last executing test programs:

1m3.36103066s ago: executing program 0 (id=612):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r3 = open(0x0, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r4, 0x0, 0x0)
syz_genetlink_get_family_id$l2tp(0x0, r3)
fanotify_mark(0xffffffffffffffff, 0x201, 0x4000003e, 0xffffffffffffffff, 0x0)
r5 = socket$inet6(0xa, 0x3, 0x8)
connect$inet6(r5, &(0x7f0000000200)={0xa, 0x4e24, 0x2, @empty}, 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r5, 0x29, 0x3b, &(0x7f0000000080)=ANY=[], 0xd8)
sendmmsg(r5, &(0x7f00000092c0), 0x4ff, 0x0)
setsockopt$inet6_IPV6_RTHDR(r5, 0x29, 0x39, 0x0, 0x0)
sendmsg$nl_route(r0, 0x0, 0x20004080)

1m1.94753914s ago: executing program 0 (id=623):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
cachestat(0xffffffffffffffff, 0x0, 0x0, 0x0)

1m1.94727977s ago: executing program 0 (id=624):
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000080)='./file0\x00', 0xa00004, &(0x7f0000000100)={[{@anchor={'anchor', 0x3d, 0x2}}, {@shortad}, {@anchor={'anchor', 0x3d, 0x5}}, {@uid}, {}, {@utf8}, {@unhide}, {@iocharset={'iocharset', 0x3d, 'iso8859-13'}}, {@adinicb}, {@gid_forget}, {@lastblock={'lastblock', 0x3d, 0x5}}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@anchor={'anchor', 0x3d, 0x2}}]}, 0x1, 0xc4d, &(0x7f0000000f40)="$eJzs3U9sHNd9B/DfGy3FldxWTJwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQwWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xr546nTaZsOhh9AYAOCBuDz2tVNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+/LzQ+e7eak98wH199pn49WxKxcbL83enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvnZr8vr1hcaZ585u2nx74L3+J44PXBh65uTT3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORopnv/+z1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnz32Fq6mt/6UZ2HL1UDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/ijilUjx87dPxLV8n6nuNV+MeKXMH0a8WeaLEan8YpyLeHeb7xGPploU8efl9b+wliar+0H3vnLp642vzlyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcRnIsXL//ZH1bjiqMalH7sw9PsDv9w7ZvypD9lPWfa5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vv2wGwMAAAAAAAAAAAAAAAAAAPCxVsRPI8UL75xIy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIt6PFN/55lqKFBHNiIno5Er/w24dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFDqT0X8IFI0/qB5Z10tIlL1b8eJ8pdz0Txc5iejOVTmi9G8mLNVZa357YfQfnanLxXxk0jRX3/rzgXP17+v8+nO1yDe/NbGp8/WOnmou3Hgvf4njh+7MDTy+ad2Wk7bNWDwUnvm1u3G+PDIyFjP6lo++id71g3k4xZ703UiYuH1N15rTU9Pzd//QvkVuM/q3Su5i6M/yIVUe2SaamEvFqJ2IJrxcPq+Sf1h3JzYd+Xz/91I8dvv/Hv3gd95/tfjlzqf7jzh4xd/svH8f2Hrju7x+V/bWi8//8snwXbP/yd71r2QfzfSV4uoL96c6zseUV94/Y2T7ZutG1M3pmbOnTr1laGhr5w91Xc4on69PT3Vs7QnpwsAAAAAAAAAAAAAAADgwUlF/G6kaP1kLTUi4nY1XmvgwtAzJ58+FIeq8Vabxm2/OnblYuOl2Ztz81MLC1OTjfGZ9rXZyal7PVy9Gu41PjyyL535UEf2uf1H6i/Nzr0+377xh4vbbj9av3h1YXG+dW37zXEkiohm75rBqsHjwyNVo6fbrZmq6ui2g+k/ur5UxH9EimvnGukLeV0e/791hP+m8f9LW3e0h+P/P390Y/zfJ3qKlsdMqYhfRIrf+oun4gtVO4/GXecsl/ubSDF4/nO5XBwuy3Xb0HmvQGdkYFn2fyLFP7y/uWx3POSTG2VPf6ST+wgor/+xSPGDP/te/Hpet/n9D9tf/6Nbd7RP73/4VM+6o5veV7DrrpOv/8lI8eKTb8VvVGv+7wPf/9F9Y8OJTuGN93Ps0/X/1Z51A/m4v7lXnQcAAAAAAAAAAHiE9aUi/jZS/Giklp7P6+7l7/9Nbt3RPv39r0/3rJvcm/mKPnRh1ycVAAAAAA6IvlTETyPFjcW37oyh3jz+u2f85+9sjP8cTlu2Vn/O9yvVewP28s//eg3k407svtsAAAAAAAAAAAAAAAAAAABwoKRUxPN5PvWJajz/5I7zqa9Eipf/69lcLh0vy3XngR+ofq1fnp05eXF6erYei62r01ONsbnWtamy7qcixdpffy7XLar51bvzzXfmeN+Yi30+Uoz8XbdsZy727tzknfnA6+vrEafLsp+IFP/595vL5qmp89zR1X7PlGX/KlJ845+2L3t8o+zZsuz3IsWPv9Holj1alu2+H/XTG2WfuzZb7MNVAQAAAAAAAAAAAAAAAAAA4OOmLxXxp5Hiv28u3xnLn+f/7+v5WHnzWz3z/W9xu5rnf6Ca/3+n5fuZ/796r8DSTkcFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDHU4oi3ogUc5fX0kp/+bmjfqk9c+v2+PDI9tWOpKrmoap8+VM/febsuS8/P3S+mx9cf699Jl4du3Kx8dLszbn5qYWFqcnG+Ez72uzk1D3vYbf1txqsTkDj5mu3Jq9fX2icee7sps23B97rf+L4wIWhZ04+3S07PjwyMtZTptZ330e/S9ph/eEo4i8jxbPf/1n6UX9EEbs/Fx/y3dlvR6pODFadGB8eqToy3W7NLJYbR7snooho9FRqds/RA7gWu9KMWCqbXzZ4sOze2FxrvnV1eqox2ppfbC+2Z2dGU6e1ZX8aUcT5FLEcEav9d++uL4p4LVJ899ha+uf+iEPd8/Cly2NfO3Vm53YU+9jHe1C2s9EXsVw8AtfsAOuPIv4xUvz87RPxL/0Rtej8xBcjXinzhxFvRud6p/KLcS7i3W2+RzyaalHE/5bX/8Jaeru/vB907yuXvt746sz12Z6y3fvKI/98eJAO+L2pHkX8uLrjr6V/9d81AAAAAAAAAAAAAAAAwAFSxK9FihfeOZGq8cF3xhS3Z240rrSuTneG9XXH/nXHTK+vr683UiebOSdyLuVczrmSczVnFLl+zmaZ9fX1ifx5KedyzpWcqznjUK6fs5lzIudSzuWcKzlXc0Yt18/ZzDmRcynncs6VnKs544CM3QMAAAAAAAAAAAAAAAAAAB4vRfVPiu98cy2t93fml56ITq6YD/Sx9/8BAAD//9kg9g0=")
mkdir(&(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)

1m1.882261894s ago: executing program 0 (id=626):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000000c0)='./bus\x00')
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
getdents(r0, 0x0, 0x0)

1m1.78313344s ago: executing program 0 (id=628):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000004000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)

1m1.541221109s ago: executing program 0 (id=630):
syz_open_dev$video(&(0x7f0000000000), 0x7ff, 0x0)
r0 = openat$dsp1(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000100), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

1m1.502514574s ago: executing program 32 (id=630):
syz_open_dev$video(&(0x7f0000000000), 0x7ff, 0x0)
r0 = openat$dsp1(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000100), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

27.941733614s ago: executing program 1 (id=1038):
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x30c})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x0, 0x2})

27.941542397s ago: executing program 1 (id=1039):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000200)={0x28, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1c})

27.868496319s ago: executing program 1 (id=1040):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x45be76105b92cd9c, 0xc, &(0x7f0000000480)=ANY=[@ANYRESDEC=0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r0, &(0x7f0000000000), 0x10)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f00000000c0), 0xf00)
close(r0)

27.868361101s ago: executing program 1 (id=1041):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x42)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x28b501e, 0x0)
mount$bind(0x0, &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x84000, 0x0)

27.821797866s ago: executing program 1 (id=1042):
r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
write(r0, 0x0, 0x0)

27.631893819s ago: executing program 1 (id=1043):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
readv(r0, &(0x7f00000002c0)=[{&(0x7f0000000300)=""/76, 0x4c}], 0x1)

27.594393072s ago: executing program 33 (id=1043):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
readv(r0, &(0x7f00000002c0)=[{&(0x7f0000000300)=""/76, 0x4c}], 0x1)

