last executing test programs:

1m26.920337135s ago: executing program 2 (id=213):
syz_mount_image$ocfs2(&(0x7f0000000140), &(0x7f0000000040)='./file1\x00', 0x8008c4, &(0x7f0000000480)=ANY=[@ANYBLOB='acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noacl,\x00'/119, @ANYRES32], 0x1, 0x4436, &(0x7f0000004480)="$eJzs3c9rm+cdAPDnfe0sdpZkdpZDBoMJFtjYhrFz2ubAHMeJYyeeR9aE0osi20riVraCLZcecnBvgZ4KPZQeQguFUnwKPvSa/gm99JieA+2hl0Ih1EXSK1vvawmrxrKb8PlA9Oh9fitfvY8eHeQnTlTuL67mFldzheVcef7u6oXc2+XS2lIxxIfkqMenM92Ik9gfndnLV/9/+0IIXy58/Xxra2srVPWGlkaanv/w/cP55rQhzrSp9tu6t4PyRgjh7K55VfWEEF7/IoQohHApyRtP0v4QwulQL7v98L07uQOazZNnxYv5FzOPNkfPT2883mz/2qMQPir94R/3lr79c8/oN387oOEBAAAAAAAAAAAAAAAAAHjJTd6cvfW/4ZHwNAq9G9Hu3+tOJmmL38fOfl5Ptw7Gnw7j5QIAAAAAAAAAAAAAAAAAAMCv0s7v/3PRmRa//59I0rE27bf+0/050j1T/52duDI8kpz/Hu0q/2eS9d2lnjDY4tz37PnvlzLtW5//vnuc/WrMrzHuQIjiodR1HA8NhfBJcvD7uehEXCqvVv5+t7y2vHBg03hppeNfP70/FZ3kQP9O4z+e6b/75///fte7qXp95+DeYq+0dPx72tb79N2oo/hfzrQ7jPizf+n499by+psrjNUXgGr83+/dO/4Tmf67Ff/TIYRcVJ1rLrUCVPcw1fx2+xXS0vE/VstLLZ3Jf2S7+//HTPyvZPo/qvV/PftBREvp+P+mlteXqrFz/w/Ge93/feHq9vP6G+co4l+d/7rP/46k43+8ntnb9JgsB52u/5OZ/rsV/1txMsPTUeodsBHV81v8vTpaSMe/b1f5zve/uKP937VM+8P6/tcYt/H9r7H8/zWqf/+jtXT8+9vW6/T+n8q06/b6P1bb/7Ff6fifqOWl984DtcdO4z+d6b9b8a/tSvoa8d9ZT346Xs//2P6vI+n4/7aeGTfXWK891vZ/0d77/+uZ/o9i/1ed/3rc3VFfFen4n2xb77PFKHzVwef/jUy7ar/HujP1bcP2+vuWjv+ptvVq93/f3vGfybTr9v3/l252DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPASGE/SgRDFQ6nrOB4aCuFycn0unIjmCgv5uVJ5/q3VECaS/Fw4E90rlecKpfzicnmhmC+USuX5EK4k5WdDX7RaKlfyS4UHV7f76o/uFwsrlblioRJCmEzy/xhONfqaW6wsFR6EEK5tl/0uLq88uF9Yzi8srvx7eHh4OExtz2EwKr5TKS5X6qPXS0OY3m47EDVNrlZ8fXsuJ6M3y2sry4VSLf9GU5tSeb5Qamozk5R9EAajysra8nyhUsyXyvca4x2lsSSdmLr52s0bI7vK70T1dPxwpwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAL/R09F8fhhB661dxCCEXJU+i5F/Kk2fFi/kXM482R89PbzzefN6qDgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8zA4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV26RilgSAKA/CbAdHSY1gtu53tiiJauCJ4Aj2Gh9GjeAnvYJEibYoQSGYh7E6xTVJ9X/Ngfmbeg3kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMByj2/D+2vbRaS42l5G/H7+/R/nz6V+31UuX5xnRk7n6WW4f2i78u9plt+Wo1Wf9+lm/fURlTr6mezJdJ8O5n2mqvtWMc439r2OlJuI6Et+k3JummVvAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAsAAAAACPO3jqJvAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//6KfHYs=")
setresuid(0x0, 0xee01, 0xee00)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x10)
fchown(r0, 0x0, 0x0)

1m25.845010411s ago: executing program 2 (id=216):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x4}, 0x10)
write(r0, &(0x7f0000000580)="240000001a005f0214f9f407000904001f000010fe02ac4a142d1083ef315c2400020000", 0x24)

1m25.665265175s ago: executing program 2 (id=220):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0xa}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x6d}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0x0, 0xe80, 0xe80, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

1m25.664579862s ago: executing program 2 (id=222):
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x818808, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000400)='./file4\x00', 0x1018000, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file4'}}], [], 0x2c})
chdir(&(0x7f00000001c0)='./file0\x00')
chdir(&(0x7f00000003c0)='./bus\x00')
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x1)
syz_mount_image$minix(&(0x7f0000000100), &(0x7f0000000a40)='./file1\x00', 0x2004010, &(0x7f0000001180)=ANY=[], 0x9, 0x1f2, &(0x7f00000004c0)="$eJzs28tO1FAcx/Ffy8x0wPtt40YTTXTjFIdJRnbyAL6AOzIUQixixA3EhLLxPXwMd76JWxeS6BPU9MZYpJ1ecFrk+0mG+dP0d86Zhv9wShgBuLRuhl8NGeqGle/7hw8lvX4lqZMb7c1lgQD+Gd+Imj5L7+zD/fwUgIth4efZx63MBv+SFCbvAsBFdry2EO4DvhrSt18fJz/iR7fg/uF4zZSCIbzo+yTfk/qF8kdG+Hy/M80GD0vpAQwvY//yOco/UTq/WHT98fxLp/JLs4LBLVPgyAyfnj5K569IuirpmqTrkm7E91q3JN1ORpB3Mv/GqfnvFVw/UEfw0zdIHSnUtun8IOcEKz8fdM/mtussl5p1qhvnn5fIPP6j7sX5YcX5k/xKxbwV5weTXXcj86yXFUcH8pl/9X85M/s/y+74pKzT/50K/Q8gsrd/8GbddZ335QuzUqqVRb/+1ahbHDZ+Ec67SC5qcKTje5qd+lRprgfxPC14ySWKxXYsI7to6A0JwNzYH3be2Xv7B8+2d9a3nC3n7XC0+mK0MhyNV+3Nsess23V25wDabPpLXyryN/P8fwkCAAAAAAAAAAAAAABNuCPpbtOLAAAAADAX5/OZoe8TKfucpl8jAAAAAAAAAAAAAAAAAAAA8L/4HQAA//+UhDYo")
getdents64(r0, &(0x7f0000000180)=""/92, 0x5c)

1m25.602383963s ago: executing program 2 (id=224):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000004c0)={'lo\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010026bd7000ffdbdf25050000000800090001000000050002000200000005000600010000000c00018008000100", @ANYRES32=r3], 0x38}, 0x1, 0x0, 0x0, 0x20004850}, 0x0)

1m25.353809071s ago: executing program 2 (id=225):
r0 = syz_usb_connect(0x5, 0x3d7, &(0x7f0000000000)=ANY=[@ANYBLOB="120100004cefc008e10593085bfd010203010902c50301000000000904"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000600)={0x44, &(0x7f0000000680)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

1m25.252939141s ago: executing program 32 (id=225):
r0 = syz_usb_connect(0x5, 0x3d7, &(0x7f0000000000)=ANY=[@ANYBLOB="120100004cefc008e10593085bfd010203010902c50301000000000904"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000600)={0x44, &(0x7f0000000680)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

1m17.714831981s ago: executing program 3 (id=309):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
r1 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x4661, 0x400, 0x3, 0x288}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r0, 0x80, &(0x7f0000000380)=@phonet={0x23, 0x8, 0xfa, 0x2}, 0x0, 0x0, 0x1})
io_uring_enter(r1, 0x40f9, 0x217, 0xa5, 0x0, 0x0)

1m17.620524598s ago: executing program 3 (id=311):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/resume_offset', 0xa102, 0x60)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x1, 0x9}}, 0x20)

1m17.544631592s ago: executing program 3 (id=313):
connect$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x10, @dev={0xac, 0x14, 0x14, 0x1}}, 0x10)
syz_mount_image$nilfs2(&(0x7f0000000dc0), &(0x7f0000000400)='./file0\x00', 0x94, &(0x7f0000003280)=ANY=[@ANYBLOB="0001def4774774366f0b8a20db13db64e85fc9322c3fe018b91ff1291b4f4c56de7e4543f49818e1307d98d09daa1e2a7dbf88003e9401dc73aad0b7dbb5685565c7825ba8340621faeae92abed19c524ab06c4303258d253722e159642af447aeb096c6a26d345d82f2925163331b0e9157441a9c61dd1051d3b970f9ac12f5975cf1ad4e45acef1a54921c492a77bcb1858b68758ed339608b8e43c733219f1f9e0b867840f821e03bc0e8a497c4d5dde436000090a397637dedb2f3"], 0x1, 0xd99, &(0x7f0000006900)="$eJzs3UtvXNUdAPBzx544LxqHmMZN09glpbiP2CRYpbsaKV2gSqgSnwClgYYa+ghdgIKUsOi2kRAfoIh9F31mgRSxSsWmVb8AYtVNipBoG1UCI9vnjMf/zOjOOLbH4/n9pDtn7v2fe88587hz575OAkZWY+1xcXG6SuntW29dvDcz/r/VKTOtHLNrj+N5bCml1GzNl9JkWN7SxHr62SfXLrWnn+e0ShdSlarW9PTs3da8R1JK19Nsup0m03Mfn7z50gfPLL934saJi2/M3dmZ1gMAwGi596N3f/m3x3947fj/f39mKU20ppft86U8fjRv9y9V6+M5af0PqNrSqm28OBDyjeehEfKNdcjXXk4z5BvvUv6BsNxml3wTNeWPtU3r1G4YZhv/46vG/KbxRmN+fv0/+aoPxw5U869cWX7h6oAqCmy7T2fyLj6DwTByw8qxQa+BANbF44b3uR73LDyY1tLGeyv/7tONzvPDNtjtz7/yh6v8d29Y47B99uunqbSrfI+O5vF4HGE8zNfv978sLx6PaPZYz27HEYbl+EK3eo7tcj22qlv94+div/paTsvrcCbE278/8T0dlvcY6Oye/f8Gw8gOK4NeAQF7VjxvbiUr8XheX4xP1MQP1sQP1cQP18SP1MRhlP3h1d+mm9XG//z4n77f/WFlP9tDOf1Sn/WJ+yP7LT+e99uvBy0/nk8Me9rcf09/+uvbf4/n/38ezv8/m39LJ/MKouwvjPvVW+f+hwuDG13yPRyq81CH/GvPpzbnq6Y2lpPa1jP31WN683zHuuU7vTnfZMh3OG+LHAz1jdsnh8N8ZfujrFfL6zUe2tsM7TgQ6lHemeM5PRjac7xbu8KO7AMhXzMPJ0K7pkK7HgnzfTm0q5re3K64/7zU52SYHo+TlHzhbbvvdym+F/G6jEdz+mZO38np+zn9qEO5o6h8Hrud/18+n9OpWb1wZfnyE3m8fE7vjDUnVqef3+V6Aw+u1+t/ptPm63+OtqY3G+3rhWMb06v29cJkmH6hy/Qn83j5Pfvp2KG16fOXfr78k+1uPIy4q6+9/rPnl5cv/8oTTzzxpPVk0GsmYKctvPryLxauvvb6uSsvP//i5Rcvv3L+ie9/78mnnlpcWNuqX2jftgf2l40f/UHXBAAAAAAAAAAAAOhZdajz5JzW3d+2XE9erk+P18czHMr7Vj4N5T4G5frPbvd1KddvHt+FOrL9duNyokG3Eejs3+7/azCM7LCy4i7+wN4w6P7/yn0PS3r03D+Prw4l292nN68v4/0L4UHs9f7nlL+/+v9r9X/V8/ov9Jg1ubVy/3jv0D/aik2nei0/tr/cB3aqv/L/lMsvrXks9Vb+yu9C+fFGpT36cyj/cI/l39f+01sr/y+5/PKyzZ3ttfz1GleNzfWI+43LfQDjfuPir6H95d5+fbd/ix213crlwygbln4m+zUs/X92U5Zb1oN59dw6Tlfuvx37O+i3/uW+3+V34JGw/Krm903/n8Otrv/P8vlb0P8n7DsfOv5nMIzssLKyMtCuT0a135W9YtCv/6C3IQdd/qBf/zqx/8/4fyn2/xnjsf/PGI/9f8Z47F8rxmP/n/H1jP1/xvjJsNzYP+h0TfwrNfFTNfGv1sRP18Tj/7cYn62Jn6mJz9TEH66JP1oTP1sT/0ZN/LGa+OM18bma+H739ZyOavthlMV+I33/YXSU4z/dvv9TNXFgeMV+neP3+5s1cWB4lfM8fL9hBFWd79gR97eX/bhv5vSdnL6f0492rILshm/l9Ns5/U5Ov5vTczmdz+lCTvUNOdx+869TZ25WG+f5HQvxXs8njdcDxPvEnO+xPvH4XL/ns57ssZydKn+Ll4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI3G2uPi4nSV0tu33rr4n6kf/Hh1ykwrx+za43geW0opNVNKVR4fD8u7PrGefvbJtUud0ipdWHss4+nZu615j6zOn2bT7TSZnvv45M2XPnhm+b0TN05cfGPuzs60HgAAAEbDFwEAAP//ManlwQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x400, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40106e80, &(0x7f0000000280)=0x1)

