last executing test programs:

3.357259989s ago: executing program 2 (id=399):
syz_init_net_socket$bt_l2cap(0x9, 0x0, 0x9)

3.251022039s ago: executing program 2 (id=401):
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0xfffffffffffffe8b, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$HIDIOCGFEATURE(0xffffffffffffffff, 0xc0404807, &(0x7f0000000800)={0x3, "d1ac9599de1e86bab37e49fe8b7273ea31c710a82314c65a744907cd5c0bd3d18c2553fb41b7e7afa1125c8a33c0a1df7dcf8943892b1351bb6a0b2718b91870"})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000080)='./bus\x00', 0x21081e, &(0x7f00000001c0), 0x1, 0x504, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSG0EmKPIHVD4kZR7DiKnaUJPaRnrkhU4gRH/gDOPXHnguDGpRyQ+BGBGiQORjMep25qN6FJ7Cj+fKTRvDdv4u/3NZ336pfGL4CRdT0i9iNiIiI+jYjZ7HouO+Kj9pHc9+Tg/srhwf2VXLRan/wjl7Yn16LraxLXstcsRsQPvhPx49zzcRu7exvL1WplO6vPN2tb843dvVvrteW1ylpls1xeWlxa+OD2++Vz6+tbtYms9OXHv9//xk+TtGayK939OE/trheO4iTGI+J7FxFsCMay/kwMOxFeSj4iXo+It9PnfzbG0u8mAHCVtVqz0ZrtrgMAV10+XQPL5UvZWsBM5POlUnsN742YzlfrjebNu/WdzdX2WtlcFPJ316uVhWytcC4KuaS+mJaf1svH6rcj4rWI+PnkVFovrdSrq8P8hw8AjLBrx+b/f0+2538A4IorDjsBAGDgzP8AMHrM/wAwesz/ADB62vP/1LDTAAAGyPt/ABg95n8AGCnf//jj5GgdZp9/vfrZ7s5G/bNbq5XGRqm2s1JaqW9vldbq9bX0M3tqJ71etV7fWnwvdu7NfXOr0Zxv7O7dqdV3Npt30s/1vlMppHftD6BnAEA/r7316E+5ZEb+cCo9omsvh8JQMwMuWn7YCQBDMzbsBIChsdsXjK4zvMe3PABXRI8tep9R7PULQq1Wq3VxKQEX7MYXrP/DqOpa//e/gGHEWP+H0WX9H0ZXq5U77Z7/cdobAYDLzRo/0Ofn/69n599kPxz40erxOx5eZFYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwuXX2/y1le4HPRD5fKkW8EhFzUcjdXa9WFiLi1Yj442RhMqkvDjlnAOCs8n/NZft/3Zh9d+aZpjevHRUnIuInv/zkF/eWm83tP0RM5P452bnefJhdLw8+ewDgZJ15Oj13vZF/cnB/pXMMMp+/fTsiiu34hwcTcXgUfzzG03MxChEx/a9cVm/Lda1dnMX+g4j4fK/+52ImXQNp73x6PH4S+5VBxJ/qxM8/Ez+f5tY+J38WnzuHXGDUPErGn496PX/5uJ6eez//xXSEOrts/EteauUwHQOfxu+Mf2N9xr/rp43x3u++2y5NPd/2IOKL4xGd2Idd408nfq5P/HdPGf/PX3rz7X5trV9F3Ije8btjzTdrW/ON3b1b67XltcpaZbNcXlpcWvjg9vvl+XSNer7/bPD3D2++2q8t6f90n/jFE/r/1VP2/9f//fSHX3lB/K+/0yt+Pt54QfxkTvzaKeMvT/+22K8tib/ap/8nff9vnjL+47/sPbdtOAAwPI3dvY3larWy/bKFw7N9uYLC/1FI/spegjR6Fr41qFgT0bvpZ++0n+ljTa3WS8XqN2Kcx6obcBkcPfQR8Z9hJwMAAAAAAAAAAAAAAPQ0iN9YGnYfAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLr+FwAA//8Xqc+p")
open(&(0x7f0000000400)='./bus\x00', 0x80, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
socket$nl_generic(0x10, 0x3, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r5 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r5, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r5, &(0x7f00000005c0)={&(0x7f0000000000), 0x10, &(0x7f0000000480)=[{&(0x7f0000000180)="f7", 0x79ca}], 0x1}, 0x0)

2.851368737s ago: executing program 0 (id=404):
r0 = socket(0x848000000015, 0x805, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback={0x3}}, 0x1c)

2.517507474s ago: executing program 0 (id=405):
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000001c00)=[{&(0x7f0000002000)="f8", 0x1}], 0x1, 0x9)
close(r1)
r2 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r3=>0x0})
bind$can_j1939(r2, &(0x7f0000000040)={0x1d, r3, 0x8000000000000003, {}, 0x1}, 0x18)
splice(r0, 0x0, r1, 0x0, 0x10500, 0x0)

2.400716857s ago: executing program 0 (id=406):
syz_usb_connect(0x0, 0x41, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xd6, 0x91, 0xcf, 0x40, 0x2c7c, 0x125, 0x51ba, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2f, 0x1, 0x0, 0x0, 0x20, 0x0, [{{0x9, 0x4, 0xf2, 0xff, 0x0, 0xff, 0xff, 0xff, 0x20, [@cdc_ncm={{0x5}, {0x5, 0x24, 0x0, 0x15c6}, {0xd, 0x24, 0xf, 0x1, 0xe, 0x1, 0x420, 0xfe}, {0x6, 0x24, 0x1a, 0x105, 0x8}}]}}]}}]}}, 0x0)

