0, &(0x7f0000000080)="800037bbfa9ba1ce", 0xffd8, 0x0, 0x0, 0x0) 264.314539ms ago: executing program 5 (id=738): syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x1204408, &(0x7f0000000080)={[{@compress_force}, {@clear_cache}, {@nodatasum}, {@ref_verify}, {}, {@space_cache_v1}]}, 0x0, 0x51ab, &(0x7f000000a440)="$eJzs3V9oVFceB/Az+aPxDyY+xV32wX1YWcUFWRF2UdggGF2Whdn1YVnYrFlZxT+7JUgDwb5YS2lBxGCgthSKD33pS0mlUFqqBAsthYogVloUW0teWiiESsGXlpK590xmzvVmxlQbq5+PJHfO/d1z7pnhPsx3zLkTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIIRwcM3Kv+xaPb2urD7dP3bq6LLt507vP3ljaGjLlRAqtf2VvL5n+66/79+95689scPw37JtX1/ZkFnXz7PGkqads/2af/4TQuhOBujMtzs6G/pW0hOEI8UB53XgZv/o5u7BaxN3zmy8eP3QhuJTZ1bPYk9gseTX1fTctTRQ+92RHFFvN1x6laZLNOufXnA/yZMAAO7JpmptU387mr/FrbePpfWkPZC0x5N2fIcw3thYiGzcJWXzXJvWF2meA1lUWFo6z6Sev/71djXtn7STqHEP82w+NI80PWXzHEnqizVPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIfJqx9euvTcy+u3ldWn+8dOHV22/dzp/SdvDA1tuRJCX21/JStXlv+q8w+fLtt57fiRN36zr+ftk515v7jtajg4fBIf/LE3hL0Nlek47JerQqg2F2rN8FKxcLD24M+xAAAAwKPkF7XfHfV2Fge7m9qVWpqs1P5FWVg8cLN/dHP34LWJO2c2Xrx+aMPCx6uWjDdw1/Hq7b65n0pDMI7xNx1vrh4PPVIYZ37piGme/2zmyVsXJn7777L+hfzfN3/+j6+c/A8AAMCPIf+n48yvVf6/+s7zT3UN7n2vrH8h/69tOmUh/8cZx/zfERaW/wEAAOBh9qDz/0BhnPm1yv/fnZ86f/nb46+U9S/k/03t5f+uxmnHnR/FCR/uDWFTq6kDAAAAJeL/u899tBDzevbJQZrXO2ZGe6d6blwtG6+Q/wfay//d9/2ZAQAAAAv1v7F/Hb8wNn6zrF7I/9X28v/SBz5zAAAAoF37Tvz/3PoNIyvL6oX8P9xe/l+eb/OVD1mn9+NfIUz0htAz+2AkK3wQxv9ULwAAAAD3SczpX41u/f7jwel3y44r5P+R+e//H+90ENf/N93/r7D+v6GQ3fVvqxsDAAAA8DgqruePt8fPvrmg7Pv3213/f+uXO3b9d+c/vig7fyH/H2sv/3c2bu/n9/8BAADAAvzcvv/vn4Vx5tfq/v/fDN36et3hZwfL+hfy/3h7+T9uVzQ+van4+jzTG8Ka2Qf53QRfi6c7nBQmuxsK2Quf9Ngde+SFyaUNhZqRpMfve0P49eyDY0lhdSyMJ4WZVXnhbFK4HAv59VAvvJ4UpuKV9sKqfLpp4a1YyBdYTMYVFCvqSyKSHrfLeswW7trjev3kAAAAj5UYnvMs293cDGmUnay0OmB5qwM6Wh3Q2eqAruSA9MCy/WG4uRD3v7jtd7evPPHm06FEIf+fbS//x5diSbYpW/8f4vr//HsN6+v/h2OhLylMxkI1vWNANZ4jC7sn4jn6qnmPmTX1AgAAADzS4ucCnYs8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5g7/6D7KrqA4Cf/f0jm91FHAFJNYqA6ZDNJjFKK1MC1UFxpi4OdZw60UR2g9ssJCZhICnthEA7U5hUVKa1o0NDHUdpkUY6jlK1pEyBcaRTm7ZMxWhl/EFtaxnGSodSm87be8/d+87dm/dCdiFLP58/9p33vufnfT/2nXvvOxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/h38ZWPMb+1f89Py6+PfPuOHDewcuve+jWw8c3bRpw5EQJmYf78jCHYMrui785sBlj+3f+flzp/rvP9Cbl8vjYVnjT2d+55ai1uUhfLEjhO40sHooC/Tk94difSuGQjgtzAWKElODWYm04fDQQAgHw1ygqOr+gRCGSoErjzz4wIFG4o6BEM4NIfSlbXy7L2tjIA2c15sFBtPA9u4s8F/HMkXgS51ZAE5afDMUL/pDE80ZRucvV/P661mwjr240uF1xcRofb4fX7LInSrpTR+YOKmnrVIdi6Ly9jjs3bYE3m2V7Xy7p638RSr/hnJsLtQXOientm65bmZ3fKQzjI111dW0SM/z40/feNWJpJfM6zB2YHRBXofP3vme68+afMuNt24/54m177vg6Ml2s27zLra+kL/mlszzGG30ebIE3n6Vb0krfekKIfzcB7tv6vrtI5+qi1fm/6PHn//Hl3O87WzKHWt9bjibm8dHhmLiqeFsbg4AAABLxlLYa/qjs1/xe6s61zxeV19l/r+yveP/8ZB/PpnPRns4hI2ziZtHQjhz9vEscHds7gMjIbxmNjXRHLgkCRwO4azZxKqiqqREfyyxMgk8OZwHNiaBh2NgIgl8OgZuTwK3xMChJHBVDBxOApfGQJhuHsfPD+fjaDswEAObs414KJ6F8JPh2Fqyrb5VVAUAALBA8tlhT/Pd0rkOJ5shTi8PDbTKEM/Ars3Ql9SQzmCLaVVtDd2tauhsVUMx7n3HH36l5o5WNVdOw+hoznDpK/7w/BVfu+ELoUZl/j9+/Pl/3zwd6agc/w/hitm/MXdnHpkp4psnmjIAAAAAJ2HtG2a+9idnv+nNdfHK/H9je+f/x30iXaXM4dG4G2LbSAjjzYGs2jdXA9lR72V5AAAAAJaC4nh8cSx8Or/NTtFO59PV/BMnmD8e+N84b/5fCpOnb/vBUxvq+luZ/0+0d/7/YPNt1omHYy8+NhJCfynwSOxlIzBrZQx89+LmQD7+h+MGuC1WlZ+YUFR1WyyxOQbGk8DBuhLfKEqc2RzIn6yi8ZuLcUznJUoBAAAAeMHF3QHxuHw8///Ctd/70KaP7/1cXbnK/H/ziZ3/PzsPrpzeP7MshDXdIXSlPwx4dDBbGDAGhjryxFcHs7q60qpuGgzhosbA0qqeyNf/707XGDwykFUVA2e+9rNPn9dIfGoghDXlwGPvvWt2x8juJFA0/qsDIby6Mdq08S/0Z433pI3/QX8IryoFiqo+0B9Co7HetKoH+/LrGKRV/VlfCKeXAkVVb+wLYU8AYImK/0onyw/u2rN325aZmamdi5iI+/AHwtbpmamxq7bPTPbV9Gky6XPTMkY3VcfU2ebYj+ZLFN1z+dhIO+nid4Lj5b7k+/ErJw7m9+N3oZ7Zca7rabq7Ph3y68+pNpEO6cUY8mC5krknsVJ/zN8bloX+63ZN7Ry7Ycvu3TvXZn/bzb4u+xsPM2Xbam26rQbn61sbL492F0N/vtuq6TJXa3Zfs2PNrj17V09fs+Xqqaunrn3D+LrxdevHN7zpwjWNUY1nf1sM9fz5qk6Geuyu6hDavQbU8x3qK7tLlbwQnxoSEhJLLbHl4q/+5b1nfWJZ3cdPZf6/4/jz//ipEz/58/UZ6o7/j8bD/Nnjc4f5N8fAwXaP/4/WHc0vTgxYmQT2xcA+h/kBAAB4aYi7G+PezLhXuuem1WN//MlHnqwrV5n/72vv9/8LtP5/sXT95XXL/K+KJcbr1v9Pl/kv1v/fV7f+f7rMf7H+/8EXYf3/64pAskl+Yv1/AADgpeCFW/+/5fL+6QUCKhlaLu+fXiCgkqHlMv7tXiDghNf/f/tzr+u55iOvviXUqMz/b29v/m/hfgAAADh13HVkQ8eD//o/D9XFK/P/g+3N/1/49f9C3fn/K+sCE3ULA1r/DwAAgCWqbv2/9a/78ebP/WzFD+vKVeb/h9qb/8fTLjqbcsdanxvO1rQL6Zp2Tw0XPxkAAACApaEzjI21u6Jp08qolzz/Nh/PlwI9Xrrsr758zT8+8tb39tfVV5n/H25v/t/0u4xn73zP9WdNvuXG527dfs4Ta993wdG54/8AAADA4ml3vwQAAAAAAAAAAAAAAPDie3rv5Lv++ew7P1MXr/z+P1wx+3jd7//jdf/i7wte3pQ71tp6/b/8/pXvuHfP7JKFjw6HcE45sG3/ttNCfm3+88uBBzatOqOR2J+W+Mp3Lv1BI/H+NPC21S97ppG4KAlsjosknpUG4lUVn1meBOLyin+fBuL2OJQGevPA7y7PxtGRbqsfDWXbqiPdVo8PhTBSChTb6otDWRsd6QDvSALFAD+UBuIAfyUPdKa9undZ1qsYGIpF/2hZ1isAAE5Z8VtgT9g6PTM1Hr/Cx9tXdjffRk1Llt1UrbajzeaP5kuT3XP52Eg76a70u+jctcZ7Ql9jCGsrX1fLWTpmR7kwtbTYdC+vGXKr1d7a/XX2iW663voRDWQjGrtq+8xkT8uBr2+dZV13yyxrK5OdcpbO2U3aRi1t9KWNEbW5bdrocrzfGcbGupJcvxiDo6HJQr0iyuv81b0Kynn2Tb7xb75x7Nihuvoq8//R9ub/feVxPZNfDGBfvLLezSMhnNnmiAAAAIB2fevL/7Ru+yd+55709ort1956weCPLq4rV5n/r2xv/h93jOWHgrO9HYfj9f+L+f9oFrg7NveBkRBeM5uaiCWyC+pfHkuMZ4G74w6TVbHE5onmqvpj4FASeHI4DxxOAg/HQL6X4rMh35XzkeEQNsymrmgusSOWGE0C74yBlUlgLAbGk8DyGNiYBP59eR6YSAJfj4Ew3byt/ny5vSsAAMDzkM+zeprvhnSed6i7VYaOVhkGW2XobJWhr1WGulHE+/fFDD3JySsdpUw9aa0DSS2VDPFi+Cfcr0qG8I3mnGnBStPx/IPifIOO5gz/dtnrv33erlXtX/9/vL35/2Dzbdb6w3H+P3f9vyzwSOzex+Kp4ytj4LsXNwfyHQMPx8nubUVVE3mJfNJ+WyyxMQZWJoEdMbAxCWy+Ig8cPKM5kM+0i8ZvLhqfzkuUAgAAAPCCizsI4m6aOP//0/+++3MH/uHav64rV5n/b2xv/h/bW1Zu7Jai1uUhfLFjrjdFYPVQFoj7MYbiz+NXDIVwWmkHR1FiajAr0Zs0HB4ayH6h3ptWdf9AtsZAvH/lkQcfONBI3DEQwrmlvS9FG9/uy9oYSAPn9WaBwTSwvTsLxD0/ReBLnVkATlqxVzC+oPJTXQqj85eref29VK4Jmg6vsg90nnzz/eZqsfSlD+T7VAsn9rRVqmNRVN4eh73bluK7bdS7rfxFKv+Gcmwu1Bc6J6e2brluZnd8pPxL1opFep7Lv1JtJ70Ar8N9z7+3rfWlHRhPPj7G5y83/+uwI1b37J3vuf6sybfceOv2c55Y+74LjrbdjRrxh8Lv/uTLRsubd7H1hfw1t+Q+TyZ8nizFfwMrPW2NGexTv//V//jp4z+ri1fm/xPtzf+7k9tZz8aNuWskhNeXNu6jcfP/8kj2OVgKZJ+Sp1cD2SH37w3XfnICAADAQit2dxT7C6bz2+yE8HSeXM0/cYL54/6KjfPmb7ffW29+aP8P/+6Or9TFK/P/zcef//cn3XT83/F/Fonj//M61XdF96cP7DupXdGV6lgUjv/P61R/tzn+Py/H/x3/n4/j/y04/j+vU/1pq3xL2uFLVwjh6++/8+33bP+18+rilfn/jvbm/9b/m3/RvmL9v8116//tqFv/b5/1/wAAgEVVs9BcOs+rrN5XyZCu3lfJ0HKBwJZLDFr/74TX/3vrO//3+mOvuGRnqFGZ/+9rb/4fXw7Lyq0vlfX/Vl5RU9XtMbDDwoAAAACciup2EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDievcvPLl8029eOF0X//4ZN3x478Cl931064GjmzZtOBJClrUjC3cMrui68JsDlz22f+fnz53qv/9AX16uJ789uyl3rPW54RAOlh4Ziomnhht35gJXvuPePd2NxKPDIZxTDmzbv+20RuLTwyGcXw48sGnVGY3E/rTEV75z6Q8aifengbetftkzjcRFeaAj7e4nl2fd7Ui7e2B5CCOlQNHdX1/eXFXRxmV5oDNt4zNDWRsxMBSLfnwoayMGZmKJ6f4Q1nSH0JVW9bW+rKqutKq/6Muq6kqr+q2+EC4KIXSnVX2nN6uqOx353/ZmVcXAma/97NPnNRIHe0NYUw489t67NjQSH0oCRePv6g3h1Y2XTNr4fT1Z4z1p43f0hPCqEEJvWuI/u7MSvWmJJ7pDOL0UKBr/YHcIewIvCfHDZ7L84K49e7dtmZmZ2rmIid68rYGwdXpmauyq7TOTfUmf6nSU0sduOn78eI4+feNVjdt7Lh8baSfdnZfrme3yup6mu+sXqvftOtHex34NliuZez4q9cf8vWFZ6L9u19TOsRu27N69c232t93s67K/XXk021ZrF2pbdbYoHz3fbXV+uZI1u6/ZsWbXnr2rp6/ZcvXU1VPXvmF83fi69eMb3nThmsaoxrO/CzHUu44fX4yhvrK7VMkL8QEgISGx1BKdTZ9u46f6P73KF/25jvaEvtkP6Mq0opylY3aUCzHoS6rxrkUadGVKUhnR2srEoZJlXess6yuTibksA1mW2e91lclhuabO2U0a73eGsbHazTLafLe8eX88z+Zt1+P5pms3DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/B87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAsAAAAACPO3DqNnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBSAAAA//+3Rsqd") rename(0x0, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='mountinfo\x00') read$FUSE(r0, &(0x7f0000002380)={0x2020}, 0x2020) 235.046479ms ago: executing program 1 (id=739): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18, 0x2000c810}, 0x0) setsockopt$sock_attach_bpf(r1, 0x1, 0x22, &(0x7f00000018c0), 0x4) recvmsg(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002d00)=""/78, 0x4e}, 0x0) 214.771381ms ago: executing program 3 (id=740): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) clock_adjtime(0x0, &(0x7f00000001c0)={0x8b8d, 0x1c, 0x2, 0x0, 0x40, 0x101, 0x0, 0xfffc, 0x0, 0x200000, 0x5, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x8, 0x0, 0x0, 0x55, 0x0, 0x10000000000, 0x4d9, 0x1, 0x4, 0x8001}) 92.103808ms ago: executing program 1 (id=741): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000340)={r1, 0x3, 0x1, "95"}, 0x9) 9.89007ms ago: executing program 4 (id=742): r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) move_mount(0xffffffffffffff9c, &(0x7f0000000800)='./bus\x00', r0, &(0x7f0000000840)='./file0\x00', 0x64) 0s ago: executing program 0 (id=743): preadv2(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x100000000000000d, 0x0, 0x0, 0x0) r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x20002) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffc, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0}) kernel console output (not intermixed with test programs): ocking state [ 98.785603][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.823575][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.830684][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.842498][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.849622][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.868674][ T5850] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.907095][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.914248][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.108102][ T5847] veth0_vlan: entered promiscuous mode [ 99.191614][ T5847] veth1_vlan: entered promiscuous mode [ 99.337031][ T5847] veth0_macvtap: entered promiscuous mode [ 99.428383][ T5847] veth1_macvtap: entered promiscuous mode [ 99.527790][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.588588][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.617857][ T5847] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.634799][ T5847] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.647643][ T5847] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.658322][ T5847] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.748139][ T5856] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.774496][ T5854] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.952509][ T5850] veth0_vlan: entered promiscuous mode [ 100.006155][ T5854] veth0_vlan: entered promiscuous mode [ 100.024666][ T5859] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.046927][ T1337] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.066636][ T1337] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.096808][ T5854] veth1_vlan: entered promiscuous mode [ 100.118012][ T5850] veth1_vlan: entered promiscuous mode [ 100.143531][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.154735][ T5856] veth0_vlan: entered promiscuous mode [ 100.161732][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.178335][ T5853] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.272844][ T5856] veth1_vlan: entered promiscuous mode [ 100.289557][ T5847] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 100.303587][ T5854] veth0_macvtap: entered promiscuous mode [ 100.324137][ T5850] veth0_macvtap: entered promiscuous mode [ 100.356721][ T5854] veth1_macvtap: entered promiscuous mode [ 100.389594][ T5850] veth1_macvtap: entered promiscuous mode [ 100.438017][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.479297][ T5859] veth0_vlan: entered promiscuous mode [ 100.503241][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.515804][ T5854] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.524974][ T5854] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.534044][ T5854] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.543134][ T5854] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.586580][ T5849] Bluetooth: hci0: command tx timeout [ 100.624823][ T5859] veth1_vlan: entered promiscuous mode [ 100.705626][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.742604][ T5849] Bluetooth: hci4: command tx timeout [ 100.748082][ T5857] Bluetooth: hci1: command tx timeout [ 100.751654][ T5860] Bluetooth: hci3: command tx timeout [ 100.756440][ T5857] Bluetooth: hci5: command tx timeout [ 100.760882][ T5860] Bluetooth: hci2: command tx timeout [ 100.797051][ T5856] veth0_macvtap: entered promiscuous mode [ 100.854452][ T5856] veth1_macvtap: entered promiscuous mode [ 100.885668][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.909478][ T5859] veth0_macvtap: entered promiscuous mode [ 100.973811][ T5850] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.982723][ T5850] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.996768][ T5850] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.006046][ T5850] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.035682][ T5859] veth1_macvtap: entered promiscuous mode [ 101.062371][ T1337] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.074766][ T5856] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.082835][ T1337] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.124004][ T5856] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.195687][ T5859] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.203716][ T5856] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.214324][ T5856] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.223702][ T5856] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.235093][ T5856] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.299546][ T5859] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.301794][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.318994][ T5859] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.328661][ T5859] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.337665][ T5859] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.339907][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.346570][ T5859] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.425375][ T5853] veth0_vlan: entered promiscuous mode [ 101.523051][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.547477][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.555296][ T5853] veth1_vlan: entered promiscuous mode [ 101.747788][ T1312] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.768198][ T1312] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.849423][ T1312] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.862435][ T5991] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 101.877151][ T1312] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.976127][ T5853] veth0_macvtap: entered promiscuous mode [ 101.989688][ T3487] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.013730][ T1324] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.029706][ T5853] veth1_macvtap: entered promiscuous mode [ 102.041169][ T5991] usb 1-1: Using ep0 maxpacket: 8 [ 102.048080][ T3487] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.062350][ T1324] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.069970][ T5991] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 102.095238][ T5991] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 102.200481][ T5991] pvrusb2: Hardware description: Terratec Grabster AV400 [ 102.236635][ T5991] pvrusb2: ********** [ 102.240652][ T5991] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 102.266382][ T5991] pvrusb2: Important functionality might not be entirely working. [ 102.285619][ T5991] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 102.302529][ T5853] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.311844][ T1324] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.319785][ T5991] pvrusb2: ********** [ 102.328353][ T1324] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.336993][ T5853] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.469060][ T5853] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.478386][ T2339] pvrusb2: Invalid write control endpoint [ 102.537503][ T5853] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.570885][ T5853] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.579623][ T5853] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.689411][ T5997] pvrusb2: Invalid write control endpoint [ 102.721715][ T2339] pvrusb2: Invalid write control endpoint [ 102.727516][ T2339] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 102.741243][ T5912] usb 1-1: USB disconnect, device number 2 [ 102.775402][ T2339] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 102.790555][ T2339] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 102.872999][ T2339] pvrusb2: Device being rendered inoperable [ 102.915094][ T2339] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 102.968399][ T2339] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 103.019233][ T2339] pvrusb2: Attached sub-driver cx25840 [ 103.049464][ T2339] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 103.088659][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.092181][ T2339] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 103.119742][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.314749][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.346038][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.924691][ T6005] loop4: detected capacity change from 0 to 32768 [ 103.947435][ T6005] ======================================================= [ 103.947435][ T6005] WARNING: The mand mount option has been deprecated and [ 103.947435][ T6005] and is ignored by this kernel. Remove the mand [ 103.947435][ T6005] option from the mount to silence this warning. [ 103.947435][ T6005] ======================================================= [ 104.101998][ T6007] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 104.224698][ T6005] ocfs2: Slot 0 on device (7,4) was already allocated to this node! [ 104.261030][ T6007] usb 2-1: Using ep0 maxpacket: 32 [ 104.289729][ T6005] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 104.300058][ T6007] usb 