13.261898891s ago: executing program 4 (id=1249):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000201b4510fc0428155d6d01020301090212000100000000090401"], 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

10.914928492s ago: executing program 4 (id=1275):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cgroup\x00')
read$FUSE(r0, &(0x7f0000006280)={0x2020}, 0x2020)

10.860627102s ago: executing program 4 (id=1276):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000003d0007010000000000000000037c000014003780100003007174722834a9197334"], 0x28}}, 0xc000)

10.860330781s ago: executing program 4 (id=1278):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000000580), 0x5, 0x504, &(0x7f0000002580)="$eJzs3c9rXFsdAPDvzCR5SZtn33uKvFfBFirUHzSTH0gTFcSVuiiIBTcKNSbTWDPphMykNqFgqrsuXIiiIC7c+xe4sStLQVwrbl1Ji9YIVSpcmTtz00kyk041mfHlfj4wnXvnTOd7ziTfkzPnnjs3gNy62PynEDEZEb+PiHOt3f1PuNi62312b6l5K0SSXP9rIX1ecz97avb/zkbETkSMR8RXvxjxrcLhuPWt7dXFarWy0d4vN9bWy/Wt7Su31hZXKiuV2zPzVxcW5qfnZheOra0PfvidB9d+/eWxXz3/wZNHP/rtb5rVmmyXdbbjOLWaPhpvdzw2EhGfO4lgQ1Bqt2di2BXhv9L8+X0wIi6l+X8uSulPsz8vTrRmwElLkiT5d/JGr+KdBDi1iukYuFCciojWdrE4NdUaw38ozhSrtXrjUzdrm7eXW2Plt2K0ePNWtTLd/qzwVowWmvsz6fbL/dkD+3MR6Rj4x6WJdH9qqVZdHmxXBxxw9kD+/6PUyn8gJ/r/yA+cNvIf8kv+Q37Jf8gv+Q/5Jf8hv+Q/5Jf8h/yS/5Bfnfmfncj15pDqAgzWUX//xwZYD2CgvnLtWvOWZOe/L9/Z2lyt3bmyXKmvTq1tLk0t1TbWp1ZqtZX0nJ21V71etVZbn/l0bN4tNyr1Rrm+tX1jrbZ5u3EjPa//RmV0IK0C+vH2hYd/LETEzmcm0lt0/MmXq3C6JUkhhn0OMjAcpWF3QMDQOPQH+fUan/F7fkkY8P7W5St694yf7Vn0+Vg/keoAA1A8qvDF48FVBBi4y+85/gd5Zf4f8sv8P+TXK8b4hgeQA0fN/0f7Wn5d9Tv///z16gOcvCPn/4FTbbLL9b+SJPnemx3X7pqOiA9ExB9Ko29k1/oCToPiXwrt8f/lcx+bPFg6VvhnOgcwFhHf/fn1n95dbDQ2ZpqP/23v8cbP2o/PDqP+QG/7Z/iyPM3yGADIr91n95ay2yDjPv1CaxHC4fgj7bnJ8XQEc2a3sG+tQuGY1i7s3I+Id7vFL7Svd9468nFmt3Qo/jvt+0LrJdL6jqTXTR9M/Pc64n+0I/75//ldgXx42Ox/prvlXzHN6djLv/39z+QxrY/O+r9szXVn/Kz/K/Xo/y70GePbv/h+t8O76WLvp/cjznftf7N442msg/GbdbvcZ/wn3/jah3uVJb9svU63+JnmVrmxtl6ub21fuZXVYv7qwsL89NzsQjmdoy5nM9WHffbd3z3qFb/Z/rYe7f/TofZPtOv0iT7b/6+PPP76xSPif/xS99+/d9L7A+9/kuzV4ZN9xv/77J+/2ausGX+5x/tf7BY/stKIuT7j13/yJecOA8D/kfrW9upitVrZ6LIx2rvIhg0bg94YiQEGfVXPsTOYDgo4MS+Tftg1AQAAAAAAAAAAAPrVa/Xvw2NcTjzsNgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnAb/CQAA//9AntRF")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x3, 0x0, &(0x7f0000000080))
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c})

10.777271408s ago: executing program 4 (id=1281):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$NL80211_CMD_GET_REG(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001100)={0x14, r1, 0xf09, 0x70bd26, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4004080}, 0x20008004)

10.586906713s ago: executing program 4 (id=1283):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_ACTIVATE(r0, 0x5603, 0x80000000)

10.453585026s ago: executing program 34 (id=1283):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_ACTIVATE(r0, 0x5603, 0x80000000)

948.760118ms ago: executing program 2 (id=1372):
r0 = syz_open_procfs(0x0, &(0x7f0000000780)='task\x00')
lseek(r0, 0x1, 0x0)
getdents64(r0, 0xffffffffffffffff, 0x18)

948.59581ms ago: executing program 2 (id=1373):
r0 = syz_open_dev$loop(&(0x7f0000000080), 0x10000, 0x400)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0))
r2 = syz_open_pts(r1, 0x101000)
r3 = dup3(r2, r1, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000540)={r3, 0xd551, {0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3, 0xd, 0x0, "a8897f3204a816e8cb44c4284fcce55b5c68a3c853df0bc9f2a40b3bf46c852af69a6e3df4fcd3d4bad1986d8bfce0405087fd4ccefaa7539314efa4ebe60d2a", "cc9827f496f4af597590578ec6f325bb454a7aa78369f86d036992f4697003243dbc4dbdf96600fd9088ed46acd3bf620e54dd862b526440f67a0f302c5d0bd1", "d6e21b99892dead7f86b3cc776d1b17ccc07845715d48aa05f5a2f0f89b546ab", [0x38000000000000, 0x8000000000000000]}})

891.243906ms ago: executing program 2 (id=1376):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000007c0)=ANY=[@ANYBLOB="40000000010205000000000000000000020000002c000280140001"], 0x40}}, 0x80)