2.28159971s ago: executing program 2 (id=407):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f00000004c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x20108c0, &(0x7f0000000c00)=ANY=[@ANYBLOB="646973636172642c696f636861727365743d63703835352c6572726f72733d72656d6f756e742d726f2c696e746567726974792c6e6f646973636172642c646973636172643d3078303030303030303030303030303030382c6572726f72733d636f6e74696e7565006969736f383835392d342c756d61736b3d3078303030303030303030303030303038312c696f6368617257fd743d6d6163677265656b2c71756f74612c6572726f1729def7e35bcb756e742d726f2c726573697a653d3078303030303030303030181829303030303030312c756d61736b3d3078303030303030303030303032303034352c66736d616769633d307830dcb1c47cb87a74ac1a3030303030303030303030303030392c646566636f6e746578743d726f6f742c66736e616d653d757d407d587d5b2d292b2c000d1c13f7c892c8615d265c6376539175380511bac765713e83a65e4fdf011c705fc6838005120385ac61b970f45d1492a0612eb8000000000000808fc76f91b7b9a5ce77887858ea333961d1ef1e4eabd4c84e81dbf575c47e9b8eea9d6806fa159e0525146f6312b4931cffed0000", @ANYRES32, @ANYRESOCT, @ANYRESOCT, @ANYRES64], 0x1, 0x61f5, &(0x7f00000075c0)="$eJzs3U1vHVf9B/DfffRD/k2tLqr+I4TctDyU0iROSggUaLsoCzZdoGxRItetIlJASUBpZRFX3rBgxSsAIbFEiCViwQvogi07VqyIZCOBumLQ2OfE48m9vXYd37n2fD6SPfObM9c+4++d++A7MycAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPjed7+/0omIGz9LC5Yi/i96Ed2IhbJejoiF5aW8fj8inoud5ng2IgZzEeXtd749HfFqRHx8NmJre321XHz5gP146w9/++0Pzrz9198PLv7nj/d6r41b7/79X/77Tw+Ots0AAADQNkVRFJ30Nv9cen/fbbpTAMBU5Of/IsnLT339q3+8/edZ6o9arVar1VOoq4rRHlSLiNio3qZ8zeDjeAA4YTbik6a7QIPk32r9iDjTdCeAmdZpugMci63t9dVOyrdTfT5Y3m3Px4Lsy3+j8+j8jnHTSerHmEzr/rUZvXhmTH8WptSHWZLz79bzv7HbPkzrHXf+0zIu/+HuqU+tk/Pv1fOvOT35d0fm31Y5//6h8u/JHwAAAAAAZlj+//9Sw5//zh19Uw7k0z7/XZ5SHwAAAAAAAADgSTvq+H+PGP8PAAAAZlb5Xr3067N7y8Zdi61cfr0T8VRtfaBl0skyi033AwAAAAAAAAAAAADapL97DO/1TsQgIp5aXCyKovyqqteHddTbnwI71yxouhPA9DX9IA8AALs+Pls7l78TMR8R16O7c62/weLiYlHMLywWi8XCXH49O5ybLxYq7+vztFw2NzzAC+L+sCh/2HzldlWT/l8wqb3+88rfNSx6B+jYEzJIf80xzQ2FDQDJ7rPRlmekU6YonvZpAwdi/z+FlmKp6fsVs6/puykAAABw/IqiKDrpct7n0vh+3aY7BQBMRX7+r38ucKS6O6Y94sn8fLVarVar1Z+pripGe1AtImKjepvyNYPh+AHghNmIT5ruAg2Sf6v1I+K5pjsBzLRO0x3gWGxtr692Ur6d6vNBGt89HwuyL/+Nzs7t8u1HTSepH2MyrfvXZvTimTH9eXZKfZglOf9uPf8bu+3DtN5x5z8t4/If7pwy1z45/149/5rTk393ZP5tlfPvHyr/nvwBAAAAAGCG5f//L/n8N28yAAAAAAAAAJw4W9vrq/m81/z5/+dGrOf8z9Mp5985bP4LaV7+J1rOv1vL/8u19XqV+Ydv7u3//9peX/3dvX/+f54eNP+5PNNJ96xOukd00m/q9NP0KFv3uM1Bb1j+pkGn2+unY36KwbtxK27HWlzat243/T322lf2tZc9Hexrv7yvvf9Y+5V97YN03YFiIbdfiNX4cdyOd3bay7a5Cds/P6G9mNCe8+95/G+lnH+/8lXmv5jaO7Vp6eFH3cf2++p01O9549bnf3Hp+Ddnos3oPdq2qnL7zjfQn/Jv8lYM46d31+5cuH/z3r07K5EmZ6pLL0eaPGE5/8HO19ze4/8Lu+35cb+6vz78aHjo/GfFZvTH5v9CZb7c3pem3Lcm5PyH6Svn/05qH73/n+T8x+//LzfQHwAAAAAAAAAAAAAAAPg0RVHsnCL6RkRcTef/NHVuJgAwXfn5v0jycrVarVar1aevripGe71aRMRfqrcpXzP8fNQPAwBm2X8j4u9Nd4LGyL/F8vX+yumLTXcGmKq7H3z4w5u3b6/dudt0TwAAAAAAAACAzyqP/7lcGf/5xYhYqq23b/zXN2P5qON/9vPMowFGn/BA32Nsdoe9bmW48edjZ3zuC+PG/z4fj4//ncfE7VW3Y4zBhPbhhPa5Ce3zI5fupTXyRI+KnP/zlfHOy/zP1YZfb8P4r/Ux79sg53++cn8u8/9Sbb1q/sVvZi7/jYOuuBndfflfvPf+Ty7e/eDDV269f/O9tffWfnRlZeXSlatXr127dvHdW7fXLu1+P55ez4Ccfx772nGg7ZLzz5nLv11y/l9ItfzbJef/xVTLv11y/vn1nvzbJeef3/vIv11y/i+lWv7tkvP/Sqrl3y5b2+tzZf4vp1r+7ZL3/6+mWv7tkvN/JdXyb5ec/4VUy79dcv4XU32A/F0e/hTJ+edPuOz/7ZLzX0m1/Nsl53851fJvl5z/lVTLv11y/q+mWv7tkvP/Wqrl3y45/6upln+75Py/nurD5L9wjP1iOnL+11Jt/2+XnP83Ui3/dsn5fzPV8m+XnP9rqZZ/u+T8v5Vq+bdLzv/bqZZ/u+T8v5Nq+bdLzv/1VMu/Xfau/2/GjBkzeabpRyYAAAAAAAAAAAAAoG4ahxM3vY0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8jx04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYe/uYuQ66/uBn1nv2muHEAMhOPkb2CQmhMRk13biF/5NMYEADVAKJBT6guN612bBb3jtEiiSTQMlEkZFFVXTi7aAojZSVRFVXNCK0lxUfbkq7QW9qagqITWqDAqoSG0F2WrmPM/jmdnZmVnveH32PJ+PlPx2Z86Z88yZ55yd366/cwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHa3vnnuc42iKJr/tf63tShe1Px689TW1m1vuNYjBAAAAFbrp63/P39DuuHgECu1LfN3r/rHry8uLi4WH9jwuxPjxWK6Y6ooJjYVReu+6Jl//2DjS23fB48Xk42xtu/HBmx+w4D7xwfcPzHg/o0D7t804P7JAfcv2QFLbC5/H9N6sB2tL7eWu7S4sZho3bejx1qPNzaNjcXf5bQ0WussThwt5ovjxVwx07F8uWyjtfw3b21u6+1F3NZY27a2N2fIDz91JI6hEfbxjo5tXX7M6PtvKqZ+9MNPHfnjs5du7lUH7oaOxyvHeedtzXF+JtxSjrVRbEr7JI5zrG2c23u8Jhs6xtlordf8unuczw85zg2Xh7mmul/zyWKs9fW3W/tpvP3Xemk/bQ+3/fftRVFcuDzs7mWWbKsYK7Z03DJ2+fWZLGdk8zGaU+mlxfiK5umtQ8zTZp3d0TlPu4+J+PrfGtYbX2YM7S/T9z+9ccnrvtJ5GjWf9XLHSvccHPWxUpU5GOfFt1tP+omec3BHeP6fumP5Odhz7vSYg+l5t83B2wbNwbGNG1pjTi9Co7XO5Tm4q2P5Da0tNVr1uTv6z8HpsydOTy984pOvnz9x+NjcsbmTe3btmtmzd+/+/funj84fn5sp/3+Fe7v6thRj6Ri4Ley7eAy8tmvZ9qm6+JXRHYeTfY7DrV3Ljvo4HO9+co21OSCXzuny2Hi4udMnL44VyxxjrdfnrtUfh+l5tx2H423HYc+fKT2Ow/EhjsPmMqfvGu49y3jbf73GcLV+Fmxtm4Pd70e65+Co349UZQ5Ohnnxr3ct/7NgexjvEztX+n5kw5I5mJ5uOPc0b0nv9yf3t0qveXlL847rNhbnFubO3PPY4bNnz+wqQlkTL2ubK93zdUvbcyqWzNexFc/Xg/OveuKWHrdvDftq8vXN/00u+1o1l7n3nv6vVeunW+/92XHr7iKUEVvr/dnrp3lzf6Zess/+bC7zmenVvxdPfWnb+XdimfNv7PtfKLeXHurxDRPj5fG7Ie2diY7zcedLNd46dzVa235+erjz8UT4b63Pxzf2OR9v61p21Ofjie4nF8/HjUG/7Vid7tdzMsyT4zP9z8fNZbbtXumcHO97Pr491EbY/68LnULqi9rmznLzNm1rfHwiPK/xuIXOebqnY/mJ0Js1t/X07iubp3feXj7WhvTsLlureTrVteyo52k6Xy03TxuDfvt2Zbpfz8kwL27c03+eNpd59t7Vnzs3xy/bzp0bB83BiQ0bm2OeSJOwPN8vbo5z8J7iSHGqOF7Mtu7d2JpPjda2dt433BzcGP5b63Pltj5z8M6uZUc9B9PPseXmXmN86ZMfge7XczLMiyfv6z8Hm8u8Zd9o37veGW5Jy7S9d+3+/dpyv/O6pWs3Xc3feTXH+Tf7+v9utrnM8f0r7TP776e7wy3X9dhP3cfvcsfUbLE2+2lbGOel/cvvp+Z4mst86cCQ8+lgURTnP/ZA6/e94e8rf37uO1/v+LtLr7/pnP/YAz+4/ujfrmT8AKx/L5RlS/mzru0vU8P8/R8AAABYF2LfPxZqov8HAACA2oh9f/xX4Yn+HwAAAGoj9v3joSaZ9P/b3nJp/oXzRUrmLwbx/rQbHiqXixnXmfD91OJlzdsfeGrux395frhtjxVF8ZOHfqPn8tseiuMqTYVxPvNg5+1LVzw/1PYffeTycu359S+Hx4/PZ9hp0CuCO1MUxTdv+EJrO1MfvNiqzz70aKu+98ITjzeXef5A+X1c/7mXlcv/QQj/Hjx6uGP958J++F6oM+/ovT/iel+7+Lrt+95/eXtxvcZtL2497Sc/VD5u/JycLz5eLh/383Lj/6vPP/215vKPvab3+M+P9R7/0+Fxn3rw0nxzxv3PK8vl21+D5vdxvc+G8cftPRXWv+er3+o5/mc+Vy5/+q3lco+GGrd/Z/h+x1svzbfvr8cahzueV/G2crm4/Znv/Hbr/vh48fG7xz956GLH/uieH8/+c/k4013Lx9vjdqK/6Np+83Ha52fc/tO/9WjHfh60/Wfe+9wrm4/bvf27u5bb0LV+9yc2/eFnv9Bze3E8B//sdMfzOfiecByH7T/5oTAfw/3/+8wXOrYbPfqezvNPXP7LW893PJ/o7T8qt//MG4+16n9M/fj3r3vR9S++8OrmviuKb7+vfLxB2z/2R6c6xv+Vm+5qvR7x/pjR797+cuL2z3x858lTC+fmZ9v2auuzc95ZjmfT5OYtzfHeEM6t3d8fOnX2w3NnpmamZopiqr4foXfFvhrqD8pyYaXr3/VIeD1v+b1vbrnjnz4fb/+Xh8vbL76j/Ln12rDcF8PtW8vXb7Gxyu0/eetNreO78Wz5fUeOfQS27/jP/UMtGJ5/9/uCON9Pv/zDrf3QvK/1cyMe16sc/3dny8f5Rtivi+GTmW+76fL22pePn41w8X3l8b7q/RdOc/F1/ZPwer/re+Xjx3HF5/vd8D7mW9s6z3dxfnzj/Fj347c+xeNCOJ8UF8r741Jxf198/qaew4ufQ1JcuLn1/e+kx7l5RU9zOQufWJg+Pn/y3GPTZ+cWzk4vfOKTh06cOnfy7KHWZ3ke+sig9S+fn7a0zk+zc3vvLWY2F0VxqphZgxPW1Rl/86vhxn/6kSOz+2bumJ07evjc0bOPnJ47c+zIwsKRudmFOw4fPTr38UHrz8/ev2v3gT37du88Nj97//4DB/Yc2Dl/8lRzGOWgBtg789GdJ88caq2ycP+9B3bdd9+9MztPnJqdu3/fzMzOc4PWb/1s2tlc+9d3npk7fvjs/Im5nQvzn5y7f9eBvXt3D/w0wBOnjy5MTZ85d3L63MLcmenyuUydbd3c/Nk3aH3qaeHfyvez3RrlB/EV7757b/p81qanPr3sQ5WLdH2A6KXwWTT/8JLT+4f5Pvb9E6EmmfT/AAAAkIPY928MNdH/AwAAQG3Evn9TqIn+HwAAAGoj9v2ToSaZ9P/y//L/w+X/y/tHmf/vlZ8v5P8rlf8//bEyV7re8/8xPy//n4drnP9f9fbl/+X/65f/Hz4/v97HL/8v/89SVcv/x75/c1Fk2f8DAABADmLfvyXURP8PAAAAtRH7/utCTfT/AAAAUBux739RqEkm/b/8/1D5/92DAlf1z/+P/vr/8v/y/2uS/48vjvx/Nlacv3//wx3fyv8H8v/y//L/8v/y/6zaxLL3XKv8f+z7rw81yaT/BwAAgBzEvv/FoSb6fwAAAKiN2PffEGqi/wcAAIDaiH3/1lCTTPp/+X/X/5f/l/+vdf5/tdf/bxuM/P/64Pr//cn/D3DF+f9J+f/1mP+fGO34q53/Hzh8+X+uiqpd/z/2/S8JNcmk/wcAAIAcxL7/paEm+n8AAACojdj3vyzURP8PAAAAtRH7/htDTTLp/+X/5f/l/+X/5f97b3/w9f/Lr+T/q0X+vz/5/wFc/z+v/P+Ix1/t/P+or/8/8WD3+vL/9FK1/H/s+18eapJJ/w8AAAA5iH3/TaEm+n8AAACojdj3vyLURP8PAAAAtRH7/m2hJpn0//L/VyP//9PW2vL/8v/d80P+v275/5L8f7XI//cn/z+A/L/8v/z/cPn/Hh9+Jf9PL1XL/8e+/+ZQk0z6fwAAAMhB7PtvCTVZpv9fHPJv2wAAAEB1xL7//4Wa+Ps/AAAA1Ebs+7eHmmTS/8v/u/6//H9e+f+7N8r/y//Xm/x/f/L/A8j/y//L/w95/f+lVpL/3zTowaiNquX/Y9//ylCTTPp/AAAAyEHs+18VaqL/BwAAgNqIff+rQ030/wAAAFAbse+fCjXJpP+X/69X/v9P//rJVxfy//L/A7Zf0/x/nAby/5mT/+9P/n8A+X/5f/n/Ncn/k4+q5f9j339rqEkm/T8AAADkIPb9t4Wa6P8BAACgNmLff3uoif4fAAAAaiP2/TtCTTLp/+X/65X/j+T/5f/7bb+m+f9E/j9v8v89tB2k8v8DyP/L/2ef/4/vfuX/GY2q5f9j3/+aUJNM+n8AAADIQez77wg10f8DAABAbcS+/7WhJvp/AAAAqI3Y998ZapJJ/y//L/8v/y//L//fe/vy/+uT/H9/K83/b5T/l/+X/88s/+/6/4xW1fL/se9/XahJJv0/AAAA5CD2/XeFmuj/AQAAoDbiv98s/92r/h8AAADqKPb9O0NNMun/5f/l/3PK/zfk/+X/5f9rT/6/P9f/H0D+X/5f/l/+n5GqWv4/9v2vDzXJpP8HAACAHMS+/55QE/0/AAAA1Ebs+6dDTfT/AAAAUBux758JNcmk/5f/l//PKf/v+v/y//L/9Sf/398o8v+L5+X/5f97k/+vYP6/KOT/uaaqlv+Pff+uUJNM+n8AAADIQez7d4ea6P8BAACgNmLfvyfURP8PAAAAtRH7/ntDTTLp/+X/5f/l/+X/5f97b1/+f32S/+/P9f8HkP+X/69b/t/1/7nGqpb/j33/faEmmfT/AAAAkIPY9+8NNdH/AwAAQG3Evn9fqEno/3v9u24AAABgfYl9//5Qk0z+/i//X5P8/2/+fce25f/l//ttfzT5/83y/6HK/1dLTfP/3YfFFZP/H0D+/6rl54uxkQzxmo1f/l/+nytTtfx/7PsPhJpk0v8DAABADmLf/4ZQE/0/AAAA1Ebs+/9/qIn+HwAAAGoj9v0/E2qSSf8v/1+T/H8X+X/5/37bd/1/+f86q2n+f2Rqlf8fk/9fT/l/1/+X/x+0PvV09fP/8avh8v+x778/1CST/h8AAAByEPv+nw010f8DAABAbcS+/42hJvp/AAAAqI3Y9x8MNcmk/5f/l/+/Wvn/C2Py/93zI6/8/xuLblXM/zcnj/x/vVQ4/z8xzPbl/13/X/5/Tcbf/aNmJOOX/5f/Z6mqXf8/9v1vCjXJpP8HAACAHMS+/4FQE/0/AAAA1Ebs+98caqL/BwAAgNqIff9bQk0y6f/l/+X/Xf9f/t/1/3tvX/5/fapw/n8o8v/y//L/63f88v/y/yxVtfx/7PsfDDXJpP8HAACAHMS+/62hJvp/AAAAqI3Y978t1ET/DwAAALUR+/63h5pk0v/L/8v/y//L/8v/996+/P/6JP/fn/z/APL/8v/y//L/jFTV8v+x7/+5UJNM+n8AAADIQez7Hwo10f8DAABAbcS+/x2hJvp/AAAAqI3Y978z1CST/l/+X/5f/l/+X/6/9/bl/9cn+f/+5P8HkP+X/5f/l/9npKqW/499/7tCTTLp/wEAACAHse//+VAT/T8AAADURuz73x1qov8HAACA2oh9/y+EmmTS/8v/y/9XK/+/eL59Pfl/+f9iVPn/5kry/1mQ/+9P/n+AHvn/TfL/8v/y//L/XLGq5f9j3/+eUJNM+n8AAADIQez73xtqov8HAACA2oh9//tCTfT/AAAAUBux73841CST/l/+P8v8f3rK1cv/u/6//L/r/8v/r478f3/y/wO4/r/8v/y//D8jVbX8f+z7Hwk1yaT/BwAAgBzEvv/9oSb6fwAAAKiN2Pf/YqiJ/h8AAABqI/b9Hwg1yaT/l//PMv9f4ev/1y3/P94xP3LK/0+2vZ5pXsr/y/+vAfn//uT/B5D/l/+vcv4/zObNy6wv/08VVS3/H/v+D4aaZNL/AwAAQA5i3/9LoSb6fwAAAKiN2Pf/cqiJ/h8AAABqI/b9vxJqkkn/X8P8/4VC/l/+vzL5/875kVP+3/X/l5L/Xxvy//3J/w8g/y//X+X8/wDy/1RR1fL/se//1VCTZRu/H/zXEE8TAAAAqJDY938o1CSTv/8DAABADmLffyjURP8PAAAAtRH7/kdDTTLp/2uY/1/l9f/jFVXl/+X/R53/H5P/l/+X/18Do8v/v+L6opD/l/+X/5f/l/+X/2c1qpb/j33/4VCTTPp/AAAAyEHs+38t1ET/DwAAALUR+/4joSb6fwAAAKiN2PfPhppk0v9fw/z/RDXz/67/f6X5/5/I/7v+fyD/35v8/9pw/f/+5P8HkP+X/5f/l/9npKqW/499/1yoSSb9PwAAANRY+nVw7PuPhpro/wEAAKA2Yt9/LNRE/w8AAAC1Efv+D4eaZNL/u/6//L/r/1+L/P94x/Ly/yX5f/n/UZD/70/+fwD5f/l/+X/5f0aqavn/2PfPh5pk0v8DAABADmLf/5FQE/0/AAAA1Ebs+z8aaqL/BwAAgNqIff/xUJNM+n/5f/n/3PP/jaK44Pr/o83/b5L/70n+f23I//cn/z+A/P9a5uevH8mgr934l5D/l/9nqarl/2PffyLUJJP+///Yu48mu85qj8MbY0vdI/gIjBkxhJH5CEyZUcWYaJODZXIGk3MwOedgosk552iTczTRUNWUW2stqfsc7S2pj/rs/b7PM1lXuhZ9hBtz/1f1qxcAAAB6kLv/vnGL/Q8AAADNyN1/v7jF/gcAAIBm5O6/f9zSyf7X/+v/e+//h628/3/wr2+t//f+/3r6/+Ox0t9fvv6vO1cUfs7+/y53vfpe+n/9v/5/lPf/9f/6fw6bW/+fu/8BcUsn+x8AAAB6kLv/gXGL/Q8AAADNyN1/Vdxi/wMAAEAzcvdfHbd0sv/1//p//b/+/0D/f6P+X/+/bN7/H6f/n6D/1//r//X/bNTc+v/c/Q+KWzrZ/wAAANCD3P0PjlvsfwAAAGhG7v6HxC32PwAAADQjd/9D45ZO9r/+X/+v/19K/3/C+/+Hfj/6f/3/Ovr/cfr/Cfp//b/+X//PRs2t/8/d/7C4pZP9DwAAAD3I3f/wuMX+BwAAgGbk7n9E3GL/AwAAQDNy9z8ybulk/+v/9f/6/6X0/8f0/r/+X/+/cNcPZ/6ZoP9fpf+fMNH/D4P+f8x59/Prf3vL+fznoP/X/7Nqbv1/7v5HxS13H4YTF/ubBAAAAGYld/+j45ZO/vwfAAAAepC7/5q4xf4HAACAZuTuPxW3dLL/9f/6f/2//l//v/7r6/+Xyfv/447e/9/5jve5d7/9v/f/x3n/f9P9/23fGfp/lm1u/X/u/mvjlk72PwAAAPQgd/9j4hb7HwAAAJqRu/+xcYv9DwAAAM3I3f+4uKWT/a//b63/v/2BX3dW/79fu+j/9f/6f/1/6/T/47z/P2H/H3O79UP9v/7f+//6f45mbv1/7v7Hxy2d7H8AAADoQe7+J8Qt9j8AAAA0I3f/E+MW+x8AAACakbv/SXFLJ/tf/99a/3/w13n/X/+/7uvr//X/LdP/j9P/T2jl/f+L/K7Zdj9/VNv+/Pp//T+r5tb/5+5/ctzSyf4HAACAHuTuf0rcYv8DAABAM3L3PzVusf8BAACgGbn7nxa3dLL/9f/6/2X0//kV5tT/7+3tHfoe0v+ftvT+P+n/l0n/P07/P6GV/v8ibbufX/rn1//r/1k1t/4/d//T45ZO9j8AAAD0IHf/M+IW+x8AAACakbv/mXGL/Q8AAADNyN3/rLilk/2v/9f/L6P/9/6//t/7//r/86P/H6f/n6D/1//r//X/bNTc+v/c/dfFLZ3sfwAAAOhB7v5nxy32PwAAADQjd/9z4hb7HwAAAJqRu/+5cUsn+1//r//X/+v/9f/rv77+f5n0/+P0/xM67/+HU/p//b/+n82aUf9/1q/aGZ4Xt3Sy/wEAAKAHufufH7fY/wAAANCM3P0viFvsfwAAAGhG7v4Xxi2d7H/9/2z6//2cr63+f3cYBv3/0Gn/v3vW38/6vtT/6/+Pgf5/nP5/Quf9/7b7+aV/fv2//p/Dds75v9nW+/+5+190+PN1sv8BAACgB7n7Xxy32P8AAADQjNz9L4lb7H8AAABoRu7+l8Ytnex//f9s+v99bfX/3v8//P3RU//v/f9V+v/jof8fp/+foP/X/+v/9f9s1FU3nf6/Zw/bVv+fu/9lcdOJKy76twgAAADMTO7+l8ctnfz5PwAAAPQgd/8r4hb7HwAAABbqupWfyd3/yrilk/2v/99s/3/irJ/T/+v/D39/6P/1//r/S0//P07/P0H/r//X/+v/2ai59f+5+18Vt3Sy/wEAAKAHufuvj1vsfwAAAGhG7v5Xxy32PwAAADQjd/9r4pZO9r/+3/v/+n/9/1T/f+Y5VP2//n/+9P/j9P8T9P/6/5HPf/i/nw7bQP9/8sz/qP+nDRfQ/+/t7V1zyfv/3P2vjVs62f8AAADQg9z9r4tb7H8AAABoRu7+18ct9j8AAAA047bdvzsMwxv2f9Tf/tf/d9r/57f6svr/U8Og//f+v/5f/z9O/z9O/z9B/6//9/6//p+Nmtv7/7n73xi3dLL/AQAAoAe5+98Ut9j/AAAA0Izc/W+OW+x/AAAAaEbu/rfELZ3sf/1/p/2/9//1//r/4+7/bx30/8diEf3/7rm//tz7/2v1//r/Ed31//e424Ef6v/1/6yaW/+fu/+tcUsn+x8AAAB6kLv/bXGL/Q8AAADNyN3/9rjF/gcAAIBm5O5/R9x0eSf7X/+v/9f/6//1/+u//jG//39iGAb9/wYsov8fMff+fzPv/x/+T/kZ+n/9/5I/v/5f/8+qufX/ufvfGbd0sv8BAACgB7n73xW32P8AAADQjNz9745b7H8AAABoRu7+98Qtnex//b/+X/+v/2++/792Ef2/9/83RP8/bh79/7np//X/S/78+n/9P+dvW/1/7v73xi2d7H8AAADoQe7+98Ut9j8AAAA0I3f/++MW+x8AAACakbv/A3FLJ/tf/6//v5D+Pz+n/r+t/v/ksfT/p4bhvPv/nQP/ep28/6//3xD9/7jz6f/3v7f1//p//X+v/f91+n82aW7v/+fuvyFu6WT/AwAAQA9y938wbv2/bu1/AAAAaEbu/g/FLfY/AAAANCN3/4fjlk72v/5f/+/9f/1/8+//6/+7ov8f5/3/Cfp//b/+3/v/bNTc+v/c/R+JWzrZ/wAAANCD3P0fjVvsfwAAAGhG7v6PxS32PwAAADQjd/+NcUsn+1//r//X/+v/9f+n/x7q/9ug/x93PP3/rv5f/1/9/O3iPwX6f/3/1K+nTXPr/3P3fzxu6WT/AwAAQA9y938ibrH/AQAAoBm5+z8Zt9j/AAAAsEiXr/m53P2fils62f/6f/2//l//r/9f//X1/8u0lf4/vyn0/97/D/30/3c68KOlvf9/+L+/9P/6fzZvbv1/7v5Pxy2d7H8AAADoQe7+z8Qt9j8AAAA0I3f/Z+MW+x8AAACakbv/c3FLJ/tf/6//1//r//X/67++/n+ZvP8/Tv8/Qf+/1ffzl/759f/6f1bNrf/P3f/5uKWT/Q8AAAA9yN3/hbjF/gcAAIBm5O7/Ytxi/wMAAEAz9nd/xmUd7n/9v/5f/6//1/+v//r6/2XS/4/T/0/Q/+v/9f/6fzZqbv3/l/Z/1c7w5bilk/0PAAAAPcjd/5W4xf4HAACAZuTu/2rcYv8DAABAM3L3fy1u6WT/6//1/8vo//f29q7R/+v/D/5+zvT/N+v/Kfr/cfr/Cfp//b/+X//PRs2t/8/d//W4pZP9DwAAAD3I3f+NuMX+BwAAgGbk7v9m3GL/AwAAQDNy938rbulk/+v/Z9D/7+j/vf+v/x+8/7/a/192+h/K+v8Lo/8fp/+f0GL/v3P+v/1t9/NHdck+/47+X//PxZpb/5+7/9txSyf7HwAAAHqQu/87cYv9DwAAAM3I3f/duMX+BwAAgGbk7v9e3NLJ/tf/H1//f9u/d728/787rP/8+n/9v/7f+/+Xmv5/nP5/Qov9/wXQ/3v/X//Pps2t/8/d//245eDwu+LCfpcAAADAnOTu/0Hc0smf/wMAAEAPcvf/MG6x/wEAAKAZuft/FLd0sv/1/zN4/7/B/t/7/+u/P/T/s+7/L9P/t+EC+/sbDv+E/j/o//X/+n/9/5H6//xu1v/3bm79f+7+H8ctnex/AAAA6EHu/p/ELfY/AAAANCN3/01xi/0PAAAAzcjdf3Pcctb+X9d2t0L/r//X/+v/9f/rv77+f5m8/z/ufPv/k8PR+v/Uff+/s/Kvr/+/hLb9+fX/3v9n1dz6/9z9P41b/Pk/AAAALM4V5/j53P0/i1vsfwAAAGhG7v6fxy32PwAAADQjd/8v4pZbLtvWRzpW+n/9v/5f/6//X//19f/LpP8f5/3/Cd7/30Q/f6X+v43+fxj0/xzd3Pr/3P2/jFv8+T8AAAA0I3f/r+IW+x8AAACakbv/13GL/Q8AAADNyN3/m7ilk/2v/9f/H7H/308z9f+n6f9P0/+vp/8/Hvr/cfr/Cfp/7//r/73/z0bNrf/P3f/buKWT/Q8AAAA9yN3/u7jF/gcAAIBm5O7/fdxi/wMAAEAzcvf/IW7pZP9vrf+Pf6v1/4vv/73/r//X/+v/Z0X/P67R/n93GAb9/wZsu59f+ufX/+v/WTW3/j93/x/jlk72PwAAAPQgd/+f4hb7HwAAAJqRu//PcYv9DwAAAM3I3f+XuKWT/e/9f/2//l//r/9f//X1/8uk/x/XaP9/5Pf/62+U/l//r//X/7NRc+v/c/f/NW7pZP8DAABAD3L3/y1usf8BAACgGbn7b4lb7H8AAABoRu7+v8ctnex//b/+X/+v/9f/r//6+v9l0v+P22b/f887TH/ZbfX/Rf+fH0H/r//X/7MRc+v/c/f/I27pZP8DAABAD3L3/zNusf8BAACgGbn7/xW32P8AAADQjNz9/45bOtn/E/3/yfoL9f+j9P8HP7/+f/33h/5f/6//v/T0/+O8/z9B/+/9f/2//p+Nmlv/n7v/P3FLJ/sfAAAAepC7/9a4xf4HAACAZuTu/2/cYv8DAABAM3L3/y9u6WT/e/9/Sf3/lfp//b/+X/+v/5+g/x+n/5+g/9f/6//1/2zU3Pr/3P3/DwAA//+2vUye")
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000, 0x1)