2-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 104.360585][ T6010] loop3: detected capacity change from 0 to 32768 [ 104.375855][ T6007] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 104.429235][ T6007] usb 2-1: config 0 descriptor?? [ 104.458811][ T6010] (syz.3.11,6010,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 104.472575][ T6005] (syz.4.10,6005,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len % 4 != 0 - offset=312, inode=13845347915746889, rec_len=25793, name_len=214 [ 104.503923][ T6007] as10x_usb: device has been detected [ 104.541367][ T6007] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 104.565212][ T6010] (syz.3.11,6010,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 104.662386][ T6007] usb 2-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 104.739867][ T6010] JBD2: Ignoring recovery information on journal [ 104.803003][ T6007] as10x_usb: error during firmware upload part1 [ 104.809922][ T6007] Registered device nBox DVB-T Dongle [ 104.823472][ T6007] usb 2-1: USB disconnect, device number 2 [ 104.875581][ T6007] Unregistered device nBox DVB-T Dongle [ 104.880736][ T6015] loop0: detected capacity change from 0 to 32768 [ 104.894031][ T6007] as10x_usb: device has been disconnected [ 104.950109][ T6015] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.13 (6015) [ 104.953623][ T5850] ocfs2: Unmounting device (7,4) on (node local) [ 105.016352][ T6010] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 105.078416][ T6015] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 105.108798][ T6015] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm [ 105.190389][ T6015] BTRFS info (device loop0): using free-space-tree [ 105.524968][ T5856] ocfs2: Unmounting device (7,3) on (node local) [ 105.745635][ T6015] BTRFS info (device loop0): setting incompat feature flag for SIMPLE_QUOTA (0x10000) [ 106.264419][ T5854] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 106.354395][ T6021] loop5: detected capacity change from 0 to 40427 [ 106.395721][ T6055] loop3: detected capacity change from 0 to 512 [ 106.420843][ T6021] F2FS-fs (loop5): Invalid log sectors per block(0) log sectorsize(9) [ 106.461939][ T6021] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 106.530489][ T6021] F2FS-fs (loop5): invalid crc value [ 106.605912][ T6055] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 106.731065][ T6055] ext4 filesystem being mounted at /2/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 106.968695][ T6021] F2FS-fs (loop5): Start checkpoint disabled! [ 107.024047][ T6021] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 107.051934][ T6066] input: syz1 as /devices/virtual/input/input5 [ 107.055739][ T6021] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6 [ 107.204580][ T6055] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 107.495364][ T5856] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.951132][ T1203] usb 1-1: new full-speed USB device number 3 using dummy_hcd [ 108.123389][ T1203] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64 [ 108.156363][ T1203] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 512, setting to 64 [ 108.191029][ T1203] usb 1-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18 [ 108.207448][ T6080] loop1: detected capacity change from 0 to 4096 [ 108.228841][ T1203] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 108.273999][ T6080] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 108.290917][ T1203] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 108.320919][ T1203] usb 1-1: SerialNumber: syz [ 108.366277][ T6074] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 108.375025][ T6074] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 108.530508][ T6080] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [ 108.635162][ T6073] loop2: detected capacity change from 0 to 32768 [ 108.702496][ T1203] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22 [ 108.752217][ T1203] usb 1-1: USB disconnect, device number 3 [ 108.825229][ T6073] find_entry called with index = 0 [ 108.900569][ T6073] read_mapping_page failed! [ 108.920531][ T6073] ERROR: (device loop2): txCommit: [ 108.920531][ T6073] [ 109.001280][ T6089] binder: 6088:6089 ioctl c0306201 0 returned -14 [ 109.470044][ T6101] loop0: detected capacity change from 0 to 1024 [ 109.806565][ T6103] loop1: detected capacity change from 0 to 32768 [ 109.877067][ T6103] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 109.906021][ T6101] hfsplus: xattr searching failed [ 109.989195][ T6103] XFS (loop1): Corruption warning: Metadata has LSN (1024:16) ahead of current LSN (1:80). Please unmount and run xfs_repair (>= v4.3) to resolve. [ 110.004270][ T6103] XFS (loop1): Metadata CRC error detected at xfs_inobt_read_verify+0x42/0xe0, xfs_inobt block 0xc [ 110.015115][ T6103] XFS (loop1): Unmount and run xfs_repair [ 110.022053][ T6103] XFS (loop1): First 128 bytes of corrupted metadata buffer: [ 110.029523][ T6103] 00000000: 49 41 42 33 00 00 00 01 ff ff ff ff ff ff ff ff IAB3............ [ 110.038449][ T6103] 00000010: 00 00 00 00 00 00 00 0c 00 00 04 00 00 00 00 10 ................ [ 110.047355][ T6103] 00000020: d7 dc 42 4e 79 90 42 cb 9f 91 9c b7 20 0a 10 1d ..BNy.B..... ... [ 110.056233][ T6103] 00000030: 00 00 00 00 4a d4 d4 6c 00 00 18 00 00 00 40 37 ....J..l......@7 [ 110.065129][ T6103] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00 ................ [ 110.074008][ T6103] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 110.084789][ T6103] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 110.093677][ T6103] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 110.102879][ T6103] XFS (loop1): metadata I/O error in "xfs_btree_read_buf_block+0x290/0x470" at daddr 0xc len 4 error 74 [ 110.114543][ T6103] XFS (loop1): Failed to read root inode 0x1800, error 117 [ 110.122410][ T6103] XFS (loop1): Uncorrected metadata errors detected; please run xfs_repair. [ 110.270731][ T1337] hfsplus: b-tree write err: -5, ino 3 [ 110.609851][ T6126] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 111.345051][ T6145] netlink: 140 bytes leftover after parsing attributes in process `syz.1.51'. [ 111.578284][ T6148] netlink: 24 bytes leftover after parsing attributes in process `syz.4.53'. [ 111.578674][ T6150] netlink: 16 bytes leftover after parsing attributes in process `syz.2.54'. [ 111.742428][ T6154] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 112.283056][ T5940] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 112.451348][ T5940] usb 2-1: Using ep0 maxpacket: 32 [ 112.471875][ T6178] netlink: 'syz.5.66': attribute type 1 has an invalid length. [ 112.472039][ T5940] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86 [ 112.502262][ T971] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 112.517504][ T5940] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7 [ 112.559123][ T5940] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0 [ 112.575092][ T5940] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has an invalid bInterval 255, changing to 11 [ 112.588272][ T5940] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 59391, setting to 1024 [ 112.608517][ T5940] usb 2-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36 [ 112.618259][ T5940] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 112.634525][ T5940] usb 2-1: Product: syz [ 112.648431][ T5940] usb 2-1: Manufacturer: syz [ 112.657332][ T5940] usb 2-1: SerialNumber: syz [ 112.671483][ T971] usb 4-1: Using ep0 maxpacket: 8 [ 112.678321][ T5940] usb 2-1: config 0 descriptor?? [ 112.699190][ T971] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 112.749399][ T971] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 112.775141][ T6182] warning: `syz.5.68' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 112.803795][ T971] usb 4-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00 [ 112.834095][ T971] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.884935][ T971] usb 4-1: config 0 descriptor?? [ 113.137770][ T5940] iforce 2-1:0.0: usb_submit_urb failed: -32 [ 113.160108][ T5940] input input6: Device does not respond to id packet M [ 113.324723][ T971] hid-rmi 0003:06CB:81A7.0001: unknown main item tag 0x0 [ 113.379108][ T971] hid-rmi 0003:06CB:81A7.0001: unknown main item tag 0x0 [ 113.391635][ T6196] loop5: detected capacity change from 0 to 256 [ 113.394566][ T5940] iforce 2-1:0.0: usb_submit_urb failed: -71 [ 113.406041][ T971] hid-rmi 0003:06CB:81A7.0001: unknown main item tag 0x0 [ 113.432970][ T5940] input input6: Device does not respond to id packet B [ 113.440009][ T6196] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 113.451140][ T971] hid-rmi 0003:06CB:81A7.0001: unknown main item tag 0x0 [ 113.460630][ T971] hid-rmi 0003:06CB:81A7.0001: unknown main item tag 0x7 [ 113.480235][ T5940] iforce 2-1:0.0: usb_submit_urb failed: -71 [ 113.493668][ T6196] exFAT-fs (loop5): Medium has reported failures. Some data may be lost. [ 113.502299][ T5940] input input6: Device does not respond to id packet N [ 113.512392][ T971] hid-rmi 0003:06CB:81A7.0001: unknown main item tag 0x0 [ 113.526769][ T5940] iforce 2-1:0.0: usb_submit_urb failed: -71 [ 113.547585][ T971] hid-rmi 0003:06CB:81A7.0001: unknown main item tag 0x0 [ 113.551852][ T5940] iforce 2-1:0.0: usb_submit_urb failed: -71 [ 113.585325][ T6196] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 113.591881][ T5940] iforce 2-1:0.0: usb_submit_urb failed: -71 [ 113.613565][ T971] hid-rmi 0003:06CB:81A7.0001: hidraw0: USB HID v0.00 Device [HID 06cb:81a7] on usb-dummy_hcd.3-1/input0 [ 113.614598][ T6176] loop0: detected capacity change from 0 to 40427 [ 113.662226][ T5940] iforce 2-1:0.0: usb_submit_urb failed: -71 [ 113.705514][ T5940] input: Unknown I-Force Device [%04x:%04x] as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input6 [ 113.705911][ T971] usb 4-1: USB disconnect, device number 2 [ 113.733262][ T6176] F2FS-fs (loop0): Invalid log sectors per block(0) log sectorsize(9) [ 113.777368][ T6176] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 113.786009][ T6198] loop2: detected capacity change from 0 to 4096 [ 113.818684][ T5940] usb 2-1: USB disconnect, device number 3 [ 113.863413][ T6198] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 113.934126][ T6176] F2FS-fs (loop0): invalid crc value [ 113.981551][ T30] audit: type=1800 audit(1752657909.849:2): pid=6198 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.76" name="bus" dev="loop2" ino=18 res=0 errno=0 [ 114.027409][ T6199] fido_id[6199]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 114.396348][ T5847] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.579874][ T6176] F2FS-fs (loop0): Start checkpoint disabled! [ 114.634675][ T6212] loop1: detected capacity change from 0 to 2048 [ 114.638203][ T6214] loop5: detected capacity change from 0 to 1024 [ 114.672228][ T6214] EXT4-fs: Ignoring removed nomblk_io_submit option [ 114.681768][ T6176] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 114.700227][ T6216] netlink: 4 bytes leftover after parsing attributes in process `syz.2.80'. [ 114.715517][ T6176] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 114.737906][ T6212] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 114.745312][ T6214] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 114.907547][ T1312] kworker/u8:5: attempt to access beyond end of device [ 114.907547][ T1312] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 115.001508][ T1312] CPU: 1 UID: 0 PID: 1312 Comm: kworker/u8:5 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 115.001543][ T1312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 115.001560][ T1312] Workqueue: writeback wb_workfn (flush-7:0) [ 115.001614][ T1312] Call Trace: [ 115.001623][ T1312] [ 115.001633][ T1312] dump_stack_lvl+0x189/0x250 [ 115.001671][ T1312] ? __pfx_dump_stack_lvl+0x10/0x10 [ 115.001699][ T1312] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 115.001738][ T1312] ? __pfx_queue_work_on+0x10/0x10 [ 115.001773][ T1312] ? srso_alias_return_thunk+0x5/0xfbef5 [ 115.001803][ T1312] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 115.001841][ T1312] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 115.001880][ T1312] ? srso_alias_return_thunk+0x5/0xfbef5 [ 115.001909][ T1312] ? f2fs_hw_is_readonly+0x39b/0x470 [ 115.001951][ T1312] f2fs_handle_critical_error+0x37c/0x540 [ 115.001996][ T1312] f2fs_write_end_io+0x495/0x810 [ 115.002019][ T1312] ? blkg_put+0x22/0x240 [ 115.002069][ T1312] __submit_merged_bio+0x27a/0x6a0 [ 115.002114][ T1312] __submit_merged_write_cond+0x255/0x530 [ 115.002158][ T1312] f2fs_write_data_pages+0x261d/0x3000 [ 115.002239][ T1312] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 115.002297][ T1312] ? __pfx_f2fs_available_free_memory+0x10/0x10 [ 115.002365][ T1312] ? __pfx_f2fs_balance_fs_bg+0x10/0x10 [ 115.002405][ T1312] ? srso_alias_return_thunk+0x5/0xfbef5 [ 115.002447][ T1312] ? trace_f2fs_writepages+0x7f/0x200 [ 115.002485][ T1312] ? f2fs_write_node_pages+0x478/0x6e0 [ 115.002527][ T1312] ? __pfx_f2fs_write_node_pages+0x10/0x10 [ 115.002571][ T1312] ? srso_alias_return_thunk+0x5/0xfbef5 [ 115.002613][ T1312] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 115.002655][ T1312] do_writepages+0x32e/0x550 [ 115.002689][ T1312] ? srso_alias_return_thunk+0x5/0xfbef5 [ 115.002718][ T1312] ? reacquire_held_locks+0x127/0x1d0 [ 115.002749][ T1312] ? writeback_sb_inodes+0x372/0x1000 [ 115.002788][ T1312] __writeback_single_inode+0x145/0xff0 [ 115.002817][ T1312] ? srso_alias_return_thunk+0x5/0xfbef5 [ 115.002845][ T1312] ? do_raw_spin_unlock+0x122/0x240 [ 115.002887][ T1312] writeback_sb_inodes+0x6b5/0x1000 [ 115.002930][ T1312] ? srso_alias_return_thunk+0x5/0xfbef5 [ 115.002973][ T1312] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 115.003050][ T1312] ? srso_alias_return_thunk+0x5/0xfbef5 [ 115.003079][ T1312] ? rcu_is_watching+0x15/0xb0 [ 115.003109][ T1312] ? srso_alias_return_thunk+0x5/0xfbef5 [ 115.003148][ T1312] wb_writeback+0x43b/0xaf0 [ 115.003185][ T1312] ? queue_io+0x3b1/0x590 [ 115.003216][ T1312] ? __pfx_wb_writeback+0x10/0x10 [ 115.003254][ T1312] ? _raw_spin_unlock_irq+0x23/0x50 [ 115.003298][ T1312] wb_workfn+0x409/0xef0 [ 115.003356][ T1312] ? __pfx_wb_workfn+0x10/0x10 [ 115.003400][ T1312] ? srso_alias_return_thunk+0x5/0xfbef5 [ 115.003428][ T1312] ? __lock_acquire+0xab9/0xd20 [ 115.003468][ T1312] ? srso_alias_return_thunk+0x5/0xfbef5 [ 115.003500][ T1312] ? srso_alias_return_thunk+0x5/0xfbef5 [ 115.003534][ T1312] ? _raw_spin_unlock_irq+0x23/0x50 [ 115.003570][ T1312] ? process_scheduled_works+0x9ef/0x17b0 [ 115.003598][ T1312] ? process_scheduled_works+0x9ef/0x17b0 [ 115.003637][ T1312] process_scheduled_works+0xae1/0x17b0 [ 115.003702][ T1312] ? __pfx_process_scheduled_works+0x10/0x10 [ 115.003741][ T1312] ? srso_alias_return_thunk+0x5/0xfbef5 [ 115.003781][ T1312] worker_thread+0x8a0/0xda0 [ 115.003843][ T1312] kthread+0x711/0x8a0 [ 115.003884][ T1312] ? __pfx_worker_thread+0x10/0x10 [ 115.003914][ T1312] ? __pfx_kthread+0x10/0x10 [ 115.003947][ T1312] ? srso_alias_return_thunk+0x5/0xfbef5 [ 115.003980][ T1312] ? _raw_spin_unlock_irq+0x23/0x50 [ 115.004016][ T1312] ? srso_alias_return_thunk+0x5/0xfbef5 [ 115.004044][ T1312] ? lockdep_hardirqs_on+0x9c/0x150 [ 115.004082][ T1312] ? __pfx_kthread+0x10/0x10 [ 115.004121][ T1312] ret_from_fork+0x3fc/0x770 [ 115.004152][ T1312] ? __pfx_ret_from_fork+0x10/0x10 [ 115.004187][ T1312] ? __switch_to_asm+0x39/0x70 [ 115.004219][ T1312] ? __switch_to_asm+0x33/0x70 [ 115.004251][ T1312] ? __pfx_kthread+0x10/0x10 [ 115.004301][ T1312] ret_from_fork_asm+0x1a/0x30 [ 115.004355][ T1312] [ 115.004365][ T1312] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 115.169593][ T6194] loop4: detected capacity change from 0 to 32768 [ 115.328727][ T5853] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.458628][ T6225] netlink: 64 bytes leftover after parsing attributes in process `syz.2.86'. [ 115.890354][ T6194] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names [ 115.890389][ T6194] allowing incompatible features above 0.0: (unknown version) [ 115.890404][ T6194] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 116.077808][ T6194] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0 [ 116.131926][ T6194] bcachefs (loop4): initializing new filesystem [ 116.187513][ T6246] loop1: detected capacity change from 0 to 1024 [ 116.192345][ T6194] bcachefs (loop4): going read-write [ 116.244763][ T6194] bcachefs (loop4): marking superblocks [ 116.310305][ T30] audit: type=1800 audit(1752657912.189:3): pid=6246 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.93" name="file1" dev="loop1" ino=26 res=0 errno=0 [ 116.438485][ T6194] bcachefs (loop4): initializing freespace [ 116.457984][ T6194] bcachefs (loop4): done initializing freespace [ 116.505310][ T6194] bcachefs (loop4): reading snapshots table [ 116.551407][ T6194] bcachefs (loop4): reading snapshots done [ 116.687850][ T6194] bcachefs (loop4): done starting filesystem [ 116.735661][ T6194] syz.4.73 (6194) used greatest stack depth: 17080 bytes left [ 116.792107][ T5850] bcachefs (loop4): shutting down [ 116.797311][ T5850] bcachefs (loop4): going read-only [ 116.825717][ T5850] bcachefs (loop4): finished waiting for writes to stop [ 116.847396][ T5850] bcachefs (loop4): flushing journal and stopping allocators, journal seq 2 [ 116.964379][ T5850] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 2 [ 117.027779][ T5850] bcachefs (loop4): clean