last executing test programs:

4m25.111435085s ago: executing program 2 (id=418):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@bridge_getvlan={0x20, 0x72, 0x301, 0x0, 0x0, {}, [@BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}]}, 0x20}, 0x1, 0xf00, 0x0, 0x20000010}, 0x0)

4m25.111240636s ago: executing program 2 (id=419):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000240)='kfree_skb\x00', r0, 0x0, 0x8}, 0x18)
r1 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @loopback={0xff00000000000000}, 0x10000}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)

4m24.979672589s ago: executing program 2 (id=420):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-sse2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x800)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), r1)

4m24.979463845s ago: executing program 2 (id=421):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x100000b3, 0x4)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000000)=0x100000b3, 0x4)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e23, @loopback}, 0x10)
syz_emit_ethernet(0x32, &(0x7f00000001c0)={@multicast, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @multicast2, @empty=0xe0000001}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2, 0x1, 0x0, 0x3d}}}}}}}, 0x0)

4m24.901161722s ago: executing program 2 (id=422):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x1c802, &(0x7f0000002740)=ANY=[@ANYBLOB="71756f74612c646973636172642c646973636172642c696f636861727365743d6b6f69382d72752c646973636172642c00f4193eb3ba2a0d5fd0cd7374288ff89ec513a53e007345decb720900f8312da2463eb0edf52fad1a00ebd41c14b3ce75d0cffefd379624b16f7260c835713b263352e03b5cb8fa0c042bd1225ed4ded2b62e12fea4d7e61b738e40781e58d5fff112364ac140f419e5dafecd283b3fab6b142ddbc893b35a81fe9265591ef35fa2928e095fee4c10b22e4212378de59bca0307cc644b9620b63f0000007bbbd422d87856b71348b8f45398b9660b6b3e8ee8a8c32f3234cb46e2cd827ec25c1ca4d046bc004f8df7b1ee690a5e50510700d80c7fa65fa724d0e1b4369f1b64fe249a0312010000004ac983de925f52d735b03fea941b1e948ad8d19cfda5b799325fd69d14fcf6cdde7700a63150eb3699e5314e0827750e244150ec19f3f3f1d8be542c084b5e40bfaa8ad206d2a33b0ddbd7f8e07dc7d17174a4549ffaf5976949cb6d658c42ec7cd9fe8ad82852cefb04646edb3a41eb514eb6a772b3ee9f21e25822b54ec33e592d5c040946721101d53aff21f90351c95aa0f73f1853d6afcbf9448b220e988466066fa5c09e6198fc4520d199b93bdedee87c4043815aa05668a06f8da96680ccc1a139ade90f5c79af46208f9762f54e7c29088d9de69bd2d51c6b9c42209ddc3880051303b855853407d959a5777dce25201c5ea1faa084c36e3e349915ebec53435eb2910c59394ee84ba3baf9c440ae5833c23f46b0eaac543ce0c80ba0603213e53ea59755070b18bc10b9224aa082d967206115b492d825751fcc00000000000000e63d51c5bffa4f712c2d7fafb9cf506c06e1ddad4fc19038407786fedb9afdfb11a5f182676dd84c919f71d5eee2f3b740b68ee7f6518eb9d8baa26f1c3871f863b134ee942eb3af92d19e70d8268839cd7b4637f0627299f99b1873ca165e410f8bd421e1a4859fd9bd6bb34d25c07e1a52b9668a530b10b8585d797124a6975a71aedbe557a17b06bbfe547aa553c3d08b8921a4b0d938c03687bd48a9a387b4c066c056f457fba5738775b900a1e82a89aae1494b05c4bb0fc8ed1a93688bf850a4f7b0942eda1f16ecf043efa6b8c1f9e0fba31f4a58ed0031180fb1b8a00e4a86826b030000002dd1272a3d1609bebb749daef202e0412a73d545b86ca7a6bf569ed35d0000ca23b0de742f6008fdf20928370d88f8c04bc3b97b9a9e0062e8fc5fd2337d85a66bd20730f3153db2459fb34c134c06c19364e9645e83040dd16ee08f18f0ba69ac9ca3e25e15442b07000000d30d38a64613b535fa808a9b3bae00bc371271d45db200a5cbf433e2f6dd03b7c7fcc040781e5151c9badb787e7e1e2f39d60998919aa8dbd156f31a5b7fa5f9e5ec01e8c799edc322703c7fc4a81ab9bc02dd96714ee9d7e75d28d040ff3566404fd6db547a4b553197c1f316d20ea54f9459cd81351a510d101e90eabe6dc6c6ac3ffa189c073a5fb3fc382df620bf5af9e638819c77a051e6875866a849f6f578c068c0e4c7cfbc15033997efa853c96297b3201dd30ea40dc94d010a0c33da9f63a10b8f813dc789b80be3bb3f00ee58b30d5c03a6ddbf418ac1b3d4a13839e4b273c4f914bed13f8806295495d41609478798396aeec06e8d342efd8ac6b422f6c23a011b1400000000000000bc2a02094e19a1ee8bb3c3c0c088ae8efaf68c85001faf7cf5426fb7c5c367ed93eb25c48a293549d15b91b59f1b574b3f6171f8e56a402ec56bdf51d90312b3ca5398f4050000007504be21456ec953bf06f12fff20c31e7c8b55fee5c49aa939830b09995ff149258118f9aae29206f9731288b56b10de51525665fdb4e289b1c177de97af3085f82045fbd012f1dde94ffecd90b7b63d8197d9c24a6fe5915ac7d7240847f6d0bf9099ee117c83e363f2ad36a4a9f4faa5734afe9770c38c565cae87a408d0acbb2db7db9174acab60a344814ee643fa82ba41706d2360269ed276e13dd83abbc258f07b0d58ab0b65200b18b7f9f871bcb43fec5a2e3789ecd0c1069d2da80b93c86dff8933e70c2108346003ddf6b60379eee63b66e7341cdd8f87ed9f11894c9ae040976321d87405b492f419ebfa77eb367ca6e360b8f8451102f54893d7d1695c24bcc184b1e7d19940a2b6931ade8638dd2b85a86dc511dbb97f50520f91fbf7201fc9621d0aee9735d07ca024076e8581db332b1c5f135fe6b2e9d2c18c9d5d5a524d3d5b2657e4b28f1a09696bd5b076a1471c8b2ab2ca3ba57843af1d03590f4e8985e1c463c781bb03ad7ec816ea70bbe06411aae001e0ca72ee7e828ad14bb7a092d883ad000554bf7f00000000000075cc01f8a2e1802192f09e77bc488b3bd3f08a9ce88ba2e2bcc23cf5d7372b339ce1f5003db0ad70fa6e93aa908a2ced81f5514e23e2f94ff03c1c02f5a9195f4735563efd0a1fc7dafcfb3dae043fe0c172ec3a12747d7abf4382bf7453c13df994641017a0f461add956ef8f834b762af30408af6a61f317fd3c7b0816236a768601b7c6606ba52ff126eb13d33c915c5da99d118db488da3f3d7783a608282a93fcbe0910f0389c3ef91de7c84e23daa6554c42b2b3e9f70a9f790f29011a0b5101b23bfeba6e52877ed8a188958e39375dd203d434bef4dc82cc8a21fc40c6e6e6a2475f70bf1503beb9555036e63bdc937f8a4d61b21d06a9d3239d1df6f2e9ef16dee590b15ac028c6d873bb2965374b733d8e11ba763ab157ed91dd871b098c0543dcbba4cf67db8c83c84369dc67735fa4faa0fdcf34b1c6a862ccae9fe4fa28746504643b57f02623a2ef34ea90f2e7f7dd771f8f75217c799d978a3533fcfab6c6f5391b626d61b400f08172fc675e2a062d06c31b85452804f7b125c291f60a02a5d62271e96fe70d64bae36e28b42e197259169ebee8f64355544fbad8b83c1c8fad02cd1a2e56a6f6e82ec7719a48a1bea803546b8af7a89faf7cef94d8ada45fc0a98a79ba90c95262f0110725c6bf7c81237534dcd6a8a113bd8ac48b7db5526ab762cec103674742476cd6b92b8c7abcfb1f8e08f0a05c1b209187049f3206bd545e8c20f8db6d8a7cdd0c9ecbb9011b611a013cd581521dfcb028d59d5c69d286fb93e4c498b3aaff7e0cdcf1f41fec65ebdbe4c2bf453140251cdd94c32b87c4634d6500000000000000000000000000000000816e6c33f92dca3e03c40000005e538c77b2b14f63d253705363846bc4e9cd3284ff329330812d2211ae34106e0306376a2b1cfe60a09becae2b05ec9adcac47612af85f598a880fa97891a7a290b6e730800542aea761aeb463f5ff5bdf5099ae8ad4afe99db9e9c4e703cb900e9ae272742fe2ff81d1a4f15668392cdafd2e1757706f47f9f84e532f25e2737cb6f6e89378f8d79ab8507b109c7f1f3653a5bc9d54ccc633de6263526eac10519274"], 0x1, 0x5f55, &(0x7f000000efc0)="$eJzs3cuOHFcZB/CvL9NzCXGsCEXGYuE4EBJCfLch3OKwYAFIICGvsTWZRAYHkG0QiSw8kReIBZdHgE02LPIi4RUQD4AlD6tIEArVzDl2TU2Pexx7urrn/H7SuOrr0zV9yv+pqe6pywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIL733R+f7kXE5V+nBw5HfCYGEf2I5bo+FvXMxfz8YUQcic3meC4iBosR9fKb/zwTcS4iPjoUcW/j1mr98Jk99uP8qZvXP/n+d/7xuz/dOfLTN3/yQbv9R589++Hvb0cc/uFrH35y+8msOwAAAJSiqqqqlz7mH02f7/tddwoAmIq8/6+S/LharVarn2j9x/5s9UddaN1UjXe7WUTEenOZ+j2Dw/EAMGfW4+Ouu0CH5F+0YUQ81XUngJnW67oD7It7G7dWeynfXnN/cGyrPf+dclv+673713fsNp2kfY7JtH6+7sQgnt2lP8tT6sMsyfn32/lf3mofpeftd/7Tslv+o61Ln4qT8x+082/Zlv+fI2Ju8++Pzb9UOf/ho+S/Ppjj7V/+AAAAAAAcfPnv/4c7Pv67+PirsicPO/57bEp9AAAAAAAAAIAn7XHH/7vP+H8AAAAws+rP6rW/HHrw2G73Yqsfv9SLeLr1fKAw6WKZla77AQAAAAAAAAAAAAAlGW6dw3upF7EQEU+vrFRVVX81tetH9bjLz7vS1x9K1vUveQAA2PLRoda1/L2IpYi4lO71t7CyslJVS8sr1Uq1vJjfz44Wl6rlxufaPK0fWxzt4Q3xcFTV32ypsVzTpM/Lk9rb369+rVE12EPHpqPDwAEgIrb2RvfskQ6Yqnomun6Xw3yw/R88tn/2ouufUwAAAGD/VVVV9dLtvI+mY/79rjsFAEzDUt7/t48LqNVqtVqtPnh1UzXe7WYREevNZer3DIbjB4A5sx4fd90FOiT/og0j4kjXnQBmWq/rDrAv7m3cWu2lfHvN/UEa3z2fC7It//Xe5nJ5+XHTSdrnmEzr5+tODOLZXfrz3JT6MEty/v12/pe32kfpefud/7Tsln+9noc76E/Xcv6Ddv4tByf//tj8S5XzHz5S/gP5AwAAAADADMt//z9c/PFfdz0AAAAAAAAAYH7d27i1mq97zcf/Pz/meb3mnOs/D4ycf2/P+bv+9yDJ+ffb+bdOyBk05u++8SD/f2/cWv3g5r8+l6czn//CYFS/9kKvPxim05yqhbfialyLtTi14/nDbe2nd7QvbGs/M6H97I72Ud2+nNtPxGr8Iq7Fm/fbFyecGLU0ob2a0J7zH9j+i5TzHza+6vxXUnuvNa3dfb+/Y7tvTse9zsW//ffFnVvX9N2Jwf11a6rX73gH/dn8P3lqFL+6sXb9xG+u3Lx5/XSkybZHz0SaPGE5/4X0lfN/6YWt9vx7v7m93n1/9Mj5z4o7Mdw1/xca8/X6vjzlvnUh5z9KXzn/vAcav/3Pc/67b/+vdNAfAAAAAAAAAAAAAAAAeJiqqjYvEb0YERfS9T/uhA8ARfjDD9JMlYRarVar1eoDWzdV473eLGJp+zIXIuK3474ZADDL/hcR/+y6E3RG/gXL9/urp1/oujPAVN14972fXbl2be36ja57AgAAAAAAAAB8Wnn8z2ON8Z83zwNqjRu9bfzXN+LY3I7/2R8NNsc6Tyv0fDx8/O/j8fDxv4cTXm9hQvtoQvvihPalCe1jL/RoyPk/nzLO+R9NK1bS+K8vddCfruX8j6exnnP+X2o9r5l/9dd5zr+/Lf+TN9/55ckb77736tV3rry99vbaz0+funDu7PlzZ8+fP/nW1Wtrp7b+7bDH+yvnn8e+dh5oWXL+OXP5lyXn/8VUy78sOf8XUy3/suT88/s9+Zcl558/+8i/LDn/l1Mt/7Lk/L+cavmXJef/SqrlX5ac/1dSLf+y5PxfTbX8y5LzP5Fq+Zcl538y1fIvS84/H+GSf1ly/vnMBvmXJed/JtXyL0vO/2yq5V+WnP+5VMu/LDn/86mWf1ly/hdSLf+y5Py/mmr5lyXn/7VUy78sOf/XUi3/suT8v55q+Zcl5/+NVMu/LDn/b6Za/mXJ+X8r1fIvS87/26mWf1ly/q+nWv5leXD/fzNTnvnP3yNmoBtmzIyb6fo3EwAAAAAAAAAAAADQNo3TibteRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP7PDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1Eaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwd3cxcpX3GcDPftlrQ4IbCCHECWtjiAOLd9df4BCDSUJKSZtSEtKmJTWOvTZO/FXvOgGEylJoSxSkIrUX9KJpEqVRpLYCRZGaSjRCaqT2rlwl4iZqJS4sFSoHJZVSBbY6M+/77szs7Mz6Y+3z8fsh/PfOnJl558yZ2X3WemYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBWGz42/ecDWZbl/zf+WJdll+d/X5Ptyb+c23mpVwgAAACcr7caf/7DFemEPcu4UMs2//aB//j+/Pz8fPaFN0+//Zfz8+mMsSwbWp1ljfOif//lL+ZbtwmeykYHBlu+Huxz80N9zh/uc/5In/NX9Tl/dZ/zR/ucv2gHLLKm+fuYxpVtavx1XXOXZldlI43zNnW51FMDqwcH4+9yGgYal5kfOZgdzo5k09nkossMNP7Lspc25Ld1TxZva7DlttZnWXbmZ4/vj2sYCPt4U9Z2Yw2tj90bd2Vjb/7s8f3fmX39vd1m392waKVZtnljvs6ns2zh11XZQLY67ZO4zsGWda7vss6htnUONC6X/71znWeWuc54v0fDOl/psc714bRHrs+ybC5bcptOT2WD2dqOW037e7R5ROTXkT+U78qGz+o42bCM4yS/zGvXtx8nncdk3P8bwj4ZXmINrQ/HG0+uWrTfz/U4ye91EY7V/Lrvy290dLT1V6ttx2q+zeM3LH0MdH3suhwD6VhuOQY29jsGBlcNNY6BwYU1b2w7BqYWXWYwG2jc1ukbeh8DE7NHT0zMPPrYLYeP7js0fWj62NTkzu3bdmzftmPHxMHDR6Ynm3+e3S4tkbXZYDoGN4bXmngMfrBj29ZDcv6bF+55MFqQ50F+3z9zY76gywezJY7xfJunN5//8yB93295Hgy3PA+6vqZ2eR4ML+N5kG9zZvPyvmcOt/zfbQ0r9Vq4ruUYuJTfD/PbfPBDS78Wrg/reuams/1+OLToGIh3ayA89/JT0s97o7eF/bL4uLg2P+OyVdmpmemTWx7ZNzt7cioL46K4suWx6jxe1rbcp2zR8TJ41sfLnr//1Y3Xdjl9XdhXozf3fqzybbaP936sGq/u7ftzVdbcn22nbs3CuMAu9v7s9t0s358pS/TYn/k2T99y/j8LplzS8vo30u/1b2hkuPn6N5T2xkjb69/ih2aosbIsO3PL8l7/RsL/F/v176qCvP7l++rBLb2PgXybZybO9hgY7vn6d32YA2E9HwqJYbQl97/dOH+ueZi2PJZ9j5vh4ZFw3AzHW2w/brYtukx+bfltb548t+Nm8/Xtj1Xbzy0VPG7yffVXk72Pm3ybl6fO/7VjTfxry2vHqn7HwMjQqny9I+kgaL7eza+Jx8CWbH92PDuSHUiXyR/l/LbGty7vGFgV/r/Yrx3XFOQYyPfV81t7HwP5Nj/admF/dtocTknbtPzs1Pn7haUy/7XDC9fXudsudObP1/nxH38qndYtQ+TbvL79bHNG7/10czjlsi77qfP5s9QxfSC7OPvpmrDOIzt6/24q3+aqncs8nvZkWfbq1KuN33eF3+9+79SPv9/2e99uv1N+derVeyfu/8nZrB8AgHP3duPPuVXNnzVb/sV6Of/+DwAAAJRCzP2DYSbyPwAAAFRGzP1DYSbyPwAAAFRGzP3DYSY1yf8P37brhbeeyNK7Ac4H8fy4G+67o7ld7HjPha/H5hfkp3/02yMvfPWJ5d32YJZlv7r3fV23f/iOuK6mE3GdH24/fZFrrlvW7T/0wMJ2re+fcGZX8/rj/VnuYRC7yi9NbG1c79ijU4358r1ZY94/98xTzetvfh23P72tuf3fhDct2XNwoO3ym8N6NoU5Ft5T5r49C/shn/FyL6z/wL9e+dmF24uXG9j4zsbdfP6Pm9cb3yPquSub28f7vdT6/+Vr330h3/6RG7qv/4nB7us/Ha73tTB/ubu5fes+/2rL+v80rD/eXrzclm/9sOv6X3xPc/sXw3HxjTA713/XX7z/rW6PV7ydPbc3Lxdvf/J/tzcuF68vXn/n+kefmGrbH53X//KbzevZ/eWfD7VuH0+PtxM9dHv78T0QHt+2HnmWZd/9s6xtP2cfaV7unzvWH6/vxO3d139zxzpPDFzXuPzC/VnXdr++/ndbu97fuJ49/7iu7f48d3fYf29O/Ci/3tP3h+MxnP9/rzSvr/O9TF+8u/31Jm7/jXXN5228vomO9T/Xsf656/J913/997zZXP+Ld65uW/+eT4Tj6Z7m7Lf+Q397Rdvlv/md5uNx8ivjx47PnDp8oGWvtj6PV4+uWXvZ5e945xXhtbTz673HZx+ePjk2OTaZZWMlfMvAlV7/t8L8n+aYu/C30PSTnzePu2c/2fy+9cFfNL9+Lpz+UHg84/fHr//1SNvx2vm4z93ZnOe7/pvCOpbrPV/7r+uWteHpz7906p/+5PXOnwvi/Tnx7tHG/Xt+w9WN8wZebp7f+XrVz3++u/15/dPhycb8Qdiv8+GdmTde3by9zuuP703y7Kebz9/4k1y8fNbxfiLrhtrvx/mu/6fh55gfXtP++hePjx880fFuzuuygXwJc+H1IZtrnh+3ivv72TNXd729+D482dx7z2aZS5p5dGbiyOFjpx6ZmJ2emZ2YefSxvUePnzo2u7fx3qV7v9jv8gvP77WN5/eB6Z3bs8az/XhzrLBLvf4TD+w/cOvkjQemD+47dXD2gRPTJw/tn5nZP31g5sZ9Bw9Of6Xf5Q8f2D21dde2W7eOHzp8YPdtu3Zt2zV++NjxfBnNRfWxc/JL48dO7m1cZGb39l1TO3Zsnxw/evzA9O5bJyfHT/W7fON703h+6S+Pn5w+sm/28NHp8ZnDj03vntq1c+fWvu/+ePTEwZmxiZOnjk2cGp4+OdG8L2OzjZPz7339Lk89zBwPr3cdBsJP55+7eWd6f9zct59c8qqam7T/eJq9Ed4LKn5/6/d1zP0jYSY1yf8AAABQBzH3hzf+XzhD/gcAAIDKiLl/dZiJ/A8AAACVEXN/M/mPpo9/r0v+v1D9/yf1/xv0//X/M/3/RP9f/z/T/9f/70P/X/+/zOvX/0/9/xn9f5ZStP5/yP3Zmizz7/8AAABQUTH3rw0zkf8BAACgMmLuvyzMRP4HAACAyoi5//Iwk5rkf5//r/+v/9+r/x+31f/P9P+L0P/f9N/6/4vo/+v/Z/r/5+xS9+fLvv4C9v/X6P9TNEXr/8fc/44wk5rkfwAAAKiDmPvfGWYi/wMAAEBlxNx/RZiJ/A8AAACVEXP/ujCTmuR//X/9f/1/n/+v/1+a/r/P/+9C/1//P9P/P2eXuj9f9vUXsP/v8/8pnKL1/2Pu/7Uwk5rkfwAAAKiDmPvfFWYi/wMAAEBlxNx/ZZiJ/A8AAACVEXP/VWEmNcn/9ez/v5Zlmf5/pv+v/9+xTv1//f+VoP+v/9+L/r/+f5nXr/+v/09/Rev/x9z/7jCTmuR/AAAAqIOY+68OM5H/AQAAoDJi7n9PmIn8DwAAAJURc/81YSY1yf/17P/7/H/9/yb9//Z16v/r/68E/X/9/170/5fR/x9e+Kv+f7HWr/+v/09/Rev/x9z/3jCTmuR/AAAAqIOY+68NM5H/AQAAoDJi7n9fmIn8DwAAAJURc//6MJOa5H/9f/1//X/9f/1//f+VVK7+/+CS5+j/N+n/t7tw/f+5hQX4/P/SrF//X/+f/orW/4+5//1hJjXJ/wAAAFAHMfd/IMxE/gcAAIDKiLn/ujAT+R8AAAAqI+b+sTCTmuR//X/9f/1//X/9f/3/lVSu/v/S9P+b9P/bXZTP/2+h/1+s9ev/6//TX9H6/zH3bwgzqUn+BwAAgDqIuX9jmIn8DwAAAJURc//1YSbyPwAAAFRGzP2bwkxqkv/1//X/9f/1//X/9f9Xkv6//n8v+v/6/2Vev/6//j/9Fa3/H3P/DWEmNcn/AAAAUAcx998YZiL/AwAAQGXE3P/BMBP5HwAAACoj5v7NYSY1yf/6//r/+v8l7v8P6f9n+v+Fp/+v/9+L/r/+f5nXr/+v/09/Rev/x9z/oTCTmuR/AAAAqIOY+28KM5H/AQAAoDJi7r85zET+BwAAgMqIuX88zKQm+V//X/9f/7/E/X+f/9+2fv3/YtL/1//vRf9f/7/M69f/1/+nv6L1/2PuvyXMpCb5HwAAAOog5v4tYSbyPwAAAFRGzP0TYSbyPwAAAFRGzP2TYSY1yf/6//r/+v/6//r/+v8rSf9f/78X/X/9/zKvX/9f/5/+itb/j7l/KsykJvkfAAAA6iDm/q1hJvI/AAAAVEbM/dvCTOR/AAAAqIyY+7eHmdQk/5ek/78lFaD0//X/9f/1//X/S0X/X/+/F/1//f8yr1//X/+fdoNdTita/z/m/h1hJjXJ/wAAAFAHMffvDDOR/wEAAKAyYu6/NcxE/gcAAIDKiLn/tjCTmuT/kvT/ff6//r/+fwv9f/3/MtH/1//vRf9f/7/M69f/1/+nv6L1/2Pu3xVmUpP8DwAAAHUQc/+Hw0zkfwAAAKiMmPtvDzOR/wEAAKBUun0OYRRz/0fCTGqS//X/q97/n1+t/6//r//fe/36/ytL/1//vxf9f/3/Mq9f/1//n/6K1v+PuX93mElN8j8AAADUQcz9d4SZyP8AAABQGTH33xlmIv8DAABAZcTcvyfMpCb5X/+/6v1/n/+v/6//32/9+v8rS/9f/78X/f9y9v/Djy36/wXq/+fHkP4/RVS0/n/M/XeFmdQk/wMAAEAdxNz/0TAT+R8AAAAqI+b+j4WZyP8AAABQGTH3fzzMpCb5X/9f/1//X/9f/1//fyXp/69Y/7/xUljk/v+aZdyM/n85+/+R/n9x+v8+/5+iKlr/P+b+u8NMapL/AQAAoA5i7v9EmIn8DwAAAJURc/+vh5nI/wAAAFAZMfffE2ZSk/yv/6//r/+v/6//r/+/kvT/ff5/L/r/+v9lXr/+v/4//RWt/x9z/2+EmdQk/wMAAEAdxNx/b5iJ/A8AAACVEXP/J8NM5H8AAAAomVVLnhNz/2+GmdQk/5ev/z9Wyv7/YLp+/X/9f/1//X/9/wtJ/1//P9P/P2eXuj9f9vXr/+v/01/R+v8x9/9WmElN8j8AAADUQcz9nwozkf8BAACgMmLu/+0wE/kfAAAAKiPm/vvCTGqS/y90/7/z8r34/H/9/0z/X/9f/1///zzp/+v/Z/r/5+xS9+fLvn79f/1/+ita/z/m/t8JM6lJ/gcAAIA6iLn//jAT+R8AAAAK6uGzvkTM/Z8OM5H/AQAAoDJi7v9MmElN8n/5Pv9f/1//X/9f/1//v0z0//X/e9H/1/8v8/r1//X/6a9o/f+Y+x8IM6lJ/gcAAIA6iLn/s2Em8j8AAABURsz9vxtmIv8DAABAZcTc/3thJj3y/9KVhPLR/9f/1//X/9f/1/9fSfr/i/v/+WuY/n+T/r/+f5nXr/+v/09/Rev/x9z/uTAT//4PAAAAlRFz/++Hmcj/AAAAUBkx9/9BmIn8DwAAAJURc/+DYSY1yf/6//r/+v/6//r/+v8rSf/f5//3ov+v/1/m9ev/6//TX9H6/zH3fz7MpCb5HwAAAOog5v4/DDOR/wEAAKAyYu7fG2Yi/wMAAEBlxNz/UJhJTfK//r/+v/6//r/+v/7/StL/1//vRf9f/7/M69f/1/+nv6L1/2Pu3xdmsqf9ZgAAAIDyirn/C2EmNfn3fwAAAKiDmPv3h5nI/wAAAFAZMfcfCDOpSf7X/9f/1//X/9f/1/9fSfr/+v+96P/r/5d5/fr/+v/0V7T+f8z902EmNcn/AAAAUAcx9x8MM5H/AQAAoDJi7j8UZiL/AwAAQGXE3P9wmElN8r/+v/6//n9t+/+vfK9jnfr/+v8rQf9f/78X/X/9/zKvX/9f/5/+itb/j7n/cJhJTfI/AAAA1EHM/V8MM5H/AQAAoDJi7v9SmIn8DwAAAJURc/+RMJOa5H/9f/1//f/a9v+X9/n/axZuV/9f//9c6P/r//ei/6//X+b16//r/9Nf0fr/MfcfDTOpSf4HAACAOoi5/1iYifwPAAAAlRFz//EwE/kfAAAAKiPm/hNhJjXJ//r/Z9X/XzWwRDdQ/7/7+vX/K9D/b6H/r/9/LvT/9f970f/X/y/z+vX/9f/pr2j9/5j7/yjMpCb5HwAAAOog5v6TYSbyPwAAAFRGzP0zYSbyPwAAAFRGzP2zYSY1yf/6/z7/X/9f/1//X/9/Jen/6//3ov+v/1/m9ev/6//TX9H6/zH3nwozqUn+B4D/Z+8+c/U6qz4OP6/zOiRCwBTCEGACDIExIDEGeknooUPovYXeQofQe++99x4IvUpB8VlrhWPsvW2f8/jc+17X9SELTpB8RzEf/kp+2gAAHeTuv1/cYv8DAADANHL33z9usf8BAABgGrn7HxC3NNn/+n/9v/5f/6//1//vk/5f/79E/6//3/L79f/6f9aN1v/n7n9g3NJk/wMAAEAHufsfFLfY/wAAADCN3P0PjlvsfwAAAJhG7v6HxC1N9r/+X/+v/9f/6//1//uk/9f/L9H/6/+3/H79v/6fdaP1/7n7Hxq3NNn/AAAA0EHu/ofFLfY/AAAATCN3/8PjFvsfAAAAppG7/9q4pcn+1//r//X/G+z//1//r//fDv2//n+J/l//v+X36//1/6wbrf/P3X9d3NJk/wMAAEAHufsfEbfY/wAAADCN3P2PjFvsfwAAAJhG7v5HxS1N9r/+X/+v/99g/+/7//r/DdH/6/+X6P/1/1t+v/5f/8+60fr/3P2Pjlua7H8AAADoIHf/Y+IW+x8AAACmkbv/sXGL/Q8AAADTyN3/uLilyf7X/+v/9f/6f/2//n+f9P/6/yX6f/3/lt+v/9f/s27v/f+9rz9zL7T/z91/fdzSZP8DAABAB7n7Hx+32P8AAAAwjdz9T4hb7H8AAACYRu7+J8YtTfa//l//f0f/f9v/6f/1//r/O36u/z8e+n/9/xL9v/5/y+/X/+v/Wbf3/n+l9z/7v+fuf1Lc0mT/AwAAQAe5+58ct9j/AAAAMI3c/U+JW+x/AAAAmEbu/qfGLU32v/5f/+/7//p//b/+f5/0/8P2/2f/X+8w/f8F0f/r/8/X/9/rAt6v/6eD0fr/3P1Pi1ua7H8AAADoIHf/0+MW+x8AAACmkbv/hrjF/gcAAIBp5O5/RtzSZP/r//X/+n/9/+H+/1TL/v/2n+n/90P/P2z/v0z/f0H0//p/3//X/7NstP4/d/8z45Ym+x8AAAA6yN3/rLjF/gcAAIBp5O5/dtxi/wMAAMA0cvc/J25psv/1//p//b/+/0jf/79ijv7f9//3R/+v/1+i/9f/b/n9+n/9P+tG6/9z9z83bmmy/wEAAGB6p3a1+58Xt9j/AAAAMI3c/c+PW+x/AAAAmEbu/hfELU32v/5f/6//1/8fqf+f5Pv/+v/90f/r/5dcaP+/0//XX4v+f5z36//1/6wbrf/P3f/CuKXJ/gcAAIAOcve/KG6x/wEAAGAauftfHLfY/wAAADCN3P0viVua7H/9v/5f/6//1//r//dJ/6//X+L7//r/Lb9f/6//Z91o/X/u/pfGLU32PwAAAHSQu/9lcYv9DwAAANPI3f/yuMX+BwAAgGnk7n9F3HL2/j91OV91+ej/9f/6f/2//l//v0/6f/3/Ev3/ufv/q87z6+n/x3q//l//z7rR+v/c/TfGLf75PwAAAEwjd/8r4xb7HwAAAKaRu/9VcYv9DwAAANPI3f/quKXJ/j9f/3/rnQ/+vP7/wuj/z/1+/b/+X/+v/9f/6/+X6P99/3/L79f/6/9ZN1r/n7v/NXFLk/0PAAAAHeTuf23cYv8DAADANHL3vy5usf8BAABgGrn7Xx+3NNn/x//9/2v0//p//X9c/b/+X/+v/9f/L9P/6/+3/H79v/6fdaP1/7n73xC3NNn/AAAA0EHu/jfGLfY/AAAATCN3/5viFvsfAAAAppG7/81xS5P9f/z9v+//6/8vsv8/pf9P+v/4+6r/1/9fBP2//n+n/79kJ93Pb/39+n/9P+tG6/9z9990Zur12/8AAADQwU1n/njV7i1xi/0PAAAA08jd/9a4xf4HAACAaeTuf1vc0mT/6//1/yfe//v+f9H/x99X/b/+/yLo//X/O/3/JTvpfn7r79f/6/9ZN1r/n7v/7XFLk/0PAAAAHeTuf0fcYv8DAADANGL3H/zL7/Y/AAAATOmdZ/541e5dcUuT/d+4/7/mqP3/1f/1n/X/536//v9Y+v+bzv69p//X/2+J/l//v0T/r//f8vvH6f/jB9fq/xnPaP1/7v53xy1N9j8AAAB0kLv/PXGL/Q8AAADTyN1/c9xi/wMAAMA0cve/N25psv8b9/+TfP//PrfEC/T/8/b/vv8fV/+v/z8X/b/+f6f/v2Qn3c9v/f3j9P++/8+4Ruv/c/e/L25psv8BAACgg9z9749b7H8AAACYRu7+D8Qt9j8AAABMI3f/B+OWJvtf/7/1/t/3//X/+n/9/9j0//r/Jfp//f+W36//1/+zbrT+P3f/h+KWJvsfAAAAOsjd/+G4xf4HAACAaeTu/0jcYv8DAADANHL3fzRuabL/9f/6/331/7f/Ivr/Jv3/dfr/nf7/vPT/+v8l+n/9/5bfr//X/7NutP4/d//H4pYm+x8AAAA6yN3/8bjF/gcAAIBp5O7/RNxi/wMAAMA0cvd/Mm64x11O7knH6/R5fh69uf5f/+/7//p/3//X/++T/l//v0T/r//f8vv1//p/1o3W/+fu/1Tc4p//AwAAwDRy9386brH/AQAAYBq5+z8Tt9j/AAAAMI3c/Z+NW5rsf/2//l//v9n+/2r9/+H36//HpP/X/y/R/+v/t/x+/b/+n3Wj9f+5+z8XtzTZ/wAAANBB7v7Pxy32PwAAAEwjd/8X4hb7HwAAAKaRu/+LcUuT/a//1//r/zfb//v+/1nv1/+PSf+v/1+i/9f/b/n9+n/9P+tG6/9z938pbmmy/wEAAKCD3P1fjlvsfwAAAJhG7v6vxC32PwAAAEwjd/9X45Ym+1//r//X/+v/9f/6/33S/+v/l+j/9f9bfr/+X//PutH6/9z9X4tbmux/AAAA6CB3/9fjFvsfAAAAppG7/xtxi/0PAAAA08jd/824pcn+n7n/X/qf6f8P6P/1/zv9v/5/z/T/+v8l+n/9/5bfr//X/7NutP4/d/+34pYm+x8AAAA6yN3/7bjF/gcAAIBp5O7/Ttxi/wMAAMA0cvd/N25psv9n7v+X6P8P6P/1/zv9v/5/z/T/+v8l+n/9/5bfr//X/7PuhPr/07vz9P+5+78XtzTZ/wAAANBB7v7vxy32PwAAAEwjd/8P4hb7HwAAAKaRu/+Hccs8+/++Ny/8Sf3/sff/Z34T6f/1/7sh+//Th96p/z+g/98v/b/+f4n+X/+/5ffr//X/rBvt+/+5+38Ut8yz/wEAAKC93P0/jlvsfwAAAJhG7v6fxC32PwAAAEwjd/9P45Ym+1//7/v/+v9O/f89r9j5/r/+/zLT/+v/l+j/9f9bfr/+X//PutH6/9z9P4tbmux/AAAA6CB3/8/jFvsfAAAAppG7/xdxi/0PAAAA08jd/8u4pcn+1//r//X/rfr/Q+/X/x/Q/++X/l//v0T/r//f8vuz/8/fd/p//T//a7T+P3f/r+KWJvsfAAAAOsjd/+u4xf4HAACAaeTu/03cYv8DAADANHL3/zZuabL/9f/6f/1/m/7/trvtdvp//f9lN1D/f+VRfh39/wH9/2H6f/2/7//r/1k2Wv+fu/+WuKXJ/gcAAIAOcvf/Lm6x/wEAAGAauft/H7fY/wAAADCN3P23xi1N9r/+X/8/Zf9/J/2/7//r/0cxUP9/JPr/A/r/w/T/+n/9v/6fZaP1/7n7/xC3NNn/AAAA0EHu/j/GLfY/AAAATCN3/5/iFvsfAAAAppG7/89xS5P9r//X/198/3+6/rqH7f99/1//r/8fxrz9/5X6f/3/kfv/G248+LH+f5vv1//r/1k3Wv+fu/8vcUuT/Q8AAAAd5O7/a9xi/wMAAMA0cvf/LW6x/wEAAGAaufv/Hrc02f/T9P93v+vB1f/7/r/+X/8fP9f/j2He/t/3//X/vv+v/9f/6/9ZM1r/n7v/H3FLk/0PAAAAHeTu/2fcYv8DAADANHL3/ytusf8BAABgGrn7/x23NNn/0/T/Sf+v/9f/6//j5/r/Mej/9f9L9P/6/y2/X/+v/2fdaP1/7v7/BAAA//9RaTCH")
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x20000, 0x0, 0x0, 0x0, &(0x7f0000000100))
mount(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x2012024, 0x0)
getdents(0xffffffffffffffff, 0x0, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0))