1.941133139s ago: executing program 2 (id=410):
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000480)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
read$FUSE(r0, &(0x7f00000004c0)={0x2020}, 0x2020)

1.679753207s ago: executing program 2 (id=412):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/partitions\x00', 0x0, 0x0)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0)
sendfile(r1, r0, &(0x7f00000000c0)=0x58, 0xa)

1.180734201s ago: executing program 0 (id=419):
r0 = socket$inet6(0xa, 0x2, 0x0)
shutdown(r0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000280)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_io_uring_setup(0x4169, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000480), &(0x7f0000000040)=<r5=>0x0)
syz_io_uring_setup(0xa97, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4}, &(0x7f0000000000)=<r6=>0x0, &(0x7f00000005c0))
syz_io_uring_submit(r6, r5, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r4, 0x48e9, 0x0, 0x0, 0x0, 0x0)

558.445049ms ago: executing program 2 (id=420):
ppoll(&(0x7f0000000000)=[{0xffffffffffffffff, 0x4020}], 0x1, 0x0, 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000200)={0x2, 0x0, 0x78d, 0x1, r2}, 0x10)

339.629768ms ago: executing program 1 (id=423):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000200), 0x100)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000080)={{0x1, 0x0, 0x4}})
readv(r0, &(0x7f0000000140)=[{&(0x7f00000001c0)=""/54, 0x36}], 0x1)
read(r0, &(0x7f00000002c0)=""/198, 0xc6)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)

210.967985ms ago: executing program 1 (id=424):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000240)={0x0, 0x8000}, 0x4)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0xbe, 0x0, 0x5748}]}, 0x10)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$inet(r1, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000140)="be38", 0xffe7}], 0x1, &(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaac141400000000001400000000000000000000000700000007038b01000000005e15f32aa9988e60da6af674011b2a455370163705ff6db8fe99e02d5c23fecd3922873c70484cf959be1be72e9341a96fb1aa0c825d8aa4d9b88e8108d7b4073aacafd32f94591c94ddb8ac0acc3aac8ac1960818c53bc0bca554f571a2a134f78b7d55c61c500139014cf38980f0ed12e5f086073d98727cfeb96c1caed1a11815ddb48dd3a6c091fb"], 0x38}, 0x0)

210.696305ms ago: executing program 0 (id=425):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@delneigh={0x28, 0x1a, 0x1, 0x0, 0xfffffffd, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, [@NDA_LLADDR={0xa, 0x2, @multicast}]}, 0x28}}, 0x40)

139.994268ms ago: executing program 0 (id=426):
prlimit64(0x0, 0xe, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
splice(r0, 0x0, r2, 0x0, 0x88000cc, 0x0)
fcntl$setpipe(r1, 0x407, 0x100004)
write$eventfd(r1, &(0x7f0000000240), 0xffffff14)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)

139.763789ms ago: executing program 1 (id=427):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0xe, 0x4}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_INITIAL_QUANTUM={0x8, 0x4, 0xffffffff}]}}]}, 0x38}}, 0x20048020)

70.880385ms ago: executing program 1 (id=428):
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
mount$fuseblk(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x200840d, &(0x7f0000000100)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0xa000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@blksize={'blksize', 0x3d, 0x1000}}]}})

264.757µs ago: executing program 1 (id=429):
keyctl$set_reqkey_keyring(0x6, 0xfffffffffffffffd)