1m17.282489504s ago: executing program 3 (id=314):
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x4018, &(0x7f0000000140)={[{}, {@time_offset={'time_offset', 0x3d, 0x4}}, {@dmask={'dmask', 0x3d, 0x400005}}, {@iocharset={'iocharset', 0x3d, 'iso8859-5'}}, {@errors_remount}, {@discard}, {@allow_utime={'allow_utime', 0x3d, 0x4}}, {@errors_remount}, {@namecase}, {@keep_last_dots}]}, 0x1, 0x153b, &(0x7f0000001f80)="$eJzs3AucTlXXAPC19t5nDImnSS7D3nsdnuSyTZLkkiSXJEmSJLeEpEleSUgMIUlDEpLLkMQQksvEpHG/3y8JSdIkSUhuyf5+E37qrb73/b73/fL+vln/3+/87DXnrH3WedZznuecg/m269BaTWpXb0RE8C/BC38kAUAsAAwEgLwAEABA+bjycYAB5JSY9K/thP17PZh6pStgVxL3P3vj/mdv3P/sjfufvXH/szfuf/bG/c/euP+MZWebphW6hpfsu/x1z/+Bn///x+Hv//9HMsuM/XJNmeu6AcT8sync/+yN+///VvDPbMT9z964/9lV7JUugP0H4PM/O8jxp2u4/9kb95+x7OxKP3++0gtE/sNegyM5LzTmrzp+xhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGPsL3DaX6YA4NL4StfFGGOMMcYYY4yxfx+f40pXwBhjjDHGGGOMsf97CAIkKAggBnJALOSEXCAA4GrIA3khAtdAHFwL+eA6yA8FoCAUgngoDEVAgwELBCEUhWIQheuhONwAJaAklILS4KAMJMCNUBZugnJwM5SHW6AC3AoVoRJUhipwG1SF26Ea3AHV4U6oATWhFtSGu6AO3A114R6oB/dCfbgPGsD90BAegEbwIDSGh6AJPAxN4RFoBs2hBbSEVv+r/OehJ7wAvaA3JEEf6AsvQj/oDwPgJRgIL8MgeAUGw6uQDENgKLwGw+B1GA5vwAgYCaPgTRgNb8EYGAvjYDykwASYCG/DJHgHJsO7MAWmQipMg+nwHsyAmTAL3ofZ8AHMgbkwD+ZDGnwIC2AhpMNHsAg+hgxYDEtgKSyD5bACVsIqWA1rYC2sg/WwATbCJtgMW2ArbIPtsAM+gZ3wKeyC3bAHPoO98Pmv8gGSfunnf5d/6u/yuyEgoECBChXGYAzGYizmwlyYG3NjHsyDEYxgHMZhPsyH+TE/FsSCGI/xWASLoEGDhIRFsShGMYrFsTiWwBJYCkuhQ4cJmIBl8SYsh+WwPJbHClgBK2IlrIRVsApWxapYDathdayONbAG1sJaeBfehX2wLtbFelgP62P9S4+nsBE2wsbYGJtgE2yKTbEZNsMW2AJbYStsja2xDbbBdtgO22N77IAdMBETsSN2xE7YCTtjZ+yCXbArdsVu2B27Zz6fA/AFfAF7Yw3RB/tiX+yHyTkG4Ev4Er6Mg/AVfAVfxWQcgkPxNXwNX8fheBJH4EgchaOwqngLx+BYJDEeUzAFJ+JEnISTMKvQd3EqpuI0nI7TcQbOxJn4Ps7GD/ADnItzcT6mYRouwIWYjum4CE9hBi7GJbgUl+FyXIYrcRWuxDW4FtfgelyPG3EjbsbNuBW34nbcjp+gAsBPcTfuxmTci3txH+7D/bgfD+ABzMRMPIgH8RAewsN4GI/gETyKx/A4HsMTeAJP4ik8jafxLJ7Fc/hs/NeNPym5OhlEFiWUiBExIlbEilwil8gtcos8Io+IiIiIE3Ein8gn8ov8oqAoKOJFvCgiiggjjCARxgCAiIqoKC6KixKihCglSgknnEgQCaKsKCvKiXKivLhFVBC3ioqikmjrqogqoqpo56qJO0R1UV3UEDVFLVFb1BZ1RB1RV9QV9UQ9UV/UFw3E/aKh6IMD8EGR1ZkmYgg2FUOxmWgu5MVPsNZiOLYRbUU78bgYiSOwg2jtEsVToqMYg53E38RYfEZ0EeOxq3hOdBPdRQ/xvOgp2rheoreYjH1EXzEV+4n+YoB4SczAmuJ9nJ2zlnhVJIshYqh4TczH18Vw8YYYIUaKUeJNMVq8JcaIsWKcGC9SxAQxUbwtJol3xGTxrpgipopUMU1MF++JGWKmmCXeF7PFB2KOmCvmifkiTXwoFoiFIl18JBaJj0WGWCyWiKVimVguVoiVYpVYLdaItWKdWC82iI1ik9gstoitYpvYLnaIT8RO8anYJXaLPeIzsVd8LvaJL8R+8aU4IL4SmeJrcVB8Iw6Jb8Vh8Z04Ir4XR8UxcVz8IE6IH8VJcUqcFmfEWfGTOCd+FueFFyBRCimlkoGMkTlkrMwpc8mrZG4ZXHx1r5Fx8lqZT14n88sCsqAsJONlYVlEammklSRDWVQWk1F5vSwub5AlZElZSpaWTpaRCfJGWVbeJMvJm2V5eYusIG+VFWUlWVlWkbfJqvJ2CZEL+6gha8pasra8SybB3bKuvEfWk/fK+vI+2UDeLxvKB2Qj+aBsLB+STeTDsql8RDaTzWUL2VK2ko/K1vIx2Ua2le3k47K9fEJ2kE/KRPmU7Cj9xbfIM7KLfFZ2lc/JbrK77CF/luell71kbwl9QPaVL8p+sr8cEAsA8mU5SL4iB8tXZbIcIofK1+Qw+bocLt+QI+RIOUq+KUfLt+QYOVaOk+NlipwgJ8q35ST5jpws35VT5FSZKqfJAXLgLzPNkvIf5r/9B/mDf9n7RrlJbpZb5Fa5TW6XO+QncqfcKXfJXXKP3CP3yr1yn9wn98v98oA8IDNlpjwoD8pD8pA8LA/LI/KIPCqPyTPyB3lC/ihPylPylDwjz8qz8tzF1wAUKqGkUipQMSqHilU5VS51lcqtrlZ5VF4VUdeoOHWtyqeuU/lVAVVQFVLxqrAqorQyyipSoSqqiqmouh4vvmFUKVVaOVVGJagb/yf5qri6QZVQJX+Tf6m+pD+pr5VqpVqr1qqNaqPaqXaqvWqvOqgOKlElqo6qo+qkOqnOqrPqorqorqqr6qa6qR6qh+qpeqpeqpdKUkmqr3pR9VP91QD1khqoXlaD1CA1WA1WySpZDVVD1TA1TA1Xw9UINUKNUqPUaDVajVFj1Dg1TqWoFDVRTVST1CQ1WU1WU9QUlapS1XQ1Xc1QM9QsNUvNVrPVHDVHzVPzVJpKUwvUApWu0tUitUhlqMVqsVqqlqrlarlaqVaq1Wq1WqvWqvVqvcpQm9QmtUVtUdvUNrVD7VA71U61S+1Se9QetVftVfvUPrVf7VcH1AGVqTLVQXVQHVKH1GF1WB1RR9RRdVQdV8fVCXVCnVQn1Wl1Wp1VZ9U5dU6dV+ezLvsCEYhABSqICWKC2CA2yBXkCnIHuYM8QZ4gEkSCuCAuyBdcF+QPCgQFg0JBfFA4KBLowAQ2EBebHg2uD4oHNwQlgpJBqaB04IIyQUJwY1A2uCkoF9wclA9uCSoEtwYVg0pB5aBKcFtQNbg9qBbcEVQP7gxqBDWDWkHt4K6gTnB3UDe4J6gX3BvUD+4LGgT3Bw2DB4JGwYNB4+ChoEnwcNA0eCRoFjQPWgQtg1b/4vxZp/zl+b0/WeAx10v31km6j+6rX9T9dH89QL+kB+qX9SD9ih6sX9XJeogeql/Tw/Trerh+Q4/QI/Uo/aYerd/SY/RYPU6P1yl6gp6o39aT9Dt6sn5XT9FTdaqepqfr9/QMPVPP0u/r2foDPUfP1fP0fJ2mP9QL9EKdrj/Si/THOkMv1kv0Ur1ML9cr9Eq9Sq/Wa/RavU6v1xv0Rr1Jb9Zb9Fa9TW/XO/Qneqf+VO/Su/Ue/Zneqz/X+/QXer/+Uh/QX+lM/bU+qL/Rh/S3+rD+Th/R3+uj+pg+rn/QJ/SP+qQ+pU/rM/qs/kmf0z/r89pnXdxnfb0bZZSJMTEm1sSaXCaXyW1ymzwmj4mYiIkzcSafyWfym/ymoClo4k28KWKKmCxkyBQ1RU3URE1xU9yUMCVMKVPKOONMgkkwZU1ZU86UM+VNeVPBVDAVTUVT2VQ2t5nbzO3mdnOHucPcae40NU1NU9vUNnVMHVPX1DX1TD1T39Q3DUwD09A0NI1MI9PYNDZNTBPT1DQ1zUwz08K0MK1MK9PatDZtTBvTzrQz7U1708F0MIkm0XQ0HU0n08l0Np1NF9PFdDVdTTfTzfQwPUxP09P0Mr1MkkkyfU1f08/0MwPMADPQDDSDzCAz2Aw2ySbZDDVDzTAzzAw3w80IM9KMyrpQNW+ZMWasGWfGmxSTYiaaiWaSmWQmm8lmipliUk2qmW6mmxlmhpllZpnZZraZY+aYeWaeSTNpZoFZYNJNullkFpkMk2GWmCVmmVlmVpgVZpVZZdaYNWYdrDMbzAazyWwyW8wWs81sMzvMDrPT7DS7zC6zx+wxe81es8/sM/vNfnPAHDCZJtMcNAfNIXPIHDaHzRFzxBw1R81xc9ycMCfMSXPSnDanzVlT4OL3pTexNqfNZa+yue3VNo/Na/8+LmgL2Xhb2Bax2ua3BX4TG2ttCVvSlrKlrbNlbIK98XdxRVvJVrZV7G22qr3dVvtdXMfebevae2w9e6+tbe/6TVzf3mcb2IdtQ0QA29w2ti1tE/uwbWofsc1sc9vCtrTt7RO2g33SJtqnbEf79O/iBXahXWVX2zV2rd1ld9vT9ow9ZL+1Z+1PtpftbQfal+0g+4odbF+1yXbI7+JR9k072r5lx9ixdpwd/7t4ip1qU+00O92+Z2fYmb+L0+yHdrZNt3PsXDvPzv8lzqop3X5kF9mPbYYNYIldapfZ5XaFXXmpVp/Xrrcb7Ea7035qt9itdpvdbndcuhC2u+0e+5ndaz+3B+03dr/90h6wh22m/fqXOOv4Dtvv7BH7vT1qj9nj9gd7wv6oLmVnHfsP9md73noLhAQkSVFAMZSDYikn5aKrKDddTXkoL0XoGoqjaykfXUf5qQAVpEIUT4WpCGkyZIkopKJUjKJ0PV0qrxSVJkdlKIFupLJ0E5Wjm6k83UIV6FaqSJWoMlWh26gq3U7V6A6qTndSDapJtag23UV16G6qS/dQPbqX6tN91IDup4b0ADWiB6kxPURN6GFqSo9QM2pOLagltaJHqTU9Rm2oLbWjx6k9PUEd6ElKpKeoIz1Nnehv1JmeoS70LHWl56gbdace9Dz1pBeoF/WmJOpDfelF6kf9aQC9RAPpZRpEr9BgepWSaQgNpddoGL1Ow+kNGkEjaRS9SaPpLRpDY2kcjacUmkAT6W2aRO/QZHqXptBUSqVpNJ3eoxk0k2bR+zSbPqA5NJfm0XxKow9pAS2kdPqIFtHHlEGLaQktpWW0nFbQSlpFq2kNraV1tJ420EbaRJtpC22lbbSddtAntJM+pV20m/bQZ7SXPqd99AXtpy/pAH1FmfQ1HaRv6BB9S4fpO9+bvqejdIyO0w90gn6kk3SKTtMZOks/0Tn6mc6TJwgxFKEMVRiEMWGOMDbMGeYKrwpzh1eHecK8YSS8JowLrw3zhdeF+cMCYcGwUBgfFg6LhDo0oQ0pDMOiYbEwGl4fFg9vCEuEJcNSYenQhWXChPDGsGx4U1guvDksH94SVghvDSuGlcKH760S3hZWDW8Pq4V3hNXDO8MaYc2wVlg7vCusE94d1g3vCeuF94blwvvCBuH9YcPwgbBR+GDYOHwobBI+HDYNHwmbhc3DFmHLsFX4aNg6fCxsE7YN24WPh+3DJ8IO4ZNhYvhU2DF8+pf19y388/VJYZ+wb/hi+GLo/T1yXnR+NC36YXRBdGE0PfpRdFH042hGdHF0SXRpdFl0eXRFdGV0VXR1dE10bXRddH10Q3Rj1PvaOcChE0465QIX43K4WJfT5XJXudzuapfH5XURd42Lc9e6fO46l98VcAVdIRfvCrsiTjvjrCMXuqKumIu6611xd4Mr4Uq6Uq60c66MS3AtXSvXyrV2j7k2rq1r5x53j7sn3BPuSfeke8p1dE+7Tu5vrrN7xnVxz7pn3XOum+vuerjnXU83Ic+FczLJ9XV9XT/Xzw1wA9xAN9ANcoPcYDfYJbtkN9QNdcPcMDfcDXcj3Ag3yo1yo91oN8aNcePcOJfiUtxEN9FNcpPcZDfZTXFTXKpLddPddDfDzXBVZ17Yyxw3x81z81yaS3MLXNY1Y7pb5Ba5DJfhlrglbplb5la4FW6VW+XWuDVunVvnNrgNbpPb5La4LW6b2+Z2uB1up9vpdvm8FyZ1e90+t8/td/vdAfeVy3Rfu4PuG3fIfesOu+/cEfe9O+qOuePuB3fC/ehOulPutDvjzrqf3Dn3szvvvEuJTIhMjLwdmRR5JzI58m5kSmRqJDUyLTI98l5kRmRmZFbk/cjsyAeROZG5kXmR+ZG0yIeRBZGFkfTIR5FFkY8jGZHFkSWRpZFlkeUR7wtvCX1RX8xH/fW+uL/Bl/AlfSlf2jtfxif4G31Zf5Mv52/25f0tvoK/1Vf0lXxl/4hv5pv7Fr6lb+Uf9a39Y76Nb+vb+cd9e/+E7+Cf9In+Kd/RP+07+b/5zv4Z38U/67v653w339338M/7nv4F38v39km+j+/rX/T9fH8/wL/kB/qX/SD/ih/sX/XJfogf6l/zw/zrfrh/w4/wI/2omDf96Eu3yDDep/gJfqJ/20/y7/jJ/l0/xU/1qX6an+7f8zP8TD/Lv+9n+w/8HD/Xz/PzfZr/0C/wC326/8gv8h/7DL/40kNlv8Kv9Kv8ar/Gr/Xr/Hq/wW/0m/xmv8Vv9dv8dr/Df+J3+k/9Lr/b7/Gf+b3+c7/Pf+H3+y/9Af+Vz/Rf+4P+G3/If+sP++/8Ef+9P+qP+eP+B3/C/+hP+lP+tD/jz/qf/Dn/sz/P/2eNMcYYY+yfMuHyUPx2zYXH+X3+IEf8auO+AHD11kKZv16fdUW5Lv+FcX8R3z4CAE/17vrgpaVGjaSkpIvbZkgIis0FuPQ3QVli4HK8GNrBE5AIbaHsH9bfX3Q/S/9g/ugtALl+lRMLl+PL838BgEl/MP+jj49aUCE8HfffzD8XoESxyzk54XK8GNr98nylLZT7k/oLtP6T+vHi/Dm/TAFo86uc3HA5vlx/AjwGT0Pib7ZkjDHGGGOMMcYu6C8qd750/3npX3z+0f15vLqckwMux//o/pwxxhhjjDHGGGNX3jPdezz5aGJi287/80G1/1XWPz1oCv9XM/PgDwfeA1z6iQKAf3FCgKyB/CuPYvNfsq/ki6fO369adsYH8J/Ryn/H4Ap/MDHGGGOMMcb+7S5f9P/25+pKFcQYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjGVDf8WvE7vSx8gYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xdaf8VAAD//3aq+3A=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x3)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='nfsd\x00', 0x1000041, 0x0)

1m17.123928541s ago: executing program 3 (id=317):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000007c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000f00)={'dummy0\x00', &(0x7f0000000140)=@ethtool_perm_addr={0x4b, 0x46, "4b721b782a17a7b6a00d96363f7fdafd95073830fb8cfb34eb7cbd173ef6f0710ef2264f4cba5a1e6a6f0ef6c61346d54f61bd850519514421d1f305010caca7450a7e310aee"}})

1m16.415356398s ago: executing program 3 (id=327):
syz_usb_connect(0x3, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582"], 0x0)

1m16.19195572s ago: executing program 33 (id=327):
syz_usb_connect(0x3, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582"], 0x0)

2.425553646s ago: executing program 0 (id=1044):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000740)=ANY=[@ANYBLOB="e40000000201010800000000000000000a000000d00001800c000280050001000000000014000180080001000000000008000200000000002c000180140003"], 0xe4}, 0x1, 0x0, 0x0, 0x2048014}, 0x0)

2.324278414s ago: executing program 0 (id=1047):
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f00000055c0)=[{{&(0x7f0000001640)={0xa, 0xf, 0xfffffc01, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x13}}, 0xe}, 0x1c, 0x0}}, {{&(0x7f0000002980)={0xa, 0x4e21, 0x3, @dev={0xfe, 0x80, '\x00', 0x2f}, 0xffff}, 0x1c, 0x0, 0x0, &(0x7f00000003c0)=ANY=[], 0x48}}], 0x2, 0x49c00)

2.324101767s ago: executing program 0 (id=1048):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x1000c40, &(0x7f00000002c0), 0x5, 0x51c, &(0x7f0000000700)="$eJzs3cFvI1cZAPBvZjebNE2bFCoVENClFBa0WjvxtlHVU7mAUFUJUXHikIbEG0Vx4ih2ShNWavI/IFGJA4ITZyQQHCr1xBHBDW69lANSgRWoQeJgNONx1t3YG3c3awv795NGM29mMt97Y8178RfHL4CJdTUijiLiSkS8ERHzxf6kWOKV9pKd99Gd22snd26vJdFqvf6PJD+e7Yuun8k8XlxzJiK++62IHyRn4zYODrdWa7XqXlEuN7d3y42Dwxub26sb1Y3qTqWyvLS8+NLNFysDtWNmgHOe3f7Vh9/cfPV77/7uCx/86ejrP8qqNVcc627HRWo3feo0TuZyRLz6KIKNwKWiPVdGXREeSBoRn4qI5/Lnfz4u5a/mYHo81gDA/4FWaz5a891lAGDcpXkOLElLRS5gLtK0VGrn8J6O2bRWbzSv36rv76y3c2ULMZXe2qxVF4tc4UJMJVl56e1s+265Eh8v34yIpyLix9OP5eXS2uB5BgDgYj1+z/j/7+n2+A8AjLmeH57pfn++Mry6AADDMciHZwGA8WL8B4DJc3f8nx1pPQCA4fH+HwAmj/EfACbN+53x/9KoawIADMV3XnstW1onxfdfr795sL9Vf/PGerWxVdreXyut1fd2Sxv1+katWlqrb593vVq9vrv0Quy/VW5WG81y4+BwZbu+v9Ncyb/Xe6U6NZRWAQD389Sz7/0liYijlx/Ll+iay8FYDeMtHXUFgJGR84fJ5Vu4YXJ5jw+T69fFf/yeN5dn348Iv/MAQVtvP8APARft2mfl/2FSyf/D5JL/h8kl/w+Tq9VK+s35n56eAgCMlU+Y4/cnARhDQ/37PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIyJuXxZ6CqnaakU8URELMRUcmuzVl2MiCcj4s/TU9NZeWmkNQYAHl76t6SY/+va/PNz9x69kvxnOl9HxA9/+vpP3lptNveWsv3/PN3ffKfYXxlF/QGA83TG6c443vHRndtrnWWY9fnwG+3JRbO4J8XSPnI5LmerP87kkw7P/itplwvZ7yuXLiD+0XFEfKZX+5M8N7JQzHx6b/ws9hNDjZ9+LH6aH2uvs3vx6TNXnu4b87y5XmFSvJf1P6/0ev7SuJqvZ3pOfjyT91APr9P/nZzp/zrP+0ze1/Tq/64OGuOF33+777HjiM9d7hU/OY2f9In//IDx3//8F5/rd6z184hr0Tt+d6xyc3u33Dg4vJHd+OpGdadSWV5aXnzp5ouVcp6jLncy1d3aI8TfX77+ZN/2//K3RUd5Nv7MOe3/yn1b3TrtgH/x3ze+/6V+8Y8jvvbl3q//0/eJn42JXy22+/f0bauzv+k7fXcWf719/48/6et//Zy4HR/89XB9wFMBgCFoHBxurdZq1b0L3ZiKC75g10byiOpsYwQbMcRY2a/JD3udZ4qU2Wrn+ek+5w8/e/eZbN/I7+qFbIyuTwKG4+5DP+qaAAAAAAAAAAAAAAAA/TzyfydKR91CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAxtn/AgAA//8LKMVX")
readlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080)=""/29, 0x1d)
readlinkat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', &(0x7f0000001300)=""/4096, 0x1000)

2.211342032s ago: executing program 0 (id=1049):
r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000d00), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket$kcm(0x29, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000001a40)=""/102392, 0x18ff8)
sendmsg$TIPC_NL_LINK_GET(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000700)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="030700000000000000000800000068000480040007801300010062726f6164636173742d6c696e6b00001900078008000300000000000800020000000000080003000000000008000200000000000800030000000000040004"], 0x7c}}, 0x0)

861.529167ms ago: executing program 0 (id=1061):
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000001380)='./file1\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="636865636b706f696e743d64697361626c652c6261636b67726f756e645f67633d73796e632c61636c2c616c6c6f635f6d6f64653d72657573652c696e6c696e655f78617474722c6e6f666c7573685f6d657267652c6d6f64653d6c66732c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c6167655f657874656e745f63616368652c646973636172642c6e6f696e6c696e655f64656e7472792c008bfb3c1e4b1b12ae77c937da8858"], 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x42)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, &(0x7f0000000080)={@id={0x2, 0x0, @d}})

512.320217ms ago: executing program 1 (id=1072):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)={0x5c, r1, 0x917, 0x0, 0x0, {}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @loopback}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @ipv4={'\x00', '\xff\xff', @remote}}, @L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x4}]}, 0x5c}}, 0x0)

440.654529ms ago: executing program 1 (id=1075):
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0xf)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x2000, 0x0)
mknod$loop(&(0x7f00000002c0)='./file1\x00', 0x2000, 0x0)

351.737168ms ago: executing program 4 (id=1076):
r0 = socket(0xa, 0x1, 0x0)
listen(r0, 0x0)
setsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000454ff0)={0x0, 0x2710}, 0x10)
accept4$x25(r0, 0x0, 0x0, 0x0)

342.857024ms ago: executing program 1 (id=1077):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800702, &(0x7f0000000100)={[{@max_batch_time={'max_batch_time', 0x3d, 0x8001}}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}, {@noauto_da_alloc}, {@noload}, {@oldalloc}, {@resuid}]}, 0x2, 0x470, &(0x7f0000000dc0)="$eJzs209sFNUfAPDvTLuFH//an+IfELVKjI1/WlpQOXjRqPGA0UQPeKxtIYRCDa0JECLVGLyYGBL1ajyaePDszYtRTyZeNfFoSIhyAfVSM7Mz7XbplpZud2v380kG3tt52/e+++bNvJm3G0DH6s/+SSJ2RMQvEdFbzS4u0F/978a1C2N/XbswlsTc3Ot/JHm569cujJVFy/dtLzIDaUT6QVJUstj0ufMnRycnJ84U+aGZU28PTZ87/+SJU6PHJ45PnB45fPjQweFnnh55qilxZnFd3/vu1L49L795+ZWxo5ff+uGrrL07iv21cTRLfxb4n3O5+n2PNLuyNttZk06629gQVqUrIrLuquTjvze6YqHzeuPF99vaOGBdZdemLY13z84Bm1gS7W4B0B7lhT67/y23Fk09NoSrz1VvgLK4bxRbdU93pEWZSt39bTP1R8TR2b8/z7ZYp+cQAAC1Phr79Eg8sdT8Lz19d025XcUaSl9E/D8i7oiIOyNid0TcFRFZ2Xsi4t5V1l+/NHTz/Ce9cluBrVA2/3s24qUbN83/ytlf9HUVuZ15/JXk2InJiQPFZzIQlS1ZfniZOr594eePG+2rnf9lW1Z/ORcs2nGlu+4B3fjozGg+KW2Cq+9F7O2uru0tjj+ZXwlIImJPROxd3Z/eVSZOPPblvkaFbh3/MpqwzjT3RcSj1bXN2aiLv5Qsvz45tDUmJw4MlUfFzX786dJrjepfU/xNkPX/tljU//VF+pLa9drp1ddx6dcPG97T3O7x35O8kZ+PeorXzo7OzJwZjuhJjuT5Ra+PLLy3zJ8drczHP7B/qeM/zc9xUfT/fRGRHcT3R8QDEfFg0faHIuLhiNi/TPzfP99430bo//FYevwX6vp/9Ymuk99906j+lfX/oTw1ULySn/9uYaUNXMtnBwAAAP8Vaf4d+CQdnE+n6eBg9Tv8u2NbOjk1PfP4sal3To9XvyvfF5W0fNLVW/M8dDiZLf5iNT9SPCsu9x8snht/0vW/PD84NjU53ubYodNtbzD+M793tbt1wLpbah1tpKcNDQFarn78p4uzF19t+M7f1qdBQMv4vTZ0rluM/4XpwD/r3xagtVz/oXMtjP/P5lMX68pYC4DNyfUfOteKx781Qdh0XP+hcxn/0JHW8rv+liUqW6uN3SjtkZg+dz7SDdEMiXVKLHGy+Dpt9ekJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgzf4NAAD//7Rs7dg=")
chdir(&(0x7f0000000000)='./file0\x00')
lsetxattr$security_ima(&(0x7f0000000300)='./file0\x00', &(0x7f0000000080), &(0x7f00000000c0)=@sha1={0x1, "ca46bb42f431c3e0a36fd25058505cb8e13b6aee"}, 0xfd3f, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x4200, 0x0)