shutdown complete, journal seq 3 [ 117.037519][ T5850] bcachefs (loop4): marking filesystem clean [ 117.156761][ T5850] bcachefs (loop4): shutdown complete [ 117.580957][ T5998] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 117.771216][ T5998] usb 4-1: config 0 has no interfaces? [ 117.784049][ T5998] usb 4-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 117.803952][ T5998] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 117.820877][ T5998] usb 4-1: Product: syz [ 117.830927][ T5998] usb 4-1: Manufacturer: syz [ 117.842839][ T5998] usb 4-1: SerialNumber: syz [ 117.862494][ T5998] usb 4-1: config 0 descriptor?? [ 118.024426][ T6261] loop5: detected capacity change from 0 to 40427 [ 118.049110][ T6261] F2FS-fs (loop5): build fault injection rate: 771 [ 118.093899][ T6261] F2FS-fs (loop5): invalid crc value [ 118.171120][ T5998] usb 4-1: USB disconnect, device number 3 [ 118.293547][ T6264] loop0: detected capacity change from 0 to 32768 [ 118.368183][ T30] audit: type=1800 audit(1752657914.249:4): pid=6264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.99" name="file1" dev="loop0" ino=4 res=0 errno=0 [ 118.457281][ T6261] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 118.690525][ T5853] syz-executor: attempt to access beyond end of device [ 118.690525][ T5853] loop5: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 118.711838][ T5853] CPU: 1 UID: 0 PID: 5853 Comm: syz-executor Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 118.711869][ T5853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 118.711884][ T5853] Call Trace: [ 118.711893][ T5853] [ 118.711903][ T5853] dump_stack_lvl+0x189/0x250 [ 118.711943][ T5853] ? __pfx_dump_stack_lvl+0x10/0x10 [ 118.711971][ T5853] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 118.712011][ T5853] ? __pfx_queue_work_on+0x10/0x10 [ 118.712044][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 118.712073][ T5853] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 118.712111][ T5853] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 118.712150][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 118.712178][ T5853] ? f2fs_hw_is_readonly+0x39b/0x470 [ 118.712221][ T5853] f2fs_handle_critical_error+0x37c/0x540 [ 118.712265][ T5853] f2fs_write_end_io+0x495/0x810 [ 118.712288][ T5853] ? blkg_put+0x22/0x240 [ 118.712338][ T5853] __submit_merged_bio+0x27a/0x6a0 [ 118.712381][ T5853] __submit_merged_write_cond+0x255/0x530 [ 118.712426][ T5853] f2fs_write_data_pages+0x261d/0x3000 [ 118.712508][ T5853] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 118.712546][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 118.712642][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 118.712697][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 118.712725][ T5853] ? __lock_acquire+0xab9/0xd20 [ 118.712761][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 118.712790][ T5853] ? do_raw_spin_lock+0x121/0x290 [ 118.712833][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 118.712867][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 118.712895][ T5853] ? do_raw_spin_unlock+0x122/0x240 [ 118.712932][ T5853] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 118.712974][ T5853] do_writepages+0x32e/0x550 [ 118.713010][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 118.713043][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 118.713071][ T5853] ? do_raw_spin_unlock+0x122/0x240 [ 118.713114][ T5853] filemap_fdatawrite+0x191/0x230 [ 118.713145][ T5853] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 118.713225][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 118.713260][ T5853] ? do_raw_spin_unlock+0x122/0x240 [ 118.713302][ T5853] f2fs_sync_dirty_inodes+0x31f/0x830 [ 118.713346][ T5853] f2fs_write_checkpoint+0x94a/0x1de0 [ 118.713401][ T5853] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 118.713477][ T5853] ? f2fs_stop_gc_thread+0x7f/0xb0 [ 118.713502][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 118.713530][ T5853] ? kfree+0x18e/0x440 [ 118.713559][ T5853] ? kill_f2fs_super+0x298/0x6c0 [ 118.713591][ T5853] kill_f2fs_super+0x2c3/0x6c0 [ 118.713631][ T5853] ? __pfx_kill_f2fs_super+0x10/0x10 [ 118.713654][ T5853] ? radix_tree_delete_item+0x2b6/0x400 [ 118.713702][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 118.713730][ T5853] ? shrinker_free+0x2ce/0x3e0 [ 118.713772][ T5853] deactivate_locked_super+0xbc/0x130 [ 118.713800][ T5853] cleanup_mnt+0x425/0x4c0 [ 118.713840][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 118.713868][ T5853] ? lockdep_hardirqs_on+0x9c/0x150 [ 118.713912][ T5853] task_work_run+0x1d4/0x260 [ 118.713956][ T5853] ? __pfx_task_work_run+0x10/0x10 [ 118.713993][ T5853] ? __x64_sys_umount+0x122/0x160 [ 118.714029][ T5853] ? exit_to_user_mode_loop+0x40/0x110 [ 118.714061][ T5853] exit_to_user_mode_loop+0xec/0x110 [ 118.714088][ T5853] do_syscall_64+0x2bd/0x3b0 [ 118.714112][ T5853] ? lockdep_hardirqs_on+0x9c/0x150 [ 118.714152][ T5853] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.714175][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 118.714203][ T5853] ? exc_page_fault+0x9f/0xf0 [ 118.714245][ T5853] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.714269][ T5853] RIP: 0033:0x7f06b318fc57 [ 118.714290][ T5853] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 118.714310][ T5853] RSP: 002b:00007ffd9c102ad8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 118.714335][ T5853] RAX: 0000000000000000 RBX: 00007f06b3210925 RCX: 00007f06b318fc57 [ 118.714352][ T5853] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd9c102b90 [ 118.714367][ T5853] RBP: 00007ffd9c102b90 R08: 0000000000000000 R09: 0000000000000000 [ 118.714382][ T5853] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd9c103c20 [ 118.714399][ T5853] R13: 00007f06b3210925 R14: 000000000001cec2 R15: 00007ffd9c103c60 [ 118.714438][ T5853] [ 118.714447][ T5853] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 119.185060][ T5853] CPU: 0 UID: 0 PID: 5853 Comm: syz-executor Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 119.185095][ T5853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 119.185109][ T5853] Call Trace: [ 119.185118][ T5853] [ 119.185128][ T5853] dump_stack_lvl+0x189/0x250 [ 119.185169][ T5853] ? __pfx_dump_stack_lvl+0x10/0x10 [ 119.185198][ T5853] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 119.185236][ T5853] ? __pfx_queue_work_on+0x10/0x10 [ 119.185269][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 119.185298][ T5853] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 119.185336][ T5853] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 119.185375][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 119.185403][ T5853] ? f2fs_hw_is_readonly+0x39b/0x470 [ 119.185452][ T5853] f2fs_handle_critical_error+0x37c/0x540 [ 119.185497][ T5853] f2fs_write_end_io+0x495/0x810 [ 119.185519][ T5853] ? blkg_put+0x22/0x240 [ 119.185569][ T5853] __submit_merged_bio+0x27a/0x6a0 [ 119.185613][ T5853] __submit_merged_write_cond+0x255/0x530 [ 119.185657][ T5853] f2fs_write_data_pages+0x261d/0x3000 [ 119.185738][ T5853] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 119.185775][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 119.185862][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 119.185916][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 119.185944][ T5853] ? __lock_acquire+0xab9/0xd20 [ 119.185980][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 119.186008][ T5853] ? do_raw_spin_lock+0x121/0x290 [ 119.186052][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 119.186085][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 119.186113][ T5853] ? do_raw_spin_unlock+0x122/0x240 [ 119.186150][ T5853] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 119.186192][ T5853] do_writepages+0x32e/0x550 [ 119.186227][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 119.186260][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 119.186288][ T5853] ? do_raw_spin_unlock+0x122/0x240 [ 119.186331][ T5853] filemap_fdatawrite+0x191/0x230 [ 119.186362][ T5853] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 119.186447][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 119.186481][ T5853] ? do_raw_spin_unlock+0x122/0x240 [ 119.186524][ T5853] f2fs_sync_dirty_inodes+0x31f/0x830 [ 119.186568][ T5853] f2fs_write_checkpoint+0x94a/0x1de0 [ 119.186622][ T5853] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 119.186697][ T5853] ? f2fs_stop_gc_thread+0x7f/0xb0 [ 119.186722][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 119.186750][ T5853] ? kfree+0x18e/0x440 [ 119.186779][ T5853] ? kill_f2fs_super+0x298/0x6c0 [ 119.186811][ T5853] kill_f2fs_super+0x2c3/0x6c0 [ 119.186844][ T5853] ? __pfx_kill_f2fs_super+0x10/0x10 [ 119.186867][ T5853] ? radix_tree_delete_item+0x2b6/0x400 [ 119.186914][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 119.186942][ T5853] ? shrinker_free+0x2ce/0x3e0 [ 119.186984][ T5853] deactivate_locked_super+0xbc/0x130 [ 119.187013][ T5853] cleanup_mnt+0x425/0x4c0 [ 119.187053][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 119.187080][ T5853] ? lockdep_hardirqs_on+0x9c/0x150 [ 119.187124][ T5853] task_work_run+0x1d4/0x260 [ 119.187168][ T5853] ? __pfx_task_work_run+0x10/0x10 [ 119.187222][ T5853] ? __x64_sys_umount+0x122/0x160 [ 119.187264][ T5853] ? exit_to_user_mode_loop+0x40/0x110 [ 119.187295][ T5853] exit_to_user_mode_loop+0xec/0x110 [ 119.187323][ T5853] do_syscall_64+0x2bd/0x3b0 [ 119.187346][ T5853] ? lockdep_hardirqs_on+0x9c/0x150 [ 119.187385][ T5853] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 119.187409][ T5853] ? srso_alias_return_thunk+0x5/0xfbef5 [ 119.187450][ T5853] ? exc_page_fault+0x9f/0xf0 [ 119.187492][ T5853] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 119.187516][ T5853] RIP: 0033:0x7f06b318fc57 [ 119.187538][ T5853] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 119.187557][ T5853] RSP: 002b:00007ffd9c102ad8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 119.187582][ T5853] RAX: 0000000000000000 RBX: 00007f06b3210925 RCX: 00007f06b318fc57 [ 119.187599][ T5853] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd9c102b90 [ 119.187615][ T5853] RBP: 00007ffd9c102b90 R08: 0000000000000000 R09: 0000000000000000 [ 119.187630][ T5853] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd9c103c20 [ 119.187646][ T5853] R13: 00007f06b3210925 R14: 000000000001cec2 R15: 00007ffd9c103c60 [ 119.187685][ T5853] [ 119.187694][ T5853] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 119.490903][ T43] usb 2-1: new full-speed USB device number 4 using dummy_hcd [ 119.653094][ T6285] netlink: 32 bytes leftover after parsing attributes in process `syz.3.108'. [ 119.948342][ T6291] loop0: detected capacity change from 0 to 512 [ 120.052642][ T43] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 120.058480][ T6291] EXT4-fs: test_dummy_encryption requires encrypt feature [ 120.080928][ T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 120.140937][ T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 120.187793][ T6291] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 120.232440][ T43] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 120.297874][ T43] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 120.351960][ T43] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 120.380300][ T43] usb 2-1: Manufacturer: syz [ 120.402135][ T43] usb 2-1: config 0 descriptor?? [ 120.791280][ T43] rc_core: IR keymap rc-hauppauge not found [ 120.825338][ T43] Registered IR keymap rc-empty [ 120.857395][ T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 120.911084][ T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 120.953348][ T43] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0 [ 121.022021][ T43] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input7 [ 121.076810][ T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 121.131045][ T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 121.181066][ T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 121.228932][ T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 121.271099][ T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 121.290994][ T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 121.311209][ T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 121.348574][ T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 121.382633][ T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 121.420982][ T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 121.463548][ T43] mceusb 2-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 121.514288][ T43] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 121.560257][ T43] usb 2-1: USB disconnect, device number 4 [ 121.614224][ T6299] loop0: detected capacity change from 0 to 32768 [ 121.651271][ T6312] loop3: detected capacity change from 0 to 64 [ 121.732132][ T6315] loop4: detected capacity change from 0 to 1024 [ 121.788665][ T6299] JBD2: Ignoring recovery information on journal [ 121.855862][ T6315] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 121.978675][ T6299] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 122.016376][ T6315] ext4 filesystem being mounted at /14/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 122.194621][ T30] audit: type=1800 audit(1752657918.069:5): pid=6315 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.118" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 122.303883][ T6319] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 122.505777][ T6305] loop5: detected capacity change from 0 to 32768 [ 122.540375][ T5850] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.650668][ T6305] [ 122.650668][ T6305] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 122.650668][ T6305] [ 122.662324][ T5854] ocfs2: Unmounting device (7,0) on (node local) [ 122.687224][ T6329] mkiss: ax0: crc mode is auto. [ 122.850302][ T3487] read_mapping_page failed! [ 122.870352][ T3487] ERROR: (device loop5): txCommit: [ 122.870352][ T3487] [ 122.901193][ T5940] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 122.948589][ T3487] ERROR: (device loop5): remounting filesystem as read-only [ 122.970935][ T3487] jfs_write_inode: jfs_commit_inode failed! [ 123.007196][ T5853] [ 123.007196][ T5853] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 123.007196][ T5853] [ 123.044281][ T5853] [ 123.044281][ T5853] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 123.044281][ T5853] [ 123.113544][ T5940] usb 2-1: Using ep0 maxpacket: 32 [ 123.152200][ T5940] usb 2-1: config 0 has an invalid interface number: 51 but max is 0 [ 123.177448][ T5940] usb 2-1: config 0 has no interface number 0 [ 123.178759][ C1] IPv4: Oversized IP packet from 172.20.20.24 [ 123.292802][ T6344] netlink: 'syz.5.125': attribute type 10 has an invalid length. [ 123.351294][ T6344] netlink: 55 bytes leftover after parsing attributes in process `syz.5.125'. [ 123.559790][ T6349] bond0: option packets_per_slave: invalid value (70683304) [ 123.591728][ T6349] bond0: option packets_per_slave: allowed values 0 - 65535 [ 124.166047][ T5940] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 124.181095][ T5940] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 124.189210][ T5940] usb 2-1: Product: syz [ 124.210025][ T5940] usb 2-1: Manufacturer: syz [ 124.214690][ T5940] usb 2-1: SerialNumber: syz [ 124.368266][ T6342] loop2: detected capacity change from 0 to 131072 [ 124.381970][ T5940] usb 2-1: config 0 descriptor?? [ 124.390273][ T6342] F2FS-fs (loop2): Wrong CP boundary, start(512) end(1536) blocks(0) [ 124.398474][ T6342] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 124.410881][ T6342] F2FS-fs (loop2): invalid crc value [ 124.422491][ T5940] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 124.443475][ T6363] process 'syz.0.134' launched './file1' with NULL argv: empty string added [ 124.637795][ T6342] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 124.646664][ T6342] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 124.742038][ T5940] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 124.805437][ T6370] loop5: detected capacity change from 0 to 512 [ 124.855521][ T6372] loop4: detected capacity change from 0 to 512 [ 124.863975][ T5940] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 124.880674][ T6374] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 124.901890][ T6370] EXT4-fs: Ignoring removed nobh option [ 124.974441][ T6372] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 125.004386][ T6372] ext4 filesystem being mounted at /18/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 125.019977][ T6370] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.135: iget: bad i_size value: 38620345925642 [ 125.056830][ T6370] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.135: couldn't read orphan inode 15 (err -117) [ 125.121306][ C0] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 125.140999][ T5940] usb 2-1: USB disconnect, device number 5 [ 125.192148][ T5940] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 125.218207][ T6370] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 125.258074][ T5940] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 125.306181][ T5850] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 125.331903][ T5940] quatech2 2-1:0.51: device disconnected [ 125.431316][ T6388] EXT4-fs error (device loop5): ext4_validate_block_bitmap:432: comm syz.5.135: bg 0: block 5: invalid block bitmap [ 125.454054][ T6385] overlay: filesystem on ./bus not supported [ 125.602669][ T6388] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 164 with error 28 [ 125.647617][ T6388] EXT4-fs (loop5): This should not happen!! Data will be lost [ 125.647617][ T6388] [ 125.711378][ T6388] EXT4-fs (loop5): Total free blocks count 0 [ 125.717554][ T6388] EXT4-fs (loop5): Free/Dirty block details [ 125.729032][ T6392] openvswitch: netlink: Message has 4 unknown bytes. [ 125.741017][ T6388] EXT4-fs (loop5): free_blocks=0 [ 125.752918][ T6388] EXT4-fs (loop5): dirty_blocks=164 [ 125.770167][ T6388] EXT4-fs (loop5): Block reservation details [ 125.790634][ T6388] EXT4-fs (loop5): i_reserved_data_blocks=164 [ 126.057141][ T5853] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 126.268291][ T6409] loop0: detected capacity change from 0 to 256 [ 126.735407][ T6420] loop3: detected capacity change from 0 to 16 [ 126.825708][ T6420] erofs (device loop3): mounted with root inode @ nid 36. [ 126.900993][ T30] audit: type=1800 audit(1752657922.779:6): pid=6420 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.157" name="file1" dev="loop3" ino=86 res=0 errno=0 [ 127.511692][ T6436] netlink: 27 bytes leftover after parsing attributes in process `syz.3.162'. [ 127.617512][ T6406] loop5: detected capacity change from 0 to 32768 [ 127.731943][ T6406] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 127.813429][ T6406] XFS (loop5): Ending clean mount [ 128.357284][ T5853] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 128.851433][ T6469] loop3: detected capacity change from 0 to 512 [ 128.897917][ T6469] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 128.939842][ T6440] loop1: detected capacity change from 0 to 32768 [ 128.957490][ T6469] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 128.968586][ T6440] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.164 (6440) [ 129.022551][ T6440] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 129.032886][ T6440] BTRFS info (device loop1): using sha256 (sha256-x86_64) checksum algorithm [ 129.054670][ T6469] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 129.056109][ T6440] BTRFS info (device loop1): using free-space-tree [ 129.096754][ T6469] EXT4-fs (loop3): 1 truncate cleaned up [ 129.191952][ T6469] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 129.389335][ T6440] BTRFS info (device loop1): rebuilding free space tree [ 129.588947][ T5856] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.745776][ T3487] BTRFS info (device loop1): space_info DATA+METADATA (sub-group id 0) has 1781760 free, is not full [ 129.756990][ T3487] BTRFS info (device loop1): space_info total=3276800, used=53248, pinned=0, reserved=4096, may_use=1437696, readonly=0 zone_unusable=0 [ 129.771096][ T3487] BTRFS info (device loop1): global_block_rsv: size 1441792 reserved 1437696 [ 129.780024][ T3487] BTRFS info (device loop1): trans_block_rsv: size 0 reserved 0 [ 129.787732][ T3487] BTRFS info (device loop1): chunk_block_rsv: size 0 reserved 0 [ 129.795449][ T3487] BTRFS info (device loop1): delayed_block_rsv: size 0 reserved 0 [ 129.803327][ T3487] BTRFS info (device loop1): delayed_refs_rsv: size 262144 reserved 0 [ 130.553620][ T6494] loop2: detected capacity change from 0 to 32768 [ 130.591699][ T6494] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.177 (6494) [ 130.626151][ T5859] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 130.692188][ T6494] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 130.732404][ T6487] loop5: detected capacity change from 0 to 32768 [ 130.781105][ T6494] BTRFS info (device loop2): using sha256 (sha256-x86_64) checksum algorithm [ 130.789923][ T6494] BTRFS info (device loop2): using free-space-tree [ 131.692228][ T6494] BTRFS info (device loop2): setting incompat feature flag for SIMPLE_QUOTA (0x10000) [ 132.088165][ T6521] loop3: detected capacity change from 0 to 131072 [ 132.098394][ T6521] F2FS-fs (loop3): Segment count (31) mismatch with total segments from devices (0) [ 132.118689][ T6521] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 132.131365][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.137808][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.151280][ T6521] F2FS-fs (loop3): invalid crc value [ 132.294386][ T6521] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 132.303957][ T6521] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 132.372395][ T5847] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 132.949636][ T6564] netlink: 'syz.5.196': attribute type 3 has an invalid length. [ 133.020904][ T6564] netlink: 8 bytes leftover after parsing attributes in process `syz.5.196'. [ 133.487738][ T6576] loop1: detected capacity change from 0 to 256 [ 133.598223][ T30] audit: type=1800 audit(1752657929.479:7): pid=6576 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.200" name="file1" dev="loop1" ino=1048607 res=0 errno=0 [ 133.791653][ T6576] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 133.840862][ T6576] FAT-fs (loop1): Filesystem has been set read-only [ 134.245709][ T6548] loop4: detected capacity change from 0 to 32768 [ 134.401537][ T6548] XFS (loop4): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 134.484775][ T6548] XFS (loop4): Ending clean mount [ 134.774523][ T6606] loop2: detected capacity change from 0 to 1024 [ 134.863066][ T5850] XFS (loop4): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 135.307977][ T6613] loop2: detected capacity change from 0 to 1024 [ 135.340036][ T6613] EXT4-fs: Ignoring removed oldalloc option [ 135.359663][ T6615] netlink: 28 bytes leftover after parsing attributes in process `syz.5.215'. [ 135.375916][ T6582] loop0: detected capacity change from 0 to 40427 [ 135.401618][ T6613] EXT4-fs: Ignoring removed bh option [ 135.424239][ T6582] F2FS-fs (loop0): Invalid SB checksum offset: 0 [ 135.460871][ T6582] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 135.488455][ T6613] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 135.537109][ T6582] F2FS-fs (loop0): invalid crc value [ 135.757436][ T6628] loop3: detected capacity change from 0 to 8 [ 135.867788][ T5847] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 135.908353][ T30] audit: type=1326 audit(1752657931.789:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6631 comm="syz.5.218" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f06b318e929 code=0x0 [ 136.044402][ T6635] loop4: detected capacity change from 0 to 64 [ 136.099633][ T6582] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0 [ 136.140085][ T6582] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 136.224458][ T6640] loop3: detected capacity change from 0 to 64 [ 136.234745][ T6634] Trying to free block not in datazone [ 136.522879][ T6644] ptrace attach of "./syz-executor exec"[5847] was attempted by "o [ 136.907666][ T6654] loop4: detected capacity change from 0 to 512 [ 137.124354][ T6654] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 137.210532][ T6654] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec028, mo2=0102] [ 137.238310][ T6654] System zones: 1-12 [ 137.302117][ T6654] EXT4-fs (loop4): 1 truncate cleaned up [ 137.332743][ T6663] loop5: detected capacity change from 0 to 256 [ 137.361862][ T6654] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 137.568227][ T6665] loop0: detected capacity change from 0 to 2048 [ 137.692600][ T6665] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 137.695198][ T5850] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.874779][ T6673] loop5: detected capacity change from 0 to 512 [ 137.922899][ T6673] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 138.010985][ T6673] EXT4-fs (loop5): 1 truncate cleaned up [ 138.076242][ T6673] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 138.137150][ T6673] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.386544][ T6660] loop3: detected capacity change from 0 to 32768 [ 138.645536][ T6707] capability: warning: `syz.2.246' uses deprecated v2 capabilities in a way that may be insecure [ 138.838209][ T6660] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names [ 138.838238][ T6660] allowing incompatible features above 0.0: (unknown version) [ 138.838254][ T6660] features: atomic_nlink [ 139.000275][ T6660] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0 [ 139.061834][ T6660] bcachefs (loop3): initializing new filesystem [ 139.115043][ T6720] loop2: detected capacity change from 0 to 256 [ 139.121405][ T6716] loop1: detected capacity change from 0 to 2048 [ 139.136995][ T6660] bcachefs (loop3): going read-write [ 139.172728][ T6716] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 139.216517][ T6660] bcachefs (loop3): marking superblocks [ 139.299850][ T6660] bcachefs (loop3): initializing freespace [ 139.374466][ T6660] bcachefs (loop3): done initializing freespace [ 139.401238][ T6720] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d) [ 139.414328][ T6660] bcachefs (loop3): reading snapshots table [ 139.426147][ T6660] bcachefs (loop3): reading snapshots done [ 139.576198][ T6660] bcachefs (loop3): done starting filesystem [ 139.617996][ T6733] loop4: detected capacity change from 0 to 128 [ 139.797467][ T6735] netlink: 182 bytes leftover after parsing attributes in process `syz.5.255'. [ 139.998707][ T6738] Bluetooth: hci4: Opcode 0x0401 failed: -4 [ 140.041423][ T5856] bcachefs (loop3): shutting down [ 140.046489][ T5856] bcachefs (loop3): going read-only [ 140.062128][ T5856] bcachefs (loop3): finished waiting for writes to stop [ 140.158404][ T5856] bcachefs (loop3): flushing journal and stopping allocators, journal seq 3 [ 140.270398][ T5856] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 3 [ 140.306576][ T5856] bcachefs (loop3): clean shutdown complete, journal seq 4 [ 140.325315][ T5856] bcachefs (loop3): marking filesystem clean [ 140.459507][ T5856] bcachefs (loop3): shutdown complete [ 140.868023][ T6762] netlink: 'syz.2.263': attribute type 12 has an invalid length. [ 140.896309][ T6762] netlink: 120 bytes leftover after parsing attributes in process `syz.2.263'. [ 140.910137][ T6765] netlink: 64 bytes leftover after parsing attributes in process `syz.5.265'. [ 141.126052][ T6778] netlink: 36 bytes leftover after parsing attributes in process `syz.0.269'. [ 141.155373][ T6778] netlink: 24 bytes leftover after parsing attributes in process `syz.0.269'. [ 141.189718][ T6782] loop5: detected capacity change from 0 to 256 [ 141.553964][ T6796] Illegal XDP return value 4294967274 on prog (id 27) dev N/A, expect packet loss! [ 142.026233][ T5860] Bluetooth: hci4: command 0x0401 tx timeout [ 142.393239][ T6827] netlink: 12 bytes leftover after parsing attributes in process `syz.4.286'. [ 142.484474][ T6831] loop2: detected capacity change from 0 to 128 [ 142.557536][ T30] audit: type=1800 audit(1752657938.439:9): pid=6831 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.288" name="file0" dev="loop2" ino=1048614 res=0 errno=0 [ 142.800642][ T6835] syz.2.288: attempt to access beyond end of device [ 142.800642][ T6835] loop2: rw=0, sector=121, nr_sectors = 8 limit=128 [ 143.092479][ T59] kworker/u8:4: attempt to access beyond end of device [ 143.092479][ T59] loop2: rw=1, sector=129, nr_sectors = 912 limit=128 [ 143.417659][ T6848] loop2: detected capacity change from 0 to 512 [ 143.606563][ T6848] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 143.694891][ T6848] ext4 filesystem being mounted at /52/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 143.820046][ T6816] loop5: detected capacity change from 0 to 32768 [ 143.961263][ T6816] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 144.106630][ T6816] XFS (loop5): Ending clean mount [ 144.286910][ T6881] bond0: entered promiscuous mode [ 144.320880][ T6881] bond_slave_0: entered promiscuous mode [ 144.346559][ T6881] bond_slave_1: entered promiscuous mode [ 144.363412][ T5853] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 144.368733][ T6881] batadv0: entered promiscuous mode [ 144.436653][ T6881] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 144.519497][ T6885] loop1: detected capacity change from 0 to 1024 [ 144.610112][ T6886] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #4: comm syz.2.293: corrupted inode contents [ 144.626565][ T6885] EXT4-fs: Ignoring removed orlov option [ 144.712796][ T6885] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 144.867064][ T6886] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #4: comm syz.2.293: mark_inode_dirty error [ 144.924029][ T6886] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #4: comm syz.2.293: corrupted inode contents [ 145.014313][ T6886] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #4: comm syz.2.293: mark_inode_dirty error [ 145.043376][ T5859] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 145.085738][ T6886] Quota error (device loop2): write_blk: dquota write failed [ 145.131566][ T6886] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 145.196409][ T6897] loop3: detected capacity change from 0 to 4096 [ 145.203178][ T6886] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.293: Failed to acquire dquot type 1 [ 145.299996][ T6906] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 145.328622][ T6897] ntfs3(loop3): ino=1a, mi_enum_attr [ 145.364941][ T6897] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 145.654503][ T6924] loop5: detected capacity change from 0 to 8 [ 145.756923][ T59] ntfs3(loop3): ino=5, mi_enum_attr [ 145.830398][ T5847] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 145.839958][ T1203] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 145.885087][ T6933] loop5: detected capacity change from 0 to 128 [ 146.056655][ T1203] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 146.057769][ T6941] input: syz0 as /devices/virtual/input/input8 [ 146.078845][ T6938] loop1: detected capacity change from 0 to 512 [ 146.085760][ T1203] usb 1-1: config 0 has no interface number 0 [ 146.107654][ T1203] usb 1-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 146.146833][ T6938] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 146.150899][ T1203] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 146.186234][ T1203] usb 1-1: Product: syz [ 146.200591][ T1203] usb 1-1: Manufacturer: syz [ 146.226266][ T1203] usb 1-1: SerialNumber: syz [ 146.255054][ T1203] usb 1-1: config 0 descriptor?? [ 146.304186][ T6938] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 146.319993][ T6953] tipc: Started in network mode [ 146.324983][ T6953] tipc: Node identity 3a20300a74797065, cluster identity 4711 [ 146.333970][ T6953] tipc: Enabling of bearer rejected, failed to enable media [ 146.368007][ T6938] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.321: corrupted in-inode xattr: e_value size too large [ 146.454483][ T6938] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.321: couldn't read orphan inode 15 (err -117) [ 146.511061][ T1203] usb 1-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state [ 146.531853][ T6938] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 146.553703][ T1203] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 146.601305][ T1203] dvbdev: DVB: registering new adapter (E3C EC168 reference design) [ 146.609395][ T1203] usb 1-1: media controller created [ 146.715336][ T6920] usb 1-1: dvb_usb_ec168: I2C read not implemented [ 146.765883][ T1203] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 146.805215][ T5859] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.871981][ T1203] i2c i2c-1: ec100: i2c rd failed=-71 reg=33 [ 147.007628][ T1203] usb 1-1: USB disconnect, device number 4 [ 147.133017][ T6984] mmap: syz.5.335 (6984) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 149.048595][ T6999] loop5: detected capacity change from 0 to 32768 [ 149.111956][ T6999] XFS: ikeep mount option is deprecated. [ 149.198311][ T6999] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 149.268598][ T6999] XFS (loop5): Ending clean mount [ 149.300298][ T7067] loop0: detected capacity change from 0 to 128 [ 149.305141][ T6999] XFS (loop5): Quotacheck needed: Please wait. [ 149.332182][ T7067] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 149.377337][ T7067] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 149.413293][ T6999] XFS (loop5): Quotacheck: Done. [ 149.529753][ T5853] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 149.564261][ T7075] netlink: 8 bytes leftover after parsing attributes in process `syz.2.366'. [ 149.689086][ T3487] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 149.809107][ T7083] netlink: 12 bytes leftover after parsing attributes in process `syz.3.371'. [ 150.058086][ T7095] loop5: detected capacity change from 0 to 128 [ 150.430981][ T971] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 150.681353][ T971] usb 5-1: Using ep0 maxpacket: 8 [ 150.702013][ T971] usb 5-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 150.738254][ T971] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 150.750866][ T971] usb 5-1: Product: syz [ 150.755048][ T971] usb 5-1: Manufacturer: syz [ 150.759684][ T971] usb 5-1: SerialNumber: syz [ 150.784065][ T971] usb 5-1: config 0 descriptor?? [ 150.813486][ T971] gspca_main: se401-2.14.0 probing 047d:5003 [ 151.046036][ T7133] tipc: Started in network mode [ 151.054144][ T7133] tipc: Node identity , cluster identity 4711 [ 151.069663][ T7133] tipc: Failed to set node id, please configure manually [ 151.088871][ T7133] tipc: Enabling of bearer rejected, failed to enable media [ 151.105106][ T30] audit: type=1326 audit(1752657946.989:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7135 comm="syz.3.