last executing test programs:

53.950837943s ago: executing program 1 (id=285):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x9}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0d00000006000000040000000100000001000000", @ANYRES32=r0], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r1}, &(0x7f0000000840), &(0x7f0000000340)=r0}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000380)={r1, &(0x7f0000000900)}, 0x20)

53.932594901s ago: executing program 1 (id=286):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000480)='cgroup.events\x00', 0x275a, 0x0)
read(r1, &(0x7f0000000000)=""/83, 0x53)

53.860721589s ago: executing program 1 (id=287):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
syz_usb_connect(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xb2, 0xfc, 0x5e, 0x10, 0x46d, 0xc281, 0xc208, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xc0, 0x0, [{{0x9, 0x4, 0xbf, 0x2, 0x2, 0x84, 0x28, 0x32, 0x0, [], [{{0x9, 0x5, 0xb, 0x10, 0x40, 0x5, 0x5, 0x8}}, {{0x9, 0x5, 0x4, 0x8, 0x40, 0x68, 0x0, 0x3}}]}}]}}]}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)
syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

50.820861858s ago: executing program 1 (id=320):
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000080)='./file1\x00', 0x80, &(0x7f0000000140)={[{@nodecompose}, {@nobarrier}, {@nodecompose}, {@force}, {@nobarrier}, {@type={'type', 0x3d, "aff0aae8"}}, {@nls={'nls', 0x3d, 'iso8859-9'}}]}, 0x44, 0x6ff, &(0x7f0000000500)="$eJzs3U1sHGf5APBn1uu1N5XcbZu0/f+FFKsRETSQ2F5KgoREqBDyoUKRuPS6JE5jee1GtoucCBEXKBzhhHLooQiZQ0+oB6QiDohyRkLiinKPxD3iwKKZnVnvh73ebfyRhN9Pmp13Zt6PZ57OvN6dbbQB/M9afDsmtyOJxQtvbaXbD3bqzQc79dWiHBFTEVGKKLdXkaxFJJ9FXI32Ev+X7sy7S/Yb542Hn354/v7H9fZWOV+y+qVh7Xa1hoywnS8xGxET+XpM5f36ux5vDvR3b6yuk07cacLOFYmDk9YasD1O8xHuW+BJdy9iYnKP/bWIUxExnb8PiHx2KB1zeIdurFkOAAAAnkwTB1V4/lE8iq2YOZ5wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4NmQtH8zMMmXUlGejaT4/f9Kvi9VqZxwvMN95YDjH9w8pkAAAAAAAAAA4Eh8kn9xf/ZRPIqtmCn2t5LsO//Xso3T2etz8V5sxFKsx8XYikZsxmasx3zE5ExXh5Wtxubm+vxgy19H2rLVat3LWy5ERG2g5cI+gZYO+cQBAAAAAAAA4Nn0k1iMmZMOAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuiURE+1VtpwuyrUolSNiOiIqab3tiD8V5afZn086AAAAADh61Xw9k/ynXWgl2Wf+l7PP/dPxXqzFZizHZjRjKW5kzwLan/pLf9+uNx/s1FfTZbDjb/9rrDiyHiNiIt7fZ+S5rMaZTovF+G58Py7EbFyL9ViOH0YjNmMpZqOankQ0Iolatf30olbEuXe8V3u2rvXHdrZv+9UskmrcjOUstotxvRLtxybZOaRjvto12h8qEX0jvp9mJ/lWbsQc3ej67/Wr/LlMrvX8iH0cjVp25pOdjMyluc+z8cLw3I95nfSPNB+lzjOo07ujpJv9IxU5/8E4OT/VXk2nLz/vzflhG/NRWn8mFqKUX30RL/fm/PYX77/Y2/jL//jLtVultZVbNzcuHOEpPY7ZgypMFoX+TNS7MvHK8Ksvz0QzzcT26JmY7N8xPWrLo1XJs5FNRSPOlt/JSo14resSfDduxFJcjrmYjysxF9+Ihah3rrB0OdOT13J9tTcn2b1WGpzfqkOCP/elrkq/OKDy8Urz8kJXXrtnulp2LN9z9Zcx13X1vTj86hv7r0A6/v/n5XSMn3b+4jwJejKRz81FdC8Nz8RvWunrRnNtZf1W4/aI453P1+lt+0Hv3Pzb0aPu/+t+GNLrJZ1xy9lWlpNqcb2kx17qRNubr0r+jUu7XWng2JnOsVrMxHJ8b987tZK/hxvsqX3sle5j/9ydOSv5+5viWM+7nHg3mtm7kD4HTtUAHLNTr5+qVB9W/1b9qPqz6q3qW9NvTl2Z+kIlJv9a/uPE70u/K30zeT0+ih/HzElHCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz4KNO3dXGs3m0nqnENP9ex63UNl3rOGFKB1YZ+e50TqMWsTwsZK8UDncc38aC9Xo21P8wtLj9vxJRAypU3ns4JOxr7GxC2keDqXDVqud1GxPa2KM5uWi1d51yrExHSuNpLzHHTe1exdEbaXR/Herp3k1um4Z4Bl3aXP19qWNO3e/urzaeGfpnaW1hSuXr1yuf33+a5duLjeX5tqvJx0lcBQ27tyd2GP3wC/dAgAAAAAAAAAAAE+O/P/+3/zc/5ihfECdyvrG3iOfPe5TBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5Si2/H5HYkMT93cS7dfrBTb6ZLUd6tWY6IUkQkP4pIPou4Gu0lal3dJfuN88bDTz88f//j+m5f5aJ+aVi70WznS8xGxES+PtjUHt0M9ne9q7/tzxVe0jnDNGHnisTBSftvAAAA//9u//cB")
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='tracefs\x00', 0x800, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x5006d, 0x0)
mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x1002c, &(0x7f0000000200)={[{@mode={'mode', 0x3d, 0xf18c}}]})

50.798993712s ago: executing program 1 (id=322):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = syz_io_uring_setup(0x231, &(0x7f0000000240)={0x0, 0x15d2, 0x30101}, &(0x7f0000000180)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_WRITE={0x17, 0x0, 0x4007, @fd=r0, 0xffffffffffffffff, 0x0, 0xffffffffffffffea, 0xc})
io_uring_enter(r1, 0x7a98, 0x0, 0x0, 0x0, 0x0)

50.569396551s ago: executing program 1 (id=326):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x48100, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0x7d)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000200)=0x7d)

50.477261178s ago: executing program 32 (id=326):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x48100, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0x7d)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000200)=0x7d)

5.051113915s ago: executing program 2 (id=863):
r0 = mq_open(&(0x7f00000000c0)='ns\xbf\x12\xe1\v\xc8E\xe0\x80r\x917kj\x9cL\xceZ\x99\xf8Q%#-\xd3\xd2\x13\xe8\xdc\xe1\xfd\xde\xef\xf2\xa7\xd2\xab\x97\xc2e\'\xfc\x10\x85\x03\x00\x00\x002\xb8A\x97\xb7.[O\xd56\xec^F\xdfT\xda\x9817\"\xf5h\xc0\xf8\a\x9e\xce\xa9&\xffq\xebA\xb8\x96~\x17|\xc9xR\\z\x9a\x8cRJ\x85\\u\xb2\\\xedB4\xb5z\xbb\xee\xbd\x96\x19\xd1\x98\xeb\xe8\xc1u\x8b\xf8hc\x81#\r\xe8\xf8%\xd9\x7f\r\x12M\x00\x00\x00\x00\x00\x00', 0x40, 0x145, 0x0)
pread64(r0, &(0x7f0000000000)=""/36, 0x24, 0x5)

5.050972464s ago: executing program 2 (id=864):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000300)={@val, @void, @eth={@multicast, @multicast, @val={@val={0x88a8, 0x5, 0x1, 0x4}, {0x8100, 0x6, 0x0, 0x6}}, {@ipv4={0x800, @generic={{0x5, 0x4, 0x1, 0x6, 0x1c, 0xe4, 0x0, 0x8, 0x11, 0x0, @dev={0xac, 0x14, 0x14, 0x29}, @loopback}, "e78a36b89d668592"}}}}}, 0x36)

4.973140967s ago: executing program 2 (id=868):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
sendfile(0xffffffffffffffff, r0, 0x0, 0x2000000000005)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = socket$inet6(0xa, 0x1, 0x8010000000000084)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_ALLOW_SUSPEND(r3, 0x5522)
bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
connect$inet6(r2, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[], 0x140}}, 0x0)
r4 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x317, 0x1, 0x34, 0x9}, 0x9c)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f00006e6000/0x2000)=nil)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB="9feb0100180000000000000028f4000028000000030000000000000000000003000000030000000002000000060000e3a20000000000000e0500000001000000006100"], 0x0, 0x43, 0x0, 0x1, 0x4}, 0x20)
r5 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0)
ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, &(0x7f0000000080)={'c6xdigio\x00', [0x3c4, 0x10, 0x2, 0xa, 0x14000000, 0x2f00, 0xfffffffc, 0x2, 0xffd, 0x7ffe, 0x3, 0x723, 0x400, 0x2, 0x13, 0x100, 0xffffffa7, 0x9, 0x34d, 0x1, 0xbff, 0x9, 0x200, 0xe2df, 0xaa11, 0x1, 0x4, 0x0, 0x7, 0xf58, 0x6]})
ioctl$COMEDI_INSN(r5, 0x8028640c, &(0x7f0000000000)={0x4000000, 0x92ff, 0x0, 0x0, 0x80000000})

3.960514211s ago: executing program 3 (id=878):
syz_mount_image$nilfs2(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xac7, &(0x7f0000000340)="$eJzs3U2MW0cBAOB53vUmm6TEKQld0tAmFNry002zWcJPBEmVCImoqRCXShWXKE1LRAgSRQKqSk1y4karKkic+BGnXqqCkOgFRT1xqUQjVUg9FQ4ciIKoxAECiVHsGa89sfvs/bHX6++T3o7nzbw3894+P7/fmQBMrErj7+LiXBHC5TdeOf73B/82e3vMkVaOWuPvdFusGkIoYnw6m997U83w5vsvnO4WFmGh8TfFwxPXW9NuDSFcCHvDlVALuy9fffmthcdPXjxxad/brx6+tjZLDwAAk+XrVw4v7vrLn+7dceO1+46GTa3x6fi8FuPb4nH/0Xjgn47/K6EzXrQN7WayfNNxqMx25pvqkq+9nGqWb7pH+TNZ+dUe+TaFDy5/qm1ct+WGcZa241ooKvMd8Uplfr55Th4a5/Uzxfz5s+eeeW5EFQVW3b/uDyHsbRuOXeqMr7fhyBrOu16vvxjWbv71Ua+7cR2ODq+sG/WmkS/zkIb69lHvgQCa8vuFd7iQX1lYmdbcpvsr//pjle7TwyoY9vY/UPkzIy4/KP/XF+1xWD0bdWtKy5W+R9tiPL+PkD+/1Pv7l9/p6Byb34+o9lnPXvcRxuX+Qq96Tg25HsvVq/75drFRfTmGaT18JUtv//7k/9Nx+R8D3f07v/4/oUPrMYR1UBfDRhvqxapuW53zqq5kXvVR7XiAdS9/bq6e7o9G+XN9efqmkvTNJemzJelbStK3lqTDJPvt938SXiqWzvPzc/pBr4en62x3xfBDA9Ynvx45aPn5c7+DWmn5+fPEsJ79/tSTZ77w9FNXm8//F63t/1bc3tPpRi1+t67EDOl6YX5dvfXsf62znEqPfHdn9bmrS/7G552d+YqdS/MJbfuZO+ox1znd9l759nTmq2X5ZuOwOatvfnyyJZsuHX+k/WpaX9PZ8laz5ZjJ6pH2KztimNcDliNtj72e/0/b51yoFs+cPXfm0RhP2+kfp6qbbo8/MOR6AyvX7/s/c6Hz/Z9trfHVSvt+YfvS+KK5X3g9zq9z/EKrnM7xB2M8/c59a2q2MX7+9HfPPb36iw8T7bkfPf/tU+fOnfmeD8v+8NX1UY1BPqTTlvVSnw39YSqsi2oM+GHEOyZgze1/sXkQ8MjZ75x69syzZ84fPHTo4MLCoS8eXNzfOK7f33503+7CCGoLrKalH/1R1wQAAAAAAAAAAADo1w9OHL/6zpuff7f5/v/S+3/p/f/05G96///H2fv/+Xvy6T349B7gji7pjTxZA6szWb5qHD6c1XdnVs6ubLqPxLDVj198/z8Vl7frmupzTza+2iOaNSdwR3spM1kbJHl/gR+P4aUY/irACBWz3UfHsKx967Stp/Yp2tqlqGsfeHyk/1vaGlI7Jun9767tOrX9s3cMoY6svmG8TjjqZQS6+8dEtf/9z6UFH3ldDL2H6eGW97MNuU3Uiz7y1Xsepffbgw3A6hh1/5/pumcKz//ha5tvDynb9cea+8vYo8Md7ZfCIP78Tmd8vfc/udbl5/32Dbv8US//sPv/bPV/1/f+L+sxr7a8cv/z82vvthUbdvdbfr78qR3onYOVfyOWn5bmodBf+fVfZuXnN4T69N+s/C19ln/H8u9ZXvn/i+Wn1fbwA/2W36xxUemsR37dON3/y68bJzez5U9te35A+d94vtvyL7OjxluxfJhk49LP7KCy44jWRY7l9/8bXVjd/n9blc12a/lzGJ+L8bQjTs855P2dlNS/ntc/PV+Rfgd2ZfMvSn7f9P873r4Uw7LvQ+r/N22PtfiT3xZvrMsUr3ZZtxt1XwPj6r2Juv83FsPmdVAHQ/9DfWoZ07X6iRtx/ev1+tpe0Cox0sIZ+fof9XnCqMsf9fovk/f/mx/D5/3/5ul5/795et7/b54+G/9DvdLz/n/z9Zn3/5un35PNN+8feK4k/aMl6bu7p7dO2+8tmX5PSfrHStL3tdKPdORI6feVTH9/SfrdJekPlKR/oiT9kyXpD5akP9yW3t4HdEr/VMn0G116H2VSlx8mWf5+nu8/TI50/6fX939nSTowvn762oFjT/3mm7Xm+/8zresh6T7e0RivxvOnH8Z4ft87tMVvp70Z43/N0tf79Q6YJHn7Gfnv+0Ml6cD4Ss95+X7DBCo2dx8dw7J2q3od5zNePh3Dz8TwszF8JIbzMdwfwwMxXBhS/Vgbx17/3eGXiqXz/e1Zer/Pw+fvA3W0ExVCONhnffLrA4M+j5+34zeolZa/zNfBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAARqbS+Lu4OFeEcPmNV44/efLs/ttjjrRy1Bp/p9ti1dZ0ITwaw6kY/iJ+uPn+C6fbw1sxLMJCKELRGh+euN4qaWsI4ULYG66EWth9+erLby08fvLiiUv73n718LW1WwMAAACw8f0/AAD//252FS4=")
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)

3.858267395s ago: executing program 3 (id=879):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x1)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
dup(0xffffffffffffffff)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000005, 0x12, r1, 0xe7bee000)

2.237680197s ago: executing program 3 (id=884):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ptrace$setregs(0xf, 0xffffffffffffffff, 0x5, &(0x7f0000000440)="8a4ddaade9d041c942df263bf288a1732877")
r0 = syz_open_dev$MSR(&(0x7f00000000c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$NFC_CMD_START_POLL(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[], 0x24}}, 0x24000040)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={0x18, 0x2f, 0x107, 0x0, 0x4, {0x3, 0x7c}, [@nested={0x4, 0xfc}]}, 0x18}}, 0x4010)
r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r1)

1.340498797s ago: executing program 0 (id=887):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x803, 0x0)
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$UI_SET_PHYS(r0, 0x4008556c, 0x0)

1.339059947s ago: executing program 0 (id=888):
r0 = syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f00000015c0)='./bus\x00', 0x0, &(0x7f0000001600), 0x0, 0x559e, &(0x7f0000005680)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
ioctl$BTRFS_IOC_INO_LOOKUP(r0, 0xd0009412, &(0x7f0000000400)={0x0, 0x7fffffff})

931.114392ms ago: executing program 0 (id=889):
r0 = syz_open_procfs(0x0, &(0x7f0000000200)='task\x00')
getdents64(r0, 0xffffffffffffffff, 0x43)

879.303919ms ago: executing program 0 (id=890):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl(r0, 0x8b1a, &(0x7f0000000040))

879.029954ms ago: executing program 0 (id=891):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
listen(r1, 0x0)
accept4$rose(r1, 0x0, 0x0, 0x800)

821.241246ms ago: executing program 3 (id=892):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
lseek(r0, 0x8000000e, 0x1)
getdents64(r0, 0x0, 0x31)

821.024283ms ago: executing program 3 (id=893):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0f000000040000000800000001"], 0x50)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000000c0)={@map=r0, 0x7, 0x0, 0xffffffff, 0x0, 0x5f, 0x0, 0x0, 0x0, 0x0}, 0x40)

820.939512ms ago: executing program 3 (id=894):
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
socket(0x1e, 0x4, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_connect(0x5, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000079db8540da0b77010b7d000000010902120001000000000904", @ANYRES32, @ANYRES8=r0], 0x0)

101.449319ms ago: executing program 2 (id=895):
unshare(0x20000400)
r0 = socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000000040)={0x10, 0x0, 0x25dfdbfb}, 0xc)

101.343855ms ago: executing program 2 (id=896):
bpf$MAP_LOOKUP_BATCH(0x12, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x10000}, 0x38)