890.869261ms ago: executing program 2 (id=1378):
r0 = syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x120c408, &(0x7f0000000140)={[{@compress_force}, {@clear_cache}, {@nodatasum}, {@treelog}, {}, {@nospace_cache}]}, 0x0, 0x51ab, &(0x7f0000005240)="$eJzs3V9oVFceB/Az+aPxDyY+xV32wX1YWcUFWRF2UdggGF2Whdn1YVnYrFlZxT+7JUgDwb5YS2lBxGCgthSKD33pS0mlUFqqBAsthYogVloUW0teWiiESsGXlpK590xmzvVmxlQbq5+PJHfO/d1z7pnhPsx3zLkTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIIRwcM3Kv+xaPb2urD7dP3bq6LLt507vP3ljaGjLlRAqtf2VvL5n+66/79+95689scPw37JtX1/ZkFnXz7PGkqads/2af/4TQuhOBujMtzs6G/pW0hOEI8UB53XgZv/o5u7BaxN3zmy8eP3QhuJTZ1bPYk9gseTX1fTctTRQ+92RHFFvN1x6laZLNOufXnA/yZMAAO7JpmptU387mr/FrbePpfWkPZC0x5N2fIcw3thYiGzcJWXzXJvWF2meA1lUWFo6z6Sev/71djXtn7STqHEP82w+NI80PWXzHEnqizVPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIfJqx9euvTcy+u3ldWn+8dOHV22/dzp/SdvDA1tuRJCX21/JStXlv+q8w+fLtt57fiRN36zr+ftk515v7jtajg4fBIf/LE3hL0Nlek47JerQqg2F2rN8FKxcLD24M+xAAAAwKPkF7XfHfV2Fge7m9qVWpqs1P5FWVg8cLN/dHP34LWJO2c2Xrx+aMPCx6uWjDdw1/Hq7b65n0pDMI7xNx1vrh4PPVIYZ37piGme/2zmyVsXJn7777L+hfzfN3/+j6+c/A8AAMCPIf+n48yvVf6/+s7zT3UN7n2vrH8h/69tOmUh/8cZx/zfERaW/wEAAOBh9qDz/0BhnPm1yv/fnZ86f/nb46+U9S/k/03t5f+uxmnHnR/FCR/uDWFTq6kDAAAAJeL/u899tBDzevbJQZrXO2ZGe6d6blwtG6+Q/wfay//d9/2ZAQAAAAv1v7F/Hb8wNn6zrF7I/9X28v/SBz5zAAAAoF37Tvz/3PoNIyvL6oX8P9xe/l+eb/OVD1mn9+NfIUz0htAz+2AkK3wQxv9ULwAAAAD3SczpX41u/f7jwel3y44r5P+R+e//H+90ENf/N93/r7D+v6GQ3fVvqxsDAAAA8DgqruePt8fPvrmg7Pv3213/f+uXO3b9d+c/vig7fyH/H2sv/3c2bu/n9/8BAADAAvzcvv/vn4Vx5tfq/v/fDN36et3hZwfL+hfy/3h7+T9uVzQ+van4+jzTG8Ka2Qf53QRfi6c7nBQmuxsK2Quf9Ngde+SFyaUNhZqRpMfve0P49eyDY0lhdSyMJ4WZVXnhbFK4HAv59VAvvJ4UpuKV9sKqfLpp4a1YyBdYTMYVFCvqSyKSHrfLeswW7trjev3kAAAAj5UYnvMs293cDGmUnay0OmB5qwM6Wh3Q2eqAruSA9MCy/WG4uRD3v7jtd7evPPHm06FEIf+fbS//x5diSbYpW/8f4vr//HsN6+v/h2OhLylMxkI1vWNANZ4jC7sn4jn6qnmPmTX1AgAAADzS4ucCnYs8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5g7/6D7KrqA4Cf/f0jm91FHAFJNYqA6ZDNJjFKK1MC1UFxpi4OdZw60UR2g9ssJCZhICnthEA7U5hUVKa1o0NDHUdpkUY6jlK1pEyBcaRTm7ZMxWhl/EFtaxnGSodSm87be8/d+87dm/dCdiFLP58/9p33vufnfT/2nXvvOxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/h38ZWPMb+1f89Py6+PfPuOHDewcuve+jWw8c3bRpw5EQJmYf78jCHYMrui785sBlj+3f+flzp/rvP9Cbl8vjYVnjT2d+55ai1uUhfLEjhO40sHooC/Tk94difSuGQjgtzAWKElODWYm04fDQQAgHw1ygqOr+gRCGSoErjzz4wIFG4o6BEM4NIfSlbXy7L2tjIA2c15sFBtPA9u4s8F/HMkXgS51ZAE5afDMUL/pDE80ZRucvV/P661mwjr240uF1xcRofb4fX7LInSrpTR+YOKmnrVIdi6Ly9jjs3bYE3m2V7Xy7p638RSr/hnJsLtQXOientm65bmZ3fKQzjI111dW0SM/z40/feNWJpJfM6zB2YHRBXofP3vme68+afMuNt24/54m177vg6Ml2s27zLra+kL/mlszzGG30ebIE3n6Vb0krfekKIfzcB7tv6vrtI5+qi1fm/6PHn//Hl3O87WzKHWt9bjibm8dHhmLiqeFsbg4AAABLxlLYa/qjs1/xe6s61zxeV19l/r+yveP/8ZB/PpnPRns4hI2ziZtHQjhz9vEscHds7gMjIbxmNjXRHLgkCRwO4azZxKqiqqREfyyxMgk8OZwHNiaBh2NgIgl8OgZuTwK3xMChJHBVDBxOApfGQJhuHsfPD+fjaDswEAObs414KJ6F8JPh2Fqyrb5VVAUAALBA8tlhT/Pd0rkOJ5shTi8PDbTKEM/Ars3Ql9SQzmCLaVVtDd2tauhsVUMx7n3HH36l5o5WNVdOw+hoznDpK/7w/BVfu+ELoUZl/j9+/Pl/3zwd6agc/w/hitm/MXdnHpkp4psnmjIAAAAAJ2HtG2a+9idnv+nNdfHK/H9je+f/x30iXaXM4dG4G2LbSAjjzYGs2jdXA9lR72V5AAAAAJaC4nh8cSx8Or/NTtFO59PV/BMnmD8e+N84b/5fCpOnb/vBUxvq+luZ/0+0d/7/YPNt1omHYy8+NhJCfynwSOxlIzBrZQx89+LmQD7+h+MGuC1WlZ+YUFR1WyyxOQbGk8DBuhLfKEqc2RzIn6yi8ZuLcUznJUoBAAAAeMHF3QHxuHw8///Ctd/70KaP7/1cXbnK/H/ziZ3/PzsPrpzeP7MshDXdIXSlPwx4dDBbGDAGhjryxFcHs7q60qpuGgzhosbA0qqeyNf/707XGDwykFUVA2e+9rNPn9dIfGoghDXlwGPvvWt2x8juJFA0/qsDIby6Mdq08S/0Z433pI3/QX8IryoFiqo+0B9Co7HetKoH+/LrGKRV/VlfCKeXAkVVb+wLYU8AYImK/0onyw/u2rN325aZmamdi5iI+/AHwtbpmamxq7bPTPbV9Gky6XPTMkY3VcfU2ebYj+ZLFN1z+dhIO+nid4Lj5b7k+/ErJw7m9+N3oZ7Zca7rabq7Ph3y68+pNpEO6cUY8mC5krknsVJ/zN8bloX+63ZN7Ry7Ycvu3TvXZn/bzb4u+xsPM2Xbam26rQbn61sbL492F0N/vtuq6TJXa3Zfs2PNrj17V09fs+Xqqaunrn3D+LrxdevHN7zpwjWNUY1nf1sM9fz5qk6Geuyu6hDavQbU8x3qK7tLlbwQnxoSEhJLLbHl4q/+5b1nfWJZ3cdPZf6/4/jz//ipEz/58/UZ6o7/j8bD/Nnjc4f5N8fAwXaP/4/WHc0vTgxYmQT2xcA+h/kBAAB4aYi7G+PezLhXuuem1WN//MlHnqwrV5n/72vv9/8LtP5/sXT95XXL/K+KJcbr1v9Pl/kv1v/fV7f+f7rMf7H+/8EXYf3/64pAskl+Yv1/AADgpeCFW/+/5fL+6QUCKhlaLu+fXiCgkqHlMv7tXiDghNf/f/tzr+u55iOvviXUqMz/b29v/m/hfgAAADh13HVkQ8eD//o/D9XFK/P/g+3N/1/49f9C3fn/K+sCE3ULA1r/DwAAgCWqbv2/9a/78ebP/WzFD+vKVeb/h9qb/8fTLjqbcsdanxvO1rQL6Zp2Tw0XPxkAAACApaEzjI21u6Jp08qolzz/Nh/PlwI9Xrrsr758zT8+8tb39tfVV5n/H25v/t/0u4xn73zP9WdNvuXG527dfs4Ta993wdG54/8AAADA4ml3vwQAAAAAAAAAAAAAAPDie3rv5Lv++ew7P1MXr/z+P1wx+3jd7//jdf/i7wte3pQ71tp6/b/8/pXvuHfP7JKFjw6HcE45sG3/ttNCfm3+88uBBzatOqOR2J+W+Mp3Lv1BI/H+NPC21S97ppG4KAlsjosknpUG4lUVn1meBOLyin+fBuL2OJQGevPA7y7PxtGRbqsfDWXbqiPdVo8PhTBSChTb6otDWRsd6QDvSALFAD+UBuIAfyUPdKa9undZ1qsYGIpF/2hZ1isAAE5Z8VtgT9g6PTM1Hr/Cx9tXdjffRk1Llt1UrbajzeaP5kuT3XP52Eg76a70u+jctcZ7Ql9jCGsrX1fLWTpmR7kwtbTYdC+vGXKr1d7a/XX2iW663voRDWQjGrtq+8xkT8uBr2+dZV13yyxrK5OdcpbO2U3aRi1t9KWNEbW5bdrocrzfGcbGupJcvxiDo6HJQr0iyuv81b0Kynn2Tb7xb75x7Nihuvoq8//R9ub/feVxPZNfDGBfvLLezSMhnNnmiAAAAIB2fevL/7Ru+yd+55709ort1956weCPLq4rV5n/r2xv/h93jOWHgrO9HYfj9f+L+f9oFrg7NveBkRBeM5uaiCWyC+pfHkuMZ4G74w6TVbHE5onmqvpj4FASeHI4DxxOAg/HQL6X4rMh35XzkeEQNsymrmgusSOWGE0C74yBlUlgLAbGk8DyGNiYBP59eR6YSAJfj4Ew3byt/ny5vSsAAMDzkM+zeprvhnSed6i7VYaOVhkGW2XobJWhr1WGulHE+/fFDD3JySsdpUw9aa0DSS2VDPFi+Cfcr0qG8I3mnGnBStPx/IPifIOO5gz/dtnrv33erlXtX/9/vL35/2Dzbdb6w3H+P3f9vyzwSOzex+Kp4ytj4LsXNwfyHQMPx8nubUVVE3mJfNJ+WyyxMQZWJoEdMbAxCWy+Ig8cPKM5kM+0i8ZvLhqfzkuUAgAAAPCCizsI4m6aOP//0/+++3MH/uHav64rV5n/b2xv/h/bW1Zu7Jai1uUhfLFjrjdFYPVQFoj7MYbiz+NXDIVwWmkHR1FiajAr0Zs0HB4ayH6h3ptWdf9AtsZAvH/lkQcfONBI3DEQwrmlvS9FG9/uy9oYSAPn9WaBwTSwvTsLxD0/ReBLnVkATlqxVzC+oPJTXQqj85eref29VK4Jmg6vsg90nnzz/eZqsfSlD+T7VAsn9rRVqmNRVN4eh73bluK7bdS7rfxFKv+Gcmwu1Bc6J6e2brluZnd8pPxL1opFep7Lv1JtJ70Ar8N9z7+3rfWlHRhPPj7G5y83/+uwI1b37J3vuf6sybfceOv2c55Y+74LjrbdjRrxh8Lv/uTLRsubd7H1hfw1t+Q+TyZ8nizFfwMrPW2NGexTv//V//jp4z+ri1fm/xPtzf+7k9tZz8aNuWskhNeXNu6jcfP/8kj2OVgKZJ+Sp1cD2SH37w3XfnICAADAQit2dxT7C6bz2+yE8HSeXM0/cYL54/6KjfPmb7ffW29+aP8P/+6Or9TFK/P/zcef//cn3XT83/F/Fonj//M61XdF96cP7DupXdGV6lgUjv/P61R/tzn+Py/H/x3/n4/j/y04/j+vU/1pq3xL2uFLVwjh6++/8+33bP+18+rilfn/jvbm/9b/m3/RvmL9v8116//tqFv/b5/1/wAAgEVVs9BcOs+rrN5XyZCu3lfJ0HKBwJZLDFr/74TX/3vrO//3+mOvuGRnqFGZ/+9rb/4fXw7Lyq0vlfX/Vl5RU9XtMbDDwoAAAACciup2EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDievcvPLl8029eOF0X//4ZN3x478Cl931064GjmzZtOBJClrUjC3cMrui68JsDlz22f+fnz53qv/9AX16uJ789uyl3rPW54RAOlh4Ziomnhht35gJXvuPePd2NxKPDIZxTDmzbv+20RuLTwyGcXw48sGnVGY3E/rTEV75z6Q8aifengbetftkzjcRFeaAj7e4nl2fd7Ui7e2B5CCOlQNHdX1/eXFXRxmV5oDNt4zNDWRsxMBSLfnwoayMGZmKJ6f4Q1nSH0JVW9bW+rKqutKq/6Muq6kqr+q2+EC4KIXSnVX2nN6uqOx353/ZmVcXAma/97NPnNRIHe0NYUw489t67NjQSH0oCRePv6g3h1Y2XTNr4fT1Z4z1p43f0hPCqEEJvWuI/u7MSvWmJJ7pDOL0UKBr/YHcIewIvCfHDZ7L84K49e7dtmZmZ2rmIid68rYGwdXpmauyq7TOTfUmf6nSU0sduOn78eI4+feNVjdt7Lh8baSfdnZfrme3yup6mu+sXqvftOtHex34NliuZez4q9cf8vWFZ6L9u19TOsRu27N69c232t93s67K/XXk021ZrF2pbdbYoHz3fbXV+uZI1u6/ZsWbXnr2rp6/ZcvXU1VPXvmF83fi69eMb3nThmsaoxrO/CzHUu44fX4yhvrK7VMkL8QEgISGx1BKdTZ9u46f6P73KF/25jvaEvtkP6Mq0opylY3aUCzHoS6rxrkUadGVKUhnR2srEoZJlXess6yuTibksA1mW2e91lclhuabO2U0a73eGsbHazTLafLe8eX88z+Zt1+P5pms3DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/B87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAsAAAAACPO3DqNnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBSAAAA//+3Rsqd")
capset(&(0x7f0000004900)={0x19980330}, &(0x7f0000004940)={0x0, 0x1fc, 0x4})
ioctl$BTRFS_IOC_BALANCE_V2(r0, 0x40089413, 0x0)