4m24.605740245s ago: executing program 2 (id=424):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='auxv\x00')
preadv(r0, &(0x7f00000005c0)=[{&(0x7f0000000300)=""/110, 0x6e}, {0x0, 0x34}], 0x2, 0x0, 0x0)

4m9.559215132s ago: executing program 32 (id=424):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='auxv\x00')
preadv(r0, &(0x7f00000005c0)=[{&(0x7f0000000300)=""/110, 0x6e}, {0x0, 0x34}], 0x2, 0x0, 0x0)

3m57.001534652s ago: executing program 1 (id=711):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0xeffffffa, 0xb, 0xfffffffc, 0xfffffffc, 0x7f, "db5909003a7f000700"})
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040)={0x0, 0x40000000, 0x0, 0x0, 0x83, "00000000000000000000ffff00"})
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000340)={0x0, 0xfffffffd, 0x8, 0x8, 0xc, "e315bc1cc24ff7b7cdb242e1ff0aa6905446b3"})
r1 = syz_open_pts(r0, 0x400)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000200)=0x2)

3m56.121340288s ago: executing program 1 (id=712):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
r1 = socket$kcm(0x2, 0x3, 0x2)
sendmsg$inet(r1, &(0x7f0000001640)={&(0x7f0000000040)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x43}, @multicast1}}}], 0x20}, 0x20002800)

3m56.121006013s ago: executing program 1 (id=713):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)={0x118, 0x2e, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x106, 0xf2, 0x0, 0x1, [@typed={0xc, 0x2, 0x0, 0x0, @u64=0x7}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@mcast2}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd712e655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c028d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f00"/222, @typed={0x4, 0xe9}]}]}, 0x118}], 0x1, 0x0, 0x0, 0x1}, 0x0)

3m56.085130049s ago: executing program 1 (id=715):
r0 = syz_open_dev$vbi(&(0x7f00000001c0), 0x1, 0x2)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$VIDIOC_G_SLICED_VBI_CAP(r1, 0xc0745645, &(0x7f0000000040)={0x4, [0xe6, 0x3, 0xfff, 0xa, 0x460, 0xd, 0x7, 0x5, 0x6, 0xfff9, 0xff, 0x0, 0x0, 0x200, 0x2, 0x10, 0x0, 0x5, 0x1, 0x0, 0x6, 0x3, 0x0, 0x1, 0x8, 0x6, 0x7f, 0x4, 0xb70, 0x8, 0x7, 0x2, 0x7, 0x5, 0x9, 0x8001, 0x7f, 0x1, 0x1, 0x2, 0x1, 0xfff7, 0x20ae, 0x1, 0x0, 0x1, 0xfff7, 0x10]})

3m55.999976025s ago: executing program 1 (id=716):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="120100001517ee40f00a057a00f6000203010902120001000000000904000000ff"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000004c0)={0x44, &(0x7f0000000080)=ANY=[@ANYBLOB="200e1100000009"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

3m54.601262499s ago: executing program 1 (id=719):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000200), 0x4000000004002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r1, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
sync()

3m39.590161139s ago: executing program 33 (id=719):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000200), 0x4000000004002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r1, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
sync()

3m34.310557352s ago: executing program 3 (id=914):
syz_emit_vhci(&(0x7f0000002200)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0xa}, @hci_ev_le_conn_update_complete={{}, {0x0, 0xc8, 0xe, 0xe, 0x728f}}}}, 0xd)
openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x8342, 0x0)

3m34.255662383s ago: executing program 3 (id=916):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000140)={0xc, "1803c809800000000800000000000000000000000000d63175876b4c69a600", <r1=>0xffffffffffffffff})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0x16c, "fa02c80a3a1e38dd031dd7504fe580963900", <r2=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r2, 0xc0303e03, &(0x7f0000000080)={"6739669f274d13b691ebe45b00e4f5b53e0ca34dd02acecdc67c5e3126628168", r1, <r3=>0xffffffffffffffff})
r4 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r4, 0xc0285700, &(0x7f0000000000)={0x6, "34e6498c25f58dad9987ffe93bbabd18cf504a2700", <r5=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r3, 0xc0303e03, &(0x7f00000000c0)={"0e337b42cc00d331ff0007000000000000001a00", r5, <r6=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r1, 0xc0303e03, &(0x7f0000000200)={"130f2672af9ee0452321864922cd3bebd7f9cec5064e58445f1268334b4900", r6})

3m34.249499458s ago: executing program 3 (id=920):
syz_mount_image$nilfs2(&(0x7f0000000dc0), &(0x7f0000000400)='./file0\x00', 0x90, &(0x7f0000000240)=ANY=[], 0x3, 0xd99, &(0x7f0000006900)="$eJzs3UtvXNUdAPBzx544LxqHmMZN09glpbiP2CRYpbsaKV2gSqgSnwClgYYa+ghdgIKUsOi2kRAfoIh9F31mgRSxSsWmVb8AYtVNipBoG1UCI9vnjMf/zOjOOLbH4/n9pDtn7v2fe88587hz575OAkZWY+1xcXG6SuntW29dvDcz/r/VKTOtHLNrj+N5bCml1GzNl9JkWN7SxHr62SfXLrWnn+e0ShdSlarW9PTs3da8R1JK19Nsup0m03Mfn7z50gfPLL934saJi2/M3dmZ1gMAwGi596N3f/m3x3947fj/f39mKU20ppft86U8fjRv9y9V6+M5af0PqNrSqm28OBDyjeehEfKNdcjXXk4z5BvvUv6BsNxml3wTNeWPtU3r1G4YZhv/46vG/KbxRmN+fv0/+aoPxw5U869cWX7h6oAqCmy7T2fyLj6DwTByw8qxQa+BANbF44b3uR73LDyY1tLGeyv/7tONzvPDNtjtz7/yh6v8d29Y47B99uunqbSrfI+O5vF4HGE8zNfv978sLx6PaPZYz27HEYbl+EK3eo7tcj22qlv94+div/paTsvrcCbE278/8T0dlvcY6Oye/f8Gw8gOK4NeAQF7VjxvbiUr8XheX4xP1MQP1sQP1cQP18SP1MRhlP3h1d+mm9XG//z4n77f/WFlP9tDOf1Sn/WJ+yP7LT+e99uvBy0/nk8Me9rcf09/+uvbf4/n/38ezv8/m39LJ/MKouwvjPvVW+f+hwuDG13yPRyq81CH/GvPpzbnq6Y2lpPa1jP31WN683zHuuU7vTnfZMh3OG+LHAz1jdsnh8N8ZfujrFfL6zUe2tsM7TgQ6lHemeM5PRjac7xbu8KO7AMhXzMPJ0K7pkK7HgnzfTm0q5re3K64/7zU52SYHo+TlHzhbbvvdym+F/G6jEdz+mZO38np+zn9qEO5o6h8Hrud/18+n9OpWb1wZfnyE3m8fE7vjDUnVqef3+V6Aw+u1+t/ptPm63+OtqY3G+3rhWMb06v29cJkmH6hy/Qn83j5Pfvp2KG16fOXfr78k+1uPIy4q6+9/rPnl5cv/8oTTzzxpPVk0GsmYKctvPryLxauvvb6uSsvP//i5Rcvv3L+ie9/78mnnlpcWNuqX2jftgf2l40f/UHXBAAAAAAAAAAAAOhZdajz5JzW3d+2XE9erk+P18czHMr7Vj4N5T4G5frPbvd1KddvHt+FOrL9duNyokG3Eejs3+7/azCM7LCy4i7+wN4w6P7/yn0PS3r03D+Prw4l292nN68v4/0L4UHs9f7nlL+/+v9r9X/V8/ov9Jg1ubVy/3jv0D/aik2nei0/tr/cB3aqv/L/lMsvrXks9Vb+yu9C+fFGpT36cyj/cI/l39f+01sr/y+5/PKyzZ3ttfz1GleNzfWI+43LfQDjfuPir6H95d5+fbd/ix213crlwygbln4m+zUs/X92U5Zb1oN59dw6Tlfuvx37O+i3/uW+3+V34JGw/Krm903/n8Otrv/P8vlb0P8n7DsfOv5nMIzssLKyMtCuT0a135W9YtCv/6C3IQdd/qBf/zqx/8/4fyn2/xnjsf/PGI/9f8Z47F8rxmP/n/H1jP1/xvjJsNzYP+h0TfwrNfFTNfGv1sRP18Tj/7cYn62Jn6mJz9TEH66JP1oTP1sT/0ZN/LGa+OM18bma+H739ZyOavthlMV+I33/YXSU4z/dvv9TNXFgeMV+neP3+5s1cWB4lfM8fL9hBFWd79gR97eX/bhv5vSdnL6f0492rILshm/l9Ns5/U5Ov5vTczmdz+lCTvUNOdx+869TZ25WG+f5HQvxXs8njdcDxPvEnO+xPvH4XL/ns57ssZydKn+Ll4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI3G2uPi4nSV0tu33rr4n6kf/Hh1ykwrx+za43geW0opNVNKVR4fD8u7PrGefvbJtUud0ipdWHss4+nZu615j6zOn2bT7TSZnvv45M2XPnhm+b0TN05cfGPuzs60HgAAAEbDFwEAAP//ManlwQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x8002, 0x90)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x18)
copy_file_range(r1, 0x0, r1, &(0x7f00000000c0)=0xae8, 0x863, 0x0)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="e0", 0x1}], 0x1, 0xfffd, 0x3, 0x0)

3m34.091612912s ago: executing program 3 (id=923):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x11)
mount(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000000)='binfmt_misc\x00', 0xc00, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f0000000240)='./file0/../file0\x00')
pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f00000000c0)='./file0/../file0\x00')

3m33.935667007s ago: executing program 3 (id=925):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x11, 0x12, &(0x7f0000000040)=ANY=[@ANYBLOB="180200000000000000000000000031d0851000000600000018040000", @ANYRES32=0x0, @ANYBLOB="0000000000000001bfff00000000000018000000000000000000000000000000950000000000000018010000202070250000000000202020db1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b502000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0xc7, &(0x7f0000000380)=""/199, 0x0, 0x49, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xecc}, 0x94)

3m33.758014614s ago: executing program 3 (id=926):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f00000bd000), 0x318, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
write$sysctl(r1, &(0x7f0000000580)='1\x00', 0x2)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000086d040ec20000000000010902"], 0x0)
write$sysctl(r1, &(0x7f0000000000)='2\x00', 0x2)