0s ago: executing program 1 (id=430):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000480)=ANY=[@ANYBLOB="6e6f757365725f78617474722c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c6572726f72733d636f6e74696e75652c646174613d77726974656261636b2c6572726f72733d72656d6f756e742d726f2c6e6f61636c2c0033b67a38edf7ca65cff4aecf1bccac7b7847e83ec6928ad9eff2281ff7a2314d9a8541a9772b98d067c1463bb01ed3ebf5764745d29402107611df2e22d6cfb25eb0a8b970f339cf6413aaef25cee228060d70ce0ade90d917a9c5"], 0x1, 0x442f, &(0x7f0000004480)="$eJzs3c9rHFUcAPA3k7RJan8ktYcKggsWFJWQ9KRGME3TH0lbI9UWESHdJNs2ssmWZCMeeog3wZPgQTwUBW85SQ5e65/gxaOeC3rwIghiZHdn053JLlnrbmLL53PYt/N+J9+Z2TeH3RcnyrcXV3OLq7n8cq40f3P1dO6jUnFtqRDiPdJ0/AN7Nz7t6cZ50kafff995jQzc/b8O9dPh/DDwk8Ptra2tkJFb2hqtOH9H7/fnW9M6+JMm0q/zXvrlPdDCCd2zKuiJ4Tw3vchRCGEM0neRJIOhBCOhFrZ9buf3ch1aDZ9Sbo5dmp6495m6789CuGr4jOv3Fr69fmesV9e6tDwAAAAAAAAAAAAAAAAAAA85i5cnbn29shouB+F3o2o9n3dvsbyJG31/ditjnluD/5aAAAAAAAAAAAAAAAAAAAA+H96+P3/XHQ82rlf92SSjrdov/Vm9+dI90y9NTN5bmQ02f89aiiZOVZ5fTXJ+u1MTxhqsu97dv/3M5n+m+//HnVs/vX51ccdDFE8nDqO4+HhEL5JNn4/GR2Ki6XV8ss3S2vLCx2bxmMrHf/a7v2p6CQb+rcb/4lM/93f///pHWdT5fhG506xJ1o6/j0t6/WHqK34n82024v48+jS8e+t5g00Vhiv3QC+/SQKn/fuHv/JTP/div/REEIuqsw1l7oDVNYwlfxW6xXS0vE/UM1L3TqTf2Ql/s2u/z8z8T+X6X+/7v/r2Q8imkrH/2A1rz9V4+H1PxTvfv2fz/S/H/GvzH/d539b0vFPfvmtN1Wl+p9s9/5/IdN/t+J/LU7meTRKnQEbUS2/1e/VkZaOf/+O8ofPf3Fb67+LmfZ79fxXH7f+/Fe//b8Y1Z7/aC4d/4GW9dq9/qcy7bp9/x+vrv94VOn4H6rmpdfOg9XXduM/nem/O/E/uP1uPLP+/7uvtgD42vqvLen4P1XLjBtrrFdfq+u/aPf1/6VM//ux/qvMfz3u7qhPinT8D7esV4n/j218/l/OtOt+/EMYsdZ/ZOn4H2lZr3r99+8e/yuZdt2O/wvd7BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgMTCRpIMhiodTx3E8PBzC2eT4ZDgUzeUXZueKpfkPVkOYTPJz4Xh0q1iayxdnF5dLC4XZfLFYmg/hXFJ+IvRHq8VSeXYpf+f8dl8D0e1CfqU8V8iXQwgXkvxnw5F6X3OL5aX8nRDCxe2yY3Fp5c7t/PLswuLK6yMjIyNhansOQ1Hh43JhuVwbvVYawvR228GoYXLV4kvbczkcfVhaW1nOF6v5lxvaFEvz+WJDmytJ2RdhKCqvrC3P58uF2WLpVn28/TSepJNTV9+9enl0R/mNqJZO7O20AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiX7o+99mUIobd2FIcQxutvomb1v/u58MbsX1c+3Rw7Nb1xb/NBq3oAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMA/7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWGXjlEqBoIwAM+uRazEY1iFpLONKKKFEcETaO0JPIwexUt4BwsLWwsR4gYkL3mkea/6vmZgf3Z2YAcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1rm86+9vmzYixeFPVcXb4/vH//y61Jez+fsHe5iR3bm66c8vmrb8e9rIT8vRZ5eH9Pvr+SFm6uh1sifTffozNH062jLX0r4tzTe+exwp1xHRlfwk5VzX63oBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8sgMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUXfBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADArwAAAP//hykaaw==")
openat(0xffffffffffffff9c, &(0x7f0000000740)='./file1\x00', 0x183242, 0x1f1)
open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:30754' (ED25519) to the list of known hosts.
syzkaller login: [   67.434051][ T5844] cgroup: Unknown subsys name 'net'
[   67.528542][ T5844] cgroup: Unknown subsys name 'cpuset'
[   67.533885][ T5844] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   70.092255][ T5844] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   76.423412][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[   76.425931][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[   76.518388][ T5237] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   76.523779][ T5237] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   76.528859][ T5237] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   76.544123][ T5237] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   76.547950][ T5237] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   76.628513][   T55] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   76.632321][   T55] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   76.636653][   T55] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   76.641545][   T55] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   76.645949][   T55] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   76.659255][ T5237] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   76.665007][ T5237] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   76.668917][ T5237] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   76.673707][ T5237] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   76.678434][ T5237] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   77.027624][ T5858] chnl_net:caif_netlink_parms(): no params data found
[   77.153564][ T5865] chnl_net:caif_netlink_parms(): no params data found
[   77.181711][ T5858] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.186184][ T5858] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.189562][ T5858] bridge_slave_0: entered allmulticast mode
[   77.194758][ T5858] bridge_slave_0: entered promiscuous mode
[   77.207425][ T5863] chnl_net:caif_netlink_parms(): no params data found
[   77.222687][ T5858] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.226316][ T5858] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.229664][ T5858] bridge_slave_1: entered allmulticast mode
[   77.234766][ T5858] bridge_slave_1: entered promiscuous mode
[   77.357022][ T5858] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.390047][ T5858] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.463594][ T5863] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.466142][ T5863] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.468762][ T5863] bridge_slave_0: entered allmulticast mode
[   77.473242][ T5863] bridge_slave_0: entered promiscuous mode
[   77.496426][ T5858] team0: Port device team_slave_0 added
[   77.499663][ T5863] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.502725][ T5863] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.506311][ T5863] bridge_slave_1: entered allmulticast mode
[   77.509926][ T5863] bridge_slave_1: entered promiscuous mode
[   77.514009][ T5865] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.516906][ T5865] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.519733][ T5865] bridge_slave_0: entered allmulticast mode
[   77.524244][ T5865] bridge_slave_0: entered promiscuous mode
[   77.529067][ T5865] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.531958][ T5865] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.535651][ T5865] bridge_slave_1: entered allmulticast mode
[   77.539791][ T5865] bridge_slave_1: entered promiscuous mode
[   77.544834][ T5858] team0: Port device team_slave_1 added
[   77.629654][ T5865] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.634652][ T5858] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.637560][ T5858] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.648974][ T5858] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.660211][ T5863] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.670403][ T5863] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.677010][ T5865] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.681955][ T5858] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.685489][ T5858] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.696176][ T5858] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   77.771365][ T5863] team0: Port device team_slave_0 added
[   77.778853][ T5865] team0: Port device team_slave_0 added
[   77.782604][ T5863] team0: Port device team_slave_1 added
[   77.787478][ T5865] team0: Port device team_slave_1 added
[   77.860889][ T5858] hsr_slave_0: entered promiscuous mode
[   77.864570][ T5858] hsr_slave_1: entered promiscuous mode
[   77.867729][ T5865] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.870461][ T5865] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.881096][ T5865] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.886771][ T5865] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.889685][ T5865] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.899689][ T5865] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   77.904164][ T5863] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.906977][ T5863] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.919566][ T5863] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.924805][ T5863] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.928016][ T5863] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.940355][ T5863] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.068040][ T5865] hsr_slave_0: entered promiscuous mode
[   78.071391][ T5865] hsr_slave_1: entered promiscuous mode
[   78.074902][ T5865] debugfs: 'hsr0' already exists in 'hsr'
[   78.076951][ T5865] Cannot create hsr debugfs directory
[   78.095283][ T5863] hsr_slave_0: entered promiscuous mode
[   78.099311][ T5863] hsr_slave_1: entered promiscuous mode
[   78.102706][ T5863] debugfs: 'hsr0' already exists in 'hsr'
[   78.105963][ T5863] Cannot create hsr debugfs directory
[   78.505553][ T5858] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   78.524688][ T5858] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   78.533883][ T5858] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   78.553263][ T5858] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   78.614864][ T5865] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   78.636002][ T5865] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   78.643889][ T5237] Bluetooth: hci0: command tx timeout
[   78.662208][ T5865] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   78.680995][ T5865] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   78.723458][ T5237] Bluetooth: hci2: command tx timeout
[   78.723614][   T55] Bluetooth: hci1: command tx timeout
[   78.739699][ T5863] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   78.766005][ T5863] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   78.787021][ T5863] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   78.798267][ T5863] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   78.939782][ T5858] 8021q: adding VLAN 0 to HW filter on device bond0
[   78.950842][ T5865] 8021q: adding VLAN 0 to HW filter on device bond0
[   78.994227][ T5858] 8021q: adding VLAN 0 to HW filter on device team0
[   79.002177][ T5865] 8021q: adding VLAN 0 to HW filter on device team0
[   79.013461][   T83] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.016443][   T83] bridge0: port 1(bridge_slave_0) entered forwarding state
[   79.037691][   T26] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.040874][   T26] bridge0: port 1(bridge_slave_0) entered forwarding state
[   79.048505][   T83] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.050960][   T83] bridge0: port 2(bridge_slave_1) entered forwarding state
[   79.075769][   T83] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.078527][   T83] bridge0: port 2(bridge_slave_1) entered forwarding state
[   79.096296][ T5863] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.148043][ T5863] 8021q: adding VLAN 0 to HW filter on device team0
[   79.178901][   T26] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.182042][   T26] bridge0: port 1(bridge_slave_0) entered forwarding state
[   79.200230][   T27] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.202962][   T27] bridge0: port 2(bridge_slave_1) entered forwarding state
[   79.397070][ T5858] 8021q: adding VLAN 0 to HW filter on device batadv0
[   79.490883][ T5858] veth0_vlan: entered promiscuous mode
[   79.498131][ T5865] 8021q: adding VLAN 0 to HW filter on device batadv0
[   79.524663][ T5858] veth1_vlan: entered promiscuous mode
[   79.543568][ T5863] 8021q: adding VLAN 0 to HW filter on device batadv0
[   79.589895][ T5858] veth0_macvtap: entered promiscuous mode
[   79.617154][ T5858] veth1_macvtap: entered promiscuous mode
[   79.623368][ T5865] veth0_vlan: entered promiscuous mode
[   79.651303][ T5865] veth1_vlan: entered promiscuous mode
[   79.657076][ T5863] veth0_vlan: entered promiscuous mode
[   79.672546][ T5858] batman_adv: batadv0: Interface activated: batadv_slave_0
[   79.686456][ T5863] veth1_vlan: entered promiscuous mode
[   79.690285][ T5858] batman_adv: batadv0: Interface activated: batadv_slave_1
[   79.713557][ T5887] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   79.717438][ T5887] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   79.732495][ T5887] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   79.738510][ T5887] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   79.788186][ T5863] veth0_macvtap: entered promiscuous mode
[   79.797830][ T5865] veth0_macvtap: entered promiscuous mode
[   79.820962][ T5865] veth1_macvtap: entered promiscuous mode
[   79.838401][ T5863] veth1_macvtap: entered promiscuous mode
[   79.888734][ T5865] batman_adv: batadv0: Interface activated: batadv_slave_0
[   79.919733][ T5863] batman_adv: batadv0: Interface activated: batadv_slave_0
[   79.930759][ T5865] batman_adv: batadv0: Interface activated: batadv_slave_1
[   79.950892][ T5863] batman_adv: batadv0: Interface activated: batadv_slave_1
[   79.960889][ T5887] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   79.974508][ T2181] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.990738][ T2181] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   79.990742][ T5887] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   80.004986][ T5887] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   80.008673][ T5887] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   80.012587][ T5887] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   80.034741][ T5887] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   80.059509][ T5887] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   80.065485][ T5887] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   80.115929][   T83] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.120192][   T83] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.187484][   T83] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.190599][   T83] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.229913][ T5858] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   80.294283][   T83] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.297721][   T83] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.358088][ T1028] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.372059][ T1028] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.414165][   T83] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.423438][   T83] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.457730][ T5927] loop2: detected capacity change from 0 to 16
[   80.489318][ T5927] =======================================================
[   80.489318][ T5927] WARNING: The mand mount option has been deprecated and
[   80.489318][ T5927]          and is ignored by this kernel. Remove the mand
[   80.489318][ T5927]          option from the mount to silence this warning.
[   80.489318][ T5927] =======================================================
[   80.557772][ T5927] erofs (device loop2): mounted with root inode @ nid 36.
[   80.734617][   T55] Bluetooth: hci0: command tx timeout
[   80.804242][   T55] Bluetooth: hci1: command tx timeout
[   80.815207][   T55] Bluetooth: hci2: command tx timeout
[   81.217309][ T5936] loop1: detected capacity change from 0 to 40427
[   81.230677][ T5938] erofs (device loop2): readahead error at folio 2 @ nid 89
[   81.280118][ T5936] F2FS-fs (loop1): invalid crc value
[   81.331499][   T57] erofs (device loop2): failed to decompress 6887 in[4096, 0] out[8192]
[   81.363642][ T5938] erofs (device loop2): failed to decompress 6887 in[4096, 0] out[8192]
[   81.367927][ T5938] erofs (device loop2): read error -117 @ 1 of nid 89
[   81.448808][   T33] audit: type=1800 audit(1758543015.293:2): pid=5938 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4" name="file3" dev="loop2" ino=89 res=0 errno=0
[   81.545646][ T5936] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   81.553088][ T5936] F2FS-fs (loop1): Start checkpoint disabled!
[   81.628547][ T5938] syz.2.4 (5938) used greatest stack depth: 17896 bytes left
[   81.646753][   T24] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   81.749175][ T5936] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[   81.767068][   T33] audit: type=1800 audit(1758543015.693:3): pid=5936 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.6" name="file1" dev="loop1" ino=10 res=0 errno=0
[   81.974745][   T24] usb 1-1: Using ep0 maxpacket: 32
[   81.981296][   T24] usb 1-1: config 0 has an invalid interface number: 184 but max is 0
[   81.985985][   T24] usb 1-1: config 0 has no interface number 0
[   82.000355][   T24] usb 1-1: config 0 interface 184 has no altsetting 0
[   82.014774][   T24] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[   82.019096][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   82.022363][   T24] usb 1-1: Product: syz
[   82.024482][   T24] usb 1-1: Manufacturer: syz
[   82.028855][   T24] usb 1-1: SerialNumber: syz
[   82.129934][ T5948] syz.1.6: attempt to access beyond end of device
[   82.129934][ T5948] loop1: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[   82.139496][ T5948] syz.1.6: attempt to access beyond end of device
[   82.139496][ T5948] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[   82.149497][ T5948] syz.1.6: attempt to access beyond end of device
[   82.149497][ T5948] loop1: rw=2049, sector=45112, nr_sectors = 8 limit=40427
[   82.159552][ T5948] syz.1.6: attempt to access beyond end of device
[   82.159552][ T5948] loop1: rw=2049, sector=45120, nr_sectors = 8 limit=40427
[   82.170674][ T5948] syz.1.6: attempt to access beyond end of device
[   82.170674][ T5948] loop1: rw=2049, sector=45128, nr_sectors = 8 limit=40427
[   82.183621][ T5948] syz.1.6: attempt to access beyond end of device
[   82.183621][ T5948] loop1: rw=2049, sector=45136, nr_sectors = 16 limit=40427
[   82.194100][ T5948] syz.1.6: attempt to access beyond end of device
[   82.194100][ T5948] loop1: rw=2049, sector=45152, nr_sectors = 8 limit=40427
[   82.206287][ T5948] syz.1.6: attempt to access beyond end of device
[   82.206287][ T5948] loop1: rw=2049, sector=45160, nr_sectors = 8 limit=40427
[   82.215916][ T5948] syz.1.6: attempt to access beyond end of device
[   82.215916][ T5948] loop1: rw=2049, sector=45168, nr_sectors = 8 limit=40427
[   82.226528][ T5948] syz.1.6: attempt to access beyond end of device
[   82.226528][ T5948] loop1: rw=2049, sector=45176, nr_sectors = 8 limit=40427
[   82.389701][   T24] usb 1-1: config 0 descriptor??
[   82.438538][   T24] smsc75xx v1.0.0
[   82.476062][   T26] CPU: 0 UID: 0 PID: 26 Comm: kworker/u9:0 Not tainted syzkaller #0 PREEMPT(full) 
[   82.476086][   T26] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   82.476096][   T26] Workqueue: writeback wb_workfn (flush-7:1)
[   82.476123][   T26] Call Trace:
[   82.476130][   T26]  <TASK>
[   82.476139][   T26]  dump_stack_lvl+0x189/0x250
[   82.476173][   T26]  ? __pfx_dump_stack_lvl+0x10/0x10
[   82.476189][   T26]  ? __pfx_queue_work_on+0x10/0x10
[   82.476204][   T26]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   82.476226][   T26]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   82.476256][   T26]  f2fs_handle_critical_error+0x37c/0x540
[   82.476284][   T26]  f2fs_write_end_io+0x886/0xb60
[   82.476315][   T26]  __submit_merged_bio+0x27a/0x6a0
[   82.476342][   T26]  __submit_merged_write_cond+0x255/0x530
[   82.476368][   T26]  f2fs_write_data_pages+0x261d/0x3000
[   82.476412][   T26]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   82.476425][   T26]  ? __local_bh_enable_ip+0x12d/0x1c0
[   82.476451][   T26]  ? rcu_is_watching+0x15/0xb0
[   82.476491][   T26]  ? rcu_read_lock_sched_held+0x89/0x100
[   82.476508][   T26]  ? __pfx_rcu_read_lock_sched_held+0x10/0x10
[   82.476522][   T26]  ? rcu_is_watching+0x15/0xb0
[   82.476561][   T26]  ? __lock_acquire+0xab9/0xd20
[   82.476594][   T26]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   82.476609][   T26]  do_writepages+0x32e/0x550
[   82.476633][   T26]  ? reacquire_held_locks+0x127/0x1d0
[   82.476647][   T26]  ? writeback_sb_inodes+0x384/0x1010
[   82.476672][   T26]  __writeback_single_inode+0x145/0xff0
[   82.476690][   T26]  ? do_raw_spin_unlock+0x4d/0x240
[   82.476735][   T26]  writeback_sb_inodes+0x6c7/0x1010
[   82.476778][   T26]  ? __pfx_writeback_sb_inodes+0x10/0x10
[   82.476835][   T26]  ? rcu_is_watching+0x15/0xb0
[   82.476859][   T26]  wb_writeback+0x43b/0xaf0
[   82.476886][   T26]  ? queue_io+0x381/0x590
[   82.476907][   T26]  ? __pfx_wb_writeback+0x10/0x10
[   82.476934][   T26]  ? _raw_spin_unlock_irq+0x23/0x50
[   82.476959][   T26]  wb_workfn+0x409/0xef0
[   82.477019][   T26]  ? __pfx_wb_workfn+0x10/0x10
[   82.477035][   T26]  ? __lock_acquire+0xab9/0xd20
[   82.477064][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[   82.477081][   T26]  ? _raw_spin_unlock_irq+0x23/0x50
[   82.477100][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[   82.477113][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[   82.477129][   T26]  process_scheduled_works+0xae1/0x17b0
[   82.477169][   T26]  ? __pfx_process_scheduled_works+0x10/0x10
[   82.477199][   T26]  worker_thread+0x8a0/0xda0
[   82.477240][   T26]  kthread+0x711/0x8a0
[   82.477261][   T26]  ? __pfx_worker_thread+0x10/0x10
[   82.477276][   T26]  ? __pfx_kthread+0x10/0x10
[   82.477296][   T26]  ? _raw_spin_unlock_irq+0x23/0x50
[   82.477315][   T26]  ? lockdep_hardirqs_on+0x9c/0x150
[   82.477328][   T26]  ? __pfx_kthread+0x10/0x10
[   82.477347][   T26]  ret_from_fork+0x439/0x7d0
[   82.477366][   T26]  ? __pfx_ret_from_fork+0x10/0x10
[   82.477387][   T26]  ? __switch_to_asm+0x39/0x70
[   82.477403][   T26]  ? __switch_to_asm+0x33/0x70
[   82.477419][   T26]  ? __pfx_kthread+0x10/0x10
[   82.477437][   T26]  ret_from_fork_asm+0x1a/0x30
[   82.477472][   T26]  </TASK>
[   82.477481][   T26] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[   82.694505][ T5922] usb 3-1: new full-speed USB device number 2 using dummy_hcd
[   82.803312][   T55] Bluetooth: hci0: command tx timeout
[   82.847518][ T5922] usb 3-1: not running at top speed; connect to a high speed hub
[   82.855795][ T5922] usb 3-1: config 0 interface 0 has no altsetting 0
[   82.868579][ T5922] usb 3-1: New USB device found, idVendor=05ac, idProduct=0272, bcdDevice=2b.5c
[   82.873122][ T5922] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   82.878672][ T5922] usb 3-1: Product: syz
[   82.880618][ T5922] usb 3-1: Manufacturer: syz
[   82.882651][ T5922] usb 3-1: SerialNumber: syz
[   82.887581][   T55] Bluetooth: hci2: command tx timeout
[   82.887668][ T5237] Bluetooth: hci1: command tx timeout
[   82.900504][ T5922] usb 3-1: config 0 descriptor??
[   82.965824][ T5955] loop1: detected capacity change from 0 to 16
[   82.970806][ T5955] erofs (device loop1): negative i_size @ nid 36
[   83.134639][ T5922] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input4