101.076391ms ago: executing program 2 (id=897):
syz_mount_image$jfs(&(0x7f0000000100), &(0x7f0000000000)='./file1\x00', 0x1000400, &(0x7f0000000280)={[{@quota}, {@discard_size={'discard', 0x3d, 0xaff9}}, {@iocharset={'iocharset', 0x3d, 'none'}}, {@errors_continue}, {@iocharset={'iocharset', 0x3d, 'maciceland'}}, {@usrquota}, {@nodiscard}, {@uid}, {@uid={'uid', 0x3d, 0xee01}}]}, 0x21, 0x61b6, &(0x7f00000075c0)="$eJzs3cuOHFcZB/Cv+jYXE8fKIgoWQpPEXEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRLNhwUOAkFgixJIVD5AFW3Y8AJZsJFAWKIVq5pxxTaV7esb2dHW7fj9pXPX1qZo+5X9XX6aq+gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/8wY/PFRFx5VfphhMRn4t+RC9iparXImJl7UR9nRdiuzmej4jhUkS1/vY/z0a8HhEfH4+4/+DOenXz+QP24/t//scffnLsR3//0/DMf/9yq//GpOVu3/7tf/5699G3FwAAALqoLMuySB/zT0bEIH22BwCefvn1v0zy7eq5qzfnrD9qtVqtXsC6rhzvbr2IiM36OtV7BofjAWDBbMYnbXeBFsm/0wYRcaztTgBzrWi7AxyJ+w/urBcp36L+erC2057PBdmT/2axe33HpOk0zXNMZvX42op+PDehPysz6sM8yfn3mvlf2WkfpeWOOv9ZmZT/aOfSp87J+feb+Tc8Pfn3xubfVTn/waHy78sfAAAAAADmWP77/4mWj/8uPf6mHMh+x3/XZtQHAAAAAAAAAHjSDjv+36Ax/t8u4/8BAADA3Ko+q1d+d/zhbZO+i626/XIR8UxjeaBj0sUyq233AwAAAAAAAAAAAAC6ZLBzDu/lImIYEc+srpZlWf3UNevDetz1F13Xtx+6rO0neQAA2PHx8ca1/EXEckRcTt/1N1xdXS3L5ZXVcrVcWcrvZ0dLy+VK7XNtnla3LY0O8IZ4MCqrX7ZcW69u2uflae3N31fd16jsH6Bjs9Fi4AAQETuvRvcnvSL9z+vVYirLZ6PlNzksiH32fxaU/Z+DaPtxCgAAABy9sizLIn2d98l0zL/XdqcAgJnIr//N4wJqtVqtVqufvrquHO9uvYiIzfo61XsGw/EDwILZjE/a7gItkn+nDSLihbY7Acy1ou0OcCTuP7izXqR8i/rrQRrfPZ8Lsif/zWJ7vbz+uOk0zXNMZvX42op+PDehP8/PqA/zJOffa+Z/Zad9lJZ7/PzLPX8mbOsco0n5V9t5ooX+tC3n32/m33DU+/+sbEVvbP5dlfMfHCr/vvwBAAAAAGCO5b//n5ir47+jR92cqfY7/rs2do2j6wsAAAAAAAAAPCn3H9xZz9e95uP/XxiznOs/n045/0L+nZTz7zXy/2pjuX5t/t7bD/P/94M763+89a/P5+lB81/KM0V6ZBXpEVGkeyoGafo4W/dZW8P+qLqnYdHrD9I5P+Xw3bgW12Mjzu5Ztpf+Px62n9vTXvV0uN1e9nfaz+9pH+y25/Uv7GkfprOLypXcfjrW4+dxPd7Zbq/alqZs//KU9nJKe86/b//vpJz/oPZT5b+a2ovGtHLvo95n9vv6dNz9vHXti785e/SbM9VW9He3ra7avpda6M/2/8mxUfzy5saN07ev3rp141ykyZ5bz0eaPGE5/2H62X3+f3mnPT/v1/fXex+NDp3/vNiKwcT8X67NV9v7yoz71oac/yj95PzfSe3j9/9Fzn/y/v9qC/0BAAAAAAAAAAAAAACA/ZRluX2J6FsRcTFd/9PWtZkAwGzl1/8yybfPqu7P+P7U6gWviznrz0zrT8v56o9avYh1XTnem/UiIv5WX6d6z/Drcb8MAJhnn0bEP9vuBK2Rf4fl7/urpqfa7gwwUzc/+PCnV69f37hxs+2eAAAAAAAAAACPKo//uVYb//lUWZZ3G8vtGf/17Vh73PE/B3lmd4DRCQNV9w+/TfvZ6o36vdpw4y/GpPG/h7tz+43/PZhyf8Mp7aMp7UtT2pentI+90KMm5/9ibbzzUxFxsjH8ehfGf22Oed8FOf+Xao/nKv+vNJar51/+fpHz7+3J/8yt939x5uYHH7527f2r7228t/GzC+fOnb1w8eKlS5fOvHvt+sbZnX9b7PHRyvnnsa+dB9otOf+cufy7Jef/pVTLv1ty/l9Otfy7Jeef3+/Jv1ty/vmzj/y7Jef/Sqrl3y05/6+lWv7dkvN/NdXy75ac/9dTLf9uyfm/lmr5d0vO/3Sq5d8tOf8zqT5g/itH3S9mI+efj3DZ/7sl55/PbJB/t+T8z6da/t2S87+Qavl3S87/9VTLv1ty/t9Itfy7Jed/MdXy75ac/zdTLf9uyflfSrX8uyXn/61Uy79bcv7fTrX8uyXn/0aq5d8tOf/vpFr+3ZLz/26q5d8tOf/vpVr+3ZLzfzPV8u+Wh9//b8aMGTN5pu1nJgAAAAAAAAAAAACgaRanE7e9jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/9mBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFfbuLkaus74f+Jl989qBxEDI38nfwMYxISSb7NpO/EKbYsJrw1sJhEJfsF3v2iz4Da9dAo1k00CJhFFRRdtw0RYQanNTkQsuaAUoF6gVUiVoL+gNokLlIqoCCkiVaAXZas55nmdnZmdndu3x+sw5n4+U/LIzZ+acOXPm7H53850BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoNWtr5//dCPLsuY/+b+2ZtkLmv+9eWprftlrrvUWAgAAAFfqV/m/n7shXXBwDTdqWeafX/7dry0tLS1l7xv98/HPLy2lK6aybHxTluXXRU/96P2N1mWCx7LJxkjL1yN9Vj/a5/qxPteP97l+os/1m/pcP9nn+hU7YIXNxe9j8jvbmf/n1mKXZjdm4/l1O7vc6rHGppGR+LucXCO/zdL4sWwhO5HNZ7NtyxfLNvLlv3Frc11vyeK6RlrWtb15hPzs0aNxGxphH+9sW9fyfUY/eV029fOfPXr0b889e3O32Xc3tN1fsZ137Ghu5yfDJcW2NrJNaZ/E7Rxp2c7tXZ6T0bbtbOS3a/5353Y+t8btHF3ezA3V+ZxPZiP5f38v309jrb/WS/tpe7jsF7dlWXZxebM7l1mxrmwk29J2ycjy8zNZHJHN+2geSi/OxtZ1nN66huO0Oed2th+nna+J+PzfGm43tso2tD5NP/nERMvz/sulyzlOo+ajXu210nkMDvq1UpZjMB4X38sf9ONdj8Gd4fE/evvqx2DXY6fLMZged8sxuKPfMTgyMZpvc3oSGvltlo/BXW3Lj+ZrauTzmdt7H4Mz506emVn82MfvXjh55Pj88flTe3btmt2zd+/+/ftnji2cmJ8t/n2Ze7v8tmQj6TWwI+y7+Bp4VceyrYfq0pcmVpx/L/d1ONnjdbi1Y9lBvw7HOh9cY2NekCuP6eK18Z7mTp+8NJKt8hrLn587r/x1mB53y+twrOV12PV7SpfX4dgaXofNZc7cubafWcZa/um2Dat/L7iyY3BryzHY+fNI5zE46J9HynIMTobj4gd3rv69YHvY3sen1/vzyOiKYzA93HDuaV6Sft6f3J+PbsflLc0rrpvIzi/On73nkSPnzp3dlYWxIV7Scqx0Hq9bWh5TtuJ4HVn38Xpw4eWP39Ll8q1hX03e3fzX5KrPVXOZe+/p/Vzl392678+2S3dnYQzYRu/Pbt/Nm/tzIsu+8O1PPPTNR7/w+lX3ZzNvfnLmyn8WT7m05fw7vsr5N+b+54v1pbt6bHR8rHj9jqa9M952Pm5/qsbyc1cjX/dzM2s7H4+Hfzb6fHxjj/Pxto5lB30+Hu98cPF83Oj3244r0/l8Tobj5MRs7/Nxc5ltu9d7TI71PB/fFmYj7P9Xh6SQclHLsbPacZvWNTY2Hh7XWFxD+3G6p2358ZDNmut6cnf4oTBt5dqO0ztuK5YfbbldtFHH6VTHsoM+TtPvvlY7Thv9fvt2eTqfz8lwXNy4p/dx2lzm6Xuv/Ny5Of5ny7lzot8xOD460dzm8XQQ5uf7bGlzPAbvyY5mp7MT2Vx+7UR+PDXydU3ft7Zz5UT4Z6PPldt6HIN3dCw76GMwfR9b7dhrjK188APQ+XxOhuPiift6H4PNZd6wb7A/u94RLknLtPzs2vn7tdV+53VLx266WsfKWNjOb+/r/bvZ5jIn9q83Z/beT3eFS67rsp86X7+rvabmso3ZT9vCdj67f/X91Nye5jKfP7DG4+lglmUXPvJA/vve8PeVC+e//7W2v7t0+5vOhY888NMXHvun9Ww/AMPv+WJsKb7Xtfxlai1//wcAAACGQsz9I2Em8j8AAABURsz98f8KT+R/AAAAqIyY+8fCTKqQ//+4/yLb3vDswvMXstTMXwri9Wk3PFgsFzuus+HrqaVlzcsf+Mr8f//jhbVt3kiWZb988I+6Lr/twbhdhamwnU+9sf3yFb5295rWffjhC2m9rf31L4b7j49nrYdBtwrubJZl37jhs/l6pt5/KZ9PP3g4nw9dfPyx5jLPHSi+jrd/5iXF8n8Vyr8Hjx1pu/0zYT/8OMzZt3bfH/F2X7306u373ru8vni7xo7r84f9xAeK+43vk/O5x4rl435ebfu/+Zknv9pc/pFXdt/+CyPdt//JcL9fCfN/XlYs3/ocNL+Ot/tU2P64vni7e778ra7b/9Sni+XPvKlY7nCYcf13hK93vunZhdb99UjjSNvjyt5cLBfXP/v9P82vj/cX779z+ycPXWrbH53Hx9P/VtzPTMfy8fK4nugfOtbfvJ/W4zOu/8k/Ody2n/ut/6mHnnlZ8347139Xx3JnPnJnvv7l+2t/x6a//tRnu64vbs/Bvz/T9ngOviu8jsP6n/hAOB7D9f/7VHF/ne+ucPhd7eefuPwXt15oezzRW35erP+p1x7P56bJzVuue8ELr7/4iua+y7LvbSrur9/6j//N6bbt/9JNxf6I18eOfuf6VxPXf/aj06dOL55fmEt79dEb8vfOeVuxPXF7bwjn1s6vD50+98H5s1OzU7NZNlXdt9C7bF8O86fFuNh76aUVZ9A7Hw7P5y1/+Y0tt//rZ+Ll//6e4vJLby2+b70qLPe5cPnW8Pytb/0rPXHrTfnru/F02MKlle8XfCW27/yv/WtaMDz+zp8L4vF+5qUfzPdD87r8+0Z8XV/h9v9wrrifr4f9uhTemXnHTcvra10+vjfCpXcXr/cr3n/hNBef178Lz/fbf1zcf9yu+Hh/GH6O+da29vNdPD6+fmGk8/7zd/G4GM4n2cXi+rhU3N+Xnrup6+bF9yHJLt6cf/1n6X5uXtfDXM3ixxZnTiycOv/IzLn5xXMzix/7+KGTp8+fOncofy/PQx/qd/vl89OW/Pw0N7/33iw/W50uxlV2rbf/zMNH5/bN3j43f+zI+WPnHj4zf/b40cXFo/Nzi7cfOXZs/qP9br8wd/+u3Qf27Ns9fXxh7v79Bw7sOTC9cOp0czOKjepj7+yHp0+dPZTfZPH+ew/suu++e2enT56em79/3+zs9Pl+t8+/N003b/2H02fnTxw5t3Byfnpx4ePz9+86sHfv7r7vBnjyzLHFqZmz50/NnF+cPztTPJapc/nFze99/W5PNS3+R/HzbKdG8UZ82Tvv2pven7XpK59Y9a6KRTreQPTZ8F4033nRmf1r+Trm/vEwkyrkfwAAACAXc/9EmIn8DwAAAJURc/+mMBP5HwAAACoj5v7JMNP/ElCT/F+5/v+2C2tav/6//n/r/tL/r1n//91l6/8X5wv9/8G40v69/n+g/6//r/+v/6//zwCUrf8fc//mLPP3fwAAAKiomPu3hJnI/wAAAFAZMfdfF2Yi/wMAAEBlxNz/gjCTmuR//X/9f/1//X/9/+7r1/8fTvr/ven/96H/P5PVq/9/cZDbfw36/5tbv9D/p4zK1v+Puf+FYSY1yf8AAABQBzH3Xx9mIv8DAABAZcTcf0OYifwPAAAAlRFz/9Ywk5rkf/3/K+r/p86V/n/79uv/t9P/D8eD/r/+/wbQ/+9N/78P/X+f/z9c/f82+v+UUdn6/zH3vyjMpCb5HwAAAOog5v4Xh5nI/wAAAFA+Y5d3s5j7XxJmsiL/X+YKAAAAgGsu5v4bs44ieE3+/q//7/P/9f/1//X/u69/7f3/0Uz/vzz0/3vT/+9D/1//X/9f/5+BKlv/P8/92WT20jCTmuR/AAAAqIOY+28KM5H/AQAAoDJi7v9/YSbyPwAAAFRGzP3bwkxqkv/1/yvT//9F61On/6//32v9+v8+/7/K9P970//vQ/9f/1//X/+fgSpb/z/m/pvDTGqS/wEAAKAOYu6/JcxE/gcAAIDKiLn//4eZyP8AAABQGTH3bw8zqUn+1/8vef8/Nkd9/r/+v/5/Kfv/k/r/paP/35v+fx/6//r/+v/6/wxU2fr/Mfe/LMykJvkfAAAA6iDm/peHmcj/AAAAUBkx978izET+BwAAgMqIuX8qzKQm+X89/f/GRf3/1Vzlz/+fWMPn/7fR/9f/77V+/X+f/19l+v+96f/3of+v/6//r//PQJWt/x9z/61hJjXJ/wAAAFAHMffvCDOR/wEAAKAyYu6/LcxE/gcAAIDKiLl/Z5hJTfK/z/8fiv5/pv+v/6//r/+v/782+v+96f/3of+v/6//r//PQJWt/x9z/yvDTGqS/wEAAKAOYu6/PcxE/gcAAIDKiLn/VWEm8j8AAABURsz9d4SZ1CT/6//r/+v/6//r/3dfv/7/cNL/703/vw/9f/1//X/9fwaqbP3/mPtfHWZSk/wPAAAAdRBz/51hJvI/AAAAVEbM/XeFmcj/AAAAUBkx90+HmdQk/+v/6//r/+v/6/93X7/+/3DS/+9N/78P/X/9f/1//X8Gqmz9/5j77w4zqUn+BwAAgDqIuf+eMBP5HwAAACoj5v6ZMBP5HwAAACoj5v7ZMJOa5H/9f/1//X/9/3X1/1+xfL/6/wX9/3LR/+9N/78P/X/9/2ve/x/X/6dSytb/j7l/V5hJTfI/AAAA1EHM/bvDTOR/AAAAqIyY+/eEmcj/AAAAUBkx998bZlKT/K//r/+v/6//7/P/u69f/3846f/3Nvj+f3yI+v/6//r/Pv9f/5+Vytb/j7n/vjCTmuR/AAAAqIOY+/eGmcj/AAAAUBkx9+8LM5H/AQAAoDJi7t8fZlKT/K//r/+v/6//r//fff36/8NJ/783n//fh/6//v8Q9/+bx5b+P2VTtv5/zP0Hwkxqkv8BAACgDmLuf02YifwPAAAAlRFz/6+Fmcj/AAAAUBkx9/96mElN8r/+v/6//r/+f9n7/xP6//r/66D/35v+fx/6//r/Q9z/9/n/lFHZ+v8x998fZlKT/A8AAAB1EHP/b4SZyP8AAABQGTH3vzbMRP4HAACAyoi5/2CYSU3yv/7/BvX/44X6//r/+v8+/1///6rS/+9N/78P/X/9f/1//X8Gqmz9/5j7XxdmUpP8DwAAAHUQc/8DYSbyPwAAAFRGzP2vDzOR/wEAAKAyYu5/Q5hJTfK//r/P/7/2/f/xtm3X/1++nf5/Qf9f/3899P970//vQ/9f/1//X/+fgSpb/z/m/jeGmdQk/wMAAEAdxNz/pjAT+R8AAAAqI+b+N4eZyP8AAABQGTH3vyXMpCb5X/9f///a9/99/r/+f0H/X/9/EPT/e9P/70P/X/9f/1//n4EqW/8/5v7fDDOpSf4HAACAOoi5/8EwE/kfAAAAKiPm/reGmcj/AAAAUBkx978tzKQm+V//X/9f/1//X/+/+/r1/4eT/n9vQ9b//9X14XL9/4L+f7m3f739/7GOr69K//9Hq/X/lzZ13l7/n6uhbP3/mPvfHmZSk/wPAAAAdRBz/zvCTOR/AAAAqIyY+98ZZiL/AwAAQGXE3P9bYSY1yf/6/83tWG4v6//r/+cX6P/r/+v/Dy39/96GrP/v8/876P+Xe/t9/r/+PyuVrf8fc/+7wkxqkv8BAACgDmLufyjMRP4HAACAyoi5/91hJvI/AAAAVEbM/e8JM6lJ/tf/9/n/+v/6//r/3dev/z+c9P970//vQ/9f/79s/f//1P9nuJWt/x9z/8NhJjXJ/wAAAFAHMfe/N8xE/gcAAIDKiLn/t8NM5H8AAACojJj73xdmUpP8r/8/LP3/Kf3/dfb/J8Jl+v/6//r/9aL/35v+fx/6//r/Zev/+/x/hlzZ+v8x978/zGTt+X9yzUsCAAAA10TM/b8TZlKTv/8DAABAHcTc/7thJvI/AAAAVEbM/b8XZlKT/K//Pyz9f5//n/n8f/3/jsej/6//383G9f/jmUf/X/9f/z/S/9f/1/+nU9n6/zH3/36YSU3yPwAAANRBzP0fCDOR/wEAAGAodPt/sjvF3H8ozET+BwAAgMqIuf9wmElN8r/+v/6//n9J+/9/seNffvDddxzepf+v/6//vy4b+vn/zRe/z//X/9f/T/T/9f/1/+lUtv5/zP1HwkyWg9/bfMA/AAAADLeY+/8gzKQmf/8HAACAOoi5/2iYifwPAAAAlRFz/1yYSU3yv/6//r/+f0n7/0P8+f9xfwxT/3960xD1/+NJV/+/qw3t/793uSeu/7/e/v9E10s7+/8N/f82+v/r3v7vZFmm/6//zzVUtv5/zP3zYSY1yf8AAABQByH3jxwr5vIV8j8AAABURsz9x8NM5H8AAACojJj7PxhmUpP8r/+v/6//r//v8/+7r7+0/X+f/9+T/n9v5en/d+fz//X/h3n79f/1/1mpbP3/mPsXwkxqkv8BAACgDmLu/1CYifwPAAAAlRFz/4fDTOR/AAAAqIyY+0+EmdQk/+v/6//r/+v/6/93X7/+/3DS/+9N/78P/X/9f/1//X8Gqmz9/5j7T4aZ1CT/AwAAQB3E3H8qzOT/2LuPJsvq847jt3FTzBQb77zwwt77JbAwa/sFeMHGC7vK5YWxjXNicI4454BtJRRQAAmhhHICJSSUhSSUc0AZSTUqmOd5Znr69LndM7e7z/0/n89CDzSMzkU1BfrRfDn2PwAAAAwjd//NcYv9DwAAAMPI3f/LcUuT/a//1/8P2///pP7/oOfr//X/I9P/z9P/r6H/1//r//X/bNTS+v/c/b8StzTZ/wAAANBB7v5fjVvsfwAAABhG7v5b4hb7HwAAAIaRu//X4pYm+/+y/n9n1bP/z4xX/z9S/+/9/wc+X/+v/x/Zyfb/tz3xZz79v/5f/x/0//p//T+XW1r/n7v/1+OWJvsfAAAAOsjd/xtxi/0PAAAAw8jd/5txi/0PAAAAw8jd/1txS5P97/3/3v+v/9f/6/+nn6//307e/z+vU/9/y8PX/9Jj9/7ofUd5vv5f/6//1/+zWUvr/3P3/3bc0mT/AwAAQAe5+38nbrH/AQAAYBi5+383brH/AQAAYAudnfxq7v7fi1ua7H/9v/5f/x/9/xn9v/5f/z8C/f+8Tv3/lTxf/6//1//r/9mspfX/uft/P25psv8BAACgg9z9fxC32P8AAACwXFP/IPaM3P23xi32PwAAAAwjd/+5uKXJ/tf/H3///339/3b0/97/r//X/w9B/z9P/7+G/l//r//X/7NRS+v/c/ffFrc02f8AAADQQe7+P4xb7H8AAAAYRu7+P4pb7H8AAAAYRu7+P45bmux//b/3/+v/9f/6/+nn6/+3k/5/nv5/Df3/1fbz1+r/9f/6fy51xP7/8Zk/bW+k/8/d/ydxS5P9DwAAAB3k7v/TuMX+BwAAgGHk7v+zuMX+BwAAgGHk7v/zuKXJ/tf/6//1//r/K+7/9//Ue5L+f5r+/2To/+ctpv/f2Z38sv5/6/t/7//X/+v/2WNp7//P3f8XcUuT/Q8AAAAd5O7/y7hlZv8f+W/mAwAAAKcqd/9fxS2+/w8AAABbL6uz3P1/Hbc02f/6f/2//l//7/3/08+f6//vu+Tz6f+XRf8/bzH9/wH0//r/bf78+n/9P/strf/P3f83cUuT/Q8AAAAd5O6/PW6x/wEAAGAYufv/Nm6x/wEAAGAYufv/Lm5psv+n+/+Lv13/fzj6/72fX/8//fNjU/1//jfq/2f7/xu9/78n/f88/f8a+n/9v/7/oP7/7Lofr/9nytL6/9z9fx+3NNn/AAAA0EHu/n+IW+x/AAAAGEbu/n+MW+x/AAAAGEbu/n+KW5rsf+//1//r/7ev//f+/wtO8/3/qxPv/3f1/4ek/5+n/19D/6//1//Pv/9/5t8CoP9nytL6/9z9/xy3NNn/AAAA0EHu/n+JW+x/AAAA2A6X/rMDl/8DpSF3/7/GLfY/AAAADCN3/7/FLePs/9l3der/9f/6f/2//n/6+cvq/73//7D0//P0/2vo/4+jn98drP+/46Afv4T+/9bj7v9n6P+Zsqf/v//i10+r/8/d/+9xyzj7HwAAANrL3f8fcYv9DwAAAMPI3f+fcYv9DwAAAMPI3f9fcUuT/X/s/f/Mv31A/6//1//r//X/+v9N0//P0/+vof/3/n/v/9f/s1F7+v9LnFb/n7v/v+OWJvsfAAAAOsjd/z9xi/0PAAAAw8jdf0fcYv8DAADAMHL3/2/c0mT/e/+//l//r//X/08/X/+/na6qv79G/1/0//p//b/+X//PBiyt/8/d/39xS5P9DwAAAB3k7v//uMX+BwAAgGHk7n9K3GL/AwAAwDBy9z81bmmy//X/x9v/59f1//r/lf5f/6//PxFt3/+/M/VXov0O6P8f/IVzP733K/p//b/+X/+v/+eQfnjmty2i/z9/8f9d5u5/WtzSZP8DAABAB7n7nx632P8AAAAwjNz9z4hb7H8AAAAYRu7+O+OWI+7/ueZhyfT/3v+v/9f/6/+nn6//305t+/9D8v7/NfT/+n/9v/6fjVpE/3/Jr+fuf2bc4vv/AAAAMIzc/c+KW+x/AAAAGEbu/mfHLfY/AAAADCN3/3Pilib7X/+v/9f/6//1/9PP1/9vJ/3/PP3/GtvU/995Ff3/7vSXT7ufv1qn/fn1//p/9lta/5+7/664pcn+BwAAgA5y9z83brH/AQAAYBi5+58Xt9j/AAAAMIzc/c+PW5rsf/2//l//r//X/08/X/+/nfT/8/T/q9Xq7pkPMNX/n79umf2/9/8v7vPr//X/7Le0/j93/wvilib7HwAAADrI3X933GL/AwAAwDBy998Tt9j/AAAAMIzc/S+MW5rsf/2//l//r//X/08/X/+/nfT/8/T/a2zT+//1/4v7/Pp//T/7La3/z93/orilyf4HAACADnL33xu32P8AAAAwjNz9L45b7H8AAAAYRu7+++KWJvtf/6//1//r//X/08/X/2+n4+v/V/p//b/+fw39v/5f/8/lltb/5+5/SdzSZP8DAABAB7n7Xxq32P8AAAAwjNz9L4tb7H8AAAAYRu7+l8ctTfa//l//r//X/+v/p5+v/99O3v8/T/+/hv5f/6//1/+zUdP9/62n1v/n7n9F3NJk/wMAAEAHufvvj1vsfwAAABhG7v5Xxi32PwAAAAwjd/+r4pYm+1//r//f2/+vVvp//b/+/4IT6P/PrPT/G6f/n6f/X0P/P2b/f81qoP7/7IE/Xv/PEi3t/f+5+18dtzTZ/wAAANBB7v7XxC32PwAAAAwjd/9r4xb7HwAAAIaRu/91cUuT/a//1/97/7/+X/8//Xzv/99O+v95+v819P9j9v/e/6//59Qsrf/P3f/6uKXJ/gcAAIAOcve/IW6x/wEAAGAYufvfGLfY/wAAADCM3P1vilua7H/9v/5f/6//1/9PP1//v530//P0/2vo//X/+n/9Pxu1tP4/d/+b45Ym+x8AAAA6yN3/QNxi/wMAAMAwcvc/GLfY/wAAADCM3P1viVua7H/9v/5f/7+d/f8Z/b/+X/8/aSn9/w03/NRD+n/9v/5f/6//1/93t7T+P3f/W+OWJvsfAAAAOsjd/7a4xf4HAACAYeTuf3vcYv8DAADAMHL3vyNuabL/9/f/164uFKoXTPX/0ajp/y+h/9/7+fX/0z8/vP9f/6//P35L6f+9///KPr/+X/+/zZ//SP3/j+//8fp/RrS0/j93/0NxS5P9DwAAAB3k7n9n3GL/AwAAwDBy978rbrH/AQAAYBi5+x+OW5rsf+//1//r//X/+v/p5+v/t5P+f57+fw39v/7f+/9v/rkf0v+zOUvr/3P3vztuabL/AQAAoIPc/e+JW+x/AAAAGEbu/vfGLfY/AAAADCN3//vilib7X/+v/9f/6//1/9PP1/9vJ/3/PP1/ufwP7YI+/f+ZqS+edj9/tU778w/T/3v/Pxu0tP4/d//745Ym+x8AAAA6yN3/gbjF/gcAAIBh5O7/YNxi/wMAAMAwcvd/KG5psv/1//r/8fv/n9X/X/Z8/b/+f2T6//wr+jT9/xp9+v9Jp93Pb/vn1//r/9lvaf1/7v5H4pYm+x8AAAA6yN3/4bjF/gcAAIBh5O7/SNxi/wMAAMAwcvd/NG5psv/1/736/51Vx/7f+//1//r/TvT/8/T/a+j/9f/6f/0/G7W0/j93/6M7uy33PwAAAGyrn/mJX3zksL/vo0/+55nVx+KWG1fnD/ltbAAAAGDhntj9O7ur1cef/DXf/wcAAIAR5e7/RNzSZP/r/3v1/z3f/6//1//r/zvR/8/T/6+h/9f/6//1/2zU0vr/3P2fjFsuGX67R/6jBAAAAJYkd/+n4pYm3/8HAACADnL3fzpu2bf//esAAQAAYFvl7v9M3NLk+//6/4X3/6tj6v/j99P/X6D/1/9PPV//v530//Ousv8/v6P/1//P0P/r//X/XG5p/X/u/s/GLU32PwAAAAxqz99RyN3/ubjF/gcAAIBh5O7/fNxi/wMAAMAwcvd/IW5psv/1/yfe/2eqfozv/z9bv+T9/837/9vPTD5f/6//H5n+f573/6+h/x+l/79O/6//ZxmW1v/n7v9i3NJk/wMAAEAHufu/FLfY/wAAADCM3P1fjlvsfwAAABhG7v6vxC1N9r/+f+Hv/7+i/v8Q7//X//fo/w94/jj9/49cf+6Bm37+nrv0/1x0kv1//lzQ/+v/9f8XLKj/9/5//T8Lsfn+f3fPF4/a/+fu/2rc0mT/AwAAQAe5+x+LW+x/AAAAGEbu/q/FLfY/AAAADCN3/9fjlib7X/+v/19K/5//W59C/3/uivv/s6vV6lT6/2yKu/f/3v+v/9/P+//n6f/X0P/r//X/+n82avP9/94vHrX/z93/jbilyf4HAACADnL3fzNuyf2/c+S/dQ8AAAAsTO7+b8Utvv8PAAAAw8jd/+24pcn+1//r/5fS/yfv/7/448Z6//9NFaf27P9/rH5J/3+89P/z9P9r6P/1//p//T8btbT+P3f/d+KWJvsfAAAAOsjd/3jcYv8DAADAMHL3fzdusf8BAABgGLn7vxe3NNn/+v9R+/8s4vX/+v+l9P/e/+/9/ydD/z9P/7+G/l//r//X/7NRS+v/c/f/IAAA//9GqnSo")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
rename(&(0x7f0000000000)='./file1\x00', &(0x7f00000000c0)='./file0/file0\x00')