841.174448ms ago: executing program 5 (id=1381):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="48000000100021fdfffffffffadbdf2500000000", @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b00010067726574617000000c00028008000700000000000a000100aa"], 0x48}}, 0x0)

761.170821ms ago: executing program 5 (id=1383):
syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0xc2, &(0x7f00000003c0)={[{@fat=@nfs}, {@fat=@errors_continue}, {@dots}, {@fat=@dos1xfloppy}, {@nodots}, {@dots}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x92}}, {@nodots}, {}, {@nodots}, {@dots}]}, 0xfe, 0x25f, &(0x7f0000000140)="$eJzs3cFqE0EYB/AvTZqsBbVn8bDgxZOobxCkghAQqrkbaL20Imwv0VMeQ/ANfByPPkZPvUXaXVy7LSIl6WS7vx+E/dj/DjuTQCaHmeyHx5+ODj6ffFz++hZZlscgYhFnEbuxFf0o9arj1kU9jGHUFgEAtM3+/mycug+sUO/qqaIYz7YjYnQlm/64pV4BAAAAAAAAAACwYjdZ//836/8BoH2s/7/7imI826l+v11m/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQztly+XD5j1fq/gEAq2f+B4DuMf8DQPeY/wGge949qIo8zyJOF/PpfFoey9Ov30z2nucXdutWp/P5dLuqJ3svyjxv5jtV+5fX5sN4+qTMz7NXbyeNfBQH6xw4AAAAAAAAAAAAAAAAAAAAbJBn+R+N/f39Mj+/YBTX5FnE90v/D9DYvz+IR4PbHAkAAAAAAAAAAAAAAAAAAAC018mXr0ez4+PDorPFz35EsrtHr/wYUr8JjeJe3KBVtmmjaFHRj4jDUQxivfd6f///L079zQQAAAAAAAAAAAAAAAAAAN1Tb/pN3RMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAASKd+/v/6itRjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrhdwAAAP//UhGHcQ==")
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000040)=0x1b3a, 0x4)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)

701.641715ms ago: executing program 5 (id=1385):
r0 = socket$inet6(0xa, 0x805, 0x0)
getsockopt$bt_hci(r0, 0x84, 0x85, &(0x7f0000002100)=""/4051, &(0x7f00000010c0)=0xfd3)

701.540708ms ago: executing program 5 (id=1386):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="140100001f0001170000000000000000010100800c0001"], 0x114}], 0x1}, 0x0)

631.481233ms ago: executing program 5 (id=1387):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a09040000000000000000020000000900010073797a30000000000900020073797a320000000020000000080a05000000000000000000020000000900010073797a300000000020000000000a010300000000000000000a0000000900010073797a300000000014000000110001"], 0x94}}, 0x4000010)

631.262257ms ago: executing program 5 (id=1388):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x400, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1ff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = creat(&(0x7f0000000380)='./file0\x00', 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
socket$alg(0x26, 0x5, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002000)=""/102400, 0x19000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newnexthop={0x38, 0x68, 0x1, 0x100003, 0x7ffffffd, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x15}]}, @NHA_RES_GROUP={0xc, 0xc, 0x0, 0x1, [@NHA_RES_GROUP_UNBALANCED_TIMER={0x8, 0x3, 0x4}]}, @NHA_GROUP_TYPE={0x6, 0x3, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080)
ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r1, 0x7a9, &(0x7f0000000280)={{@hyper, 0x9}, 0x6, 0x6, 0x5, 0x100000001, 0x7, 0x81, 0x4, 0x2})
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r5=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r3, &(0x7f0000004340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="310300000000000000000800000008000300", @ANYRES32=r5, @ANYBLOB="040006"], 0x24}, 0x1, 0x0, 0x0, 0x4804}, 0x0)

571.734561ms ago: executing program 2 (id=1390):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x8, &(0x7f0000000000)=0xf, 0x4)
getsockopt$inet6_buf(r0, 0x29, 0x6, 0xffffffffffffffff, &(0x7f00000001c0)=0xa4)

440.92423ms ago: executing program 3 (id=1392):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x200000b, 0x204031, 0xffffffffffffffff, 0xffffd000)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x800)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)

370.405049ms ago: executing program 3 (id=1393):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7fff0000}]})

319.8864ms ago: executing program 3 (id=1394):
accept$alg(0xffffffffffffffff, 0x0, 0x0)
mprotect(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000047c0)=[{{0x0, 0x0, &(0x7f0000002ac0)=[{&(0x7f0000000340)=""/1, 0x1}], 0x1}, 0xe75}], 0x3aa0, 0x60002000, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r1)