[   83.145471][ T5282] bcm5974 3-1:0.0: could not read from device
[   83.151229][ T5282] bcm5974 3-1:0.0: could not read from device
[   83.160742][ T5282] bcm5974 3-1:0.0: could not read from device
[   83.165303][ T5282] bcm5974 3-1:0.0: could not read from device
[   83.171173][ T5922] usb 3-1: USB disconnect, device number 2
[   83.244249][ T5475] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   83.393103][ T5475] usb 2-1: Using ep0 maxpacket: 32
[   83.398467][ T5475] usb 2-1: config 0 has an invalid interface number: 133 but max is 0
[   83.401641][ T5475] usb 2-1: config 0 has an invalid descriptor of length 81, skipping remainder of the config
[   83.408539][ T5475] usb 2-1: config 0 has no interface number 0
[   83.411339][ T5475] usb 2-1: config 0 interface 133 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024
[   83.415367][ T5475] usb 2-1: config 0 interface 133 altsetting 0 has an endpoint descriptor with address 0x47, changing to 0x7
[   83.420121][ T5475] usb 2-1: config 0 interface 133 altsetting 0 endpoint 0x7 has an invalid bInterval 83, changing to 7
[   83.426487][ T5475] usb 2-1: config 0 interface 133 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   83.430466][   T24] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71
[   83.435365][ T5475] usb 2-1: New USB device found, idVendor=0424, idProduct=012c, bcdDevice=71.1e
[   83.438108][   T24] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[   83.445945][ T5475] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   83.446105][   T24] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[   83.449508][ T5475] usb 2-1: Product: syz
[   83.449529][ T5475] usb 2-1: Manufacturer: syz
[   83.449540][ T5475] usb 2-1: SerialNumber: syz
[   83.457772][ T5475] usb 2-1: config 0 descriptor??
[   83.458920][   T24] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[   83.462081][ T5955] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[   83.463237][   T24] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[   83.475560][   T24] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[   83.480447][   T24] smsc75xx 1-1:0.184: probe with driver smsc75xx failed with error -71
[   83.492490][   T24] usb 1-1: USB disconnect, device number 2
[   83.693241][ T5955] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   83.716534][ T5475] usb 2-1: probing VID:PID(0424:012C)   
[   83.732495][ T5475] usb 2-1: vub300 testing BULK OUT EndPoint(0) 0B
[   83.735516][ T5475] usb 2-1: vub300 testing UNKNOWN EndPoint(1) 07
[   83.738012][ T5475] usb 2-1: vub300 ignoring EndPoint(1) 07
[   83.753541][ T5475] usb 2-1: Could not find two sets of bulk-in/out endpoint pairs
[   83.762044][ T5475] vub300 2-1:0.133: probe with driver vub300 failed with error -22
[   83.777295][ T5475] usb 2-1: USB disconnect, device number 2
[   84.376591][ T5968] process 'syz.0.16' launched '/dev/fd/3' with NULL argv: empty string added
[   84.714678][ T5976] loop0: detected capacity change from 0 to 1024
[   84.718919][ T5976] EXT4-fs: Ignoring removed nobh option
[   84.721461][ T5976] EXT4-fs: Ignoring removed bh option
[   84.762810][ T5976] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a856c018, mo2=0102]
[   84.776832][ T5976] System zones: 1-12
[   84.817847][ T5982] usb usb8: usbfs: interface 0 claimed by hub while 'syz.2.21' sets config #0
[   84.827112][ T5976] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.935774][ T5237] Bluetooth: hci0: command tx timeout
[   84.950090][   T33] audit: type=1800 audit(1758543018.873:4): pid=5976 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.20" name="file1" dev="loop0" ino=15 res=0 errno=0
[   84.969527][ T5237] Bluetooth: hci2: command tx timeout
[   84.977255][   T55] Bluetooth: hci1: command tx timeout
[   84.990508][ T5985] loop2: detected capacity change from 0 to 4096
[   85.106383][ T5987] veth0_to_team: entered promiscuous mode
[   85.126275][ T5987] warning: `syz.1.22' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   85.275026][ T5863] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.417181][ T5985] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[   85.431164][ T5985] ntfs3(loop2): Failed to load $Extend (-22).
[   85.435967][ T5985] ntfs3(loop2): Failed to initialize $Extend.
[   85.452823][ T5985] ntfs3(loop2): ino=1b, "file0" ntfs_readdir
[   85.785377][ T6002] 9pnet_fd: Insufficient options for proto=fd
[   85.991569][ T6013] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0x3
[   86.137291][ T6022] loop1: detected capacity change from 0 to 16
[   86.147660][ T6022] erofs (device loop1): mounted with root inode @ nid 36.
[   86.178911][   T33] audit: type=1800 audit(1758543020.103:5): pid=6022 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.39" name="file2" dev="loop1" ino=89 res=0 errno=0
[   86.406700][ T5901] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   86.638974][ T5901] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   86.676743][ T5901] usb 3-1: New USB device found, idVendor=056e, idProduct=019b, bcdDevice= 0.00
[   86.720309][ T5901] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   86.740436][   T10] cfg80211: failed to load regulatory.db
[   86.793525][ T5901] usb 3-1: config 0 descriptor??
[   87.429053][ T5901] elecom 0003:056E:019B.0001: item fetching failed at offset 5/7
[   87.435421][ T5901] elecom 0003:056E:019B.0001: probe with driver elecom failed with error -22
[   87.619166][   T24] usb 3-1: USB disconnect, device number 3
[   87.646207][ T6044] loop0: detected capacity change from 0 to 256
[   87.679657][ T6044] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x46ae1815, utbl_chksum : 0xe619d30d)
[   87.694896][ T6044] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186)
[   87.870813][ T6051] loop0: detected capacity change from 0 to 4096
[   87.893143][ T6051] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512).
[   87.941954][ T6051] ntfs3(loop0): ino=1a, mi_enum_attr
[   87.945749][ T6051] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[   88.019306][ T6059] loop1: detected capacity change from 0 to 512
[   88.068617][ T6059] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.54: corrupted in-inode xattr: e_value size too large
[   88.086073][ T6059] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.54: couldn't read orphan inode 15 (err -117)
[   88.102529][ T6059] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.153108][ T5865] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.109471][ T6087] loop1: detected capacity change from 0 to 256
[   89.126851][ T6087] exfat: Deprecated parameter 'utf8'
[   89.145018][ T6087] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d)
[   89.317823][ T6095] loop1: detected capacity change from 0 to 1024
[   89.640782][ T6106] loop0: detected capacity change from 0 to 4096
[   89.653124][ T6106] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512).
[   89.726756][   T33] audit: type=1326 audit(1758543023.653:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6102 comm="syz.0.74" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f242f58ec29 code=0x0
[   89.918389][ T6105] loop1: detected capacity change from 0 to 40427
[   89.929509][ T6105] F2FS-fs (loop1): Image doesn't support compression
[   89.937209][ T6105] F2FS-fs (loop1): build fault injection rate: 690
[   89.940777][ T6105] F2FS-fs (loop1): build fault injection type: 0x35f7
[   89.960271][ T6105] F2FS-fs (loop1): invalid crc value
[   90.022146][ T6109] loop2: detected capacity change from 0 to 8
[   90.053770][ T6109] SQUASHFS error: xz decompression failed, data probably corrupt
[   90.056512][ T6109] SQUASHFS error: Failed to read block 0x108: -5
[   90.059071][ T6109] SQUASHFS error: Unable to read metadata cache entry [106]
[   90.071423][ T6109] SQUASHFS error: Unable to read inode 0x11f
[   90.078731][ T6105] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   90.092452][ T6105] F2FS-fs (loop1): Start checkpoint disabled!
[   90.103629][ T6105] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[   90.170577][ T6114] loop2: detected capacity change from 0 to 256
[   90.212018][ T6114] FAT-fs (loop2): Directory bread(block 64) failed
[   90.217054][ T6114] FAT-fs (loop2): Directory bread(block 65) failed
[   90.221828][ T6114] FAT-fs (loop2): Directory bread(block 66) failed
[   90.225746][ T6114] FAT-fs (loop2): Directory bread(block 67) failed
[   90.229412][ T6114] FAT-fs (loop2): Directory bread(block 68) failed
[   90.232374][ T6114] FAT-fs (loop2): Directory bread(block 69) failed
[   90.236391][ T6114] FAT-fs (loop2): Directory bread(block 70) failed
[   90.239414][ T6114] FAT-fs (loop2): Directory bread(block 71) failed
[   90.243358][ T6114] FAT-fs (loop2): Directory bread(block 72) failed
[   90.246469][ T6114] FAT-fs (loop2): Directory bread(block 73) failed
[   90.636306][ T6127] loop1: detected capacity change from 0 to 256
[   90.651328][ T6127] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x19066d23, utbl_chksum : 0xe619d30d)
[   90.796297][ T6134] syz.2.85 uses obsolete (PF_INET,SOCK_PACKET)
[   90.820661][ T5901] usb 1-1: new full-speed USB device number 3 using dummy_hcd
[   91.005541][ T5901] usb 1-1: config index 0 descriptor too short (expected 156, got 27)
[   91.016465][ T5901] usb 1-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[   91.033401][ T5901] usb 1-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10
[   91.046390][ T5901] usb 1-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64
[   91.061040][ T5901] usb 1-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[   91.096651][ T5901] usb 1-1: config 0 interface 0 has no altsetting 0
[   91.139668][ T5901] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[   91.153854][ T5901] usb 1-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[   91.157524][ T5901] usb 1-1: Product: syz
[   91.159408][ T5901] usb 1-1: Manufacturer: syz
[   91.161590][ T5901] usb 1-1: SerialNumber: syz
[   91.228139][ T5901] usb 1-1: config 0 descriptor??
[   91.239358][ T6121] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   91.267257][ T5901] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[   91.310557][ T5901] ldusb 1-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[   91.518655][   T10] usb 1-1: USB disconnect, device number 3
[   91.565699][   T10] ldusb 1-1:0.0: LD USB Device #0 now disconnected
[   93.009632][ T6171] loop1: detected capacity change from 0 to 2048
[   93.042421][ T6172] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   93.072346][ T6171] NILFS error (device loop1): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0
[   93.093048][ T6171] Remounting filesystem read-only
[   93.181620][ T6175] loop2: detected capacity change from 0 to 512
[   93.188629][ T6175] EXT4-fs: inline encryption not supported
[   93.191567][ T6175] EXT4-fs: Ignoring removed i_version option
[   93.195770][ T6175] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   93.211415][ T6175] EXT4-fs (loop2): can't mount with both data=journal and delalloc
[   93.473629][ T6188] loop0: detected capacity change from 0 to 4096
[   93.549270][ T6189] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   93.581608][ T6188] NILFS error (device loop0): nilfs_check_folio: bad entry in directory #2: disallowed inode number - offset=0, inode=3, rec_len=16, name_len=1
[   93.611554][ T6188] Remounting filesystem read-only
[   94.692245][ T6207] libceph: resolve '4.4' (ret=-3): failed
[   94.737881][ T6210] loop1: detected capacity change from 0 to 1024
[   94.745422][ T6210] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   94.750282][ T6210] EXT4-fs (loop1): group descriptors corrupted!
[   94.969034][ T6216] Bluetooth: MGMT ver 1.23
[   95.042813][ T6218] loop1: detected capacity change from 0 to 512
[   95.077164][ T6218] EXT4-fs error (device loop1): __ext4_fill_super:5504: inode #2: comm syz.1.123: casefold flag without casefold feature
[   95.101319][ T6218] EXT4-fs (loop1): get root inode failed
[   95.110037][ T6218] EXT4-fs (loop1): mount failed
[   95.248800][ T6227] iommufd_mock iommufd_mock0: Adding to iommu group 0
[   95.499485][ T6236] loop0: detected capacity change from 0 to 4096
[   95.536906][ T6236] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[   95.543928][ T6236] ntfs3(loop0): Failed to initialize $Extend/$ObjId.
[   95.671192][ T6243] loop0: detected capacity change from 0 to 2048
[   95.699873][ T6244] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   95.732022][ T6243] NILFS error (device loop0): nilfs_check_folio: bad entry in directory #12: rec_len is smaller than minimal - offset=1024, inode=0, rec_len=0, name_len=0
[   95.757712][ T6243] Remounting filesystem read-only
[   95.967678][ T6239] loop1: detected capacity change from 0 to 32768
[   95.980329][ T6241] loop2: detected capacity change from 0 to 32768
[   95.999425][ T6239] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   96.024424][ T6241] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.134 (6241)
[   96.065706][ T6239] XFS (loop1): Ending clean mount
[   96.116203][ T6239] XFS (loop1): Quotacheck needed: Please wait.
[   96.128597][ T6241] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[   96.153685][ T6241] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[   96.216246][ T6239] XFS (loop1): Quotacheck: Done.
[   96.272065][ T6241] BTRFS info (device loop2): enabling ssd optimizations
[   96.276091][ T6241] BTRFS info (device loop2): enabling free space tree
[   96.277350][ T5865] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   96.389378][ T6278] loop0: detected capacity change from 0 to 4096
[   96.424209][ T6278] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[   96.502319][ T6278] ntfs3(loop0): ino=19, mi_enum_attr
[   96.513371][ T6278] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[   96.538492][ T6278] ntfs3(loop0): failed to convert "c46c" to cp869
[   96.557199][ T6278] ntfs3(loop0): ino=20, mi_enum_attr
[   96.864090][ T5858] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[   96.939187][ T6289] loop0: detected capacity change from 0 to 4096
[   97.006386][ T6291] block nbd1: Attempted send on invalid socket
[   97.018721][ T6291] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   98.124788][ T6319] program syz.0.151 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   98.216346][ T6322] loop2: detected capacity change from 0 to 128
[   98.227728][ T6322] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   98.239020][ T6322] ext4 filesystem being mounted at /46/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   98.314487][ T5858] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   98.437383][   T24] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   98.593279][   T24] usb 1-1: Using ep0 maxpacket: 8
[   98.601298][   T24] usb 1-1: config 0 has an invalid interface number: 56 but max is 0
[   98.604875][   T24] usb 1-1: config 0 has no interface number 0
[   98.610750][   T24] usb 1-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=c7.76
[   98.623639][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   98.627182][   T24] usb 1-1: Product: syz
[   98.629081][   T24] usb 1-1: Manufacturer: syz
[   98.631099][   T24] usb 1-1: SerialNumber: syz
[   98.637214][   T24] usb 1-1: config 0 descriptor??
[   98.663095][   T10] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   99.133244][   T10] usb 3-1: Using ep0 maxpacket: 16
[   99.195613][   T10] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   99.209244][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   99.226898][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[   99.232205][   T10] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[   99.243383][   T10] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   99.254556][   T24] peak_usb 1-1:0.56: PEAK-System PCAN-USB X6 v0 fw v0.0.0 (2 channels)
[   99.260997][   T10] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[   99.264571][   T10] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[   99.267603][   T10] usb 3-1: Manufacturer: syz
[   99.272153][   T10] usb 3-1: config 0 descriptor??
[   99.423157][   T24] peak_usb 1-1:0.56 can0: sending command failure: -22
[   99.426118][   T24] peak_usb 1-1:0.56 can0: sending command failure: -22
[   99.429140][   T24] peak_usb 1-1:0.56 can0: sending command failure: -22
[   99.477602][   T24] peak_usb 1-1:0.56: probe with driver peak_usb failed with error -22
[   99.534046][   T10] rc_core: IR keymap rc-hauppauge not found
[   99.536724][   T10] Registered IR keymap rc-empty
[   99.538824][   T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   99.555677][   T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   99.578075][   T10] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[   99.590684][   T10] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input5
[   99.602108][ T6346] loop1: detected capacity change from 0 to 16
[   99.615513][   T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   99.619560][ T6346] erofs (device loop1): mounted with root inode @ nid 36.
[   99.633701][   T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   99.642719][ T2205] usb 1-1: USB disconnect, device number 4
[   99.655740][   T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   99.673970][   T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   99.693048][   T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   99.713122][   T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   99.733272][   T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   99.753059][   T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   99.778107][   T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   99.793118][   T10] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   99.817433][   T10] mceusb 3-1:0.0: Registered 424242424242 with mce emulator interface version 1
[   99.821470][   T10] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[   99.956488][ T2205] usb 3-1: USB disconnect, device number 4
[  100.003059][   T24] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  100.155587][   T24] usb 2-1: Using ep0 maxpacket: 16
[  100.160356][   T24] usb 2-1: config 0 has an invalid interface number: 64 but max is 0
[  100.169114][   T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  100.173973][   T24] usb 2-1: config 0 has no interface number 0
[  100.176784][   T24] usb 2-1: New USB device found, idVendor=0bd3, idProduct=05f4, bcdDevice= 0.5b
[  100.180676][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.187354][   T24] usb 2-1: config 0 descriptor??
[  100.196764][   T24] uvcvideo 2-1:0.64: probe with driver uvcvideo failed with error -22
[  100.249256][ T6351] vim2m vim2m.0: Fourcc format (0x47425247) invalid.
[  100.403422][   T24] usb 2-1: USB disconnect, device number 3
[  100.478139][ T6359] loop0: detected capacity change from 0 to 2048
[  100.526680][ T6359] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.947886][ T2205] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  101.133281][ T2205] usb 3-1: Using ep0 maxpacket: 8
[  101.141983][ T2205] usb 3-1: config 150 has an invalid interface number: 204 but max is 0
[  101.151013][ T2205] usb 3-1: config 150 has no interface number 0
[  101.155336][ T2205] usb 3-1: config 150 interface 204 has no altsetting 0
[  101.164766][ T2205] usb 3-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb
[  101.173662][ T2205] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  101.180503][ T2205] usb 3-1: Product: syz
[  101.182660][ T2205] usb 3-1: Manufacturer: syz
[  101.187572][ T2205] usb 3-1: SerialNumber: syz
[  101.394652][ T5863] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.625354][ T5922] usb 3-1: USB disconnect, device number 5
[  101.753095][ T2205] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  101.902996][ T2205] usb 1-1: Using ep0 maxpacket: 8
[  101.909088][ T2205] usb 1-1: config 0 has too many interfaces: 65, using maximum allowed: 32
[  101.913256][ T2205] usb 1-1: config 0 has an invalid interface number: 150 but max is 64
[  101.916977][ T2205] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  101.921257][ T2205] usb 1-1: config 0 has 2 interfaces, different from the descriptor's value: 65
[  101.925874][ T2205] usb 1-1: config 0 has no interface number 0
[  101.928788][ T2205] usb 1-1: config 0 interface 150 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  101.934425][ T2205] usb 1-1: config 0 interface 150 has no altsetting 0
[  101.937153][ T2205] usb 1-1: New USB device found, idVendor=1395, idProduct=0300, bcdDevice=81.75
[  101.941018][ T2205] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  101.947343][ T2205] usb 1-1: config 0 descriptor??
[  102.072619][ T6373] loop1: detected capacity change from 0 to 1024
[  102.080457][ T6373] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  102.096208][ T6373] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  102.104893][ T6373] EXT4-fs error (device loop1): ext4_get_journal_inode:5800: inode #5: comm syz.1.172: unexpected bad inode w/o EXT4_IGET_BAD
[  102.112561][ T6373] EXT4-fs (loop1): Remounting filesystem read-only
[  102.116521][ T6373] EXT4-fs (loop1): no journal found
[  102.119123][ T6373] EXT4-fs (loop1): can't get journal size
[  102.125985][ T6373] EXT4-fs (loop1): failed to initialize system zone (-117)
[  102.132735][ T6373] EXT4-fs (loop1): mount failed
[  102.281706][ T2205] usb 1-1: USB disconnect, device number 5
[  102.646586][ T6380] loop1: detected capacity change from 0 to 32768
[  102.693335][   T10] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  102.844065][   T10] usb 3-1: Using ep0 maxpacket: 8
[  102.851365][   T10] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  102.859214][   T10] usb 3-1: config 0 has no interface number 0
[  102.874994][   T10] usb 3-1: New USB device found, idVendor=10c4, idProduct=eac1, bcdDevice=70.1d
[  102.878592][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  102.881785][   T10] usb 3-1: Product: syz
[  102.884389][   T10] usb 3-1: Manufacturer: syz
[  102.886495][   T10] usb 3-1: SerialNumber: syz
[  102.892091][   T10] usb 3-1: config 0 descriptor??
[  102.902087][   T10] usb 3-1: selecting invalid altsetting 2
[  102.905226][   T10] i2c-cp2615 3-1:0.1: probe with driver i2c-cp2615 failed with error -22
[  103.117414][   T10] usb 3-1: USB disconnect, device number 6
[  103.184633][ T6388] loop0: detected capacity change from 0 to 32768
[  103.209642][ T6388] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  103.231728][ T6388] XFS (loop0): Ending clean mount
[  103.241030][ T6388] XFS (loop0): Quotacheck needed: Please wait.