0s ago: executing program 0 (id=898):
socket$inet(0x2, 0x4000000000000001, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='lp\x00', 0x3)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

kernel console output (not intermixed with test programs):

m3: renamed from eth3
[   76.956477][ T6778] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.959350][ T6778] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.962286][ T6778] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.962819][ T6816] BTRFS info (device loop2): setting nodatasum
[   76.965139][ T6778] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.970842][ T6816] BTRFS info (device loop2): enabling ssd optimizations
[   76.973269][ T6816] BTRFS info (device loop2): enabling free space tree
[   76.976469][ T6816] BTRFS info (device loop2): max_inline set to 0
[   76.991205][ T6778] 8021q: adding VLAN 0 to HW filter on device bond0
[   76.993158][ T5853] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   76.998477][ T1234] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.002948][ T1234] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.017526][ T6778] 8021q: adding VLAN 0 to HW filter on device team0
[   77.030518][ T1234] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.033484][ T1234] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.041301][ T1234] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.044226][ T1234] bridge0: port 2(bridge_slave_1) entered forwarding state
[   77.067039][ T6839] loop2: detected capacity change from 0 to 2048
[   77.091160][ T6839] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.120026][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.182838][ T6778] 8021q: adding VLAN 0 to HW filter on device batadv0
[   77.209866][ T6778] veth0_vlan: entered promiscuous mode
[   77.217354][ T6778] veth1_vlan: entered promiscuous mode
[   77.228597][ T6856] loop2: detected capacity change from 0 to 128
[   77.233903][ T6778] veth0_macvtap: entered promiscuous mode
[   77.237478][ T6856] FAT-fs (loop2): bogus number of reserved sectors
[   77.240146][ T6856] FAT-fs (loop2): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[   77.246397][ T6778] veth1_macvtap: entered promiscuous mode
[   77.257636][ T6778] batman_adv: batadv0: Interface activated: batadv_slave_0
[   77.261397][ T6856] FAT-fs (loop2): Can't find a valid FAT filesystem
[   77.269785][ T6778] batman_adv: batadv0: Interface activated: batadv_slave_1
[   77.280994][ T5868] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   77.286268][ T5868] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   77.294482][ T5868] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   77.297687][ T5868] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   77.331566][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.334413][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.349453][ T4484] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.352384][ T4484] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.456797][ T6873] binder: 6871:6873 unknown command 0
[   77.459078][ T6873] binder: 6871:6873 ioctl c0306201 200000000080 returned -22
[   77.465745][ T6873] binder: 6871:6873 ioctl c0306201 0 returned -14
[   77.615291][ T5884] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[   77.776776][ T5884] usb 3-1: Using ep0 maxpacket: 8
[   77.822412][ T5884] usb 3-1: unable to get BOS descriptor or descriptor too short
[   77.835748][ T5884] usb 3-1: config 4 has an invalid interface number: 147 but max is 0
[   77.839442][ T5884] usb 3-1: config 4 contains an unexpected descriptor of type 0x2, skipping
[   77.843079][ T5884] usb 3-1: config 4 has no interface number 0
[   77.850109][ T5884] usb 3-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e
[   77.854252][ T5884] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   77.858049][ T5884] usb 3-1: Product: syz
[   77.859892][ T5884] usb 3-1: Manufacturer: syz
[   77.862236][ T5884] usb 3-1: SerialNumber: syz
[   77.975390][ T5850] Bluetooth: hci2: command tx timeout
[   78.110638][ T5884] usb 3-1: Found UVC 0.02 device syz (04f2:b746)
[   78.119732][ T5884] usb 3-1: No valid video chain found.
[   78.127136][ T5884] usb 3-1: USB disconnect, device number 10
[   78.544288][   T51] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[   78.705064][   T51] usb 1-1: Using ep0 maxpacket: 32
[   78.712892][   T51] usb 1-1: config index 0 descriptor too short (expected 1051, got 27)
[   78.716876][   T51] usb 1-1: config 0 has an invalid interface number: 101 but max is 1
[   78.720662][   T51] usb 1-1: config 0 has an invalid interface number: 33 but max is 1
[   78.726390][   T51] usb 1-1: config 0 has no interface number 0
[   78.729184][   T51] usb 1-1: config 0 has no interface number 1
[   78.732494][   T51] usb 1-1: config 0 interface 101 has no altsetting 0
[   78.736948][   T51] usb 1-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=59.84
[   78.746110][   T51] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   78.752440][   T51] usb 1-1: config 0 descriptor??
[   78.766492][ T6889] loop2: detected capacity change from 0 to 1024
[   78.972617][   T51] usb 1-1: string descriptor 0 read error: -71
[   79.000848][   T51] usb 1-1: USB disconnect, device number 12
[   79.244610][ T6891] loop2: detected capacity change from 0 to 32768
[   79.253331][ T6891] XFS (loop2): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[   79.303115][ T6891] XFS (loop2): Ending clean mount
[   79.373881][ T5853] XFS (loop2): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[   79.770250][ T6905] loop3: detected capacity change from 0 to 32768
[   79.776549][ T6905] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   79.784926][ T6915] Sensor A: =================  START STATUS  =================
[   79.788293][ T6915] Sensor A: Test Pattern: 75% Colorbar
[   79.790633][ T6915] Sensor A: Show Information: All
[   79.793354][ T6915] Sensor A: Vertical Flip: false
[   79.795843][ T6915] Sensor A: Horizontal Flip: false
[   79.805825][ T6915] Sensor A: Brightness: 128
[   79.807402][ T6915] Sensor A: Contrast: 128
[   79.814454][ T5884] usb 3-1: new full-speed USB device number 11 using dummy_hcd
[   79.816132][ T6915] Sensor A: Hue: 0
[   79.817738][ T6905] XFS (loop3): Ending clean mount
[   79.819036][ T6915] Sensor A: Saturation: 128
[   79.822774][ T6905] XFS (loop3): Quotacheck needed: Please wait.
[   79.823131][ T6915] Sensor A: ==================  END STATUS  ==================
[   79.830057][ T6905] XFS (loop3): Quotacheck: Done.
[   79.852694][ T6778] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   79.854013][ T6919] loop0: detected capacity change from 0 to 8
[   79.967136][ T5884] usb 3-1: New USB device found, idVendor=13d8, idProduct=0020, bcdDevice=f7.31
[   79.971073][ T5884] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   79.976753][ T5884] usb 3-1: config 0 descriptor??
[   79.983993][ T5884] usb 3-1: selecting invalid altsetting 3
[   79.987677][ T5884] comedi comedi5: could not set alternate setting 3 in high speed
[   79.991057][ T5884] usbduxsigma 3-1:0.0: driver 'usbduxsigma' failed to auto-configure device.
[   79.999500][ T5884] usbduxsigma 3-1:0.0: probe with driver usbduxsigma failed with error -22
[   80.026178][ T6927] netlink: 4 bytes leftover after parsing attributes in process `syz.3.384'.
[   80.054532][ T5850] Bluetooth: hci2: command tx timeout
[   80.077086][ T6931] loop3: detected capacity change from 0 to 128
[   80.158490][   T51] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[   80.389339][   T51] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   80.393826][   T51] usb 1-1: New USB device found, idVendor=17ef, idProduct=60a3, bcdDevice= 0.00
[   80.400808][   T51] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.459010][   T51] usb 1-1: config 0 descriptor??
[   80.783073][ T5884] usb 3-1: USB disconnect, device number 11
[   80.873648][   T51] lenovo 0003:17EF:60A3.0005: unknown main item tag 0x0
[   80.876734][   T51] lenovo 0003:17EF:60A3.0005: unknown main item tag 0x0
[   80.879827][   T51] lenovo 0003:17EF:60A3.0005: unknown main item tag 0x0
[   80.882822][   T51] lenovo 0003:17EF:60A3.0005: unknown main item tag 0x0
[   80.886209][   T51] lenovo 0003:17EF:60A3.0005: unknown main item tag 0x0
[   80.890492][   T51] lenovo 0003:17EF:60A3.0005: hidraw0: USB HID v0.00 Device [HID 17ef:60a3] on usb-dummy_hcd.0-1/input0
[   80.994779][ T6943] loop3: detected capacity change from 0 to 2048
[   80.999078][ T6943] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   81.082746][   T10] usb 1-1: USB disconnect, device number 13
[   81.154209][ T5884] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[   81.264838][ T6953] loop3: detected capacity change from 0 to 32768
[   81.271203][ T6953] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   81.281267][ T6953] XFS (loop3): Ending clean mount
[   81.302366][ T6778] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   81.309118][ T5884] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   81.313555][ T5884] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   81.318220][ T5884] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   81.323874][ T5884] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   81.328439][ T5884] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   81.334781][ T5884] usb 3-1: config 0 descriptor??
[   81.422317][  T791] cfg80211: failed to load regulatory.db
[   81.488807][ T6969] syz.3.399: attempt to access beyond end of device
[   81.488807][ T6969] nbd3: rw=4096, sector=0, nr_sectors = 1 limit=0
[   81.494699][ T6969] XFS (nbd3): SB validate failed with error -5.
[   81.744915][ T5884] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[   81.864147][   T10] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   82.005795][ T5884] usb 3-1: USB disconnect, device number 12
[   82.014246][   T10] usb 4-1: Using ep0 maxpacket: 16
[   82.019849][   T10] usb 4-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[   82.024740][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   82.028007][   T10] usb 4-1: Product: syz
[   82.029763][   T10] usb 4-1: Manufacturer: syz
[   82.031688][   T10] usb 4-1: SerialNumber: syz
[   82.035538][   T10] usb 4-1: config 0 descriptor??
[   82.039058][   T10] ssu100 4-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[   82.134425][ T5850] Bluetooth: hci2: command tx timeout
[   82.522572][ T6987] loop0: detected capacity change from 0 to 2048
[   82.574661][ T6987]  loop0: p2 p3 < > p4 < p5 >
[   82.576660][ T6987] loop0: partition table partially beyond EOD, truncated
[   82.580021][ T6987] loop0: p3 start 4284289 is beyond EOD, truncated
[   82.844280][   T10] ssu100 4-1:0.0: probe with driver ssu100 failed with error -71
[   82.849911][   T10] usb 4-1: USB disconnect, device number 2
[   82.864175][   T24] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[   83.018165][   T24] usb 1-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[   83.022098][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   83.026224][   T24] usb 1-1: Product: syz
[   83.028062][   T24] usb 1-1: Manufacturer: syz
[   83.030092][   T24] usb 1-1: SerialNumber: syz
[   83.033152][   T24] usb 1-1: config 0 descriptor??
[   83.239214][   T24] usb 1-1: ignoring: probably an ADSL modem
[   83.372661][ T6995] loop3: detected capacity change from 0 to 512
[   83.376294][ T6995] EXT4-fs: Ignoring removed oldalloc option
[   83.390067][ T6995] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.394958][ T6995] ext4 filesystem being mounted at /24/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.406698][ T6995] EXT4-fs error (device loop3): ext4_empty_dir:3077: inode #12: comm syz.3.408: invalid size
[   83.436408][ T6778] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.492491][ T7006] loop3: detected capacity change from 0 to 512
[   83.496992][ T7006] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   83.502702][ T7006] EXT4-fs (loop3): 1 truncate cleaned up
[   83.505709][ T7006] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.533561][ T6778] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.580069][ T7002] loop2: detected capacity change from 0 to 32768
[   83.588657][ T7002] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[   83.601600][   T33] kauditd_printk_skb: 4 callbacks suppressed
[   83.601609][   T33] audit: type=1800 audit(1756147020.930:47): pid=7002 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.410" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop2" ino=9555 res=0 errno=0
[   83.621399][ T7015] cgroup: fork rejected by pids controller in /syz3
[   83.632638][ T5853] ocfs2: Unmounting device (7,2) on (node local)
[   83.640980][   T24] cxacru 1-1:0.0: usbatm_usb_probe: bind failed: -19!
[   83.844961][   T10] usb 1-1: USB disconnect, device number 14
[   83.881673][ T5868] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.930757][ T5868] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.000169][ T5868] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.039761][ T5868] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   84.109235][ T5868] bridge_slave_1: left allmulticast mode
[   84.111842][ T5868] bridge_slave_1: left promiscuous mode
[   84.114836][ T5868] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.119568][ T5868] bridge_slave_0: left allmulticast mode
[   84.127051][ T5868] bridge_slave_0: left promiscuous mode
[   84.129676][   T54] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   84.132751][   T54] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   84.135942][ T5868] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.138668][   T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   84.142148][   T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   84.146650][   T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   84.267526][ T5868] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   84.271605][ T5868] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   84.276282][ T5868] bond0 (unregistering): Released all slaves
[   84.338229][ T7033] chnl_net:caif_netlink_parms(): no params data found
[   84.383020][ T7033] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.386391][ T7033] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.389131][ T7033] bridge_slave_0: entered allmulticast mode
[   84.391923][ T7033] bridge_slave_0: entered promiscuous mode
[   84.396467][ T7033] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.399241][ T7033] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.402086][ T7033] bridge_slave_1: entered allmulticast mode
[   84.407031][ T7033] bridge_slave_1: entered promiscuous mode
[   84.428690][ T7033] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   84.433358][ T7033] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   84.448249][ T7033] team0: Port device team_slave_0 added
[   84.451601][ T7033] team0: Port device team_slave_1 added
[   84.464248][   T24] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[   84.468271][ T7033] batman_adv: batadv0: Adding interface: batadv_slave_0
[   84.470921][ T7033] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.482043][ T7033] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   84.488360][ T7033] batman_adv: batadv0: Adding interface: batadv_slave_1
[   84.490922][ T7033] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.500545][ T7033] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   84.506666][ T5868] hsr_slave_0: left promiscuous mode
[   84.509201][ T5868] hsr_slave_1: left promiscuous mode
[   84.511426][ T5868] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   84.515326][ T5868] batman_adv: batadv0: Removing interface: batadv_slave_0
[   84.518432][ T5868] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   84.521318][ T5868] batman_adv: batadv0: Removing interface: batadv_slave_1
[   84.526811][ T5868] veth1_macvtap: left promiscuous mode
[   84.528924][ T5868] veth0_macvtap: left promiscuous mode
[   84.531131][ T5868] veth1_vlan: left promiscuous mode
[   84.533338][ T5868] veth0_vlan: left promiscuous mode
[   84.604192][ T5884] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[   84.614713][ T5868] team0 (unregistering): Port device team_slave_1 removed
[   84.621364][ T5868] team0 (unregistering): Port device team_slave_0 removed
[   84.624796][   T24] usb 3-1: Using ep0 maxpacket: 16
[   84.642120][   T24] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   84.649223][   T24] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   84.656885][   T24] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[   84.660439][   T24] usb 3-1: config 0 interface 0 has no altsetting 0
[   84.662676][   T24] usb 3-1: New USB device found, idVendor=0458, idProduct=0153, bcdDevice= 0.00
[   84.666280][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   84.670211][   T24] usb 3-1: config 0 descriptor??
[   84.723007][ T7033] hsr_slave_0: entered promiscuous mode
[   84.726186][ T7033] hsr_slave_1: entered promiscuous mode
[   84.728921][ T7033] debugfs: 'hsr0' already exists in 'hsr'
[   84.731407][ T7033] Cannot create hsr debugfs directory
[   84.754946][ T5884] usb 1-1: Using ep0 maxpacket: 16
[   84.765576][ T5884] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   84.770211][ T5884] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   84.774353][ T5884] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   84.779985][ T5884] usb 1-1: New USB device found, idVendor=045e, idProduct=fc40, bcdDevice=72.a8
[   84.783630][ T5884] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   84.791853][ T5884] usb 1-1: config 0 descriptor??
[   85.090991][   T24] kye 0003:0458:0153.0007: unexpected long global item
[   85.093678][   T24] kye 0003:0458:0153.0007: parse failed
[   85.095902][   T24] kye 0003:0458:0153.0007: probe with driver kye failed with error -22
[   85.099805][ T7033] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   85.104175][ T7033] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   85.107489][ T7033] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   85.110776][ T7033] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   85.136638][ T7033] 8021q: adding VLAN 0 to HW filter on device bond0
[   85.142809][ T7033] 8021q: adding VLAN 0 to HW filter on device team0
[   85.147107][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.149631][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[   85.154718][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.157051][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.170810][ T7033] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   85.175515][ T7033] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   85.200751][ T5884] hid-generic 0003:045E:FC40.0008: hidraw0: USB HID v0.00 Device [HID 045e:fc40] on usb-dummy_hcd.0-1/input0
[   85.227453][ T7033] 8021q: adding VLAN 0 to HW filter on device batadv0
[   85.242329][ T7033] veth0_vlan: entered promiscuous mode
[   85.246413][ T7033] veth1_vlan: entered promiscuous mode
[   85.259130][ T7033] veth0_macvtap: entered promiscuous mode
[   85.262622][ T7033] veth1_macvtap: entered promiscuous mode
[   85.270853][ T7033] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.276687][ T7033] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.282420][ T5868] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.286187][ T5868] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.289035][ T5868] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.289524][ T5914] usb 3-1: USB disconnect, device number 13
[   85.291705][ T5868] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.313645][   T32] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.317666][   T32] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.326947][   T32] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.330118][   T32] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.382561][ T7060] nbd: nbd3 already in use
[   85.403807][   T10] usb 1-1: USB disconnect, device number 15
[   85.644255][   T24] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[   85.806900][   T24] usb 4-1: config 0 has an invalid interface number: 133 but max is 0
[   85.814652][   T24] usb 4-1: config 0 has no interface number 0
[   85.817264][   T24] usb 4-1: config 0 interface 133 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[   85.827433][   T24] usb 4-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d
[   85.831273][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   85.835237][   T24] usb 4-1: Product: syz
[   85.837016][   T24] usb 4-1: Manufacturer: syz
[   85.838980][   T24] usb 4-1: SerialNumber: syz
[   85.841902][   T24] usb 4-1: config 0 descriptor??
[   85.955013][ T7068] loop0: detected capacity change from 0 to 512
[   85.958740][ T7068] EXT4-fs (loop0): Test dummy encryption mode enabled
[   85.962859][ T7068] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[   85.968852][ T7068] EXT4-fs (loop0): Errors on filesystem, clearing orphan list.
[   85.972543][ T7068] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.993994][ T5847] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.050760][   T24] keyspan 4-1:0.133: Keyspan 1 port adapter converter detected
[   86.054407][   T10] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[   86.056024][   T24] keyspan 4-1:0.133: found no endpoint descriptor for endpoint 81
[   86.060237][   T24] keyspan 4-1:0.133: found no endpoint descriptor for endpoint 1
[   86.063019][   T24] keyspan 4-1:0.133: found no endpoint descriptor for endpoint 2
[   86.066570][   T24] usb 4-1: Keyspan 1 port adapter converter now attached to ttyUSB0
[   86.069824][   T24] usb 4-1: USB disconnect, device number 3
[   86.072505][   T24] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0
[   86.077138][   T24] keyspan 4-1:0.133: device disconnected
[   86.189357][ T7077] loop0: detected capacity change from 0 to 32768
[   86.193110][ T7077] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.435 (7077)
[   86.199670][ T7077] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[   86.202990][ T7077] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[   86.206231][   T10] usb 3-1: unable to get BOS descriptor or descriptor too short
[   86.210185][   T10] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[   86.213710][   T10] usb 3-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[   86.214429][ T7077] BTRFS info (device loop0): enabling ssd optimizations
[   86.219941][   T10] usb 3-1: config 1 interface 0 has no altsetting 1
[   86.221779][   T54] Bluetooth: hci2: command tx timeout
[   86.222134][ T7077] BTRFS info (device loop0): enabling free space tree
[   86.230631][ T7077] BTRFS info (device loop0): use zstd compression, level 3
[   86.234912][   T10] usb 3-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[   86.238581][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   86.244352][   T10] usb 3-1: Product: syz
[   86.246234][   T10] usb 3-1: Manufacturer: syz
[   86.248032][   T10] usb 3-1: SerialNumber: syz
[   86.255149][   T33] audit: type=1800 audit(1756147023.590:48): pid=7077 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.435" name="file1" dev="loop0" ino=260 res=0 errno=0
[   86.255841][   T10] smsusb:smsusb_probe: board id=8, interface number 0
[   86.292546][ T5847] BTRFS info (device loop0): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[   86.457536][   T10] smsusb:smsusb_probe: Device initialized with return code -19
[   86.604322][ T5914] usb 1-1: new full-speed USB device number 16 using dummy_hcd
[   86.664363][   T10] usb 3-1: USB disconnect, device number 14
[   86.755708][ T5914] usb 1-1: config 0 has an invalid interface number: 122 but max is 0
[   86.758923][ T5914] usb 1-1: config 0 has no interface number 0
[   86.761207][ T5914] usb 1-1: config 0 interface 122 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[   86.767877][ T5914] usb 1-1: New USB device found, idVendor=0f11, idProduct=1020, bcdDevice=90.16
[   86.771517][ T5914] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   86.775779][ T5914] usb 1-1: Product: syz
[   86.777570][ T5914] usb 1-1: Manufacturer: syz