342.52197ms ago: executing program 4 (id=1078):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0xa0, 0x30, 0x9, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_bpf={0x88, 0x1, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{0x60}, {}, {0x3}, {}, {}, {}, {0x6}]}, @TCA_ACT_BPF_PARMS={0x18}]}, {}, {0xc}, {0xc}}}]}]}, 0xa0}}, 0x0)

254.699924ms ago: executing program 0 (id=1079):
syz_usb_connect$cdc_ecm(0x0, 0x4d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000020000082505a3a440000102030109023b000101000000090400000302060000052406000005240000000d240f010000000000000000000905"], 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
ioctl$MON_IOCX_GETX(0xffffffffffffffff, 0x80089203, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000007040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a030000000000000000000a00ecff0800010073797a300000000074000000160a010100000000000000000a00000008000740000000014000038008000140000000002c000380140001006e657464657673696d300000000000001400010076657468305f766c616e00000000000008000240000000070900010073797a3000000000090002"], 0xbc}}, 0x0)

254.509312ms ago: executing program 1 (id=1080):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000300)={0x1, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000040)={0x30b, @tick=0x1000, 0x31, {0xfd}})

254.306335ms ago: executing program 1 (id=1081):
setuid(0xee01)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="fc000000190001"], 0xfc}, 0x1, 0x0, 0x0, 0x24008040}, 0x20040000)

182.578218ms ago: executing program 4 (id=1082):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000007c0)=ANY=[@ANYRES32=r4, @ANYRES32=r3, @ANYBLOB='&'], 0x10)
sendmsg$inet(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f0000000780)='}', 0x1}], 0x1}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r4}, &(0x7f0000000000), &(0x7f00000002c0)=r0}, 0x20)
sendmsg$inet(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x22fe0}], 0x1}, 0x0)
recvmsg$unix(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000340)=""/229, 0xec1}], 0x1}, 0x0)

182.425115ms ago: executing program 1 (id=1083):
syz_usb_connect$cdc_ecm(0x0, 0x77, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000020000402505a1a4400000000101090265000101000004090400001202060080052406000005240000000d260f01000000000000000000152412"], 0x0)

182.071579ms ago: executing program 4 (id=1084):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='coredump_filter\x00')
write$cgroup_int(r0, &(0x7f0000000080)=0x101, 0x12)

75.772673ms ago: executing program 4 (id=1085):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x207, &(0x7f0000000200)={[{@errors_remount}, {@nolazytime}]}, 0x1, 0x46b, &(0x7f0000000600)="$eJzs3M+PE1UcAPDvtF1Wfm5F/AGiomgk/thlF1QOXjQx8aCJiR7wuC4LQQprYE2EbNzFELyYKAl3Y+LFxL/AEyeinky84t2QEMMF9FQzdFq63XYpbWlZ+vkkw87bvvZ9vzPzOm/eMBvA0NqV/pNEbIqIKxExFhG5+grrK0ta7+b1hZl/ry/MJFEuf/hPkr4tblxfmKlWTbKfGyuFQvpBuXNJFJu0e+r0mWPTpdLsyaw8MX/8s4lTp8+8evT49JHZI7Mnpg4c2L9v8o3Xp17rSZ5pTDd2fDm3c/u7H194f+bghU9++7kSb7l88fLeZXn0xkhELNS2SaMXetvYwG2uW08KAwyEuzIaEYXsaL0SY5E/t6X22li889VAgwPuqXK5XJ5q/fJSGXiAJTHoCIDBqJ7o0+vf6tKnocd94dpblQugNO+b2VJ5pRBnszojDde3vbQrIg4u/fd9ukTDfAoAwL1wKR3/vNJk/FeMeKyu3pZsKUbEwxGxNSIeiYhtEfFoVOo+HhFP3GX7uxrKK8c/uaudZdaedPz3ZnZva/n4r3YXrJjPSptv5T+SHD5amt2bbY89MTKaliebfnoSsZT+/PPbVu3Xj//SJW2/OhbM4rhaGF3+nkPT89NdJ565djZiR6FZ/kkUbmcR2yNiR4dtHH3pp53Lf5Ovrd05/1X04D5T+YeIFyv7fyka8q9KVr8/OfFQlGb3TlSPikaX4vc/zn/Qqv2u8u+BdP9vaHr81/IvJvX3a/MrPmLdndo4/9fXLa9pOj3+1yUfLWv8i+n5+ZOTEeuS91b+vm6Cu1qu1k/z37O7ef/fGre3xJMRkR7ET0XE0xHxTBb7sxHxXETsXiX/X99+/tPO87+30vwX72b/d7CSP3b5l1btt7f/91cLt4Jq5/uv3QC72XYAAACwVuQiYlMkufHaei43Pl75//LbYkOuNHdq/uXDc5+fOFR5RqAYI7nqTNdY3XzoZDY3XC1PZeXFrLwvmze+mF9/qzw+M1c6NOjkYchtbNH/U3+vnOsFHjSe14Lhpf/D8Oq8//vmgLXuDr041684gP5zFofh1az/Lw4gDqD/nP9heNX6/3dtVK573Kvx4U1g7XH+h+Gl/8NQ6ua5/vtiJX6MWL1O0l0To4PJ65tu3l7oQ4SRuz8OgD6uTOUjBhhGod2/ahGny4tdNzrobyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDe+D8AAP//Gvzn2A==")

0s ago: executing program 4 (id=1086):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_wait_time\x00', 0x26e1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000600))
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'pcl812\x00', [0x4f27, 0x5, 0x1, 0x0, 0x67, 0xcc7, 0x8, 0x7, 0xa, 0x4, 0x2, 0x1, 0x8, 0x1, 0x6, 0x101, 0x1, 0x1a449, 0x3, 0x40000003, 0x89, 0x2, 0xf27, 0x20001e58, 0xb, 0xe69, 0x3c, 0x8, 0x6, 0x0, 0xfffffff8]})
mmap(&(0x7f00000f4000/0x2000)=nil, 0x2000, 0x5000000, 0x11, r0, 0xffffd000)

kernel console output (not intermixed with test programs):