[  103.279151][ T6388] XFS (loop0): Quotacheck: Done.
[  103.328124][ T5863] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  103.400429][ T5475] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  103.563087][ T5475] usb 2-1: Using ep0 maxpacket: 32
[  103.570346][ T5475] usb 2-1: config index 0 descriptor too short (expected 35577, got 27)
[  103.575186][ T5475] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  103.579308][ T5475] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92
[  103.579747][ T6400] loop0: detected capacity change from 0 to 4096
[  103.584548][ T5475] usb 2-1: config 1 has no interface number 0
[  103.589541][ T5475] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  103.594064][ T5475] usb 2-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  103.599379][ T5475] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  103.605339][ T5475] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  103.618335][ T5475] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found
[  103.678934][ T6400] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  103.712043][ T6400] ntfs3(loop0): ino=9, ntfs_sync_fs failed, -22.
[  103.747707][ T5863] ntfs3(loop0): ino=9, ntfs_sync_fs failed, -22.
[  103.963472][ T5922] usb 3-1: new low-speed USB device number 7 using dummy_hcd
[  103.969393][ T6408] loop0: detected capacity change from 0 to 1024
[  104.025311][ T5475] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now attached
[  104.136890][ T5922] usb 3-1: config 32 has 1 interface, different from the descriptor's value: 2
[  104.140576][ T5922] usb 3-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 10
[  104.149978][ T5922] usb 3-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 255, setting to 8
[  104.159925][ T5922] usb 3-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[  104.165621][ T5922] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.175169][ T6402] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  104.239327][ T5475] usb 2-1: USB disconnect, device number 4
[  104.244547][ T5475] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected
[  104.391034][ T5922] usb 3-1: string descriptor 0 read error: -71
[  104.476423][ T6423] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.189'.
[  104.480811][ T6423] netlink: zone id is out of range
[  104.483703][ T6423] netlink: zone id is out of range
[  104.486030][ T6423] netlink: get zone limit has 8 unknown bytes
[  104.569694][ T5922] usb 3-1: USB disconnect, device number 7
[  105.050620][ T6427] program syz.1.191 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  106.099475][ T6439] loop0: detected capacity change from 0 to 4096
[  106.113171][ T6439] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512).
[  106.173249][ T5237] Bluetooth: to_multiplier 8192 > 3200
[  106.667088][ T6458] loop2: detected capacity change from 0 to 256
[  106.978252][ T6458] FAT-fs (loop2): Directory bread(block 64) failed
[  107.002419][ T6458] FAT-fs (loop2): Directory bread(block 65) failed
[  107.079579][ T6458] FAT-fs (loop2): Directory bread(block 66) failed
[  107.090062][ T6458] FAT-fs (loop2): Directory bread(block 67) failed
[  107.097864][ T6458] FAT-fs (loop2): Directory bread(block 68) failed
[  107.104429][ T6458] FAT-fs (loop2): Directory bread(block 69) failed
[  107.107307][ T6458] FAT-fs (loop2): Directory bread(block 70) failed
[  107.122941][ T6458] FAT-fs (loop2): Directory bread(block 71) failed
[  107.129809][ T6458] FAT-fs (loop2): Directory bread(block 72) failed
[  107.132185][ T6458] FAT-fs (loop2): Directory bread(block 73) failed
[  107.427697][ T6471] loop0: detected capacity change from 0 to 256
[  107.478181][ T6471] FAT-fs (loop0): Directory bread(block 64) failed
[  107.488305][ T6471] FAT-fs (loop0): Directory bread(block 65) failed
[  107.491243][ T6471] FAT-fs (loop0): Directory bread(block 66) failed
[  107.515676][ T6471] FAT-fs (loop0): Directory bread(block 67) failed
[  107.518493][ T6471] FAT-fs (loop0): Directory bread(block 68) failed
[  107.537307][ T6471] FAT-fs (loop0): Directory bread(block 69) failed
[  107.540361][ T6471] FAT-fs (loop0): Directory bread(block 70) failed
[  107.563029][ T6471] FAT-fs (loop0): Directory bread(block 71) failed
[  107.566435][ T6471] FAT-fs (loop0): Directory bread(block 72) failed
[  107.576133][ T6471] FAT-fs (loop0): Directory bread(block 73) failed
[  108.245111][ T5237] Bluetooth: hci0: command tx timeout
[  108.341832][ T6488] loop1: detected capacity change from 0 to 256
[  108.400885][ T6488] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0x2f9e4978, utbl_chksum : 0xe619d30d)
[  108.673920][ T6499] NILFS (loop0): device size too small
[  108.752791][ T6502] loop2: detected capacity change from 0 to 128
[  108.787461][ T6502] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  108.810174][ T6502] ext4 filesystem being mounted at /59/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  108.903475][ T5901] usb 2-1: new full-speed USB device number 5 using dummy_hcd
[  108.941573][ T5858] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  109.076772][ T5901] usb 2-1: config index 0 descriptor too short (expected 69, got 36)
[  109.082162][ T5901] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  109.105353][ T5901] usb 2-1: New USB device found, idVendor=093a, idProduct=2622, bcdDevice=b7.89
[  109.109530][ T5901] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  109.117618][ T5901] usb 2-1: Product: syz
[  109.121529][ T5901] usb 2-1: Manufacturer: syz
[  109.124880][ T5901] usb 2-1: SerialNumber: syz
[  109.131132][ T5901] usb 2-1: config 0 descriptor??
[  109.149519][ T5901] gspca_main: gspca_pac7302-2.14.0 probing 093a:2622
[  109.188014][ T6519] loop0: detected capacity change from 0 to 128
[  109.226653][ T6519] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  109.232622][ T6521] loop2: detected capacity change from 0 to 256
[  109.234723][ T6519] hpfs: filesystem error: improperly stopped
[  109.249889][ T6519] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  109.252480][ T6519] hpfs: You really don't want any checks? You are crazy...
[  109.256783][ T6519] hpfs: hpfs_map_sector(): read error
[  109.259092][ T6519] hpfs: code page support is disabled
[  109.262494][ T6519] hpfs: hpfs_map_4sectors(): unaligned read
[  109.268340][ T6519] hpfs: hpfs_map_4sectors(): unaligned read
[  109.270836][ T6519] hpfs: filesystem error: unable to find root dir
[  109.276084][ T6521] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x18a9357c, utbl_chksum : 0xe619d30d)
[  109.347143][ T5901] gspca_pac7302: reg_w() failed i: ff v: 01 error -71
[  109.349579][ T5901] gspca_pac7302 2-1:0.0: probe with driver gspca_pac7302 failed with error -71
[  109.397315][ T5901] usb 2-1: USB disconnect, device number 5
[  109.758709][ T6541] loop2: detected capacity change from 0 to 512
[  109.805645][ T6541] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.811477][ T6541] ext4 filesystem being mounted at /67/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  109.827308][ T6541] fscrypt (loop2, inode 15): Error -61 getting encryption context
[  109.861559][ T5858] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.939730][ T6547] netlink: 8 bytes leftover after parsing attributes in process `syz.1.233'.
[  110.060833][ T6554] loop1: detected capacity change from 0 to 512
[  110.082523][ T6554] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.092505][ T6554] ext4 filesystem being mounted at /80/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  110.177341][ T5865] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.330319][ T6565] netlink: 28 bytes leftover after parsing attributes in process `syz.2.239'.
[  110.965731][ T2205] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  111.019575][ T6593] loop0: detected capacity change from 0 to 2048
[  111.037110][ T6593] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  111.137043][ T2205] usb 3-1: config 2 has an invalid interface number: 243 but max is 0
[  111.140444][ T2205] usb 3-1: config 2 has no interface number 0
[  111.143504][ T2205] usb 3-1: config 2 interface 243 has no altsetting 0
[  111.156563][ T2205] usb 3-1: New USB device found, idVendor=0547, idProduct=7303, bcdDevice=b9.ff
[  111.160482][ T2205] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  111.178208][ T2205] usb 3-1: Product: syz
[  111.180068][ T2205] usb 3-1: Manufacturer: syz
[  111.181898][ T2205] usb 3-1: SerialNumber: syz
[  111.297383][ T6601] loop1: detected capacity change from 0 to 256
[  111.308877][ T6601] exfat: Deprecated parameter 'utf8'
[  111.311833][ T6601] exfat: Deprecated parameter 'namecase'
[  111.317003][ T6601] exfat: Deprecated parameter 'namecase'
[  111.318821][ T6601] exfat: Deprecated parameter 'utf8'
[  111.329164][ T6601] exFAT-fs (loop1): failed to load upcase table (idx : 0x00012153, chksum : 0x5270ca8d, utbl_chksum : 0xe619d30d)
[  111.412390][ T2205] gspca_main: dtcs033-2.14.0 probing 0547:7303
[  111.449867][ T2205] usb 3-1: USB disconnect, device number 8
[  111.484153][   T10] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[  111.636479][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  111.641006][   T10] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  111.651417][   T10] usb 1-1: New USB device found, idVendor=0b05, idProduct=18c6, bcdDevice= 0.00
[  111.662283][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  111.680244][   T10] usb 1-1: config 0 descriptor??
[  111.686915][ T6599] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  112.026997][ T6611] loop2: detected capacity change from 0 to 4096
[  112.100915][   T10] hid (null): report_id 57294 is invalid
[  112.111571][   T10] asus 0003:0B05:18C6.0002: collection stack underflow
[  112.121819][   T10] asus 0003:0B05:18C6.0002: item 0 1 0 12 parsing failed
[  112.127801][   T10] asus 0003:0B05:18C6.0002: Asus hid parse failed: -22
[  112.130855][   T10] asus 0003:0B05:18C6.0002: probe with driver asus failed with error -22
[  112.315796][ T2205] usb 1-1: USB disconnect, device number 6
[  112.366736][ T6620] loop2: detected capacity change from 0 to 128
[  112.783053][ T2205] usb 3-1: new full-speed USB device number 9 using dummy_hcd
[  112.841894][ T6628] loop1: detected capacity change from 0 to 32768
[  112.847431][ T6628] BTRFS: device label  devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.268 (6628)
[  112.903349][ T6628] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  112.907574][ T6628] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  112.911279][ T6628] BTRFS error (device loop1): superblock checksum mismatch
[  112.920289][ T6628] BTRFS error (device loop1): open_ctree failed: -22
[  112.937849][ T6632] loop0: detected capacity change from 0 to 8
[  112.960440][ T6632] SQUASHFS error: xz decompression failed, data probably corrupt
[  112.963457][ T2205] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  112.968361][ T2205] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  112.969283][ T6632] SQUASHFS error: Failed to read block 0x108: -5
[  112.984095][ T2205] usb 3-1: New USB device found, idVendor=596a, idProduct=00f8, bcdDevice= 0.00
[  112.988153][ T2205] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.995761][ T6632] SQUASHFS error: Unable to read metadata cache entry [106]
[  112.998964][ T6632] SQUASHFS error: Unable to read inode 0x11f
[  113.018208][ T2205] usb 3-1: config 0 descriptor??
[  113.380265][ T6644] loop1: detected capacity change from 0 to 16
[  113.389222][ T6644] erofs (device loop1): mounted with root inode @ nid 36.
[  113.482038][ T2205] hid-generic 0003:596A:00F8.0003: hidraw0: USB HID vff.fa Device [HID 596a:00f8] on usb-dummy_hcd.2-1/input0
[  113.523453][   T46] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  113.665437][ T2205] usb 3-1: USB disconnect, device number 9
[  113.676747][   T46] usb 1-1: config 0 interface 0 altsetting 64 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  113.681456][   T46] usb 1-1: config 0 interface 0 altsetting 64 endpoint 0x81 has invalid wMaxPacketSize 0
[  113.692687][   T46] usb 1-1: config 0 interface 0 has no altsetting 0
[  113.699693][   T46] usb 1-1: New USB device found, idVendor=28bd, idProduct=0905, bcdDevice= 0.00
[  113.705728][   T46] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.718883][   T46] usb 1-1: config 0 descriptor??
[  113.833123][ T5922] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[  113.987911][ T5922] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  113.993101][ T5922] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  113.997457][ T5922] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2dbe, bcdDevice= 0.00
[  114.001233][ T5922] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.008672][ T5922] usb 2-1: config 0 descriptor??
[  114.147144][   T46] input: HID 28bd:0905 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:28BD:0905.0004/input/input6
[  114.217430][ T6652] loop2: detected capacity change from 0 to 256
[  114.239492][ T6652] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf4000b14, utbl_chksum : 0xe619d30d)
[  114.244130][   T46] uclogic 0003:28BD:0905.0004: input,hidraw0: USB HID v0.02 Mouse [HID 28bd:0905] on usb-dummy_hcd.0-1/input0
[  114.336639][   T46] usb 1-1: USB disconnect, device number 7
[  114.453124][ T5922] konepure 0003:1E7D:2DBE.0005: hidraw1: USB HID v0.00 Device [HID 1e7d:2dbe] on usb-dummy_hcd.1-1/input0
[  114.613357][   T10] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  114.638866][ T5922] usb 2-1: USB disconnect, device number 6
[  114.768770][   T10] usb 3-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.17
[  114.773596][   T10] usb 3-1: New USB device strings: Mfr=129, Product=2, SerialNumber=3
[  114.776938][   T10] usb 3-1: Product: syz
[  114.778605][   T10] usb 3-1: Manufacturer: syz
[  114.780637][   T10] usb 3-1: SerialNumber: syz
[  114.793537][   T10] usb 3-1: config 0 descriptor??
[  114.799692][   T10] ch341 3-1:0.0: ch341-uart converter detected
[  114.998401][ T6658] loop0: detected capacity change from 0 to 16
[  115.014335][ T6658] erofs (device loop0): mounted with root inode @ nid 36.
[  115.028096][ T6658] erofs (device loop0): invalid de[0].nameoff 0 @ nid 36
[  115.212637][   T10] usb 3-1: failed to send control message: -71
[  115.222749][   T10] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[  115.231506][   T10] usb 3-1: USB disconnect, device number 10
[  115.239638][   T10] ch341 3-1:0.0: device disconnected
[  115.453008][ T5922] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  115.607023][ T5922] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  115.611422][ T5922] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  115.616384][ T5922] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.622410][ T5922] usb 2-1: config 0 descriptor??
[  115.629402][ T5922] pwc: Askey VC010 type 2 USB webcam detected.
[  115.754489][ T6665] loop2: detected capacity change from 0 to 1024
[  115.793974][  T155] hfsplus: b-tree write err: -5, ino 4
[  115.814239][ T6667] program syz.2.286 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  115.932793][ T6669] loop2: detected capacity change from 0 to 4096
[  115.979619][ T6669] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  115.990246][ T6669] ntfs3(loop2): Failed to initialize $Extend/$ObjId.
[  116.052109][ T5922] pwc: recv_control_msg error -32 req 02 val 2b00
[  116.065866][ T5922] pwc: recv_control_msg error -32 req 02 val 2700
[  116.070359][ T5922] pwc: recv_control_msg error -32 req 02 val 2c00
[  116.288925][ T5922] pwc: recv_control_msg error -71 req 04 val 1300
[  116.298737][ T5922] pwc: recv_control_msg error -71 req 04 val 1400
[  116.304193][ T5922] pwc: recv_control_msg error -71 req 02 val 2000
[  116.312653][ T5922] pwc: recv_control_msg error -71 req 02 val 2100
[  116.321517][ T5922] pwc: recv_control_msg error -71 req 04 val 1500
[  116.326249][ T5922] pwc: recv_control_msg error -71 req 02 val 2500
[  116.330722][ T5922] pwc: recv_control_msg error -71 req 02 val 2400
[  116.337223][ T5922] pwc: recv_control_msg error -71 req 02 val 2600
[  116.340840][ T5922] pwc: recv_control_msg error -71 req 02 val 2900
[  116.345519][ T5922] pwc: recv_control_msg error -71 req 02 val 2800
[  116.348715][ T5922] pwc: recv_control_msg error -71 req 04 val 1100
[  116.352017][ T5922] pwc: recv_control_msg error -71 req 04 val 1200
[  116.360192][ T5922] pwc: Registered as video103.
[  116.374013][ T5922] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input7
[  116.395397][ T5922] usb 2-1: USB disconnect, device number 7
[  116.804513][  T793] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  116.905724][ T6698] loop1: detected capacity change from 0 to 512
[  116.916314][ T6698] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  116.948668][ T6698] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.300: bg 0: block 104: invalid block bitmap
[  116.956253][  T793] usb 1-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  116.959316][ T6698] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  116.959716][  T793] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.966277][ T6698] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.300: invalid indirect mapped block 1 (level 1)
[  116.975112][  T793] usb 1-1: config 0 descriptor??
[  116.982261][ T6698] EXT4-fs (loop1): 1 truncate cleaned up
[  116.992003][ T6698] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  117.035900][   T33] audit: type=1800 audit(1758543050.963:7): pid=6698 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.300" name="file1" dev="loop1" ino=18 res=0 errno=0
[  117.086021][ T5865] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.448969][ T6704] loop2: detected capacity change from 0 to 1024
[  117.506101][ T6704] hfsplus: invalid extended attribute record
[  117.541383][   T27] hfsplus: b-tree write err: -5, ino 8
[  118.161534][ T6711] (unnamed net_device) (uninitialized): option arp_interval: invalid value (18446744073072017407)
[  118.166595][ T6711] (unnamed net_device) (uninitialized): option arp_interval: allowed values 0 - 2147483647
[  118.347596][ T6719] lo: entered allmulticast mode
[  118.380095][ T6718] lo: left allmulticast mode
[  118.713077][ T5922] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  118.791663][ T6730] loop2: detected capacity change from 0 to 128
[  118.801304][ T6730] FAT-fs (loop2): Directory bread(block 414) failed
[  118.811693][ T6730] FAT-fs (loop2): Directory bread(block 415) failed
[  118.816832][ T6730] FAT-fs (loop2): Directory bread(block 416) failed
[  118.824525][ T6730] FAT-fs (loop2): Directory bread(block 417) failed
[  118.827300][ T6730] FAT-fs (loop2): Directory bread(block 418) failed
[  118.830065][ T6730] FAT-fs (loop2): Directory bread(block 419) failed
[  118.836647][ T6730] FAT-fs (loop2): Directory bread(block 420) failed
[  118.839599][ T6730] FAT-fs (loop2): Directory bread(block 421) failed
[  118.864124][ T5922] usb 2-1: Using ep0 maxpacket: 16
[  118.869974][ T5922] usb 2-1: unable to get BOS descriptor or descriptor too short
[  118.878447][ T5922] usb 2-1: config 229 has an invalid interface number: 152 but max is 1
[  118.882191][ T5922] usb 2-1: config 229 has an invalid interface number: 12 but max is 1
[  118.887762][ T5922] usb 2-1: config 229 has no interface number 0
[  118.890579][ T5922] usb 2-1: config 229 has no interface number 1
[  118.893613][ T5922] usb 2-1: config 229 interface 152 has no altsetting 0
[  118.896899][ T5922] usb 2-1: config 229 interface 12 has no altsetting 0
[  118.905386][ T5922] usb 2-1: New USB device found, idVendor=413c, idProduct=81a3, bcdDevice=25.ca
[  118.915022][ T5922] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.919645][ T5922] usb 2-1: Product: syz
[  118.927440][ T5922] usb 2-1: Manufacturer: syz
[  118.934267][ T5922] usb 2-1: SerialNumber: syz
[  119.210908][ T5922] usb 2-1: USB disconnect, device number 8
[  119.257601][  T793] usb 1-1: Cannot set autoneg
[  119.259948][  T793] MOSCHIP usb-ethernet driver 1-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  119.271192][  T793] usb 1-1: USB disconnect, device number 8
[  119.547605][ T6753] netlink: 4 bytes leftover after parsing attributes in process `syz.2.321'.
[  119.591616][ T6755] loop2: detected capacity change from 0 to 16
[  119.599910][ T6755] erofs (device loop2): mounted with root inode @ nid 36.
[  119.973085][  T793] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  120.268173][ T6763] loop0: detected capacity change from 0 to 32768
[  120.360003][ T6763] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  120.404976][ T6763] XFS (loop0): Ending clean mount
[  120.411923][  T793] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  120.420380][  T793] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  120.426415][  T793] usb 3-1: New USB device found, idVendor=0461, idProduct=4e72, bcdDevice= 0.00
[  120.430237][  T793] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  120.440783][  T793] usb 3-1: config 0 descriptor??
[  120.508593][ T5863] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  120.893043][  T793] hid-rmi 0003:0461:4E72.0006: hidraw0: USB HID v0.00 Device [HID 0461:4e72] on usb-dummy_hcd.2-1/input0
[  121.075513][ T5901] usb 3-1: USB disconnect, device number 11
[  121.128152][ T6773] loop1: detected capacity change from 0 to 32768
[  121.162175][ T6773] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[  121.194251][ T6773] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  121.201866][   T12] (kworker/u8:0,12,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=312, inode=13845347915746889, rec_len=25793, name_len=214
[  121.247998][ T5865] ocfs2: Unmounting device (7,1) on (node local)
[  121.333199][  T793] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  121.503153][  T793] usb 1-1: Using ep0 maxpacket: 8
[  121.513332][  T793] usb 1-1: New USB device found, idVendor=0545, idProduct=800c, bcdDevice= 3.0a
[  121.517229][  T793] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  121.523847][  T793] usb 1-1: Product: syz
[  121.526307][  T793] usb 1-1: Manufacturer: syz
[  121.528463][  T793] usb 1-1: SerialNumber: syz
[  121.534461][  T793] usb 1-1: config 0 descriptor??
[  121.545532][ T6789] loop1: detected capacity change from 0 to 1764
[  121.546731][  T793] gspca_main: xirlink-cit-2.14.0 probing 0545:800c
[  121.559796][  T793] input: xirlink-cit as /devices/platform/dummy_hcd.0/usb1/1-1/input/input8
[  121.662821][ T6793] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  121.680281][ T6791] loop1: detected capacity change from 0 to 1024