[   86.779502][ T5914] usb 1-1: SerialNumber: syz
[   86.782679][ T5914] usb 1-1: config 0 descriptor??
[   86.785799][ T7094] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   86.789697][ T5914] ldusb 1-1:0.122: Interrupt in endpoint not found
[   86.824844][   T24] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[   86.974194][   T24] usb 4-1: Using ep0 maxpacket: 16
[   86.978107][   T24] usb 4-1: config 0 has an invalid interface number: 214 but max is 0
[   86.981510][   T24] usb 4-1: config 0 has no interface number 0
[   86.984751][   T24] usb 4-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64
[   86.996775][   T24] usb 4-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[   86.997690][   T10] usb 1-1: USB disconnect, device number 16
[   87.000689][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   87.006954][   T24] usb 4-1: Product: syz
[   87.008807][   T24] usb 4-1: Manufacturer: syz
[   87.010898][   T24] usb 4-1: SerialNumber: syz
[   87.014169][   T24] usb 4-1: config 0 descriptor??
[   87.218189][   T51] hid-generic 0005:10CF:0009.0009: unknown main item tag 0x0
[   87.223174][   T51] hid-generic 0005:10CF:0009.0009: hidraw0: BLUETOOTH HID v0.09 Device [syz1] on aa:aa:aa:aa:aa:aa
[   87.625728][   T24] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.214/input/input12
[   87.700667][ T7105] loop0: detected capacity change from 0 to 32768
[   87.705160][ T7105] BTRFS error: device /dev/loop0 has incomplete metadata_uuid change, please use btrfstune to complete
[   87.820936][ T7107] ieee802154 phy0 wpan0: encryption failed: -22
[   87.846519][   T10] usb 4-1: USB disconnect, device number 4
[   87.990557][ T7109] loop0: detected capacity change from 0 to 32768
[   87.994778][ T7109] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[   87.998521][ T7109] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   88.017690][ T7109] XFS (loop0): Ending clean mount
[   88.020726][ T7109] XFS (loop0): Quotacheck needed: Please wait.
[   88.026938][ T7109] XFS (loop0): Quotacheck: Done.
[   88.053014][ T5847] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   88.097471][ T7119] loop2: detected capacity change from 0 to 65
[   88.100934][ T7119] BFS-fs: bfs_fill_super(): NOTE: filesystem loop2 was created with 512 inodes, the real maximum is 511, mounting anyway
[   88.137901][ T7123] dummy0: entered promiscuous mode
[   88.144741][ T7123] dummy0: left promiscuous mode
[   88.265611][ T7127] loop0: detected capacity change from 0 to 40427
[   88.269852][ T7127] F2FS-fs (loop0): invalid crc value
[   88.271712][ T7127] F2FS-fs (loop0): Wrong cp_pack_start_sum: 1
[   88.274406][ T7127] F2FS-fs (loop0): Failed to get valid F2FS checkpoint
[   88.290790][ T7131] loop2: detected capacity change from 0 to 32768
[   88.293731][ T7131] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.449 (7131)
[   88.300002][ T7131] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   88.303633][ T7131] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[   88.305117][   T54] Bluetooth: hci2: command tx timeout
[   88.323632][ T7131] BTRFS info (device loop2): enabling ssd optimizations
[   88.326828][ T7131] BTRFS info (device loop2): enabling free space tree
[   88.329497][ T7131] BTRFS info (device loop2): force zlib compression, level 3
[   88.363925][ T5853] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   88.410754][ T7150] loop3: detected capacity change from 0 to 4096
[   88.413289][ T7150] EXT4-fs: Conflicting test_dummy_encryption options
[   88.647851][ T5884] usb 1-1: new full-speed USB device number 17 using dummy_hcd
[   88.797403][ T5884] usb 1-1: config 1 has an invalid interface number: 35 but max is 0
[   88.805946][ T5884] usb 1-1: config 1 has no interface number 0
[   88.808475][ T5884] usb 1-1: config 1 interface 35 altsetting 0 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[   88.815785][ T5884] usb 1-1: New USB device found, idVendor=17cc, idProduct=1000, bcdDevice=2d.0a
[   88.820182][ T5884] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   88.823437][ T5884] usb 1-1: Product: syz
[   88.827517][ T5884] usb 1-1: Manufacturer: syz
[   88.829419][ T5884] usb 1-1: SerialNumber: syz
[   89.055385][ T5884] snd-usb-audio 1-1:1.35: probe with driver snd-usb-audio failed with error -71
[   89.060905][ T5884] usb 1-1: USB disconnect, device number 17
[   89.159700][ T7169] loop3: detected capacity change from 0 to 32768
[   89.164681][ T7169] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.459 (7169)
[   89.172774][ T7169] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   89.178011][ T7169] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[   89.222006][ T7169] BTRFS info (device loop3): rebuilding free space tree
[   89.232353][ T7169] BTRFS info (device loop3): enabling ssd optimizations
[   89.235320][ T7169] BTRFS info (device loop3): using spread ssd allocation scheme
[   89.238777][ T7169] BTRFS info (device loop3): enabling free space tree
[   89.241519][ T7169] BTRFS info (device loop3): force clearing of disk cache
[   89.318858][ T7033] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   89.574242][ T7196] Bluetooth: MGMT ver 1.23
[   89.673673][ T7197] loop0: detected capacity change from 0 to 32768
[   89.676972][ T7197] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.464 (7197)
[   89.682855][ T7197] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   89.686917][ T7197] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[   89.725991][ T7198] loop3: detected capacity change from 0 to 32768
[   89.733426][ T7198] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   89.757778][ T7202] loop2: detected capacity change from 0 to 40427
[   89.757875][ T7198] XFS (loop3): Ending clean mount
[   89.760813][ T7197] BTRFS info (device loop0): rebuilding free space tree
[   89.763109][ T7198] XFS (loop3): Quotacheck needed: Please wait.
[   89.764634][ T7202] F2FS-fs (loop2): build fault injection rate: 14
[   89.771121][ T7198] XFS (loop3): Quotacheck: Done.
[   89.771134][ T7197] BTRFS info (device loop0): enabling ssd optimizations
[   89.784137][ T7197] BTRFS info (device loop0): using spread ssd allocation scheme
[   89.787223][ T7202] F2FS-fs (loop2): build fault injection type: 0x3bfe8c
[   89.790541][ T7197] BTRFS info (device loop0): enabling free space tree
[   89.793186][ T7197] BTRFS info (device loop0): force clearing of disk cache
[   89.796742][ T7202] F2FS-fs (loop2): invalid crc value
[   89.804765][    C1] F2FS-fs (loop2): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[   89.811802][    C1] F2FS-fs (loop2): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[   89.835366][ T7033] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   89.848944][ T7202] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   89.855421][ T7202] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[   89.861003][ T7202] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   89.870453][ T5868] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[   89.905561][ T7197] syz.0.464 (7197) used greatest stack depth: 17904 bytes left
[   89.923787][ T5847] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   89.929550][ T7202] F2FS-fs (loop2): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[   89.944595][ T7202] F2FS-fs (loop2): inject inconsistent footer in sanity_check_node_footer of f2fs_get_dnode_of_data+0xab1/0x1cf0
[   89.949750][ T7231] loop3: detected capacity change from 0 to 2048
[   89.952769][ T7231] EXT4-fs: Ignoring removed nobh option
[   89.955549][ T7202] F2FS-fs (loop2): inconsistent node block, node_type:0, nid:13, node_footer[nid:13,ino:3,ofs:191623,cpver:0,blkaddr:0]
[   89.973573][ T7231] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   89.985072][    C0] F2FS-fs (loop2): inject write IO error in f2fs_write_end_io of blk_update_request+0x57e/0xe60
[   89.989500][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Not tainted syzkaller #0 PREEMPT(full) 
[   89.989516][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   89.989524][    C0] Call Trace:
[   89.989535][    C0]  <TASK>
[   89.989540][    C0]  dump_stack_lvl+0x189/0x250
[   89.989557][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[   89.989571][    C0]  ? __pfx_queue_work_on+0x10/0x10
[   89.989582][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   89.989598][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   89.989615][    C0]  f2fs_handle_critical_error+0x37c/0x540
[   89.989631][    C0]  f2fs_write_end_io+0x886/0xb60
[   89.989645][    C0]  blk_update_request+0x57e/0xe60
[   89.989661][    C0]  blk_mq_end_request+0x3e/0x70
[   89.989673][    C0]  blk_done_softirq+0x10a/0x160
[   89.989686][    C0]  handle_softirqs+0x286/0x870
[   89.989699][    C0]  ? run_ksoftirqd+0x9b/0x100
[   89.989713][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[   89.989724][    C0]  ? schedule+0x91/0x360
[   89.989736][    C0]  ? rcu_is_watching+0x15/0xb0
[   89.989748][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[   89.989760][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[   89.989770][    C0]  run_ksoftirqd+0x9b/0x100
[   89.989782][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[   89.989797][    C0]  smpboot_thread_fn+0x542/0xa60
[   89.989807][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[   89.989820][    C0]  kthread+0x711/0x8a0
[   89.989834][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[   89.989845][    C0]  ? __pfx_kthread+0x10/0x10
[   89.989858][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[   89.989872][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[   89.989886][    C0]  ? __pfx_kthread+0x10/0x10
[   89.989899][    C0]  ret_from_fork+0x3fc/0x770
[   89.989912][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[   89.989925][    C0]  ? __switch_to_asm+0x39/0x70
[   89.989938][    C0]  ? __switch_to_asm+0x33/0x70
[   89.989951][    C0]  ? __pfx_kthread+0x10/0x10
[   89.989964][    C0]  ret_from_fork_asm+0x1a/0x30
[   89.989982][    C0]  </TASK>
[   89.989987][    C0] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   90.012102][ T7231] ext4 filesystem being mounted at /14/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   90.012578][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Not tainted syzkaller #0 PREEMPT(full) 
[   90.012593][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   90.012601][    C0] Call Trace:
[   90.012607][    C0]  <TASK>
[   90.012612][    C0]  dump_stack_lvl+0x189/0x250
[   90.012629][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[   90.012642][    C0]  ? __pfx_queue_work_on+0x10/0x10
[   90.012654][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   90.012669][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   90.012687][    C0]  f2fs_handle_critical_error+0x37c/0x540
[   90.012705][    C0]  f2fs_write_end_io+0x886/0xb60
[   90.012720][    C0]  blk_update_request+0x57e/0xe60
[   90.012738][    C0]  blk_mq_end_request+0x3e/0x70
[   90.012751][    C0]  blk_done_softirq+0x10a/0x160
[   90.012764][    C0]  handle_softirqs+0x286/0x870
[   90.012777][    C0]  ? run_ksoftirqd+0x9b/0x100
[   90.012791][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[   90.012802][    C0]  ? schedule+0x91/0x360
[   90.012814][    C0]  ? rcu_is_watching+0x15/0xb0
[   90.012826][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[   90.012838][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[   90.012849][    C0]  run_ksoftirqd+0x9b/0x100
[   90.012861][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[   90.012875][    C0]  smpboot_thread_fn+0x542/0xa60
[   90.012886][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[   90.012899][    C0]  kthread+0x711/0x8a0
[   90.012913][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[   90.012924][    C0]  ? __pfx_kthread+0x10/0x10
[   90.012938][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[   90.012951][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[   90.012965][    C0]  ? __pfx_kthread+0x10/0x10
[   90.012978][    C0]  ret_from_fork+0x3fc/0x770
[   90.012990][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[   90.013003][    C0]  ? __switch_to_asm+0x39/0x70
[   90.013017][    C0]  ? __switch_to_asm+0x33/0x70
[   90.013030][    C0]  ? __pfx_kthread+0x10/0x10
[   90.013070][    C0]  ret_from_fork_asm+0x1a/0x30
[   90.013089][    C0]  </TASK>
[   90.013094][    C0] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   90.019539][   T33] audit: type=1800 audit(1756147027.350:49): pid=7231 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.468" name="file0" dev="loop3" ino=13 res=0 errno=0
[   90.021130][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Not tainted syzkaller #0 PREEMPT(full) 
[   90.021145][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   90.021152][    C0] Call Trace:
[   90.021157][    C0]  <TASK>
[   90.021162][    C0]  dump_stack_lvl+0x189/0x250
[   90.021180][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[   90.021193][    C0]  ? __pfx_queue_work_on+0x10/0x10
[   90.021204][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   90.021219][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   90.021236][    C0]  f2fs_handle_critical_error+0x37c/0x540
[   90.021253][    C0]  f2fs_write_end_io+0x886/0xb60
[   90.021269][    C0]  blk_update_request+0x57e/0xe60
[   90.021285][    C0]  blk_mq_end_request+0x3e/0x70
[   90.021298][    C0]  blk_done_softirq+0x10a/0x160
[   90.021311][    C0]  handle_softirqs+0x286/0x870
[   90.021324][    C0]  ? run_ksoftirqd+0x9b/0x100
[   90.021337][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[   90.021348][    C0]  ? schedule+0x91/0x360
[   90.021361][    C0]  ? rcu_is_watching+0x15/0xb0
[   90.021392][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[   90.021405][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[   90.021415][    C0]  run_ksoftirqd+0x9b/0x100
[   90.021426][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[   90.021441][    C0]  smpboot_thread_fn+0x542/0xa60
[   90.021458][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[   90.021472][    C0]  kthread+0x711/0x8a0
[   90.021486][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[   90.021497][    C0]  ? __pfx_kthread+0x10/0x10
[   90.021511][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[   90.021524][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[   90.021545][    C0]  ? __pfx_kthread+0x10/0x10
[   90.021559][    C0]  ret_from_fork+0x3fc/0x770
[   90.021571][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[   90.021584][    C0]  ? __switch_to_asm+0x39/0x70
[   90.021597][    C0]  ? __switch_to_asm+0x33/0x70
[   90.021610][    C0]  ? __pfx_kthread+0x10/0x10
[   90.021623][    C0]  ret_from_fork_asm+0x1a/0x30
[   90.021641][    C0]  </TASK>
[   90.021645][    C0] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   90.252177][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Not tainted syzkaller #0 PREEMPT(full) 
[   90.252193][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   90.252199][    C0] Call Trace:
[   90.252205][    C0]  <TASK>
[   90.252210][    C0]  dump_stack_lvl+0x189/0x250
[   90.252228][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[   90.252239][    C0]  ? __pfx_queue_work_on+0x10/0x10
[   90.252250][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   90.252268][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   90.252282][    C0]  f2fs_handle_critical_error+0x37c/0x540
[   90.252297][    C0]  f2fs_write_end_io+0x886/0xb60
[   90.252310][    C0]  blk_update_request+0x57e/0xe60
[   90.252325][    C0]  blk_mq_end_request+0x3e/0x70
[   90.252337][    C0]  blk_done_softirq+0x10a/0x160
[   90.252348][    C0]  handle_softirqs+0x286/0x870
[   90.252358][    C0]  ? run_ksoftirqd+0x9b/0x100
[   90.252370][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[   90.252380][    C0]  ? schedule+0x91/0x360
[   90.252390][    C0]  ? rcu_is_watching+0x15/0xb0
[   90.252401][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[   90.252411][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[   90.252420][    C0]  run_ksoftirqd+0x9b/0x100
[   90.252430][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[   90.252442][    C0]  smpboot_thread_fn+0x542/0xa60
[   90.252452][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[   90.252462][    C0]  kthread+0x711/0x8a0
[   90.252475][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[   90.252484][    C0]  ? __pfx_kthread+0x10/0x10
[   90.252495][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[   90.252507][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[   90.252519][    C0]  ? __pfx_kthread+0x10/0x10
[   90.252530][    C0]  ret_from_fork+0x3fc/0x770
[   90.252540][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[   90.252550][    C0]  ? __switch_to_asm+0x39/0x70
[   90.252562][    C0]  ? __switch_to_asm+0x33/0x70
[   90.252573][    C0]  ? __pfx_kthread+0x10/0x10
[   90.252585][    C0]  ret_from_fork_asm+0x1a/0x30
[   90.252600][    C0]  </TASK>
[   90.252604][    C0] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   90.328395][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Not tainted syzkaller #0 PREEMPT(full) 
[   90.328411][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   90.328417][    C0] Call Trace:
[   90.328422][    C0]  <TASK>
[   90.328426][    C0]  dump_stack_lvl+0x189/0x250
[   90.328442][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[   90.328453][    C0]  ? __pfx_queue_work_on+0x10/0x10
[   90.328462][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   90.328476][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   90.328490][    C0]  f2fs_handle_critical_error+0x37c/0x540
[   90.328506][    C0]  f2fs_write_end_io+0x886/0xb60
[   90.328519][    C0]  blk_update_request+0x57e/0xe60
[   90.328534][    C0]  blk_mq_end_request+0x3e/0x70
[   90.328545][    C0]  blk_done_softirq+0x10a/0x160
[   90.328557][    C0]  handle_softirqs+0x286/0x870
[   90.328567][    C0]  ? run_ksoftirqd+0x9b/0x100
[   90.328579][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[   90.328588][    C0]  ? schedule+0x91/0x360
[   90.328598][    C0]  ? rcu_is_watching+0x15/0xb0
[   90.328609][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[   90.328619][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[   90.328628][    C0]  run_ksoftirqd+0x9b/0x100
[   90.328639][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[   90.328651][    C0]  smpboot_thread_fn+0x542/0xa60
[   90.328660][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[   90.328671][    C0]  kthread+0x711/0x8a0
[   90.328684][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[   90.328693][    C0]  ? __pfx_kthread+0x10/0x10
[   90.328705][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[   90.328716][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[   90.328728][    C0]  ? __pfx_kthread+0x10/0x10
[   90.328739][    C0]  ret_from_fork+0x3fc/0x770
[   90.328750][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[   90.328761][    C0]  ? __switch_to_asm+0x39/0x70
[   90.328772][    C0]  ? __switch_to_asm+0x33/0x70
[   90.328784][    C0]  ? __pfx_kthread+0x10/0x10
[   90.328795][    C0]  ret_from_fork_asm+0x1a/0x30
[   90.328810][    C0]  </TASK>
[   90.328814][    C0] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   90.384293][   T54] Bluetooth: hci2: command tx timeout
[   90.395776][ T5853] F2FS-fs (loop2): do_checkpoint failed err:-5, stop checkpoint
[   90.399533][ T7033] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.508335][ T7265] loop3: detected capacity change from 0 to 8
[   90.553412][ T7267] netlink: 20 bytes leftover after parsing attributes in process `syz.3.483'.
[   90.646782][ T7263] loop0: detected capacity change from 0 to 32768
[   90.651429][ T7263] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.481 (7263)
[   90.658856][ T7263] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   90.663173][ T7263] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[   90.690556][ T7263] BTRFS info (device loop0): enabling free space tree
[   90.722238][ T5847] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   91.280148][ T7327] loop0: detected capacity change from 0 to 40427
[   91.311964][ T7327] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   91.316861][ T7327] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   91.349206][ T5847] syz-executor: attempt to access beyond end of device
[   91.349206][ T5847] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   91.355221][ T5847] CPU: 0 UID: 0 PID: 5847 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[   91.355238][ T5847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   91.355246][ T5847] Call Trace:
[   91.355250][ T5847]  <TASK>
[   91.355255][ T5847]  dump_stack_lvl+0x189/0x250
[   91.355275][ T5847]  ? __pfx_dump_stack_lvl+0x10/0x10
[   91.355288][ T5847]  ? __pfx_queue_work_on+0x10/0x10
[   91.355300][ T5847]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   91.355316][ T5847]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   91.355334][ T5847]  f2fs_handle_critical_error+0x37c/0x540
[   91.355353][ T5847]  f2fs_write_end_io+0x886/0xb60
[   91.355370][ T5847]  __submit_merged_bio+0x27a/0x6a0
[   91.355388][ T5847]  __submit_merged_write_cond+0x255/0x530
[   91.355405][ T5847]  f2fs_write_data_pages+0x261d/0x3000
[   91.355433][ T5847]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   91.355454][ T5847]  ? arch_stack_walk+0xfc/0x150
[   91.355477][ T5847]  ? __mod_zone_page_state+0xd7/0x140
[   91.355501][ T5847]  ? folios_put_refs+0x560/0x640
[   91.355516][ T5847]  ? __pfx_folios_put_refs+0x10/0x10
[   91.355528][ T5847]  ? rcu_is_watching+0x15/0xb0
[   91.355540][ T5847]  ? lru_add+0xa2f/0xd80
[   91.355551][ T5847]  ? lru_add+0x198/0xd80
[   91.355563][ T5847]  ? do_raw_spin_lock+0x121/0x290
[   91.355582][ T5847]  ? do_raw_spin_unlock+0x4d/0x240
[   91.355595][ T5847]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   91.355612][ T5847]  do_writepages+0x32e/0x550
[   91.355627][ T5847]  ? rcu_is_watching+0x15/0xb0
[   91.355639][ T5847]  ? do_raw_spin_unlock+0x4d/0x240
[   91.355657][ T5847]  filemap_fdatawrite+0x199/0x240
[   91.355674][ T5847]  ? __pfx_filemap_fdatawrite+0x10/0x10
[   91.355701][ T5847]  ? rcu_is_watching+0x15/0xb0
[   91.355714][ T5847]  ? do_raw_spin_unlock+0x4d/0x240
[   91.355729][ T5847]  f2fs_sync_dirty_inodes+0x31f/0x830
[   91.355745][ T5847]  f2fs_write_checkpoint+0x95a/0x1df0
[   91.355764][ T5847]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[   91.355790][ T5847]  ? kill_f2fs_super+0x298/0x6c0
[   91.355804][ T5847]  kill_f2fs_super+0x2c3/0x6c0
[   91.355816][ T5847]  ? __pfx_kill_f2fs_super+0x10/0x10
[   91.355827][ T5847]  ? radix_tree_delete_item+0x2b6/0x400
[   91.355845][ T5847]  ? shrinker_free+0x2ce/0x3e0
[   91.355859][ T5847]  deactivate_locked_super+0xbc/0x130
[   91.355872][ T5847]  cleanup_mnt+0x425/0x4c0
[   91.355887][ T5847]  task_work_run+0x1d4/0x260
[   91.355904][ T5847]  ? __pfx_task_work_run+0x10/0x10
[   91.355918][ T5847]  ? __x64_sys_umount+0x122/0x160
[   91.355933][ T5847]  ? __pfx___x64_sys_umount+0x10/0x10
[   91.355948][ T5847]  ? rcu_is_watching+0x15/0xb0
[   91.355960][ T5847]  exit_to_user_mode_loop+0xec/0x110
[   91.355977][ T5847]  do_syscall_64+0x2bd/0x3b0
[   91.355993][ T5847]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.356005][ T5847]  ? exc_page_fault+0x9f/0xf0
[   91.356020][ T5847]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.356058][ T5847] RIP: 0033:0x7ff83bd8ff17
[   91.356069][ T5847] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[   91.356079][ T5847] RSP: 002b:00007ffc41283758 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   91.356093][ T5847] RAX: 0000000000000000 RBX: 00007ff83be11c05 RCX: 00007ff83bd8ff17
[   91.356102][ T5847] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc41283810
[   91.356109][ T5847] RBP: 00007ffc41283810 R08: 0000000000000000 R09: 0000000000000000
[   91.356117][ T5847] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc412848a0
[   91.356125][ T5847] R13: 00007ff83be11c05 R14: 0000000000016438 R15: 00007ffc412848e0
[   91.356139][ T5847]  </TASK>