ting device (7,1) on (node local)
[   78.897351][ T6238] loop0: detected capacity change from 0 to 40427
[   78.903924][ T6233] F2FS-fs (loop2): SIT is corrupted node# 2 vs 7
[   78.913638][ T6238] F2FS-fs (loop0): invalid crc value
[   78.925701][ T6233] F2FS-fs (loop2): Failed to initialize F2FS segment manager (-117)
[   78.968538][ T6238] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   78.973776][ T6238] F2FS-fs (loop0): Start checkpoint disabled!
[   78.979805][ T6238] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[   79.698652][ T6260] loop2: detected capacity change from 0 to 128
[   79.720857][ T6260] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[   79.728156][ T6260] ext4 filesystem being mounted at /42/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.855856][ T5852] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   80.192807][ T5899] IPVS: starting estimator thread 0...
[   80.349892][   T33] audit: type=1326 audit(1756240416.880:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6289 comm="syz.2.136" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9025b8ebe9 code=0x0
[   80.359351][ T6284] IPVS: using max 51 ests per chain, 122400 per kthread
[   80.368438][ T6290] loop0: detected capacity change from 0 to 1024
[   80.418704][ T6290] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.699919][ T5848] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.914890][ T6296] loop2: detected capacity change from 0 to 32768
[   80.919505][ T6296] XFS: noikeep mount option is deprecated.
[   80.924531][ T6298] loop0: detected capacity change from 0 to 32768
[   80.953884][ T6296] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   80.954260][ T6298] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   80.980024][ T6298] XFS (loop0): Ending clean mount
[   80.987283][   T33] audit: type=1800 audit(1756240417.530:3): pid=6298 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.139" name="file1" dev="loop0" ino=6150 res=0 errno=0
[   80.989629][ T6296] XFS (loop2): Ending clean mount
[   81.015459][ T6296] XFS (loop2): Quotacheck needed: Please wait.
[   81.052100][ T6296] XFS (loop2): Quotacheck: Done.
[   81.137746][ T5852] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   81.297230][ T6324] loop2: detected capacity change from 0 to 512
[   81.302175][ T6324] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   81.308628][ T6324] FAT-fs (loop2): FAT read failed (blocknr 1568)
[   81.480568][ T6327] vxcan1: tx drop: invalid sa for name 0x0000000000000003
[   81.510885][ T6328] overlayfs: missing 'lowerdir'
[   81.781566][ T5848] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   81.946706][ T6333] netlink: 24 bytes leftover after parsing attributes in process `syz.0.146'.
[   82.180637][ T6345] Illegal XDP return value 4294967274 on prog  (id 20) dev N/A, expect packet loss!
[   82.850643][ T6365] loop2: detected capacity change from 0 to 2048
[   82.916667][ T6365] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.969639][ T6365] ext4 filesystem being mounted at /50/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.156925][ T6365] EXT4-fs error (device loop2): __ext4_new_inode:1073: comm syz.2.161: reserved inode found cleared - inode=1
[   83.201037][ T6365] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[   83.337527][ T5852] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.681039][ T6369] loop2: detected capacity change from 0 to 2048
[   83.747737][ T6369] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   83.824523][ T6369] UDF-fs: error (device loop2): udf_verify_fi: directory (ino 1376) has entry where CRC length (32) does not match entry length (24)
[   83.967923][ T6373] netlink: 4 bytes leftover after parsing attributes in process `syz.2.163'.
[   83.981613][ T6373] netlink: 4 bytes leftover after parsing attributes in process `syz.2.163'.
[   83.989087][ T6373] netlink: 4 bytes leftover after parsing attributes in process `syz.2.163'.
[   84.422626][   T47] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   84.592006][   T47] usb 2-1: Using ep0 maxpacket: 16
[   84.600809][   T47] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   84.607593][   T47] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[   84.620170][   T47] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 42580, setting to 1024
[   84.636753][   T47] usb 2-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice= 0.5a
[   84.647876][   T47] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   84.664183][   T47] usb 2-1: config 0 descriptor??
[   84.670449][ T6381] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   84.704389][   T47] pegasus_notetaker 2-1:0.0: probe with driver pegasus_notetaker failed with error -12
[   84.907336][ T5834] usb 2-1: USB disconnect, device number 3
[   85.072982][ T6392] loop0: detected capacity change from 0 to 8
[   85.132373][ T6392] SQUASHFS error: xz decompression failed, data probably corrupt
[   85.138483][ T6392] SQUASHFS error: Failed to read block 0x108: -5
[   85.141216][ T6392] SQUASHFS error: Unable to read metadata cache entry [106]
[   85.145197][ T6392] SQUASHFS error: Unable to read inode 0x11f
[   85.478054][ T6396] overlayfs: failed to decode file handle (len=6, type=248, flags=0, err=-61)
[   85.496868][ T6398] netlink: 'syz.1.176': attribute type 12 has an invalid length.
[   85.984259][ T6424] loop2: detected capacity change from 0 to 7
[   85.997095][ T6424] Dev loop2: unable to read RDB block 7
[   86.000249][ T6424]  loop2: unable to read partition table
[   86.003587][ T6424] loop2: partition table beyond EOD, truncated
[   86.006664][ T6424] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5)
[   86.579220][ T5899] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   86.609802][   T10] cfg80211: failed to load regulatory.db
[   86.741966][ T5899] usb 3-1: Using ep0 maxpacket: 16
[   86.771313][ T5899] usb 3-1: unable to get BOS descriptor or descriptor too short
[   86.797289][ T5899] usb 3-1: config 0 has no interfaces?
[   86.805874][ T5899] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   86.809311][ T5899] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   86.816252][ T5899] usb 3-1: Product: syz
[   86.817755][ T5899] usb 3-1: Manufacturer: syz
[   86.819405][ T5899] usb 3-1: SerialNumber: syz
[   86.833061][ T5899] usb 3-1: config 0 descriptor??
[   87.048592][ T6433] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   87.052921][ T6433] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   87.056614][ T5899] usb 3-1: USB disconnect, device number 5
[   87.092260][   T47] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   87.241967][   T47] usb 2-1: Using ep0 maxpacket: 16
[   87.247146][   T47] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[   87.250920][   T47] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   87.255283][   T47] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[   87.262277][   T47] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   87.266060][   T47] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   87.269194][   T47] usb 2-1: Product: syz
[   87.271062][   T47] usb 2-1: Manufacturer: syz
[   87.273270][   T47] usb 2-1: SerialNumber: syz
[   87.682282][   T47] usb 2-1: 0:2 : does not exist
[   88.298906][   T47] usb 2-1: USB disconnect, device number 4
[   88.315995][ T5859] udevd[5859]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   88.468619][ T6442] netlink: 8 bytes leftover after parsing attributes in process `syz.2.195'.
[   88.628527][ T6448] loop2: detected capacity change from 0 to 512
[   88.632790][ T6448] EXT4-fs: Ignoring removed nobh option
[   88.639430][ T6448] EXT4-fs error (device loop2): __ext4_iget:5464: inode #11: block 1: comm syz.2.198: invalid block
[   88.645724][ T6448] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.198: couldn't read orphan inode 11 (err -117)
[   88.655271][ T6448] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.691035][ T5852] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.959374][ T6473] binder: 6469:6473 unknown command 0
[   88.961305][ T6473] binder: 6469:6473 ioctl c0306201 200000000080 returned -22
[   89.078244][   T33] audit: type=1326 audit(1756240425.620:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6476 comm="syz.2.211" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9025b8ebe9 code=0x7ffc0000
[   89.090418][   T33] audit: type=1326 audit(1756240425.630:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6476 comm="syz.2.211" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9025b8ebe9 code=0x7ffc0000
[   89.098122][   T33] audit: type=1326 audit(1756240425.630:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6476 comm="syz.2.211" exe="/syz-executor" sig=0 arch=c000003e syscall=279 compat=0 ip=0x7f9025b8ebe9 code=0x7ffc0000
[   89.109130][   T33] audit: type=1326 audit(1756240425.630:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6476 comm="syz.2.211" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9025b8ebe9 code=0x7ffc0000
[   89.117257][   T33] audit: type=1326 audit(1756240425.630:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6476 comm="syz.2.211" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9025b8ebe9 code=0x7ffc0000
[   89.874695][ T6482] loop2: detected capacity change from 0 to 32768
[   89.907119][ T6482] JBD2: Ignoring recovery information on journal
[   90.035572][ T6482] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[   90.234034][ T5852] ocfs2: Unmounting device (7,2) on (node local)
[   90.451822][ T5834] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   90.457463][ T6500] loop2: detected capacity change from 0 to 64
[   90.612671][ T5834] usb 1-1: Using ep0 maxpacket: 32
[   90.616381][ T5834] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   90.620157][ T5834] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   90.623686][ T5834] usb 1-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[   90.626949][ T5834] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   90.635573][ T5834] usb 1-1: config 0 descriptor??
[   90.742001][   T10] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   90.904428][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   90.909790][   T10] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[   90.913535][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   90.918041][   T10] usb 2-1: config 0 descriptor??
[   91.050305][ T5834] hid-led 0003:27B8:01ED.0003: unknown main item tag 0x7
[   91.072745][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   91.078798][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   91.082985][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   91.086730][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   91.089560][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   91.128921][   T10] ath6kl: Failed to submit usb control message: -71
[   91.131488][   T10] ath6kl: unable to send the bmi data to the device: -71
[   91.138640][   T10] ath6kl: Unable to send get target info: -71
[   91.143897][   T10] ath6kl: Failed to init ath6kl core: -71
[   91.158573][   T10] ath6kl_usb 2-1:0.0: probe with driver ath6kl_usb failed with error -71
[   91.173315][   T10] usb 2-1: USB disconnect, device number 5
[   91.222780][ T6507] chnl_net:caif_netlink_parms(): no params data found
[   91.248636][ T5834] hid-led 0003:27B8:01ED.0003: probe with driver hid-led failed with error -71
[   91.267921][ T5834] usb 1-1: USB disconnect, device number 4
[   91.320967][ T6507] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.324252][ T6507] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.327365][ T6507] bridge_slave_0: entered allmulticast mode
[   91.330470][ T6507] bridge_slave_0: entered promiscuous mode
[   91.336025][ T6507] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.339062][ T6507] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.342544][ T6507] bridge_slave_1: entered allmulticast mode
[   91.346244][ T6507] bridge_slave_1: entered promiscuous mode
[   91.366890][ T6507] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   91.371472][ T6507] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   91.394013][ T6507] team0: Port device team_slave_0 added
[   91.398118][ T6507] team0: Port device team_slave_1 added
[   91.419799][ T6507] batman_adv: batadv0: Adding interface: batadv_slave_0
[   91.425530][ T6507] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.435740][ T6507] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   91.445115][ T6507] batman_adv: batadv0: Adding interface: batadv_slave_1
[   91.447917][ T6507] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.458104][ T6507] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   91.492706][ T6507] hsr_slave_0: entered promiscuous mode
[   91.495479][ T6507] hsr_slave_1: entered promiscuous mode
[   91.498134][ T6507] debugfs: 'hsr0' already exists in 'hsr'
[   91.500320][ T6507] Cannot create hsr debugfs directory
[   91.600797][ T6507] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   91.606272][ T6507] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   91.611132][ T6507] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   91.616590][ T6507] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   91.670750][ T6507] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.686875][ T6507] 8021q: adding VLAN 0 to HW filter on device team0
[   91.696866][   T64] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.699313][   T64] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.706442][   T64] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.709414][   T64] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.800430][ T6529] iommufd_mock iommufd_mock0: Adding to iommu group 0
[   91.804388][ T6531] loop1: detected capacity change from 0 to 256
[   91.814007][ T6531] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[   91.818998][ T6531] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[   91.832173][ T6531] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[   91.840198][ T6531] UDF-fs: Scanning with blocksize 512 failed
[   91.850063][ T6531] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[   91.854563][ T6531] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   91.900166][ T6507] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.946814][ T6507] veth0_vlan: entered promiscuous mode
[   91.955854][ T6507] veth1_vlan: entered promiscuous mode
[   91.979486][ T6507] veth0_macvtap: entered promiscuous mode
[   91.983848][ T6507] veth1_macvtap: entered promiscuous mode
[   91.995639][ T6543] loop0: detected capacity change from 0 to 256
[   92.006553][ T6507] batman_adv: batadv0: Interface activated: batadv_slave_0
[   92.021543][ T6507] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.047119][   T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.050743][   T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.057228][   T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.060228][   T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.234386][ T4875] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.237584][ T4875] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.299153][ T4875] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.302734][ T4875] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.460803][ T6563] netlink: 8 bytes leftover after parsing attributes in process `syz.3.226'.
[   92.782718][ T6570] loop3: detected capacity change from 0 to 4096
[   92.858052][ T6571] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   93.118379][ T6573] loop3: detected capacity change from 0 to 2048
[   93.144030][ T6573] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   93.162048][ T5855] Bluetooth: hci1: command tx timeout
[   93.219539][ T6573] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.248: bg 0: block 2: invalid block bitmap
[   93.356641][ T6507] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.121333][ T6598] loop1: detected capacity change from 0 to 1024
[   94.159416][ T6598] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only.
[   94.178546][ T6598] hfsplus: failed to load root directory
[   94.234338][ T6602] loop0: detected capacity change from 0 to 1024
[   94.308796][ T6608] loop1: detected capacity change from 0 to 512
[   94.317697][ T6602] Process accounting resumed
[   94.319752][ T6608] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.262: bad orphan inode 11
[   94.319916][ T6608] ext4_test_bit(bit=10, block=4) = 1
[   94.328531][ T6602] syz.0.259: attempt to access beyond end of device
[   94.328531][ T6602] loop0: rw=0, sector=8556385938, nr_sectors = 2 limit=1024
[   94.333426][ T6608] is_bad_inode(inode)=0
[   94.334886][ T6608] NEXT_ORPHAN(inode)=2080374784
[   94.336972][ T6608] max_ino=32
[   94.344746][  T794] kworker/1:2: attempt to access beyond end of device
[   94.344746][  T794] loop0: rw=0, sector=8556385938, nr_sectors = 2 limit=1024
[   94.351244][ T6608] i_nlink=0
[   94.354142][ T6608] EXT4-fs (loop1): 1 truncate cleaned up
[   94.357897][ T6608] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   94.371312][ T6608] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.262: bg 0: block 393: padding at end of block bitmap is not set
[   94.376844][ T6608] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   94.427279][ T5856] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.156272][ T6623] cgroup: Unknown subsys name 'cpuset'
[   95.245547][ T5855] Bluetooth: hci1: command tx timeout
[   95.683488][ T6638] netlink: 'syz.3.274': attribute type 10 has an invalid length.
[   95.686524][ T6638] netlink: 40 bytes leftover after parsing attributes in process `syz.3.274'.
[   95.696380][ T6638] batman_adv: batadv0: Adding interface: vlan1
[   95.703415][ T6638] batman_adv: batadv0: The MTU of interface vlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   95.722260][ T6638] batman_adv: batadv0: Interface activated: vlan1
[   96.021894][   T47] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   96.065532][ T6670] netlink: 'syz.0.289': attribute type 4 has an invalid length.
[   96.172540][   T47] usb 4-1: Using ep0 maxpacket: 32
[   96.177167][   T47] usb 4-1: config 0 has an invalid interface number: 126 but max is 0
[   96.180630][   T47] usb 4-1: config 0 has no interface number 0
[   96.185806][ T6666] loop1: detected capacity change from 0 to 32768
[   96.188982][   T47] usb 4-1: config 0 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023
[   96.204056][   T47] usb 4-1: config 0 interface 126 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 8
[   96.208318][   T47] usb 4-1: config 0 interface 126 has no altsetting 0
[   96.216405][   T47] usb 4-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c
[   96.220398][   T47] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   96.230453][   T47] usb 4-1: Product: syz
[   96.233619][   T47] usb 4-1: Manufacturer: syz
[   96.235661][   T47] usb 4-1: SerialNumber: syz
[   96.242374][   T47] usb 4-1: config 0 descriptor??
[   96.245251][ T6647] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[   96.252119][ T6647] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[   96.445818][ T6682] loop1: detected capacity change from 0 to 2048
[   96.536348][ T6069] Dev loop1: RDB in block 1 has bad checksum
[   97.293160][   T47] ir_usb 4-1:0.126: IR Dongle converter detected
[   97.308386][   T47] usb 4-1: IRDA class descriptor not found, device not bound
[   97.322098][ T5855] Bluetooth: hci1: command tx timeout
[   97.504670][    T9] usb 4-1: USB disconnect, device number 2
[   97.760619][   T33] audit: type=1326 audit(1756240434.300:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6694 comm="syz.0.301" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe8f5f8ebe9 code=0x0
[   98.077413][ T6706] loop3: detected capacity change from 0 to 512
[   98.121574][ T6706] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.134092][ T6706] ext4 filesystem being mounted at /9/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.165838][ T6507] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.198646][ T6713] loop3: detected capacity change from 0 to 512
[   98.202433][ T6713] EXT4-fs: Ignoring removed nomblk_io_submit option
[   98.211063][ T6713] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   98.216844][ T6713] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   98.231274][ T6713] EXT4-fs (loop3): 1 truncate cleaned up
[   98.243700][ T6713] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.259376][   T33] audit: type=1800 audit(1756240434.800:10): pid=6713 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.307" name="file1" dev="loop3" ino=15 res=0 errno=0
[   98.277566][ T6507] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.589926][ T6724] loop0: detected capacity change from 0 to 1024
[   98.604852][ T6724] EXT4-fs: Ignoring removed orlov option
[   98.607385][ T6724] EXT4-fs: Ignoring removed nomblk_io_submit option
[   98.639305][ T6724] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.648040][ T6726] loop3: detected capacity change from 0 to 4096
[   98.731875][ T6730] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   98.814104][ T5848] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.849279][ T6732] loop3: detected capacity change from 0 to 256
[   98.852680][ T6732] exfat: Deprecated parameter 'namecase'
[   98.860320][ T6732] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[   98.888817][ T6732] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d)
[   99.326408][ T6746] loop0: detected capacity change from 0 to 32768
[   99.743846][ T5878] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.806697][ T6746] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=crc64,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,recovery_pass_last=set_may_go_rw,reconstruct_alloc,no_data_io
[   99.806715][ T6746]   allowing incompatible features above 0.0: (unknown version)
[   99.806722][ T6746]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[   99.823680][ T6746] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[   99.827133][ T6746] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[   99.830546][ T6746] bcachefs (loop0): Version upgrade required:
[   99.830546][ T6746] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[   99.830546][ T6746] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[   99.830546][ T6746]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[   99.862432][ T6746] bcachefs (loop0): dropping and reconstructing all alloc info
[   99.884202][ T6746] bcachefs (loop0): accounting_read...
[   99.884357][ T5878] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.892249][ T6746]  done
[   99.893421][ T6746] bcachefs (loop0): alloc_read... done
[   99.895939][ T6746] bcachefs (loop0): snapshots_read... done
[   99.898528][ T6746] bcachefs (loop0): check_allocations... done
[   99.916329][ T6746] bcachefs (loop0): going read-write
[   99.924501][ T6746] bcachefs (loop0): done starting filesystem
[   99.986625][ T6746] bcachefs (loop0): inode 536870912 i_sectors underflow: 8 + -24 < 0
[  100.003939][ T6746] bcachefs (loop0): inode 536870912 i_blocks underflow: 8 + -24 < 0 (ondisk 8)
[  100.013307][   T64] bcachefs (loop0): bucket incorrectly unset in freespace btree
[  100.013330][   T64]   u64s 5 type deleted 0:30:0 len 0 ver 0, , continuing
[  100.026041][   T64] bcachefs (loop0): bucket incorrectly unset in freespace btree
[  100.026049][   T64]   u64s 5 type deleted 0:39:0 len 0 ver 0, , continuing
[  100.032981][   T64] bcachefs (loop0): bucket incorrectly unset in freespace btree
[  100.033017][   T64]   u64s 5 type deleted 0:44:0 len 0 ver 0, , continuing
[  100.047376][   T64] bcachefs (loop0): bucket incorrectly unset in freespace btree
[  100.047383][   T64]   u64s 5 type deleted 0:48:0 len 0 ver 0, , continuing
[  100.059716][ T5878] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.090456][ T6746] syz.0.322 (6746) used greatest stack depth: 16568 bytes left
[  100.108713][ T5848] bcachefs (loop0): shutting down
[  100.111868][ T5848] bcachefs (loop0): going read-only
[  100.114021][ T5848] bcachefs (loop0): finished waiting for writes to stop
[  100.119072][ T5848] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11
[  100.137919][   T64] bcachefs (loop0): bucket incorrectly unset in freespace btree
[  100.137928][   T64]   u64s 5 type deleted 0:53:0 len 0 ver 0, , continuing
[  100.196554][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  100.200064][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  100.207029][ T5878] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.209517][ T5848] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 11
[  100.215195][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  100.225140][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  100.230797][ T5848] bcachefs (loop0): unclean shutdown complete, journal seq 12
[  100.234410][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  100.241031][ T5848] bcachefs (loop0): done going read-only, filesystem not clean
[  100.310710][ T5848] bcachefs (loop0): shutdown complete
[  100.437744][ T5878] bridge_slave_1: left allmulticast mode
[  100.439768][ T5878] bridge_slave_1: left promiscuous mode
[  100.443493][ T5878] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.450417][ T5878] bridge_slave_0: left allmulticast mode
[  100.460285][ T5878] bridge_slave_0: left promiscuous mode
[  100.463068][ T5878] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.749110][ T5878] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  100.755910][ T5878] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  100.761409][ T5878] bond0 (unregistering): Released all slaves
[  101.001514][ T6769] chnl_net:caif_netlink_parms(): no params data found
[  101.561491][ T5878] hsr_slave_0: left promiscuous mode
[  101.575343][ T5878] hsr_slave_1: left promiscuous mode
[  101.579778][ T5878] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  101.584229][ T5878] batman_adv: batadv0: Removing interface: batadv_slave_0
[  101.594882][ T5878] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  101.598350][ T5878] batman_adv: batadv0: Removing interface: batadv_slave_1
[  101.604932][ T5878] batman_adv: batadv0: Interface deactivated: vlan1
[  101.608027][ T5878] batman_adv: batadv0: Removing interface: vlan1
[  101.665262][ T5878] veth1_macvtap: left promiscuous mode
[  101.672298][ T5878] veth0_macvtap: left promiscuous mode
[  101.675043][ T5878] veth1_vlan: left promiscuous mode
[  101.677667][ T5878] veth0_vlan: left promiscuous mode
[  102.281938][ T5855] Bluetooth: hci1: command tx timeout
[  102.609679][ T5878] team0 (unregistering): Port device team_slave_1 removed
[  102.654328][ T5878] team0 (unregistering): Port device team_slave_0 removed
[  102.719480][ T6813] loop0: detected capacity change from 0 to 40427
[  102.723839][ T6813] F2FS-fs (loop0): build fault injection rate: 14
[  102.726520][ T6813] F2FS-fs (loop0): build fault injection type: 0x3bfe8c
[  102.744398][ T6813] F2FS-fs (loop0): invalid crc value
[  102.910700][    C0] F2FS-fs (loop0): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  102.927553][    C0] F2FS-fs (loop0): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  103.019630][ T6813] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  103.023023][ T6813] F2FS-fs (loop0): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[  103.027898][ T6813] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  103.070829][ T6813] F2FS-fs (loop0): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  103.095478][ T6813] F2FS-fs (loop0): inject dquot initialize in f2fs_dquot_initialize of f2fs_create+0x14c/0x5c0
[  103.129801][ T5848] syz-executor: attempt to access beyond end of device
[  103.129801][ T5848] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  103.147561][ T5848] CPU: 0 UID: 0 PID: 5848 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  103.147597][ T5848] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  103.147603][ T5848] Call Trace:
[  103.147608][ T5848]  <TASK>
[  103.147613][ T5848]  dump_stack_lvl+0x189/0x250
[  103.147633][ T5848]  ? __pfx_dump_stack_lvl+0x10/0x10
[  103.147645][ T5848]  ? __pfx_queue_work_on+0x10/0x10
[  103.147653][ T5848]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  103.147667][ T5848]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  103.147688][ T5848]  f2fs_handle_critical_error+0x37c/0x540
[  103.147709][ T5848]  f2fs_write_end_io+0x886/0xb60
[  103.147731][ T5848]  __submit_merged_bio+0x27a/0x6a0
[  103.147745][ T5848]  __submit_merged_write_cond+0x255/0x530
[  103.147764][ T5848]  f2fs_write_data_pages+0x261d/0x3000
[  103.147803][ T5848]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  103.147816][ T5848]  ? __switch_to+0xdae/0x1670
[  103.147856][ T5848]  ? rcu_is_watching+0x15/0xb0
[  103.147868][ T5848]  ? trace_sched_exit_tp+0x36/0x110
[  103.147882][ T5848]  ? __schedule+0x17ae/0x4cc0
[  103.147898][ T5848]  ? folios_put_refs+0x559/0x640
[  103.147912][ T5848]  ? __lock_acquire+0xab9/0xd20
[  103.147924][ T5848]  ? do_raw_spin_lock+0x121/0x290
[  103.147936][ T5848]  ? do_raw_spin_unlock+0x4d/0x240
[  103.147944][ T5848]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  103.147954][ T5848]  do_writepages+0x32e/0x550
[  103.148000][ T5848]  ? do_raw_spin_unlock+0x4d/0x240
[  103.148016][ T5848]  filemap_fdatawrite+0x199/0x240
[  103.148030][ T5848]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  103.148059][ T5848]  ? do_raw_spin_unlock+0x4d/0x240
[  103.148069][ T5848]  f2fs_sync_dirty_inodes+0x31f/0x830
[  103.148081][ T5848]  f2fs_write_checkpoint+0x95a/0x1df0
[  103.148097][ T5848]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  103.148122][ T5848]  ? kill_f2fs_super+0x298/0x6c0
[  103.148131][ T5848]  kill_f2fs_super+0x2c3/0x6c0
[  103.148140][ T5848]  ? __pfx_kill_f2fs_super+0x10/0x10