3m33.330117142s ago: executing program 34 (id=926):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f00000bd000), 0x318, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
write$sysctl(r1, &(0x7f0000000580)='1\x00', 0x2)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000086d040ec20000000000010902"], 0x0)
write$sysctl(r1, &(0x7f0000000000)='2\x00', 0x2)

3m29.66050643s ago: executing program 4 (id=958):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'8255\x00', [0x4f27, 0x3, 0x10000, 0x4, 0xc, 0xcc6, 0x10, 0x7, 0x400000a, 0xfffffff8, 0x3, 0x1, 0x1, 0x1, 0x6, 0x101, 0x0, 0x1a449, 0x200003, 0x0, 0x7, 0x9, 0xfffffffe, 0x5, 0xb, 0x1000e63, 0x3c, 0x8, 0x6, 0x2000000, 0xfffffff4]})

3m29.460961885s ago: executing program 4 (id=961):
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz', 0x20, 0xe8c}, 0x2a, 0xfffffffffffffff9)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), 0x0, 0x0, 0xfffffffffffffffe)

3m29.397502486s ago: executing program 4 (id=962):
openat$urandom(0xffffffffffffff9c, &(0x7f0000000100), 0x402, 0x0)
r0 = syz_io_uring_setup(0x239, &(0x7f0000001080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r0, 0x2def, 0x0, 0x0, 0x0, 0x0)

3m29.280989433s ago: executing program 4 (id=965):
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x818808, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000400)='./file4\x00', 0x1018000, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file4'}}], [], 0x2c})
chdir(&(0x7f00000001c0)='./file0\x00')
chdir(&(0x7f00000003c0)='./bus\x00')
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x1)
syz_mount_image$minix(&(0x7f0000000100), &(0x7f0000000a40)='./file1\x00', 0x2004010, &(0x7f0000001180)=ANY=[], 0x9, 0x1f2, &(0x7f00000004c0)="$eJzs28tO1FAcx/Ffy8x0wPtt40YTTXTjFIdJRnbyAL6AOzIUQixixA3EhLLxPXwMd76JWxeS6BPU9MZYpJ1ecFrk+0mG+dP0d86Zhv9wShgBuLRuhl8NGeqGle/7hw8lvX4lqZMb7c1lgQD+Gd+Imj5L7+zD/fwUgIth4efZx63MBv+SFCbvAsBFdry2EO4DvhrSt18fJz/iR7fg/uF4zZSCIbzo+yTfk/qF8kdG+Hy/M80GD0vpAQwvY//yOco/UTq/WHT98fxLp/JLs4LBLVPgyAyfnj5K569IuirpmqTrkm7E91q3JN1ORpB3Mv/GqfnvFVw/UEfw0zdIHSnUtun8IOcEKz8fdM/mtussl5p1qhvnn5fIPP6j7sX5YcX5k/xKxbwV5weTXXcj86yXFUcH8pl/9X85M/s/y+74pKzT/50K/Q8gsrd/8GbddZ335QuzUqqVRb/+1ahbHDZ+Ec67SC5qcKTje5qd+lRprgfxPC14ySWKxXYsI7to6A0JwNzYH3be2Xv7B8+2d9a3nC3n7XC0+mK0MhyNV+3Nsess23V25wDabPpLXyryN/P8fwkCAAAAAAAAAAAAAABNuCPpbtOLAAAAADAX5/OZoe8TKfucpl8jAAAAAAAAAAAAAAAAAAAA8L/4HQAA//+UhDYo")
getdents64(r0, &(0x7f0000000180)=""/92, 0x5c)

3m29.170180891s ago: executing program 4 (id=967):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
getsockopt$rose(r0, 0x104, 0x2, 0x0, 0x0)

3m28.909624195s ago: executing program 4 (id=972):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000100), 0x208000, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
write$RDMA_USER_CM_CMD_MIGRATE_ID(r1, &(0x7f00000002c0)={0x12, 0x10, 0xfa00, {0x0, 0xffffffffffffffff, r0}}, 0x18)

3m28.583849657s ago: executing program 35 (id=972):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000100), 0x208000, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
write$RDMA_USER_CM_CMD_MIGRATE_ID(r1, &(0x7f00000002c0)={0x12, 0x10, 0xfa00, {0x0, 0xffffffffffffffff, r0}}, 0x18)

1m49.200277871s ago: executing program 5 (id=2084):
r0 = syz_open_procfs(0x0, &(0x7f0000000580)='net/tcp6\x00')
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
preadv(r0, &(0x7f00000004c0)=[{&(0x7f00000003c0)=""/195, 0xc3}], 0x1, 0x2, 0x7ffe)

1m49.200103401s ago: executing program 5 (id=2085):
r0 = socket(0x1, 0x3, 0x0)
close(0x3)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
listen(r1, 0xfffffffc)
r2 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000040)={0xe000200c})

1m49.047633503s ago: executing program 5 (id=2086):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x40, &(0x7f0000000100)={[{@errors_remount}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}, {@dioread_nolock}]}, 0x1, 0x573, &(0x7f0000000ec0)="$eJzs3T1sG+UbAPDnzvG/X/mTIoEEqEMFSEWq6iT9gMLUrohKlTogsUDkuFEVJ47iBJooQ7pXiA4IUJeywcAIYmBALIysLCBmpIpGIDUdwMhfaZo4wSl1XHK/n3T2vfee/bzvnZ/XvtOdHEBmHa0/pBHPRsTFJGJoXd1AtCqPNtdbXVkq3ltZKiZRq136LYkkIu6uLBXb6yet50MRsRwRz0TEd/mI4+nmuNWFxcmxcrk02yoPz03NDFcXFk9cmRqbKE2Upk+98uqZs6fPjJ4cXf+ye7X1pfzO+nr95xvvX//h9Vs3Pv/iyHLxw7EkzsVgq259Px6l5jbJx7kNy0/3IlgfJf1uAA8l18rzeio9HUORa2V9J7WhXW0a0GO1fRE1IKMS+Q8Z1f4dUD/+bU+7+fvj9vnmAUg97mpratYMNM9NxP7GscnB35MHjkzqx5uHd7Oh7EnL1yJiZGBg8+c/aX3+Ht7Io2ggPfXt+eaO2rz/07XxJzqMP4Ptc6f/Unv8W900/t2Pn9ti/LvYZYw/3/rlky3jX4t4rmP8ZC1+0iF+GhHvdBn/5ptfn92qrvZpxLHoHL8t2f788PDlK+XSSPOxY4xvjh15bbv+H9wifvOc7f7G10yn7T/TZf+/+v7L55e3if/SC9vv/07b/0BEfNBl/CfvfvbGVnW3ryV36r8Cdrr/68tudRn/5XNHf+pyVQAAAAAAAAAAYAfSxrVsSVpYm0/TQqF5D+9TcTAtV6pzxy9X5qfHm9e8HY582r7SaqhZTurl0db1uO3yyQ3lU7lWwNyBRrlQrJTH+9x3AAAAAAAAAAAAAAAAAAAAeFwc2nD//x+5xv3/G/+uGtirtv7Lb2Cvk/+QXQ/mf9K3dgC7z/c/ZFZN/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv8AAAAAAAAAAAAAAAAAAAAAAAAAANATFy9cqE+1eytLxXp5fGBhfrLy7onxUnWyMDVfLBQrszOFiUplolwqFCtT//R+SaUyMxLT81eH50rVueHqwuLbU5X56fZ/ipbyPe8RAAAAAAAAAAAAAAAAAAAA/PcMNqYkLURE2phP00Ih4v8RcTjyyeUr5dJIRDwRET/m8vvq5dF+NxoAAAAAAAAAAAAAAAAAAAD2mOrC4uRYuVyazcjMwE5WjojlR9uM+jvu+FX51r56XLahmSzM9HlgAgAAAAAAAAAAAAAAAACADLp/02+3r/irtw0CAAAAAAAAAAAAAAAAAACATEp/TSKiPh0benFwY+3/ktVc4zki3rt56aOrY3Nzs6P15XfWls993Fp+sh/tB7rVztN2HgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3VRcWJ8fK5dJsD2f63UcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh/F3AAAA///pCdd8")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
lseek(r0, 0xfffffffffffffffc, 0x2)
getdents(r0, 0x0, 0x54)

1m48.739851558s ago: executing program 5 (id=2088):
syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="00af268263b121dc03d7d9b98b9cdb76841d31005b31fdfd141b652968fbeae7aac982a517703dc5950f6728aecf5ec337b119ffd66d0a02970718ba573db352906385cece74366e628b6a775c9a6f6fff046416c6240e39a647186c4cf0b360bd17d4cdbd912dc61fd24e6f17d8"], 0x1, 0x152, &(0x7f00000007c0)="$eJzs0E1LKnEUx/Hf3Bnlcq/eBzKwFia0aEjMacRatdBIEtKBwk0rwSYKFCOhXBrRrkXQ1oXlVnwLlrWxRgh7E23cBS0n/o7Rw67977MZ5nsOh2FWlnoqgoAMx3KpuLdvlsvmVnDdSCc3ntrtuOhuAD8/zZ39qziwI54KMDgCRL7xAtu7BXMuXyqI90EcUAEkfjtdg7P7SzSf0+YhSaKp00Bn3Gn6aO9ji47apAIk/r7fsy+AGXHv/9s94BlApRZquZCxbNu2xfeepEJTY5LTm3cZq5sKzwbMUz050fD4ZWTN20skhvPHSDf8EGk1+z0rvWakjV5U1xeimqJpsb5xb6Vi1TMoq54DYPPLPTf8ASULHEvA+XA2uJa8ADr1F6P4Z7E++tfVQzkISJVaPud3NXK+fz8gq5BARERERERERERERERERET0Xa8BAAD//wFeZcY=")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f00000001c0)='./file0\x00')
setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040), &(0x7f0000000240)=ANY=[], 0x25, 0x2)

1m48.566745744s ago: executing program 5 (id=2091):
pipe2(&(0x7f0000001cc0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltgid={'dfltgid', 0x3d, r3}}]}})

1m48.300146346s ago: executing program 5 (id=2097):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000075f84c1071042703a461000000010902120001000000000904"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f00000003c0)={0x2c, &(0x7f00000009c0)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000004c0)={0x44, &(0x7f00000014c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

1m48.199888325s ago: executing program 36 (id=2097):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000075f84c1071042703a461000000010902120001000000000904"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f00000003c0)={0x2c, &(0x7f00000009c0)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000004c0)={0x44, &(0x7f00000014c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

4.949605738s ago: executing program 0 (id=3070):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x7}, 0x1c)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x4000000000000, 0x4, 0x0, 0x0)

4.899635259s ago: executing program 0 (id=3071):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
socket$can_bcm(0x1d, 0x2, 0x2)
io_setup(0x9, &(0x7f0000000240)=<r3=>0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00', '#\x00'}, 0x28)
sendmsg$inet(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000300)="1761d5", 0x3}], 0x1}, 0x0)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "000037d7009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be1eae", "bb10000000000001"}, 0x28)
io_submit(r3, 0x1, &(0x7f0000000100)=[0x0])

4.349432488s ago: executing program 6 (id=3076):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSIG(r0, 0x40045436, 0x3)

4.279547901s ago: executing program 6 (id=3077):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x8, @loopback}, 0x1c)
setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000200)={0x1, 0x7}, 0x8)
listen(r0, 0x5)
accept4(r0, &(0x7f0000000240)=@x25, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x24040014, &(0x7f0000000000)={0xa, 0x4e22, 0x7, @empty, 0xfffffffe}, 0x1c)

3.929372862s ago: executing program 0 (id=3078):
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}}}, 0x108)
r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00')
preadv(r1, &(0x7f0000000100)=[{&(0x7f0000000600)=""/128, 0x80}], 0x1, 0x111, 0x0)

3.929186286s ago: executing program 0 (id=3079):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, 0x0, 0x0)
sendmsg$NFNL_MSG_ACCT_GET(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x18, 0x1, 0x7, 0x101, 0x0, 0x0, {0x7, 0x0, 0x1}, [@NFACCT_FILTER={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x8000}, 0x4)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f00000000c0)={0x4000001, 0x71, 0x200000009})
pread64(r0, 0x0, 0x2000, 0xce2)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00))
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
connect$inet6(r3, &(0x7f0000000040)={0xa, 0x4e23, 0x2, @dev={0xfe, 0x80, '\x00', 0x32}, 0x9}, 0x1c)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
ioctl$BINDER_GET_NODE_INFO_FOR_REF(0xffffffffffffffff, 0xc018620c, &(0x7f0000000100)={0x1})

3.399194483s ago: executing program 6 (id=3080):
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x836d9fb164f927b3)
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x4028, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@volatile}]})
openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0/file1\x00', 0x1e9902, 0x5e)

3.269322037s ago: executing program 6 (id=3081):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000000000040de28421100000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000280)={0x2c, &(0x7f0000000040)={0x40, 0xe, 0x29, {0x29, 0x33, "846818376882c4e6f047f5a630c52ef7a609fce675ed4809681a75fbda8ed2a881547c55464859"}}, 0x0, 0x0, &(0x7f0000000180)={0x20, 0x29, 0xf, {0xf, 0x29, 0x5, 0x0, 0x9, 0xc3, "f14892ea", "079f2a2c"}}, 0x0}, 0x0)

1.384483051s ago: executing program 0 (id=3089):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x3, 0x3, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40384708, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x0, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000011c0)='net/protocols\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f0000003900)=""/4104, 0x1008}], 0x1, 0x73, 0x0)

479.599915ms ago: executing program 0 (id=3098):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_STEREO(r0, 0xc0045003, &(0x7f0000000080)=0x1)

419.311204ms ago: executing program 7 (id=3100):
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
setsockopt$bt_BT_VOICE(r0, 0x112, 0xb, 0x0, 0x0)

369.575887ms ago: executing program 7 (id=3101):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, <r1=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000008400)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9474a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x90, 0x0, 0x2, {0x2, 0x0, 0x0, 0x3, 0x4000, 0x0, {0x3, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x1, 0x3ff, 0x6000, 0x0, 0x0, 0x0, 0x800}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000001240)={0x50, 0x0, r1, {0x7, 0x2b, 0xfff, 0x83120, 0x3, 0x7, 0x1ff, 0x9, 0x0, 0x0, 0x10, 0x8}}, 0x50)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000640)='./file0/file0\x00', 0x4a300, 0xcd)
ioctl$FIBMAP(r2, 0x401070cd, 0x0)

255.687365ms ago: executing program 7 (id=3102):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0xffffffffffffffff, &(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x2}}, 0x20)
r2 = fcntl$dupfd(r0, 0x0, r0)
write$RDMA_USER_CM_CMD_BIND(r2, &(0x7f0000000080)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"00000000000000000000000000000001"}, 0x284c, 0x2}}}, 0x90)

255.551606ms ago: executing program 7 (id=3103):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="e5000000000000007910480000000000890438000000000095000072"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)

196.539925ms ago: executing program 6 (id=3104):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c00000010003704000800"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c00128009000100626f6e64000000001c00028006001800ff0f000005001500000000000500010004"], 0x4c}}, 0x0)

196.192344ms ago: executing program 7 (id=3105):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x5032})
io_setup(0x2, &(0x7f0000000680)=<r1=>0x0)
io_submit(r1, 0x39, &(0x7f0000000100)=[&(0x7f00000000c0)={0x0, 0x0, 0x7, 0x1, 0x0, r0, &(0x7f0000000180), 0xa}, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f00000001c0)="577c0db4302ad396a90a571acd8b176eef818983c7229dc07388819ec1d5580a061b62634a3afa04121ae69813bef26f33de5e85d8f773dd28356452d86a592d0e21af8bc62c55e427fc9b4bc101aafb154d2373555ef156d4d049", 0xfffffffffffffdde, 0xa, 0x0, 0x1}])

108.629077ms ago: executing program 6 (id=3106):
syz_mount_image$ocfs2(&(0x7f00000001c0), &(0x7f0000000040)='./bus\x00', 0x2804401, &(0x7f0000000280)=ANY=[@ANYBLOB="61636c2c6e6f696e74722c6174696d655f7175616e74756d3d30303030303030303030303030303030303030372c6c6f63616c666c6f636b732c6c6f63616c616c6c6f633d30303030303030303030303030303030303030332c6c6f63616c666c6f636b732c696e74722c6865617274626561743d6e6f6e652c0024855616ead4c7dc9e9da093713b0e6a6e67e1af8e4f5d7cbff1185218b41bcefa2f4f41b8212051258a0a6168526c8eef9d759bbb36a4b49ff8042320899ca9b6e9fa68a0abe364e0e2d46408f18da37d557aa1ebb8aa29451a584f1980dc477bd97f6a0446b8957872e51c2adf98e1acff806babdc9d58bc06d6d0b19476862cebe64cafa5a069852602786f40bf6a1bf7594e171d16ced9409b168ef591c2f5b676a2eb18e8a3b91275fd4467aea2037bd9790e240137bc7c80cc99e9dd662a5f", @ANYBLOB], 0x5, 0x4441, &(0x7f000000d0c0)="$eJzs3b9vG9cdAPB3lFxLru1KrgcXKFACNdCiLQTJU1sZqCzLliVbdeHWRlEUoCmJttVSpCFRRQcPaicDmQJkCDIYCZBNk6Ehq/MnZMnozAaSIUuAAEYUkDxKvCMJ0Q4pRc7nM+h47zf1vXt8NxxeJlZ5sLKeXVnP5kvZ8tK99QvZ/5SLG6uFkDkgbfs/dnD9051+XCeHfe39kN28fPWvdy6E8PHypy92dnZ2QtVgaGui6fNXXz5aaj42ZFJ1qu22b61X/hFCONsyrup3GAgh/P2jEKIQwqU4fzo+DocQToV63p1Hb93N9mg0T58XLuZeLjzenjw/v/Vku/N3j0J4r/iz391f/fyXA5Of/aZH3QMAAAAAAAAAAAAAAAAAcMTN3rp5+y/jE+FZFAa3otb3dWfjY6f3Y3d65hf9/7IAAAAAAAAAAAAAAAAAAADwPbX3/n82OtPm/f+Z+DjVof7On/o/Rvpn7s83Z66MT8T7v0ct+b+Pk764NBBG2+z7nt7//VKqfvv931v7eV2N8TX6HQlRZixxnsmMjYXwQbzx+7noRKZYXq/89l55o7Tcs2EcWcn413fvT0Qn3tC/2/hPp9rv//7/P225mqrnd3t3ib3RkvEfaCT/s5Qq9+H/oq7ifzlV7yDiz+tLxn+wljbcXGCqPgFU4//24P7xn0m136/4nw4hZKPqWLOJGaC6hqmmd1qvkJSM/7FaWmLqjP+Rne7/r1Pxv5Jq/7Dm/830DxFtJeP/o1raUKLE3v0/mtn//r+aav8w4l8d/6bf/64k43+8njh4vLlINPAK8/9sqv1+xf929bKs/lydjhJXwFYk8K8iGf+hlvy9579MV+u/a6n6B/X81+i38fzXmP5/HdWf/1JO9GwAR1wy/sMdy3V7/8+l6vV7/p+qrf94Xcn412+L5Np5pPa32/jPp9rvV/xrq5KhRvz35pNvjtfT37f+60oy/j+uJ2aaS2zW/tbWf9H+6//rqfYPY/1XHf9mpr+9vimS8T/ZsVw1/p908ft/I1WvKf6ti4seGf9/v1p+8yXjf6pjudr9P7R//BdS9fp9///qu1XvvOABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCKm4+NIiEaS55nM2FgIl+Pzc+FEtJhfzi0Wy0v/Xg9hJk7PhjPR/WJ5MV/MrZTKy4VcvlgsL4VwJc4/G4ai9WK5klvNP7y629Zw9KCQX6ssFvKVEMJsnP7zcKrR1uJKZTX/MIRwbTfvJ5ny2sMH+VJueWXtj+Pj4+NhbncMo1Hhv5VCqVLvvZ4bwvxu3ZGoaXC17Ou7YzkZ/au8sVbKF2vpN5rqFMtL+WJTnYU4750wGlXWNkpL+UohVyzfb/R3mKbi48zcrb/dujHRkn83qh+nD3ZYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALyiZ5N/eDeEMFg/y4QQphofonblnz4vXMy9XHi8PXl+fuvJ9otO5QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG/ZgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwi4dozQQRGEAfjMWaucxrJbdznZFES1cETyBHsPD6FG8hHdIkSJtihBIZiFsdmGbpPq+5sH8zLwH8wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgnqf37uOtbiJSXG0uI/6+/heH+UupP/fj9y/OMCOn8/zaPTzWTfn3dJTflaNlm3fpevX9GSO19zvYk+E+7fV9rifnmtq3qfn6vjeRchURbclvU85VNe8tAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhB44FAAAAAIT5W0fRtwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/AoAAP//F0ggQQ==")

0s ago: executing program 7 (id=3107):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000880)='ns\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
move_mount(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', r0, &(0x7f00000000c0)='./file0\x00', 0x40)

kernel console output (not intermixed with test programs):