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72258e929 code=0x7ffc0000 [ 151.127374][ C0] vkms_vblank_simulate: vblank timer overrun [ 151.176815][ T30] audit: type=1326 audit(1752657946.989:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7135 comm="syz.3.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb72258e929 code=0x7ffc0000 [ 151.204974][ T24] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 151.221178][ T971] gspca_se401: Frame size: 0x0 1/16th janggu [ 151.252390][ T30] audit: type=1326 audit(1752657947.029:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7135 comm="syz.3.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fb72258e929 code=0x7ffc0000 [ 151.309265][ T7138] loop3: detected capacity change from 0 to 4096 [ 151.316787][ T30] audit: type=1326 audit(1752657947.029:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7135 comm="syz.3.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb72258e963 code=0x7ffc0000 [ 151.369403][ T30] audit: type=1326 audit(1752657947.129:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7135 comm="syz.3.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb72258d3df code=0x7ffc0000 [ 151.369989][ T7138] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 151.391763][ T30] audit: type=1326 audit(1752657947.169:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7135 comm="syz.3.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fb72258e9b7 code=0x7ffc0000 [ 151.426211][ T30] audit: type=1326 audit(1752657947.179:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7135 comm="syz.3.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb72258d290 code=0x7ffc0000 [ 151.448255][ C0] vkms_vblank_simulate: vblank timer overrun [ 151.454156][ T971] input: se401 as /devices/platform/dummy_hcd.4/usb5/5-1/input/input9 [ 151.454417][ T30] audit: type=1326 audit(1752657947.179:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7135 comm="syz.3.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb72258e52b code=0x7ffc0000 [ 151.471348][ T24] usb 2-1: unable to get BOS descriptor or descriptor too short [ 151.484744][ T30] audit: type=1326 audit(1752657947.229:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7135 comm="syz.3.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb72258d58a code=0x7ffc0000 [ 151.484804][ T30] audit: type=1326 audit(1752657947.229:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7135 comm="syz.3.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb72258d58a code=0x7ffc0000 [ 151.556227][ T971] usb 5-1: USB disconnect, device number 2 [ 151.557397][ T7138] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #15: comm syz.3.396: corrupted inode contents [ 151.591623][ T7148] loop5: detected capacity change from 0 to 128 [ 151.599574][ T24] usb 2-1: config 0 interface 0 has no altsetting 0 [ 151.611678][ T7138] EXT4-fs (loop3): Remounting filesystem read-only [ 151.618264][ T24] usb 2-1: New USB device found, idVendor=0e41, idProduct=4156, bcdDevice=15.eb [ 151.635402][ T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 151.654900][ T1324] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 151.661538][ T7148] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 151.678019][ T24] usb 2-1: Product: syz [ 151.678042][ T24] usb 2-1: Manufacturer: syz [ 151.678061][ T24] usb 2-1: SerialNumber: syz [ 151.687333][ T24] usb 2-1: config 0 descriptor?? [ 151.712562][ T7148] ext4 filesystem being mounted at /65/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 151.753430][ T5856] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 151.876484][ T5853] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 152.007708][ T7152] loop5: detected capacity change from 0 to 512 [ 152.062891][ T7152] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 152.088728][ T7152] ext4 filesystem being mounted at /66/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 152.115973][ T24] snd_usb_podhd 2-1:0.0: Line 6 POD HDDESKTOP found [ 152.122007][ T7143] loop2: detected capacity change from 0 to 32768 [ 152.160178][ T7143] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 152.255235][ T5853] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 152.321630][ T24] snd_usb_podhd 2-1:0.0: endpoint not available, using fallback values [ 152.324660][ T7143] XFS (loop2): Ending clean mount [ 152.351115][ T24] snd_usb_podhd 2-1:0.0: invalid control EP [ 152.367149][ T7143] XFS (loop2): Quotacheck needed: Please wait. [ 152.380916][ T24] snd_usb_podhd 2-1:0.0: cannot start listening: -22 [ 152.400323][ T24] snd_usb_podhd 2-1:0.0: Line 6 POD HDDESKTOP now disconnected [ 152.433089][ T24] snd_usb_podhd 2-1:0.0: probe with driver snd_usb_podhd failed with error -22 [ 152.444757][ T7143] XFS (loop2): Quotacheck: Done. [ 152.496426][ T7173] team_slave_1: entered promiscuous mode [ 152.591436][ T5847] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 152.612195][ T24] usb 2-1: USB disconnect, device number 6 [ 153.004064][ T7153] loop3: detected capacity change from 0 to 32768 [ 153.053057][ T7153] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 153.199170][ T7153] XFS (loop3): Ending clean mount [ 153.341721][ T5856] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 153.448182][ T7176] loop4: detected capacity change from 0 to 32768 [ 153.514814][ T7199] ALSA: mixer_oss: invalid OSS volume 'LIN$' [ 153.529485][ T7189] loop5: detected capacity change from 0 to 32768 [ 153.547958][ T7189] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.412 (7189) [ 153.562994][ T7176] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 153.664777][ T7189] BTRFS info (device loop5): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 153.701849][ T7189] BTRFS info (device loop5): using xxhash64 (xxhash64-generic) checksum algorithm [ 153.711300][ T7176] (syz.4.408,7176,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is too small for name_len - offset=16, inode=65, rec_len=16, name_len=64 [ 153.741713][ T7176] (syz.4.408,7176,1):ocfs2_prepare_dir_for_insert:4294 ERROR: status = -2 [ 153.750380][ T7176] (syz.4.408,7176,1):ocfs2_mknod:298 ERROR: status = -2 [ 153.757459][ T7189] BTRFS info (device loop5): disk space caching is enabled [ 153.771435][ T7189] BTRFS warning (device loop5): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 153.811522][ T7176] (syz.4.408,7176,1):ocfs2_mknod:502 ERROR: status = -2 [ 153.862656][ T7176] (syz.4.408,7176,1):ocfs2_mkdir:658 ERROR: status = -2 [ 153.940103][ T7228] loop1: detected capacity change from 0 to 256 [ 154.005841][ T7189] BTRFS info (device loop5): rebuilding free space tree [ 154.024141][ T7232] bridge0: adding interface bridge0 with same address as a received packet (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 154.083272][ T7189] BTRFS info (device loop5): disabling free space tree [ 154.095567][ T5850] ocfs2: Unmounting device (7,4) on (node local) [ 154.100529][ T7189] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 154.127638][ T7189] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 154.198981][ T7235] loop3: detected capacity change from 0 to 1024 [ 154.518438][ T5853] BTRFS info (device loop5): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 154.705499][ T7239] loop1: detected capacity change from 0 to 64 [ 154.822614][ T7243] Bluetooth: hci6: Frame reassembly failed (-84) [ 154.847671][ T3487] Bluetooth: hci6: Frame reassembly failed (-84) [ 155.624731][ T7206] loop0: detected capacity change from 0 to 65536 [ 155.682265][ T7206] XFS (loop0): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 155.744230][ T7206] XFS (loop0): Ending clean mount [ 156.034795][ T5854] XFS (loop0): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3 [ 156.201191][ T30] kauditd_printk_skb: 14 callbacks suppressed [ 156.201211][ T30] audit: type=1800 audit(1752657952.089:32): pid=7292 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.447" name="blkio.bfq.io_queued_recursive" dev="tmpfs" ino=423 res=0 errno=0 [ 156.807704][ T7319] netlink: 8 bytes leftover after parsing attributes in process `syz.3.460'. [ 156.821241][ T5860] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 156.827587][ T5867] Bluetooth: hci6: command 0x1003 tx timeout [ 156.847004][ T7319] netlink: 24 bytes leftover after parsing attributes in process `syz.3.460'. [ 156.856797][ T7321] loop5: detected capacity change from 0 to 256 [ 156.938383][ T7323] team0: Device gtp0 is of different type [ 157.480094][ T7350] loop4: detected capacity change from 0 to 1024 [ 157.536581][ T7350] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 157.556926][ T7350] ext4 filesystem being mounted at /71/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 157.650672][ T7360] loop3: detected capacity change from 0 to 64 [ 157.658369][ T7360] BFS-fs: bfs_fill_super(): loop3 is unclean, continuing [ 157.774714][ T5850] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.779273][ T7364] loop2: detected capacity change from 0 to 1024 [ 157.862500][ T7364] hfsplus: bad catalog entry type [ 157.944511][ T3487] hfsplus: b-tree write err: -5, ino 4 [ 158.259279][ T7385] loop2: detected capacity change from 0 to 1024 [ 158.340493][ T5973] hfsplus: b-tree write err: -5, ino 4 [ 158.587005][ T7398] tap0: tun_chr_ioctl cmd 1074025675 [ 158.608396][ T7398] tap0: persist disabled [ 158.704797][ T7405] loop3: detected capacity change from 0 to 1024 [ 159.263848][ T7427] loop1: detected capacity change from 0 to 2048 [ 159.360960][ T7432] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 159.584328][ T7407] loop4: detected capacity change from 0 to 32768 [ 159.653736][ T7407] XFS (loop4): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4 [ 159.786173][ T7407] XFS (loop4): Starting recovery (logdev: internal) [ 159.853884][ T7407] XFS (loop4): Ending recovery (logdev: internal) [ 160.047638][ T5860] Bluetooth: hci3: SCO packet too small [ 160.057434][ T30] audit: type=1326 audit(1752657955.939:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7413 comm="syz.0.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ceff8e929 code=0x7fc00000 [ 160.244963][ T5850] XFS (loop4): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4 [ 160.599965][ T7468] loop2: detected capacity change from 0 to 256 [ 160.661228][ T7468] exfat: Deprecated parameter 'namecase' [ 160.661353][ T7468] exfat: Deprecated parameter 'utf8' [ 160.670763][ T7468] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 161.617717][ T7474] loop1: detected capacity change from 0 to 32768 [ 162.029916][ T7509] netlink: 'syz.0.543': attribute type 1 has an invalid length. [ 162.046129][ T7512] loop2: detected capacity change from 0 to 512 [ 162.066405][ T7509] netlink: 'syz.0.543': attribute type 2 has an invalid length. [ 162.410200][ T7516] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 162.577019][ T7512] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 162.671285][ T7524] loop5: detected capacity change from 0 to 256 [ 162.693824][ T7524] exfat: Deprecated parameter 'utf8' [ 162.699162][ T7524] exfat: Deprecated parameter 'namecase' [ 162.711453][ T7512] ext4 filesystem being mounted at /92/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 162.741212][ T7524] exfat: Deprecated parameter 'utf8' [ 162.794006][ T7529] loop3: detected capacity change from 0 to 1024 [ 162.876410][ T7524] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 162.971122][ T971] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 162.972603][ T7512] EXT4-fs error (device loop2): ext4_get_first_dir_block:3536: inode #12: comm syz.2.542: directory missing '.' [ 163.051065][ T7512] EXT4-fs (loop2): Remounting filesystem read-only [ 163.155426][ T5847] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 163.171726][ T24] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 163.179355][ T971] usb 1-1: Using ep0 maxpacket: 16 [ 163.206625][ T971] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 163.234439][ T971] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 163.247379][ T7535] loop1: detected capacity change from 0 to 2048 [ 163.272883][ T971] usb 1-1: config 0 interface 0 has no altsetting 0 [ 163.280303][ T7539] netlink: 4 bytes leftover after parsing attributes in process `syz.5.553'. [ 163.300169][ T971] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 163.326786][ T7535] UDF-fs: error (device loop1): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 163.339445][ T971] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 163.368084][ T24] usb 5-1: Using ep0 maxpacket: 8 [ 163.380285][ T7535] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 163.395826][ T24] usb 5-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 163.412139][ T971] usb 1-1: config 0 descriptor?? [ 163.419189][ T7535] UDF-fs: Scanning with blocksize 512 failed [ 163.427298][ T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 163.458081][ T24] usb 5-1: Product: syz [ 163.468194][ T24] usb 5-1: Manufacturer: syz [ 163.491082][ T24] usb 5-1: SerialNumber: syz [ 163.511339][ T24] usb 5-1: config 0 descriptor?? [ 163.532520][ T7535] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 163.550728][ T24] gspca_main: sq930x-2.14.0 probing 2770:930c [ 164.065331][ T971] usb 1-1: USB disconnect, device number 6 [ 164.074232][ T7548] loop2: detected capacity change from 0 to 64 [ 164.367541][ T24] gspca_sq930x: ucbus_write failed -71 [ 164.590909][ T24] gspca_sq930x: Sensor ov9630 not yet treated [ 164.607343][ T24] sq930x 5-1:0.0: probe with driver sq930x failed with error -22 [ 164.653175][ T24] usb 5-1: USB disconnect, device number 3 [ 164.833996][ T7560] futex_wake_op: syz.0.563 tries to shift op by 32; fix this program [ 165.255425][ T7578] loop1: detected capacity change from 0 to 1024 [ 165.306751][ T7578] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e040e01c, mo2=0002] [ 165.343960][ T7578] System zones: 0-1, 3-36 [ 165.397230][ T7578] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 165.521002][ T7578] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. [ 165.895156][ T7606] loop3: detected capacity change from 0 to 64 [ 165.911989][ T5859] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 166.675264][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 166.766023][ T7596] loop0: detected capacity change from 0 to 32768 [ 166.794146][ T7626] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3) [ 166.800989][ T7626] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 166.838877][ T7596] XFS: attr2 mount option is deprecated. [ 166.869218][ T7626] vhci_hcd vhci_hcd.0: Device attached [ 166.908090][ T7596] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 166.950966][ T1203] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 167.000580][ T7596] XFS (loop0): Ending clean mount [ 167.021269][ T7596] XFS (loop0): Quotacheck needed: Please wait. [ 167.119078][ T1203] usb 4-1: Using ep0 maxpacket: 16 [ 167.124475][ T5940] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 167.132142][ T10] usb 43-1: new low-speed USB device number 2 using vhci_hcd [ 167.146047][ T7596] XFS (loop0): Quotacheck: Done. [ 167.146070][ T1203] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 167.170982][ T1203] usb 4-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 167.190274][ T1203] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 167.214442][ T1203] usb 4-1: config 0 descriptor?? [ 167.236028][ T1203] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input10 [ 167.290955][ T5940] usb 6-1: Using ep0 maxpacket: 16 [ 167.313460][ T5940] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 167.337223][ T5940] usb 6-1: config 0 has no interfaces? [ 167.350132][ T5940] usb 6-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 167.369542][ T5940] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 167.388037][ T5854] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 167.402617][ T5940] usb 6-1: config 0 descriptor?? [ 167.425733][ T1203] bcm5974 4-1:0.0: could not read from device [ 167.561504][ T1203] input: failed to attach handler mousedev to device input10, error: -5 [ 167.597619][ T1203] usb 4-1: USB disconnect, device number 4 [ 167.651119][ T7627] usb 43-1: recv xbuf, 0 [ 167.662573][ T3487] vhci_hcd: stop threads [ 167.667192][ T3487] vhci_hcd: release socket [ 167.672549][ T5940] usb 6-1: USB disconnect, device number 2 [ 167.691956][ T3487] vhci_hcd: disconnect device [ 167.732058][ T10] vhci_hcd: vhci_device speed not set [ 168.064848][ T7656] loop0: detected capacity change from 0 to 4096 [ 168.155660][ T7656] ntfs3(loop0): ino=5, "/" mi_enum_attr [ 168.463754][ T7669] netlink: 36 bytes leftover after parsing attributes in process `syz.0.603'. [ 168.621304][ T7674] netlink: 20 bytes leftover after parsing attributes in process `syz.1.605'. [ 168.716201][ T7678] loop3: detected capacity change from 0 to 512 [ 168.735633][ T7678] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 168.814495][ T7678] EXT4-fs (loop3): 1 truncate cleaned up [ 168.832874][ T7678] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 169.128914][ T7689] loop5: detected capacity change from 0 to 128 [ 169.197417][ T7689] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 169.266786][ T5856] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 169.292352][ T7685] loop2: detected capacity change from 0 to 32768 [ 169.325485][ T7685] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 169.333922][ T7685] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 169.382184][ T7658] loop4: detected capacity change from 0 to 32768 [ 169.391012][ T7685] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms [ 169.404038][ T5912] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 169.411475][ T5912] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 169.485717][ T7658] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 169.558207][ T5912] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 146ms [ 169.565969][ T5912] gfs2: fsid=syz:syz.0: jid=0: Done [ 169.573084][ T7685] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 169.700349][ T7685] gfs2: fsid=syz:syz.0: gfs2_check_dirent: gfs2_dirent too small (not first in block) [ 169.710706][ T7685] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error - inode = 12 2341, function = gfs2_dirent_scan, file = fs/gfs2/dir.c, line = 589 [ 169.725201][ T7685] gfs2: fsid=syz:syz.0: G: s:SH n:2/925 f:aqob t:SH d:EX/0 a:0 v:0 r:2 m:20 p:1 [ 169.735480][ T7685] gfs2: fsid=syz:syz.0: H: s:SH f:H e:0 p:7685 [syz.2.608] __gfs2_lookup+0x8f/0x270 [ 169.745871][ T7685] gfs2: fsid=syz:syz.0: I: n:12/2341 t:4 f:0x00 d:0x00000001 s:3864 p:0 [ 169.754695][ T7685] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 169.762150][ T7685] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount. [ 169.770960][ T7685] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0 [ 169.777575][ T7685] gfs2: fsid=syz:syz.0: File system withdrawn [ 169.784148][ T7685] CPU: 0 UID: 0 PID: 7685 Comm: syz.2.608 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 169.784179][ T7685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 169.784193][ T7685] Call Trace: [ 169.784202][ T7685] [ 169.784212][ T7685] dump_stack_lvl+0x189/0x250 [ 169.784253][ T7685] ? __pfx_dump_stack_lvl+0x10/0x10 [ 169.784284][ T7685] ? __pfx__printk+0x10/0x10 [ 169.784321][ T7685] ? kobject_uevent_env+0x36b/0x8c0 [ 169.784365][ T7685] gfs2_withdraw+0x111e/0x14f0 [ 169.784419][ T7685] ? __pfx_gfs2_withdraw+0x10/0x10 [ 169.784457][ T7685] ? __pfx__printk+0x10/0x10 [ 169.784499][ T7685] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.784532][ T7685] ? gfs2_consist_inode_i+0xf5/0x110 [ 169.784574][ T7685] gfs2_dirent_scan+0x545/0x690 [ 169.784619][ T7685] ? __pfx_gfs2_dirent_find+0x10/0x10 [ 169.784654][ T7685] ? __pfx_gfs2_dirent_find+0x10/0x10 [ 169.784689][ T7685] gfs2_dirent_search+0x2e0/0x7e0 [ 169.784726][ T7685] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.784754][ T7685] ? gfs2_permission+0x370/0x440 [ 169.784791][ T7685] ? __pfx___might_resched+0x10/0x10 [ 169.784822][ T7685] ? __pfx_gfs2_dirent_search+0x10/0x10 [ 169.784857][ T7685] ? __pfx_gfs2_permission+0x10/0x10 [ 169.784907][ T7685] gfs2_dir_search+0x4c/0x220 [ 169.784948][ T7685] gfs2_lookupi+0x3d9/0x5a0 [ 169.784993][ T7685] ? __pfx_gfs2_lookupi+0x10/0x10 [ 169.785029][ T7685] ? d_alloc_parallel+0x13d0/0x14e0 [ 169.785058][ T7685] ? __gfs2_lookup+0x8f/0x270 [ 169.785096][ T7685] ? d_alloc_parallel+0x2e0/0x14e0 [ 169.785119][ T7685] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.785148][ T7685] ? lockdep_unlock+0x89/0x120 [ 169.785184][ T7685] __gfs2_lookup+0x8f/0x270 [ 169.785228][ T7685] ? __pfx___gfs2_lookup+0x10/0x10 [ 169.785274][ T7685] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.785303][ T7685] ? __raw_spin_lock_init+0x45/0x100 [ 169.785342][ T7685] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.785371][ T7685] ? __init_waitqueue_head+0xa9/0x150 [ 169.785415][ T7685] __lookup_slow+0x297/0x3d0 [ 169.785442][ T7685] ? __pfx___lookup_slow+0x10/0x10 [ 169.785474][ T7685] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.785502][ T7685] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.785540][ T7685] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.785568][ T7685] ? down_read+0x1ad/0x2e0 [ 169.785600][ T7685] lookup_slow+0x53/0x70 [ 169.785630][ T7685] walk_component+0x2d2/0x400 [ 169.785666][ T7685] ? path_lookupat+0x156/0x430 [ 169.785709][ T7685] path_lookupat+0x163/0x430 [ 169.785758][ T7685] do_o_path+0x97/0x1f0 [ 169.785800][ T7685] ? __pfx_do_o_path+0x10/0x10 [ 169.785836][ T7685] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.785880][ T7685] path_openat+0x311f/0x3830 [ 169.785904][ T7685] ? arch_stack_walk+0xfc/0x150 [ 169.785957][ T7685] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.786001][ T7685] ? kasan_save_track+0x4f/0x80 [ 169.786027][ T7685] ? kasan_save_track+0x3e/0x80 [ 169.786054][ T7685] ? getname_flags+0xb8/0x540 [ 169.786090][ T7685] ? __pfx_path_openat+0x10/0x10 [ 169.786113][ T7685] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.786164][ T7685] do_filp_open+0x1fa/0x410 [ 169.786188][ T7685] ? __lock_acquire+0xab9/0xd20 [ 169.786217][ T7685] ? __pfx_do_filp_open+0x10/0x10 [ 169.786271][ T7685] ? _raw_spin_unlock+0x28/0x50 [ 169.786306][ T7685] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.786335][ T7685] ? alloc_fd+0x64c/0x6c0 [ 169.786382][ T7685] do_sys_openat2+0x121/0x1c0 [ 169.786422][ T7685] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.786451][ T7685] ? __se_sys_futex+0x36f/0x400 [ 169.786488][ T7685] ? __pfx_do_sys_openat2+0x10/0x10 [ 169.786537][ T7685] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.786566][ T7685] ? rcu_is_watching+0x15/0xb0 [ 169.786601][ T7685] __x64_sys_openat+0x138/0x170 [ 169.786654][ T7685] do_syscall_64+0xfa/0x3b0 [ 169.786678][ T7685] ? lockdep_hardirqs_on+0x9c/0x150 [ 169.786719][ T7685] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.786742][ T7685] ? srso_alias_return_thunk+0x5/0xfbef5 [ 169.786771][ T7685] ? exc_page_fault+0x9f/0xf0 [ 169.786814][ T7685] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.786838][ T7685] RIP: 0033:0x7ff42b18e929 [ 169.786859][ T7685] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 169.786880][ T7685] RSP: 002b:00007ff42c04e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 169.786905][ T7685] RAX: ffffffffffffffda RBX: 00007ff42b3b5fa0 RCX: 00007ff42b18e929 [ 169.786924][ T7685] RDX: 0000000000200002 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 169.786942][ T7685] RBP: 00007ff42b210b39 R08: 0000000000000000 R09: 0000000000000000 [ 169.786958][ T7685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 169.786972][ T7685] R13: 0000000000000000 R14: 00007ff42b3b5fa0 R15: 00007ffd36f6d158 [ 169.787010][ T7685] [ 169.816655][ T5850] ocfs2: Unmounting device (7,4) on (node local) [ 170.365232][ T7692] loop1: detected capacity change from 0 to 32768 [ 170.548360][ T7692] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 170.640066][ T7692] XFS (loop1): Ending clean mount [ 170.714480][ T7729] netlink: 44 bytes leftover after parsing attributes in process `syz.3.625'. [ 170.866948][ T5859] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 170.917971][ C1] hrtimer: interrupt took 15840 ns [ 171.058726][ T7740] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 171.058726][ T7740] The task syz.5.628 (7740) triggered the difference, watch for misbehavior. [ 171.379475][ T7751] loop4: detected capacity change from 0 to 64 [ 171.952349][ T7771] loop5: detected capacity change from 0 to 1024 [ 172.217067][ T7745] loop0: detected capacity change from 0 to 40427 [ 172.234985][ T7745] F2FS-fs (loop0): heap/no_heap options were deprecated [ 172.274980][ T7745] F2FS-fs (loop0): invalid crc value [ 172.520636][ T7792] program syz.2.648 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 172.637673][ T7745] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 172.842336][ T5854] syz-executor: attempt to access beyond end of device [ 172.842336][ T5854] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 172.888552][ T5854] CPU: 1 UID: 0 PID: 5854 Comm: syz-executor Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 172.888586][ T5854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 172.888601][ T5854] Call Trace: [ 172.888616][ T5854] [ 172.888627][ T5854] dump_stack_lvl+0x189/0x250 [ 172.888668][ T5854] ? __pfx_dump_stack_lvl+0x10/0x10 [ 172.888697][ T5854] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 172.888737][ T5854] ? __pfx_queue_work_on+0x10/0x10 [ 172.888770][ T5854] ? srso_alias_return_thunk+0x5/0xfbef5 [ 172.888799][ T5854] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 172.888838][ T5854] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 172.888879][ T5854] ? srso_alias_return_thunk+0x5/0xfbef5 [ 172.888907][ T5854] ? f2fs_hw_is_readonly+0x39b/0x470 [ 172.888952][ T5854] f2fs_handle_critical_error+0x37c/0x540 [ 172.889001][ T5854] f2fs_write_end_io+0x495/0x810 [ 172.889023][ T5854] ? blkg_put+0x22/0x240 [ 172.889079][ T5854] __submit_merged_bio+0x27a/0x6a0 [ 172.889127][ T5854] __submit_merged_write_cond+0x255/0x530 [ 172.889174][ T5854] f2fs_write_data_pages+0x261d/0x3000 [ 172.889267][ T5854] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 172.889374][ T5854] ? srso_alias_return_thunk+0x5/0xfbef5 [ 172.889418][ T5854] ? srso_alias_return_thunk+0x5/0xfbef5 [ 172.889447][ T5854] ? folios_put_refs+0x559/0x640 [ 172.889503][ T5854] ? __pfx_folios_put_refs+0x10/0x10 [ 172.889540][ T5854] ? rcu_is_watching+0x15/0xb0 [ 172.889584][ T5854] ? srso_alias_return_thunk+0x5/0xfbef5 [ 172.889617][ T5854] ? __lock_acquire+0xab9/0xd20 [ 172.889669][ T5854] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 172.889712][ T5854] do_writepages+0x32e/0x550 [ 172.889749][ T5854] ? srso_alias_return_thunk+0x5/0xfbef5 [ 172.889784][ T5854] ? srso_alias_return_thunk+0x5/0xfbef5 [ 172.889812][ T5854] ? do_raw_spin_unlock+0x122/0x240 [ 172.889857][ T5854] filemap_fdatawrite+0x191/0x230 [ 172.889888][ T5854] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 172.889983][ T5854] ? srso_alias_return_thunk+0x5/0xfbef5 [ 172.890016][ T5854] ? do_raw_spin_unlock+0x122/0x240 [ 172.890056][ T5854] f2fs_sync_dirty_inodes+0x31f/0x830 [ 172.890099][ T5854] f2fs_write_checkpoint+0x94a/0x1de0 [ 172.890154][ T5854] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 172.890239][ T5854] ? kill_f2fs_super+0x298/0x6c0 [ 172.890269][ T5854] kill_f2fs_super+0x2c3/0x6c0 [ 172.890301][ T5854] ? __pfx_kill_f2fs_super+0x10/0x10 [ 172.890321][ T5854] ? radix_tree_delete_item+0x2b6/0x400 [ 172.890366][ T5854] ? srso_alias_return_thunk+0x5/0xfbef5 [ 172.890391][ T5854] ? shrinker_free+0x2ce/0x3e0 [ 172.890430][ T5854] deactivate_locked_super+0xbc/0x130 [ 172.890456][ T5854] cleanup_mnt+0x425/0x4c0 [ 172.890493][ T5854] ? srso_alias_return_thunk+0x5/0xfbef5 [ 172.890518][ T5854] ? lockdep_hardirqs_on+0x9c/0x150 [ 172.890562][ T5854] task_work_run+0x1d4/0x260 [ 172.890602][ T5854] ? __pfx_task_work_run+0x10/0x10 [ 172.890639][ T5854] ? __x64_sys_umount+0x122/0x160 [ 172.890676][ T5854] ? exit_to_user_mode_loop+0x40/0x110 [ 172.890706][ T5854] exit_to_user_mode_loop+0xec/0x110 [ 172.890731][ T5854] do_syscall_64+0x2bd/0x3b0 [ 172.890752][ T5854] ? lockdep_hardirqs_on+0x9c/0x150 [ 172.890788][ T5854] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 172.890814][ T5854] ? srso_alias_return_thunk+0x5/0xfbef5 [ 172.890842][ T5854] ? exc_page_fault+0x9f/0xf0 [ 172.890882][ T5854] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 172.890903][ T5854] RIP: 0033:0x7f7ceff8fc57 [ 172.890923][ T5854] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 172.890940][ T5854] RSP: 002b:00007fff36d111a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 172.890962][ T5854] RAX: 0000000000000000 RBX: 00007f7cf0010925 RCX: 00007f7ceff8fc57 [ 172.890977][ T5854] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff36d11260 [ 172.890991][ T5854] RBP: 00007fff36d11260 R08: 0000000000000000 R09: 0000000000000000 [ 172.891004][ T5854] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff36d122f0 [ 172.891019][ T5854] R13: 00007f7cf0010925 R14: 000000000002a2ba R15: 00007fff36d12330 [ 172.891057][ T5854] [ 173.317085][ T5854] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 173.417761][ T7811] loop4: detected capacity change from 0 to 4096 [ 173.460588][ T7805] netlink: 'syz.1.656': attribute type 10 has an invalid length. [ 173.552319][ T7805] team0: Port device geneve1 added [ 173.688994][ T7815] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 173.772012][ T7817] loop4: detected capacity change from 0 to 1024 [ 173.913163][ T5973] hfsplus: b-tree write err: -5, ino 4 [ 174.300608][ T30] audit: type=1326 audit(1752657970.179:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7837 comm="syz.2.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff42b18e929 code=0x7ffc0000 [ 174.400890][ T30] audit: type=1326 audit(1752657970.209:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7837 comm="syz.2.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=292 compat=0 ip=0x7ff42b18e929 code=0x7ffc0000 [ 174.422969][ C1] vkms_vblank_simulate: vblank timer overrun [ 174.493920][ T30] audit: type=1326 audit(1752657970.209:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7837 comm="syz.2.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff42b18e929 code=0x7ffc0000 [ 174.555045][ T30] audit: type=1326 audit(1752657970.429:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7842 comm="syz.0.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7ceff858e7 code=0x7ffc0000 [ 174.601709][ T7845] loop2: detected capacity change from 0 to 256 [ 174.661975][ T30] audit: type=1326 audit(1752657970.429:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7842 comm="syz.0.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7ceff2ab19 code=0x7ffc0000 [ 174.736690][ T30] audit: type=1326 audit(1752657970.429:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7842 comm="syz.0.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7ceff858e7 code=0x7ffc0000 [ 174.866459][ T30] audit: type=1326 audit(1752657970.429:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7842 comm="syz.0.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7ceff2ab19 code=0x7ffc0000 [ 174.888451][ C1] vkms_vblank_simulate: vblank timer overrun [ 175.074396][ T30] audit: type=1326 audit(1752657970.429:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7842 comm="syz.0.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7ceff858e7 code=0x7ffc0000 [ 175.096559][ T30] audit: type=1326 audit(1752657970.429:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7842 comm="syz.0.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7ceff2ab19 code=0x7ffc0000 [ 175.145961][ T30] audit: type=1326 audit(1752657970.429:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7842 comm="syz.0.670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7ceff858e7 code=0x7ffc0000 [ 175.184484][ T7852] loop3: detected capacity change from 0 to 4096 [ 175.218292][ T7852] EXT4-fs: Ignoring removed orlov option [ 175.234970][ T7858] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22 [ 175.252861][ T7862] Zero length message leads to an empty skb [ 175.285663][ T7858] netdevsim netdevsim4: Direct firmware load for . failed with error -22 [ 175.320926][ T7858] netdevsim netdevsim4: Falling back to sysfs fallback for: . [ 175.409779][ T7871] loop1: detected capacity change from 0 to 1024 [ 175.469570][ T7871] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 175.521088][ T7871] ext4 filesystem being mounted at /124/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 175.533083][ T7852] EXT4-fs: Ignoring removed nobh option [ 175.560683][ T7852] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 175.605833][ T7852] EXT4-fs (loop3): Test dummy encryption mode enabled [ 175.678565][ T7852] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 175.794219][ T7886] loop5: detected capacity change from 0 to 1024 [ 175.858931][ T5859] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 175.925986][ T7886] syz.5.686: attempt to access beyond end of device [ 175.925986][ T7886] loop5: rw=0, sector=201326592, nr_sectors = 2 limit=1024 [ 175.973008][ T7886] Buffer I/O error on dev loop5, logical block 100663296, async page read [ 175.985213][ T7886] syz.5.686: attempt to access beyond end of device [ 175.985213][ T7886] loop5: rw=0, sector=201326592, nr_sectors = 2 limit=1024 [ 176.000706][ T7886] Buffer I/O error on dev loop5, logical block 100663296, async page read [ 176.013688][ T5856] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 176.036453][ T7896] loop1: detected capacity change from 0 to 2048 [ 176.074520][ T7897] syz.5.686: attempt to access beyond end of device [ 176.074520][ T7897] loop5: rw=0, sector=201326592, nr_sectors = 2 limit=1024 [ 176.126663][ T7899] loop4: detected capacity change from 0 to 16 [ 176.144622][ T7896] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 176.170233][ T7897] Buffer I/O error on dev loop5, logical block 100663296, async page read [ 176.198057][ T7897] syz.5.686: attempt to access beyond end of device [ 176.198057][ T7897] loop5: rw=0, sector=201326592, nr_sectors = 2 limit=1024 [ 176.218183][ T7897] Buffer I/O error on dev loop5, logical block 100663296, async page read [ 176.537507][ T971] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 176.557607][ T7914] loop5: detected capacity change from 0 to 1024 [ 176.568896][ T971] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 176.899123][ T7933] netlink: 'syz.4.708': attribute type 21 has an invalid length. [ 176.943511][ T7933] netlink: 'syz.4.708': attribute type 1 has an invalid length. [ 177.080932][ T7787] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 177.097977][ T7940] loop4: detected capacity change from 0 to 64 [ 177.146249][ T7939] loop0: detected capacity change from 0 to 4096 [ 177.180429][ T7941] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 177.245133][ T7787] usb 6-1: config 0 has an invalid interface number: 186 but max is 1 [ 177.262043][ T7787] usb 6-1: config 0 has no interface number 1 [ 177.293970][ T7787] usb 6-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice=e5.83 [ 177.321124][ T7787] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 177.329128][ T7787] usb 6-1: Product: syz [ 177.360130][ T7943] loop4: detected capacity change from 0 to 512 [ 177.370943][ T7787] usb 6-1: Manufacturer: syz [ 177.375555][ T7787] usb 6-1: SerialNumber: syz [ 177.411575][ T7943] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 177.431209][ T7927] loop1: detected capacity change from 0 to 40427 [ 177.432439][ T7787] usb 6-1: config 0 descriptor?? [ 177.459153][ T7927] F2FS-fs (loop1): build fault injection rate: 693 [ 177.494027][ T7943] EXT4-fs (loop4): 1 truncate cleaned up [ 177.495133][ T7927] F2FS-fs (loop1): Image doesn't support compression [ 177.515702][ T7943] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 177.539385][ T7927] F2FS-fs (loop1): invalid crc value [ 177.548848][ T7948] loop0: detected capacity change from 0 to 2048 [ 177.585271][ T7948] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 177.646664][ T7954] Bluetooth: MGMT ver 1.23 [ 177.693675][ T9] usb 6-1: USB disconnect, device number 3 [ 177.724879][ T7927] F2FS-fs (loop1): Start checkpoint disabled! [ 177.755690][ T7927] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 177.860435][ T7927] F2FS-fs (loop1): access invalid blkaddr:4043309056 [ 177.884690][ T7927] CPU: 0 UID: 0 PID: 7927 Comm: syz.1.705 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 177.884724][ T7927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 177.884740][ T7927] Call Trace: [ 177.884749][ T7927] [ 177.884760][ T7927] dump_stack_lvl+0x189/0x250 [ 177.884800][ T7927] ? __pfx_dump_stack_lvl+0x10/0x10 [ 177.884833][ T7927] ? __pfx_f2fs_get_dnode_of_data+0x10/0x10 [ 177.884868][ T7927] ? srso_alias_return_thunk+0x5/0xfbef5 [ 177.884898][ T7927] ? stack_depot_save_flags+0x429/0x900 [ 177.884948][ T7927] __f2fs_is_valid_blkaddr+0xe52/0x14f0 [ 177.884989][ T7927] ? srso_alias_return_thunk+0x5/0xfbef5 [ 177.885028][ T7927] f2fs_map_blocks+0xd93/0x4510 [ 177.885127][ T7927] ? __pfx_f2fs_map_blocks+0x10/0x10 [ 177.885168][ T7927] ? xa_load+0x60/0x210 [ 177.885198][ T7927] ? srso_alias_return_thunk+0x5/0xfbef5 [ 177.885240][ T7927] ? srso_alias_return_thunk+0x5/0xfbef5 [ 177.885268][ T7927] ? xa_load+0x1ea/0x210 [ 177.885306][ T7927] f2fs_mpage_readpages+0xd16/0x1a30 [ 177.885332][ T7927] ? __pfx_css_rstat_updated+0x10/0x10 [ 177.885400][ T7927] ? __pfx_f2fs_mpage_readpages+0x10/0x10 [ 177.885456][ T7927] ? srso_alias_return_thunk+0x5/0xfbef5 [ 177.885485][ T7927] ? f2fs_readahead+0x177/0x330 [ 177.885530][ T7927] read_pages+0x17a/0x580 [ 177.885573][ T7927] ? __pfx_read_pages+0x10/0x10 [ 177.885617][ T7927] ? filemap_add_folio+0x1af/0x270 [ 177.885658][ T7927] page_cache_ra_unbounded+0x6b0/0x7b0 [ 177.885722][ T7927] f2fs_readdir+0x49b/0xa60 [ 177.885775][ T7927] ? __pfx_f2fs_readdir+0x10/0x10 [ 177.885808][ T7927] ? srso_alias_return_thunk+0x5/0xfbef5 [ 177.885837][ T7927] ? end_current_label_crit_section+0x152/0x180 [ 177.885883][ T7927] ? iterate_dir+0x49f/0x770 [ 177.885909][ T7927] ? srso_alias_return_thunk+0x5/0xfbef5 [ 177.885938][ T7927] ? down_read_killable+0x1d1/0x350 [ 177.885967][ T7927] ? srso_alias_return_thunk+0x5/0xfbef5 [ 177.886002][ T7927] iterate_dir+0x5af/0x770 [ 177.886038][ T7927] __se_sys_getdents64+0xe4/0x260 [ 177.886071][ T7927] ? __pfx___se_sys_getdents64+0x10/0x10 [ 177.886099][ T7927] ? __pfx_filldir64+0x10/0x10 [ 177.886131][ T7927] ? srso_alias_return_thunk+0x5/0xfbef5 [ 177.886159][ T7927] ? rcu_is_watching+0x15/0xb0 [ 177.886197][ T7927] ? do_syscall_64+0xbe/0x3b0 [ 177.886229][ T7927] do_syscall_64+0xfa/0x3b0 [ 177.886253][ T7927] ? lockdep_hardirqs_on+0x9c/0x150 [ 177.886293][ T7927] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 177.886317][ T7927] ? srso_alias_return_thunk+0x5/0xfbef5 [ 177.886345][ T7927] ? exc_page_fault+0x9f/0xf0 [ 177.886393][ T7927] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 177.886418][ T7927] RIP: 0033:0x7fcb53b8e929 [ 177.886439][ T7927] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 177.886460][ T7927] RSP: 002b:00007fcb54a09038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9 [ 177.886485][ T7927] RAX: ffffffffffffffda RBX: 00007fcb53db5fa0 RCX: 00007fcb53b8e929 [ 177.886505][ T7927] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005 [ 177.886519][ T7927] RBP: 00007fcb53c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 177.886535][ T7927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 177.886551][ T7927] R13: 0000000000000000 R14: 00007fcb53db5fa0 R15: 00007ffdf828cbc8 [ 177.886590][ T7927] [ 178.277532][ T7927] syz.1.705: attempt to access beyond end of device [ 178.277532][ T7927] loop1: rw=524288, sector=45064, nr_sectors = 8 limit=40427 [ 178.331650][ T7927] syz.1.705: attempt to access beyond end of device [ 178.331650][ T7927] loop1: rw=0, sector=45064, nr_sectors = 8 limit=40427 [ 178.468941][ T7960] loop0: detected capacity change from 0 to 32768 [ 178.480490][ T5850] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 178.482511][ T7960] (syz.0.717,7960,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 178.503397][ T7960] (syz.0.717,7960,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 178.536073][ T7947] loop2: detected capacity change from 0 to 32768 [ 178.555888][ T7947] XFS: attr2 mount option is deprecated. [ 178.564690][ T5973] kworker/u8:9: attempt to access beyond end of device [ 178.564690][ T5973] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 178.597599][ T5973] CPU: 1 UID: 0 PID: 5973 Comm: kworker/u8:9 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 178.597631][ T5973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 178.597646][ T5973] Workqueue: writeback wb_workfn (flush-7:1) [ 178.597693][ T5973] Call Trace: [ 178.597703][ T5973] [ 178.597713][ T5973] dump_stack_lvl+0x189/0x250 [ 178.597752][ T5973] ? __pfx_dump_stack_lvl+0x10/0x10 [ 178.597781][ T5973] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 178.597821][ T5973] ? __pfx_queue_work_on+0x10/0x10 [ 178.597855][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 178.597885][ T5973] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 178.597924][ T5973] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 178.597963][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 178.597992][ T5973] ? f2fs_hw_is_readonly+0x39b/0x470 [ 178.598037][ T5973] f2fs_handle_critical_error+0x37c/0x540 [ 178.598084][ T5973] f2fs_write_end_io+0x495/0x810 [ 178.598107][ T5973] ? blkg_put+0x22/0x240 [ 178.598162][ T5973] __submit_merged_bio+0x27a/0x6a0 [ 178.598197][ T5973] ? up_write+0x1c4/0x420 [ 178.598240][ T5973] __submit_merged_write_cond+0x44c/0x530 [ 178.598288][ T5973] f2fs_sync_node_pages+0x1869/0x1a00 [ 178.598321][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 178.598392][ T5973] ? __pfx_f2fs_sync_node_pages+0x10/0x10 [ 178.598427][ T5973] ? __percpu_counter_sum+0x1c2/0x1e0 [ 178.598514][ T5973] ? rcu_is_watching+0x15/0xb0 [ 178.598544][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 178.598573][ T5973] ? blk_start_plug+0x52/0x1b0 [ 178.598603][ T5973] f2fs_write_node_pages+0x303/0x6e0 [ 178.598648][ T5973] ? __pfx_f2fs_write_node_pages+0x10/0x10 [ 178.598698][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 178.598728][ T5973] ? rcu_is_watching+0x15/0xb0 [ 178.598762][ T5973] ? __pfx_f2fs_write_node_pages+0x10/0x10 [ 178.598799][ T5973] do_writepages+0x32e/0x550 [ 178.598837][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 178.598865][ T5973] ? reacquire_held_locks+0x127/0x1d0 [ 178.598896][ T5973] ? writeback_sb_inodes+0x372/0x1000 [ 178.598939][ T5973] __writeback_single_inode+0x145/0xff0 [ 178.598968][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 178.598996][ T5973] ? do_raw_spin_unlock+0x122/0x240 [ 178.599041][ T5973] writeback_sb_inodes+0x6b5/0x1000 [ 178.599069][ T5973] ? lockdep_hardirqs_on+0x9c/0x150 [ 178.599118][ T5973] ? rcu_is_watching+0x15/0xb0 [ 178.599153][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 178.599201][ T5973] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 178.599292][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 178.599320][ T5973] ? rcu_is_watching+0x15/0xb0 [ 178.599351][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 178.599399][ T5973] wb_writeback+0x43b/0xaf0 [ 178.599440][ T5973] ? queue_io+0x3b1/0x590 [ 178.599474][ T5973] ? __pfx_wb_writeback+0x10/0x10 [ 178.599516][ T5973] ? _raw_spin_unlock_irq+0x23/0x50 [ 178.599563][ T5973] wb_workfn+0x409/0xef0 [ 178.599626][ T5973] ? __pfx_wb_workfn+0x10/0x10 [ 178.599674][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 178.599702][ T5973] ? __lock_acquire+0xab9/0xd20 [ 178.599746][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 178.599779][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 178.599814][ T5973] ? _raw_spin_unlock_irq+0x23/0x50 [ 178.599850][ T5973] ? process_scheduled_works+0x9ef/0x17b0 [ 178.599879][ T5973] ? process_scheduled_works+0x9ef/0x17b0 [ 178.599913][ T5973] process_scheduled_works+0xae1/0x17b0 [ 178.599989][ T5973] ? __pfx_process_scheduled_works+0x10/0x10 [ 178.600031][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 178.600078][ T5973] worker_thread+0x8a0/0xda0 [ 178.600114][ T5973] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 178.600166][ T5973] ? __kthread_parkme+0x7b/0x200 [ 178.600215][ T5973] kthread+0x711/0x8a0 [ 178.600262][ T5973] ? __pfx_worker_thread+0x10/0x10 [ 178.600293][ T5973] ? __pfx_kthread+0x10/0x10 [ 178.600326][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 178.600368][ T5973] ? _raw_spin_unlock_irq+0x23/0x50 [ 178.600404][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 178.600432][ T5973] ? lockdep_hardirqs_on+0x9c/0x150 [ 178.600469][ T5973] ? __pfx_kthread+0x10/0x10 [ 178.600509][ T5973] ret_from_fork+0x3fc/0x770 [ 178.600542][ T5973] ? __pfx_ret_from_fork+0x10/0x10 [ 178.600579][ T5973] ? __switch_to_asm+0x39/0x70 [ 178.600613][ T5973] ? __switch_to_asm+0x33/0x70 [ 178.600646][ T5973] ? __pfx_kthread+0x10/0x10 [ 178.600685][ T5973] ret_from_fork_asm+0x1a/0x30 [ 178.600745][ T5973] [ 179.028690][ C1] vkms_vblank_simulate: vblank timer overrun [ 179.037358][ T7960] JBD2: Ignoring recovery information on journal [ 179.102122][ T5973] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 179.109140][ T5973] CPU: 0 UID: 0 PID: 5973 Comm: kworker/u8:9 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 179.109172][ T5973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 179.109189][ T5973] Workqueue: writeback wb_workfn (flush-7:1) [ 179.109236][ T5973] Call Trace: [ 179.109246][ T5973] [ 179.109256][ T5973] dump_stack_lvl+0x189/0x250 [ 179.109294][ T5973] ? __pfx_dump_stack_lvl+0x10/0x10 [ 179.109322][ T5973] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 179.109369][ T5973] ? __pfx_queue_work_on+0x10/0x10 [ 179.109403][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 179.109432][ T5973] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 179.109471][ T5973] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 179.109510][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 179.109539][ T5973] ? f2fs_hw_is_readonly+0x39b/0x470 [ 179.109582][ T5973] f2fs_handle_critical_error+0x37c/0x540 [ 179.109627][ T5973] f2fs_write_end_io+0x495/0x810 [ 179.109671][ T5973] __submit_merged_bio+0x27a/0x6a0 [ 179.109704][ T5973] ? up_write+0x1c4/0x420 [ 179.109745][ T5973] __submit_merged_write_cond+0x44c/0x530 [ 179.109789][ T5973] f2fs_sync_node_pages+0x1869/0x1a00 [ 179.109823][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 179.109880][ T5973] ? __pfx_f2fs_sync_node_pages+0x10/0x10 [ 179.109915][ T5973] ? __percpu_counter_sum+0x1c2/0x1e0 [ 179.109991][ T5973] ? rcu_is_watching+0x15/0xb0 [ 179.110020][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 179.110049][ T5973] ? blk_start_plug+0x52/0x1b0 [ 179.110078][ T5973] f2fs_write_node_pages+0x303/0x6e0 [ 179.110120][ T5973] ? __pfx_f2fs_write_node_pages+0x10/0x10 [ 179.110166][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 179.110195][ T5973] ? rcu_is_watching+0x15/0xb0 [ 179.110227][ T5973] ? __pfx_f2fs_write_node_pages+0x10/0x10 [ 179.110263][ T5973] do_writepages+0x32e/0x550 [ 179.110297][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 179.110326][ T5973] ? reacquire_held_locks+0x127/0x1d0 [ 179.110357][ T5973] ? writeback_sb_inodes+0x372/0x1000 [ 179.110402][ T5973] __writeback_single_inode+0x145/0xff0 [ 179.110430][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 179.110459][ T5973] ? do_raw_spin_unlock+0x122/0x240 [ 179.110502][ T5973] writeback_sb_inodes+0x6b5/0x1000 [ 179.110529][ T5973] ? lockdep_hardirqs_on+0x9c/0x150 [ 179.110577][ T5973] ? rcu_is_watching+0x15/0xb0 [ 179.110610][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 179.110654][ T5973] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 179.110732][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 179.110760][ T5973] ? rcu_is_watching+0x15/0xb0 [ 179.110790][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 179.110834][ T5973] wb_writeback+0x43b/0xaf0 [ 179.110872][ T5973] ? queue_io+0x3b1/0x590 [ 179.110904][ T5973] ? __pfx_wb_writeback+0x10/0x10 [ 179.110943][ T5973] ? _raw_spin_unlock_irq+0x23/0x50 [ 179.110987][ T5973] wb_workfn+0x409/0xef0 [ 179.111047][ T5973] ? __pfx_wb_workfn+0x10/0x10 [ 179.111092][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 179.111120][ T5973] ? __lock_acquire+0xab9/0xd20 [ 179.111160][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 179.111192][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 179.111226][ T5973] ? _raw_spin_unlock_irq+0x23/0x50 [ 179.111262][ T5973] ? process_scheduled_works+0x9ef/0x17b0 [ 179.111292][ T5973] ? process_scheduled_works+0x9ef/0x17b0 [ 179.111323][ T5973] process_scheduled_works+0xae1/0x17b0 [ 179.111394][ T5973] ? __pfx_process_scheduled_works+0x10/0x10 [ 179.111434][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 179.111474][ T5973] worker_thread+0x8a0/0xda0 [ 179.111509][ T5973] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 179.111558][ T5973] ? __kthread_parkme+0x7b/0x200 [ 179.111603][ T5973] kthread+0x711/0x8a0 [ 179.111643][ T5973] ? __pfx_worker_thread+0x10/0x10 [ 179.111673][ T5973] ? __pfx_kthread+0x10/0x10 [ 179.111707][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 179.111741][ T5973] ? _raw_spin_unlock_irq+0x23/0x50 [ 179.111776][ T5973] ? srso_alias_return_thunk+0x5/0xfbef5 [ 179.111804][ T5973] ? lockdep_hardirqs_on+0x9c/0x150 [ 179.111842][ T5973] ? __pfx_kthread+0x10/0x10 [ 179.111880][ T5973] ret_from_fork+0x3fc/0x770 [ 179.111912][ T5973] ? __pfx_ret_from_fork+0x10/0x10 [ 179.111948][ T5973] ? __switch_to_asm+0x39/0x70 [ 179.111981][ T5973] ? __switch_to_asm+0x33/0x70 [ 179.112014][ T5973] ? __pfx_kthread+0x10/0x10 [ 179.112053][ T5973] ret_from_fork_asm+0x1a/0x30 [ 179.112108][ T5973] [ 179.573966][ T5973] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 179.619419][ T7960] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 179.677579][ T7947] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 179.719315][ T7980] netlink: 32 bytes leftover after parsing attributes in process `syz.3.723'. [ 179.743541][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 179.751991][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 180.039539][ T7947] XFS (loop2): Ending clean mount [ 180.111253][ T30] kauditd_printk_skb: 28 callbacks suppressed [ 180.111274][ T30] audit: type=1326 audit(1752657975.999:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7985 comm="syz.1.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb53b8e929 code=0x7ffc0000 [ 180.130866][ T7960] (syz.0.717,7960,1):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options [ 180.140583][ T30] audit: type=1326 audit(1752657975.999:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7985 comm="syz.1.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=256 compat=0 ip=0x7fcb53b8e929 code=0x7ffc0000 [ 180.198842][ T30] audit: type=1326 audit(1752657976.079:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7985 comm="syz.1.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb53b8e929 code=0x7ffc0000 [ 180.295620][ T30] audit: type=1326 audit(1752657976.079:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7985 comm="syz.1.