[  103.148145][ T5848]  ? radix_tree_delete_item+0x2b6/0x400
[  103.148158][ T5848]  ? shrinker_free+0x2ce/0x3e0
[  103.148167][ T5848]  deactivate_locked_super+0xbc/0x130
[  103.148177][ T5848]  cleanup_mnt+0x425/0x4c0
[  103.148185][ T5848]  ? lockdep_hardirqs_on+0x9c/0x150
[  103.148195][ T5848]  task_work_run+0x1d4/0x260
[  103.148206][ T5848]  ? __pfx_task_work_run+0x10/0x10
[  103.148213][ T5848]  ? __x64_sys_umount+0x122/0x160
[  103.148224][ T5848]  ? exit_to_user_mode_loop+0x40/0x110
[  103.148236][ T5848]  exit_to_user_mode_loop+0xec/0x110
[  103.148245][ T5848]  do_syscall_64+0x2bd/0x3b0
[  103.148254][ T5848]  ? lockdep_hardirqs_on+0x9c/0x150
[  103.148263][ T5848]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.148269][ T5848]  ? exc_page_fault+0x9f/0xf0
[  103.148279][ T5848]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.148285][ T5848] RIP: 0033:0x7fe8f5f8ff17
[  103.148293][ T5848] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  103.148299][ T5848] RSP: 002b:00007ffcf3ffc958 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  103.148308][ T5848] RAX: 0000000000000000 RBX: 00007fe8f6011c05 RCX: 00007fe8f5f8ff17
[  103.148312][ T5848] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcf3ffca10
[  103.148316][ T5848] RBP: 00007ffcf3ffca10 R08: 0000000000000000 R09: 0000000000000000
[  103.148320][ T5848] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcf3ffdaa0
[  103.148324][ T5848] R13: 00007fe8f6011c05 R14: 000000000001923c R15: 00007ffcf3ffdae0
[  103.148335][ T5848]  </TASK>
[  103.149811][ T5848] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  103.469632][ T6769] bridge0: port 1(bridge_slave_0) entered blocking state
[  103.487751][ T6769] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.496702][ T6769] bridge_slave_0: entered allmulticast mode
[  103.505374][ T6769] bridge_slave_0: entered promiscuous mode
[  103.525839][ T6769] bridge0: port 2(bridge_slave_1) entered blocking state
[  103.536932][ T6769] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.541560][ T6769] bridge_slave_1: entered allmulticast mode
[  103.548821][ T6769] bridge_slave_1: entered promiscuous mode
[  103.576134][ T6769] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  103.589857][ T6769] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  103.682633][ T6835] loop0: detected capacity change from 0 to 1024
[  103.708534][ T6769] team0: Port device team_slave_0 added
[  103.725045][ T6769] team0: Port device team_slave_1 added
[  103.770012][ T6769] batman_adv: batadv0: Adding interface: batadv_slave_0
[  103.772945][ T5211] hfsplus: b-tree write err: -5, ino 4
[  103.775730][ T6769] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  103.786056][ T6769] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  103.791296][ T6769] batman_adv: batadv0: Adding interface: batadv_slave_1
[  103.896872][ T6769] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  103.905756][ T6769] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  104.037553][ T6852] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input5
[  104.258991][ T6769] hsr_slave_0: entered promiscuous mode
[  104.267488][ T6769] hsr_slave_1: entered promiscuous mode
[  104.273461][ T6769] debugfs: 'hsr0' already exists in 'hsr'
[  104.275625][ T6769] Cannot create hsr debugfs directory
[  104.363454][ T5855] Bluetooth: hci1: command tx timeout
[  104.394436][   T10] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  104.440131][ T6769] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  104.446650][ T6769] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  104.451387][ T6769] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  104.457512][ T6769] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  104.504416][ T6769] 8021q: adding VLAN 0 to HW filter on device bond0
[  104.520115][ T6769] 8021q: adding VLAN 0 to HW filter on device team0
[  104.527863][   T40] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.530395][   T40] bridge0: port 1(bridge_slave_0) entered forwarding state
[  104.538293][   T40] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.541034][   T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[  104.552205][   T10] usb 1-1: Using ep0 maxpacket: 32
[  104.561159][   T10] usb 1-1: unable to get BOS descriptor or descriptor too short
[  104.569777][   T10] usb 1-1: config 120 has an invalid interface number: 86 but max is 0
[  104.581670][   T10] usb 1-1: config 120 has no interface number 0
[  104.593336][   T10] usb 1-1: New USB device found, idVendor=12d1, idProduct=9c20, bcdDevice=e5.af
[  104.622341][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  104.625767][   T10] usb 1-1: Product: syz
[  104.627588][   T10] usb 1-1: Manufacturer: syz
[  104.634531][   T10] usb 1-1: SerialNumber: syz
[  104.764217][ T6769] 8021q: adding VLAN 0 to HW filter on device batadv0
[  104.856053][   T10] huawei_cdc_ncm 1-1:120.86: More than one union descriptor, skipping ...
[  104.871052][   T10] huawei_cdc_ncm 1-1:120.86: CDC Union missing and no IAD found
[  104.877460][   T10] huawei_cdc_ncm 1-1:120.86: bind() failure
[  104.893352][   T10] usb 1-1: USB disconnect, device number 5
[  105.001202][ T6769] veth0_vlan: entered promiscuous mode
[  105.011559][ T6769] veth1_vlan: entered promiscuous mode
[  105.052316][ T6769] veth0_macvtap: entered promiscuous mode
[  105.057091][ T6769] veth1_macvtap: entered promiscuous mode
[  105.069194][ T6769] batman_adv: batadv0: Interface activated: batadv_slave_0
[  105.086616][ T6769] batman_adv: batadv0: Interface activated: batadv_slave_1
[  105.097608][ T5878] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  105.107279][ T5878] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  105.117799][ T5878] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  105.121308][ T5878] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  105.179449][   T40] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  105.184343][   T40] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  105.188625][ T6882] loop1: detected capacity change from 0 to 40427
[  105.213678][ T6882] F2FS-fs (loop1): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  105.216910][ T6882] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  105.220500][ T6882] F2FS-fs (loop1): build fault injection rate: 18446
[  105.224918][ T6882] F2FS-fs (loop1): invalid crc value
[  105.256311][   T40] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  105.259288][   T40] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  105.266363][ T6882] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  105.270531][ T6882] F2FS-fs (loop1): Start checkpoint disabled!
[  105.276569][ T6882] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  105.278891][ T6882] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  105.325112][ T6895] netlink: 4 bytes leftover after parsing attributes in process `syz.4.328'.
[  105.630135][  T794] IPVS: starting estimator thread 0...
[  105.633579][ T6913] IPVS: ip_vs_add_dest(): lower threshold is higher than upper threshold
[  105.723005][   T24] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  105.732282][ T6914] IPVS: using max 82 ests per chain, 196800 per kthread
[  105.873237][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  105.874891][ T6929] netlink: 12 bytes leftover after parsing attributes in process `syz.1.367'.
[  105.877698][   T24] usb 5-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00
[  105.877720][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.893914][   T24] usb 5-1: config 0 descriptor??
[  106.070887][ T6925] loop0: detected capacity change from 0 to 32768
[  106.112814][ T6937] loop1: detected capacity change from 0 to 8
[  106.127519][ T6937] SQUASHFS error: xz decompression failed, data probably corrupt
[  106.130599][ T6937] SQUASHFS error: Failed to read block 0x108: -5
[  106.135357][ T6937] SQUASHFS error: Unable to read metadata cache entry [106]
[  106.138023][ T6937] SQUASHFS error: Unable to read inode 0x11f
[  106.210717][   T33] audit: type=1800 audit(1756240442.750:11): pid=6938 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.365" name=6FBBB5B3917CFDD353F7BCFDE548723279FF64E596D786BA4ADB384D3F1E1DBD9A07DD1538CC95CE4DD8FC9383676FF677EF1F5FCC131FAC6E5CBDFCED0F87AD2AFD92705007 dev="loop0" ino=7 res=0 errno=0
[  106.309693][   T24] logitech 0003:046D:C295.0004: unbalanced delimiter at end of report description
[  106.313375][   T24] logitech 0003:046D:C295.0004: parse failed
[  106.315646][   T24] logitech 0003:046D:C295.0004: probe with driver logitech failed with error -22
[  106.442168][ T5855] Bluetooth: hci1: command tx timeout
[  106.512602][   T10] usb 5-1: USB disconnect, device number 2
[  107.344163][ T6966] loop0: detected capacity change from 0 to 32768
[  107.355697][ T6966] btrfs: Deprecated parameter 'usebackuproot'
[  107.358286][ T6966] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  107.377767][ T6966] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.384 (6966)
[  107.387724][ T6966] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  107.391214][ T6966] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  107.409442][ T6981] loop1: detected capacity change from 0 to 256
[  107.415772][ T6981] exfat: Deprecated parameter 'namecase'
[  107.418229][ T6981] exfat: Deprecated parameter 'utf8'
[  107.431162][ T6981] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x22785e93, utbl_chksum : 0xe619d30d)
[  107.458143][ T5211] BTRFS warning (device loop0): checksum verify failed on logical 5332992 mirror 1 wanted 0x1335c47d3f94e85552e31a8ecc9dd4db4dece1445f3fbef1d5b0b5e8324c15d5 found 0xcea87ee063bd251119e15decda5710a07d8e85e2778d8d252c63d626f7908e88 level 0
[  107.467446][ T6966] BTRFS warning (device loop0): couldn't read tree root
[  107.469860][ T6966] BTRFS warning (device loop0): try to load backup roots slot 1
[  107.474285][ T5211] BTRFS warning (device loop0): checksum verify failed on logical 5316608 mirror 1 wanted 0xb001d4f158ebf17886eb9b349cc578df426378b44edb3de36507a57b3eac681f found 0x0b908b9c3d6a85db310ab1f2d55cc0041628a95fe1119b2392c7240f4d288b71 level 0
[  107.482632][ T6966] BTRFS error (device loop0): failed to load root extent
[  107.485048][ T6966] BTRFS warning (device loop0): try to load backup roots slot 2
[  107.487707][ T4875] BTRFS error (device loop0): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  107.491036][ T6966] BTRFS warning (device loop0): couldn't read tree root
[  107.494042][ T6966] BTRFS warning (device loop0): try to load backup roots slot 3
[  107.497123][ T5211] BTRFS warning (device loop0): checksum verify failed on logical 5242880 mirror 1 wanted 0x8d90b910ec13d95ec17ddbe87d1d5dca5d3dff1259e90cf51f7cd4ff39170caa found 0x2c6f33dc4a1b8241cbc053946ef24b7ff492958e8750b32b0a34987f52d1e2e7 level 0
[  107.504853][ T6966] BTRFS warning (device loop0): couldn't read tree root
[  107.525705][ T6966] BTRFS error (device loop0): open_ctree failed: -5
[  107.639066][ T6999] netlink: 8 bytes leftover after parsing attributes in process `syz.1.393'.
[  108.531801][ T5855] Bluetooth: hci1: command tx timeout
[  109.551220][ T7010] loop0: detected capacity change from 0 to 32768
[  109.659522][ T7010] ERROR: (device loop0): dbAlloc: unable to allocate blocks
[  109.659522][ T7010] 
[  109.664673][ T7010] ERROR: (device loop0): remounting filesystem as read-only
[  110.724201][ T7037] loop1: detected capacity change from 0 to 32768
[  110.732120][ T7037] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  110.750300][ T7037] XFS (loop1): Ending clean mount
[  110.757753][ T7037] XFS (loop1): Quotacheck needed: Please wait.
[  110.782840][ T7037] XFS (loop1): Quotacheck: Done.
[  110.818502][ T5856] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  110.911934][  T794] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  111.061828][  T794] usb 5-1: Using ep0 maxpacket: 8
[  111.066464][  T794] usb 5-1: config 0 has too many interfaces: 65, using maximum allowed: 32
[  111.074050][ T7056] vivid-003: disconnect
[  111.076203][  T794] usb 5-1: config 0 has an invalid interface number: 150 but max is 64
[  111.079555][  T794] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  111.087845][  T794] usb 5-1: config 0 has 2 interfaces, different from the descriptor's value: 65
[  111.090919][  T794] usb 5-1: config 0 has no interface number 0
[  111.192156][  T794] usb 5-1: config 0 interface 150 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  111.211785][  T794] usb 5-1: config 0 interface 150 has no altsetting 0
[  111.214314][  T794] usb 5-1: New USB device found, idVendor=1395, idProduct=0300, bcdDevice=81.75
[  111.217332][  T794] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  111.222699][ T7052] vivid-003: reconnect
[  111.226261][  T794] usb 5-1: config 0 descriptor??
[  111.355364][ T7055] loop0: detected capacity change from 0 to 40427
[  111.364498][ T7055] F2FS-fs (loop0): build fault injection rate: 771
[  111.397786][ T7055] F2FS-fs (loop0): invalid crc value
[  111.483351][ T7062] loop1: detected capacity change from 0 to 4096
[  111.487542][  T794] usb 5-1: USB disconnect, device number 3
[  111.490398][ T7062] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512).
[  111.512734][ T7062] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  111.524976][ T7062] ntfs3(loop1): Failed to load $AttrDef (-22)
[  111.586326][ T7055] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  111.598014][ T7055] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  111.647260][ T7055] syz.0.409: attempt to access beyond end of device
[  111.647260][ T7055] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  111.658947][ T7055] syz.0.409: attempt to access beyond end of device
[  111.658947][ T7055] loop0: rw=34817, sector=45096, nr_sectors = 8 limit=40427
[  111.668959][ T7055] syz.0.409: attempt to access beyond end of device
[  111.668959][ T7055] loop0: rw=0, sector=77936, nr_sectors = 8 limit=40427
[  111.677606][ T7055] syz.0.409: attempt to access beyond end of device
[  111.677606][ T7055] loop0: rw=0, sector=45096, nr_sectors = 8 limit=40427
[  111.690444][ T7055] syz.0.409: attempt to access beyond end of device
[  111.690444][ T7055] loop0: rw=0, sector=45096, nr_sectors = 8 limit=40427
[  111.714005][ T5848] syz-executor: attempt to access beyond end of device
[  111.714005][ T5848] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  111.726750][ T5848] CPU: 0 UID: 0 PID: 5848 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  111.726769][ T5848] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  111.726776][ T5848] Call Trace:
[  111.726781][ T5848]  <TASK>
[  111.726787][ T5848]  dump_stack_lvl+0x189/0x250
[  111.726810][ T5848]  ? __pfx_dump_stack_lvl+0x10/0x10
[  111.726824][ T5848]  ? __pfx_queue_work_on+0x10/0x10
[  111.726835][ T5848]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  111.726851][ T5848]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  111.726904][ T5848]  f2fs_handle_critical_error+0x37c/0x540
[  111.726928][ T5848]  f2fs_write_end_io+0x886/0xb60
[  111.726955][ T5848]  __submit_merged_bio+0x27a/0x6a0
[  111.726976][ T5848]  __submit_merged_write_cond+0x255/0x530
[  111.726999][ T5848]  f2fs_write_data_pages+0x261d/0x3000
[  111.727044][ T5848]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  111.727095][ T5848]  ? __mod_zone_page_state+0xd7/0x140
[  111.727120][ T5848]  ? folios_put_refs+0x560/0x640
[  111.727142][ T5848]  ? __pfx_folios_put_refs+0x10/0x10
[  111.727154][ T5848]  ? rcu_is_watching+0x15/0xb0
[  111.727173][ T5848]  ? __lock_acquire+0xab9/0xd20
[  111.727202][ T5848]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  111.727221][ T5848]  do_writepages+0x32e/0x550
[  111.727245][ T5848]  ? do_raw_spin_unlock+0x4d/0x240
[  111.727264][ T5848]  filemap_fdatawrite+0x199/0x240
[  111.727287][ T5848]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  111.727341][ T5848]  ? do_raw_spin_unlock+0x4d/0x240
[  111.727360][ T5848]  f2fs_sync_dirty_inodes+0x31f/0x830
[  111.727386][ T5848]  f2fs_write_checkpoint+0x95a/0x1df0
[  111.727418][ T5848]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  111.727463][ T5848]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  111.727474][ T5848]  ? kfree+0x18e/0x440
[  111.727490][ T5848]  ? kill_f2fs_super+0x298/0x6c0
[  111.727505][ T5848]  kill_f2fs_super+0x2c3/0x6c0
[  111.727522][ T5848]  ? __pfx_kill_f2fs_super+0x10/0x10
[  111.727531][ T5848]  ? radix_tree_delete_item+0x2b6/0x400
[  111.727552][ T5848]  ? shrinker_free+0x2ce/0x3e0
[  111.727567][ T5848]  deactivate_locked_super+0xbc/0x130
[  111.727584][ T5848]  cleanup_mnt+0x425/0x4c0
[  111.727598][ T5848]  ? lockdep_hardirqs_on+0x9c/0x150
[  111.727617][ T5848]  task_work_run+0x1d4/0x260
[  111.727632][ T5848]  ? __pfx_task_work_run+0x10/0x10
[  111.727645][ T5848]  ? __x64_sys_umount+0x122/0x160
[  111.727662][ T5848]  ? exit_to_user_mode_loop+0x40/0x110
[  111.727681][ T5848]  exit_to_user_mode_loop+0xec/0x110
[  111.727698][ T5848]  do_syscall_64+0x2bd/0x3b0
[  111.727714][ T5848]  ? lockdep_hardirqs_on+0x9c/0x150
[  111.727728][ T5848]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.727739][ T5848]  ? exc_page_fault+0x9f/0xf0
[  111.727757][ T5848]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.727767][ T5848] RIP: 0033:0x7fe8f5f8ff17
[  111.727778][ T5848] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  111.727787][ T5848] RSP: 002b:00007ffcf3ffc958 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  111.727801][ T5848] RAX: 0000000000000000 RBX: 00007fe8f6011c05 RCX: 00007fe8f5f8ff17
[  111.727808][ T5848] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcf3ffca10
[  111.727815][ T5848] RBP: 00007ffcf3ffca10 R08: 0000000000000000 R09: 0000000000000000
[  111.727822][ T5848] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcf3ffdaa0
[  111.727829][ T5848] R13: 00007fe8f6011c05 R14: 000000000001b3c5 R15: 00007ffcf3ffdae0
[  111.727851][ T5848]  </TASK>
[  111.727856][ T5848] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  112.309743][ T7095] loop0: detected capacity change from 0 to 512
[  112.322538][ T7095] EXT4-fs: Ignoring removed nobh option
[  112.326733][ T7095] EXT4-fs (loop0): Test dummy encryption mode enabled
[  112.348929][ T7095] EXT4-fs error (device loop0): __ext4_iget:5464: inode #11: block 1: comm syz.0.424: invalid block
[  112.374705][ T7095] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.424: couldn't read orphan inode 11 (err -117)
[  112.389186][ T7095] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  112.479181][ T5848] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.742178][ T7113] loop1: detected capacity change from 0 to 4096
[  112.774080][ T7113] ntfs3(loop1): ino=3, ntfs_set_state failed, -22.
[  112.777022][ T7113] ntfs3(loop1): Failed to initialize $Extend/$ObjId.
[  113.025082][ T7108] loop4: detected capacity change from 0 to 32768
[  113.054209][ T7108] ERROR: (device loop4): dtSearch: DT_GETPAGE: dtree page corrupt
[  113.054209][ T7108] 
[  113.060647][ T7109] loop0: detected capacity change from 0 to 40427
[  113.071655][ T7108] ERROR: (device loop4): remounting filesystem as read-only
[  113.078197][ T7109] F2FS-fs: heap/no_heap options were deprecated
[  113.087139][ T7108] jfs_lookup: dtSearch returned -5
[  113.098664][ T7108] ERROR: (device loop4): dtReadFirst: DT_GETPAGE: dtree page corrupt
[  113.098664][ T7108] 
[  113.121845][ T7109] F2FS-fs (loop0): invalid crc value
[  113.134712][ T7108] jfs_readdir: unexpected rc = -5 from dtReadNext
[  113.328622][ T7109] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  113.343601][ T7109] F2FS-fs (loop0): Start checkpoint disabled!
[  113.350852][ T7109] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  113.569478][  T136] ntfs3(loop1): ino=3, ntfs3_write_inode failed, -22.
[  113.577468][ T5856] ntfs3(loop1): ino=3, ntfs_set_state failed, -22.
[  113.580430][ T5856] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  113.586548][ T5856] ntfs3(loop1): ino=3, ntfs_set_state failed, -22.
[  113.591345][   T27] ntfs3(loop1): ino=3, ntfs3_write_inode failed, -22.
[  113.727271][ T7126] loop4: detected capacity change from 0 to 1024
[  113.730703][ T7126] hfsplus: type requires a 4 character value
[  113.774715][ T7128] loop1: detected capacity change from 0 to 256
[  114.003758][ T7143] autofs: Bad value for 'fd'
[  114.475394][ T7151] loop0: detected capacity change from 0 to 256
[  114.967286][ T7151] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  115.193932][ T7156] loop4: detected capacity change from 0 to 1024
[  115.197454][ T7156] EXT4-fs: Ignoring removed nomblk_io_submit option
[  115.222585][ T7156] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.272753][ T7156] EXT4-fs error (device loop4): __ext4_new_inode:1073: comm syz.4.446: reserved inode found cleared - inode=18
[  115.397374][ T6769] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.501272][ T7173] loop1: detected capacity change from 0 to 512
[  115.513555][ T7173] EXT4-fs: Ignoring removed nomblk_io_submit option
[  115.521482][ T7173] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  115.535679][ T7173] EXT4-fs (loop1): 1 truncate cleaned up
[  115.543637][ T7173] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.723085][ T5856] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.095348][ T7220] netlink: 'syz.0.462': attribute type 10 has an invalid length.
[  116.098908][ T7220] netlink: 40 bytes leftover after parsing attributes in process `syz.0.462'.
[  116.115550][ T7220] batman_adv: batadv0: Adding interface: virt_wifi0
[  116.118413][ T7220] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  116.128997][ T7220] batman_adv: batadv0: Interface activated: virt_wifi0
[  117.336437][ T7237] loop1: detected capacity change from 0 to 512
[  117.407074][ T7237] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.416762][ T7237] ext4 filesystem being mounted at /183/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  117.474472][ T5856] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.477682][   T47] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[  117.634489][   T47] usb 1-1: not running at top speed; connect to a high speed hub
[  117.640348][   T47] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  117.644692][   T47] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  117.647704][   T47] usb 1-1: config 1 has no interface number 1
[  117.650316][   T47] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  117.656136][   T47] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 4
[  117.661964][   T47] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  117.681763][   T47] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.684346][   T47] usb 1-1: Product: syz
[  117.685700][   T47] usb 1-1: Manufacturer: syz
[  117.687298][   T47] usb 1-1: SerialNumber: syz
[  117.726939][ T7249] loop4: detected capacity change from 0 to 64
[  117.918500][ T7256] loop1: detected capacity change from 0 to 2048
[  117.924686][ T7256] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  117.934215][ T7256] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  117.942976][   T47] usb 1-1: 2:1 : no or invalid class specific endpoint descriptor
[  118.400231][   T47] usb 1-1: USB disconnect, device number 6
[  118.487473][ T5849] udevd[5849]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  118.798941][   T10] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  118.953924][   T10] usb 2-1: Using ep0 maxpacket: 32
[  118.957837][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  118.962296][   T10] usb 2-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00
[  118.969514][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.984791][   T10] usb 2-1: config 0 descriptor??
[  119.102002][ T5834] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  119.169180][ T7290] netlink: 4 bytes leftover after parsing attributes in process `syz.0.492'.
[  119.227897][ T7292] loop0: detected capacity change from 0 to 8
[  119.243664][ T7292] SQUASHFS error: Failed to read block 0x62: -5
[  119.248672][ T7292] squashfs image failed sanity check
[  119.258312][ T5834] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  119.263838][ T5834] usb 5-1: New USB device found, idVendor=04d8, idProduct=00df, bcdDevice= 0.00
[  119.267718][ T5834] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.307729][ T5834] usb 5-1: config 0 descriptor??
[  119.460370][   T10] magicmouse 0003:05AC:0265.0005: hidraw0: USB HID v0.00 Device [HID 05ac:0265] on usb-dummy_hcd.1-1/input0
[  119.650744][    T9] usb 2-1: USB disconnect, device number 6
[  119.759103][ T5834] mcp2200 0003:04D8:00DF.0006: USB HID v0.00 Device [HID 04d8:00df] on usb-dummy_hcd.4-1/input0
[  119.997728][   T47] usb 5-1: USB disconnect, device number 4
[  120.635121][ T7302] netlink: 4 bytes leftover after parsing attributes in process `syz.0.496'.
[  120.745071][ T7309] loop0: detected capacity change from 0 to 256
[  120.765132][ T7309] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  120.778847][ T7309] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  120.787195][ T7309] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  120.980585][ T7308] loop4: detected capacity change from 0 to 40427
[  120.984933][ T7308] F2FS-fs: heap/no_heap options were deprecated
[  120.989956][ T7308] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[  120.994140][ T7308] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  121.001104][ T7308] F2FS-fs (loop4): invalid crc value
[  121.039894][ T7308] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  121.045410][ T7308] F2FS-fs (loop4): Start checkpoint disabled!
[  121.050613][ T7308] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  121.053895][ T7308] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  121.080950][   T27] kworker/u10:0: attempt to access beyond end of device
[  121.080950][   T27] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  121.088901][   T27] CPU: 0 UID: 0 PID: 27 Comm: kworker/u10:0 Not tainted syzkaller #0 PREEMPT(full) 
[  121.088921][   T27] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  121.088929][   T27] Workqueue: writeback wb_workfn (flush-7:4)
[  121.088953][   T27] Call Trace:
[  121.088959][   T27]  <TASK>
[  121.088965][   T27]  dump_stack_lvl+0x189/0x250
[  121.088986][   T27]  ? __pfx_dump_stack_lvl+0x10/0x10
[  121.089000][   T27]  ? __pfx_queue_work_on+0x10/0x10
[  121.089013][   T27]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  121.089029][   T27]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  121.089054][   T27]  f2fs_handle_critical_error+0x37c/0x540
[  121.089077][   T27]  f2fs_write_end_io+0x886/0xb60
[  121.089104][   T27]  __submit_merged_bio+0x27a/0x6a0
[  121.089126][   T27]  __submit_merged_write_cond+0x255/0x530
[  121.089148][   T27]  f2fs_write_data_pages+0x261d/0x3000
[  121.089195][   T27]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  121.089223][   T27]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  121.089263][   T27]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  121.089289][   T27]  ? trace_f2fs_writepages+0x7f/0x200
[  121.089316][   T27]  ? f2fs_write_node_pages+0x478/0x6e0
[  121.089352][   T27]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  121.089369][   T27]  do_writepages+0x32e/0x550
[  121.089390][   T27]  ? reacquire_held_locks+0x127/0x1d0
[  121.089401][   T27]  ? writeback_sb_inodes+0x384/0x1010
[  121.089423][   T27]  __writeback_single_inode+0x145/0xff0
[  121.089438][   T27]  ? do_raw_spin_unlock+0x4d/0x240
[  121.089456][   T27]  writeback_sb_inodes+0x6c7/0x1010
[  121.089470][   T27]  ? lockdep_hardirqs_on+0x9c/0x150
[  121.089506][   T27]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  121.089556][   T27]  ? rcu_is_watching+0x15/0xb0
[  121.089577][   T27]  wb_writeback+0x43b/0xaf0
[  121.089598][   T27]  ? queue_io+0x3a1/0x590
[  121.089616][   T27]  ? __pfx_wb_writeback+0x10/0x10
[  121.089638][   T27]  ? _raw_spin_unlock_irq+0x23/0x50
[  121.089657][   T27]  wb_workfn+0x409/0xef0
[  121.089683][   T27]  ? __pfx_wb_workfn+0x10/0x10
[  121.089701][   T27]  ? __lock_acquire+0xab9/0xd20
[  121.089727][   T27]  ? process_scheduled_works+0x9ef/0x17b0
[  121.089746][   T27]  ? _raw_spin_unlock_irq+0x23/0x50
[  121.089760][   T27]  ? process_scheduled_works+0x9ef/0x17b0
[  121.089770][   T27]  ? process_scheduled_works+0x9ef/0x17b0
[  121.089815][   T27]  process_scheduled_works+0xae1/0x17b0
[  121.089851][   T27]  ? __pfx_process_scheduled_works+0x10/0x10
[  121.089879][   T27]  worker_thread+0x8a0/0xda0
[  121.089915][   T27]  kthread+0x711/0x8a0
[  121.089935][   T27]  ? __pfx_worker_thread+0x10/0x10
[  121.089946][   T27]  ? __pfx_kthread+0x10/0x10
[  121.089962][   T27]  ? _raw_spin_unlock_irq+0x23/0x50
[  121.089976][   T27]  ? lockdep_hardirqs_on+0x9c/0x150
[  121.089989][   T27]  ? __pfx_kthread+0x10/0x10
[  121.090001][   T27]  ret_from_fork+0x3fc/0x770
[  121.090016][   T27]  ? __pfx_ret_from_fork+0x10/0x10
[  121.090034][   T27]  ? __switch_to_asm+0x39/0x70
[  121.090048][   T27]  ? __switch_to_asm+0x33/0x70
[  121.090061][   T27]  ? __pfx_kthread+0x10/0x10
[  121.090076][   T27]  ret_from_fork_asm+0x1a/0x30
[  121.090105][   T27]  </TASK>
[  121.090110][   T27] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  121.464647][ T7328] loop4: detected capacity change from 0 to 1024
[  121.500938][ T7328] hfsplus: inconsistency in B*Tree (1,0,1,0,1)
[  121.505671][ T7328] hfsplus: inconsistency in B*Tree (1,0,1,0,1)
[  121.528582][ T5211] hfsplus: b-tree write err: -5, ino 4
[  121.660848][ T7326] loop1: detected capacity change from 0 to 40427
[  121.670288][ T7326] F2FS-fs (loop1): invalid crc value
[  121.720461][ T7332] loop4: detected capacity change from 0 to 4096
[  121.731130][ T7332] ntfs3: Invalid value for umask.