319.645733ms ago: executing program 2 (id=1395):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x4000, &(0x7f0000000040)=ANY=[], 0xff, 0x60c0, &(0x7f000000d800)="$eJzs3U1vHVf9B/DfffC147RpVP1V5R+xcFMeWkrznEB5asqCBSxAQl2TyHWrlBRQEhCtIuLKC8QGeAmw6YZFJV4BL6CvASGxJVLSVReUQWOf44xvrn3tJp659vl8pJuZ35w7vmfyveOZ65m5EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/OD7PznXi4irv04Tjkc8FYOIfsSRul6KeuRKfv4wIk7EenM8FxGD+Yh6/vV/nom4GBEfH4u4/+DOcj35/C77cens7Zuf/fB7//jdH9dOvPPmTz8cb//x/1346Pd3I47/6NWPPrv7ZJYdAAAASlFVVdVLH/NPps/3/a47BQC0Im//qyRPV6vVavUTrf/Q38vznzradX/Vh7Ruqia72ywiYrU5T73P4HA8ABwwq/Fp112gQ/Iv2jAijnbdCWCm9bruAPvi/oM7y72Ub6+5PVjaaM9/p9yS/2pv8/qO7YbTjJ9j0tb7ay0G8ew2/TnSUh9mSc6/P57/1Y32UXrefufflu3yH21c+lScnP9gPP8xW/L/U0Qc2Pz7E/MvVc5/uJf8VwcHeP2XPwAAAAAAh1/++//xjo//zj/+ouzKTsd/l1rqAwAAAAAAAAA8aY97/79N7v8HAAAAM6v+rF7787GH07b7LrZ6+hu9iKfHng8UZqnx5YAAAAAAAAAAAAAAQDuGEYvpvP65iHh6cbGqqvrRNF7v1ePOf9CVvvxQsq5/yQMAwIaPj41dy9+LWIiIN9J3/c0tLi5W1VxELFZH5vP+7Gh+oTrS+Fybh/W0+dEudoiHo6r+YQuN+ZqmfV6e1j7+8+rXGlWDXXSsHR0GDgARsbE1um+LdMhU1TPR9V4OB4P1//Cx/rMbXb9PAQAAgP1XVVXVS1/nfTId8+933SkAoBV5+z9+XECtVquLqT/ZmDgz/VGr97Fuqia72ywiYrU5T73P4Hb8AHDArManXXeBDsm/aMOIONF1J4CZ1uu6A+yL+w/uLPdSvr3m9mBpoz2fC7Il/9Xe+nx5/knDacbPMWnr/bUWg3h2m/4811IfZknOvz+e/9WN9nyL/818FvYn/7Zsl3+9nMc76E/Xcv6D8fzH7Pf635a16E/Mv1Q5/+Ge8h/IHwAAAAAAZlj++/9xx3/zIgMAAAAAAADAgXP/wZ3lfN1rPv7/hQnP6zXHXP95aOT8e7vO3/W/h0nOvz+e/9gJOYPG+L3XH+b/yYM7yx/e/vf/5+HM5z83GNWvPdfrD4bpnJ9q7q24HjdiJc4+8vzhlvZzj7TPbWk/P6X9wiPto7r9SG4/Hcvxi7gRb262z085MWphSns1pT3nP7D+FynnP2w86vwXU3tvbFi790H/kfW+OZz0Olf++p8vP7p2tWG4pVqLweayNRyr/znVWp8eWv8/OTqKX91auXn6N9du3755LtJgy9TzkQZPWM5/Lj1y/i++sNGef+8319d7H4z2nP+sWIvhpPzX398vNMbr5X2p5b51Iec/So+cf94CTV7/D3L+E9f/9eV7uYP+AAAAAAAAAAAAAAAAwE6qqlq/RPRKRFxO1/90dW0mANCuvP2vkjxdre6g/tffZqs/arVavbXuzVh/PkfdVE32WrOIiL8356n3GX476YcBALPsvxHxz647QWfkX7D8fX/18ItddwZo1a333v/ZtRs3Vm7e6ronAAAAAAAAAMDnle//udS4//P6eUBj943ecv/X12PpwN7/sz8arN/rPC3Q87Hz/b9Pxc73/x5Oeb25Ke2jKe3zU9oXprRPvNCjIef/fMo4538yLVhJ9399sYP+dC3nfyrd6znn/5Wx5zXzr/5ykPPvb8n/zO13f3nm1nvvv3L93Wtvr7y98vNzZy9fvHDp4oVLl868df3GytmNfzvs8f7K+ed7XzsPtCw5/5y5/MuS8/9SquVflpT/5m6o/MuS1/+8vyf/suT882cf+Zcl5/9SquVflpz/V1Mt/7Lk/F9OtfzLkvP/WqrlX5ac/yupln9Zcv6nUy3/suT8z6Ra/mXJ+ecjXPIvS84/n9kg/7Lk/M+nWv5lyflfSLX8y5Lzv5hq+Zcl538p1fIvS87/cqrlX5ac/9dTLf+y5Py/kWr5lyXn/2qq5V+WnP83Uy3/suT8v5Vq+Zcl5//tVO+U/zst9ot25Py/k2rrf1ly/t9NtfzLkvN/LdXyL8vD7/83sueRxdnoRpsjVRUxA90wsu8jXf9mAgAAAAAAAAAAAADGtXE6cdfLCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRX27jVGrrO+H/izV6+TQPwnIYQQiO1cMGST3fUtMcFgrv809JIGQksLdYy9dgy+1buGBKFmaWgLAqmR2hf0RSkgQEhtlahCKpUoilSk9k1VXhVFlVArIdWVoDIRVKICtjpznufZmdnZmV3vrj1zzueD4p+9M2fmmTNnZve76DsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABotuNts380FEIo/mv8sS2E64q/bw2Hin8u7L/aKwQAAADW6+eNP//q+vyFQ6vYqOk6//iaf/n64uLiYvjgixd/8SeLi/mC7SGMbAmhcVnyTz/9yWLzdaKnw8TQcNO/h3vc/UiPy0d7XD7W4/LxHpdv6XH5RI/Ll+2AZbaWv49p3Ngdjb9uK3dpuDGMNS67o8NWTw9tGR5Ov8tpGGpsszh2PJwMp8JsmF62zVDjfyF8c0dxXw+GdF/DTfd1awjh0o8+fjStYSju4ztCy501ND93P3xL2P7ijz5+9KvzP3hlp9lzNyxbaQi7dhbr/GQIS7+uCkNhS94naZ3DTeu8tcM6R1rWOdTYrvh7+zovrXKd6XFPxHV+p8s6b41fe+L2EMJCWPE67Z4Ow+GatnvN+3uiPCKK2yieypeF0TUdJztWcZwU23z/9tbjpP2YTPt/R9wnoyusofnp+OEnxpft98s9TopH3Q/HanHbDxd3OjHR/KvVlmO1uM7H71z5GOj43HU4BvKx3HQM7Ox1DAyPjzSOgeGlNe9sOQZmlm0zHIYa93Xxzu7HwNT86XNTc09+7J6Tp4+cmD0xe2Zmev/ePfv27tm3b+r4yVOz0+Wfa9ulA+SaMJyPwZ3xvSYdg69tu27zIbn4xY17HUz0yeugeOzvuatY0HXDYYVjvLjOJ3et/3WQv+83vQ5Gm14HHd9TO7wORlfxOiiuc2nX6r5njjb912kNm/VeuK3pGLia3w+L+3z/61Z+L7w1rutTr1/r98ORZcdAelhD8bVXfCX/vDdxf9wvy4+LW4oLrh0PF+Zmz9/7xJH5+fMzIY4r4oam56r9eLmm6TGFZcfL8JqPl0N/+bO7bunw9W1xX03cvfRcjXd4Horr7J3s/lw13t0778+Wr+4OcWywK70/O303K/ZnzhJdjv3iOp+8Z/0/C+Zc0vT+N9br/W9kbLR8/xvJe2Os5f1v+VMz0lhZCJfuWd3731j870q//93YJ+9/xb56/73dj4HiOp+aWusxMNr1/e/2OIfiel4XE8NEU+7/RePyhfIwbXouex43o6Nj8bgZTffYetzsWbZNcWvFfe+avrzjZtftrc9Vy88tFTxuin31p9Pdj5viOs/PrP+9Y2v6a9N7x3ivY2BsZLxY71g+CMr3u8Wt6Ri4NxwNZ8OpcCxvUzzLxX1N7l7dMTAe/7vS7x0398kxUOyrz+3ufgwU1/n2no392WlX/Eq+TtPPTu2/X1gp898yunR77bttozN/sc637+3+u6HiOj/Yu9ac0X0/3R2/cm2H/dT++lnpmD4Wrsx+ujmu89S+7r+bKq5z4/5VHk+HQggvzLzQ+H1X/P3u31z416+3/N630++UX5h54aGpR767lvUDAHD5ftH4c2G8/Fmz6f+xXs3//w8AAAAMhJT7h+PM5H8AAACojJT7R+LM5H8AAACojJT7R+PMapL/H7//wLM/fyrkTwNcjNLlaTc8/KbyeqnjvRD/vX1xSfH1t3557NlPP7W6+x4OIfzsoVd1vP7jb0rrKp1L63xD69eXufm2Vd3/Y48uXa/58xMuHShvPz2e1R4Gqav8zandjdvd/uRMYz7/UGjMRxY+9XR5++W/0/Uv7imv/+fxQ0sOHR9q2X5XXM8dcW6Pnynz8KGl/VDMtN2zt77mH25479L9pe2Gdr608TA/93vl7abPiHrmhvL66XGvtP6//8zXni2u/8Sdndf/1HDn9V+Mt/v9OH96sLx+8z7/dNP6/yCuP91f2u7eL32r4/