[  121.723726][ T6791] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.747745][  T793] usb 1-1: USB disconnect, device number 9
[  121.781329][   T33] audit: type=1800 audit(1758543055.703:8): pid=6791 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.334" name="file1" dev="loop1" ino=15 res=0 errno=0
[  121.827576][ T5865] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.973407][ T6803] binder: 6802:6803 ioctl c0306201 2000000001c0 returned -14
[  122.058907][ T6807] loop1: detected capacity change from 0 to 512
[  122.088265][ T6807] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  122.098680][ T6807] ext4 filesystem being mounted at /114/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  122.149655][ T6807] EXT4-fs: Cannot change journaled quota options when quota turned on
[  122.227104][ T5865] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.500904][ T6824] loop0: detected capacity change from 0 to 764
[  123.128490][ T6838] loop0: detected capacity change from 0 to 4096
[  123.128557][ T6817] loop1: detected capacity change from 0 to 32768
[  123.132062][ T6838] ntfs3: Unknown parameter 'nohide_dot_files'
[  123.156036][ T6817] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.343 (6817)
[  123.174625][ T5922] IPVS: starting estimator thread 0...
[  123.243561][ T6817] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  123.247804][ T6817] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  123.258050][ T6841] loop2: detected capacity change from 0 to 2048
[  123.265408][ T6839] IPVS: using max 59 ests per chain, 141600 per kthread
[  123.279575][ T6841] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  123.363204][ T6817] BTRFS info (device loop1): enabling ssd optimizations
[  123.375118][ T6817] BTRFS info (device loop1): enabling free space tree
[  123.722263][ T6865] loop2: detected capacity change from 0 to 4096
[  123.742285][ T6865] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512).
[  123.931050][ T6878] team0: entered promiscuous mode
[  123.939565][ T5865] BTRFS info (device loop1): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  123.945666][ T6878] team_slave_0: entered promiscuous mode
[  123.948997][ T6878] team_slave_1: entered promiscuous mode
[  124.183481][   T33] audit: type=1326 audit(1758543058.093:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6884 comm="syz.2.364" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9aa178ec29 code=0x0
[  124.559158][ T6898] loop1: detected capacity change from 0 to 64
[  125.441462][ T6924] trusted_key: syz.2.378 sent an empty control message without MSG_MORE.
[  125.847041][ T6937] loop1: detected capacity change from 0 to 128
[  125.856594][ T6937] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  125.867925][ T6937] hpfs: filesystem error: improperly stopped
[  125.872578][ T6937] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  125.876528][ T6937] hpfs: You really don't want any checks? You are crazy...
[  125.879172][ T6937] hpfs: hpfs_map_sector(): read error
[  125.881093][ T6937] hpfs: code page support is disabled
[  125.884117][ T6937] hpfs: hpfs_map_4sectors(): unaligned read
[  125.886415][ T6937] hpfs: hpfs_map_4sectors(): unaligned read
[  125.888714][ T6937] hpfs: filesystem error: unable to find root dir
[  125.895577][ T6937] hpfs: hpfs_map_4sectors(): unaligned read
[  125.953100][ T5475] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  125.991216][ T6941] capability: warning: `syz.1.386' uses 32-bit capabilities (legacy support in use)
[  126.203069][ T5475] usb 1-1: Using ep0 maxpacket: 8
[  126.208224][ T5475] usb 1-1: config 8 has an invalid interface number: 170 but max is 0
[  126.211281][ T5475] usb 1-1: config 8 has no interface number 0
[  126.214277][ T5475] usb 1-1: config 8 interface 170 altsetting 1 bulk endpoint 0xA has invalid maxpacket 32
[  126.218472][ T5475] usb 1-1: config 8 interface 170 has no altsetting 0
[  126.223804][ T5475] usb 1-1: New USB device found, idVendor=0d81, idProduct=1900, bcdDevice=1b.e1
[  126.227482][ T5475] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.231089][ T5475] usb 1-1: Product: syz
[  126.233843][ T5475] usb 1-1: Manufacturer: syz
[  126.236963][ T5475] usb 1-1: SerialNumber: syz
[  126.295935][ T6947] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  126.313234][ T6947] cramfs: wrong magic
[  126.501533][ T6930] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  126.721240][ T5475] cdc_wdm 1-1:8.170: probe with driver cdc_wdm failed with error -22
[  126.730634][ T5475] usb 1-1: USB disconnect, device number 10
[  127.193639][ T6951] loop1: detected capacity change from 0 to 32768
[  127.213055][ T6951] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  127.334994][ T5865] ocfs2: Unmounting device (7,1) on (node local)
[  127.533294][ T5475] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  127.683229][ T5475] usb 1-1: Using ep0 maxpacket: 32
[  127.687344][ T5475] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  127.696521][ T5475] usb 1-1: New USB device found, idVendor=05ac, idProduct=0232, bcdDevice= 0.40
[  127.700117][ T5475] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.704208][ T5475] usb 1-1: Product: syz
[  127.705951][ T5475] usb 1-1: Manufacturer: syz
[  127.707902][ T5475] usb 1-1: SerialNumber: syz
[  127.713324][   T46] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  127.724081][ T5475] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/input/input9
[  127.753002][ T5901] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  127.862986][   T46] usb 3-1: Using ep0 maxpacket: 8
[  127.867129][   T46] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 7
[  127.876322][   T46] usb 3-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  127.879269][   T46] usb 3-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  127.882566][   T46] usb 3-1: Product: syz
[  127.884311][   T46] usb 3-1: Manufacturer: syz
[  127.886303][   T46] usb 3-1: SerialNumber: syz
[  127.913010][ T5901] usb 2-1: Using ep0 maxpacket: 32
[  127.920973][ T5901] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  127.926962][ T5282] bcm5974 1-1:1.0: could not read from device
[  127.935122][ T5901] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  127.946008][ T5282] bcm5974 1-1:1.0: could not read from device
[  127.949511][ T5901] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  127.953999][ T5475] usb 1-1: USB disconnect, device number 11
[  127.956965][ T5901] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.964948][ T5282] bcm5974 1-1:1.0: could not read from device
[  127.969762][ T5282] bcm5974 1-1:1.0: could not read from device
[  128.001389][ T5901] usb 2-1: config 0 descriptor??
[  128.014006][ T5901] hub 2-1:0.0: USB hub found
[  128.100022][   T46] usb 3-1: palm_os_3_probe - error -71 getting connection information
[  128.104771][   T46] visor 3-1:1.0: probe with driver visor failed with error -71
[  128.115457][   T46] usb 3-1: USB disconnect, device number 12
[  128.223383][ T5901] hub 2-1:0.0: 1 port detected
[  128.465214][ T6963] loop0: detected capacity change from 0 to 128
[  128.469233][ T6963] ufs: You didn't specify the type of your ufs filesystem
[  128.469233][ T6963] 
[  128.469233][ T6963] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  128.469233][ T6963] 
[  128.469233][ T6963] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  128.503025][ T6963] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2
[  128.670843][ T6967] loop0: detected capacity change from 0 to 4096
[  128.687584][   T33] audit: type=1326 audit(1758543062.613:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6968 comm="syz.2.398" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9aa178ec29 code=0x7ffc0000
[  128.699788][   T33] audit: type=1326 audit(1758543062.623:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6968 comm="syz.2.398" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9aa178ec29 code=0x7ffc0000
[  128.712441][   T33] audit: type=1326 audit(1758543062.623:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6968 comm="syz.2.398" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9aa178ec29 code=0x7ffc0000
[  128.721646][   T33] audit: type=1326 audit(1758543062.623:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6968 comm="syz.2.398" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9aa178ec29 code=0x7ffc0000
[  128.723173][ T6967] ntfs3(loop0): ino=19, mi_enum_attr
[  128.732978][   T33] audit: type=1326 audit(1758543062.623:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6968 comm="syz.2.398" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9aa178ec29 code=0x7ffc0000
[  128.733020][   T33] audit: type=1326 audit(1758543062.623:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6968 comm="syz.2.398" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9aa178ec29 code=0x7ffc0000
[  128.733052][   T33] audit: type=1326 audit(1758543062.623:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6968 comm="syz.2.398" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9aa178ec29 code=0x7ffc0000
[  128.733084][   T33] audit: type=1326 audit(1758543062.633:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6968 comm="syz.2.398" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9aa178ec29 code=0x7ffc0000
[  128.733116][   T33] audit: type=1326 audit(1758543062.633:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6968 comm="syz.2.398" exe="/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f9aa178ec29 code=0x7ffc0000
[  128.774735][ T6967] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  128.836570][ T5901] hub 2-1:0.0: activate --> -90
[  128.976940][ T6975] loop2: detected capacity change from 0 to 512
[  129.012252][ T6975] EXT4-fs warning (device loop2): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  129.025729][   T55] Bluetooth: hci3: sending frame failed (-49)
[  129.026855][ T6975] EXT4-fs (loop2): mount failed
[  129.030565][ T5237] Bluetooth: hci3: Opcode 0x1003 failed: -49
[  129.050609][ T5901] usb 2-1-port1: config error
[  129.345678][   T46] usb 2-1: USB disconnect, device number 9
[  130.013067][ T5901] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  130.150876][ T6993] loop2: detected capacity change from 0 to 32768
[  130.166766][ T5901] usb 1-1: config 0 has an invalid interface number: 242 but max is 0
[  130.170138][ T5901] usb 1-1: config 0 has no interface number 0
[  130.172799][ T5901] usb 1-1: config 0 interface 242 has no altsetting 0
[  130.187126][ T5901] usb 1-1: New USB device found, idVendor=2c7c, idProduct=0125, bcdDevice=51.ba
[  130.191440][ T5901] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  130.196026][ T5901] usb 1-1: Product: syz
[  130.197866][ T5901] usb 1-1: Manufacturer: syz
[  130.199986][ T5901] usb 1-1: SerialNumber: syz
[  130.209996][ T5901] usb 1-1: config 0 descriptor??
[  130.422105][ T5901] qmi_wwan 1-1:0.242: bogus CDC Union: master=0, slave=1
[  130.431473][ T5901] qmi_wwan 1-1:0.242: probe with driver qmi_wwan failed with error -22
[  130.438747][ T5901] usb 1-1: USB disconnect, device number 12
[  130.447574][ T5862] udevd[5862]: setting owner of /dev/bus/usb/001/012 to uid=0, gid=0 failed: No such file or directory
[  130.586985][ T7008] Bluetooth: MGMT ver 1.23
[  130.816407][ T7014] loop1: detected capacity change from 0 to 256
[  130.849594][ T7014] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  131.394587][ T5887] tipc: Subscription rejected, illegal request
[  132.393247][ T7049] loop1: detected capacity change from 0 to 32768
[  132.416538][ T7049] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  132.448471][ T7049] 
[  132.449437][ T7049] ======================================================
[  132.451970][ T7049] WARNING: possible circular locking dependency detected
[  132.454758][ T7049] syzkaller #0 Not tainted
[  132.456834][ T7049] ------------------------------------------------------
[  132.460770][ T7049] syz.1.430/7049 is trying to acquire lock:
[  132.463156][ T7049] ffff88802f9b4060 (&oi->ip_alloc_sem){+.+.}-{4:4}, at: ocfs2_try_remove_refcount_tree+0xb6/0x320
[  132.467337][ T7049] 
[  132.467337][ T7049] but task is already holding lock:
[  132.470242][ T7049] ffff88802f9b40f8 (&oi->ip_xattr_sem){++++}-{4:4}, at: ocfs2_try_remove_refcount_tree+0xa4/0x320
[  132.474558][ T7049] 
[  132.474558][ T7049] which lock already depends on the new lock.
[  132.474558][ T7049] 
[  132.478710][ T7049] 
[  132.478710][ T7049] the existing dependency chain (in reverse order) is:
[  132.482358][ T7049] 
[  132.482358][ T7049] -> #4 (&oi->ip_xattr_sem){++++}-{4:4}:
[  132.485512][ T7049]        lock_acquire+0x120/0x360
[  132.487594][ T7049]        down_read+0x46/0x2e0
[  132.489581][ T7049]        ocfs2_init_acl+0x2f9/0x720
[  132.491699][ T7049]        ocfs2_mknod+0x1321/0x2050
[  132.493804][ T7049]        ocfs2_create+0x1a5/0x440
[  132.495850][ T7049]        path_openat+0x14f4/0x3830
[  132.497965][ T7049]        do_filp_open+0x1fa/0x410
[  132.500118][ T7049]        do_sys_openat2+0x121/0x1c0
[  132.502294][ T7049]        __x64_sys_openat+0x138/0x170
[  132.504855][ T7049]        do_syscall_64+0xfa/0x3b0
[  132.507154][ T7049]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.509798][ T7049] 
[  132.509798][ T7049] -> #3 (jbd2_handle){++++}-{0:0}:
[  132.512645][ T7049]        lock_acquire+0x120/0x360
[  132.514759][ T7049]        start_this_handle+0x1fa7/0x21c0
[  132.517222][ T7049]        jbd2__journal_start+0x2c1/0x5b0
[  132.519638][ T7049]        jbd2_journal_start+0x2a/0x40
[  132.522119][ T7049]        ocfs2_start_trans+0x376/0x6d0
[  132.524423][ T7049]        ocfs2_shutdown_local_alloc+0x200/0xa10
[  132.527036][ T7049]        ocfs2_dismount_volume+0x201/0x8d0
[  132.529422][ T7049]        generic_shutdown_super+0x135/0x2c0
[  132.531891][ T7049]        kill_block_super+0x44/0x90
[  132.534192][ T7049]        deactivate_locked_super+0xbc/0x130
[  132.536722][ T7049]        cleanup_mnt+0x425/0x4c0
[  132.538893][ T7049]        task_work_run+0x1d4/0x260
[  132.541091][ T7049]        exit_to_user_mode_loop+0xec/0x110
[  132.543411][ T7049]        do_syscall_64+0x2bd/0x3b0
[  132.545501][ T7049]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.548125][ T7049] 
[  132.548125][ T7049] -> #2 (&journal->j_trans_barrier){.+.+}-{4:4}:
[  132.551307][ T7049]        lock_acquire+0x120/0x360
[  132.553157][ T7049]        down_read+0x46/0x2e0
[  132.554856][ T7049]        ocfs2_start_trans+0x36a/0x6d0
[  132.556914][ T7049]        ocfs2_shutdown_local_alloc+0x200/0xa10
[  132.558950][ T7049]        ocfs2_dismount_volume+0x201/0x8d0
[  132.561009][ T7049]        generic_shutdown_super+0x135/0x2c0
[  132.562997][ T7049]        kill_block_super+0x44/0x90
[  132.564740][ T7049]        deactivate_locked_super+0xbc/0x130
[  132.566780][ T7049]        cleanup_mnt+0x425/0x4c0
[  132.568611][ T7049]        task_work_run+0x1d4/0x260
[  132.570629][ T7049]        exit_to_user_mode_loop+0xec/0x110
[  132.572838][ T7049]        do_syscall_64+0x2bd/0x3b0
[  132.574714][ T7049]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.576919][ T7049] 
[  132.576919][ T7049] -> #1 (sb_internal#6){.+.+}-{0:0}:
[  132.579606][ T7049]        lock_acquire+0x120/0x360
[  132.581447][ T7049]        ocfs2_start_trans+0x26b/0x6d0
[  132.583413][ T7049]        ocfs2_truncate_file+0x643/0x1420
[  132.585395][ T7049]        ocfs2_setattr+0x1520/0x1b40
[  132.587197][ T7049]        notify_change+0xb36/0xe40
[  132.588872][ T7049]        do_truncate+0x1a4/0x220
[  132.590691][ T7049]        path_openat+0x306c/0x3830
[  132.592467][ T7049]        do_filp_open+0x1fa/0x410
[  132.594444][ T7049]        do_sys_openat2+0x121/0x1c0
[  132.596469][ T7049]        __x64_sys_open+0x11e/0x150
[  132.598203][ T7049]        do_syscall_64+0xfa/0x3b0
[  132.600259][ T7049]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.603000][ T7049] 
[  132.603000][ T7049] -> #0 (&oi->ip_alloc_sem){+.+.}-{4:4}:
[  132.606383][ T7049]        validate_chain+0xb9b/0x2140
[  132.608757][ T7049]        __lock_acquire+0xab9/0xd20
[  132.610984][ T7049]        lock_acquire+0x120/0x360
[  132.613065][ T7049]        down_write+0x96/0x1f0
[  132.614952][ T7049]        ocfs2_try_remove_refcount_tree+0xb6/0x320
[  132.617598][ T7049]        ocfs2_truncate_file+0xda0/0x1420
[  132.620008][ T7049]        ocfs2_setattr+0x1520/0x1b40
[  132.622322][ T7049]        notify_change+0xb36/0xe40
[  132.624503][ T7049]        do_truncate+0x1a4/0x220
[  132.626541][ T7049]        path_openat+0x306c/0x3830
[  132.628599][ T7049]        do_filp_open+0x1fa/0x410
[  132.630592][ T7049]        do_sys_openat2+0x121/0x1c0
[  132.632735][ T7049]        __x64_sys_open+0x11e/0x150
[  132.635049][ T7049]        do_syscall_64+0xfa/0x3b0
[  132.637408][ T7049]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.640242][ T7049] 
[  132.640242][ T7049] other info that might help us debug this:
[  132.640242][ T7049] 
[  132.644413][ T7049] Chain exists of:
[  132.644413][ T7049]   &oi->ip_alloc_sem --> jbd2_handle --> &oi->ip_xattr_sem
[  132.644413][ T7049] 
[  132.649795][ T7049]  Possible unsafe locking scenario:
[  132.649795][ T7049] 
[  132.653227][ T7049]        CPU0                    CPU1
[  132.655517][ T7049]        ----                    ----
[  132.657768][ T7049]   lock(&oi->ip_xattr_sem);
[  132.659642][ T7049]                                lock(jbd2_handle);
[  132.662600][ T7049]                                lock(&oi->ip_xattr_sem);
[  132.665910][ T7049]   lock(&oi->ip_alloc_sem);
[  132.667880][ T7049] 
[  132.667880][ T7049]  *** DEADLOCK ***
[  132.667880][ T7049] 
[  132.671018][ T7049] 3 locks held by syz.1.430/7049:
[  132.673038][ T7049]  #0: ffff888032712428 (sb_writers#27){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  132.676601][ T7049]  #1: ffff88802f9b43c0 (&sb->s_type->i_mutex_key#36){+.+.}-{4:4}, at: do_truncate+0x171/0x220
[  132.680701][ T7049]  #2: ffff88802f9b40f8 (&oi->ip_xattr_sem){++++}-{4:4}, at: ocfs2_try_remove_refcount_tree+0xa4/0x320
[  132.684887][ T7049] 
[  132.684887][ T7049] stack backtrace:
[  132.687027][ T7049] CPU: 0 UID: 0 PID: 7049 Comm: syz.1.430 Not tainted syzkaller #0 PREEMPT(full) 
[  132.687048][ T7049] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  132.687058][ T7049] Call Trace:
[  132.687064][ T7049]  <TASK>
[  132.687072][ T7049]  dump_stack_lvl+0x189/0x250
[  132.687094][ T7049]  ? __pfx_dump_stack_lvl+0x10/0x10
[  132.687108][ T7049]  ? __pfx__printk+0x10/0x10
[  132.687126][ T7049]  ? print_lock_name+0xde/0x100
[  132.687141][ T7049]  print_circular_bug+0x2ee/0x310
[  132.687156][ T7049]  check_noncircular+0x134/0x160
[  132.687173][ T7049]  validate_chain+0xb9b/0x2140
[  132.687195][ T7049]  __lock_acquire+0xab9/0xd20
[  132.687216][ T7049]  ? ocfs2_try_remove_refcount_tree+0xb6/0x320
[  132.687231][ T7049]  lock_acquire+0x120/0x360
[  132.687250][ T7049]  ? ocfs2_try_remove_refcount_tree+0xb6/0x320
[  132.687272][ T7049]  down_write+0x96/0x1f0
[  132.687288][ T7049]  ? ocfs2_try_remove_refcount_tree+0xb6/0x320
[  132.687304][ T7049]  ? __pfx_down_write+0x10/0x10
[  132.687323][ T7049]  ocfs2_try_remove_refcount_tree+0xb6/0x320
[  132.687341][ T7049]  ? __pfx_ocfs2_try_remove_refcount_tree+0x10/0x10
[  132.687358][ T7049]  ? up_write+0x1c4/0x420
[  132.687372][ T7049]  ocfs2_truncate_file+0xda0/0x1420
[  132.687410][ T7049]  ? __pfx_ocfs2_truncate_file+0x10/0x10
[  132.687428][ T7049]  ? do_raw_spin_unlock+0x4d/0x240
[  132.687441][ T7049]  ? _raw_spin_unlock+0x28/0x50
[  132.687460][ T7049]  ? ocfs2_inode_lock_tracker+0x3ec/0x660
[  132.687475][ T7049]  ? __pfx_ocfs2_inode_lock_tracker+0x10/0x10
[  132.687489][ T7049]  ? ocfs2_rw_lock+0x13a/0x240
[  132.687501][ T7049]  ? __pfx___dquot_initialize+0x10/0x10
[  132.687513][ T7049]  ? __pfx_ocfs2_rw_lock+0x10/0x10
[  132.687525][ T7049]  ? setattr_prepare+0x1e7/0xac0
[  132.687559][ T7049]  ? inode_newsize_ok+0x11b/0x1c0
[  132.687574][ T7049]  ocfs2_setattr+0x1520/0x1b40
[  132.687590][ T7049]  ? __pfx_ocfs2_setattr+0x10/0x10
[  132.687600][ T7049]  ? ktime_get_coarse_real_ts64_mg+0x52/0x1e0
[  132.687612][ T7049]  ? seqcount_lockdep_reader_access+0x175/0x1c0
[  132.687624][ T7049]  ? ns_to_timespec64+0x21/0xb0
[  132.687635][ T7049]  ? ktime_get_coarse_real_ts64_mg+0x175/0x1e0
[  132.687646][ T7049]  ? current_time+0x222/0x370
[  132.687653][ T7049]  ? evm_inode_setattr+0x1b6/0x7d0
[  132.687674][ T7049]  ? __pfx_current_time+0x10/0x10
[  132.687683][ T7049]  ? try_break_deleg+0x79/0x130
[  132.687692][ T7049]  ? __pfx_ocfs2_setattr+0x10/0x10
[  132.687699][ T7049]  notify_change+0xb36/0xe40
[  132.687711][ T7049]  do_truncate+0x1a4/0x220
[  132.687723][ T7049]  ? __pfx_do_truncate+0x10/0x10
[  132.687733][ T7049]  ? apparmor_file_truncate+0x23e/0x2d0
[  132.687748][ T7049]  path_openat+0x306c/0x3830
[  132.687757][ T7049]  ? arch_stack_walk+0xfc/0x150
[  132.687769][ T7049]  ? stack_depot_save_flags+0x40/0x860
[  132.687782][ T7049]  ? __pfx_path_openat+0x10/0x10
[  132.687790][ T7049]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.687800][ T7049]  do_filp_open+0x1fa/0x410
[  132.687808][ T7049]  ? __lock_acquire+0xab9/0xd20
[  132.687820][ T7049]  ? __pfx_do_filp_open+0x10/0x10
[  132.687832][ T7049]  ? _raw_spin_unlock+0x28/0x50
[  132.687843][ T7049]  ? alloc_fd+0x64c/0x6c0
[  132.687855][ T7049]  do_sys_openat2+0x121/0x1c0
[  132.687863][ T7049]  ? __se_sys_futex+0x36f/0x400
[  132.687872][ T7049]  ? __pfx_do_sys_openat2+0x10/0x10
[  132.687881][ T7049]  ? rcu_is_watching+0x15/0xb0
[  132.687890][ T7049]  __x64_sys_open+0x11e/0x150
[  132.687898][ T7049]  do_syscall_64+0xfa/0x3b0
[  132.687908][ T7049]  ? lockdep_hardirqs_on+0x9c/0x150
[  132.687917][ T7049]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.687925][ T7049]  ? exc_page_fault+0x9f/0xf0
[  132.687932][ T7049]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.687941][ T7049] RIP: 0033:0x7fda43d8ec29
[  132.687951][ T7049] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  132.687996][ T7049] RSP: 002b:00007fda44c5a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  132.688006][ T7049] RAX: ffffffffffffffda RBX: 00007fda43fd5fa0 RCX: 00007fda43d8ec29
[  132.688012][ T7049] RDX: 1df2a23c5997fa5f RSI: 0000000000080242 RDI: 0000200000000580
[  132.688018][ T7049] RBP: 00007fda43e11e41 R08: 0000000000000000 R09: 0000000000000000
[  132.688023][ T7049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  132.688028][ T7049] R13: 00007fda43fd6038 R14: 00007fda43fd5fa0 R15: 00007ffd2a70d5d8
[  132.688037][ T7049]  </TASK>
[  132.909635][ T5865] ocfs2: Unmounting device (7,1) on (node local)
[  137.846604][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  137.849390][ T1364] ieee802154 phy1 wpan1: encryption failed: -22