[  121.759934][ T7326] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  121.764506][ T7326] F2FS-fs (loop1): Start checkpoint disabled!
[  121.769719][ T7326] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  121.840347][ T5211] kworker/u9:6: attempt to access beyond end of device
[  121.840347][ T5211] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  121.846742][ T5211] CPU: 0 UID: 0 PID: 5211 Comm: kworker/u9:6 Not tainted syzkaller #0 PREEMPT(full) 
[  121.846760][ T5211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  121.846768][ T5211] Workqueue: writeback wb_workfn (flush-7:1)
[  121.846910][ T5211] Call Trace:
[  121.846915][ T5211]  <TASK>
[  121.846920][ T5211]  dump_stack_lvl+0x189/0x250
[  121.846939][ T5211]  ? __pfx_dump_stack_lvl+0x10/0x10
[  121.846953][ T5211]  ? __pfx_queue_work_on+0x10/0x10
[  121.846963][ T5211]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  121.846977][ T5211]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  121.847000][ T5211]  f2fs_handle_critical_error+0x37c/0x540
[  121.847022][ T5211]  f2fs_write_end_io+0x886/0xb60
[  121.847043][ T5211]  __submit_merged_bio+0x27a/0x6a0
[  121.847061][ T5211]  __submit_merged_write_cond+0x255/0x530
[  121.847080][ T5211]  f2fs_write_data_pages+0x261d/0x3000
[  121.847117][ T5211]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  121.847141][ T5211]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  121.847177][ T5211]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  121.847192][ T5211]  ? look_up_lock_class+0x74/0x170
[  121.847215][ T5211]  ? trace_f2fs_writepages+0x7f/0x200
[  121.847231][ T5211]  ? f2fs_write_node_pages+0x478/0x6e0
[  121.847249][ T5211]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  121.847275][ T5211]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  121.847292][ T5211]  do_writepages+0x32e/0x550
[  121.847311][ T5211]  ? reacquire_held_locks+0x127/0x1d0
[  121.847323][ T5211]  ? writeback_sb_inodes+0x384/0x1010
[  121.847343][ T5211]  __writeback_single_inode+0x145/0xff0
[  121.847358][ T5211]  ? do_raw_spin_unlock+0x4d/0x240
[  121.847373][ T5211]  writeback_sb_inodes+0x6c7/0x1010
[  121.847407][ T5211]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  121.847451][ T5211]  ? rcu_is_watching+0x15/0xb0
[  121.847471][ T5211]  wb_writeback+0x43b/0xaf0
[  121.847491][ T5211]  ? queue_io+0x3a1/0x590
[  121.847509][ T5211]  ? __pfx_wb_writeback+0x10/0x10
[  121.847529][ T5211]  ? _raw_spin_unlock_irq+0x23/0x50
[  121.847552][ T5211]  wb_workfn+0x409/0xef0
[  121.847576][ T5211]  ? __pfx_wb_workfn+0x10/0x10
[  121.847591][ T5211]  ? __lock_acquire+0xab9/0xd20
[  121.847615][ T5211]  ? process_scheduled_works+0x9ef/0x17b0
[  121.847631][ T5211]  ? _raw_spin_unlock_irq+0x23/0x50
[  121.847643][ T5211]  ? process_scheduled_works+0x9ef/0x17b0
[  121.847654][ T5211]  ? process_scheduled_works+0x9ef/0x17b0
[  121.847666][ T5211]  process_scheduled_works+0xae1/0x17b0
[  121.847698][ T5211]  ? __pfx_process_scheduled_works+0x10/0x10
[  121.847723][ T5211]  worker_thread+0x8a0/0xda0
[  121.847737][ T5211]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  121.847757][ T5211]  ? __kthread_parkme+0x7b/0x200
[  121.847805][ T5211]  kthread+0x711/0x8a0
[  121.847823][ T5211]  ? __pfx_worker_thread+0x10/0x10
[  121.847835][ T5211]  ? __pfx_kthread+0x10/0x10
[  121.847850][ T5211]  ? _raw_spin_unlock_irq+0x23/0x50
[  121.847863][ T5211]  ? lockdep_hardirqs_on+0x9c/0x150
[  121.847877][ T5211]  ? __pfx_kthread+0x10/0x10
[  121.847892][ T5211]  ret_from_fork+0x3fc/0x770
[  121.847907][ T5211]  ? __pfx_ret_from_fork+0x10/0x10
[  121.847923][ T5211]  ? __switch_to_asm+0x39/0x70
[  121.847936][ T5211]  ? __switch_to_asm+0x33/0x70
[  121.847949][ T5211]  ? __pfx_kthread+0x10/0x10
[  121.847963][ T5211]  ret_from_fork_asm+0x1a/0x30
[  121.847988][ T5211]  </TASK>
[  121.847993][ T5211] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  122.284928][ T7342] loop4: detected capacity change from 0 to 32768
[  122.297070][ T7342] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.513 (7342)
[  122.316432][ T7342] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  122.319704][ T7342] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  122.377369][ T7342] BTRFS info (device loop4): enabling ssd optimizations
[  122.381953][ T7342] BTRFS info (device loop4): enabling free space tree
[  122.416426][   T33] audit: type=1800 audit(1756240458.960:12): pid=7342 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.513" name="file1" dev="loop4" ino=260 res=0 errno=0
[  122.479131][ T7344] loop1: detected capacity change from 0 to 32768
[  122.506405][ T7344] JBD2: Ignoring recovery information on journal
[  122.548211][ T7344] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  122.623543][ T5856] ocfs2: Unmounting device (7,1) on (node local)
[  122.813301][ T6769] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  123.605338][ T7371] mmap: syz.4.515 (7371) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  124.050298][ T7385] evm: overlay not supported
[  124.341262][ T7388] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  124.567406][ T7394] loop4: detected capacity change from 0 to 256
[  124.779328][ T7399] loop4: detected capacity change from 0 to 256
[  124.784766][ T7399] exfat: Deprecated parameter 'utf8'
[  124.800078][ T7399] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[  124.859835][ T7403] overlayfs: upper fs does not support file handles, falling back to index=off.
[  124.979769][ T7409] vivid-001: disconnect
[  124.987963][ T7408] vivid-001: reconnect
[  125.198555][ T7419] loop4: detected capacity change from 0 to 1024
[  125.205964][ T7419] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  125.216162][ T7419] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869)
[  125.220702][ T7419] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  125.228821][ T7419] EXT4-fs (loop4): invalid journal inode
[  125.471880][ T5834] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  125.627120][ T7432] netlink: 8 bytes leftover after parsing attributes in process `syz.4.544'.
[  125.633192][ T5834] usb 1-1: New USB device found, idVendor=0856, idProduct=ac31, bcdDevice=93.1e
[  125.636900][ T5834] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  125.640034][ T5834] usb 1-1: Product: syz
[  125.648901][ T5834] usb 1-1: Manufacturer: syz
[  125.650843][ T5834] usb 1-1: SerialNumber: syz
[  125.671423][ T5834] usb 1-1: config 0 descriptor??
[  125.958464][ T7442] syzkaller1: entered promiscuous mode
[  125.960580][ T7442] syzkaller1: entered allmulticast mode
[  125.974209][ T7444] loop1: detected capacity change from 0 to 8
[  125.982636][ T7444] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  126.002617][ T7444] process 'syz.1.550' launched './file2' with NULL argv: empty string added
[  126.006090][ T7444] cramfs: Error -5 while decompressing!
[  126.008214][ T7444] cramfs: ffffffff99bec668(26)->ffff88811c68c000(4096)
[  126.010389][ T7444] cramfs: Error -3 while decompressing!
[  126.013264][ T7444] cramfs: ffffffff99bec682(26)->ffff88811c68b000(4096)
[  126.016246][ T7444] cramfs: Error -3 while decompressing!
[  126.018609][ T7444] cramfs: ffffffff99bec69c(16)->ffff88811c68a000(4096)
[  126.021556][ T7444] cramfs: Error -5 while decompressing!
[  126.027804][ T7444] cramfs: ffffffff99bec668(26)->ffff88811c68c000(4096)
[  126.290251][ T5834] mos7840 1-1:0.0: required endpoints missing
[  126.307995][ T5834] usb 1-1: USB disconnect, device number 7
[  126.473497][ T7458] loop1: detected capacity change from 0 to 32768
[  126.525986][ T7458] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  126.556255][ T7458] XFS (loop1): Ending clean mount
[  126.559007][ T7458] XFS (loop1): Quotacheck needed: Please wait.
[  126.604541][ T7458] XFS (loop1): Quotacheck: Done.
[  126.653843][ T5856] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  126.995792][ T7567] netlink: 28 bytes leftover after parsing attributes in process `syz.1.564'.
[  126.999338][ T7567] netlink: 28 bytes leftover after parsing attributes in process `syz.1.564'.
[  127.411170][ T7580] netlink: 129704 bytes leftover after parsing attributes in process `syz.4.567'.
[  127.791085][ T7558] loop0: detected capacity change from 0 to 131072
[  127.799396][ T7558] F2FS-fs (loop0): Wrong CP boundary, start(512) end(1536) blocks(0)
[  127.803384][ T7558] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  127.812571][ T7558] F2FS-fs (loop0): invalid crc value
[  128.024704][ T7558] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  128.033374][ T7558] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  128.036442][ T7558] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  128.245173][ T7592] genirq: Flags mismatch irq 4. 00200000 (pcl818) vs. 00200080 (ttyS0)
[  128.474625][ T7598] loop1: detected capacity change from 0 to 4096
[  128.519303][ T7598] ntfs3(loop1): Failed to initialize $Extend/$ObjId.
[  128.525042][ T7600] loop4: detected capacity change from 0 to 1024
[  128.607294][ T7602] Invalid source name
[  128.614181][ T7602] UBIFS error (pid: 7602): cannot open "./file0", error -22
[  128.677012][ T7604] syzkaller1: entered promiscuous mode
[  128.682959][ T7604] syzkaller1: entered allmulticast mode
[  128.705184][ T7606] Bluetooth: MGMT ver 1.23
[  128.742201][ T7610] loop4: detected capacity change from 0 to 1024
[  129.111819][ T7620] loop0: detected capacity change from 0 to 32768
[  129.219168][ T7620] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.583 (7620)
[  129.352290][ T7620] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  129.368017][ T7620] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  129.436252][ T7620] BTRFS info (device loop0): enabling ssd optimizations
[  129.444193][ T7620] BTRFS info (device loop0): enabling free space tree
[  129.449279][ T7616] loop4: detected capacity change from 0 to 40427
[  129.458216][ T7616] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  129.471632][ T7616] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  129.559209][ T5848] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  129.570611][ T7616] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  129.580854][ T7616] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  129.588994][ T7616] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  130.808508][ T7663] loop1: detected capacity change from 0 to 32768
[  130.828145][ T7663] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.593 (7663)
[  130.876110][ T7663] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  130.880356][ T7663] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  130.929090][ T7661] loop4: detected capacity change from 0 to 32768
[  130.933504][ T7661] XFS: attr2 mount option is deprecated.
[  130.960060][ T7661] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[  130.968241][ T7661] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  130.987904][ T7661] XFS (loop4): Ending clean mount
[  130.994074][ T7661] XFS (loop4): Quotacheck needed: Please wait.
[  131.000791][ T7663] BTRFS info (device loop1): rebuilding free space tree
[  131.029899][ T7661] XFS (loop4): Quotacheck: Done.
[  131.047915][ T7663] BTRFS info (device loop1): enabling ssd optimizations
[  131.050831][ T7663] BTRFS info (device loop1): turning on flush-on-commit
[  131.074411][ T7663] BTRFS info (device loop1): enabling free space tree
[  131.077331][ T7663] BTRFS info (device loop1): force clearing of disk cache
[  131.080351][ T7663] BTRFS info (device loop1): doing ref verification
[  131.095783][ T7663] BTRFS info (device loop1): max_inline set to 4096
[  131.098212][ T6769] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  131.139250][ T7665] loop0: detected capacity change from 0 to 32768
[  131.197443][ T7665] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.594 (7665)
[  131.259394][ T7665] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  131.282013][ T7665] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  131.330300][ T5856] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  131.484164][ T7665] BTRFS info (device loop0): enabling ssd optimizations
[  131.487058][ T7665] BTRFS info (device loop0): enabling free space tree
[  131.489842][ T7665] BTRFS info (device loop0): use zstd compression, level 3
[  131.572520][   T33] audit: type=1800 audit(1756240468.120:13): pid=7665 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.594" name="file1" dev="loop0" ino=260 res=0 errno=0
[  131.756387][ T5848] BTRFS info (device loop0): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  132.327331][ T7730] loop4: detected capacity change from 0 to 1024
[  132.394114][ T7730] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.502506][ T5834] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  132.687066][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  132.689943][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  133.215836][ T5834] usb 1-1: config 0 has an invalid interface number: 64 but max is 0
[  133.219826][ T5834] usb 1-1: config 0 has no interface number 0
[  133.224845][ T5834] usb 1-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice= 0.07
[  133.228860][ T5834] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  133.235818][ T5834] usb 1-1: Product: syz
[  133.237621][ T5834] usb 1-1: Manufacturer: syz
[  133.239630][ T5834] usb 1-1: SerialNumber: syz
[  133.247580][ T5834] usb 1-1: config 0 descriptor??
[  133.340165][ T6769] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.527313][ T5834] usb 1-1: Found UVC 0.00 device syz (046d:0823)
[  133.535531][ T5834] usb 1-1: No valid video chain found.
[  133.573336][ T5834] usb 1-1: USB disconnect, device number 8
[  135.301168][ T7764] loop4: detected capacity change from 0 to 4096
[  135.370756][ T7764] ntfs3(loop4): ino=19, mi_enum_attr
[  135.379298][ T7764] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  135.488926][ T7765] ntfs3(loop4): ino=21, "memory.stat" mmap(write) compressed not supported
[  135.788250][ T7762] loop1: detected capacity change from 0 to 32768
[  135.829774][ T7762] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  135.865655][ T7762] XFS (loop1): Ending clean mount
[  135.875686][ T7762] XFS (loop1): Quotacheck needed: Please wait.
[  135.927266][ T7762] XFS (loop1): Quotacheck: Done.
[  135.955694][ T5856] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  137.582844][ T7813] loop4: detected capacity change from 0 to 1024
[  137.643453][ T7813] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.687499][ T7813] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: inode #2: comm syz.4.632: missing EA_INODE flag
[  137.694007][ T7813] EXT4-fs error (device loop4): ext4_xattr_inode_iget:442: comm syz.4.632: error while reading EA inode 2 err=-117
[  137.761142][ T6769] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.910912][ T7828] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.638'.
[  137.994230][ T7830] loop4: detected capacity change from 0 to 1764
[  138.192455][ T7840] netlink: 10 bytes leftover after parsing attributes in process `syz.4.644'.
[  138.492091][   T47] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  138.645517][   T47] usb 1-1: config 0 has an invalid interface number: 168 but max is 0
[  138.648896][   T47] usb 1-1: config 0 has no interface number 0
[  138.652344][   T47] usb 1-1: config 0 interface 168 altsetting 0 has an endpoint descriptor with address 0xA1, changing to 0x81
[  138.657261][   T47] usb 1-1: config 0 interface 168 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  138.695679][   T47] usb 1-1: config 0 interface 168 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  138.700543][   T47] usb 1-1: New USB device found, idVendor=06cd, idProduct=0135, bcdDevice=a8.a4
[  138.711826][   T47] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.714296][ T7852] loop1: detected capacity change from 0 to 1024
[  138.735234][   T47] usb 1-1: config 0 descriptor??
[  138.737863][ T7844] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  139.083708][   T47] usb 1-1: string descriptor 0 read error: -71
[  139.087681][   T47] keyspan 1-1:0.168: Keyspan 2 port adapter converter detected
[  139.091472][   T47] keyspan 1-1:0.168: found no endpoint descriptor for endpoint 1
[  139.094998][   T47] keyspan 1-1:0.168: found no endpoint descriptor for endpoint 84
[  139.097655][   T47] keyspan 1-1:0.168: found no endpoint descriptor for endpoint 2
[  139.105662][   T47] usb 1-1: Keyspan 2 port adapter converter now attached to ttyUSB0
[  139.110206][   T47] keyspan 1-1:0.168: found no endpoint descriptor for endpoint 88
[  139.113668][   T47] keyspan 1-1:0.168: found no endpoint descriptor for endpoint 6
[  139.127151][   T47] usb 1-1: Keyspan 2 port adapter converter now attached to ttyUSB1
[  139.142305][   T47] usb 1-1: USB disconnect, device number 9
[  139.173645][   T47] keyspan_2 ttyUSB0: Keyspan 2 port adapter converter now disconnected from ttyUSB0
[  139.188692][   T47] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1
[  139.194299][   T47] keyspan 1-1:0.168: device disconnected
[  140.221901][   T47] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  140.274397][ T7870] loop0: detected capacity change from 0 to 32768
[  140.296722][ T7870] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[  140.312005][ T7870] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  140.326798][ T7870] XFS (loop0): Ending clean mount
[  140.334340][ T7870] XFS (loop0): Quotacheck needed: Please wait.
[  140.360088][ T7870] XFS (loop0): Quotacheck: Done.
[  140.371876][   T47] usb 2-1: Using ep0 maxpacket: 16
[  140.375272][   T47] usb 2-1: config index 0 descriptor too short (expected 16456, got 72)
[  140.381802][   T47] usb 2-1: config 0 has an invalid interface number: 125 but max is 1
[  140.384736][   T47] usb 2-1: config 0 has an invalid interface number: 125 but max is 1
[  140.387828][   T47] usb 2-1: config 0 has an invalid interface number: 125 but max is 1
[  140.390509][   T47] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[  140.402184][   T47] usb 2-1: config 0 has no interface number 0
[  140.404734][   T47] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  140.409067][   T47] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  140.421922][   T47] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  140.426017][   T47] usb 2-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  140.442323][   T47] usb 2-1: config 0 interface 125 has no altsetting 2
[  140.468460][   T47] usb 2-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  140.479322][   T47] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.491880][   T47] usb 2-1: Product: syz
[  140.501161][   T47] usb 2-1: Manufacturer: syz
[  140.511929][   T47] usb 2-1: SerialNumber: syz
[  140.523273][   T47] usb 2-1: config 0 descriptor??
[  140.531658][   T47] usb 2-1: selecting invalid altsetting 2
[  140.586266][ T5848] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  140.607001][ T5855] Bluetooth: hci1: command 0x0406 tx timeout
[  140.735963][   T47] usb 2-1: USB disconnect, device number 7
[  140.840742][ T7894] netlink: 4 bytes leftover after parsing attributes in process `syz.4.664'.
[  140.944683][ T7892] loop0: detected capacity change from 0 to 32768
[  140.954321][ T7892] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.661 (7892)
[  140.990149][ T7892] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  141.003289][ T7892] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  141.074408][ T7892] BTRFS info (device loop0): enabling free space tree
[  141.112231][ T5848] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  141.544276][   T10] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[  141.645324][ T7922] loop1: detected capacity change from 0 to 32768
[  141.649804][ T7922] XFS: attr2 mount option is deprecated.
[  141.680341][ T7922] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[  141.687610][ T7922] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  141.714472][   T10] usb 5-1: too many configurations: 225, using maximum allowed: 8
[  141.723961][ T7922] XFS (loop1): Ending clean mount
[  141.731414][ T7922] XFS (loop1): Quotacheck needed: Please wait.
[  141.737269][   T10] usb 5-1: New USB device found, idVendor=05ac, idProduct=63de, bcdDevice=31.71
[  141.744477][   T10] usb 5-1: New USB device strings: Mfr=38, Product=0, SerialNumber=197
[  141.747254][   T10] usb 5-1: Manufacturer: syz
[  141.748788][   T10] usb 5-1: SerialNumber: syz
[  141.753625][   T10] usb 5-1: config 0 descriptor??
[  141.765626][ T7922] XFS (loop1): Quotacheck: Done.
[  141.798990][ T5856] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  141.838330][ T7938] loop0: detected capacity change from 0 to 4096
[  141.861794][ T7944] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  141.977341][   T47] usb 5-1: USB disconnect, device number 5
[  142.075826][ T7950] loop1: detected capacity change from 0 to 64
[  142.083688][ T7950] MINIX-fs: file system does not have enough zmap blocks allocated.  Refusing to mount.
[  142.087161][ T7950] MINIX-fs: bad superblock or unable to read bitmaps
[  142.268049][ T7947] loop0: detected capacity change from 0 to 32768
[  142.287729][ T7947] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  142.344209][ T7947] XFS (loop0): Ending clean mount
[  142.361490][ T7964] gretap0: entered promiscuous mode
[  142.365066][ T7964] vlan2: entered promiscuous mode
[  142.392287][ T5848] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  143.275751][ T7995] netlink: 28 bytes leftover after parsing attributes in process `syz.4.692'.
[  143.279288][ T7995] netlink: 'syz.4.692': attribute type 7 has an invalid length.
[  143.283278][ T7995] netlink: 'syz.4.692': attribute type 8 has an invalid length.
[  143.286026][ T7995] netlink: 8 bytes leftover after parsing attributes in process `syz.4.692'.
[  143.854453][ T8006] input: syz1 as /devices/virtual/input/input7
[  144.149217][ T8026] netlink: 'syz.4.705': attribute type 12 has an invalid length.
[  144.156145][ T8026] netlink: 9472 bytes leftover after parsing attributes in process `syz.4.705'.
[  144.290331][ T8032] netlink: 316 bytes leftover after parsing attributes in process `syz.0.707'.
[  145.561846][   T24] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  145.714700][   T24] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  145.731763][   T24] usb 5-1: config 0 interface 0 has no altsetting 0
[  145.737218][   T24] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  145.740973][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.746761][   T24] usb 5-1: Product: syz
[  145.752926][   T24] usb 5-1: Manufacturer: syz
[  145.755913][   T24] usb 5-1: SerialNumber: syz
[  145.764291][   T24] usb 5-1: config 0 descriptor??
[  145.776896][   T24] usb 5-1: selecting invalid altsetting 0
[  145.929585][ T8076] syz.0.724 (8076): drop_caches: 4
[  145.956839][ T8078] netlink: 'syz.1.727': attribute type 11 has an invalid length.
[  145.999140][   T47] usb 5-1: USB disconnect, device number 6
[  146.069700][ T8082] loop1: detected capacity change from 0 to 8
[  146.089314][ T8082] unable to read xattr id index table
[  146.216979][ T8086] loop1: detected capacity change from 0 to 2048
[  146.225550][ T8086] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  146.239567][ T8086] syz.1.731: attempt to access beyond end of device
[  146.239567][ T8086] loop1: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  146.240624][ T8080] loop0: detected capacity change from 0 to 32768
[  146.245975][ T8087] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  146.279356][ T8086] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  146.289075][ T8086] Remounting filesystem read-only
[  146.291284][ T8086] NILFS error (device loop1): nilfs_bmap_last_key: broken bmap (inode number=16)
[  146.297112][ T8086] NILFS (loop1): error -5 truncating bmap (ino=16)
[  146.330791][ T5856] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer
[  146.411306][ T8091] loop1: detected capacity change from 0 to 764
[  146.457706][ T8093] netlink: 20 bytes leftover after parsing attributes in process `syz.0.734'.
[  146.461093][ T8093] netlink: 'syz.0.734': attribute type 2 has an invalid length.
[  146.468359][ T8093] netlink: 'syz.0.734': attribute type 2 has an invalid length.
[  146.473446][ T8093] netlink: 'syz.0.734': attribute type 1 has an invalid length.
[  146.476454][ T8093] netlink: 'syz.0.734': attribute type 2 has an invalid length.
[  146.490203][ T8093] netlink: 8 bytes leftover after parsing attributes in process `syz.0.734'.
[  146.837152][ T8103] loop4: detected capacity change from 0 to 32768
[  146.852760][ T8103] jfs_mount: Mount Failure: File System Dirty.
[  146.855580][ T8103] Mount JFS Failure: -22
[  146.872545][   T10] usb 1-1: new full-speed USB device number 10 using dummy_hcd
[  146.907549][ T8110] loop4: detected capacity change from 0 to 256
[  146.911492][ T8110] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  146.916313][ T8110] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  146.930646][ T8110] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  146.960335][   T33] audit: type=1800 audit(1756240483.500:14): pid=8110 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.740" name="file1" dev="loop4" ino=1048619 res=0 errno=0
[  147.000823][   T33] audit: type=1800 audit(1756240483.510:15): pid=8110 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.740" name="file1" dev="loop4" ino=1048619 res=0 errno=0
[  147.082756][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  147.087507][   T10] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  147.095010][   T10] usb 1-1: New USB device found, idVendor=056a, idProduct=0020, bcdDevice= 0.00
[  147.114102][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.129179][   T10] usb 1-1: config 0 descriptor??
[  147.132216][ T8097] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  147.292899][ T8116] loop4: detected capacity change from 0 to 32768
[  147.378898][   T10] usbhid 1-1:0.0: can't add hid device: -71
[  147.380892][   T10] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  147.384827][   T10] usb 1-1: USB disconnect, device number 10
[  147.430626][ T8116] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,str_hash=crc32c,noacl,usrquota,grpquota,nojournal_transaction_names,allocator_stuck_timeout=256
[  147.430646][ T8116]   allowing incompatible features above 0.0: (unknown version)
[  147.430654][ T8116]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  147.454630][ T8116] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  147.460025][ T8116] bcachefs (loop4): initializing new filesystem
[  147.557929][ T8116] bcachefs (loop4): going read-write
[  147.671553][ T8116] bcachefs (loop4): marking superblocks
[  147.732712][ T8116] bcachefs (loop4): initializing freespace
[  147.741028][ T8116] bcachefs (loop4): done initializing freespace
[  147.749555][ T8116] bcachefs (loop4): reading snapshots table
[  147.752572][ T8116] bcachefs (loop4): reading snapshots done
[  147.778705][ T8116] bcachefs (loop4): done starting filesystem
[  147.795236][   T33] audit: type=1800 audit(1756240484.340:16): pid=8116 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.743" name="file1" dev="loop4" ino=4098 res=0 errno=0
[  147.861599][   T33] audit: type=1804 audit(1756240484.400:17): pid=8137 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.743" name="/newroot/148/file0/file1" dev="loop4" ino=4098 res=1 errno=0
[  148.042254][   T33] audit: type=1800 audit(1756240484.590:18): pid=8137 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.743" name="file1" dev="loop4" ino=4098 res=0 errno=0
[  148.046749][ T8140] loop0: detected capacity change from 0 to 2048
[  148.049016][ T8116] syz.4.743 (8116) used greatest stack depth: 15304 bytes left
[  148.077019][ T6769] bcachefs (loop4): shutting down
[  148.078195][ T8140] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  148.079155][ T6769] bcachefs (loop4): going read-only
[  148.095447][ T6769] bcachefs (loop4): finished waiting for writes to stop
[  148.104575][ T6769] bcachefs (loop4): flushing journal and stopping allocators, journal seq 128
[  148.113033][ T6769] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 129
[  148.117290][ T6769] bcachefs (loop4): clean shutdown complete, journal seq 130
[  148.120169][ T6769] bcachefs (loop4): marking filesystem clean
[  148.136213][ T6769] bcachefs (loop4): shutdown complete
[  148.157912][ T8140] EXT4-fs (loop0): Online resizing not supported with bigalloc
[  148.187662][ T5848] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.256274][ T8149] 9pnet_fd: Insufficient options for proto=fd
[  148.516926][ T8149] warning: `syz.0.750' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  148.539913][ T8149] Zero length message leads to an empty skb
[  148.606401][ T8154] netlink: 'syz.0.752': attribute type 1 has an invalid length.
[  148.609299][ T8154] netlink: 'syz.0.752': attribute type 1 has an invalid length.
[  148.615784][ T8154] netlink: 160 bytes leftover after parsing attributes in process `syz.0.752'.
[  148.619070][ T8154] netlink: 'syz.0.752': attribute type 1 has an invalid length.
[  148.621986][ T8154] netlink: 12 bytes leftover after parsing attributes in process `syz.0.752'.
[  149.260159][ T8165] loop1: detected capacity change from 0 to 512
[  149.265648][ T8165] EXT4-fs: Ignoring removed i_version option
[  149.272812][ T8165] EXT4-fs: Ignoring removed nobh option
[  149.276777][ T8165] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  149.286965][ T8165] EXT4-fs (loop1): 1 truncate cleaned up
[  149.290082][ T8165] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  149.360783][ T5856] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.864142][ T8186] loop0: detected capacity change from 0 to 32768
[  150.236993][ T8194] loop0: detected capacity change from 0 to 32768