T8480] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  229.998121][T10807] dlm: non-version read from control device 211
[  229.998144][T10807] dlm: non-version read from control device 211
[  230.148969][T10807] dlm: non-version read from control device 211
[  230.152427][T10807] dlm: non-version read from control device 211
[  230.155137][T10807] dlm: non-version read from control device 211
[  230.157652][T10807] dlm: non-version read from control device 211
[  230.160364][T10807] dlm: non-version read from control device 211
[  230.163264][T10807] dlm: non-version read from control device 211
[  230.165862][T10807] dlm: non-version read from control device 211
[  230.168382][T10807] dlm: non-version read from control device 211
[  230.170997][T10807] dlm: non-version read from control device 211
[  230.173763][T10807] dlm: non-version read from control device 211
[  230.176391][T10807] dlm: non-version read from control device 211
[  230.178928][T10807] dlm: non-version read from control device 211
[  230.181597][T10807] dlm: non-version read from control device 211
[  230.184479][T10807] dlm: non-version read from control device 211
[  230.187045][T10807] dlm: non-version read from control device 211
[  230.189605][T10807] dlm: non-version read from control device 211
[  230.192221][T10807] dlm: non-version read from control device 211
[  230.194724][T10807] dlm: non-version read from control device 211
[  230.197370][T10807] dlm: non-version read from control device 211
[  230.200083][T10807] dlm: non-version read from control device 211
[  230.202924][T10807] dlm: non-version read from control device 211
[  230.205452][T10807] dlm: non-version read from control device 211
[  230.208157][T10807] dlm: non-version read from control device 211
[  230.210904][T10807] dlm: non-version read from control device 211
[  230.213861][T10807] dlm: non-version read from control device 211
[  230.216539][T10807] dlm: non-version read from control device 211
[  230.219211][T10807] dlm: non-version read from control device 211
[  230.221920][T10807] dlm: non-version read from control device 211
[  230.224798][T10807] dlm: non-version read from control device 211
[  230.227506][T10807] dlm: non-version read from control device 211
[  230.230227][T10807] dlm: non-version read from control device 211
[  230.233090][T10807] dlm: non-version read from control device 211
[  230.235789][T10807] dlm: non-version read from control device 211
[  230.238316][T10807] dlm: non-version read from control device 211
[  230.240961][T10807] dlm: non-version read from control device 211
[  230.243657][T10807] dlm: non-version read from control device 211
[  230.840376][ T5850] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  231.012512][ T5850] usb 6-1: Using ep0 maxpacket: 16
[  231.030131][ T5850] usb 6-1: config 0 has an invalid interface number: 214 but max is 0
[  231.034535][ T5850] usb 6-1: config 0 has no interface number 0
[  231.037926][ T5850] usb 6-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64
[  231.071222][ T5850] usb 6-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[  231.075155][ T5850] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  231.077678][ T5850] usb 6-1: Product: syz
[  231.079098][ T5850] usb 6-1: Manufacturer: syz
[  231.080669][ T5850] usb 6-1: SerialNumber: syz
[  231.084715][ T5850] usb 6-1: config 0 descriptor??
[  231.699889][ T5850] input: syz syz as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.214/input/input14
[  231.899664][   T24] usb 6-1: USB disconnect, device number 9
[  232.514744][T10856] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1825'.
[  232.568392][T10860] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1827'.
[  234.033752][T10948] openvswitch: netlink: Key 4 has unexpected len 0 expected 12
[  234.076463][T10952] loop5: detected capacity change from 0 to 1024
[  235.227200][   T36] hfsplus: b-tree write err: -5, ino 4
[  235.251884][T10965] loop5: detected capacity change from 0 to 256
[  235.260405][T10965] exfat: Deprecated parameter 'utf8'
[  235.272808][T10965] exfat: Deprecated parameter 'utf8'
[  235.281629][T10965] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d)
[  235.439397][T10978] pimreg: entered allmulticast mode
[  235.443360][T10978] pimreg: left allmulticast mode
[  235.551420][T10984] loop5: detected capacity change from 0 to 128
[  235.559510][T10984] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  235.568229][T10984] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  235.661959][T10988] netlink: 830 bytes leftover after parsing attributes in process `syz.5.1855'.
[  235.667043][T10988] bond_slave_0: entered promiscuous mode
[  235.669647][T10988] bond_slave_1: entered promiscuous mode
[  235.822257][T10994] loop5: detected capacity change from 0 to 16
[  235.853577][T10994] erofs (device loop5): mounted with root inode @ nid 36.
[  236.670047][T11014] loop5: detected capacity change from 0 to 256
[  236.699469][T11014] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  236.802205][T11022] dvmrp0: entered allmulticast mode
[  238.243476][T11048] loop5: detected capacity change from 0 to 8
[  238.265759][T11048] SQUASHFS error: xz decompression failed, data probably corrupt
[  238.268866][T11048] SQUASHFS error: Failed to read block 0x108: -5
[  238.271518][T11048] SQUASHFS error: Unable to read metadata cache entry [106]
[  238.277081][T11048] SQUASHFS error: Unable to read inode 0x11f
[  238.572158][ T5850] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  238.722118][ T5850] usb 6-1: Using ep0 maxpacket: 32
[  238.726214][ T5850] usb 6-1: config 0 has no interfaces?
[  238.730874][ T5850] usb 6-1: New USB device found, idVendor=05da, idProduct=009a, bcdDevice=62.95
[  238.734695][ T5850] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  238.737814][ T5850] usb 6-1: Product: syz
[  238.739468][ T5850] usb 6-1: Manufacturer: syz
[  238.741492][ T5850] usb 6-1: SerialNumber: syz
[  238.746633][ T5850] usb 6-1: config 0 descriptor??
[  238.962320][T11050] Bluetooth: MGMT ver 1.23
[  238.965988][ T7547] usb 6-1: USB disconnect, device number 10
[  239.740446][T11056] netlink: 'syz.5.1875': attribute type 6 has an invalid length.
[  239.844280][T11062] bond1: entered promiscuous mode
[  239.846497][T11062] bond1: entered allmulticast mode
[  239.849084][T11062] 8021q: adding VLAN 0 to HW filter on device bond1
[  241.336098][T11104] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'syz0'
[  241.561562][T11116] gfs2: not a GFS2 filesystem
[  241.968788][T11130] loop5: detected capacity change from 0 to 136
[  242.066605][  T973] kernel write not supported for file /snd/pcmC0D0p (pid: 973 comm: kworker/0:2)
[  242.124985][T11138] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1913'.
[  242.269377][T11144] loop5: detected capacity change from 0 to 8192
[  242.732180][T10411] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  242.882153][T10411] usb 6-1: Using ep0 maxpacket: 16
[  242.886777][T10411] usb 6-1: config 0 has an invalid interface number: 41 but max is 0
[  242.890270][T10411] usb 6-1: config 0 has no interface number 0
[  242.893030][T10411] usb 6-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  242.897231][T10411] usb 6-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  242.901408][T10411] usb 6-1: config 0 interface 41 has no altsetting 0
[  242.910222][T10411] usb 6-1: New USB device found, idVendor=0fe6, idProduct=9700, bcdDevice=d1.9a
[  242.922162][T10411] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  242.925561][T10411] usb 6-1: Product: syz
[  242.927312][T10411] usb 6-1: Manufacturer: syz
[  242.929350][T10411] usb 6-1: SerialNumber: syz
[  242.936354][T10411] usb 6-1: config 0 descriptor??
[  242.939106][T11152] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22
[  242.947807][T11152] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22
[  243.002502][T11156] loop6: detected capacity change from 0 to 128
[  243.023384][T11156] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: writeback.
[  243.054799][ T8480] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  243.100878][T11159] loop6: detected capacity change from 0 to 128
[  243.113678][T11159] zonefs: Unexpected value for 'explicit-open'
[  243.174445][T10411] dm9601 6-1:0.41: probe with driver dm9601 failed with error -71
[  243.179248][T10411] sr9700 6-1:0.41: probe with driver sr9700 failed with error -71
[  243.195668][T10411] usb 6-1: USB disconnect, device number 11
[  244.024030][T11169] loop5: detected capacity change from 0 to 256
[  244.031551][T11169] exfat: Deprecated parameter 'namecase'
[  244.068986][T11169] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  244.137504][   T33] audit: type=1800 audit(1755270459.957:53): pid=11169 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1927" name="file1" dev="loop5" ino=1048636 res=0 errno=0
[  244.708703][T11173] loop5: detected capacity change from 0 to 32768
[  244.807262][T11173] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  244.807283][T11173]   allowing incompatible features above 0.0: (unknown version)
[  244.807290][T11173]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  244.826234][T11173] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0
[  244.829685][T11173] bcachefs (loop5): initializing new filesystem
[  244.838965][T11173] bcachefs (loop5): going read-write
[  244.850520][T11173] bcachefs (loop5): marking superblocks
[  244.867296][T11173] bcachefs (loop5): initializing freespace
[  244.873900][T11173] bcachefs (loop5): done initializing freespace
[  244.882533][T11173] bcachefs (loop5): reading snapshots table
[  244.885819][T11173] bcachefs (loop5): reading snapshots done
[  244.916113][T11173] bcachefs (loop5): done starting filesystem
[  244.980510][T11173] bcachefs (loop5): going read-only
[  244.986288][T11173] bcachefs (loop5): finished waiting for writes to stop
[  244.991419][T11173] bcachefs (loop5): flushing journal and stopping allocators, journal seq 2
[  245.035597][T11173] bcachefs (loop5): flushing journal and stopping allocators complete, journal seq 2
[  245.040767][T11173] bcachefs (loop5): clean shutdown complete, journal seq 3
[  245.045852][T11173] bcachefs (loop5): marking filesystem clean
[  245.103430][T10062] bcachefs (loop5): shutting down
[  245.134156][T10062] bcachefs (loop5): shutdown complete
[  246.797005][   T33] audit: type=1326 audit(1755270462.617:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11227 comm="syz.5.1937" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f210fd8ebe9 code=0x7ffc0000
[  246.814321][   T33] audit: type=1326 audit(1755270462.617:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11227 comm="syz.5.1937" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f210fd8ebe9 code=0x7ffc0000
[  246.823760][   T33] audit: type=1326 audit(1755270462.617:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11227 comm="syz.5.1937" exe="/syz-executor" sig=0 arch=c000003e syscall=311 compat=0 ip=0x7f210fd8ebe9 code=0x7ffc0000
[  246.836403][   T33] audit: type=1326 audit(1755270462.617:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11227 comm="syz.5.1937" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f210fd8ebe9 code=0x7ffc0000
[  246.848319][   T33] audit: type=1326 audit(1755270462.617:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11227 comm="syz.5.1937" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f210fd8ebe9 code=0x7ffc0000
[  246.945214][T11237] loop6: detected capacity change from 0 to 4096
[  246.951201][T11237] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024)
[  246.968949][T11237] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 4096)
[  246.976020][ T5956] udevd[5956]: incorrect nilfs2 checksum on /dev/loop6
[  246.996427][ T6066] udevd[6066]: incorrect nilfs2 checksum on /dev/loop6
[  247.002583][T11240] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  247.497866][T11268] loop5: detected capacity change from 0 to 8192
[  247.542502][T11268] syz.5.1969: attempt to access beyond end of device
[  247.542502][T11268] loop5: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  247.566357][T11268] FAT-fs (loop5): error, invalid access to FAT (entry 0x0000e1b1)
[  247.569794][T11268] FAT-fs (loop5): Filesystem has been set read-only
[  247.868907][T11269] netlink: 212408 bytes leftover after parsing attributes in process `syz.6.1967'.
[  247.880232][T11268] FAT-fs (loop5): error, invalid access to FAT (entry 0x0000e1b1)
[  247.886711][T11268] FAT-fs (loop5): error, invalid access to FAT (entry 0x0000e1b1)
[  248.058531][T11276] loop5: detected capacity change from 0 to 2048
[  248.065323][T11276] NILFS (loop5): too small inode size: 0 bytes
[  248.329985][T11280] loop6: detected capacity change from 0 to 256
[  248.334192][T11280] exfat: Deprecated parameter 'utf8'
[  248.336517][T11280] exfat: Deprecated parameter 'utf8'
[  248.347446][T11280] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xd67973f8, utbl_chksum : 0xe619d30d)
[  248.350664][T11278] loop5: detected capacity change from 0 to 32768
[  248.376677][T11280] exFAT-fs (loop6): error, in sector 160, dentry 12 should be unused, but 0x85
[  248.448059][T11282] loop6: detected capacity change from 0 to 512
[  248.464506][T11282] EXT4-fs error (device loop6): ext4_orphan_get:1418: comm syz.6.1976: bad orphan inode 13
[  248.478739][T11282] ext4_test_bit(bit=12, block=4) = 1
[  248.480751][T11282] is_bad_inode(inode)=0
[  248.483426][T11282] NEXT_ORPHAN(inode)=0
[  248.484972][T11282] max_ino=32
[  248.486071][T11282] i_nlink=1
[  248.487863][T11282] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  248.502491][T11282] EXT4-fs warning (device loop6): dx_probe:801: inode #2: comm syz.6.1976: Unrecognised inode hash code 20
[  248.506662][T11282] EXT4-fs warning (device loop6): dx_probe:934: inode #2: comm syz.6.1976: Corrupt directory, running e2fsck is recommended
[  248.525884][ T8480] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  248.638684][T11294] loop5: detected capacity change from 0 to 1024
[  248.651414][T11294] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended.  mounting read-only.
[  248.864663][T11308] loop5: detected capacity change from 0 to 4096
[  248.881051][T11308] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  248.914271][T10062] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  248.958777][T11314] loop5: detected capacity change from 0 to 8
[  248.966630][T11314] SQUASHFS error: zstd decompression error: 10
[  248.969321][T11314] SQUASHFS error: zstd decompression failed, data probably corrupt
[  248.973442][T11314] SQUASHFS error: Failed to read block 0x4ec: -5
[  248.976296][T11314] SQUASHFS error: Unable to read metadata cache entry [4ea]
[  248.979342][T11314] SQUASHFS error: Unable to read inode 0x2011f
[  249.352169][ T7547] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  249.506649][ T7547] usb 6-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  249.510312][ T7547] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  249.517122][ T7547] usb 6-1: Product: syz
[  249.518881][ T7547] usb 6-1: Manufacturer: syz
[  249.520866][ T7547] usb 6-1: SerialNumber: syz
[  249.527776][ T7547] usb 6-1: config 0 descriptor??
[  249.531763][ T7547] ch341 6-1:0.0: ch341-uart converter detected
[  249.718664][   T33] audit: type=1326 audit(1755270465.537:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11310 comm="syz.6.1988" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f916a78ebe9 code=0x7fc00000
[  249.788261][T11335] loop6: detected capacity change from 0 to 8
[  249.802567][T11335] SQUASHFS error: lzo decompression failed, data probably corrupt
[  249.887245][T11335] SQUASHFS error: Failed to read block 0x91: -5
[  249.889899][T11335] SQUASHFS error: Unable to read metadata cache entry [8f]
[  249.900774][T11335] SQUASHFS error: Unable to read inode 0x11f
[  249.913558][ T5848] Bluetooth: hci0: command 0x0405 tx timeout
[  250.445950][T11339] loop6: detected capacity change from 0 to 32768
[  250.493230][T11339] JBD2: Ignoring recovery information on journal
[  250.548479][T11342] program syz.0.2000 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  250.553818][T11339] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  250.606607][ T7547] ch341-uart ttyUSB0: failed to read break control: -71
[  250.609444][ T7547] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[  250.625765][ T8480] ocfs2: Unmounting device (7,6) on (node local)
[  250.634319][ T7547] usb 6-1: USB disconnect, device number 12
[  250.637865][ T7547] ch341 6-1:0.0: device disconnected
[  250.729921][T11349] binder: BC_ATTEMPT_ACQUIRE not supported
[  250.733539][T11349] binder: 11348:11349 ioctl c0306201 2000000001c0 returned -22
[  250.881948][T11361] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1303
[  251.662870][T11391] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2023'.
[  251.728652][T11393] bridge0: port 1(bridge_slave_0) entered forwarding state
[  251.947338][T11399] loop5: detected capacity change from 0 to 4096
[  252.207633][T11405] loop6: detected capacity change from 0 to 512
[  252.211599][T11405] EXT4-fs: Ignoring removed nobh option
[  252.225762][T11405] fscrypt (loop6, inode 2): Error -61 getting encryption context
[  252.228966][T11405] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -61
[  252.235478][T11405] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #13: comm syz.6.2030: casefold flag without casefold feature
[  252.245298][T11405] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.2030: couldn't read orphan inode 13 (err -117)
[  252.256057][T11405] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  252.297062][T11405] EXT4-fs: group quota file already specified
[  252.347781][ T8480] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.359936][T11410] loop5: detected capacity change from 0 to 1024
[  252.755093][T11414] loop6: detected capacity change from 0 to 128
[  252.817481][T11414] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  252.823360][T11414] ext4 filesystem being mounted at /285/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  252.980119][ T8480] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  253.220677][T11420] loop6: detected capacity change from 0 to 2048
[  253.232891][T11420] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=26504, location=26504
[  253.255125][T11420] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  253.713677][ T6214] hfsplus: b-tree write err: -5, ino 4
[  254.303973][  T973] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  254.462219][  T973] usb 6-1: Using ep0 maxpacket: 32
[  254.468969][  T973] usb 6-1: config 4 has an invalid interface number: 128 but max is 0
[  254.472973][  T973] usb 6-1: config 4 has no interface number 0
[  254.475875][  T973] usb 6-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  254.482823][  T973] usb 6-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  254.487084][  T973] usb 6-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  254.490704][  T973] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  254.595187][  T973] hub 6-1:4.128: USB hub found
[  254.787763][  T973] hub 6-1:4.128: 2 ports detected
[  254.789874][  T973] hub 6-1:4.128: Using single TT (err -22)
[  254.906133][T11464] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  254.909357][T11464] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  254.988818][  T973] hub 6-1:4.128: hub_hub_status failed (err = -71)
[  254.992155][  T973] hub 6-1:4.128: config failed, can't get hub status (err -71)
[  255.015161][  T973] usb 6-1: USB disconnect, device number 13
[  255.515733][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  255.710016][T11479] loop5: detected capacity change from 0 to 32768
[  255.715637][T11479] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2063 (11479)
[  255.723323][T11479] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  255.726488][T11479] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  255.729095][T11479] BTRFS info (device loop5): using free-space-tree
[  255.785958][T10062] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  255.927006][T11500] loop6: detected capacity change from 0 to 4096
[  255.946095][T11500] NILFS (loop6): invalid segment: Checksum error in segment payload
[  255.949405][T11500] NILFS (loop6): trying rollback from an earlier position
[  255.991838][T11500] NILFS (loop6): recovery complete
[  256.007911][T11505] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  256.089262][T11511] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2069'.
[  256.112876][T11509] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2070'.
[  256.150029][T11509] IPVS: Error joining to the multicast group
[  256.578136][T11529] loop6: detected capacity change from 0 to 40427
[  256.595904][T11529] F2FS-fs (loop6): invalid crc value
[  256.689255][T11529] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  256.702732][T11529] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  256.716305][T11546] loop5: detected capacity change from 0 to 1024
[  256.747220][ T8480] syz-executor: attempt to access beyond end of device
[  256.747220][ T8480] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  256.756012][ T8480] CPU: 0 UID: 0 PID: 8480 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  256.756033][ T8480] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  256.756040][ T8480] Call Trace:
[  256.756045][ T8480]  <TASK>
[  256.756051][ T8480]  dump_stack_lvl+0x189/0x250
[  256.756072][ T8480]  ? __pfx_dump_stack_lvl+0x10/0x10
[  256.756085][ T8480]  ? __pfx_queue_work_on+0x10/0x10
[  256.756095][ T8480]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  256.756107][ T8480]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  256.756131][ T8480]  f2fs_handle_critical_error+0x37c/0x540
[  256.756159][ T8480]  f2fs_write_end_io+0x886/0xb60
[  256.756183][ T8480]  __submit_merged_bio+0x27a/0x6a0
[  256.756203][ T8480]  __submit_merged_write_cond+0x255/0x530
[  256.756221][ T8480]  f2fs_write_data_pages+0x261d/0x3000
[  256.756264][ T8480]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  256.756290][ T8480]  ? kernel_text_address+0xa5/0xe0
[  256.756297][T11546] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  256.756324][ T8480]  ? stack_depot_save_flags+0x40/0x860
[  256.756354][ T8480]  ? __lock_acquire+0xab9/0xd20
[  256.756371][ T8480]  ? do_raw_spin_lock+0x121/0x290
[  256.756392][ T8480]  ? do_raw_spin_unlock+0x4d/0x240
[  256.756405][ T8480]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  256.756423][ T8480]  do_writepages+0x32e/0x550
[  256.756443][ T8480]  ? do_raw_spin_unlock+0x4d/0x240
[  256.756458][ T8480]  filemap_fdatawrite+0x199/0x240
[  256.756474][ T8480]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  256.756517][ T8480]  ? do_raw_spin_unlock+0x4d/0x240
[  256.756559][ T8480]  f2fs_sync_dirty_inodes+0x31f/0x830
[  256.756581][ T8480]  f2fs_write_checkpoint+0x95a/0x1df0
[  256.756600][ T8480]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  256.756624][ T8480]  ? kill_f2fs_super+0x298/0x6c0
[  256.756634][ T8480]  kill_f2fs_super+0x2c3/0x6c0
[  256.756643][ T8480]  ? __pfx_kill_f2fs_super+0x10/0x10
[  256.756648][ T8480]  ? radix_tree_delete_item+0x2b6/0x400
[  256.756661][ T8480]  ? shrinker_free+0x2ce/0x3e0
[  256.756670][ T8480]  deactivate_locked_super+0xbc/0x130
[  256.756680][ T8480]  cleanup_mnt+0x425/0x4c0
[  256.756688][ T8480]  ? lockdep_hardirqs_on+0x9c/0x150
[  256.756698][ T8480]  task_work_run+0x1d4/0x260
[  256.756708][ T8480]  ? __pfx_task_work_run+0x10/0x10
[  256.756716][ T8480]  ? __x64_sys_umount+0x122/0x160
[  256.756726][ T8480]  ? exit_to_user_mode_loop+0x40/0x110
[  256.756737][ T8480]  exit_to_user_mode_loop+0xec/0x110
[  256.756747][ T8480]  do_syscall_64+0x2bd/0x3b0
[  256.756755][ T8480]  ? lockdep_hardirqs_on+0x9c/0x150
[  256.756763][ T8480]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.756770][ T8480]  ? exc_page_fault+0x9f/0xf0
[  256.756779][ T8480]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.756786][ T8480] RIP: 0033:0x7f916a78ff17
[  256.756793][ T8480] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  256.756799][ T8480] RSP: 002b:00007ffc9cd0e148 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  256.756807][ T8480] RAX: 0000000000000000 RBX: 00007f916a811c05 RCX: 00007f916a78ff17
[  256.756812][ T8480] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc9cd0e200
[  256.756816][ T8480] RBP: 00007ffc9cd0e200 R08: 0000000000002802 R09: 0000000000000000
[  256.756820][ T8480] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc9cd0f290
[  256.756825][ T8480] R13: 00007f916a811c05 R14: 000000000003ea4c R15: 00007ffc9cd0f2d0
[  256.756836][ T8480]  </TASK>
[  256.756839][ T8480] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  256.761200][T11546] ext4 filesystem being mounted at /206/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  256.917911][T11546] EXT4-fs error (device loop5): ext4_readdir:264: inode #2: block 16: comm syz.5.2086: path /206/file1: bad entry in directory: rec_len is smaller than minimal - offset=876, inode=0, rec_len=0, size=1024 fake=0
[  256.930172][T11546] EXT4-fs (loop5): Remounting filesystem read-only
[  256.965809][T10062] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.054089][T11554] loop5: detected capacity change from 0 to 16
[  257.057383][T11554] MTD: Attempt to mount non-MTD device "/dev/loop5"
[  257.109100][T11554] cramfs: Error -3 while decompressing!
[  257.111576][T11554] cramfs: ffffffff99bec5d8(42)->ffff888033675000(4096)
[  257.226275][T11558] loop6: detected capacity change from 0 to 4096
[  257.272346][T11561] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  257.308368][T11558] NILFS error (device loop6): nilfs_dotdot: directory #12 missing '.'
[  257.317053][T11558] Remounting filesystem read-only
[  257.340901][ T8480] NILFS (loop6): disposed unprocessed dirty file(s) when detaching log writer
[  257.470446][   T13] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.558586][   T13] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.635825][   T13] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.763630][   T13] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.933237][ T5853] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  257.946583][ T5853] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  257.952000][ T5853] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  257.960613][ T5853] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  257.969230][ T5853] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  257.990215][   T13] bridge_slave_1: left allmulticast mode
[  257.999004][   T13] bridge_slave_1: left promiscuous mode
[  258.003438][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  258.008792][   T13] bridge_slave_0: left allmulticast mode
[  258.011050][   T13] bridge_slave_0: left promiscuous mode
[  258.014291][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  258.030913][   T13] bond_slave_0: left promiscuous mode
[  258.033591][   T13] bond_slave_1: left promiscuous mode
[  258.397927][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  258.404565][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  258.409899][   T13] bond0 (unregistering): Released all slaves
[  258.505936][T11589] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2105'.
[  258.542595][T11589] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2105'.
[  259.171437][   T13] hsr_slave_0: left promiscuous mode
[  259.179480][   T13] hsr_slave_1: left promiscuous mode
[  259.182623][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  259.186545][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  259.189842][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  259.195342][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  259.215161][   T13] veth1_macvtap: left promiscuous mode
[  259.217563][   T13] veth0_macvtap: left promiscuous mode
[  259.219932][   T13] veth1_vlan: left promiscuous mode
[  259.223994][   T13] veth0_vlan: left promiscuous mode
[  259.860631][   T13] team0 (unregistering): Port device team_slave_1 removed
[  259.993655][   T13] team0 (unregistering): Port device team_slave_0 removed
[  260.085212][ T5848] Bluetooth: hci0: command tx timeout