[   91.356144][ T5847] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[   92.865868][   T54] Bluetooth: hci2: command tx timeout
[   93.118445][ T7342] loop0: detected capacity change from 0 to 1764
[   93.550398][ T7341] iso9660: Corrupted directory entry in block 2 of inode 1920
[   93.605058][   T33] audit: type=1326 audit(1756147030.940:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7347 comm="syz.2.506" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0f2f8ebe9 code=0x7ffc0000
[   93.630123][   T33] audit: type=1326 audit(1756147030.940:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7347 comm="syz.2.506" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0f2f8ebe9 code=0x7ffc0000
[   93.648587][   T33] audit: type=1326 audit(1756147030.950:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7347 comm="syz.2.506" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe0f2f8ebe9 code=0x7ffc0000
[   93.817982][   T33] audit: type=1326 audit(1756147030.950:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7347 comm="syz.2.506" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0f2f8ebe9 code=0x7ffc0000
[   93.825774][   T33] audit: type=1326 audit(1756147030.950:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7347 comm="syz.2.506" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0f2f8ebe9 code=0x7ffc0000
[   93.836637][   T33] audit: type=1326 audit(1756147030.950:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7347 comm="syz.2.506" exe="/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fe0f2f8ebe9 code=0x7ffc0000
[   93.843734][   T33] audit: type=1326 audit(1756147030.950:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7347 comm="syz.2.506" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0f2f8ebe9 code=0x7ffc0000
[   93.851394][   T33] audit: type=1326 audit(1756147030.950:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7347 comm="syz.2.506" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0f2f8ebe9 code=0x7ffc0000
[   93.862817][   T33] audit: type=1326 audit(1756147030.950:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7347 comm="syz.2.506" exe="/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fe0f2f8ebe9 code=0x7ffc0000
[   93.886530][ T7356] loop2: detected capacity change from 0 to 512
[   93.916174][ T7356] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   93.921273][ T7356] ext4 filesystem being mounted at /168/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.971709][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.196043][ T7363] loop2: detected capacity change from 0 to 64
[   94.251121][ T7365] loop2: detected capacity change from 0 to 1024
[   94.270707][ T7365] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   94.301559][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.780407][ T7371] loop2: detected capacity change from 0 to 32768
[   94.823791][ T7371] XFS (loop2): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[   94.866077][ T7371] XFS (loop2): Ending clean mount
[   94.916966][ T5853] XFS (loop2): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[   95.404118][   T10] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[   95.566151][   T10] usb 3-1: config 0 has an invalid interface number: 85 but max is 0
[   95.569867][   T10] usb 3-1: config 0 has no interface number 0
[   95.572609][   T10] usb 3-1: config 0 interface 85 altsetting 151 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   95.577552][   T10] usb 3-1: config 0 interface 85 altsetting 151 endpoint 0x81 has invalid wMaxPacketSize 0
[   95.581015][   T10] usb 3-1: config 0 interface 85 has no altsetting 0
[   95.583280][   T10] usb 3-1: New USB device found, idVendor=1d34, idProduct=0004, bcdDevice= 0.00
[   95.587132][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.590755][   T10] usb 3-1: config 0 descriptor??
[   95.684950][ T7391] loop3: detected capacity change from 0 to 32768
[   95.847667][ T7404] loop3: detected capacity change from 0 to 128
[   95.902559][ T7400] loop0: detected capacity change from 0 to 32768
[   95.911933][ T7400] ERROR: (device loop0): dbAlloc: unable to allocate blocks
[   95.911933][ T7400] 
[   95.998015][ T7416] netlink: 'syz.3.530': attribute type 1 has an invalid length.
[   96.001813][   T10] hid-led 0003:1D34:0004.000A: unknown main item tag 0x0
[   96.004624][ T7416] netlink: 'syz.3.530': attribute type 11 has an invalid length.
[   96.007406][ T7416] netlink: 224 bytes leftover after parsing attributes in process `syz.3.530'.
[   96.010658][   T10] hid-led 0003:1D34:0004.000A: unknown main item tag 0x0
[   96.013248][   T10] hid-led 0003:1D34:0004.000A: unknown main item tag 0x0
[   96.021958][   T10] hid-led 0003:1D34:0004.000A: unknown main item tag 0x0
[   96.030268][   T10] hid-led 0003:1D34:0004.000A: unknown main item tag 0x0
[   96.032729][   T10] hid-led 0003:1D34:0004.000A: unknown main item tag 0x0
[   96.035917][   T10] hid-led 0003:1D34:0004.000A: unknown main item tag 0x0
[   96.140218][ T7418] loop0: detected capacity change from 0 to 32768
[   96.143626][ T7418] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.531 (7418)
[   96.152082][ T7418] BTRFS info (device loop0): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[   96.156473][ T7418] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[   96.168804][ T7418] BTRFS info (device loop0): enabling ssd optimizations
[   96.171580][ T7418] BTRFS info (device loop0): enabling free space tree
[   96.177802][   T33] kauditd_printk_skb: 4 callbacks suppressed
[   96.177810][   T33] audit: type=1800 audit(1756147033.510:63): pid=7418 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.531" name="file2" dev="loop0" ino=261 res=0 errno=0
[   96.192508][ T5847] BTRFS info (device loop0): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[   96.201613][   T10] hid-led 0003:1D34:0004.000A: hidraw1: USB HID v0.00 Device [HID 1d34:0004] on usb-dummy_hcd.2-1/input85
[   96.206686][   T10] hid-led 0003:1D34:0004.000A: Dream Cheeky Webmail Notifier initialized
[   96.270584][ T7440] netlink: 8 bytes leftover after parsing attributes in process `syz.0.533'.
[   96.309262][ T7438] loop3: detected capacity change from 0 to 32768
[   96.312141][ T7438] XFS: ikeep mount option is deprecated.
[   96.322216][ T7438] XFS (loop3): Invalid superblock magic number
[   96.341168][ T7442] loop0: detected capacity change from 0 to 16384
[   96.358880][ T7442] bcachefs (loop0): starting version 1.13: inode_has_child_snapshots opts=metadata_checksum=none,data_checksum=none,norecovery,reconstruct_alloc,version_upgrade=incompatible
[   96.358891][ T7442]   features: new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[   96.370716][ T7442] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[   96.373364][ T7442] bcachefs (loop0): recovering from clean shutdown, journal seq 18
[   96.376104][ T7442] bcachefs (loop0): Doing compatible version upgrade from 1.13: inode_has_child_snapshots to 1.28: inode_has_case_insensitive
[   96.376104][ T7442]   running recovery passes: check_allocations,check_extents_to_backpointers,check_inodes
[   96.383259][ T7442] bcachefs (loop0): Now allowing incompatible features up to 1.28: inode_has_case_insensitive, previously allowed up to 1.13: inode_has_child_snapshots
[   96.383259][ T7442] 
[   96.388950][ T7442] bcachefs (loop0): dropping and reconstructing all alloc info
[   96.397660][ T7442] bcachefs (loop0): accounting_read... done
[   96.400497][ T7442] bcachefs (loop0): alloc_read... done
[   96.402944][ T7442] bcachefs (loop0): snapshots_read... done
[   96.403388][   T10] usb 3-1: USB disconnect, device number 15
[   96.405793][ T7442] bcachefs (loop0): done starting filesystem
[   96.426645][ T5847] bcachefs (loop0): shutting down
[   96.434954][ T5847] bcachefs (loop0): shutdown complete
[   97.129713][   T51] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[   97.164181][ T5910] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[   97.284161][   T51] usb 4-1: Using ep0 maxpacket: 16
[   97.287508][   T51] usb 4-1: config 7 has an invalid interface number: 148 but max is 0
[   97.290622][   T51] usb 4-1: config 7 has no interface number 0
[   97.292692][   T51] usb 4-1: config 7 interface 148 altsetting 6 endpoint 0x5 has invalid maxpacket 512, setting to 64
[   97.296792][   T51] usb 4-1: config 7 interface 148 has no altsetting 0
[   97.301462][   T51] usb 4-1: New USB device found, idVendor=0424, idProduct=012c, bcdDevice=58.61
[   97.305095][   T51] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   97.308172][   T51] usb 4-1: Product: syz
[   97.309783][   T51] usb 4-1: Manufacturer: syz
[   97.311734][   T51] usb 4-1: SerialNumber: syz
[   97.314103][ T5910] usb 3-1: Using ep0 maxpacket: 16
[   97.319856][ T5910] usb 3-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[   97.323619][ T5910] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   97.326702][ T5910] usb 3-1: Product: syz
[   97.328245][ T5910] usb 3-1: Manufacturer: syz
[   97.329812][ T5910] usb 3-1: SerialNumber: syz
[   97.332727][ T5910] usb 3-1: config 0 descriptor??
[   97.336652][ T5910] appledisplay 3-1:0.0: Could not find int-in endpoint
[   97.339641][ T5910] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[   97.444773][   T10] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[   97.519844][   T51] usb 4-1: probing VID:PID(0424:012C)   
[   97.522664][   T51] usb 4-1: vub300 testing UNKNOWN EndPoint(0) 01
[   97.525685][   T51] usb 4-1: vub300 ignoring EndPoint(0) 01
[   97.528097][   T51] usb 4-1: vub300 testing UNKNOWN EndPoint(1) 05
[   97.530680][   T51] usb 4-1: vub300 ignoring EndPoint(1) 05
[   97.533086][   T51] usb 4-1: Could not find two sets of bulk-in/out endpoint pairs
[   97.536522][   T51] vub300 4-1:7.148: probe with driver vub300 failed with error -22
[   97.540381][ T5311] usb 3-1: USB disconnect, device number 16
[   97.541027][   T51] usb 4-1: USB disconnect, device number 5
[   97.604242][   T10] usb 1-1: Using ep0 maxpacket: 8
[   97.610129][   T10] usb 1-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[   97.613744][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   97.617514][   T10] usb 1-1: Product: syz
[   97.620511][   T10] usb 1-1: Manufacturer: syz
[   97.622507][   T10] usb 1-1: SerialNumber: syz
[   97.626474][   T10] usb 1-1: config 0 descriptor??
[   97.630495][   T10] gspca_main: sonixj-2.14.0 probing 0c45:613a
[   98.456591][ T7472] loop3: detected capacity change from 0 to 40427
[   98.460443][ T7472] F2FS-fs (loop3): build fault injection rate: 14
[   98.463356][ T7472] F2FS-fs (loop3): build fault injection type: 0x3bfe8c
[   98.468386][ T7472] F2FS-fs (loop3): invalid crc value
[   98.472265][    C1] F2FS-fs (loop3): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[   98.480181][    C1] F2FS-fs (loop3): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[   98.506542][ T7472] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   98.510778][ T7472] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[   98.516303][ T7472] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   98.532140][ T7472] F2FS-fs (loop3): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[   98.537755][ T7472] F2FS-fs (loop3): inject dquot initialize in f2fs_dquot_initialize of f2fs_mkdir+0xfa/0x570
[   98.542883][ T7472] syz.3.542: attempt to access beyond end of device
[   98.542883][ T7472] loop3: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[   98.548257][ T7472] syz.3.542: attempt to access beyond end of device
[   98.548257][ T7472] loop3: rw=0, sector=45064, nr_sectors = 8 limit=40427
[   98.552902][ T7472] syz.3.542: attempt to access beyond end of device
[   98.552902][ T7472] loop3: rw=0, sector=45064, nr_sectors = 8 limit=40427
[   98.557843][ T7472] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_folio of f2fs_get_read_data_folio+0xc1/0x7d0
[   98.563283][ T7472] F2FS-fs (loop3): inject no more block in inc_valid_block_count of f2fs_reserve_new_blocks+0x11a/0xab0
[   98.579821][ T7033] syz-executor: attempt to access beyond end of device
[   98.579821][ T7033] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   98.586019][ T7033] CPU: 0 UID: 0 PID: 7033 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[   98.586037][ T7033] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   98.586044][ T7033] Call Trace:
[   98.586049][ T7033]  <TASK>
[   98.586054][ T7033]  dump_stack_lvl+0x189/0x250
[   98.586074][ T7033]  ? __pfx_dump_stack_lvl+0x10/0x10
[   98.586088][ T7033]  ? __pfx_queue_work_on+0x10/0x10
[   98.586120][ T7033]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   98.586136][ T7033]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   98.586153][ T7033]  f2fs_handle_critical_error+0x37c/0x540
[   98.586180][ T7033]  f2fs_write_end_io+0x886/0xb60
[   98.586196][ T7033]  __submit_merged_bio+0x27a/0x6a0
[   98.586213][ T7033]  __submit_merged_write_cond+0x255/0x530
[   98.586229][ T7033]  f2fs_write_data_pages+0x261d/0x3000
[   98.586245][ T7033]  ? arch_stack_walk+0xfc/0x150
[   98.586266][ T7033]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   98.586282][ T7033]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   98.586299][ T7033]  ? rcu_is_watching+0x15/0xb0
[   98.586319][ T7033]  ? folios_put_refs+0x559/0x640
[   98.586335][ T7033]  ? __pfx_folios_put_refs+0x10/0x10
[   98.586346][ T7033]  ? rcu_is_watching+0x15/0xb0
[   98.586357][ T7033]  ? lru_add+0xa2f/0xd80
[   98.586367][ T7033]  ? lru_add+0x198/0xd80
[   98.586378][ T7033]  ? do_raw_spin_lock+0x121/0x290
[   98.586393][ T7033]  ? do_raw_spin_unlock+0x4d/0x240
[   98.586405][ T7033]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   98.586421][ T7033]  do_writepages+0x32e/0x550
[   98.586436][ T7033]  ? rcu_is_watching+0x15/0xb0
[   98.586447][ T7033]  ? do_raw_spin_unlock+0x4d/0x240
[   98.586460][ T7033]  filemap_fdatawrite+0x199/0x240
[   98.586476][ T7033]  ? __pfx_filemap_fdatawrite+0x10/0x10
[   98.586500][ T7033]  ? rcu_is_watching+0x15/0xb0
[   98.586512][ T7033]  ? do_raw_spin_unlock+0x4d/0x240
[   98.586527][ T7033]  f2fs_sync_dirty_inodes+0x31f/0x830
[   98.586542][ T7033]  f2fs_write_checkpoint+0x95a/0x1df0
[   98.586558][ T7033]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[   98.586580][ T7033]  ? kill_f2fs_super+0x298/0x6c0
[   98.586593][ T7033]  kill_f2fs_super+0x2c3/0x6c0
[   98.586604][ T7033]  ? __pfx_kill_f2fs_super+0x10/0x10
[   98.586615][ T7033]  ? radix_tree_delete_item+0x2b6/0x400
[   98.586632][ T7033]  ? shrinker_free+0x2ce/0x3e0
[   98.586645][ T7033]  deactivate_locked_super+0xbc/0x130
[   98.586659][ T7033]  cleanup_mnt+0x425/0x4c0
[   98.586671][ T7033]  task_work_run+0x1d4/0x260
[   98.586687][ T7033]  ? __pfx_task_work_run+0x10/0x10
[   98.586702][ T7033]  ? __x64_sys_umount+0x122/0x160
[   98.586716][ T7033]  ? __pfx___x64_sys_umount+0x10/0x10
[   98.586732][ T7033]  ? rcu_is_watching+0x15/0xb0
[   98.586744][ T7033]  exit_to_user_mode_loop+0xec/0x110
[   98.586761][ T7033]  do_syscall_64+0x2bd/0x3b0
[   98.586777][ T7033]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.586789][ T7033]  ? exc_page_fault+0x9f/0xf0
[   98.586803][ T7033]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.586815][ T7033] RIP: 0033:0x7fc9a3d8ff17
[   98.586826][ T7033] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[   98.586837][ T7033] RSP: 002b:00007ffdfb2e4f18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   98.586851][ T7033] RAX: 0000000000000000 RBX: 00007fc9a3e11c05 RCX: 00007fc9a3d8ff17
[   98.586860][ T7033] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdfb2e4fd0
[   98.586867][ T7033] RBP: 00007ffdfb2e4fd0 R08: 0000000000000000 R09: 0000000000000000
[   98.586874][ T7033] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdfb2e6060
[   98.586883][ T7033] R13: 00007fc9a3e11c05 R14: 0000000000018080 R15: 00007ffdfb2e60a0
[   98.586895][ T7033]  </TASK>
[   98.587859][ T7033] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[   98.720234][   T10] gspca_sonixj: reg_w1 err -71
[   98.795072][   T10] sonixj 1-1:0.0: probe with driver sonixj failed with error -71
[   98.798794][   T10] usb 1-1: USB disconnect, device number 18
[   98.865978][ T7482] loop3: detected capacity change from 0 to 764
[   98.870767][ T7482] Symlink component flag not implemented
[   98.873085][ T7482] Symlink component flag not implemented
[   98.876753][ T7482] Symlink component flag not implemented (129)
[   98.878826][ T7482] Symlink component flag not implemented (6)
[   98.897912][   T33] audit: type=1326 audit(1756147036.230:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7483 comm="syz.3.546" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9a3d8ebe9 code=0x7ffc0000
[   98.907037][   T33] audit: type=1326 audit(1756147036.230:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7483 comm="syz.3.546" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9a3d8ebe9 code=0x7ffc0000
[   98.917889][   T33] audit: type=1326 audit(1756147036.240:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7483 comm="syz.3.546" exe="/syz-executor" sig=0 arch=c000003e syscall=296 compat=0 ip=0x7fc9a3d8ebe9 code=0x7ffc0000
[   98.925898][   T33] audit: type=1326 audit(1756147036.240:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7483 comm="syz.3.546" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9a3d8ebe9 code=0x7ffc0000
[   98.940240][   T33] audit: type=1326 audit(1756147036.240:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7483 comm="syz.3.546" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9a3d8ebe9 code=0x7ffc0000
[   99.010668][ T7496] comedi comedi0: Minor -2147450880 is invalid!
[   99.184572][ T5884] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[   99.311098][ T7504] block device autoloading is deprecated and will be removed.
[   99.354645][ T5884] usb 4-1: Using ep0 maxpacket: 32
[   99.394557][ T5884] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   99.428381][ T5884] usb 4-1: New USB device found, idVendor=05da, idProduct=009a, bcdDevice=62.95
[   99.433118][ T5884] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.437061][ T5884] usb 4-1: Product: syz
[   99.441216][ T5884] usb 4-1: Manufacturer: syz
[   99.443468][ T5884] usb 4-1: SerialNumber: syz
[   99.446767][ T5884] usb 4-1: config 0 descriptor??
[   99.450465][ T5884] microtek usb (rev 0.4.3): expecting 3 got 0 endpoints! Bailing out.
[   99.454840][ T7508] loop0: detected capacity change from 0 to 1764
[   99.462049][ T7508] iso9660: Corrupted directory entry in block 2 of inode 1920
[   99.521996][ T7512] loop0: detected capacity change from 0 to 4096
[   99.535603][ T7513] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   99.658753][   T10] usb 4-1: USB disconnect, device number 6
[   99.825023][ T5884] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[   99.985611][ T5884] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[   99.989578][ T5884] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[   99.995110][ T5884] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121
[  100.001327][ T5884] usb 1-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  100.005527][ T5884] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  100.008671][ T5884] usb 1-1: Product: syz
[  100.010499][ T5884] usb 1-1: Manufacturer: syz
[  100.012310][ T5884] usb 1-1: SerialNumber: syz
[  100.015320][ T5884] usb 1-1: config 0 descriptor??
[  100.017854][ T7515] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  100.020891][ T7515] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  100.024539][ T5884] usb 1-1: ucan: probing device on interface #0
[  100.143421][ T7534] loop2: detected capacity change from 0 to 2048
[  100.147059][ T7534] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  100.153928][ T7535] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  100.255266][ T7543] loop3: detected capacity change from 0 to 4096
[  100.258718][ T7543] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  100.271322][ T7543] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  100.274329][ T7543] ntfs3(loop3): Failed to load $Extend (-22).
[  100.276724][ T7543] ntfs3(loop3): Failed to initialize $Extend.
[  100.362416][ T7545] loop3: detected capacity change from 0 to 4096
[  100.456817][ T7551] loop3: detected capacity change from 0 to 256
[  100.467317][ T7551] FAT-fs (loop3): Directory bread(block 64) failed
[  100.470115][ T7551] FAT-fs (loop3): Directory bread(block 65) failed
[  100.472885][ T7551] FAT-fs (loop3): Directory bread(block 66) failed
[  100.476202][ T7551] FAT-fs (loop3): Directory bread(block 67) failed
[  100.479027][ T7551] FAT-fs (loop3): Directory bread(block 68) failed
[  100.481751][ T7551] FAT-fs (loop3): Directory bread(block 69) failed
[  100.485330][ T7551] FAT-fs (loop3): Directory bread(block 70) failed
[  100.488218][ T7551] FAT-fs (loop3): Directory bread(block 71) failed
[  100.491001][ T7551] FAT-fs (loop3): Directory bread(block 72) failed
[  100.493783][ T7551] FAT-fs (loop3): Directory bread(block 73) failed
[  100.505036][ T7547] loop2: detected capacity change from 0 to 32768
[  100.508848][ T7547] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.574 (7547)
[  100.517233][ T7547] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  100.522028][ T7547] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  100.526266][ T7547] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  100.542682][ T7547] BTRFS info (device loop2): rebuilding free space tree
[  100.549004][ T7547] BTRFS info (device loop2): disabling free space tree
[  100.551819][ T7547] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  100.557409][ T7547] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  100.563501][ T7547] BTRFS info (device loop2): setting nodatasum
[  100.566720][ T7547] BTRFS info (device loop2): enabling ssd optimizations
[  100.569578][ T7547] BTRFS info (device loop2): turning off barriers
[  100.572314][ T7547] BTRFS info (device loop2): turning on flush-on-commit
[  100.577467][ T7547] BTRFS info (device loop2): enabling disk space caching
[  100.580355][ T7547] BTRFS info (device loop2): force clearing of disk cache
[  100.583300][ T7547] BTRFS info (device loop2): doing ref verification
[  100.586242][ T7547] BTRFS info (device loop2): use zlib compression, level 3
[  100.590035][ T7547] BTRFS info (device loop2): max_inline set to 4096
[  100.599509][   T33] audit: type=1800 audit(1756147037.930:69): pid=7547 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.574" name="file1" dev="loop2" ino=260 res=0 errno=0
[  100.629640][ T5884] ucan 1-1:0.0: probe with driver ucan failed with error -71
[  100.634529][ T5884] usb 1-1: USB disconnect, device number 19
[  100.661881][   T33] audit: type=1804 audit(1756147037.990:70): pid=7576 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.574" name="/newroot/192/file1/file0/file3" dev="loop2" ino=260 res=1 errno=0
[  101.093347][ T7572] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  101.183303][ T7587] binder: BINDER_SET_CONTEXT_MGR already set
[  101.187608][ T7587] binder: 7586:7587 ioctl 4018620d 200000000040 returned -16
[  101.238762][ T5853] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  101.744202][ T5884] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  101.916864][ T5884] usb 3-1: config 1 has an invalid interface number: 27 but max is 0
[  101.920208][ T5884] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  101.924520][ T5884] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 1
[  101.927932][ T5884] usb 3-1: config 1 has no interface number 1
[  101.930182][ T5884] usb 3-1: config 1 interface 27 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18
[  101.936980][ T5884] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  101.940325][ T5884] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  101.943308][ T5884] usb 3-1: SerialNumber: syz
[  101.947732][ T5884] usb 3-1: bad CDC descriptors
[  102.006874][ T7600] loop3: detected capacity change from 0 to 2048
[  102.016136][ T7601] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  102.158302][ T5884] usb 3-1: USB disconnect, device number 17
[  103.082452][ T7632] loop3: detected capacity change from 0 to 1024
[  103.214372][ T6115] hfsplus: b-tree write err: -5, ino 4