qfe0V5/eficfGFONvX/5Y/fvXPOz1f6X4OPVBul+5/+n/2NrZLt5duv339E0/NtOyP9tt//sXydg5+5McjzddPX0/3kzz2QOvxPRSf35YeeQjha38YWvZzeGO53d+1rT/d3rkHOq//7rZ1nhu6rbH90uPZ1vK4Pv+V3R0fb1rPob/e1vJ4nnlH3H8vTn27uN2Lj8TjMV7+v98pb6/9s0yfe0fr+026/he2la/bdHtTbet/pm39C7cV+673+h98sVz/c2/e0rL+Q++Mx9OD5ey1/hN/cX3L9l/8avl8nP/o5JmzcxdOHosPZlvb63jLxNZrrr3uJS+9Pr6Xtv/78Nn5x2fPb5/ePh3C9gH8yMDNXv+X4vzvcixs/D2Uvvvj8rj77LvK71uv/Un572fi1x+Lz2f6/vj5PxtrOV7bn/eFN5dzvet/fVzHar3iM/9xW4cv/+eyz/y9+IFvXvjb3/9B+88F6fGce/lE4/F9bsdNjcuGni8vb3+/6uXfX976uv7e6HRjfiPu18X4ycw7byrvr/3202eTfPbd5es3/SSXtg9tnyeybaT1cax3/d+LP8d86+bW9790fHzjqbZPc94WhoolLMT3h7BQXp6ulfb3Zy/d1PH+0ufwhIVXrmWZK5p7cm7q1MkzF56Ymp+dm5+ae/Jjh0+fvXBm/nDjs0sPf6jX9kuv72sar+9js/v3hsar/Ww5NtnVXv+5R48eu2/6rmOzx49cOD7/6LnZ8yeOzs0dnT02d9eR48dnP9pr+5PHDs7sPrDnvt2TJ04eO3j/gQN7DkyePHO2WEa5qB72T3948sz5w41N5g7uPTCzb9/e6cnTZ4/NHrxvenryQq/tG9+bJoutPzJ5fvbUkfmTp2cn505+bPbgzIH9+3f3/PTH0+eOz22fOn/hzNSFudnzU+Vj2T7f+HLxva/X9tTD3Nn4ftdmKP50/r679+fPxy18+RMr3lR5ldYfT8MP42dBpe9vvf6dcv9YnFlN8j8AAADUQcr98YP/ly6Q/wEAAKAyUu7fEmcm/wMAAEBlpNw/EWdWk/yv/6//r/+v/6//fwX7/0H/f6Pp/29I/385/f9V0f/X/9f/1/+nu37r/6fcvzWEWuZ/AAAAqIOU+6+JM5P/AQAAoDJS7r82zkz+BwAAgMpIuf+6OLN65P+x9r/q/+v/6/839//TdfX/g/6//v9l0v/X/+9G/1//f5DX34f9/636//Sbfuv/p9z/kjizeuR/AAAAqIWU+18aZyb/AwAAQGWk3H99nJn8DwAAAJWRcv+2OLOa5P8NPP//Z+JF+v/6/4Pe/z+djmPn/9f/1/9fP/1//f9u9P/1/wd5/X3Y/3f+f/pOv/X/U+7/f3FmNcn/AAAAUAcp978szkz+BwAAgMpIuf+GODP5HwAAACoj5f4b48xqkv83sP/v/P/6/1Xp/zed/1//v5n+v/7/5dD/1//vRv9f/3/j1z8Uf0zQ/++1vf4/V0K/9f9T7n95nFlN8j8AAADUQcr9N8WZyf8AAABQGSn3vyLOTP4HAACAyki5/+Y4s5rkf/1//X/9f/1//X/9/82k/6//343+v/7/IK9f/1//n976rf+fcv8r48xqkv8BAACgDlLuvyXOTP4HAACAyki5/1VxZvI/AAAAVEbK/bfGmdUk/+v/91X//8mg/7+8/z+s/6//X1pr/79hoff69f8312D1/4dXvET/v6T/30r/X/9f/1//n+76rf+fcv+r48xqkv8BAACgDlLuf02cmfwPAAAAlZFy/21xZvI/AAAAVEbK/dvjzGqS//X/+6r/7/z/zv+v/+/8/0v9//kh/f9VcP5//f+g/3/ZrnZ/ftDXr/+v/09v/db/T7l/R5xZTfI/AAAA1EHK/TvjzOR/AAAAqIyU+2+PM5P/AQAAoDJS7r8jzqwm+V///zL7/1tb/6n/33n9+v/6//r/zv+v/6//343+v/7/IK9f/391/f/xXjdEpfVb/z/l/jvjzGqS/wEAAKAOUu6/K85M/gcAAIDKSLn/tXFm8j8AAABURsr9u+LMapL/9f+d/1//X/9f/1//fzPp/6+6/7/1cta1Kf3/9Car/9+T/r/+/6D0/yc6bO/8/1wJ/db/T7n/dXFmNcn/AAAAUAcp978+zkz+BwAAgMpIuf/uODP5HwAAACoj5f7JOLOa5H/9f/1//X/9f/1//f/NVNX+f34fdf5//X/9f/3/Te7/f2WF7Qfl/P/UW7/1/1PuvyfOrCb5HwAAAOog5f5748zkfwAAAKiMlPun4szkfwAAAKiMlPun48xqkv+r3/9vbxaX9P9L+v/6/0H/X/9/k1W1/99+/v8Qgv6//n+m/6//32/n/+9E/58rYf39//G8SePPdfb/U+6fiTOrSf4HAACAOki5f3ecmfwPAAAAlZFy/544M/kfAAAAKiPl/r1xZjXJ/9Xv/3em/1/S/9f/D/r/+v+brC79f+f/Ly/X/y/p/+v/6//r/9fRcIevrb//v7RJ48919v9T7t8XZ1aT/A8AAAB1kHL//jgz+R8AAAAqI+X+++LM5H8AAACojJT7748zq0n+1//X/9f/1//v3/5/6/1vXv//v/T/N5H+v/5/N/r/+v+DvH79f/1/etvY/v/16+7/p9x/IM6sJvkfAAAA6iDl/jfEmcn/AAAAUBkp9z8QZyb/AwAAwEDpdB7CJOX+N8aZ1ST/6/9Xvf+/uEX/X/9/cPv/rfvT+f/1/zuJb5/6/6tUr/7/1mX3p//f6mr35wd9/fr/+v/0trH9/2U/nq65/59y/8E4s5rkfwAAAKiDlPvfFGcm/wMAAEBlpNz/5jgz+R8AAAAqI+X+Q3FmNcn/+v9V7//33/n/h8Lg9v9H9f/1//X/18z5//X/u3H+/8Hs/6fP3dD/75/+f3EM6f/Tj/qt/59y/1vizGqS/wEAAKAOUu5/a5yZ/A8AAACVkXL/2+LM5H8AAACojJT73x5nVpP8r/+v/+/8/87/r/+v/7+Z9P/1/7vR/x/M/n+i/98//X/n/6df9Vv/P+X+d8SZ1ST/AwAAQB2k3P/OODP5HwAAACoj5f7/H2cm/wMAAEBlpNz/YJxZTfJ/hfr/Y3Hq/+v/6//r/zfo//cH/X/9/270//X/B3n9+v/6//TWb/3/lPt/Kc6sJvkfAAAA6iDl/ofizOR/AAAAqIyU+98VZyb/AwAAQGWk3P/LcWY1yf8V6v+X+vT8/8P59vX/9f/1//X/9f830oD2/yf0/0v6//r/g7x+/X/9f3rrt/5/yv2/EmdWk/wPAAAAdZBy/6/Gmcn/AAAAUBkp9/9anJn8DwAAAJWRcv/DcWY1yf/6/87/r/+v/9+3/f/R1v2p/6//38mA9v+d/z/S/9f/H+T16//r/9Nbv/X/U+7/9TizmuR/AAAAqIOU+x+JM5P/AQAAoDJS7n93nJn8DwAAAJWRcv974sxqkv/1//X/9f/1//u2/9+2P/X/+7X//29dL9X/1//vRv9f/3+Q16//r/9Pb/3W/0+5/9E4s5rkfwAAAKiDlPvfG2cm/wMAAEBlpNz/G3Fm8j8AAABURsr9vxlnNpj5f3itG+j/6//r/+v/r7r/vxBC0P/X/18j/f/l/f/iPexq9v/HV3NF/f9V0f/X/9f/1/+nu37r/6fc/744s8HM/wAAAEAHKff/VpyZ/A8AAACVkXL/b8eZyf8AAABQGSn3vz/OrCb5X/9f/1//X//f+f/1/zeT/n+9zv8/HvT/g/6//r/+v/4/Wb/1/1Pu/0CcWU3yPwAAANRByv2/E2cm/wMAAEBlpNx/OM5M/gcAAIDKSLn/sTizmuR//f+r1P/fWl5f/1//vzr9/0X9f/3/jvT/69X/d/7/kv6//r/+v/4/pX7r/6fcfyTOrCb5HwAAAOog5f4PxpnJ/wAAAFAZKfcfjTOT/wEAAKAyUu4/FmdWk/yv/+/8//r/+v/O/6//v5n0//X/u9H/1/8f5PXr/+v/01u/9f9T7p+NM6tJ/gcAAIA6SLn/eJyZ/A8AAACVkXL/iTgz+R8AAAAqI+X+x+PMapL/9f/1/1fV/x8L+v/6//r/+v+XRf9f/78b/X/9/0Fev/6//j+9bVz//583pP+fcv/JOLOa5H8AAACog5T7PxRnJv8DAABAZaTc/+E4M/kfAAAAKiPl/lNxZjXJ//r/+v/O/1/B/v+o/n/Q/+8b+v/6/93o/+v/D/L69f/1/+ltKGxU/z9sSP8/5f7TcWY1yf8AAABQByn3n4kzk/8BAACgMlLuPxtnJv8DAABAZaTcfy7OrCb5X/9f/1//v4L9f+f/b9D/7w/6//r/3ej/6/8P8vr1//X/6W3jzv+/Mf3/lPt/N86sJvkfAAAA6iDl/v9j7z6a5LyrPY63riWPVK5bd3X3vAV27OAd+DWwYUuRc44GTE4m55yTiSbnnIPJORlMBkOVKWvOOfZIPd2t0fT08/zP57PgMGaseayhxvUr1beee8ct9j8AAAAMI3f/feIW+x8AAACGkbv/vnFLk/2v/9f/6//1//p//f826f/1/6vo/+fT/59Z8vfr//X/+n/WmVr/n7v/fnFLk/0PAAAAHeTuv3/cYv8DAADAMHL3PyBusf8BAABgGLn7Hxi3NNn/+n/9v/5/Mv3/fuen/9f/6/8vif5f/7/Ydf9/Lj4YvP9fRv+v/9f/s87U+v/c/Q+KW5rsfwAAAOggd/+D4xb7HwAAAIaRu/8hcYv9DwAAAMPI3f/QuKXJ/tf/6//H7f/35tb/e/9/fl9H7P9P3f5l9f/HS/+v/1/suv9v8v7/ZfT/+n/9P+tMrf/P3f+wuKXJ/gcAAIAOcvc/PG6x/wEAAGAYufsfEbfY/wAAADCM3P2PjFua7H/9v/5/3P5/du//1//n93WI/v9c/Tre/6//1/8fTv+v/5/z8+v/9f+sN7X+P3f/o+KWJvsfAAAAOsjd/+i4xf4HAACAYeTuf0zcYv8DAADAMHL3PzZuabL/9f/6f/2//l//fwLv/9f/6//1/0vp//X/c35+/b/+n/Wm1v/n7n9c3NJk/wMAAEAHufsfH7fY/wAAADCM3P1PiFvsfwAAABhG7v4nxi1N9v+l9f+n9P+H0P8vf379v/5f/6//1//r/1fR/+v/5/z8+n/9P+ttvf+/+przd9P+P3f/NXFLk/0PAAAAHeTuf1LcYv8DAADAMHL3Pzlusf8BAABgGLn7nxK3NNn/S/r/KxYzfv//2c2+tP4/vv7B/v/WU/p//f80+/9b4qeM/l//f7F59/9n9f876//39P8r+/nNfif0//p//T/rbL3/X9P7X/hx7v5r45Ym+x8AAAA6yN3/1LjF/gcAAIBh5O5/Wtxi/wMAAMAwcvc/PW5psv8v7f3/0+//vf9/t+//z193C/3/mWXPr//v0v/v8/5//f8y8+7/vf9/i/3/PfI30/v/D7frfn7uz7+q/7/rBs+v/6eDqfX/ufufEbc02f8AAADQQe7+Z8Yt9j8AAAAMI3f/s+IW+x8AAACGkbv/2XFLg/1/Wv9fz5H0/97/v1H/f27/79f/H3we/b/+fxn9v/5/ld29/1//v5hAPz/35/f+//X9/1XrfhGGN7X+P3f/c+KWBvsfAAAAusjd/9y4xf4HAACAYeTuf17cYv8DAADAMHL3Pz9uabL/9f/6f/2/9/9fVv9/xTb6/9NLfz/1//r/ZfT/+v+F/v/Idt3Pz/359f/e/896U+v/c/dfF7fU8Dt9hH9KAAAAYEpy978gbmny5/8AAADQQe7+F8Yt9j8AAAAMI3f/i+KWJvtf/6//1//r/73/X/+/Tfr/4fr/U/r/2+n/9f/6f/0/q02t/8/d/+K4pcn+BwAAgA5y978kbrH/AQAAYBi5+18at9j/AAAAMIzc/S+LW5rsf/2//l//r//X/+v/t0n/P1z/7/3/d6D/1//r//X/rDa1/j93/8vjlib7HwAAADrI3f+KuMX+BwAAgGHk7n9l3GL/AwAAwDBy978qbpnd/r+woN2M/l//r//X/+v/9f/bNP3+/8xGn6X/36f/P2hb/f/ZQ76e/n9az388/X9+9/X/jGkC/f/d7vhx7v5Xxy2z2/8AAADAYXL3vyZusf8BAABgGLn7Xxu32P8AAAAwjNz9r4tbmuz/w/r/m6/a/9/X9P/5G6b/j6v/1/8v9P9F/6//X8yi/9+M/n+f/v8g7//X/3v/v/6f1SbQ/x/4OHf/6+OWJvsfAAAAOsjd/4a4xf4HAACAYeTuf2PcYv8DAADAMHL3vyluabL/vf9f/6//1//r//X/26T/1/+vMqP+f2/ZX9T/6//1//p/Vpta/5+7/81xS5P9DwAAAB3k7n9L3GL/AwAAwDBy9781brH/AQAAYBi5+98WtzTZ//p//f/O+///GbL/P/+I+n/9v/5f/6//X21G/f9S+n/9v/5f/89qU+v/c/e/PW5psv8BAACgg9z974hb7H8AAAAYRu7+d8Yt9j8AAAAMI3f/u+KWJvtf/6//33n/7/3/Rf8f31f9v/7/Euj/9f8L/f+R7bqfn/vz6//1/6w3tf4/d/+745Ym+x8AAAA6yN3/nrjF/gcAAIBh5O6/Pm6x/wEAAGAYufvfG7c02f/6f/2//l//r//X/2+T/l//v8rJ9v/X3qz/P2jX/fzcn1//r/9nvan1/7n73xe3NNn/AAAA0EHu/vfHLfY/AAAADCN3/wfiFvsfAAAAhpG7/4NxS5P9r/+fe/9/95viCabW/+en6P/1/yv7/73FxfT/+v9Lof/X/y+28v7/C39SLKf/1//r//X/rHZi/f89r77XXW77L2v6/9z9H4pbmux/AAAA6CB3/w1xi/0PAAAAw8jd/+G4xf4HAACAYeTu/0jc0mT/9+j/z1z0aeP0/97/r/+fdP+fP1S9/1//r//X/y813f5/M/p//b/+X//PalN7/3/u/o/GLU32PwAAAHSQu/9jcYv9DwAAAMPI3f/xuMX+BwAAgGHk7v9E3NJk//fo/y+m/9937P3/rf+n/9f/l03e/6//1/9fLv2//n+h/z+yXffzc3/+ofv/Uwv9P8diav1/7v5Pxi1N9j8AAAB0kLv/U3GL/Q8AAADDyN3/6bjF/gcAAIBh5O7/TNxw5//d3SOdKP2//t/7//X/+n/9/zbp/4/Q/586vfFz6f/36f+PZtf9/Nyff+j+3/v/OSZT6/9z9382bvHn/wAAADCM3P2fi1vsfwAAABhG7v7Pxy32PwAAAAxgv3fP3f+FuKXJ/l/T/+/l5x25/z93+NfW/+v/F/p//b/+X/9/mYbs/y+B/n+f/v9odt3Pz/35Z9f/X3/wQ/0/J2FJ/3/+J/Gu+v/c/V+MW5rsfwAAAOggd/+X4hb7HwAAAIaRu//LcYv9DwAAAMPI3f+VuKXJ/l/a/+95/7/+X/+v/1/o//X/x0L/r/9fRf+v/5/z88+u/7+A/p+TMLX3/+fu/2rc0mT/AwAAQAe5+78Wt9j/AAAAMIzc/V+PW+x/AAAAGEbu/m/ELU32/5r3/+v/N/tH0f/r/5f+/0H/r//fsP8/s9D/H5n+X/+/0P8f2a77+bk//+X0/+f0/zQxtf4/d/8345Ym+x8AAAA6yN3/rbjF/gcAAIBh5O7/dtxi/wMAAMAwcvd/J25psv9H7v9XfZr+f5/+X/+/0P9Pof/3/v/LoP/X/y/0/0e2635+7s/v/f/6f9abWv+fu/+7cUuT/Q8AAAAd5O7/Xtxi/wMAAMAwcvffuFjcYP8DAADAmG48/59nF9+PW5rs/5H7/1X0//v0//r/hf5f/79l+n/9/yr6f/3/nJ9f/6//Z72p9f+5+38QtzTZ/wAAANBB7v4fxi32PwAAAAwjd/+P4hb7HwAAAIaRu//HcUuT/a//1//r//X/+n/9/zbp//X/q+j/9f9zfn79v/6f9abW/+fu/0nc0mT/AwAAQAe5+38at9j/AAAAMIzc/T+LW+x/AAAAGEbu/p/HLU32v/5f/6//1//r//X/26T/1/+vov/X/8/5+fX/+n/Wm1r/n7v/F3FLk/0PAAAAHeTu/2XcYv8DAADAMHL3/ypusf8BAABgGLn7fx23NNn/+v/bnuNc/XX9v/5f/6//T/r/49G2/7/tX6v6/7X0//r/OT+//l//z3pT6/9z9/8mbmmy/wEAAKCD3P2/jVvsfwAAABhG7v7fxS32PwAAAAwjd//v45Ym+1//7/3/+n/9/zz6/yv1//r/pSbb/3v//0b0//r/OT+//l//z3pT6/9z998UtzTZ/wAAANBB7v4/xC32PwAAAAwjd/8f4xb7HwAAAIaRu//muKXJ/tf/6/+H7P/39P/j9f/e/z/L/v9O+n/9/2r6f/3/nJ9f/6//Z72p9f+5+/8UtzTZ/wAAANBB7v4/xy32PwAAAAwjd/9f4hb7HwAAAIaRu/+vcUuT/a//1/8P2f97/7/+X/8/Gfp//f8q+n/9/5yfX/+v/2e9qfX/ufv/Frc02f8AAADQQe7+v8ct9j8AAAAMI3f/P+IW+x8AAACGkbv/n3FLk/2v/9f/6//1//p//f826f/n2/9fuThC/3/dQv+v/9f/6//1/5Sp9f+5+/8VtzTZ/wAAANBB7v5b4pal+///T+ipAAAAgOOUu//fcYs//wcAAIBh5O7/T9zSZP/r//X/+n/9v/5f/79N+v/59v/e/7+e/l//r//X/7Pa1Pr/3P3/DQAA///E7/7M")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4242, 0x5c)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x2000, 0x0)
sendfile(r0, r1, 0x0, 0x20fffe82)
renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./bus\x00', 0x0)