[  260.496971][T11584] chnl_net:caif_netlink_parms(): no params data found
[  260.586483][T11584] bridge0: port 1(bridge_slave_0) entered blocking state
[  260.589457][T11584] bridge0: port 1(bridge_slave_0) entered disabled state
[  260.599685][T11584] bridge_slave_0: entered allmulticast mode
[  260.603702][T11584] bridge_slave_0: entered promiscuous mode
[  260.607026][T11584] bridge0: port 2(bridge_slave_1) entered blocking state
[  260.609741][T11584] bridge0: port 2(bridge_slave_1) entered disabled state
[  260.613989][T11584] bridge_slave_1: entered allmulticast mode
[  260.617222][T11584] bridge_slave_1: entered promiscuous mode
[  260.637675][ T5914] usb 7-1: [UEAGLE-ATM] firmware is not available
[  260.652854][T11584] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  260.658646][T11584] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  260.686795][T11584] team0: Port device team_slave_0 added
[  260.690149][T11584] team0: Port device team_slave_1 added
[  260.709598][T11584] batman_adv: batadv0: Adding interface: batadv_slave_0
[  260.715515][T11584] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  260.725557][T11584] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  260.730953][T11584] batman_adv: batadv0: Adding interface: batadv_slave_1
[  260.734379][T11584] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  260.745278][T11584] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  260.788442][T11584] hsr_slave_0: entered promiscuous mode
[  260.791550][T11584] hsr_slave_1: entered promiscuous mode
[  260.988315][T11584] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  261.004093][T11584] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  261.024219][T11584] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  261.031644][T11584] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  261.104570][T11584] bridge0: port 2(bridge_slave_1) entered blocking state
[  261.107661][T11584] bridge0: port 2(bridge_slave_1) entered forwarding state
[  261.110906][T11584] bridge0: port 1(bridge_slave_0) entered blocking state
[  261.113935][T11584] bridge0: port 1(bridge_slave_0) entered forwarding state
[  261.177587][T11584] 8021q: adding VLAN 0 to HW filter on device bond0
[  261.190717][ T1108] bridge0: port 1(bridge_slave_0) entered disabled state
[  261.196197][ T1108] bridge0: port 2(bridge_slave_1) entered disabled state
[  261.210025][T11584] 8021q: adding VLAN 0 to HW filter on device team0
[  261.221746][ T1108] bridge0: port 1(bridge_slave_0) entered blocking state
[  261.224821][ T1108] bridge0: port 1(bridge_slave_0) entered forwarding state
[  261.235757][ T1108] bridge0: port 2(bridge_slave_1) entered blocking state
[  261.238905][ T1108] bridge0: port 2(bridge_slave_1) entered forwarding state
[  261.487474][T11584] 8021q: adding VLAN 0 to HW filter on device batadv0
[  261.833037][T11584] veth0_vlan: entered promiscuous mode
[  261.839556][T11666] loop6: detected capacity change from 0 to 8192
[  261.848333][T11584] veth1_vlan: entered promiscuous mode
[  261.875304][T11584] veth0_macvtap: entered promiscuous mode
[  261.880652][T11584] veth1_macvtap: entered promiscuous mode
[  261.888422][ T6066]  loop6: AHDI p1 p2 p4
[  261.897307][T11584] batman_adv: batadv0: Interface activated: batadv_slave_0
[  261.914831][T11666]  loop6: AHDI p1 p2 p4
[  261.918011][T11584] batman_adv: batadv0: Interface activated: batadv_slave_1
[  261.943254][   T12] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  261.946896][   T12] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  261.973793][   T12] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  261.986711][   T12] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  261.999223][ T6066] udevd[6066]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory
[  262.007752][ T5956] udevd[5956]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  262.034656][ T5956] udevd[5956]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  262.041130][ T6066] udevd[6066]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory
[  262.109935][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  262.117607][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  262.145357][ T6214] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  262.148297][ T6214] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  262.153740][ T5848] Bluetooth: hci0: command tx timeout
[  262.218826][T11681] loop7: detected capacity change from 0 to 2048
[  262.241422][T11681] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  262.318826][T11683] vxcan1: tx drop: invalid da for name 0x00000000000000c7
[  262.561763][    C0] vxcan1: j1939_tp_rxtimer: 0xffff88802d5d1c00: rx timeout, send abort
[  262.980288][T11715] loop6: detected capacity change from 0 to 256
[  262.984244][T11715] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  262.991832][T11715] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[  263.002804][T11715] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  263.062686][    C0] vxcan1: j1939_tp_rxtimer: 0xffff88802d5d1400: rx timeout, send abort
[  263.066918][    C0] vxcan1: j1939_tp_rxtimer: 0xffff88802d5d1c00: abort rx timeout. Force session deactivation
[  263.338714][T11718] loop6: detected capacity change from 0 to 32768
[  263.344411][T11718] bcachefs: bch2_fs_open() bch_fs_open err opening /dev/loop6: erofs_nochanges
[  263.348256][T11718] bcachefs: bch2_fs_get_tree() error: erofs_nochanges
[  263.541809][T11732] bridge0: port 2(bridge_slave_1) entered disabled state
[  263.559643][T11735] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2134'.
[  263.563246][T11735] netlink: 'syz.7.2134': attribute type 1 has an invalid length.
[  263.566774][    C0] vxcan1: j1939_tp_rxtimer: 0xffff88802d5d1400: abort rx timeout. Force session deactivation
[  263.577544][T11735] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2134'.
[  263.964952][T11746] loop7: detected capacity change from 0 to 4096
[  263.977842][T11746] ntfs3(loop7): Failed to load $Volume (-22).
[  264.232539][ T5848] Bluetooth: hci0: command tx timeout
[  265.451848][T11769] veth1_macvtap: left promiscuous mode
[  265.456547][T11769] macsec0: entered promiscuous mode
[  265.506826][T11772] mmap: syz.0.2148 (11772): VmData 37482496 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  266.113062][T11798] loop6: detected capacity change from 0 to 4096
[  266.186052][T11798] ntfs3(loop6): ino=1e, "file1" attr_set_size
[  266.189056][T11798] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[  266.312481][ T5848] Bluetooth: hci0: command tx timeout
[  266.435512][T11814] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2169'.
[  266.622172][ T5850] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  266.643155][   T33] audit: type=1326 audit(1755270482.457:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11817 comm="syz.6.2171" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f916a78ebe9 code=0x7ffc0000
[  266.661598][   T33] audit: type=1326 audit(1755270482.467:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11817 comm="syz.6.2171" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f916a78ebe9 code=0x7ffc0000
[  266.674339][   T33] audit: type=1326 audit(1755270482.467:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11817 comm="syz.6.2171" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f916a78ebe9 code=0x7ffc0000
[  266.693853][   T33] audit: type=1326 audit(1755270482.467:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11817 comm="syz.6.2171" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f916a78ebe9 code=0x7ffc0000
[  266.701857][   T33] audit: type=1326 audit(1755270482.477:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11817 comm="syz.6.2171" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f916a78ebe9 code=0x7ffc0000
[  266.730908][   T33] audit: type=1326 audit(1755270482.477:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11817 comm="syz.6.2171" exe="/syz-executor" sig=0 arch=c000003e syscall=271 compat=0 ip=0x7f916a78ebe9 code=0x7ffc0000
[  266.750391][   T33] audit: type=1326 audit(1755270482.497:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11817 comm="syz.6.2171" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f916a78ebe9 code=0x7ffc0000
[  266.768309][   T33] audit: type=1326 audit(1755270482.497:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11817 comm="syz.6.2171" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f916a78ebe9 code=0x7ffc0000
[  266.783921][ T5850] usb 8-1: New USB device found, idVendor=041e, idProduct=4053, bcdDevice=e6.56
[  266.787353][ T5850] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  266.795236][   T33] audit: type=1326 audit(1755270482.497:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11817 comm="syz.6.2171" exe="/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f916a78ebe9 code=0x7ffc0000
[  266.822118][   T33] audit: type=1326 audit(1755270482.497:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11817 comm="syz.6.2171" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f916a78ebe9 code=0x7ffc0000
[  266.833737][ T5850] usb 8-1: config 0 descriptor??
[  266.842807][ T5850] gspca_main: gspca_zc3xx-2.14.0 probing 041e:4053
[  267.046636][ T5850] gspca_zc3xx: reg_w_i err -71
[  267.048869][ T5850] gspca_zc3xx 8-1:0.0: probe with driver gspca_zc3xx failed with error -71
[  267.075550][ T5850] usb 8-1: USB disconnect, device number 2
[  267.346963][T11819] loop6: detected capacity change from 0 to 32768
[  267.398254][T11819] read_mapping_page failed!
[  267.413372][T11819] ERROR: (device loop6): txCommit: 
[  267.413372][T11819] 
[  267.823830][T11828] loop7: detected capacity change from 0 to 512
[  267.909804][T11834] loop6: detected capacity change from 0 to 1024
[  267.917554][T11834] hfsplus: inconsistency in B*Tree (-1,0,1,1,0)
[  267.919990][T11834] hfsplus: failed to load root directory
[  267.960824][T11832] loop7: detected capacity change from 0 to 4096
[  267.973157][T11832] ntfs3(loop7): Different NTFS sector size (2048) and media sector size (512).
[  268.123928][T11842] erspan0: entered promiscuous mode
[  268.966325][T11862] Bluetooth: MGMT ver 1.23
[  269.297546][T11873] loop7: detected capacity change from 0 to 2048
[  269.379920][T11875] loop7: detected capacity change from 0 to 256
[  269.393830][T11875] exfat: Deprecated parameter 'namecase'
[  269.396273][T11875] exfat: Deprecated parameter 'utf8'
[  269.409987][T11875] exFAT-fs (loop7): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6d3f72e, utbl_chksum : 0xe619d30d)
[  269.629734][T11886] loop7: detected capacity change from 0 to 2048
[  269.895252][   T12] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.990209][   T12] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.040912][   T12] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.104955][   T12] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.171678][ T5853] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  270.179822][ T5853] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  270.184348][ T5853] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  270.195786][ T5853] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  270.199221][ T5853] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  270.246769][   T12] bridge_slave_1: left allmulticast mode
[  270.248953][   T12] bridge_slave_1: left promiscuous mode
[  270.251214][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.259309][   T12] bridge_slave_0: left allmulticast mode
[  270.261460][   T12] bridge_slave_0: left promiscuous mode
[  270.264959][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  270.593393][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  270.600217][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  270.605319][   T12] bond0 (unregistering): Released all slaves
[  270.858485][T11888] chnl_net:caif_netlink_parms(): no params data found
[  270.931549][   T12] hsr_slave_0: left promiscuous mode
[  270.934015][   T12] hsr_slave_1: left promiscuous mode
[  270.937157][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  270.940449][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  270.946472][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  270.949269][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  270.968078][   T12] veth0_macvtap: left promiscuous mode
[  270.970557][   T12] veth1_vlan: left promiscuous mode
[  270.972998][   T12] veth0_vlan: left promiscuous mode
[  271.486808][   T12] team0 (unregistering): Port device team_slave_1 removed
[  271.530457][   T12] team0 (unregistering): Port device team_slave_0 removed
[  271.983961][T11902] bond0: Removing last ns target with arp_interval on
[  271.986649][ T5879] bond0: (slave bond_slave_0): interface is now down
[  271.991385][ T5879] bond0: (slave bond_slave_1): interface is now down
[  272.097345][T11888] bridge0: port 1(bridge_slave_0) entered blocking state
[  272.100369][T11888] bridge0: port 1(bridge_slave_0) entered disabled state
[  272.113289][T11888] bridge_slave_0: entered allmulticast mode
[  272.117085][T11888] bridge_slave_0: entered promiscuous mode
[  272.121597][T11888] bridge0: port 2(bridge_slave_1) entered blocking state
[  272.125695][T11888] bridge0: port 2(bridge_slave_1) entered disabled state
[  272.128793][T11888] bridge_slave_1: entered allmulticast mode
[  272.134517][T11888] bridge_slave_1: entered promiscuous mode
[  272.180883][T11912] IPVS: set_ctl: invalid protocol: 33 255.255.255.255:20004
[  272.237781][ T5853] Bluetooth: hci0: command tx timeout
[  272.243234][T11888] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  272.249647][T11888] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  272.305866][T11888] team0: Port device team_slave_0 added
[  272.309020][T11888] team0: Port device team_slave_1 added
[  272.333998][T11888] batman_adv: batadv0: Adding interface: batadv_slave_0
[  272.336168][T11888] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  272.347928][T11888] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  272.362332][T11888] batman_adv: batadv0: Adding interface: batadv_slave_1
[  272.365271][T11888] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  272.377262][T11888] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  272.438886][T11923] openvswitch: netlink: Geneve opt len 62 is not a multiple of 4.
[  272.445322][T11888] hsr_slave_0: entered promiscuous mode
[  272.448326][T11888] hsr_slave_1: entered promiscuous mode
[  272.611625][T11929] fuse: Bad value for 'fd'
[  273.558680][T11888] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  273.585961][T11888] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  273.614594][T11888] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  273.631489][T11888] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  273.928875][T11888] 8021q: adding VLAN 0 to HW filter on device bond0
[  273.953590][T11888] 8021q: adding VLAN 0 to HW filter on device team0
[  273.971867][ T1091] bridge0: port 1(bridge_slave_0) entered blocking state
[  273.975211][ T1091] bridge0: port 1(bridge_slave_0) entered forwarding state
[  274.003012][ T1091] bridge0: port 2(bridge_slave_1) entered blocking state
[  274.006052][ T1091] bridge0: port 2(bridge_slave_1) entered forwarding state
[  274.067364][T11946] A link change request failed with some changes committed already. Interface veth1_to_bond may have been left with an inconsistent configuration, please check.
[  274.091494][T11888] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  274.250337][T11888] 8021q: adding VLAN 0 to HW filter on device batadv0
[  274.395614][ T5853] Bluetooth: hci0: command tx timeout
[  274.876269][T11888] veth0_vlan: entered promiscuous mode
[  274.888238][T11888] veth1_vlan: entered promiscuous mode
[  274.916892][T11888] veth0_macvtap: entered promiscuous mode
[  274.926300][T11888] veth1_macvtap: entered promiscuous mode
[  274.943593][T11888] batman_adv: batadv0: Interface activated: batadv_slave_0
[  274.954182][T11888] batman_adv: batadv0: Interface activated: batadv_slave_1
[  274.968338][   T12] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  274.973176][   T12] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  274.977377][   T12] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  274.984185][   T12] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  275.081036][ T1108] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  275.101195][ T1108] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  275.154619][ T1091] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  275.157942][ T1091] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  276.182139][ T5880] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  276.189733][ T5862] bond0: (slave bond_slave_0): interface is now down
[  276.196145][ T5862] bond0: (slave bond_slave_1): interface is now down
[  276.204074][ T5862] bond0: now running without any active interface!
[  276.332604][ T5880] usb 8-1: Using ep0 maxpacket: 32
[  276.343526][ T5880] usb 8-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  276.347219][ T5880] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  276.353937][ T5880] usb 8-1: Product: syz
[  276.355696][ T5880] usb 8-1: Manufacturer: syz
[  276.357507][ T5880] usb 8-1: SerialNumber: syz
[  276.366213][ T5880] usb 8-1: config 0 descriptor??
[  276.476142][ T5853] Bluetooth: hci0: command tx timeout
[  276.573419][T12049] netlink: 'syz.0.2228': attribute type 15 has an invalid length.
[  276.700854][   T33] kauditd_printk_skb: 46 callbacks suppressed
[  276.700863][   T33] audit: type=1326 audit(1755270492.517:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12059 comm="syz.0.2231" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f112e38ebe9 code=0x7ff00000
[  276.720689][   T33] audit: type=1326 audit(1755270492.517:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12059 comm="syz.0.2231" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f112e38ebe9 code=0x7ff00000
[  276.728178][   T33] audit: type=1326 audit(1755270492.517:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12059 comm="syz.0.2231" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f112e38ebe9 code=0x7ff00000
[  276.739063][   T33] audit: type=1326 audit(1755270492.517:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12059 comm="syz.0.2231" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f112e38ebe9 code=0x7ff00000
[  276.748558][   T33] audit: type=1326 audit(1755270492.517:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12059 comm="syz.0.2231" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f112e38ebe9 code=0x7ff00000
[  276.760752][   T33] audit: type=1326 audit(1755270492.517:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12059 comm="syz.0.2231" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f112e38ebe9 code=0x7ff00000
[  276.769397][   T33] audit: type=1326 audit(1755270492.517:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12059 comm="syz.0.2231" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f112e38ebe9 code=0x7ff00000
[  276.780128][ T5880] airspy 8-1:0.0: Board ID: 00
[  276.782343][ T5880] airspy 8-1:0.0: Firmware version: 
[  276.788872][   T33] audit: type=1326 audit(1755270492.517:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12059 comm="syz.0.2231" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f112e38ebe9 code=0x7ff00000
[  276.799663][   T33] audit: type=1326 audit(1755270492.517:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12059 comm="syz.0.2231" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f112e38ebe9 code=0x7ff00000
[  276.812182][   T33] audit: type=1326 audit(1755270492.517:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12059 comm="syz.0.2231" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f112e38ebe9 code=0x7ff00000
[  276.865924][T12067] tmpfs: Group quota inode hardlimit too large.
[  277.582492][ T5880] airspy 8-1:0.0: usb_control_msg() failed -71 request 0f
[  277.593579][ T5880] airspy 8-1:0.0: Registered as swradio24
[  277.595495][ T5880] airspy 8-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[  277.600691][ T5880] usb 8-1: USB disconnect, device number 3
[  278.173258][T12090] netlink: 'syz.7.2238': attribute type 1 has an invalid length.
[  278.177969][T12090] netlink: 'syz.7.2238': attribute type 2 has an invalid length.
[  278.181005][T12090] netlink: 1172 bytes leftover after parsing attributes in process `syz.7.2238'.
[  278.426826][T12099] random: crng reseeded on system resumption
[  278.552258][ T5853] Bluetooth: hci0: command tx timeout
[  279.354454][T12113] loop7: detected capacity change from 0 to 4096
[  279.370094][T12113] ntfs3(loop7): ino=18, mi_enum_attr
[  279.374918][T12113] ntfs3(loop7): Mark volume as dirty due to NTFS errors
[  279.627976][T12125] loop7: detected capacity change from 0 to 1024
[  279.639172][T12125] EXT4-fs: Ignoring removed orlov option
[  279.656112][T12125] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  279.897153][T11888] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.640137][T12142] netlink: 'syz.7.2262': attribute type 4 has an invalid length.
[  280.656534][T12142] netlink: 'syz.7.2262': attribute type 4 has an invalid length.
[  282.174666][T12162] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2270'.
[  282.228673][T12164] blk_print_req_error: 89 callbacks suppressed
[  282.228690][T12164] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  282.233887][T12164] buffer_io_error: 122 callbacks suppressed
[  282.233894][T12164] Buffer I/O error on dev nbd0, logical block 0, async page read
[  282.238665][T12164] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  282.242225][T12164] Buffer I/O error on dev nbd0, logical block 1, async page read
[  282.244903][T12164] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  282.248237][T12164] Buffer I/O error on dev nbd0, logical block 2, async page read
[  282.251008][T12164] Buffer I/O error on dev nbd0, logical block 3, async page read
[  282.254950][T12164] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  282.258494][T12164] Buffer I/O error on dev nbd0, logical block 0, async page read
[  282.261528][T12164] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  282.265771][T12164] Buffer I/O error on dev nbd0, logical block 1, async page read
[  282.273321][T12164] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  282.277094][T12164] Buffer I/O error on dev nbd0, logical block 2, async page read
[  282.280246][T12164] Buffer I/O error on dev nbd0, logical block 3, async page read
[  282.283676][T12164] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  282.287377][T12164] Buffer I/O error on dev nbd0, logical block 0, async page read
[  282.290667][T12164] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  282.294577][T12164] Buffer I/O error on dev nbd0, logical block 1, async page read
[  282.297794][T12164] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  282.301730][T12164] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  282.308500][T12164] ldm_validate_partition_table(): Disk read failed.
[  282.313485][T12164] Dev nbd0: unable to read RDB block 0
[  282.316842][T12164]  nbd0: unable to read partition table
[  282.319205][T12164] nbd0: partition table beyond EOD, truncated
[  282.766796][T12183] loop6: detected capacity change from 0 to 32768
[  282.962981][ T5901] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  283.113739][ T5901] usb 8-1: Using ep0 maxpacket: 32
[  283.118125][ T5901] usb 8-1: config 0 interface 0 has no altsetting 0
[  283.123667][ T5901] usb 8-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  283.127391][ T5901] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  283.130776][ T5901] usb 8-1: Product: syz
[  283.132684][ T5901] usb 8-1: Manufacturer: syz
[  283.134865][ T5901] usb 8-1: SerialNumber: syz
[  283.139026][ T5901] usb 8-1: config 0 descriptor??
[  283.547625][ T5901] gs_usb 8-1:0.0: Configuring for 1 interfaces
[  284.157847][ T5901] usb 8-1: USB disconnect, device number 4
[  285.439336][T12239] loop8: detected capacity change from 0 to 7
[  285.452857][ T6066] Dev loop8: unable to read RDB block 7
[  285.455267][ T6066]  loop8: unable to read partition table
[  285.458005][ T6066] loop8: partition table beyond EOD, truncated
[  285.469875][T12239] Dev loop8: unable to read RDB block 7
[  285.471825][T12239]  loop8: unable to read partition table
[  285.479775][T12239] loop8: partition table beyond EOD, truncated
[  285.483781][T12239] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5)
[  286.038196][T12252] loop7: detected capacity change from 0 to 1024
[  286.058427][   T33] kauditd_printk_skb: 62 callbacks suppressed
[  286.059050][   T33] audit: type=1800 audit(1755270501.877:188): pid=12252 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2304" name="file1" dev="loop7" ino=20 res=0 errno=0
[  286.484737][T12264] loop7: detected capacity change from 0 to 32768
[  286.515699][T12264] XFS (loop7): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  286.540532][T12264] XFS (loop7): Ending clean mount
[  286.546663][T12264] XFS (loop7): Quotacheck needed: Please wait.
[  286.580391][T12264] XFS (loop7): Quotacheck: Done.
[  286.602627][T11888] XFS (loop7): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  287.135930][T12282] loop6: detected capacity change from 0 to 32768
[  287.147967][T12282] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.2314 (12282)
[  287.196739][T12282] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  287.200562][T12282] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm
[  287.213071][T12282] BTRFS info (device loop6): using free-space-tree
[  287.354910][ T8480] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  287.608364][T12328] program syz.7.2329 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  287.809815][T12338] loop6: detected capacity change from 0 to 4096
[  287.838200][T12338] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  287.900076][ T8480] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.379241][T12357] loop6: detected capacity change from 0 to 32768
[  288.388925][T12357] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.2342 (12357)
[  288.398937][T12357] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  288.405600][T12357] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm
[  288.409082][T12357] BTRFS info (device loop6): using free-space-tree
[  288.492316][T12363] loop7: detected capacity change from 0 to 32768
[  288.513999][ T8480] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  288.514965][T12363] syz.7.2345: attempt to access beyond end of device
[  288.514965][T12363] loop7: rw=0, sector=67109120, nr_sectors = 8 limit=32768
[  288.534688][T12363] Read error 10 at 0x0
[  288.537212][T12363] read_mapping_page failed!
[  288.539100][T12363] jfs_mount: diMount failed w/rc = -5
[  288.544001][T12363] Mount JFS Failure: -5
[  288.555892][T12363] jfs_mount failed w/return code = -5
[  288.763307][T12381] loop6: detected capacity change from 0 to 2048
[  288.770850][T12381] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  289.331890][T12390] loop6: detected capacity change from 0 to 32768
[  289.729616][T12409] netlink: 'syz.0.2357': attribute type 10 has an invalid length.
[  289.735801][T12409] team0: Device hsr_slave_0 failed to register rx_handler
[  289.833700][T12390] (syz.6.2350,12390,0):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options
[  289.851388][T12390] (syz.6.2350,12390,1):ocfs2_fill_super:1177 ERROR: status = -22
[  290.323301][T12434] loop7: detected capacity change from 0 to 512
[  290.350824][T12434] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  290.377130][T12434] ext4 filesystem being mounted at /70/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  290.411854][T12434] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #2: comm syz.7.2365: corrupted inode contents
[  290.424971][T12434] EXT4-fs error (device loop7): ext4_dirty_inode:6538: inode #2: comm syz.7.2365: mark_inode_dirty error
[  290.436136][T12434] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #2: comm syz.7.2365: corrupted inode contents
[  290.454101][T12434] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #2: comm syz.7.2365: corrupted inode contents