[  103.498254][ T7635] loop3: detected capacity change from 0 to 1024
[  103.675586][ T1090] hfsplus: b-tree write err: -5, ino 4
[  103.944795][ T5910] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  104.116378][ T5910] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  104.119601][ T5910] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  104.122822][ T5910] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  104.126307][ T5910] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  104.129503][ T5910] usb 4-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  104.132953][ T5910] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.138324][ T5910] usb 4-1: config 0 descriptor??
[  104.380720][ T5910] hdpvr 4-1:0.0: firmware version 0x20 dated %@
[  104.383825][ T5910] hdpvr 4-1:0.0: untested firmware, the driver might not work.
[  104.747264][ T7644] loop2: detected capacity change from 0 to 8192
[  104.778555][ T5910] hdpvr 4-1:0.0: Could not setup controls
[  104.781088][ T5910] hdpvr 4-1:0.0: registering videodev failed
[  104.786757][ T5910] hdpvr 4-1:0.0: probe with driver hdpvr failed with error -71
[  104.791096][ T5910] usb 4-1: USB disconnect, device number 7
[  104.885374][ T7655] loop2: detected capacity change from 0 to 736
[  104.953307][ T7659] netlink: 4 bytes leftover after parsing attributes in process `syz.2.606'.
[  104.956544][ T7659] Unsupported xt match
[  104.956551][ T7659] unable to load match
[  105.196775][ T7663] loop2: detected capacity change from 0 to 32768
[  105.222441][ T7663] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,checksum_err_retry_nr=12,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,degraded=yes,nojournal_transaction_names
[  105.222462][ T7663]   allowing incompatible features above 0.0: (unknown version)
[  105.222470][ T7663]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  105.241651][ T7663] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[  105.245329][ T7663] bcachefs (loop2): initializing new filesystem
[  105.252866][ T7663] bcachefs (loop2): going read-write
[  105.257091][ T7663] bcachefs (loop2): marking superblocks
[  105.263754][ T7663] bcachefs (loop2): initializing freespace
[  105.270582][ T7663] bcachefs (loop2): done initializing freespace
[  105.277812][ T7663] bcachefs (loop2): reading snapshots table
[  105.280641][ T7663] bcachefs (loop2): reading snapshots done
[  105.300759][ T7663] bcachefs (loop2): done starting filesystem
[  105.321600][ T7663] syz.2.608 (7663) used greatest stack depth: 16752 bytes left
[  105.326299][ T5853] bcachefs (loop2): shutting down
[  105.328492][ T5853] bcachefs (loop2): going read-only
[  105.330852][ T5853] bcachefs (loop2): finished waiting for writes to stop
[  105.335067][ T5853] bcachefs (loop2): flushing journal and stopping allocators, journal seq 2
[  105.346151][ T5853] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 3
[  105.351938][ T5853] bcachefs (loop2): clean shutdown complete, journal seq 4
[  105.356526][ T5853] bcachefs (loop2): marking filesystem clean
[  105.366634][ T5853] bcachefs (loop2): shutdown complete
[  105.709598][ T7682] loop3: detected capacity change from 0 to 128
[  105.711950][ T7682] EXT4-fs: Ignoring removed nobh option
[  105.716015][ T7682] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  105.720296][ T7682] ext4 filesystem being mounted at /61/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  105.726598][ T7682] fscrypt (loop3, inode 12): Unsupported log2_data_unit_size in encryption policy: 179
[  105.738665][ T7033] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  105.790315][ T7690] bridge1: the hash_elasticity option has been deprecated and is always 16
[  105.794531][ T7690] bridge1: entered promiscuous mode
[  105.796700][ T7690] bridge1: entered allmulticast mode
[  105.954194][   T51] usb 1-1: new full-speed USB device number 20 using dummy_hcd
[  106.028289][ T7702] netlink: 8 bytes leftover after parsing attributes in process `syz.3.620'.
[  106.110519][   T51] usb 1-1: unable to get BOS descriptor or descriptor too short
[  106.113650][   T51] usb 1-1: not running at top speed; connect to a high speed hub
[  106.117560][   T51] usb 1-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[  106.126971][   T51] usb 1-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=6a.e5
[  106.130001][   T51] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  106.132765][   T51] usb 1-1: Product: syz
[  106.134375][   T51] usb 1-1: Manufacturer: syz
[  106.136124][   T51] usb 1-1: SerialNumber: syz
[  106.281728][ T7719] loop3: detected capacity change from 0 to 4096
[  106.285277][ T7719] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[  106.297353][ T7719] ntfs3(loop3): ino=1a, mi_enum_attr
[  106.300259][ T7719] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  106.350527][   T51] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  106.364151][   T51] snd-usb-audio 1-1:8.0: probe with driver snd-usb-audio failed with error -2
[  106.369862][   T51] usb 1-1: USB disconnect, device number 20
[  106.959025][ T7738] loop0: detected capacity change from 0 to 16
[  106.961678][ T7738] erofs (device loop0): EXPERIMENTAL 48-bit layout support in use. Use at your own risk!
[  106.966178][ T7738] erofs (device loop0): mounted with root inode @ nid 36.
[  106.970336][ T7738] syz.0.635: attempt to access beyond end of device
[  106.970336][ T7738] loop0: rw=0, sector=15300821024, nr_sectors = 8 limit=16
[  106.975786][ T7738] erofs (device loop0): read error -5 @ 72 of nid 36
[  107.122591][ T7745] loop2: detected capacity change from 0 to 2048
[  107.139090][ T7745] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[  107.158401][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  107.414332][   T10] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  107.574188][   T10] usb 3-1: Using ep0 maxpacket: 16
[  107.577363][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  107.581237][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  107.585116][   T10] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  107.589547][   T10] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  107.592829][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.596113][   T10] usb 3-1: config 0 descriptor??
[  107.614150][ T5884] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  107.784131][ T5884] usb 4-1: Using ep0 maxpacket: 8
[  107.790518][ T5884] usb 4-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[  107.794359][ T5884] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  107.798181][ T5884] usb 4-1: Product: syz
[  107.800099][ T5884] usb 4-1: Manufacturer: syz
[  107.802308][ T5884] usb 4-1: SerialNumber: syz
[  107.806198][ T5884] usb 4-1: config 0 descriptor??
[  107.811043][ T5884] gspca_main: sonixj-2.14.0 probing 0c45:613a
[  108.004705][   T10] microsoft 0003:045E:07DA.000B: ignoring exceeding usage max
[  108.009149][   T10] microsoft 0003:045E:07DA.000B: ignoring exceeding usage max
[  108.012317][   T10] microsoft 0003:045E:07DA.000B: usage index exceeded
[  108.017254][   T10] microsoft 0003:045E:07DA.000B: item 0 0 2 2 parsing failed
[  108.020947][   T10] microsoft 0003:045E:07DA.000B: parse failed
[  108.023650][   T10] microsoft 0003:045E:07DA.000B: probe with driver microsoft failed with error -22
[  108.204661][   T51] usb 3-1: USB disconnect, device number 18
[  108.240063][ T7772] loop0: detected capacity change from 0 to 512
[  108.244448][ T7772] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.649: casefold flag without casefold feature
[  108.248972][ T7772] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.649: couldn't read orphan inode 15 (err -117)
[  108.253409][ T7772] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.262129][ T7772] syz.0.649 (pid 7772) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  108.282752][ T5847] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.853184][ T7788] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  109.172687][ T7805] loop2: detected capacity change from 0 to 16
[  109.177108][ T7805] erofs (device loop2): mounted with root inode @ nid 36.
[  109.188038][ T7805] erofs (device loop2): bogus lookback distance 0 @ lcn 1 of nid 89
[  109.191271][ T7805] erofs (device loop2): readahead error at folio 2 @ nid 89
[  109.204179][ T7805] erofs (device loop2): bogus lookback distance 0 @ lcn 1 of nid 89
[  109.209208][ T7805] erofs (device loop2): readahead error at folio 1 @ nid 89
[  109.215067][ T7805] erofs (device loop2): bogus lookback distance 0 @ lcn 1 of nid 89
[  109.218313][ T7805] erofs (device loop2): bogus lookback distance 0 @ lcn 1 of nid 89
[  109.223793][ T7805] erofs (device loop2): read error -117 @ 1 of nid 89
[  109.229165][   T33] audit: type=1800 audit(1756147046.570:71): pid=7805 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.664" name="file3" dev="loop2" ino=89 res=0 errno=0
[  109.793975][ T7824] loop2: detected capacity change from 0 to 32768
[  109.800749][ T7824] XFS (loop2): DAX unsupported by block device. Turning off DAX.
[  109.805380][ T7824] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  109.826766][ T5884] gspca_sonixj: reg_w1 err -71
[  109.831806][ T7824] XFS (loop2): Ending clean mount
[  109.836515][ T7824] XFS (loop2): Quotacheck needed: Please wait.
[  109.842679][ T7824] XFS (loop2): Quotacheck: Done.
[  109.860379][ T5853] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  109.864203][ T5884] sonixj 4-1:0.0: probe with driver sonixj failed with error -71
[  109.873132][ T5884] usb 4-1: USB disconnect, device number 8
[  109.991281][ T7837] loop0: detected capacity change from 0 to 16
[  109.996818][ T7837] erofs (device loop0): mounted with root inode @ nid 36.
[  110.000906][ T7838] loop2: detected capacity change from 0 to 128
[  110.020362][ T7838] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  110.028276][ T7838] ext4 filesystem being mounted at /230/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  110.045305][ T5853] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  110.059122][ T7846] loop2: detected capacity change from 0 to 1024
[  110.061888][ T7846] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  110.065544][ T7846] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  110.069405][ T7846] EXT4-fs (loop2): invalid journal inode
[  110.071268][ T7846] EXT4-fs (loop2): can't get journal size
[  110.073714][ T7846] EXT4-fs error (device loop2): ext4_protect_reserved_inode:182: inode #2: comm syz.2.677: blocks 48-48 from inode overlap system zone
[  110.078568][ T7846] EXT4-fs (loop2): failed to initialize system zone (-117)
[  110.081512][ T7846] EXT4-fs (loop2): mount failed
[  110.404326][ T7844] loop0: detected capacity change from 0 to 131072
[  110.413714][ T7844] F2FS-fs (loop0): Wrong CP boundary, start(512) end(1536) blocks(0)
[  110.416897][ T7844] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  110.420159][ T7844] F2FS-fs (loop0): invalid crc value
[  110.447558][ T7844] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  110.452207][ T7844] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  110.455266][ T7844] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  110.503490][ T7849] loop3: detected capacity change from 0 to 32768
[  110.522502][ T7864] loop2: detected capacity change from 0 to 64
[  110.530699][ T7849] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  110.580714][ T7849] XFS (loop3): Ending clean mount
[  110.587122][ T7849] XFS (loop3): Quotacheck needed: Please wait.
[  110.595418][ T7849] XFS (loop3): Quotacheck: Done.
[  110.614004][   T33] audit: type=1800 audit(1756147047.940:72): pid=7849 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.678" name="file2" dev="loop3" ino=9287 res=0 errno=0
[  110.649117][ T7033] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  110.659861][ T7869] loop2: detected capacity change from 0 to 32768
[  110.662984][ T7869] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.684 (7869)
[  110.669882][ T7869] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  110.675193][ T7869] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  110.755936][ T7888] loop0: detected capacity change from 0 to 256
[  110.758458][ T7888] exfat: Deprecated parameter 'utf8'
[  110.758969][ T7883] loop3: detected capacity change from 0 to 4096
[  110.760209][ T7888] exfat: Deprecated parameter 'utf8'
[  110.760541][ T7869] BTRFS info (device loop2): allowing degraded mounts
[  110.762912][ T7883] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[  110.764929][ T7869] BTRFS info (device loop2): enabling ssd optimizations
[  110.768974][ T7888] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x7bac8b1f, utbl_chksum : 0xe619d30d)
[  110.770549][ T7869] BTRFS info (device loop2): enabling free space tree
[  110.779387][ T7869] BTRFS info (device loop2): force zlib compression, level 3
[  110.804737][ T7883] ntfs3(loop3): ino=0, attr_set_size
[  110.807112][ T7883] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  110.815325][ T7883] ntfs3(loop3): ino=0, attr_set_size
[  110.819640][ T5853] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  110.888390][ T7896] loop3: detected capacity change from 0 to 512
[  110.895556][ T7896] EXT4-fs error (device loop3): ext4_expand_extra_isize_ea:2798: inode #11: comm syz.3.689: corrupted xattr block 95: invalid header
[  110.905051][ T7896] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.689: bg 0: block 7: invalid block bitmap
[  110.914413][ T7896] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  110.926715][ T7896] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2962: inode #11: comm syz.3.689: corrupted xattr block 95: invalid header
[  110.933734][ T7896] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[  110.939750][ T7896] EXT4-fs (loop3): 1 orphan inode deleted
[  110.943200][ T7896] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.976340][ T7033] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.003395][ T7894] loop0: detected capacity change from 0 to 32768
[  111.033720][ T7903] loop3: detected capacity change from 0 to 4096
[  111.048039][ T7903] NILFS (loop3): invalid segment: Checksum error in segment payload
[  111.051062][ T7903] NILFS (loop3): trying rollback from an earlier position
[  111.067191][ T7903] NILFS (loop3): recovery complete
[  111.075041][ T7904] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  111.079953][ T7901] loop2: detected capacity change from 0 to 32768
[  111.095539][ T7901] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  111.127278][ T5853] ocfs2: Unmounting device (7,2) on (node local)
[  111.198727][ T7921] loop2: detected capacity change from 0 to 256
[  111.201233][ T7921] exfat: Deprecated parameter 'utf8'
[  111.203260][ T7921] exfat: Deprecated parameter 'namecase'
[  111.208399][ T7921] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  111.262085][ T7928] loop2: detected capacity change from 0 to 256
[  111.327937][ T7929] netlink: 28 bytes leftover after parsing attributes in process `syz.0.697'.
[  111.357099][ T7928] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6d3f72e, utbl_chksum : 0xe619d30d)
[  111.425417][ T7931] loop2: detected capacity change from 0 to 1024
[  111.429056][ T7931] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  111.433057][ T7931] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  111.438904][ T7931] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  111.442404][ T7931] EXT4-fs (loop2): orphan cleanup on readonly fs
[  111.447964][ T7931] EXT4-fs error (device loop2): ext4_read_inode_bitmap:167: comm syz.2.702: Inode bitmap for bg 0 marked uninitialized
[  111.456446][ T7931] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  111.465256][ T7931] EXT4-fs (loop2): ext4_remount: Checksum for group 0 failed (32298!=35945)
[  111.478492][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.130760][ T7960] loop3: detected capacity change from 0 to 8192
[  112.185083][ T7960]  loop3: AHDI p1 p2
[  112.186342][ T7963] loop0: detected capacity change from 0 to 64
[  112.186948][ T7960] loop3: p1 size 65535 extends beyond EOD, truncated
[  112.191350][ T7963] Trying to free block not in datazone
[  112.193875][ T7963] Trying to free block not in datazone
[  112.198299][ T7963] Trying to free block not in datazone
[  112.201025][ T7963] Trying to free block not in datazone
[  112.202958][ T7963] minix_free_inode: bit 5 already cleared
[  112.240169][ T7969] loop3: detected capacity change from 0 to 256
[  112.257996][ T7969] FAT-fs (loop3): Directory bread(block 64) failed
[  112.260535][ T7969] FAT-fs (loop3): Directory bread(block 65) failed
[  112.262837][ T7969] FAT-fs (loop3): Directory bread(block 66) failed
[  112.266523][ T7969] FAT-fs (loop3): Directory bread(block 67) failed
[  112.269279][ T7969] FAT-fs (loop3): Directory bread(block 68) failed
[  112.272038][ T7969] FAT-fs (loop3): Directory bread(block 69) failed
[  112.274895][ T7969] FAT-fs (loop3): Directory bread(block 70) failed
[  112.277062][ T7969] FAT-fs (loop3): Directory bread(block 71) failed
[  112.279602][ T7969] FAT-fs (loop3): Directory bread(block 72) failed
[  112.281873][ T7969] FAT-fs (loop3): Directory bread(block 73) failed
[  112.319347][ T7974] QAT: failed to copy from user cfg_data.
[  112.339211][ T7976] loop3: detected capacity change from 0 to 256
[  112.371644][ T7978] loop3: detected capacity change from 0 to 128
[  112.375116][ T7978] EXT4-fs: Ignoring removed nobh option
[  112.379248][ T7978] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  112.385181][ T7978] ext4 filesystem being mounted at /100/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  112.445854][ T7033] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  112.462460][ T7987] loop0: detected capacity change from 0 to 256
[  112.475032][ T7987] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  112.507962][ T7992] loop2: detected capacity change from 0 to 64
[  112.637468][ T8007] loop3: detected capacity change from 0 to 256
[  112.654585][ T8007] exfat: Deprecated parameter 'utf8'
[  112.656843][ T8007] exfat: Deprecated parameter 'namecase'
[  112.659148][ T8007] exfat: Deprecated parameter 'utf8'
[  112.677643][ T8007] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  112.770465][ T8001] loop0: detected capacity change from 0 to 32768
[  112.771348][ T8017] loop3: detected capacity change from 0 to 8192
[  112.775231][ T8001] (syz.0.734,8001,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  112.779166][ T8017] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  112.782112][ T8001] (syz.0.734,8001,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  112.786106][ T8017] ntfs3(loop3): ino=0, mi_enum_attr
[  112.793855][ T8017] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  112.796388][ T8001] JBD2: Ignoring recovery information on journal
[  112.800008][ T8017] ntfs3(loop3): volume is dirty and "force" flag is not set!
[  112.834970][ T8001] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  112.891574][ T5847] ocfs2: Unmounting device (7,0) on (node local)
[  112.981413][ T8037] loop2: detected capacity change from 0 to 256
[  113.006402][ T8037] FAT-fs (loop2): codepage cp86 not found
[  113.105588][ T8028] loop3: detected capacity change from 0 to 40427
[  113.109232][ T8028] F2FS-fs (loop3): build fault injection rate: 7
[  113.112111][ T8028] F2FS-fs (loop3): build fault injection type: 0xeffa
[  113.133700][ T8028] F2FS-fs (loop3): invalid crc value
[  113.136660][ T8028] F2FS-fs (loop3): inject kvmalloc in f2fs_kvmalloc of f2fs_fill_super+0x4429/0x6ff0
[  113.140474][ T8028] F2FS-fs (loop3): Failed to initialize F2FS segment manager (-12)
[  113.373908][ T8059] loop3: detected capacity change from 0 to 512
[  113.398243][ T8059] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.403230][ T8059] ext4 filesystem being mounted at /109/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  113.407182][   T51] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  113.455174][ T8063] netlink: 188 bytes leftover after parsing attributes in process `syz.2.760'.
[  113.478255][ T8066] loop2: detected capacity change from 0 to 128
[  113.482260][ T8066] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  113.487495][ T8066] ext4 filesystem being mounted at /269/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  113.502315][ T5853] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  113.520426][ T8069] CUSE: unknown device info ""
[  113.522773][ T8069] CUSE: unknown device info ""
[  113.525336][ T8069] CUSE: unknown device info ""
[  113.527616][ T8069] CUSE: unknown device info ""
[  113.529937][ T8069] CUSE: zero length info key specified
[  113.555781][   T51] usb 1-1: config 0 has an invalid interface number: 255 but max is 0
[  113.559359][   T51] usb 1-1: config 0 has no interface number 0
[  113.562172][   T51] usb 1-1: config 0 interface 255 altsetting 0 has an endpoint descriptor with address 0xE8, changing to 0x88
[  113.567096][   T51] usb 1-1: config 0 interface 255 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7
[  113.571076][   T51] usb 1-1: config 0 interface 255 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  113.576028][   T51] usb 1-1: config 0 interface 255 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  113.580062][   T51] usb 1-1: config 0 interface 255 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  113.586020][   T51] usb 1-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49
[  113.589603][   T51] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  113.592901][   T51] usb 1-1: Product: syz
[  113.594857][   T51] usb 1-1: Manufacturer: syz
[  113.596881][   T51] usb 1-1: SerialNumber: syz
[  113.599853][   T51] usb 1-1: config 0 descriptor??
[  113.602488][ T8052] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  113.607436][   T51] iguanair 1-1:0.255: probe with driver iguanair failed with error -12
[  113.654261][ T5850] Bluetooth: hci1: Opcode 0x206a failed: -110
[  113.654649][   T54] Bluetooth: hci1: command 0x206a tx timeout
[  113.745779][ T8076] loop2: detected capacity change from 0 to 4096
[  113.750020][ T8076] ntfs3(loop2): ino=0, mi_enum_attr
[  113.756576][ T8076] ntfs3(loop2): ino=0, mi_enum_attr
[  113.758272][ T8076] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  113.813473][ T5311] usb 1-1: USB disconnect, device number 21
[  113.833639][ T8080] loop2: detected capacity change from 0 to 512
[  113.837851][ T8080] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  113.842014][ T8080] EXT4-fs (loop2): invalid journal inode
[  113.845117][ T8080] EXT4-fs (loop2): can't get journal size
[  113.847691][ T8080] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a056c119, mo2=0002]
[  113.850682][ T8080] System zones: 1-12, 13-13
[  113.852637][ T8080] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.767: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  113.858640][ T8080] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.767: couldn't read orphan inode 15 (err -117)
[  113.863520][ T8080] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.883660][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.995554][ T8083] loop2: detected capacity change from 0 to 32768
[  114.000182][ T8083] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  114.011928][ T8083] XFS (loop2): Ending clean mount
[  114.025531][ T5853] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  114.202293][ T8059] orangefs_mount: mount request failed with -4
[  114.229495][ T7033] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.343356][ T8107] loop0: detected capacity change from 0 to 512
[  114.346581][ T8107] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  114.352853][ T8107] EXT4-fs (loop0): 1 truncate cleaned up
[  114.356290][ T8107] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.370853][ T5847] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.400161][ T8110] loop3: detected capacity change from 0 to 4096
[  114.404673][ T8114] loop0: detected capacity change from 0 to 2048
[  114.410047][ T8110] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  114.417193][ T8114] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.419673][ T8110] ntfs3(loop3): Failed to load $Extend (-22).