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb53b8e929 code=0x7ffc0000 [ 180.358573][ T5847] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 180.466871][ T5854] ocfs2: Unmounting device (7,0) on (node local) [ 180.514268][ T8001] loop3: detected capacity change from 0 to 512 [ 180.593812][ T8001] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.733: bg 0: block 248: padding at end of block bitmap is not set [ 180.730654][ T8001] Quota error (device loop3): write_blk: dquota write failed [ 180.741856][ T7998] netlink: 8 bytes leftover after parsing attributes in process `syz.1.732'. [ 180.762852][ T7998] bridge0: port 2(bridge_slave_1) entered learning state [ 180.774197][ T7998] bridge0: port 2(bridge_slave_1) entered disabled state [ 180.790306][ T8001] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 180.802790][ T8001] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.733: Failed to acquire dquot type 1 [ 180.846859][ T8009] bridge0: entered promiscuous mode [ 180.864539][ T8001] EXT4-fs (loop3): 1 truncate cleaned up [ 180.871388][ T8009] bridge0: port 3(macvlan2) entered blocking state [ 180.901248][ T8009] bridge0: port 3(macvlan2) entered disabled state [ 180.909195][ T8001] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 180.953995][ T8009] macvlan2: entered allmulticast mode [ 180.973741][ T8009] bridge0: entered allmulticast mode [ 180.992210][ T8001] ext4 filesystem being mounted at /128/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 181.054161][ T8001] EXT4-fs (loop3): shut down requested (2) [ 181.082214][ T8009] macvlan2: left allmulticast mode [ 181.094549][ T8009] bridge0: left allmulticast mode [ 181.108922][ T8009] bridge0: left promiscuous mode [ 181.196769][ T5856] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 239.649028][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 286.400792][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 286.407767][ C1] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P5850/1:b..l [ 286.416200][ C1] rcu: (detected by 1, t=10503 jiffies, g=20937, q=339 ncpus=2) [ 286.423924][ C1] task:syz-executor state:R running task stack:18792 pid:5850 tgid:5850 ppid:5843 task_flags:0x400140 flags:0x00004000 [ 286.438279][ C1] Call Trace: [ 286.441563][ C1] [ 286.444503][ C1] __schedule+0x16f5/0x4d00 [ 286.449040][ C1] ? look_up_lock_class+0x74/0x170 [ 286.454179][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.459826][ C1] ? register_lock_class+0x51/0x320 [ 286.465037][ C1] ? preempt_schedule_common+0x83/0xd0 [ 286.470530][ C1] ? __pfx___schedule+0x10/0x10 [ 286.475416][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.481090][ C1] ? do_raw_spin_lock+0x121/0x290 [ 286.486145][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.491797][ C1] ? preempt_schedule+0xae/0xc0 [ 286.496671][ C1] preempt_schedule_common+0x83/0xd0 [ 286.501977][ C1] preempt_schedule+0xae/0xc0 [ 286.506673][ C1] ? __pfx_preempt_schedule+0x10/0x10 [ 286.512064][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.517727][ C1] preempt_schedule_thunk+0x16/0x30 [ 286.522947][ C1] _raw_spin_unlock+0x3f/0x50 [ 286.527646][ C1] ? copy_pmd_range+0x66f1/0x7000 [ 286.532680][ C1] copy_pmd_range+0x6727/0x7000 [ 286.537571][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.543224][ C1] ? stack_depot_save_flags+0x40/0x900 [ 286.548715][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.554371][ C1] ? __pfx_copy_pmd_range+0x10/0x10 [ 286.559591][ C1] ? copy_page_range+0x28f/0x1270 [ 286.564651][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.570302][ C1] copy_page_range+0xc46/0x1270 [ 286.575170][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.580813][ C1] ? __lock_acquire+0xab9/0xd20 [ 286.585705][ C1] ? __pfx_copy_page_range+0x10/0x10 [ 286.591011][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.596673][ C1] ? up_write+0x1c4/0x420 [ 286.601015][ C1] ? __pfx_vma_interval_tree_augment_rotate+0x10/0x10 [ 286.607806][ C1] dup_mmap+0xf57/0x1ac0 [ 286.612092][ C1] ? __pfx_dup_mmap+0x10/0x10 [ 286.616796][ C1] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 286.622701][ C1] ? mm_init+0xce1/0xf10 [ 286.626959][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.632607][ C1] copy_mm+0x13c/0x4b0 [ 286.636696][ C1] ? copy_process+0x978/0x3b80 [ 286.641470][ C1] copy_process+0x16d3/0x3b80 [ 286.646170][ C1] ? copy_process+0x978/0x3b80 [ 286.650964][ C1] ? __pfx_copy_process+0x10/0x10 [ 286.656018][ C1] kernel_clone+0x21e/0x870 [ 286.660544][ C1] ? __pfx_kernel_clone+0x10/0x10 [ 286.665607][ C1] __x64_sys_clone+0x18b/0x1e0 [ 286.670394][ C1] ? count_memcg_event_mm+0x21/0x260 [ 286.675692][ C1] ? __pfx___x64_sys_clone+0x10/0x10 [ 286.681015][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.686655][ C1] ? do_user_addr_fault+0xc8a/0x1390 [ 286.691952][ C1] ? do_syscall_64+0xbe/0x3b0 [ 286.696647][ C1] do_syscall_64+0xfa/0x3b0 [ 286.701157][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 286.706377][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.712447][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.718088][ C1] ? exc_page_fault+0x9f/0xf0 [ 286.722788][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.728690][ C1] RIP: 0033:0x7fefd3d85193 [ 286.733114][ C1] RSP: 002b:00007ffe128ca228 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 286.741541][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fefd3d85193 [ 286.749540][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 286.757513][ C1] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001 [ 286.765487][ C1] R10: 00005555894857d0 R11: 0000000000000246 R12: 0000000000000000 [ 286.773463][ C1] R13: 00000000000927c0 R14: 000000000002c3f8 R15: 00007ffe128ca3c0 [ 286.781456][ C1] [ 286.784478][ C1] rcu: rcu_preempt kthread timer wakeup didn't happen for 10502 jiffies! g20937 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 [ 286.796813][ C1] rcu: Possible timer handling issue on cpu=0 timer-softirq=9920 [ 286.804617][ C1] rcu: rcu_preempt kthread starved for 10503 jiffies! g20937 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0 [ 286.815993][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 286.825958][ C1] rcu: RCU grace-period kthread stack dump: [ 286.831839][ C1] task:rcu_preempt state:I stack:27128 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00004000 [ 286.843786][ C1] Call Trace: [ 286.847063][ C1] [ 286.850000][ C1] __schedule+0x16f5/0x4d00 [ 286.854537][ C1] ? do_raw_spin_unlock+0x122/0x240 [ 286.859769][ C1] ? schedule+0x165/0x360 [ 286.864120][ C1] ? __lock_acquire+0xab9/0xd20 [ 286.868982][ C1] ? __pfx___schedule+0x10/0x10 [ 286.873865][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.879510][ C1] ? schedule+0x91/0x360 [ 286.883774][ C1] schedule+0x165/0x360 [ 286.887952][ C1] schedule_timeout+0x12b/0x270 [ 286.892819][ C1] ? __pfx_schedule_timeout+0x10/0x10 [ 286.898205][ C1] ? __pfx_process_timeout+0x10/0x10 [ 286.903509][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.909155][ C1] ? prepare_to_swait_event+0x341/0x380 [ 286.914726][ C1] rcu_gp_fqs_loop+0x301/0x1540 [ 286.919599][ C1] ? __pfx_rcu_gp_init+0x10/0x10 [ 286.924557][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 286.929782][ C1] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 286.935071][ C1] ? _raw_spin_unlock_irq+0x2e/0x50 [ 286.940295][ C1] ? finish_swait+0xcd/0x1f0 [ 286.944907][ C1] rcu_gp_kthread+0x99/0x390 [ 286.949509][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 286.954716][ C1] ? __kthread_parkme+0x7b/0x200 [ 286.959665][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.965308][ C1] ? __kthread_parkme+0x1a1/0x200 [ 286.970355][ C1] kthread+0x711/0x8a0 [ 286.974446][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 286.979651][ C1] ? __pfx_kthread+0x10/0x10 [ 286.984256][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 286.989903][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 286.995117][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.000759][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 287.005974][ C1] ? __pfx_kthread+0x10/0x10 [ 287.010583][ C1] ret_from_fork+0x3fc/0x770 [ 287.015191][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 287.020319][ C1] ? __switch_to_asm+0x39/0x70 [ 287.025099][ C1] ? __switch_to_asm+0x33/0x70 [ 287.029875][ C1] ? __pfx_kthread+0x10/0x10 [ 287.034485][ C1] ret_from_fork_asm+0x1a/0x30 [ 287.039290][ C1] [ 287.042308][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 287.048631][ C1] Sending NMI from CPU 1 to CPUs 0: [ 287.053838][ C0] NMI backtrace for cpu 0 [ 287.053854][ C0] CPU: 0 UID: 0 PID: 8018 Comm: syz.2.729 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 287.053881][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 287.053894][ C0] RIP: 0010:mark_lock+0x5/0x190 [ 287.053921][ C0] Code: 24 e9 b0 fd ff ff 66 66 66 66 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 55 41 57 41 56 <41> 55 41 54 53 8b 46 20 89 c1 81 e1 00 00 03 00 83 f9 01 bb 09 00 [ 287.053940][ C0] RSP: 0018:ffffc90000007ab0 EFLAGS: 00000006 [ 287.053958][ C0] RAX: 00000000000c4000 RBX: 0000000000000003 RCX: ffffffff934902f0 [ 287.053974][ C0] RDX: 0000000000000008 RSI: ffff888056a6e568 RDI: ffff888056a6da00 [ 287.053990][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff84c801ea [ 287.054005][ C0] R10: dffffc0000000000 R11: fffff52000000f98 R12: 0000000000000002 [ 287.054021][ C0] R13: 0000000000000002 R14: ffff888056a6e568 R15: 0000000000000000 [ 287.054038][ C0] FS: 00007ff42c04e6c0(0000) GS:ffff888125c1b000(0000) knlGS:0000000000000000 [ 287.054057][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 287.054072][ C0] CR2: 00007f9ee6fe9328 CR3: 0000000027b79000 CR4: 0000000000350ef0 [ 287.054090][ C0] Call Trace: [ 287.054099][ C0] [ 287.054109][ C0] __lock_acquire+0x6a8/0xd20 [ 287.054137][ C0] ? debug_object_deactivate+0x9a/0x250 [ 287.054167][ C0] lock_acquire+0x120/0x360 [ 287.054188][ C0] ? debug_object_deactivate+0x9a/0x250 [ 287.054222][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.054248][ C0] ? do_raw_spin_unlock+0x122/0x240 [ 287.054285][ C0] _raw_spin_lock_irqsave+0xa7/0xf0 [ 287.054318][ C0] ? debug_object_deactivate+0x9a/0x250 [ 287.054347][ C0] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 287.054392][ C0] debug_object_deactivate+0x9a/0x250 [ 287.054428][ C0] debug_deactivate+0x1d/0x200 [ 287.054457][ C0] __hrtimer_run_queues+0x2b0/0xc60 [ 287.054484][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.054521][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 287.054546][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.054580][ C0] hrtimer_interrupt+0x45b/0xaa0 [ 287.054622][ C0] __sysvec_apic_timer_interrupt+0x10b/0x410 [ 287.054654][ C0] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 287.054689][ C0] [ 287.054696][ C0] [ 287.054704][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 287.054728][ C0] RIP: 0010:lock_acquire+0x175/0x360 [ 287.054751][ C0] Code: 00 00 00 00 9c 8f 44 24 30 f7 44 24 30 00 02 00 00 0f 85 cd 00 00 00 f7 44 24 08 00 02 00 00 74 01 fb 65 48 8b 05 9b 13 02 11 <48> 3b 44 24 58 0f 85 f2 00 00 00 48 83 c4 60 5b 41 5c 41 5d 41 5e [ 287.054769][ C0] RSP: 0018:ffffc90003c2ebf8 EFLAGS: 00000206 [ 287.054787][ C0] RAX: 02c4fef3318bfd00 RBX: 0000000000000000 RCX: 02c4fef3318bfd00 [ 287.054803][ C0] RDX: 0000000000000000 RSI: ffffffff8db869c3 RDI: ffffffff8be29d80 [ 287.054819][ C0] RBP: ffffffff8172aae5 R08: 0000000000000000 R09: ffffffff8172aae5 [ 287.054834][ C0] R10: dffffc0000000000 R11: ffffffff81ad00a0 R12: 0000000000000002 [ 287.054850][ C0] R13: ffffffff8e13f0e0 R14: 0000000000000000 R15: 0000000000000246 [ 287.054867][ C0] ? unwind_next_frame+0xa5/0x2390 [ 287.054893][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 287.054925][ C0] ? unwind_next_frame+0xa5/0x2390 [ 287.054959][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.054988][ C0] ? unwind_next_frame+0xa5/0x2390 [ 287.055013][ C0] ? handle_mm_fault+0x40a/0x8e0 [ 287.055038][ C0] ? unwind_next_frame+0xa5/0x2390 [ 287.055063][ C0] unwind_next_frame+0xc2/0x2390 [ 287.055088][ C0] ? unwind_next_frame+0xa5/0x2390 [ 287.055117][ C0] ? unwind_next_frame+0xa5/0x2390 [ 287.055143][ C0] ? __handle_mm_fault+0x37ed/0x5620 [ 287.055171][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 287.055203][ C0] arch_stack_walk+0x11c/0x150 [ 287.055235][ C0] ? handle_mm_fault+0x40a/0x8e0 [ 287.055262][ C0] stack_trace_save+0x9c/0xe0 [ 287.055293][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 287.055329][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.055356][ C0] save_stack+0xf5/0x1f0 [ 287.055389][ C0] ? __pfx_save_stack+0x10/0x10 [ 287.055414][ C0] ? post_alloc_hook+0x240/0x2a0 [ 287.055441][ C0] ? get_page_from_freelist+0x21e4/0x22c0 [ 287.055474][ C0] ? __alloc_frozen_pages_noprof+0x181/0x370 [ 287.055507][ C0] ? alloc_pages_mpol+0x232/0x4a0 [ 287.055533][ C0] ? folio_alloc_mpol_noprof+0x39/0x70 [ 287.055560][ C0] ? shmem_alloc_and_add_folio+0x447/0xf60 [ 287.055585][ C0] ? shmem_get_folio_gfp+0x59d/0x1660 [ 287.055606][ C0] ? shmem_fault+0x179/0x390 [ 287.055630][ C0] ? __do_fault+0x138/0x390 [ 287.055659][ C0] ? __handle_mm_fault+0x37ed/0x5620 [ 287.055683][ C0] ? handle_mm_fault+0x40a/0x8e0 [ 287.055709][ C0] ? seqcount_lockdep_reader_access+0x102/0x180 [ 287.055739][ C0] __set_page_owner+0x8d/0x4a0 [ 287.055767][ C0] ? __pfx___set_page_owner+0x10/0x10 [ 287.055800][ C0] post_alloc_hook+0x240/0x2a0 [ 287.055831][ C0] get_page_from_freelist+0x21e4/0x22c0 [ 287.055872][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.055902][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.055940][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.055969][ C0] ? __pfx_get_page_from_freelist+0x10/0x10 [ 287.056004][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.056030][ C0] ? prepare_alloc_pages+0x213/0x610 [ 287.056067][ C0] __alloc_frozen_pages_noprof+0x181/0x370 [ 287.056103][ C0] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 287.056142][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.056168][ C0] ? policy_nodemask+0x27c/0x720 [ 287.056198][ C0] alloc_pages_mpol+0x232/0x4a0 [ 287.056229][ C0] folio_alloc_mpol_noprof+0x39/0x70 [ 287.056259][ C0] shmem_alloc_and_add_folio+0x447/0xf60 [ 287.056284][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.056312][ C0] ? filemap_get_entry+0xad/0x2f0 [ 287.056343][ C0] ? filemap_get_entry+0xad/0x2f0 [ 287.056377][ C0] ? filemap_get_entry+0xad/0x2f0 [ 287.056408][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.056436][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.056461][ C0] ? shmem_huge_global_enabled+0x174/0x3a0 [ 287.056483][ C0] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 287.056510][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.056536][ C0] ? shmem_allowable_huge_orders+0x414/0x420 [ 287.056562][ C0] shmem_get_folio_gfp+0x59d/0x1660 [ 287.056597][ C0] shmem_fault+0x179/0x390 [ 287.056628][ C0] __do_fault+0x138/0x390 [ 287.056660][ C0] __handle_mm_fault+0x37ed/0x5620 [ 287.056698][ C0] ? __pfx___handle_mm_fault+0x10/0x10 [ 287.056732][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.056757][ C0] ? follow_page_pte+0x8d6/0x14b0 [ 287.056789][ C0] handle_mm_fault+0x40a/0x8e0 [ 287.056820][ C0] __get_user_pages+0x1af4/0x30b0 [ 287.056850][ C0] ? mt_find+0x15c/0x5f0 [ 287.056883][ C0] ? __pfx___get_user_pages+0x10/0x10 [ 287.056907][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.056936][ C0] populate_vma_page_range+0x26b/0x340 [ 287.056961][ C0] ? __pfx_populate_vma_page_range+0x10/0x10 [ 287.056982][ C0] ? userfaultfd_unmap_complete+0x278/0x2d0 [ 287.057010][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.057036][ C0] ? down_read+0x1ad/0x2e0 [ 287.057061][ C0] __mm_populate+0x24c/0x380 [ 287.057084][ C0] ? __pfx___mm_populate+0x10/0x10 [ 287.057107][ C0] ? up_write+0x1c4/0x420 [ 287.057140][ C0] vm_mmap_pgoff+0x3f0/0x4c0 [ 287.057164][ C0] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 287.057198][ C0] ? exc_page_fault+0x76/0xf0 [ 287.057233][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.057262][ C0] ? ksys_mmap_pgoff+0xf4/0x760 [ 287.057287][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.057313][ C0] ? __x64_sys_mmap+0x7f/0x140 [ 287.057339][ C0] do_syscall_64+0xfa/0x3b0 [ 287.057361][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 287.057402][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.057423][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 287.057448][ C0] ? exc_page_fault+0x9f/0xf0 [ 287.057484][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.057506][ C0] RIP: 0033:0x7ff42b18e929 [ 287.057525][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 287.057543][ C0] RSP: 002b:00007ff42c04e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 287.057564][ C0] RAX: ffffffffffffffda RBX: 00007ff42b3b5fa0 RCX: 00007ff42b18e929 [ 287.057580][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000200000000000 [ 287.057596][ C0] RBP: 00007ff42b210b39 R08: ffffffffffffffff R09: 0000000000000000 [ 287.057611][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000 [ 287.057625][ C0] R13: 0000000000000001 R14: 00007ff42b3b5fa0 R15: 00007ffd36f6d158 [ 287.057651][ C0] [ 287.914721][ C1] vkms_vblank_simulate: vblank timer overrun [ 293.099398][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 293.110846][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 SYZFAIL: failed to send rpc fd=3 want=272 sent=0 n=-1 (errno 104: Connection reset by peer) [ 295.547714][ T5867] Bluetooth: hci5: command 0x0406 tx timeout [ 295.553921][ T5857] Bluetooth: hci0: command 0x0406 tx timeout [ 295.559913][ T5857] Bluetooth: hci2: command 0x0406 tx timeout [ 295.779696][ T3487] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.928559][ T3487] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 296.046646][ T3487] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 296.119499][ T3487] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 296.248359][ T3487] bridge_slave_1: left promiscuous mode [ 296.256066][ T3487] bridge0: port 2(bridge_slave_1) entered disabled state [ 296.268302][ T3487] bridge_slave_0: left allmulticast mode [ 296.274154][ T3487] bridge_slave_0: left promiscuous mode [ 296.279963][ T3487] bridge0: port 1(bridge_slave_0) entered disabled state