VM DIAGNOSIS:
12:11:06  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000033 RBX=0000000000000033 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000001d40 RDI=0000000000001d41 RBP=00000000000003f8 RSP=ffffc90007fe6850
R8 =ffff888106980237 R9 =1ffff11020d30046 R10=dffffc0000000000 R11=ffffffff854fb260
R12=dffffc0000000000 R13=ffffffff99b038cc R14=ffffffff99df84e0 R15=0000000000000000
RIP=ffffffff854fb2dc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fda44c5a6c0 ffffffff 00c00000
GS =0000 ffff8880b8612000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b33219ff8 CR3=0000000032f2c000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f9aa19a7498 00007f9aa19a7470 XMM03=00007f9aa19a74a8 00007f9aa19a74a0
XMM04=00007f9aa250d100 00007f9aa19a7460 XMM05=00007f9aa19a7478 00007f9aa19a74c0
XMM06=00007f9aa19a74b8 00007f9aa19a74b0 XMM07=00007f9aa19a74a8 00007f9aa19a74a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f9aa1812fed
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=579996bb2bca0700 RBX=ffffffff819683f8 RCX=579996bb2bca0700 RDX=0000000000000001
RSI=ffffffff8be34260 RDI=ffffffff819683f8 RBP=ffffc90000177f20 RSP=ffffc90000177de0
R8 =ffff888136632f9b R9 =1ffff11026cc65f3 R10=dffffc0000000000 R11=ffffed1026cc65f4
R12=ffffffff8fa3ac30 R13=0000000000000001 R14=0000000000000001 R15=1ffff110200d6000
RIP=ffffffff8b7a53f3 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c12000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000200000400000 CR3=0000000029946000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f242f7a7498 00007f242f7a7470 XMM03=00007f242f7a74a8 00007f242f7a74a0
XMM04=00007f243030d100 00007f242f7a7460 XMM05=00007f242f7a7478 00007f242f7a74c0
XMM06=00007f242f7a74b8 00007f242f7a74b0 XMM07=00007f242f7a74a8 00007f242f7a74a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f242f612fed
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