[  150.262572][ T8194] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  150.276022][ T8194] (syz.0.768,8194,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len % 4 != 0 - offset=312, inode=13845347915746889, rec_len=25793, name_len=214
[  150.318289][ T5848] (syz-executor,5848,0):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 76
[  150.345729][ T5848] ocfs2: Unmounting device (7,0) on (node local)
[  150.635263][ T8209] loop4: detected capacity change from 0 to 8
[  150.647926][ T8209] squashfs image failed sanity check
[  150.931797][ T5884] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  151.094421][ T5884] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  151.098117][ T5884] usb 2-1: config 0 interface 0 has no altsetting 0
[  151.196029][ T5884] usb 2-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce
[  151.199077][ T5884] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.218619][ T5884] usb 2-1: Product: syz
[  151.220029][ T5884] usb 2-1: Manufacturer: syz
[  151.227009][ T5884] usb 2-1: SerialNumber: syz
[  151.234965][ T5884] usb 2-1: config 0 descriptor??
[  151.255042][ T5884] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state.
[  151.268662][ T5884] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  151.272701][ T5884] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0)
[  151.276044][ T5884] usb 2-1: media controller created
[  151.288597][ T5884] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  151.314556][ T5884] DVB: Unable to find symbol tda10046_attach()
[  151.316568][ T5884] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0'
[  151.320060][ T5884] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected.
[  151.851316][ T5884] dvb_usb_m920x 2-1:0.0: probe with driver dvb_usb_m920x failed with error -71
[  151.871357][ T5884] usb 2-1: USB disconnect, device number 8
[  152.182864][ T5899] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  152.331893][ T5899] usb 5-1: Using ep0 maxpacket: 8
[  152.336584][ T5899] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  152.340110][ T5899] usb 5-1: config 0 has no interfaces?
[  152.344397][ T5899] usb 5-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[  152.347358][ T5899] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  152.349972][ T5899] usb 5-1: Product: syz
[  152.351448][ T5899] usb 5-1: Manufacturer: syz
[  152.353560][ T5899] usb 5-1: SerialNumber: syz
[  152.356784][ T5899] usb 5-1: config 0 descriptor??
[  152.475235][ T8243] netlink: 2 bytes leftover after parsing attributes in process `syz.1.787'.
[  152.648353][ T5899] usb 5-1: USB disconnect, device number 7
[  152.801670][ T8259] netlink: 4 bytes leftover after parsing attributes in process `syz.1.795'.
[  152.857645][ T8261] loop1: detected capacity change from 0 to 4096
[  152.860942][ T8261] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512).
[  153.049596][ T8271] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.801'.
[  154.082627][ T8294] loop4: detected capacity change from 0 to 40427
[  154.090290][ T8294] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  154.102382][ T8294] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  154.177170][ T8294] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  154.183099][ T8294] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  154.185945][ T8294] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  154.190296][ T8305] loop1: detected capacity change from 0 to 1024
[  154.206619][ T8305] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  154.210808][ T8305] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  154.219421][ T8305] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  154.239661][ T5856] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.771798][ T5899] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  154.925274][ T5899] usb 5-1: Using ep0 maxpacket: 16
[  154.934760][ T5899] usb 5-1: config 0 has an invalid interface number: 48 but max is 0
[  154.945565][ T5899] usb 5-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config
[  154.955152][ T5899] usb 5-1: config 0 has no interface number 0
[  154.960976][ T5899] usb 5-1: too many endpoints for config 0 interface 48 altsetting 48: 48, using maximum allowed: 30
[  154.975865][ T5899] usb 5-1: config 0 interface 48 altsetting 48 has 0 endpoint descriptors, different from the interface descriptor's value: 48
[  154.989345][ T5899] usb 5-1: config 0 interface 48 has no altsetting 0
[  155.014500][ T5899] usb 5-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice= 0.5a
[  155.025608][ T5899] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.044167][ T5899] usb 5-1: config 0 descriptor??
[  155.310364][ T5899] usb 5-1: string descriptor 0 read error: -71
[  155.344054][ T5899] usb 5-1: USB disconnect, device number 8
[  155.366127][ T8330] 9pnet: p9_errstr2errno: server reported unknown error @cF	S+
[  155.842322][ T5834] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  155.991822][ T5834] usb 2-1: Using ep0 maxpacket: 32
[  155.995592][ T5834] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  155.999544][ T5834] usb 2-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0
[  156.007240][ T5834] usb 2-1: config 0 interface 0 has no altsetting 0
[  156.012804][ T5834] usb 2-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  156.016232][ T5834] usb 2-1: New USB device strings: Mfr=229, Product=1, SerialNumber=3
[  156.019314][ T5834] usb 2-1: Product: syz
[  156.020818][ T5834] usb 2-1: Manufacturer: syz
[  156.023942][ T5834] usb 2-1: SerialNumber: syz
[  156.027227][ T5834] usb 2-1: config 0 descriptor??
[  156.155802][ T8343] loop4: detected capacity change from 0 to 32768
[  156.163241][ T8343] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.832 (8343)
[  156.188328][ T8343] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  156.192986][ T8343] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  156.239200][ T8343] BTRFS info (device loop4): rebuilding free space tree
[  156.264101][ T8343] BTRFS info (device loop4): setting nodatasum
[  156.267063][ T8343] BTRFS info (device loop4): setting nodatacow
[  156.269728][ T8343] BTRFS info (device loop4): enabling ssd optimizations
[  156.274796][ T8343] BTRFS info (device loop4): turning off barriers
[  156.277673][ T8343] BTRFS info (device loop4): turning on flush-on-commit
[  156.280718][ T8343] BTRFS info (device loop4): enabling free space tree
[  156.284882][ T8343] BTRFS info (device loop4): force clearing of disk cache
[  156.287860][ T8343] BTRFS info (device loop4): doing ref verification
[  156.422106][ T6769] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  156.444624][ T5834] gs_usb 2-1:0.0: Configuring for 1 interfaces
[  156.849985][ T5834] gs_usb 2-1:0.0: Couldn't get extended bit timing const for channel 0 (-EPROTO)
[  156.855704][ T5834] gs_usb 2-1:0.0: probe with driver gs_usb failed with error -71
[  156.866019][ T5834] usb 2-1: USB disconnect, device number 9
[  157.457001][ T8380] netlink: 'syz.4.841': attribute type 1 has an invalid length.
[  157.464050][ T8380] netlink: 'syz.4.841': attribute type 1 has an invalid length.
[  157.467775][ T8380] netlink: 216 bytes leftover after parsing attributes in process `syz.4.841'.
[  157.493546][ T8384] netlink: 'syz.4.843': attribute type 9 has an invalid length.
[  158.203245][ T5834] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  158.365625][ T5834] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  158.369874][ T5834] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  158.414271][ T5834] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  158.418001][ T5834] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.421280][ T5834] usb 5-1: Product: syz
[  158.431768][ T5834] usb 5-1: Manufacturer: syz
[  158.433876][ T5834] usb 5-1: SerialNumber: syz
[  158.472928][ T5834] usb 5-1: selecting invalid altsetting 1
[  158.488077][ T8402] loop1: detected capacity change from 0 to 8
[  158.506988][ T8402] SQUASHFS error: Unable to read inode 0x127
[  158.519084][ T8400] loop0: detected capacity change from 0 to 32768
[  158.522524][ T8400] XFS: attr2 mount option is deprecated.
[  158.588290][ T8400] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  158.664140][ T8400] XFS (loop0): Ending clean mount
[  158.680915][ T8400] XFS (loop0): Quotacheck needed: Please wait.
[  158.827207][ T8400] XFS (loop0): Quotacheck: Done.
[  158.873878][ T5834] cdc_ncm 5-1:1.0: failed GET_NTB_PARAMETERS
[  158.876779][ T5834] cdc_ncm 5-1:1.0: bind() failure
[  158.923586][ T5834] usb 5-1: USB disconnect, device number 9
[  158.998587][ T5848] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  159.733711][    T9] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  159.932038][    T9] usb 5-1: Using ep0 maxpacket: 32
[  159.973222][    T9] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 9
[  159.996409][    T9] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  160.000462][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  160.022028][    T9] usb 5-1: Product: syz
[  160.023885][    T9] usb 5-1: Manufacturer: syz
[  160.025904][    T9] usb 5-1: SerialNumber: syz
[  160.043093][    T9] usb 5-1: config 0 descriptor??
[  160.048942][ T8415] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  160.085969][    T9] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input8
[  160.313933][ T5884] usb 5-1: USB disconnect, device number 10
[  160.313933][    C0] usbtouchscreen 5-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  160.704213][ T8436] fuse: Bad value for 'fd'
[  161.013827][ T8458] netlink: 248 bytes leftover after parsing attributes in process `syz.4.872'.
[  161.070934][ T8460] loop4: detected capacity change from 0 to 2048
[  161.149259][ T8466] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  161.231416][ T8460] NILFS error (device loop4): nilfs_dotdot: directory #12 missing '..'
[  161.241485][ T8460] Remounting filesystem read-only
[  161.244147][ T8473] loop0: detected capacity change from 0 to 512
[  161.249536][ T8473] EXT4-fs: Ignoring removed i_version option
[  161.280846][ T8473] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  161.297764][ T6769] NILFS (loop4): disposed unprocessed dirty file(s) when detaching log writer
[  161.314816][ T8473] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  161.337928][ T8473] EXT4-fs (loop0): 1 truncate cleaned up
[  161.340678][ T8473] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  161.453546][ T5848] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.593506][ T8502] netlink: 'syz.1.886': attribute type 15 has an invalid length.
[  161.596206][ T8502] netlink: 666 bytes leftover after parsing attributes in process `syz.1.886'.
[  161.658564][ T8508] loop4: detected capacity change from 0 to 512
[  161.661611][ T8508] EXT4-fs: Ignoring removed bh option
[  161.676709][ T8508] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  161.702975][ T8508] EXT4-fs (loop4): 1 truncate cleaned up
[  161.706040][ T8508] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  161.867223][ T6769] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.206087][ T8521] loop0: detected capacity change from 0 to 32768
[  162.243098][ T8521] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  162.268707][ T8521] XFS (loop0): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  162.284713][ T8521] XFS (loop0): Starting recovery (logdev: internal)
[  162.299568][ T8521] XFS (loop0): Ending recovery (logdev: internal)
[  162.320027][ T5848] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  162.901820][ T5884] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  163.055762][ T5884] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  163.061251][ T5884] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  163.071177][ T5884] usb 1-1: New USB device found, idVendor=18d1, idProduct=9400, bcdDevice= 0.00
[  163.081306][ T5884] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.102136][ T5884] usb 1-1: config 0 descriptor??
[  163.203921][ T8571] netlink: 24 bytes leftover after parsing attributes in process `syz.4.911'.
[  163.269690][ T8573] netlink: 24 bytes leftover after parsing attributes in process `syz.4.912'.
[  163.320003][ T8575] IPVS: length: 73 != 24
[  163.394557][ T8579] sit0: entered promiscuous mode
[  163.403329][ T8579] netlink: 21 bytes leftover after parsing attributes in process `syz.4.915'.
[  163.529791][ T5884] stadia 0003:18D1:9400.0007: item fetching failed at offset 2/5
[  163.537410][ T5884] stadia 0003:18D1:9400.0007: parse failed
[  163.541273][ T5884] stadia 0003:18D1:9400.0007: probe with driver stadia failed with error -22
[  163.652907][ T8596] netlink: 'syz.4.923': attribute type 2 has an invalid length.
[  163.729617][ T5884] usb 1-1: USB disconnect, device number 11
[  164.023131][ T5899] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  164.191910][ T5899] usb 5-1: Using ep0 maxpacket: 16
[  164.198096][ T5899] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  164.202661][ T5899] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  164.208971][ T5899] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  164.214100][ T5899] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.217793][ T5899] usb 5-1: Product: syz
[  164.219706][ T5899] usb 5-1: Manufacturer: syz
[  164.222375][ T5899] usb 5-1: SerialNumber: syz
[  164.433063][ T5899] usb 5-1: 0:2 : does not exist
[  164.435239][ T5899] usb 5-1: unit 9 not found!
[  164.452244][ T5899] usb 5-1: 4:0: cannot get min/max values for control 4 (id 4)
[  164.501518][ T5899] usb 5-1: USB disconnect, device number 11
[  165.457837][ T8637] syz.4.942 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  165.577037][ T8641] loop4: detected capacity change from 0 to 1024
[  165.589607][ T8641] EXT4-fs: inline encryption not supported
[  165.591663][ T8641] EXT4-fs: Ignoring removed bh option
[  165.657828][ T8641] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.987996][ T6769] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.090765][ T8663] loop4: detected capacity change from 0 to 1024
[  166.111007][ T7493] hfsplus: b-tree write err: -5, ino 4
[  166.200397][ T8674] ipvlan2: entered promiscuous mode
[  166.205779][ T8674] bridge0: port 3(ipvlan2) entered blocking state
[  166.209906][ T8674] bridge0: port 3(ipvlan2) entered disabled state
[  166.214892][ T8674] ipvlan2: entered allmulticast mode
[  166.217201][ T8674] gretap0: entered allmulticast mode
[  166.224536][ T8674] ipvlan2: left allmulticast mode
[  166.226662][ T8674] gretap0: left allmulticast mode
[  166.306541][ T8687] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode
[  166.309469][ T8687] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  166.334549][    C1] vcan0: j1939_tp_rxtimer: 0xffff888110b7c800: rx timeout, send abort
[  166.592776][    T9] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  166.611815][ T5899] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  166.742012][    T9] usb 1-1: Using ep0 maxpacket: 32
[  166.746558][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  166.751016][    T9] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  166.754833][    T9] usb 1-1: New USB device found, idVendor=05ac, idProduct=029c, bcdDevice= 0.00
[  166.758814][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  166.762415][ T5899] usb 5-1: Using ep0 maxpacket: 16
[  166.766487][ T5899] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  166.772018][ T5899] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  166.780591][ T5899] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  166.786007][    T9] usb 1-1: config 0 descriptor??
[  166.788275][ T5899] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  166.794829][ T5899] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  166.800952][ T5899] usb 5-1: config 0 descriptor??
[  166.836101][    C1] vcan0: j1939_tp_rxtimer: 0xffff888110b7c400: rx timeout, send abort
[  166.839603][    C1] vcan0: j1939_tp_rxtimer: 0xffff888110b7c800: abort rx timeout. Force session deactivation
[  167.004795][ T5884] usb 1-1: USB disconnect, device number 12
[  167.218302][ T5899] microsoft 0003:045E:07DA.0008: unknown main item tag 0x0
[  167.220947][ T5899] microsoft 0003:045E:07DA.0008: ignoring exceeding usage max
[  167.224894][ T5899] microsoft 0003:045E:07DA.0008: unbalanced delimiter at end of report description
[  167.230152][ T5899] microsoft 0003:045E:07DA.0008: parse failed
[  167.232282][ T5899] microsoft 0003:045E:07DA.0008: probe with driver microsoft failed with error -22
[  167.333656][    C1] vcan0: j1939_tp_rxtimer: 0xffff888026c86400: rx timeout, send abort
[  167.339612][    C1] vcan0: j1939_tp_rxtimer: 0xffff888110b7c400: abort rx timeout. Force session deactivation
[  167.417607][ T5899] usb 5-1: USB disconnect, device number 12
[  167.836476][    C1] vcan0: j1939_tp_rxtimer: 0xffff888026c86400: abort rx timeout. Force session deactivation
[  167.982230][ T8748] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.967'.
[  168.843118][ T8764] loop0: detected capacity change from 0 to 128
[  168.869778][   T33] audit: type=1800 audit(1756240505.410:19): pid=8764 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.973" name="file1" dev="loop0" ino=1048620 res=0 errno=0
[  169.147851][ T8772] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  169.341913][ T8789] vlan2: entered promiscuous mode
[  169.343684][ T8789] macvtap0: entered promiscuous mode
[  169.573221][ T8816] netlink: 28 bytes leftover after parsing attributes in process `syz.4.990'.
[  169.715992][ T8796] loop0: detected capacity change from 0 to 40427
[  169.730939][ T8796] F2FS-fs (loop0): invalid crc value
[  169.783557][ T8796] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  169.788139][ T8796] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  169.826681][ T5848] syz-executor: attempt to access beyond end of device
[  169.826681][ T5848] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  169.834731][ T5848] CPU: 1 UID: 0 PID: 5848 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  169.834748][ T5848] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  169.834755][ T5848] Call Trace:
[  169.834762][ T5848]  <TASK>
[  169.834768][ T5848]  dump_stack_lvl+0x189/0x250
[  169.834792][ T5848]  ? __pfx_dump_stack_lvl+0x10/0x10
[  169.834807][ T5848]  ? __pfx_queue_work_on+0x10/0x10
[  169.834821][ T5848]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  169.834839][ T5848]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  169.834864][ T5848]  f2fs_handle_critical_error+0x37c/0x540
[  169.834886][ T5848]  f2fs_write_end_io+0x886/0xb60
[  169.834911][ T5848]  __submit_merged_bio+0x27a/0x6a0
[  169.834931][ T5848]  __submit_merged_write_cond+0x255/0x530
[  169.834952][ T5848]  f2fs_write_data_pages+0x261d/0x3000
[  169.834995][ T5848]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  169.835047][ T5848]  ? __mod_zone_page_state+0xd7/0x140
[  169.835074][ T5848]  ? folios_put_refs+0x560/0x640
[  169.835097][ T5848]  ? __pfx_folios_put_refs+0x10/0x10
[  169.835108][ T5848]  ? rcu_is_watching+0x15/0xb0
[  169.835127][ T5848]  ? __lock_acquire+0xab9/0xd20
[  169.835161][ T5848]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  169.835180][ T5848]  do_writepages+0x32e/0x550
[  169.835204][ T5848]  ? do_raw_spin_unlock+0x4d/0x240
[  169.835223][ T5848]  filemap_fdatawrite+0x199/0x240
[  169.835240][ T5848]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  169.835319][ T5848]  ? do_raw_spin_unlock+0x4d/0x240
[  169.835338][ T5848]  f2fs_sync_dirty_inodes+0x31f/0x830
[  169.835364][ T5848]  f2fs_write_checkpoint+0x95a/0x1df0
[  169.835397][ T5848]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  169.835446][ T5848]  ? kill_f2fs_super+0x298/0x6c0
[  169.835463][ T5848]  kill_f2fs_super+0x2c3/0x6c0
[  169.835481][ T5848]  ? __pfx_kill_f2fs_super+0x10/0x10
[  169.835491][ T5848]  ? radix_tree_delete_item+0x2b6/0x400
[  169.835514][ T5848]  ? shrinker_free+0x2ce/0x3e0
[  169.835531][ T5848]  deactivate_locked_super+0xbc/0x130
[  169.835548][ T5848]  cleanup_mnt+0x425/0x4c0
[  169.835561][ T5848]  ? lockdep_hardirqs_on+0x9c/0x150
[  169.835578][ T5848]  task_work_run+0x1d4/0x260
[  169.835596][ T5848]  ? __pfx_task_work_run+0x10/0x10
[  169.835608][ T5848]  ? __x64_sys_umount+0x122/0x160
[  169.835625][ T5848]  ? exit_to_user_mode_loop+0x40/0x110
[  169.835644][ T5848]  exit_to_user_mode_loop+0xec/0x110
[  169.835659][ T5848]  do_syscall_64+0x2bd/0x3b0
[  169.835673][ T5848]  ? lockdep_hardirqs_on+0x9c/0x150
[  169.835688][ T5848]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.835701][ T5848]  ? exc_page_fault+0x9f/0xf0
[  169.835718][ T5848]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.835729][ T5848] RIP: 0033:0x7fe8f5f8ff17
[  169.835741][ T5848] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  169.835750][ T5848] RSP: 002b:00007ffcf3ffc958 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  169.835762][ T5848] RAX: 0000000000000000 RBX: 00007fe8f6011c05 RCX: 00007fe8f5f8ff17
[  169.835771][ T5848] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcf3ffca10
[  169.835777][ T5848] RBP: 00007ffcf3ffca10 R08: 0000000000000000 R09: 0000000000000000
[  169.835784][ T5848] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcf3ffdaa0
[  169.835792][ T5848] R13: 00007fe8f6011c05 R14: 00000000000296c7 R15: 00007ffcf3ffdae0
[  169.835814][ T5848]  </TASK>
[  169.835820][ T5848] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  170.239722][ T8844] netlink: 4 bytes leftover after parsing attributes in process `syz.1.997'.
[  170.245888][ T8844] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  170.276817][ T8844] batman_adv: batadv0: Removing interface: batadv_slave_1
[  170.974998][ T8880] program syz.4.1007 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  171.301569][ T8890] netlink: 277 bytes leftover after parsing attributes in process `syz.4.1010'.
[  171.690444][ T8901] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1015'.
[  171.696644][ T8901] netlink: 'syz.4.1015': attribute type 2 has an invalid length.
[  171.705673][ T8901] netlink: 'syz.4.1015': attribute type 1 has an invalid length.
[  171.708948][ T8901] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1015'.
[  172.441923][   T54] Bluetooth: hci3: Entering manufacturer mode failed (-110)
[  173.108971][ T8943] openvswitch: netlink: IP tunnel dst address not specified
[  173.448115][ T8952] loop4: detected capacity change from 0 to 32768
[  173.696858][ T8989] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1044'.
[  173.705521][ T8989] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1044'.
[  173.802875][ T9000] loop0: detected capacity change from 0 to 512
[  173.821324][ T9000] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  173.833055][ T9000] ext4 filesystem being mounted at /297/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  173.852708][ T5848] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.951327][ T9011] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1049'.
[  174.006470][ T5834] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  174.182986][ T5834] usb 5-1: Using ep0 maxpacket: 8
[  174.199994][ T5834] usb 5-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4
[  174.221849][ T5834] usb 5-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3
[  174.231833][ T5834] usb 5-1: Product: syz
[  174.233609][ T5834] usb 5-1: Manufacturer: syz
[  174.235606][ T5834] usb 5-1: SerialNumber: syz
[  174.250475][ T5834] usb 5-1: config 0 descriptor??
[  174.269689][ T5834] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd
[  174.475347][ T5834] gspca_zc3xx: reg_w_i err -71
[  174.477654][ T5834] gspca_zc3xx 5-1:0.0: probe with driver gspca_zc3xx failed with error -71
[  174.498150][ T5834] usb 5-1: USB disconnect, device number 13
[  175.488958][ T9078] loop4: detected capacity change from 0 to 512
[  175.502771][ T9078] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.1070: casefold flag without casefold feature
[  175.513200][ T9078] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1070: couldn't read orphan inode 15 (err -117)
[  175.520827][ T9078] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.555384][ T6769] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.610046][ T9050] loop0: detected capacity change from 0 to 40427
[  175.628259][ T9050] F2FS-fs (loop0): invalid crc value
[  175.737271][ T9050] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  175.741509][ T9050] F2FS-fs (loop0): Start checkpoint disabled!
[  175.749680][ T9050] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  175.801610][ T9107] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1078'.
[  175.814190][ T9107] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1078'.
[  176.014976][ T9125] loop4: detected capacity change from 0 to 512
[  176.020966][ T9125] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  176.035515][ T9125] EXT4-fs (loop4): orphan cleanup on readonly fs
[  176.045462][ T9125] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:517: comm syz.4.1085: Block bitmap for bg 0 marked uninitialized
[  176.060964][ T9125] EXT4-fs (loop4): Remounting filesystem read-only
[  176.067932][ T9125] EXT4-fs (loop4): 1 orphan inode deleted
[  176.071618][ T9125] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  176.098447][ T6769] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.136009][ T9137] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] SMP KASAN PTI
[  176.140901][ T9137] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]
[  176.145022][ T9137] CPU: 0 UID: 0 PID: 9137 Comm: syz.4.1086 Not tainted syzkaller #0 PREEMPT(full) 
[  176.149183][ T9137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  176.153330][ T9137] RIP: 0010:pcl818_ai_cancel+0x69/0x3f0
[  176.155667][ T9137] Code: 8b 1b 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 39 21 36 f9 48 8b 03 48 89 04 24 49 83 c4 28 4c 89 e0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 e7 e8 18 21 36 f9 4d 8b 24 24 48 83 c3
[  176.163571][ T9137] RSP: 0018:ffffc90008f07a60 EFLAGS: 00010206
[  176.166155][ T9137] RAX: 0000000000000005 RBX: ffff888039399580 RCX: 0000000000080000
[  176.169400][ T9137] RDX: ffffc9000ab69000 RSI: 00000000000003bc RDI: 00000000000003bd
[  176.172568][ T9137] RBP: 0000000000000001 R08: ffff88810ffc292f R09: 1ffff11021ff8525
[  176.175733][ T9137] R10: dffffc0000000000 R11: ffffffff88ecd2e0 R12: 0000000000000028
[  176.179065][ T9137] R13: dffffc0000000000 R14: ffff88810ffc2800 R15: dffffc0000000000
[  176.182354][ T9137] FS:  00007fd01adf66c0(0000) GS:ffff8880b861b000(0000) knlGS:0000000000000000
[  176.186110][ T9137] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  176.188876][ T9137] CR2: 000000110c4047a9 CR3: 0000000041ed8000 CR4: 00000000000006f0
[  176.192185][ T9137] Call Trace:
[  176.193667][ T9137]  <TASK>
[  176.194890][ T9137]  pcl818_detach+0x66/0xd0
[  176.196777][ T9137]  comedi_device_detach_locked+0x178/0x750
[  176.199159][ T9137]  comedi_unlocked_ioctl+0xcde/0x1020
[  176.200917][ T9137]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  176.202787][ T9137]  ? __lock_acquire+0xab9/0xd20
[  176.204488][ T9137]  ? __fget_files+0x2a/0x420
[  176.206423][ T9137]  ? __fget_files+0x2a/0x420
[  176.208429][ T9137]  ? __fget_files+0x3a0/0x420
[  176.210339][ T9137]  ? __fget_files+0x2a/0x420
[  176.212284][ T9137]  ? bpf_lsm_file_ioctl+0x9/0x20
[  176.214368][ T9137]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  176.216899][ T9137]  __se_sys_ioctl+0xfc/0x170
[  176.218918][ T9137]  do_syscall_64+0xfa/0x3b0
[  176.220907][ T9137]  ? lockdep_hardirqs_on+0x9c/0x150
[  176.223147][ T9137]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.225777][ T9137]  ? exc_page_fault+0x9f/0xf0
[  176.227822][ T9137]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.230279][ T9137] RIP: 0033:0x7fd01cb8ebe9
[  176.232159][ T9137] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  176.240025][ T9137] RSP: 002b:00007fd01adf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  176.243404][ T9137] RAX: ffffffffffffffda RBX: 00007fd01cdb5fa0 RCX: 00007fd01cb8ebe9
[  176.246621][ T9137] RDX: 0000000000000000 RSI: 0000000040946400 RDI: 0000000000000006
[  176.249967][ T9137] RBP: 00007fd01cc11e19 R08: 0000000000000000 R09: 0000000000000000
[  176.253336][ T9137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  176.256644][ T9137] R13: 00007fd01cdb6038 R14: 00007fd01cdb5fa0 R15: 00007ffe62af22a8
[  176.259872][ T9137]  </TASK>
[  176.261178][ T9137] Modules linked in:
[  176.263587][ T9137] ---[ end trace 0000000000000000 ]---
[  176.270083][ T9137] RIP: 0010:pcl818_ai_cancel+0x69/0x3f0
[  176.272852][ T9137] Code: 8b 1b 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 39 21 36 f9 48 8b 03 48 89 04 24 49 83 c4 28 4c 89 e0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 e7 e8 18 21 36 f9 4d 8b 24 24 48 83 c3
[  176.281187][ T9137] RSP: 0018:ffffc90008f07a60 EFLAGS: 00010206
[  176.284710][ T9137] RAX: 0000000000000005 RBX: ffff888039399580 RCX: 0000000000080000
[  176.288055][ T9137] RDX: ffffc9000ab69000 RSI: 00000000000003bc RDI: 00000000000003bd
[  176.291515][ T9137] RBP: 0000000000000001 R08: ffff88810ffc292f R09: 1ffff11021ff8525
[  176.295252][ T9137] R10: dffffc0000000000 R11: ffffffff88ecd2e0 R12: 0000000000000028
[  176.298586][ T9137] R13: dffffc0000000000 R14: ffff88810ffc2800 R15: dffffc0000000000
[  176.302891][ T9137] FS:  00007fd01adf66c0(0000) GS:ffff8880b861b000(0000) knlGS:0000000000000000
[  176.306718][ T9137] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  176.309525][ T9137] CR2: 00007fd01add4fc8 CR3: 0000000041ed8000 CR4: 00000000000006f0
[  176.313312][ T9137] Kernel panic - not syncing: Fatal exception
[  176.316766][ T9137] Kernel Offset: disabled
[  176.318642][ T9137] Rebooting in 86400 seconds..