[  290.470868][T12434] EXT4-fs error (device loop7): ext4_dirty_inode:6538: inode #2: comm syz.7.2365: mark_inode_dirty error
[  290.476385][T12434] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #2: comm syz.7.2365: corrupted inode contents
[  290.485000][T12434] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #2: comm syz.7.2365: mark_inode_dirty error
[  290.489558][T12434] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #2: comm syz.7.2365: corrupted inode contents
[  290.494702][T12434] EXT4-fs error (device loop7): ext4_dirty_inode:6538: inode #2: comm syz.7.2365: mark_inode_dirty error
[  290.521188][T11888] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.560116][T12443] syz_tun: entered allmulticast mode
[  290.750737][T12442] syz_tun: left allmulticast mode
[  291.029732][T12462] loop7: detected capacity change from 0 to 1024
[  291.060234][T12462] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  291.151431][T12470] netlink: 'syz.6.2380': attribute type 1 has an invalid length.
[  291.151691][T11888] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.155088][T12470] netlink: 'syz.6.2380': attribute type 2 has an invalid length.
[  291.309389][T12478] sp0: Synchronizing with TNC
[  291.390355][T12482] netlink: 212 bytes leftover after parsing attributes in process `syz.7.2386'.
[  291.449877][ T5880] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  291.458839][ T5880] hid-generic 0000:0000:0000.0010: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  291.833734][T12499] autofs4:pid:12499:validate_dev_ioctl: invalid path supplied for cmd(0xc018937a)
[  291.954827][T12501] netlink: 'syz.6.2394': attribute type 15 has an invalid length.
[  292.179305][T12511] loop6: detected capacity change from 0 to 512
[  292.183232][T12511] EXT4-fs: Ignoring removed mblk_io_submit option
[  292.186380][T12511] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  292.189657][T12511] EXT4-fs (loop6): DAX unsupported by block device.
[  293.082602][ T5880] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  293.254487][ T5880] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  293.258880][ T5880] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  293.272115][ T5880] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  293.281964][T12525] loop6: detected capacity change from 0 to 32768
[  293.285304][ T5880] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  293.287561][T12525] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.2405 (12525)
[  293.294416][ T5880] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  293.300758][T12525] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  293.303137][ T5880] usb 8-1: config 0 descriptor??
[  293.307053][T12525] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm
[  293.311709][T12525] BTRFS info (device loop6): using free-space-tree
[  293.341681][   T27] BTRFS warning (device loop6): checksum verify failed on logical 5312512 mirror 1 wanted 0xad3491f02143bbdffac915d60d465609ae738cf44bd4edc228323e9c632ebcf6 found 0x80f5410847985e965fbe378d2cc0b7b491f66c0fe18024e7ed51cf90855c56a9 level 0
[  293.356020][T12525] BTRFS error (device loop6 state C): failed to load root csum
[  293.412491][T12525] BTRFS error (device loop6 state C): open_ctree failed: -5
[  293.716813][T12549] policy can only be matched on NF_INET_PRE_ROUTING
[  293.716831][T12549] unable to load match
[  293.720597][T12550] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2409'.
[  293.742605][ T5880] plantronics 0003:047F:FFFF.0011: ignoring exceeding usage max
[  293.772606][ T5880] plantronics 0003:047F:FFFF.0011: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0
[  293.840750][T12556] loop6: detected capacity change from 0 to 256
[  293.849570][T12556] exfat: Deprecated parameter 'utf8'
[  293.853127][T12556] exfat: Deprecated parameter 'namecase'
[  293.855739][T12556] exfat: Deprecated parameter 'namecase'
[  293.857985][T12556] exfat: Deprecated parameter 'utf8'
[  293.867006][T12556] exFAT-fs (loop6): failed to load upcase table (idx : 0x00012153, chksum : 0x5270ca8d, utbl_chksum : 0xe619d30d)
[  294.030746][ T5914] usb 8-1: USB disconnect, device number 5
[  294.116779][T12566] loop6: detected capacity change from 0 to 2048
[  294.121587][T12566] UDF-fs: error (device loop6): udf_process_sequence: Primary Volume Descriptor not found!
[  294.129961][T12566] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  294.591526][T12578] loop6: detected capacity change from 0 to 32768
[  294.597275][T12578] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.2424 (12578)
[  294.609202][T12578] BTRFS info (device loop6): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  294.619423][T12578] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm
[  294.624059][T12578] BTRFS info (device loop6): using free-space-tree
[  294.839568][T12580] loop7: detected capacity change from 0 to 40427
[  294.845328][ T8480] BTRFS info (device loop6): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  294.849651][T12580] F2FS-fs (loop7): invalid crc value
[  294.956995][T12580] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  294.961466][T12580] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e4
[  295.440424][T12617] loop7: detected capacity change from 0 to 2048
[  295.454645][T12617] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  295.470055][   T33] audit: type=1800 audit(1755270511.287:189): pid=12617 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2433" name="file1" dev="loop7" ino=1415 res=0 errno=0
[  295.730679][T12627] loop7: detected capacity change from 0 to 2048
[  295.749389][T12627] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  295.764190][T12627] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  295.792691][T11888] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.076881][T12632] loop7: detected capacity change from 0 to 40427
[  296.080690][T12632] F2FS-fs (loop7): Wrong segment_count / block_count (64 > 16384)
[  296.084138][T12632] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  296.150273][T12632] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  296.155529][T12632] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  296.158598][T12632] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  296.206377][T11888] syz-executor: attempt to access beyond end of device
[  296.206377][T11888] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  296.216426][T11888] CPU: 1 UID: 0 PID: 11888 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  296.216444][T11888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  296.216452][T11888] Call Trace:
[  296.216457][T11888]  <TASK>
[  296.216463][T11888]  dump_stack_lvl+0x189/0x250
[  296.216484][T11888]  ? __pfx_dump_stack_lvl+0x10/0x10
[  296.216499][T11888]  ? __pfx_queue_work_on+0x10/0x10
[  296.216510][T11888]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  296.216527][T11888]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  296.216549][T11888]  f2fs_handle_critical_error+0x37c/0x540
[  296.216567][T11888]  f2fs_write_end_io+0x886/0xb60
[  296.216586][T11888]  __submit_merged_bio+0x27a/0x6a0
[  296.216602][T11888]  __submit_merged_write_cond+0x255/0x530
[  296.216618][T11888]  f2fs_write_data_pages+0x261d/0x3000
[  296.216650][T11888]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  296.216693][T11888]  ? folios_put_refs+0x559/0x640
[  296.216709][T11888]  ? __pfx_folios_put_refs+0x10/0x10
[  296.216718][T11888]  ? rcu_is_watching+0x15/0xb0
[  296.216732][T11888]  ? __lock_acquire+0xab9/0xd20
[  296.216754][T11888]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  296.216767][T11888]  do_writepages+0x32e/0x550
[  296.216786][T11888]  ? do_raw_spin_unlock+0x4d/0x240
[  296.216799][T11888]  filemap_fdatawrite+0x199/0x240
[  296.216811][T11888]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  296.216849][T11888]  ? do_raw_spin_unlock+0x4d/0x240
[  296.216867][T11888]  f2fs_sync_dirty_inodes+0x31f/0x830
[  296.216884][T11888]  f2fs_write_checkpoint+0x95a/0x1df0
[  296.216906][T11888]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  296.216941][T11888]  ? kill_f2fs_super+0x298/0x6c0
[  296.216953][T11888]  kill_f2fs_super+0x2c3/0x6c0
[  296.216965][T11888]  ? __pfx_kill_f2fs_super+0x10/0x10
[  296.216972][T11888]  ? radix_tree_delete_item+0x2b6/0x400
[  296.216987][T11888]  ? shrinker_free+0x2ce/0x3e0
[  296.216998][T11888]  deactivate_locked_super+0xbc/0x130
[  296.217011][T11888]  cleanup_mnt+0x425/0x4c0
[  296.217021][T11888]  ? lockdep_hardirqs_on+0x9c/0x150
[  296.217035][T11888]  task_work_run+0x1d4/0x260
[  296.217049][T11888]  ? __pfx_task_work_run+0x10/0x10
[  296.217060][T11888]  ? __x64_sys_umount+0x122/0x160
[  296.217074][T11888]  ? exit_to_user_mode_loop+0x40/0x110
[  296.217088][T11888]  exit_to_user_mode_loop+0xec/0x110
[  296.217101][T11888]  do_syscall_64+0x2bd/0x3b0
[  296.217112][T11888]  ? lockdep_hardirqs_on+0x9c/0x150
[  296.217123][T11888]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.217132][T11888]  ? exc_page_fault+0x9f/0xf0
[  296.217145][T11888]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.217153][T11888] RIP: 0033:0x7f7e7f38ff17
[  296.217162][T11888] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  296.217169][T11888] RSP: 002b:00007ffcd2525158 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  296.217180][T11888] RAX: 0000000000000000 RBX: 00007f7e7f411c05 RCX: 00007f7e7f38ff17
[  296.217186][T11888] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcd2525210
[  296.217191][T11888] RBP: 00007ffcd2525210 R08: 0000000000000000 R09: 0000000000000000
[  296.217197][T11888] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcd25262a0
[  296.217203][T11888] R13: 00007f7e7f411c05 R14: 000000000004846f R15: 00007ffcd25262e0
[  296.217243][T11888]  </TASK>
[  296.217248][T11888] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  296.577005][T12638] pim6reg: tun_chr_ioctl cmd 2147767507
[  296.666929][T12640] loop7: detected capacity change from 0 to 2048
[  296.681433][T12640] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  296.694381][T12640] ext4 filesystem being mounted at /97/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  296.702981][   T33] audit: type=1800 audit(1755270512.527:190): pid=12640 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2441" name="file0" dev="loop7" ino=13 res=0 errno=0
[  296.717317][T12640] fs-verity (loop7, inode 13): Error -22 reading file data
[  296.719598][T12640] fs-verity (loop7, inode 13): Error -22 building Merkle tree
[  296.737267][T11888] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.550804][T12662] overlay: filesystem on ./bus is read-only
[  297.624525][T12664] loop7: detected capacity change from 0 to 1024
[  297.639361][T12664] EXT4-fs: inline encryption not supported
[  297.641589][T12664] EXT4-fs: Ignoring removed i_version option
[  297.654522][T12664] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  297.665639][T12664] EXT4-fs error (device loop7): ext4_map_blocks:778: inode #3: block 2: comm syz.7.2452: lblock 2 mapped to illegal pblock 2 (length 1)
[  297.671974][T12664] Quota error (device loop7): qtree_write_dquot: dquota write failed
[  297.675384][T12664] EXT4-fs error (device loop7): ext4_map_blocks:778: inode #3: block 48: comm syz.7.2452: lblock 0 mapped to illegal pblock 48 (length 1)
[  297.680585][T12664] Quota error (device loop7): v2_write_file_info: Can't write info structure
[  297.685683][T12664] EXT4-fs error (device loop7): ext4_acquire_dquot:6933: comm syz.7.2452: Failed to acquire dquot type 0
[  297.689949][T12664] EXT4-fs error (device loop7) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  297.693855][T12664] EXT4-fs error (device loop7): ext4_evict_inode:254: inode #11: comm syz.7.2452: mark_inode_dirty error
[  297.698423][T12664] EXT4-fs warning (device loop7): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  297.708486][T12664] EXT4-fs (loop7): 1 orphan inode deleted
[  297.711703][T12664] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  297.721198][T12664] EXT4-fs error (device loop7): ext4_map_blocks:778: inode #3: block 1: comm syz.7.2452: lblock 1 mapped to illegal pblock 1 (length 1)
[  297.735619][T12664] Quota error (device loop7): find_next_id: Can't read quota tree block 1
[  297.738960][ T8701] EXT4-fs error (device loop7): ext4_map_blocks:778: inode #3: block 1: comm kworker/u10:7: lblock 1 mapped to illegal pblock 1 (length 1)
[  297.748829][ T8701] Quota error (device loop7): remove_tree: Can't read quota data block 1
[  297.755261][ T8701] EXT4-fs error (device loop7): ext4_release_dquot:6969: comm kworker/u10:7: Failed to release dquot type 0
[  297.769605][T11888] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.776602][T11888] EXT4-fs error (device loop7): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0
[  297.787283][T11888] EXT4-fs error (device loop7) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  297.791779][T11888] EXT4-fs error (device loop7): ext4_quota_off:7217: inode #3: comm syz-executor: mark_inode_dirty error
[  297.833901][T12667] loop7: detected capacity change from 0 to 256
[  297.856757][T12667] FAT-fs (loop7): Directory bread(block 64) failed
[  297.859306][T12667] FAT-fs (loop7): Directory bread(block 65) failed
[  297.861870][T12667] FAT-fs (loop7): Directory bread(block 66) failed
[  297.867922][T12667] FAT-fs (loop7): Directory bread(block 67) failed
[  297.870753][T12667] FAT-fs (loop7): Directory bread(block 68) failed
[  297.875365][T12667] FAT-fs (loop7): Directory bread(block 69) failed
[  297.878092][T12667] FAT-fs (loop7): Directory bread(block 70) failed
[  297.880743][T12667] FAT-fs (loop7): Directory bread(block 71) failed
[  297.883800][T12667] FAT-fs (loop7): Directory bread(block 72) failed
[  297.886382][T12667] FAT-fs (loop7): Directory bread(block 73) failed
[  298.282548][ T5880] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  298.388315][T12681] loop6: detected capacity change from 0 to 32768
[  298.437092][ T5880] usb 8-1: New USB device found, idVendor=0733, idProduct=0430, bcdDevice=35.fb
[  298.440824][ T5880] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  298.450176][ T5880] usb 8-1: config 0 descriptor??
[  298.455228][ T5880] gspca_main: spca505-2.14.0 probing 0733:0430
[  298.508550][T12681] bcachefs (loop6): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[  298.508566][T12681]   allowing incompatible features above 0.0: (unknown version)
[  298.508574][T12681]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  298.524360][T12681] bcachefs (loop6): Using encoding defined by superblock: utf8-12.1.0
[  298.527703][T12681] bcachefs (loop6): initializing new filesystem
[  298.536612][T12681] bcachefs (loop6): going read-write
[  298.542235][T12681] bcachefs (loop6): marking superblocks
[  298.550230][T12681] bcachefs (loop6): initializing freespace
[  298.555735][T12681] bcachefs (loop6): done initializing freespace
[  298.560073][T12681] bcachefs (loop6): reading snapshots table
[  298.562642][T12681] bcachefs (loop6): reading snapshots done
[  298.590713][T12681] bcachefs (loop6):  loop6: Superblock write was silently dropped! (seq 0 expected 42)
[  298.595472][T12681] bcachefs (loop6): done starting filesystem
[  298.835483][ T8480] bcachefs (loop6): shutting down
[  298.837663][ T8480] bcachefs (loop6): going read-only
[  298.840518][ T8480] bcachefs (loop6): finished waiting for writes to stop
[  298.845328][ T8480] bcachefs (loop6): flushing journal and stopping allocators, journal seq 4
[  298.876820][ T8480] bcachefs (loop6): flushing journal and stopping allocators complete, journal seq 5
[  298.882832][ T5880] gspca_spca505: reg write: error -71
[  298.884648][ T8480] bcachefs (loop6): clean shutdown complete, journal seq 6
[  298.884731][ T5880] spca505 8-1:0.0: probe with driver spca505 failed with error -5
[  298.890805][ T8480] bcachefs (loop6): marking filesystem clean
[  298.903089][ T5880] usb 8-1: USB disconnect, device number 6
[  298.920045][ T8480] bcachefs (loop6): shutdown complete
[  299.570354][T12702] loop7: detected capacity change from 0 to 128
[  299.579504][T12702] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[  299.620852][T11888] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  300.022292][ T5880] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  300.178014][ T5880] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  300.182980][ T5880] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  300.187560][ T5880] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  300.201086][ T5880] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  300.207962][ T5880] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  300.211620][ T5880] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  300.238534][ T5880] usb 8-1: config 0 descriptor??
[  300.721775][ T5880] plantronics 0003:047F:FFFF.0012: ignoring exceeding usage max
[  300.741532][ T5880] plantronics 0003:047F:FFFF.0012: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0
[  301.935499][T12740] loop6: detected capacity change from 0 to 32768
[  301.968981][T12740] (syz.6.2483,12740,0):ocfs2_init_local_system_inodes:496 ERROR: status=-22, sysfile=10, slot=0
[  301.980214][T12740] (syz.6.2483,12740,0):ocfs2_init_local_system_inodes:505 ERROR: status = -22
[  301.987676][T12740] (syz.6.2483,12740,0):ocfs2_mount_volume:1758 ERROR: status = -22
[  302.002846][T12740] (syz.6.2483,12740,1):ocfs2_fill_super:1177 ERROR: status = -22
[  302.215916][T12754] netlink: 'syz.6.2489': attribute type 14 has an invalid length.
[  302.491924][T12766] loop6: detected capacity change from 0 to 4096
[  302.498594][T12766] ntfs3(loop6): Different NTFS sector size (2048) and media sector size (512).
[  302.620573][T12768] loop7: detected capacity change from 0 to 2048
[  302.654493][T12768] NILFS (loop7): broken superblock, retrying with spare superblock (blocksize = 1024)
[  302.659609][ T6066] udevd[6066]: incorrect nilfs2 checksum on /dev/loop7
[  302.663712][T12768] NILFS (loop7): too large filesystem blocksize: 2 ^ 347668480 KiB
[  302.701449][   T33] audit: type=1800 audit(1755270518.517:191): pid=12769 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2495" name="file1" dev="loop6" ino=30 res=0 errno=0
[  302.748537][   T47] usb 8-1: USB disconnect, device number 7
[  302.769906][T12773] loop7: detected capacity change from 0 to 256
[  303.068707][T12777] vivid-000: disconnect
[  303.070679][T12776] vivid-000: reconnect
[  303.374636][T12785] loop7: detected capacity change from 0 to 512
[  303.408852][T12785] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  303.415624][T12785] ext4 filesystem being mounted at /125/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  303.562710][T11888] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.038841][T12802] sp0: Synchronizing with TNC
[  304.260343][T12814] tipc: Started in network mode
[  304.263024][T12814] tipc: Node identity 6a0ffc8546be, cluster identity 4711
[  304.269061][T12814] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  304.277710][T12814] syzkaller0: entered promiscuous mode
[  304.279538][T12817] program syz.7.2518 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  304.279935][T12814] syzkaller0: entered allmulticast mode
[  304.309912][T12814] tipc: Resetting bearer <eth:syzkaller0>
[  304.316847][T12812] tipc: Resetting bearer <eth:syzkaller0>
[  304.332250][T12812] tipc: Disabling bearer <eth:syzkaller0>
[  304.451047][T12826] loop6: detected capacity change from 0 to 1024
[  304.580425][T12840] netlink: 'syz.0.2529': attribute type 5 has an invalid length.
[  304.602234][   T47] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  304.756745][   T47] usb 8-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  304.760807][   T47] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  304.765338][   T47] usb 8-1: Product: syz
[  304.767310][   T47] usb 8-1: Manufacturer: syz
[  304.769429][   T47] usb 8-1: SerialNumber: syz
[  304.780554][   T47] usb 8-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  304.806970][   T24] usb 8-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  305.272723][   T47] usb 8-1: USB disconnect, device number 8
[  305.775138][T12871] netlink: 'syz.0.2542': attribute type 1 has an invalid length.
[  305.778075][T12871] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2542'.
[  305.835713][   T24] ath9k_htc 8-1:1.0: ath9k_htc: Target is unresponsive
[  305.839844][   T24] ath9k_htc: Failed to initialize the device
[  305.847925][   T47] usb 8-1: ath9k_htc: USB layer deinitialized
[  305.985424][T12891] loop7: detected capacity change from 0 to 128
[  306.011092][T12891] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  306.016709][T12891] ext4 filesystem being mounted at /137/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  306.052888][T11888] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  306.135851][T12902] loop7: detected capacity change from 0 to 16
[  306.160949][T12902] erofs (device loop7): mounted with root inode @ nid 36.
[  306.213520][T12907] netlink: 'syz.7.2557': attribute type 11 has an invalid length.
[  306.216290][T12907] netlink: 3657 bytes leftover after parsing attributes in process `syz.7.2557'.
[  306.372432][T12923] netlink: 'syz.7.2565': attribute type 10 has an invalid length.
[  306.386203][T12923] 8021q: adding VLAN 0 to HW filter on device team0
[  306.390919][T12923] bond0: (slave team0): Enslaving as an active interface with an up link
[  306.400032][T12927] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2567'.
[  306.440385][T12929] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  306.526555][T12935] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2570'.
[  306.918343][T12950] loop7: detected capacity change from 0 to 4096
[  306.928775][T12950] ntfs3(loop7): Different NTFS sector size (2048) and media sector size (512).
[  307.301202][T12971] loop7: detected capacity change from 0 to 1024
[  307.304441][T12971] hfsplus: Unknown parameter ''
[  307.382982][T12972] RDS: rds_bind could not find a transport for fe80::bb, load rds_tcp or rds_rdma?
[  307.997959][T12980] loop6: detected capacity change from 0 to 128
[  308.043099][T12980] FAT-fs (loop6): Directory bread(block 11554) failed
[  308.064232][T12980] FAT-fs (loop6): Directory bread(block 11555) failed
[  308.085409][T12980] FAT-fs (loop6): Directory bread(block 11556) failed
[  308.110771][T12980] FAT-fs (loop6): Directory bread(block 11557) failed
[  308.132491][T12980] FAT-fs (loop6): Directory bread(block 11558) failed
[  308.152265][T12980] FAT-fs (loop6): Directory bread(block 11559) failed
[  308.154895][T12980] FAT-fs (loop6): Directory bread(block 11560) failed
[  308.157546][T12980] FAT-fs (loop6): Directory bread(block 11561) failed
[  308.160313][T12980] FAT-fs (loop6): Directory bread(block 11562) failed
[  308.163272][T12980] FAT-fs (loop6): Directory bread(block 11563) failed
[  308.635391][T12984] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2590'.
[  308.799463][ T5848] Bluetooth: hci4: command 0x0406 tx timeout
[  308.912177][T12992] netlink: 25 bytes leftover after parsing attributes in process `syz.6.2594'.
[  308.998613][T12996] netlink: 48 bytes leftover after parsing attributes in process `syz.7.2596'.
[  309.225031][T13016] vivid-003: disconnect
[  309.259319][T13008] loop7: detected capacity change from 0 to 32768
[  309.266169][T13008] 
[  309.266169][T13008]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  309.266169][T13008] 
[  309.290271][T13008] JFS: metapage_get_blocks failed
[  309.294958][T13008] ERROR: (device loop7): release_metapage: metapage_write_one() failed
[  309.294958][T13008] 
[  309.300191][T13008] ERROR: (device loop7): diWrite: ixpxd invalid
[  309.300191][T13008] 
[  309.311476][T13008] ERROR: (device loop7): txCommit: 
[  309.311476][T13008] 
[  309.319366][T13008] ERROR: (device loop7): diWrite: ixpxd invalid
[  309.319366][T13008] 
[  309.322900][T13008] ERROR: (device loop7): txCommit: 
[  309.322900][T13008] 
[  309.348254][T13015] vivid-003: reconnect
[  309.368733][T11888] 
[  309.368733][T11888]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  309.368733][T11888] 
[  309.376862][T11888] 
[  309.376862][T11888]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  309.376862][T11888] 
[  309.503590][T13028] loop7: detected capacity change from 0 to 1024
[  309.580965][T13032] netlink: 'syz.6.2611': attribute type 21 has an invalid length.
[  309.584929][T13032] netlink: 'syz.6.2611': attribute type 15 has an invalid length.
[  309.598486][T13032] netlink: 156 bytes leftover after parsing attributes in process `syz.6.2611'.
[  309.603862][T13032] IPv6: NLM_F_CREATE should be specified when creating new route
[  309.609840][T13032] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  309.612521][T13032] IPv6: NLM_F_CREATE should be set when creating new route
[  309.615156][T13032] IPv6: NLM_F_CREATE should be set when creating new route
[  309.617572][T13032] IPv6: NLM_F_CREATE should be set when creating new route
[  310.296059][T13041] loop6: detected capacity change from 0 to 4096
[  310.304635][T13041] NILFS (loop6): invalid segment: Checksum error in segment payload
[  310.307406][T13041] NILFS (loop6): trying rollback from an earlier position
[  310.364657][T13041] NILFS (loop6): recovery complete
[  310.368650][T13042] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  310.460036][T13044] loop6: detected capacity change from 0 to 1024
[  310.467249][T13044] EXT4-fs: Ignoring removed bh option
[  310.497518][T13044] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  310.598439][ T8480] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  310.817854][    C0] vkms_vblank_simulate: vblank timer overrun
[  311.055756][ T8701] hfsplus: b-tree write err: -5, ino 3
[  311.098559][T13057] loop6: detected capacity change from 0 to 1024
[  311.137744][T13057] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  311.153481][   T33] audit: type=1800 audit(1755270526.967:192): pid=13057 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2622" name="bus" dev="loop6" ino=18 res=0 errno=0
[  311.155854][T13057] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4183: comm syz.6.2622: Allocating blocks 385-513 which overlap fs metadata
[  311.171881][T13057] EXT4-fs (loop6): pa ffff8881035392b8: logic 16, phys. 129, len 24
[  311.174796][T13057] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  311.181848][T13057] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 2 with max blocks 3 with error 1
[  311.187279][T13057] EXT4-fs (loop6): This should not happen!! Data will be lost
[  311.187279][T13057] 
[  311.207641][ T8480] Trying to write to read-only block-device loop6
[  311.218690][ T8480] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.408077][ T5879] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  312.533331][ T5880] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  312.598264][T13115] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2647'.
[  312.741228][T13120] netlink: 44 bytes leftover after parsing attributes in process `syz.6.2649'.
[  312.755167][ T5880] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  312.762434][ T5880] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  312.766070][ T5880] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xDA, changing to 0x8A
[  312.778030][ T5880] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  312.784000][ T5880] usb 8-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  312.790143][ T5880] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  312.795705][ T5880] usb 8-1: SerialNumber: syz
[  312.800700][ T5880] usb 8-1: config 0 descriptor??
[  312.942541][   T33] audit: type=1326 audit(1755270528.767:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13137 comm="syz.6.2654" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f916a78ebe9 code=0x0
[  313.029524][ T5880] usb 8-1: USB disconnect, device number 9
[  313.866599][   T33] audit: type=1326 audit(1755270529.677:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13157 comm="syz.6.2660" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f916a78ebe9 code=0x0
[  314.106957][T13172] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  314.883924][T13183] loop6: detected capacity change from 0 to 2048