[  114.425239][ T8110] ntfs3(loop3): Failed to initialize $Extend.
[  114.425868][ T5311] usb 3-1: new low-speed USB device number 19 using dummy_hcd
[  114.458124][ T8114] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  114.463244][ T8114] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  114.467542][ T8114] EXT4-fs (loop0): This should not happen!! Data will be lost
[  114.467542][ T8114] 
[  114.471146][ T8114] EXT4-fs (loop0): Total free blocks count 0
[  114.473373][ T8114] EXT4-fs (loop0): Free/Dirty block details
[  114.476386][ T8114] EXT4-fs (loop0): free_blocks=4096
[  114.478507][ T8114] EXT4-fs (loop0): dirty_blocks=512
[  114.480265][ T8114] EXT4-fs (loop0): Block reservation details
[  114.482130][ T8114] EXT4-fs (loop0): i_reserved_data_blocks=32
[  114.493959][ T1234] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 480 with error 28
[  114.589042][ T5311] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  114.593147][ T5311] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  114.596899][ T5311] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  114.601917][ T5311] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  114.604932][ T5311] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.632763][ T8128] loop3: detected capacity change from 0 to 256
[  114.637141][ T5311] hub 3-1:1.0: bad descriptor, ignoring hub
[  114.639155][ T5311] hub 3-1:1.0: probe with driver hub failed with error -5
[  114.641630][ T5311] cdc_wdm 3-1:1.0: probe with driver cdc_wdm failed with error -22
[  114.664604][ T8130] tipc: Started in network mode
[  114.666402][ T8130] tipc: Node identity 2e6246a45507, cluster identity 4711
[  114.668939][ T8130] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  114.671721][ T8130] syzkaller0: entered promiscuous mode
[  114.674873][ T8130] syzkaller0: entered allmulticast mode
[  114.680513][ T8130] tipc: Resetting bearer <eth:syzkaller0>
[  114.683489][ T8129] tipc: Resetting bearer <eth:syzkaller0>
[  114.689488][ T8129] tipc: Disabling bearer <eth:syzkaller0>
[  114.842190][ T8137] program syz.3.788 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  114.866528][ T5310] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  114.872175][ T5310] hid-generic 0000:0000:0000.000C: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  114.952484][ T5884] usb 3-1: USB disconnect, device number 19
[  115.179855][ T8154] loop3: detected capacity change from 0 to 512
[  115.185551][ T8154] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  115.189118][ T8154] EXT4-fs (loop3): orphan cleanup on readonly fs
[  115.192071][ T8154] Quota error (device loop3): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  115.196989][ T8154] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  115.205608][ T8154] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  115.209119][ T8154] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.796: bg 0: block 40: padding at end of block bitmap is not set
[  115.216522][ T8154] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  115.220446][ T8154] EXT4-fs (loop3): 1 truncate cleaned up
[  115.223417][ T8154] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  115.231455][ T8154] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  115.242433][ T7033] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.474905][ T8160] loop3: detected capacity change from 0 to 32768
[  115.483945][ T8160] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  115.508382][ T8160] XFS (loop3): Ending clean mount
[  115.511611][ T8160] XFS (loop3): Quotacheck needed: Please wait.
[  115.527567][ T8160] XFS (loop3): Quotacheck: Done.
[  115.584252][ T7033] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  115.624972][ T5884] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  115.787587][ T5884] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  115.791092][ T5884] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.795519][ T5884] usb 3-1: Product: syz
[  115.797346][ T5884] usb 3-1: Manufacturer: syz
[  115.799264][ T5884] usb 3-1: SerialNumber: syz
[  115.947947][ T8181] netlink: 'syz.3.803': attribute type 4 has an invalid length.
[  117.194221][ T5311] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  117.347060][ T5311] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  117.351853][ T5311] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  117.356333][ T5311] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  117.363799][ T5311] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice=20.41
[  117.367707][ T5311] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  117.371203][ T5311] usb 4-1: Product: syz
[  117.373089][ T5311] usb 4-1: Manufacturer: syz
[  117.376278][ T5311] usb 4-1: SerialNumber: syz
[  117.511257][ T8213] loop0: detected capacity change from 0 to 32768
[  117.517587][ T8213] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  117.543290][ T5847] ocfs2: Unmounting device (7,0) on (node local)
[  117.585884][ T5311] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 9 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  117.613626][ T5884] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000040. ret = -EPROTO
[  117.618853][ T5884] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001000. ret = -EPROTO
[  117.624370][ T5884] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO
[  117.629333][ T5884] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  117.629714][ T8221] netlink: 24 bytes leftover after parsing attributes in process `syz.0.821'.
[  117.633487][ T5884] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  117.641959][ T5884] lan78xx 3-1:1.0: probe with driver lan78xx failed with error -71
[  117.647996][ T5884] usb 3-1: USB disconnect, device number 20
[  117.702976][ T8225] loop0: detected capacity change from 0 to 4096
[  117.706709][ T8225] NILFS (loop0): mounting unchecked fs
[  117.710581][ T8225] NILFS (loop0): invalid segment: Checksum error in segment payload
[  117.713845][ T8225] NILFS (loop0): trying rollback from an earlier position
[  117.722778][ T8225] NILFS (loop0): recovery cancelled because norecovery option was specified for a read/write mount
[  117.786859][   T51] usb 4-1: USB disconnect, device number 9
[  117.789704][   T51] usblp0: removed
[  117.994170][ T5310] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  118.144129][ T5310] usb 1-1: Using ep0 maxpacket: 16
[  118.147918][ T5310] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 65, using maximum allowed: 30
[  118.152446][ T5310] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  118.157032][ T5310] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 65
[  118.162338][ T5310] usb 1-1: New USB device found, idVendor=1e71, idProduct=2006, bcdDevice= 0.00
[  118.167259][ T5310] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.177804][ T5310] usb 1-1: config 0 descriptor??
[  118.385905][ T8243] loop3: detected capacity change from 0 to 2048
[  118.398072][ T8244] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  118.406727][ T8244] NILFS (loop3): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  118.411273][ T8244] NILFS error (device loop3): nilfs_bmap_propagate: broken bmap (inode number=4)
[  118.415940][ T8244] Remounting filesystem read-only
[  118.418005][ T8243] NILFS (loop3): mounting fs with errors
[  118.433908][ T8244] NILFS (loop3): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  118.440088][ T8244] NILFS error (device loop3): nilfs_bmap_propagate: broken bmap (inode number=4)
[  118.444023][ T8244] Remounting filesystem read-only
[  118.447404][ T7033] NILFS (loop3): disposed unprocessed dirty file(s) when stopping log writer
[  118.470199][ T8239] loop2: detected capacity change from 0 to 32768
[  118.474357][ T8239] 
[  118.474357][ T8239]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  118.474357][ T8239] 
[  118.483113][ T8239] read_mapping_page failed!
[  118.484953][ T8239] ERROR: (device loop2): txCommit: 
[  118.484953][ T8239] 
[  118.488048][ T8239] read_mapping_page failed!
[  118.489585][ T8239] ERROR: (device loop2): txCommit: 
[  118.489585][ T8239] 
[  118.499556][ T5853] 
[  118.499556][ T5853]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  118.499556][ T5853] 
[  118.505135][ T5853] 
[  118.505135][ T5853]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  118.505135][ T5853] 
[  118.553344][ T8254] netlink: 'syz.2.834': attribute type 1 has an invalid length.
[  118.556721][ T8254] netlink: 224 bytes leftover after parsing attributes in process `syz.2.834'.
[  118.559687][ T8254] nbd: illegal input index 1048576
[  118.581374][ T8256] loop2: detected capacity change from 0 to 256
[  118.585034][ T8256] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  118.585731][ T5310] nzxt-smart2 0003:1E71:2006.000D: item fetching failed at offset 10/11
[  118.589572][ T8256] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  118.593017][ T5310] nzxt-smart2 0003:1E71:2006.000D: probe with driver nzxt-smart2 failed with error -22
[  118.599763][ T8256] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  118.608939][   T33] audit: type=1800 audit(1756147055.940:73): pid=8256 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.838" name="file1" dev="loop2" ino=1048694 res=0 errno=0
[  118.794514][ T5884] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  118.799123][ T5310] usb 1-1: USB disconnect, device number 22
[  118.924348][ T5311] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  118.947653][ T5884] usb 4-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  118.951461][ T5884] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.954875][ T5884] usb 4-1: Product: syz
[  118.956896][ T5884] usb 4-1: Manufacturer: syz
[  118.958952][ T5884] usb 4-1: SerialNumber: syz
[  118.961916][ T5884] usb 4-1: config 0 descriptor??
[  118.966696][ T5884] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  119.074172][ T5311] usb 3-1: Using ep0 maxpacket: 16
[  119.077906][ T5311] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  119.081446][ T5311] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  119.086536][ T5311] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  119.089717][ T5311] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  119.093345][ T5311] usb 3-1: Product: syz
[  119.095267][ T5311] usb 3-1: Manufacturer: syz
[  119.097217][ T5311] usb 3-1: SerialNumber: syz
[  119.304503][ T5311] usb 3-1: 0:2 : does not exist
[  119.310262][ T5311] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[  119.322403][ T5311] usb 3-1: USB disconnect, device number 21
[  119.371865][ T5884] gspca_sunplus: reg_w_riv err -71
[  119.374993][ T5884] sunplus 4-1:0.0: probe with driver sunplus failed with error -71
[  119.379314][ T5884] usb 4-1: USB disconnect, device number 10
[  119.532872][ T8270] loop0: detected capacity change from 0 to 32768
[  119.536364][ T8270] XFS: noikeep mount option is deprecated.
[  119.542217][ T8270] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  119.570633][ T8270] XFS (loop0): Ending clean mount
[  119.573811][ T8270] XFS (loop0): Quotacheck needed: Please wait.
[  119.580293][ T8270] XFS (loop0): Quotacheck: Done.
[  119.597702][ T5847] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  119.967802][ T8288] loop2: detected capacity change from 0 to 512
[  119.973779][ T8288] EXT4-fs: journaled quota format not specified
[  120.049916][ T8292] loop2: detected capacity change from 0 to 164
[  120.553854][ T8296] loop2: detected capacity change from 0 to 40427
[  120.562710][ T8296] F2FS-fs (loop2): invalid crc value
[  120.658766][ T8296] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  120.665373][ T8296] F2FS-fs (loop2): Start checkpoint disabled!
[  120.670702][ T8296] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  120.731321][ T1234] kworker/u9:3: attempt to access beyond end of device
[  120.731321][ T1234] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  120.738458][ T1234] CPU: 0 UID: 0 PID: 1234 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  120.738476][ T1234] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  120.738485][ T1234] Workqueue: writeback wb_workfn (flush-7:2)
[  120.738524][ T1234] Call Trace:
[  120.738529][ T1234]  <TASK>
[  120.738534][ T1234]  dump_stack_lvl+0x189/0x250
[  120.738549][ T1234]  ? __pfx_dump_stack_lvl+0x10/0x10
[  120.738561][ T1234]  ? __pfx_queue_work_on+0x10/0x10
[  120.738572][ T1234]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  120.738586][ T1234]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  120.738604][ T1234]  f2fs_handle_critical_error+0x37c/0x540
[  120.738624][ T1234]  f2fs_write_end_io+0x886/0xb60
[  120.738641][ T1234]  __submit_merged_bio+0x27a/0x6a0
[  120.738657][ T1234]  __submit_merged_write_cond+0x255/0x530
[  120.738675][ T1234]  f2fs_write_data_pages+0x261d/0x3000
[  120.738703][ T1234]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  120.738745][ T1234]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  120.738767][ T1234]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  120.738793][ T1234]  ? rcu_is_watching+0x15/0xb0
[  120.738803][ T1234]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  120.738818][ T1234]  do_writepages+0x32e/0x550
[  120.738834][ T1234]  ? rcu_qs+0xc4/0x170
[  120.738849][ T1234]  __writeback_single_inode+0x145/0xff0
[  120.738864][ T1234]  ? do_raw_spin_unlock+0x4d/0x240
[  120.738880][ T1234]  writeback_sb_inodes+0x6c7/0x1010
[  120.738893][ T1234]  ? pick_task_fair+0x2b2/0x520
[  120.738912][ T1234]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  120.738940][ T1234]  ? rcu_is_watching+0x15/0xb0
[  120.738953][ T1234]  wb_writeback+0x43b/0xaf0
[  120.738968][ T1234]  ? queue_io+0x341/0x590
[  120.738981][ T1234]  ? __pfx_wb_writeback+0x10/0x10
[  120.738996][ T1234]  ? wb_workfn+0x39d/0xef0
[  120.739007][ T1234]  wb_workfn+0x409/0xef0
[  120.739021][ T1234]  ? __pfx_wb_workfn+0x10/0x10
[  120.739033][ T1234]  ? rcu_is_watching+0x15/0xb0
[  120.739044][ T1234]  ? rcu_is_watching+0x15/0xb0
[  120.739058][ T1234]  ? process_scheduled_works+0x9ef/0x17b0
[  120.739070][ T1234]  ? rcu_is_watching+0x15/0xb0
[  120.739080][ T1234]  ? lock_acquire+0x5f/0x360
[  120.739097][ T1234]  ? rcu_is_watching+0x15/0xb0
[  120.739107][ T1234]  ? process_scheduled_works+0x9ef/0x17b0
[  120.739119][ T1234]  ? process_scheduled_works+0x9ef/0x17b0
[  120.739130][ T1234]  process_scheduled_works+0xae1/0x17b0
[  120.739157][ T1234]  ? __pfx_process_scheduled_works+0x10/0x10
[  120.739172][ T1234]  worker_thread+0x8a0/0xda0
[  120.739183][ T1234]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  120.739198][ T1234]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  120.739210][ T1234]  ? __kthread_parkme+0x7b/0x200
[  120.739224][ T1234]  kthread+0x711/0x8a0
[  120.739239][ T1234]  ? __pfx_worker_thread+0x10/0x10
[  120.739250][ T1234]  ? __pfx_kthread+0x10/0x10
[  120.739264][ T1234]  ? rcu_is_watching+0x15/0xb0
[  120.739276][ T1234]  ? __pfx_kthread+0x10/0x10
[  120.739291][ T1234]  ret_from_fork+0x3fc/0x770
[  120.739303][ T1234]  ? __pfx_ret_from_fork+0x10/0x10
[  120.739317][ T1234]  ? __switch_to_asm+0x39/0x70
[  120.739332][ T1234]  ? __switch_to_asm+0x33/0x70
[  120.739346][ T1234]  ? __pfx_kthread+0x10/0x10
[  120.739360][ T1234]  ret_from_fork_asm+0x1a/0x30
[  120.739381][ T1234]  </TASK>
[  120.740154][ T1234] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  121.023770][ T8313] loop0: detected capacity change from 0 to 8
[  121.031152][ T8313] SQUASHFS error: Failed to read block 0x4de: -5
[  121.034425][ T8313] SQUASHFS error: Failed to read block 0x4de: -5
[  121.037560][   T33] audit: type=1800 audit(1756147058.370:74): pid=8313 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.861" name="file1" dev="loop0" ino=5 res=0 errno=0
[  121.098397][ T8310] loop3: detected capacity change from 0 to 32768
[  121.115328][ T8310] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  121.132640][ T8310] XFS (loop3): Ending clean mount
[  121.135830][ T8310] XFS (loop3): Quotacheck needed: Please wait.
[  121.138551][ T8335] loop0: detected capacity change from 0 to 512
[  121.141678][ T8310] XFS (loop3): Quotacheck: Done.
[  121.142021][ T8335] EXT4-fs: Ignoring removed oldalloc option
[  121.166520][ T8335] EXT4-fs error (device loop0): ext4_xattr_inode_iget:433: comm syz.0.867: Parent and EA inode have the same ino 15
[  121.172199][ T8335] EXT4-fs error (device loop0): ext4_xattr_inode_iget:433: comm syz.0.867: Parent and EA inode have the same ino 15
[  121.174401][ T7033] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  121.180653][ T8335] EXT4-fs (loop0): 1 orphan inode deleted
[  121.184349][ T8335] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.387700][ T5847] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.984221][ T8355] loop0: detected capacity change from 0 to 40427
[  121.987058][ T8355] F2FS-fs (loop0): build fault injection rate: 14
[  121.989298][ T8355] F2FS-fs (loop0): build fault injection type: 0x3bfe8c
[  121.992101][ T8355] F2FS-fs (loop0): invalid crc value
[  121.995155][    C0] F2FS-fs (loop0): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  122.000285][    C0] F2FS-fs (loop0): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  122.025737][ T8355] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  122.029619][ T8355] F2FS-fs (loop0): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[  122.035800][ T8355] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  122.053856][ T8355] F2FS-fs (loop0): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  122.062028][ T8355] F2FS-fs (loop0): inject dquot initialize in f2fs_dquot_initialize of f2fs_new_inode+0x509/0x1050
[  122.069311][ T8355] F2FS-fs (loop0): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  122.075463][ T8355] F2FS-fs (loop0): inject inconsistent footer in sanity_check_node_footer of f2fs_get_dnode_of_data+0x249/0x1cf0
[  122.081130][ T8355] F2FS-fs (loop0): inconsistent node block, node_type:1, nid:3, node_footer[nid:3,ino:3,ofs:0,cpver:1219692001,blkaddr:4098]
[  122.111016][ T5847] F2FS-fs (loop0): inject page alloc in f2fs_grab_cache_folio of f2fs_grab_meta_folio+0x6a/0x1d0
[  122.186915][ T8364] loop3: detected capacity change from 0 to 2048
[  122.192355][ T8365] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  122.199993][ T8364] NILFS error (device loop3): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0
[  122.215282][ T8364] Remounting filesystem read-only
[  123.160033][ T8375] loop0: detected capacity change from 0 to 32768
[  123.265928][ T8375] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  123.292169][ T8375] XFS (loop0): Ending clean mount
[  123.347444][ T5847] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  125.066367][ T8399] loop0: detected capacity change from 0 to 32768
[  125.071101][ T8399] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.888 (8399)
[  125.078764][ T8399] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  125.082845][ T8399] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  125.125603][ T8399] BTRFS info (device loop0): enabling ssd optimizations
[  125.128935][ T8399] BTRFS info (device loop0): enabling free space tree
[  125.171774][ T5847] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  125.585136][ T5310] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  125.745442][ T5310] usb 4-1: config 0 has an invalid interface number: 255 but max is 0
[  125.748341][ T5310] usb 4-1: config 0 has no interface number 0
[  125.750279][ T5310] usb 4-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30
[  125.753654][ T5310] usb 4-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  125.758194][ T5310] usb 4-1: config 0 interface 255 has no altsetting 0
[  125.760453][ T5310] usb 4-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b
[  125.763398][ T5310] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.766912][ T5310] usb 4-1: config 0 descriptor??
[  125.769475][ T5310] ums-realtek 4-1:0.255: USB Mass Storage device detected
[  125.970571][ T5884] usb 4-1: USB disconnect, device number 11
[  126.133160][ T8434] loop2: detected capacity change from 0 to 32768
[  126.139766][ T8434] read_mapping_page failed!
[  126.141274][ T8434] ERROR: (device loop2): txCommit: 
[  126.141274][ T8434] 
[  126.153880][  T114] BUG at fs/jfs/jfs_txnmgr.c:931 assert(mp->nohomeok > 0)
[  126.156749][  T114] ------------[ cut here ]------------
[  126.158512][  T114] kernel BUG at fs/jfs/jfs_txnmgr.c:931!
[  126.160884][  T114] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[  126.163953][  T114] CPU: 1 UID: 0 PID: 114 Comm: jfsCommit Not tainted syzkaller #0 PREEMPT(full) 
[  126.167336][  T114] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  126.170535][  T114] RIP: 0010:txUnlock+0xdaf/0xdf0
[  126.172251][  T114] Code: e5 fd 90 0f 0b e8 01 34 7d fe 48 c7 c7 20 1b c4 8b 48 c7 c6 19 17 c4 8b ba a3 03 00 00 48 c7 c1 20 28 c4 8b e8 52 28 e5 fd 90 <0f> 0b e8 da 33 7d fe 48 c7 c7 20 1b c4 8b 48 c7 c6 19 17 c4 8b ba
[  126.178927][  T114] RSP: 0018:ffffc900024bfbc8 EFLAGS: 00010246
[  126.180967][  T114] RAX: 0000000000000037 RBX: 0000000000001000 RCX: 744d7c0cade21200
[  126.183561][  T114] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  126.186238][  T114] RBP: ffffc900020221b0 R08: ffffc900024bf8e7 R09: 1ffff92000497f1c
[  126.188886][  T114] R10: dffffc0000000000 R11: fffff52000497f1d R12: dffffc0000000000
[  126.191541][  T114] R13: 1ffff11021618434 R14: ffff88810b0c21a0 R15: 0000000000000000
[  126.194405][  T114] FS:  0000000000000000(0000) GS:ffff8881a3c1b000(0000) knlGS:0000000000000000
[  126.198110][  T114] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  126.200920][  T114] CR2: 000055556ed5e5c8 CR3: 0000000123022000 CR4: 00000000000006f0
[  126.204332][  T114] Call Trace:
[  126.205808][  T114]  <TASK>
[  126.207102][  T114]  jfs_lazycommit+0x584/0xa90
[  126.209140][  T114]  ? __pfx_jfs_lazycommit+0x10/0x10
[  126.211378][  T114]  ? __pfx_default_wake_function+0x10/0x10
[  126.213882][  T114]  ? __kthread_parkme+0x7b/0x200
[  126.216043][  T114]  ? __kthread_parkme+0x1a1/0x200
[  126.218210][  T114]  kthread+0x711/0x8a0
[  126.219985][  T114]  ? __pfx_jfs_lazycommit+0x10/0x10
[  126.222233][  T114]  ? __pfx_kthread+0x10/0x10
[  126.224247][  T114]  ? _raw_spin_unlock_irq+0x23/0x50
[  126.226501][  T114]  ? lockdep_hardirqs_on+0x9c/0x150
[  126.228649][  T114]  ? __pfx_kthread+0x10/0x10
[  126.230682][  T114]  ret_from_fork+0x3fc/0x770
[  126.232690][  T114]  ? __pfx_ret_from_fork+0x10/0x10
[  126.234900][  T114]  ? __switch_to_asm+0x39/0x70
[  126.237007][  T114]  ? __switch_to_asm+0x33/0x70
[  126.239099][  T114]  ? __pfx_kthread+0x10/0x10
[  126.241112][  T114]  ret_from_fork_asm+0x1a/0x30
[  126.243200][  T114]  </TASK>
[  126.244558][  T114] Modules linked in:
[  126.246858][  T114] ---[ end trace 0000000000000000 ]---
[  126.251064][  T114] RIP: 0010:txUnlock+0xdaf/0xdf0
[  126.253221][  T114] Code: e5 fd 90 0f 0b e8 01 34 7d fe 48 c7 c7 20 1b c4 8b 48 c7 c6 19 17 c4 8b ba a3 03 00 00 48 c7 c1 20 28 c4 8b e8 52 28 e5 fd 90 <0f> 0b e8 da 33 7d fe 48 c7 c7 20 1b c4 8b 48 c7 c6 19 17 c4 8b ba
[  126.261958][  T114] RSP: 0018:ffffc900024bfbc8 EFLAGS: 00010246
[  126.265757][  T114] RAX: 0000000000000037 RBX: 0000000000001000 RCX: 744d7c0cade21200
[  126.269167][  T114] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  126.272569][  T114] RBP: ffffc900020221b0 R08: ffffc900024bf8e7 R09: 1ffff92000497f1c
[  126.276050][  T114] R10: dffffc0000000000 R11: fffff52000497f1d R12: dffffc0000000000
[  126.279433][  T114] R13: 1ffff11021618434 R14: ffff88810b0c21a0 R15: 0000000000000000
[  126.282573][  T114] FS:  0000000000000000(0000) GS:ffff8881a3c1b000(0000) knlGS:0000000000000000
[  126.286342][  T114] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  126.289144][  T114] CR2: 000055556ed5e5c8 CR3: 000000000df36000 CR4: 00000000000006f0
[  126.292501][  T114] Kernel panic - not syncing: Fatal exception
[  126.295874][  T114] Kernel Offset: disabled
[  126.297633][  T114] Rebooting in 86400 seconds..