VM DIAGNOSIS:
20:35:12  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000030 RBX=0000000000000030 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000fcf RDI=0000000000000fd0 RBP=00000000000003f8 RSP=ffffc90008f07290
R8 =ffff888020b58237 R9 =1ffff1100416b046 R10=dffffc0000000000 R11=ffffffff854f3380
R12=dffffc0000000000 R13=ffffffff99afa911 R14=ffffffff99def420 R15=0000000000000000
RIP=ffffffff854f33fc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fd01adf66c0 ffffffff 00c00000
GS =0000 ffff8880b861b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000000110c4047a9 CR3=0000000041ed8000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007fd01cd87498 00007fd01cd87470 XMM03=00007fd01cd874a8 00007fd01cd874a0
XMM04=00007fd01d8ed100 00007fd01cd87460 XMM05=00007fd01cd87478 00007fd01cd874c0
XMM06=00007fd01cd874b8 00007fd01cd874b0 XMM07=00007fd01cd874a8 00007fd01cd874a0
XMM08=0000000000000000 00007fd01cc12ee7 XMM09=0000000000000000 00007fd01cc12fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=202bde9697c4ef00 RBX=ffffffff819683c8 RCX=202bde9697c4ef00 RDX=0000000000000001
RSI=ffffffff8be33660 RDI=ffffffff819683c8 RBP=ffffc90000177f20 RSP=ffffc90000177de0
R8 =ffff888136632f9b R9 =1ffff11026cc65f3 R10=dffffc0000000000 R11=ffffed1026cc65f4
R12=ffffffff8fa38a30 R13=0000000000000001 R14=0000000000000001 R15=1ffff110200d0000
RIP=ffffffff8b79a3f3 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c1b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f9814ce623d CR3=000000010a094000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=ffffffffffffffff ffff00ff00000000 XMM05=000000000000026d 0000000000000030
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=ffffffffffff0000 ffffffffffffff00 XMM09=2e6364755f796d6d 75642f6364752f30
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