syzkaller
syzkaller login: [  315.421732][T10411] libceph: connect (1)[c::]:6789 error -101
[  315.425691][T10411] libceph: mon0 (1)[c::]:6789 connect error
[  315.431367][T10411] libceph: connect (1)[c::]:6789 error -101
[  315.434556][T10411] libceph: mon0 (1)[c::]:6789 connect error
[  315.521896][T13185] loop6: detected capacity change from 0 to 65536
[  315.569787][T13190] ceph: No mds server is up or the cluster is laggy
[  315.589577][T13185] XFS (loop6): Mounting V5 filesystem 6653b971-41ab-480a-bd7b-5ff79b9409b5 in no-recovery mode. Filesystem will be inconsistent.
[  315.626994][T13185] XFS (loop6): Metadata CRC error detected at xfs_agi_read_verify+0x12f/0x1f0, xfs_agi block 0x8002 
[  315.631673][T13185] XFS (loop6): Unmount and run xfs_repair
[  315.634199][T13185] XFS (loop6): First 128 bytes of corrupted metadata buffer:
[  315.636672][T13185] 00000000: 58 41 47 49 00 00 00 01 00 00 00 01 00 00 40 00  XAGI..........@.
[  315.640240][T13185] 00000010: 00 00 00 00 00 00 00 04 00 00 00 01 00 00 00 00  ................
[  315.644150][T13185] 00000020: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  315.647598][T13185] 00000030: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  315.650959][T13185] 00000040: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  315.655239][T13185] 00000050: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  315.658776][T13185] 00000060: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  315.662385][T13185] 00000070: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  315.666263][T13185] XFS (loop6): metadata I/O error in "xfs_read_agi+0x272/0x5b0" at daddr 0x8002 len 1 error 74
[  315.673026][T13185] XFS (loop6): Uncorrected metadata errors detected; please run xfs_repair.
[  316.190256][T13211] loop6: detected capacity change from 0 to 32768
[  316.365503][T13213] loop7: detected capacity change from 0 to 32768
[  316.416974][T13215] loop6: detected capacity change from 0 to 32768
[  316.424286][T13215] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.2674 (13215)
[  316.429543][T13215] BTRFS error: failed to open device for path /dev/loop6 with flags 0x23: -13
[  316.678042][T13226] netlink: 'syz.0.2678': attribute type 12 has an invalid length.
[  316.931999][T13229] loop7: detected capacity change from 0 to 8
[  316.935895][T13229] SQUASHFS error: zlib decompression failed, data probably corrupt
[  316.942475][T13229] SQUASHFS error: Failed to read block 0x9b: -5
[  316.944525][T13229] SQUASHFS error: Unable to read metadata cache entry [99]
[  316.947562][T13229] SQUASHFS error: Unable to read inode 0x127
[  317.472233][ T5880] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  317.626822][ T5880] usb 8-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[  317.630719][ T5880] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  317.634780][ T5880] usb 8-1: Product: syz
[  317.637013][ T5880] usb 8-1: Manufacturer: syz
[  317.639008][ T5880] usb 8-1: SerialNumber: syz
[  317.643399][ T5880] usb 8-1: config 0 descriptor??
[  317.651190][ T5880] gspca_main: sunplus-2.14.0 probing 055f:c230
[  317.931869][T13254] tmpfs: Bad value for 'mpol'
[  318.857162][T13261] netlink: 248 bytes leftover after parsing attributes in process `syz.0.2693'.
[  319.422584][ T5880] gspca_sunplus: reg_r err -71
[  319.426965][ T5880] sunplus 8-1:0.0: probe with driver sunplus failed with error -71
[  319.436204][ T5880] usb 8-1: USB disconnect, device number 10
[  319.787019][T13282] loop6: detected capacity change from 0 to 32768
[  319.976242][T13298] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2701'.
[  320.120453][T13312] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2707'.
[  320.883473][T13325] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2712'.
[  322.998923][T13349] overlayfs: only single ':' or double '::' sequences of unescaped colons in lowerdir mount option allowed.
[  324.216924][T13377] netlink: del zone limit has 4 unknown bytes
[  324.241656][T13381] loop6: detected capacity change from 0 to 256
[  324.250397][T13381] loop6: detected capacity change from 0 to 128
[  324.333673][   T33] audit: type=1326 audit(1755270540.153:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13386 comm="syz.7.2736" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7e7f38ebe9 code=0x0
[  325.773372][T13399] loop7: detected capacity change from 0 to 131072
[  325.819899][T13399] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  325.823521][T13399] F2FS-fs (loop7): Mounted with checkpoint version = 1b41e955
[  327.253886][T13423] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2745'.
[  327.257121][T13423] bridge_slave_1: left allmulticast mode
[  327.259466][T13423] bridge_slave_1: left promiscuous mode
[  327.261751][T13423] bridge0: port 2(bridge_slave_1) entered disabled state
[  327.267323][T13423] bridge_slave_0: left allmulticast mode
[  327.269119][T13423] bridge_slave_0: left promiscuous mode
[  327.270996][T13423] bridge0: port 1(bridge_slave_0) entered disabled state
[  327.354009][T13425] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[  328.089227][T13444] loop6: detected capacity change from 0 to 32768
[  328.109885][T13444] bcachefs (/dev/loop6): error validating superblock: Invalid superblock section clean: entry type btree_keys overruns end of section
[  328.109885][T13444] clean (size 2912):
[  328.109885][T13444] flags:          0
[  328.109885][T13444] journal_seq:    8
[  328.109885][T13444] prio_ptrs: 
[  328.109885][T13444] usage: type=key_version v=0
[  328.109885][T13444] usage: type=reserved v=0
[  328.109885][T13444] usage: type=reserved v=0
[  328.109885][T13444] usage: type=reserved v=0
[  328.109885][T13444] usage: type=reserved v=0
[  328.109885][T13444] data_usage: btree: 1/1 [0]=2816
[  328.109885][T13444] data_usage: journal: 1/1 [0]=0
[  328.109885][T13444] data_usage: user: 1/1 [0]=32
[  328.109885][T13444] dev_usage: dev=0  
[  328.109885][T13444]   free: buckets=83 sectors=0 fragmented=0
[  328.109885][T13444]   sb: buckets=25 sectors=6152 fragmented=248
[  328.109885][T13444]   journal: buckets=8 sectors=2048 fragmented=0
[  328.109885][T13444]   btree: buckets=11 sectors=2816 fragmented=0
[  328.109885][T13444]   user: buckets=1 sectors=32 fragmented=224
[  328.109885][T13444]   cached: buckets=0 sectors=0 fragmented=0
[  328.109885][T13444]   parity: buckets=0 sectors=0 fragmented=0
[  328.109885][T13444]   stripe: buckets=0 sectors=0 fragmented=0
[  328.109885][T13444]   need_gc_gens: buckets=0 sectors=0 fragmented=0
[  328.109885][T13444]   need_discard: buckets=0 sectors=0 fragmented=0
[  328.109885][T13444] clock: read=0
[  328.109885][T13444] clock: write=1288
[  328.109885][T13444] btree_root: btree=extents level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 249e7ae2af8ee3
[  328.110380][T13444] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean
[  328.931276][T13469] ALSA: mixer_oss: invalid OSS volume ''
[  328.936376][T13469] ALSA: mixer_oss: invalid OSS volume 'I'
[  330.278633][T13488] loop7: detected capacity change from 0 to 1024
[  330.301188][T13488] EXT4-fs (loop7): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  330.305926][T13488] ext4 filesystem being mounted at /236/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  330.311780][T13488] EXT4-fs error (device loop7): ext4_map_blocks:814: inode #15: block 3: comm syz.7.2775: lblock 3 mapped to illegal pblock 3 (length 3)
[  330.320942][T13488] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  330.325116][T13488] EXT4-fs (loop7): This should not happen!! Data will be lost
[  330.325116][T13488] 
[  330.343706][T11888] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  330.599379][T13494] loop7: detected capacity change from 0 to 32768
[  330.615281][T13494] XFS (loop7): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  330.642265][T13494] XFS (loop7): Ending clean mount
[  330.649736][T13494] XFS (loop7): Quotacheck needed: Please wait.
[  330.682505][T13494] XFS (loop7): Quotacheck: Done.
[  330.742423][T11888] XFS (loop7): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  330.855828][T13509] loop7: detected capacity change from 0 to 128
[  330.859537][T13509] EXT4-fs: Ignoring removed nomblk_io_submit option
[  330.863566][T13509] EXT4-fs (loop7): Test dummy encryption mode enabled
[  330.868381][T13509] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  330.874211][T13509] ext4 filesystem being mounted at /238/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  330.913716][T11888] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  332.677454][T13535] loop6: detected capacity change from 0 to 1024
[  332.681617][T13535] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  332.693758][T13535] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  332.711661][T13535] EXT4-fs error (device loop6): ext4_get_journal_inode:5796: inode #5: comm syz.6.2787: unexpected bad inode w/o EXT4_IGET_BAD
[  332.727605][T13535] EXT4-fs (loop6): Remounting filesystem read-only
[  332.737803][T13535] EXT4-fs (loop6): no journal found
[  332.739923][T13535] EXT4-fs (loop6): can't get journal size
[  332.748169][T13535] EXT4-fs (loop6): failed to initialize system zone (-117)
[  332.751358][T13535] EXT4-fs (loop6): mount failed
[  333.750183][T13596] binder: 13595:13596 ioctl c0306201 200000000540 returned -14
[  333.948719][T13601] loop7: detected capacity change from 0 to 32768
[  333.959411][T13601] XFS (loop7): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  333.980667][T13601] XFS (loop7): Ending clean mount
[  333.989530][T13601] XFS (loop7): Quotacheck needed: Please wait.
[  334.029508][T13601] XFS (loop7): Quotacheck: Done.
[  334.085895][T11888] XFS (loop7): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  335.304708][T13637] loop7: detected capacity change from 0 to 32768
[  335.317375][T13637] JBD2: Ignoring recovery information on journal
[  335.342174][T13637] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  335.359830][T13637] (syz.7.2830,13637,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry too close to end - offset=32, inode=17057, rec_len=280, name_len=10
[  335.390465][T11888] ocfs2: Unmounting device (7,7) on (node local)
[  335.802177][   T47] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  335.952203][   T47] usb 8-1: Using ep0 maxpacket: 16
[  335.959597][   T47] usb 8-1: config index 0 descriptor too short (expected 16456, got 72)
[  335.963391][   T47] usb 8-1: config 0 has an invalid interface number: 125 but max is 1
[  335.966740][   T47] usb 8-1: config 0 has an invalid interface number: 125 but max is 1
[  335.969975][   T47] usb 8-1: config 0 has an invalid interface number: 125 but max is 1
[  335.974538][   T47] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 2
[  335.978286][   T47] usb 8-1: config 0 has no interface number 0
[  335.980949][   T47] usb 8-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  335.985979][   T47] usb 8-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  335.990136][   T47] usb 8-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  335.995011][   T47] usb 8-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  336.000481][   T47] usb 8-1: config 0 interface 125 has no altsetting 0
[  336.003532][   T47] usb 8-1: config 0 interface 125 has no altsetting 2
[  336.008462][   T47] usb 8-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  336.012405][   T47] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  336.015739][   T47] usb 8-1: Product: syz
[  336.017457][   T47] usb 8-1: Manufacturer: syz
[  336.019355][   T47] usb 8-1: SerialNumber: syz
[  336.025253][   T47] usb 8-1: config 0 descriptor??
[  336.036342][   T47] usb 8-1: selecting invalid altsetting 2
[  336.239797][    C1] usb 8-1: async_complete: urb error -71
[  336.242232][    C1] usb 8-1: async_complete: urb error -71
[  336.244468][    C1] usb 8-1: async_complete: urb error -71
[  336.246852][    C1] usb 8-1: async_complete: urb error -71
[  336.251560][   T47] get_1284_register: usb error -71
[  336.253811][   T47] uss720 8-1:0.125: probe with driver uss720 failed with error -71
[  336.259693][   T47] usb 8-1: USB disconnect, device number 11
[  336.441723][T13647] openvswitch: netlink: IP tunnel dst address not specified
[  337.967853][T13677] loop7: detected capacity change from 0 to 32768
[  337.972569][T13677] XFS: noikeep mount option is deprecated.
[  337.990120][T13677] XFS (loop7): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  338.006629][T13677] XFS (loop7): Ending clean mount
[  338.013556][T13677] XFS (loop7): Quotacheck needed: Please wait.
[  338.038511][T13677] XFS (loop7): Quotacheck: Done.
[  338.083094][T11888] XFS (loop7): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  338.239497][T13687] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  339.494123][   T33] audit: type=1326 audit(1755270555.313:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13713 comm="syz.7.2860" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7e7f38ebe9 code=0x0
[  339.625458][T13725] loop6: detected capacity change from 0 to 4096
[  340.515992][T13733] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2869'.
[  340.521790][T13733] netlink: 'syz.0.2869': attribute type 1 has an invalid length.
[  340.525651][T13733] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2869'.
[  340.593164][ T5901] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  340.742298][ T5901] usb 8-1: Using ep0 maxpacket: 32
[  340.751991][ T5901] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  340.764739][ T5901] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  340.768374][ T5901] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  340.774461][ T5901] usb 8-1: Product: syz
[  340.776236][ T5901] usb 8-1: Manufacturer: syz
[  340.778107][ T5901] usb 8-1: SerialNumber: syz
[  340.792871][ T5901] usb 8-1: config 0 descriptor??
[  340.800517][T13731] raw-gadget.2 gadget.7: fail, usb_ep_enable returned -22
[  341.016541][   T47] usb 8-1: USB disconnect, device number 12
[  341.940165][T13769] loop7: detected capacity change from 0 to 512
[  341.946672][T13769] EXT4-fs error (device loop7): ext4_init_orphan_info:585: comm syz.7.2886: inode #0: comm syz.7.2886: iget: illegal inode #
[  341.955271][T13769] EXT4-fs (loop7): get orphan inode failed
[  341.958204][T13769] EXT4-fs (loop7): mount failed
[  342.249770][T13778] loop7: detected capacity change from 0 to 40427
[  342.260456][T13778] F2FS-fs (loop7): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288)
[  342.263591][T13778] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  342.270015][T13778] F2FS-fs (loop7): Fix alignment : done, start(4096) end(16896) block(12288)
[  342.278547][T13778] F2FS-fs (loop7): invalid crc value
[  342.315903][T13778] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  342.321426][T13778] F2FS-fs (loop7): Start checkpoint disabled!
[  342.328780][T13778] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  342.331638][T13778] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  343.659900][   T33] audit: type=1326 audit(1755270559.473:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13807 comm="syz.7.2899" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e7f38ebe9 code=0x7ffc0000
[  343.667736][   T33] audit: type=1326 audit(1755270559.473:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13807 comm="syz.7.2899" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e7f38ebe9 code=0x7ffc0000
[  343.677519][   T33] audit: type=1326 audit(1755270559.473:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13807 comm="syz.7.2899" exe="/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f7e7f38ebe9 code=0x7ffc0000
[  343.706328][   T33] audit: type=1326 audit(1755270559.473:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13807 comm="syz.7.2899" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e7f38ebe9 code=0x7ffc0000
[  343.717426][   T33] audit: type=1326 audit(1755270559.483:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13807 comm="syz.7.2899" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e7f38ebe9 code=0x7ffc0000
[  343.726265][   T33] audit: type=1326 audit(1755270559.483:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13807 comm="syz.7.2899" exe="/syz-executor" sig=0 arch=c000003e syscall=260 compat=0 ip=0x7f7e7f38ebe9 code=0x7ffc0000
[  343.745119][   T33] audit: type=1326 audit(1755270559.483:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13807 comm="syz.7.2899" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e7f38ebe9 code=0x7ffc0000
[  343.762703][   T33] audit: type=1326 audit(1755270559.483:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13807 comm="syz.7.2899" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e7f38ebe9 code=0x7ffc0000
[  344.130211][   T47] hid-generic 0005:16C0:5505.0013: item fetching failed at offset 0/2
[  344.133437][   T47] hid-generic 0005:16C0:5505.0013: probe with driver hid-generic failed with error -22
[  344.252519][ T5880] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  344.274469][T13831] loop6: detected capacity change from 0 to 128
[  344.402541][ T5880] usb 8-1: Using ep0 maxpacket: 32
[  344.405759][ T5880] usb 8-1: config 0 has an invalid interface number: 196 but max is 0
[  344.408433][ T5880] usb 8-1: config 0 has no interface number 0
[  344.410447][ T5880] usb 8-1: config 0 interface 196 has no altsetting 0
[  344.415297][ T5880] usb 8-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  344.418360][ T5880] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  344.421504][ T5880] usb 8-1: Product: syz
[  344.424925][ T5880] usb 8-1: Manufacturer: syz
[  344.427475][ T5880] usb 8-1: SerialNumber: syz
[  344.432459][ T5880] usb 8-1: config 0 descriptor??
[  344.641592][ T5880] ipheth 8-1:0.196: Unable to find endpoints
[  344.647070][ T5880] usb 8-1: USB disconnect, device number 13
[  345.231959][T13846] loop6: detected capacity change from 0 to 128
[  345.682207][ T5880] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  345.842477][ T5880] usb 8-1: Using ep0 maxpacket: 16
[  345.849949][ T5880] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  345.859453][ T5880] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  345.865932][ T5880] usb 8-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  345.869182][ T5880] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  345.871776][ T5880] usb 8-1: Product: syz
[  345.874161][ T5880] usb 8-1: Manufacturer: syz
[  345.875789][ T5880] usb 8-1: SerialNumber: syz
[  345.882748][ T5880] usb 8-1: config 0 descriptor??
[  345.888295][ T5880] em28xx 8-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  345.896771][ T5880] em28xx 8-1:0.0: Audio interface 0 found (Vendor Class)
[  346.132565][T13888] netlink: 'syz.0.2936': attribute type 1 has an invalid length.
[  346.135554][T13888] netlink: 'syz.0.2936': attribute type 2 has an invalid length.
[  346.139400][T13888] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2936'.
[  346.280682][T13899] openvswitch: netlink: VXLAN extension 0 has unexpected len 4 expected 0
[  346.490648][ T5880] em28xx 8-1:0.0: unknown em28xx chip ID (0)
[  346.502794][ T5880] em28xx 8-1:0.0: Config register raw data: 0x41
[  346.718100][ T5901] usb 8-1: USB disconnect, device number 14
[  346.721874][ T5901] em28xx 8-1:0.0: Disconnecting em28xx
[  346.755236][ T5901] em28xx 8-1:0.0: Freeing device
[  347.440491][T13915] overlayfs: upper fs does not support tmpfile.
[  347.650911][T13923] Bluetooth: (null): Invalid header checksum
[  348.003957][T13933] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  348.556998][T13935] gretap0: entered promiscuous mode
[  348.664014][T13941] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2958'.
[  348.675438][T13941] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2958'.
[  348.753397][T13945] loop7: detected capacity change from 0 to 512
[  348.768469][T13945] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  348.781658][T13945] EXT4-fs (loop7): 1 truncate cleaned up
[  348.786873][T13945] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  348.823551][T11888] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  348.926148][T13949] loop7: detected capacity change from 0 to 8192
[  350.096858][   T33] audit: type=1800 audit(1755270565.913:205): pid=13985 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2976" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0
[  350.926676][T13993] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2978'.
[  351.067474][T13997] loop7: detected capacity change from 0 to 256
[  351.075324][T13997] exFAT-fs (loop7): error, The cluster chain has a loop
[  351.078316][T13997] exFAT-fs (loop7): failed to count the number of clusters in root
[  351.081674][T13997] exFAT-fs (loop7): failed to recognize exfat type
[  352.167640][T14013] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  352.310068][T14021] qrtr: Invalid version 0
[  352.344403][T14023] loop7: detected capacity change from 0 to 1024
[  352.350664][T14023] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  352.359355][T14023] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  352.365484][T14023] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  352.369123][T14023] EXT4-fs (loop7): orphan cleanup on readonly fs
[  352.377988][T14023] EXT4-fs error (device loop7): ext4_map_blocks:814: inode #3: block 3: comm syz.7.2992: lblock 3 mapped to illegal pblock 3 (length 1)
[  352.385652][T14023] Quota error (device loop7): write_blk: dquota write failed
[  352.388709][T14023] Quota error (device loop7): find_free_dqentry: Can't write quota data block 3
[  352.394434][T14023] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota
[  352.399120][T14023] EXT4-fs error (device loop7): ext4_acquire_dquot:6933: comm syz.7.2992: Failed to acquire dquot type 0
[  352.404828][T14023] EXT4-fs error (device loop7): ext4_map_blocks:778: inode #3: block 3: comm syz.7.2992: lblock 3 mapped to illegal pblock 3 (length 1)
[  352.410612][T14023] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota
[  352.417036][T14023] EXT4-fs error (device loop7): ext4_acquire_dquot:6933: comm syz.7.2992: Failed to acquire dquot type 0
[  352.421952][T14023] EXT4-fs error (device loop7): ext4_free_blocks:6696: comm syz.7.2992: Freeing blocks not in datazone - block = 0, count = 4096
[  352.430993][T14023] EXT4-fs error (device loop7): ext4_map_blocks:778: inode #3: block 3: comm syz.7.2992: lblock 3 mapped to illegal pblock 3 (length 1)
[  352.440427][T14023] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota
[  352.445402][T14023] EXT4-fs error (device loop7): ext4_acquire_dquot:6933: comm syz.7.2992: Failed to acquire dquot type 0
[  352.450061][T14023] EXT4-fs (loop7): 1 orphan inode deleted
[  352.456378][T14023] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  352.487994][T11888] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.786032][T14039] loop7: detected capacity change from 0 to 32768
[  352.798417][T14039] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  352.846706][T11888] ocfs2: Unmounting device (7,7) on (node local)
[  353.314112][T14050] loop6: detected capacity change from 0 to 32768
[  353.316681][T14050] XFS: attr2 mount option is deprecated.
[  353.350551][T14052] loop6: detected capacity change from 0 to 1024
[  353.353379][ T5880] usb 8-1: new full-speed USB device number 15 using dummy_hcd
[  353.515980][ T5880] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  353.520094][ T5880] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[  353.524945][ T5880] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10
[  353.529301][ T5880] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  353.718885][ T5880] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  353.744361][ T5880] usb 8-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  353.748528][ T5880] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  353.751470][ T5880] usb 8-1: Product: syz
[  353.753524][ T5880] usb 8-1: Manufacturer: syz
[  353.755166][ T5880] usb 8-1: SerialNumber: syz
[  353.762570][ T5880] usb 8-1: config 0 descriptor??
[  353.838483][T14058] loop6: detected capacity change from 0 to 512
[  353.970504][ T5880] radio-si470x 8-1:0.0: DeviceID=0x0000 ChipID=0x0000
[  353.973231][ T5880] radio-si470x 8-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0.
[  354.171286][ T5880] radio-si470x 8-1:0.0: software version 0, hardware version 0
[  354.174108][ T5880] radio-si470x 8-1:0.0: This driver is known to work with hardware version 1, but the device has hardware version 0.
[  354.178242][ T5880] radio-si470x 8-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org
[  354.372979][ T5880] radio-si470x 8-1:0.0: submitting int urb failed (-90)
[  354.818092][ T5853] Bluetooth: hci2: Malformed LE Event: 0x1d
[  355.353108][ T5880] radio-si470x 8-1:0.0: si470x_get_report: usb_control_msg returned -71
[  355.372311][ T5880] radio-si470x 8-1:0.0: probe with driver radio-si470x failed with error -22
[  355.378114][ T5880] usb 8-1: USB disconnect, device number 15
[  355.841550][T14082] af_packet: tpacket_rcv: packet too big, clamped from 32 to 4294967272. macoff=96
[  356.259592][T14087] ptrace attach of "/syz-executor exec"[11888] was attempted by ""[14087]
[  356.461566][T14095] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  356.744591][T14097] loop7: detected capacity change from 0 to 40427
[  356.750405][T14097] F2FS-fs (loop7): invalid crc value
[  356.787017][T14097] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  356.796118][T14097] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  356.825424][T11888] syz-executor: attempt to access beyond end of device
[  356.825424][T11888] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  356.830296][T11888] CPU: 0 UID: 0 PID: 11888 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  356.830312][T11888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  356.830319][T11888] Call Trace:
[  356.830324][T11888]  <TASK>
[  356.830330][T11888]  dump_stack_lvl+0x189/0x250
[  356.830352][T11888]  ? __pfx_dump_stack_lvl+0x10/0x10
[  356.830366][T11888]  ? __pfx_queue_work_on+0x10/0x10
[  356.830378][T11888]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  356.830394][T11888]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  356.830420][T11888]  f2fs_handle_critical_error+0x37c/0x540
[  356.830444][T11888]  f2fs_write_end_io+0x886/0xb60
[  356.830471][T11888]  __submit_merged_bio+0x27a/0x6a0
[  356.830494][T11888]  __submit_merged_write_cond+0x255/0x530
[  356.830516][T11888]  f2fs_write_data_pages+0x261d/0x3000
[  356.830563][T11888]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  356.830629][T11888]  ? folios_put_refs+0x559/0x640
[  356.830653][T11888]  ? __lock_acquire+0xab9/0xd20
[  356.830677][T11888]  ? do_raw_spin_lock+0x121/0x290
[  356.830702][T11888]  ? do_raw_spin_unlock+0x4d/0x240
[  356.830716][T11888]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  356.830734][T11888]  do_writepages+0x32e/0x550
[  356.830786][T11888]  ? do_raw_spin_unlock+0x4d/0x240
[  356.830806][T11888]  filemap_fdatawrite+0x199/0x240
[  356.830823][T11888]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  356.830880][T11888]  ? do_raw_spin_unlock+0x4d/0x240
[  356.830899][T11888]  f2fs_sync_dirty_inodes+0x31f/0x830
[  356.830925][T11888]  f2fs_write_checkpoint+0x95a/0x1df0
[  356.830959][T11888]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  356.831013][T11888]  ? kill_f2fs_super+0x298/0x6c0
[  356.831030][T11888]  kill_f2fs_super+0x2c3/0x6c0
[  356.831048][T11888]  ? __pfx_kill_f2fs_super+0x10/0x10
[  356.831058][T11888]  ? radix_tree_delete_item+0x2b6/0x400
[  356.831080][T11888]  ? shrinker_free+0x2ce/0x3e0
[  356.831096][T11888]  deactivate_locked_super+0xbc/0x130
[  356.831112][T11888]  cleanup_mnt+0x425/0x4c0
[  356.831127][T11888]  ? lockdep_hardirqs_on+0x9c/0x150
[  356.831145][T11888]  task_work_run+0x1d4/0x260
[  356.831164][T11888]  ? __pfx_task_work_run+0x10/0x10
[  356.831177][T11888]  ? __x64_sys_umount+0x122/0x160
[  356.831197][T11888]  ? exit_to_user_mode_loop+0x40/0x110
[  356.831223][T11888]  exit_to_user_mode_loop+0xec/0x110
[  356.831240][T11888]  do_syscall_64+0x2bd/0x3b0
[  356.831255][T11888]  ? lockdep_hardirqs_on+0x9c/0x150
[  356.831269][T11888]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.831281][T11888]  ? exc_page_fault+0x9f/0xf0
[  356.831298][T11888]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.831309][T11888] RIP: 0033:0x7f7e7f38ff17
[  356.831321][T11888] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  356.831331][T11888] RSP: 002b:00007ffcd2525158 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  356.831344][T11888] RAX: 0000000000000000 RBX: 00007f7e7f411c05 RCX: 00007f7e7f38ff17
[  356.831352][T11888] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcd2525210
[  356.831360][T11888] RBP: 00007ffcd2525210 R08: 0000000000000000 R09: 0000000000000000
[  356.831367][T11888] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcd25262a0
[  356.831374][T11888] R13: 00007f7e7f411c05 R14: 0000000000057149 R15: 00007ffcd25262e0
[  356.831398][T11888]  </TASK>
[  356.831403][T11888] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  357.251232][T14125] netlink: 132 bytes leftover after parsing attributes in process `syz.6.3034'.
[  357.504126][T14133] loop6: detected capacity change from 0 to 40427
[  357.585577][T14133] loop6: detected capacity change from 0 to 2364
[  357.630872][T14140] netlink: 'syz.6.3040': attribute type 1 has an invalid length.
[  357.637805][T14140] netlink: 244 bytes leftover after parsing attributes in process `syz.6.3040'.
[  358.573940][T14157] loop7: detected capacity change from 0 to 32768
[  358.597556][T14157] XFS (loop7): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  358.607915][T14157] XFS (loop7): Ending clean mount
[  358.641548][T11888] XFS (loop7): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  359.275227][T14183] loop7: detected capacity change from 0 to 32768
[  359.292998][T14183] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  359.338217][T11888] ocfs2: Unmounting device (7,7) on (node local)
[  359.478075][T14189] loop7: detected capacity change from 0 to 1024
[  359.585182][T14190] RDS: rds_bind could not find a transport for fe80::bb, load rds_tcp or rds_rdma?
[  359.611288][   T33] audit: type=1800 audit(1755270575.423:206): pid=14190 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3058" name="file1" dev="loop7" ino=20 res=0 errno=0
[  360.703094][T14204] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3065'.
[  360.971327][T14222] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3073'.
[  361.046445][   T47] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[  361.051761][T14222] netlink: 32 bytes leftover after parsing attributes in process `syz.6.3073'.
[  361.222319][   T47] usb 8-1: Using ep0 maxpacket: 16
[  361.245685][   T47] usb 8-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  361.266761][   T47] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  361.302590][   T47] usb 8-1: config 0 descriptor??
[  361.318579][   T47] gspca_main: sonixj-2.14.0 probing 0471:0327
[  363.341648][   T47] gspca_sonixj: reg_r err -71
[  363.343951][   T47] sonixj 8-1:0.0: probe with driver sonixj failed with error -71
[  363.348040][   T47] usb 8-1: USB disconnect, device number 16
[  365.069318][T14276] pim6reg: entered allmulticast mode
[  365.073682][T14276] pim6reg: left allmulticast mode
[  365.259208][T14284] option changes via remount are deprecated (pid=14283 comm=syz.7.3099)
[  365.718215][   T33] audit: type=1326 audit(1755270581.533:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14302 comm="syz.7.3107" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7e7f38ebe9 code=0x0
[  365.787159][T14301] loop6: detected capacity change from 0 to 32768
[  365.816504][T14301] ocfs2: Readonly device (7,6) detected. Cluster services will not be used for this mount. Recovery will be skipped.
[  365.822865][T14301] ocfs2: Mounting device (7,6) on (node local, slot 65535) with ordered data mode.
[  365.847846][ T8480] INFO: trying to register non-static key.
[  365.850325][ T8480] The code is fine but needs lockdep annotation, or maybe
[  365.853461][ T8480] you didn't initialize this object before use?
[  365.856650][ T8480] turning off the locking correctness validator.
[  365.859337][ T8480] CPU: 0 UID: 0 PID: 8480 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  365.859353][ T8480] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  365.859361][ T8480] Call Trace:
[  365.859367][ T8480]  <TASK>
[  365.859373][ T8480]  dump_stack_lvl+0x189/0x250
[  365.859390][ T8480]  ? rcu_is_watching+0x15/0xb0
[  365.859402][ T8480]  ? __pfx_dump_stack_lvl+0x10/0x10
[  365.859415][ T8480]  ? __pfx__printk+0x10/0x10
[  365.859430][ T8480]  ? __is_module_percpu_address+0x39b/0x3f0
[  365.859442][ T8480]  ? is_module_address+0x17/0xf0
[  365.859455][ T8480]  assign_lock_key+0x133/0x150
[  365.859468][ T8480]  register_lock_class+0x105/0x320
[  365.859484][ T8480]  __lock_acquire+0x99/0xd20
[  365.859499][ T8480]  ? ktime_get+0x3e/0x1f0
[  365.859512][ T8480]  ? ocfs2_mark_lockres_freeing+0x125/0x580
[  365.859526][ T8480]  lock_acquire+0x120/0x360
[  365.859540][ T8480]  ? ocfs2_mark_lockres_freeing+0x125/0x580
[  365.859556][ T8480]  _raw_spin_lock_irqsave+0xa7/0xf0
[  365.859570][ T8480]  ? ocfs2_mark_lockres_freeing+0x125/0x580
[  365.859582][ T8480]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  365.859596][ T8480]  ? ktime_get+0x1cb/0x1f0
[  365.859607][ T8480]  ocfs2_mark_lockres_freeing+0x125/0x580
[  365.859622][ T8480]  ? __pfx_ocfs2_mark_lockres_freeing+0x10/0x10
[  365.859638][ T8480]  ? ocfs2_journal_shutdown+0x64b/0xaf0
[  365.859654][ T8480]  ? __pfx_ocfs2_journal_shutdown+0x10/0x10
[  365.859667][ T8480]  ? kfree+0x18e/0x440
[  365.859706][ T8480]  ocfs2_dlm_shutdown+0x3a/0x240
[  365.859721][ T8480]  ocfs2_dismount_volume+0x46a/0x8d0
[  365.859739][ T8480]  ? __pfx_ocfs2_dismount_volume+0x10/0x10
[  365.859753][ T8480]  ? __pfx_evict_inodes+0x10/0x10
[  365.859771][ T8480]  ? __pfx_ocfs2_put_super+0x10/0x10
[  365.859787][ T8480]  generic_shutdown_super+0x135/0x2c0
[  365.859800][ T8480]  kill_block_super+0x44/0x90
[  365.859815][ T8480]  deactivate_locked_super+0xbc/0x130
[  365.859828][ T8480]  cleanup_mnt+0x425/0x4c0
[  365.859840][ T8480]  ? lockdep_hardirqs_on+0x9c/0x150
[  365.859855][ T8480]  task_work_run+0x1d4/0x260
[  365.859869][ T8480]  ? __pfx_task_work_run+0x10/0x10
[  365.859883][ T8480]  ? __x64_sys_umount+0x122/0x160
[  365.859898][ T8480]  ? exit_to_user_mode_loop+0x40/0x110
[  365.859912][ T8480]  exit_to_user_mode_loop+0xec/0x110
[  365.859925][ T8480]  do_syscall_64+0x2bd/0x3b0
[  365.859939][ T8480]  ? lockdep_hardirqs_on+0x9c/0x150
[  365.859952][ T8480]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.859963][ T8480]  ? exc_page_fault+0x9f/0xf0
[  365.859977][ T8480]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.859987][ T8480] RIP: 0033:0x7f916a78ff17
[  365.859998][ T8480] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  365.860008][ T8480] RSP: 002b:00007ffc9cd0e148 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  365.860021][ T8480] RAX: 0000000000000000 RBX: 00007f916a811c05 RCX: 00007f916a78ff17
[  365.860030][ T8480] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc9cd0e200
[  365.860036][ T8480] RBP: 00007ffc9cd0e200 R08: 0000000000000000 R09: 0000000000000000
[  365.860043][ T8480] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc9cd0f290
[  365.860051][ T8480] R13: 00007f916a811c05 R14: 0000000000059480 R15: 00007ffc9cd0f2d0
[  365.860062][ T8480]  </TASK>
[  365.970222][    C0] vkms_vblank_simulate: vblank timer overrun
[  365.974941][ T8480] ocfs2: Unmounting device (7,6) on (node local)
[  365.986425][ T8480] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] SMP KASAN PTI
[  365.990215][ T8480] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
[  365.992893][ T8480] CPU: 0 UID: 0 PID: 8480 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  365.996904][ T8480] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  366.000784][ T8480] RIP: 0010:ocfs2_evict_inode+0x2d05/0x40e0
[  366.002764][ T8480] Code: 02 00 00 48 89 d8 48 c1 e8 03 42 80 3c 30 00 74 08 48 89 df e8 9c e2 83 fe 4d 01 f4 48 8b 1b 48 83 c3 08 48 89 d8 48 c1 e8 03 <42> 80 3c 30 00 74 08 48 89 df e8 7c e2 83 fe 48 8b 3b 49 81 c7 88
[  366.009410][ T8480] RSP: 0018:ffffc9000481f340 EFLAGS: 00010202
[  366.011395][ T8480] RAX: 0000000000000001 RBX: 0000000000000008 RCX: ffff88801efe0000
[  366.014122][ T8480] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  366.016925][ T8480] RBP: ffffc9000481fa70 R08: ffff888032f39477 R09: 1ffff110065e728e
[  366.019751][ T8480] R10: dffffc0000000000 R11: ffffed10065e728f R12: fffff52000903e78
[  366.022664][ T8480] R13: ffff888032f39720 R14: dffffc0000000000 R15: ffff888032f396f8
[  366.025588][ T8480] FS:  000055557c38a500(0000) GS:ffff8880b861b000(0000) knlGS:0000000000000000
[  366.028376][ T8480] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  366.030470][ T8480] CR2: 00007f916a7733e0 CR3: 0000000113b76000 CR4: 00000000000006f0
[  366.033369][ T8480] Call Trace:
[  366.034654][ T8480]  <TASK>
[  366.035784][ T8480]  ? prb_first_seq+0xfd/0x1a0
[  366.037582][ T8480]  ? rcu_qs+0xc4/0x170
[  366.039036][ T8480]  ? __pfx_ocfs2_evict_inode+0x10/0x10
[  366.040923][ T8480]  ? __switch_to+0xdae/0x1670
[  366.042526][ T8480]  ? __pfx___switch_to+0x10/0x10
[  366.044118][ T8480]  ? finish_task_switch+0x18b/0x950
[  366.046174][ T8480]  ? rcu_is_watching+0x15/0xb0
[  366.048041][ T8480]  ? rcu_is_watching+0x15/0xb0
[  366.049899][ T8480]  ? finish_task_switch+0x32b/0x950
[  366.051863][ T8480]  ? rcu_is_watching+0x15/0xb0
[  366.053755][ T8480]  ? trace_sched_exit_tp+0x36/0x110
[  366.055736][ T8480]  ? __schedule+0x17ae/0x4cc0
[  366.057574][ T8480]  ? unwind_next_frame+0x10/0x2390
[  366.059589][ T8480]  ? __asan_memset+0x22/0x50
[  366.061478][ T8480]  ? __pfx___schedule+0x10/0x10
[  366.063414][ T8480]  ? __resched_curr+0x202/0x3e0
[  366.065284][ T8480]  ? do_raw_spin_lock+0x121/0x290
[  366.067225][ T8480]  ? rcu_is_watching+0x15/0xb0
[  366.069029][ T8480]  ? do_raw_spin_unlock+0x4d/0x240
[  366.071079][ T8480]  ? _raw_spin_unlock+0x28/0x50
[  366.072984][ T8480]  ? writeback_single_inode+0x43e/0x6a0
[  366.075163][ T8480]  ? write_inode_now+0x160/0x1d0
[  366.077145][ T8480]  ? __pfx_write_inode_now+0x10/0x10
[  366.079286][ T8480]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  366.081708][ T8480]  ? inode_wait_for_writeback+0xf9/0x290
[  366.083972][ T8480]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[  366.086423][ T8480]  ? rcu_is_watching+0x15/0xb0
[  366.088345][ T8480]  ? do_raw_spin_unlock+0x4d/0x240
[  366.090409][ T8480]  ? __pfx_ocfs2_evict_inode+0x10/0x10
[  366.092518][ T8480]  evict+0x504/0x9c0
[  366.093817][ T8480]  ? __pfx_evict+0x10/0x10
[  366.095272][ T8480]  ? do_raw_spin_unlock+0x4d/0x240
[  366.097225][ T8480]  ? _raw_spin_unlock+0x28/0x50
[  366.099130][ T8480]  ? iput+0x6d8/0x9d0
[  366.100708][ T8480]  ocfs2_free_slot_info+0x79/0x260
[  366.102804][ T8480]  ocfs2_delete_osb+0x58/0x170
[  366.104753][ T8480]  ocfs2_dismount_volume+0x57a/0x8d0
[  366.106852][ T8480]  ? __pfx_ocfs2_dismount_volume+0x10/0x10
[  366.108887][ T8480]  ? __pfx_evict_inodes+0x10/0x10
[  366.110583][ T8480]  ? __pfx_ocfs2_put_super+0x10/0x10
[  366.112492][ T8480]  generic_shutdown_super+0x135/0x2c0
[  366.114508][ T8480]  kill_block_super+0x44/0x90
[  366.116303][ T8480]  deactivate_locked_super+0xbc/0x130
[  366.118083][ T8480]  cleanup_mnt+0x425/0x4c0
[  366.119712][ T8480]  ? lockdep_hardirqs_on+0x9c/0x150
[  366.121433][ T8480]  task_work_run+0x1d4/0x260
[  366.122995][ T8480]  ? __pfx_task_work_run+0x10/0x10
[  366.124699][ T8480]  ? __x64_sys_umount+0x122/0x160
[  366.126355][ T8480]  ? exit_to_user_mode_loop+0x40/0x110
[  366.128151][ T8480]  exit_to_user_mode_loop+0xec/0x110
[  366.129894][ T8480]  do_syscall_64+0x2bd/0x3b0
[  366.131444][ T8480]  ? lockdep_hardirqs_on+0x9c/0x150
[  366.133309][ T8480]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.135656][ T8480]  ? exc_page_fault+0x9f/0xf0
[  366.137262][ T8480]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.139213][ T8480] RIP: 0033:0x7f916a78ff17
[  366.140706][ T8480] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  366.147008][ T8480] RSP: 002b:00007ffc9cd0e148 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  366.149871][ T8480] RAX: 0000000000000000 RBX: 00007f916a811c05 RCX: 00007f916a78ff17
[  366.152956][ T8480] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc9cd0e200
[  366.155655][ T8480] RBP: 00007ffc9cd0e200 R08: 0000000000000000 R09: 0000000000000000
[  366.158473][ T8480] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc9cd0f290
[  366.161056][ T8480] R13: 00007f916a811c05 R14: 0000000000059480 R15: 00007ffc9cd0f2d0
[  366.163629][ T8480]  </TASK>
[  366.164663][ T8480] Modules linked in:
[  366.166066][    C0] vkms_vblank_simulate: vblank timer overrun
[  366.168409][ T8480] ---[ end trace 0000000000000000 ]---
[  366.172596][ T8480] RIP: 0010:ocfs2_evict_inode+0x2d05/0x40e0
[  366.174559][ T8480] Code: 02 00 00 48 89 d8 48 c1 e8 03 42 80 3c 30 00 74 08 48 89 df e8 9c e2 83 fe 4d 01 f4 48 8b 1b 48 83 c3 08 48 89 d8 48 c1 e8 03 <42> 80 3c 30 00 74 08 48 89 df e8 7c e2 83 fe 48 8b 3b 49 81 c7 88
[  366.181014][ T8480] RSP: 0018:ffffc9000481f340 EFLAGS: 00010202
[  366.183512][ T8480] RAX: 0000000000000001 RBX: 0000000000000008 RCX: ffff88801efe0000
[  366.186522][ T8480] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  366.189227][ T8480] RBP: ffffc9000481fa70 R08: ffff888032f39477 R09: 1ffff110065e728e
[  366.191920][ T8480] R10: dffffc0000000000 R11: ffffed10065e728f R12: fffff52000903e78
[  366.194948][ T8480] R13: ffff888032f39720 R14: dffffc0000000000 R15: ffff888032f396f8
[  366.197699][ T8480] FS:  000055557c38a500(0000) GS:ffff8881a3c1b000(0000) knlGS:0000000000000000
[  366.200735][ T8480] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  366.203193][ T8480] CR2: 000055558b4435c8 CR3: 0000000113b76000 CR4: 00000000000006f0
[  366.205974][ T8480] Kernel panic - not syncing: Fatal exception
[  366.208766][ T8480] Kernel Offset: disabled
[  366.210207][ T8480] Rebooting in 86400 seconds..