VM DIAGNOSIS:
18:37:43  Registers:
info registers vcpu 0

CPU#0
RAX=bdd7a6c10f906800 RBX=ffffffff819683b8 RCX=bdd7a6c10f906800 RDX=0000000000000001
RSI=ffffffff8be33660 RDI=ffffffff819683b8 RBP=ffffffff8de07eb8 RSP=ffffffff8de07d80
R8 =ffff88804b032f9b R9 =1ffff110096065f3 R10=dffffc0000000000 R11=ffffed10096065f4
R12=ffffffff8fa38330 R13=0000000000000000 R14=0000000000000000 R15=1ffffffff1bd2a20
RIP=ffffffff8b7973f3 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b861b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055b5218f7000 CR3=0000000110910000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000001 XMM01=00440301ac020042 0302b60200400304
XMM02=02004a0312020048 0300020046033c02 XMM03=040050030402004e 03029602004c030a
XMM04=580302ee02005603 0188020054030880 XMM05=010fffffffffffff 0400046c10000a10
XMM06=00080175ee0c0200 6a03120200680308 XMM07=0200660310040062 0318020060030602
XMM08=005e030a02005c03 1202005a03060200 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=1ffffffff33bde0d RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9
RSI=0000000000000000 RDI=0000000000000020 RBP=ffffc900024bf4b0 RSP=ffffc900024bf2d8
R8 =0000000000000001 R9 =0000000000000000 R10=dffffc0000000000 R11=ffffffff854f1bb0
R12=dffffc0000000000 R13=dffffc0000000000 R14=ffffffff99def3e0 R15=0000000000000000
RIP=ffffffff854f1c27 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c1b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055556ed5e5c8 CR3=0000000123022000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 ff000000000000ff XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=7712c53e93b9f1e8 728370bf3cb3486e
XMM06=63e772d7f3a22482 dabb339f3c035440 XMM07=bd0dad416e16bee6 46815929601aad29
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007fe0f3012fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