VM DIAGNOSIS:
15:09:41  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=0000000000000000 RCX=0000000000000000 RDX=00000000000003f9
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f9 RSP=ffffc9000481f1b0
R8 =0000000000000003 R9 =0000000000000004 R10=dffffc0000000000 R11=ffffffff854f1730
R12=dffffc0000000000 R13=dffffc0000000000 R14=ffffffff99def3a0 R15=0000000000000000
RIP=ffffffff854f17ac RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055557c38a500 ffffffff 00c00000
GS =0000 ffff8880b861b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f916a7733e0 CR3=0000000113b76000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffff81748632 ffffffff8133c57e
XMM02=00007f7e7f587498 ffffffff8133c57e XMM03=00007f7e7f5874a8 00007f7e7f5874a0
XMM04=00007f7e800ed100 00007f7e7f587460 XMM05=00007f7e7f587478 00007f7e7f5874c0
XMM06=00007f7e7f5874b8 00007f7e7f5874b0 XMM07=00007f7e7f5874a8 00007f7e7f5874a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f7e7f412fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=38689887a4f6a600 RBX=ffffffff81968308 RCX=38689887a4f6a600 RDX=0000000000000001
RSI=ffffffff8be333e0 RDI=ffffffff81968308 RBP=ffffc90000177f20 RSP=ffffc90000177de0
R8 =ffff888136632f9b R9 =1ffff11026cc65f3 R10=dffffc0000000000 R11=ffffed1026cc65f4
R12=ffffffff8fa37f30 R13=0000000000000001 R14=0000000000000001 R15=1ffff110200d0000
RIP=ffffffff8b7953f3 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c1b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00005570c01b57e8 CR3=0000000028fe2000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 00000000000001a4 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 0000000000000000 XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