139.323429ms ago: executing program 3 (id=1396):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="180200000400000000000000000000008500000041000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
writev(r0, &(0x7f0000000040)=[{&(0x7f00000000c0)="f38c12973d02866b", 0x8}], 0x1)

70.287993ms ago: executing program 3 (id=1397):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x1, 0x7, 0x0, 0x1}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df12c9f7b9a60000000000000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

0s ago: executing program 3 (id=1398):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(0x3)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
mount$9p_fd(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000480), 0x4898, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

kernel console output (not intermixed with test programs):

an't find valid F2FS filesystem in 1th superblock
[   92.677071][ T7437] F2FS-fs (loop2): invalid crc value
[   92.733582][ T7437] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   92.748679][ T7437] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   92.751747][ T7437] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   92.756296][ T7435] loop1: detected capacity change from 0 to 40427
[   92.762211][ T7435] F2FS-fs: heap/no_heap options were deprecated
[   92.765734][ T7435] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504)
[   92.769113][ T7435] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   92.774516][ T7435] F2FS-fs (loop1): invalid crc value
[   92.804014][ T7435] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   92.811958][ T7435] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   92.815117][ T7435] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   92.839449][ T5841] syz-executor: attempt to access beyond end of device
[   92.839449][ T5841] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   92.846462][ T5841] CPU: 0 UID: 0 PID: 5841 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[   92.846479][ T5841] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   92.846486][ T5841] Call Trace:
[   92.846490][ T5841]  <TASK>
[   92.846495][ T5841]  dump_stack_lvl+0x189/0x250
[   92.846514][ T5841]  ? __pfx_dump_stack_lvl+0x10/0x10
[   92.846526][ T5841]  ? __pfx_queue_work_on+0x10/0x10
[   92.846539][ T5841]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   92.846554][ T5841]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   92.846574][ T5841]  f2fs_handle_critical_error+0x37c/0x540
[   92.846592][ T5841]  f2fs_write_end_io+0x886/0xb60
[   92.846609][ T5841]  __submit_merged_bio+0x27a/0x6a0
[   92.846626][ T5841]  __submit_merged_write_cond+0x255/0x530
[   92.846641][ T5841]  f2fs_write_data_pages+0x261d/0x3000
[   92.846657][ T5841]  ? arch_stack_walk+0xfc/0x150
[   92.846679][ T5841]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   92.846695][ T5841]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   92.846711][ T5841]  ? rcu_is_watching+0x15/0xb0
[   92.846734][ T5841]  ? folios_put_refs+0x559/0x640
[   92.846750][ T5841]  ? __pfx_folios_put_refs+0x10/0x10
[   92.846763][ T5841]  ? rcu_is_watching+0x15/0xb0
[   92.846772][ T5841]  ? lru_add+0xa2f/0xd80
[   92.846785][ T5841]  ? lru_add+0x198/0xd80
[   92.846797][ T5841]  ? folio_batch_move_lru+0x319/0x3a0
[   92.846810][ T5841]  ? filemap_get_folios_tag+0xed/0x630
[   92.846821][ T5841]  ? rcu_is_watching+0x15/0xb0
[   92.846831][ T5841]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   92.846847][ T5841]  do_writepages+0x32e/0x550
[   92.846862][ T5841]  ? rcu_is_watching+0x15/0xb0
[   92.846873][ T5841]  ? do_raw_spin_unlock+0x4d/0x240
[   92.846889][ T5841]  filemap_fdatawrite+0x199/0x240
[   92.846904][ T5841]  ? __pfx_filemap_fdatawrite+0x10/0x10
[   92.846928][ T5841]  ? rcu_is_watching+0x15/0xb0
[   92.846941][ T5841]  ? do_raw_spin_unlock+0x4d/0x240
[   92.846956][ T5841]  f2fs_sync_dirty_inodes+0x31f/0x830
[   92.846974][ T5841]  f2fs_write_checkpoint+0x95a/0x1df0
[   92.846992][ T5841]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[   92.847017][ T5841]  ? kill_f2fs_super+0x298/0x6c0
[   92.847031][ T5841]  kill_f2fs_super+0x2c3/0x6c0
[   92.847044][ T5841]  ? __pfx_kill_f2fs_super+0x10/0x10
[   92.847054][ T5841]  ? radix_tree_delete_item+0x2b6/0x400
[   92.847073][ T5841]  ? shrinker_free+0x2ce/0x3e0
[   92.847086][ T5841]  deactivate_locked_super+0xbc/0x130
[   92.847100][ T5841]  cleanup_mnt+0x425/0x4c0
[   92.847113][ T5841]  task_work_run+0x1d4/0x260
[   92.847130][ T5841]  ? __pfx_task_work_run+0x10/0x10
[   92.847143][ T5841]  ? __x64_sys_umount+0x122/0x160
[   92.847159][ T5841]  ? __pfx___x64_sys_umount+0x10/0x10
[   92.847182][ T5841]  ? rcu_is_watching+0x15/0xb0
[   92.847194][ T5841]  exit_to_user_mode_loop+0xec/0x110
[   92.847209][ T5841]  do_syscall_64+0x2bd/0x3b0
[   92.847227][ T5841]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.847239][ T5841]  ? exc_page_fault+0x9f/0xf0
[   92.847279][ T5841]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.847290][ T5841] RIP: 0033:0x7fbe1138ff17
[   92.847302][ T5841] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[   92.847312][ T5841] RSP: 002b:00007ffec79b80d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   92.847326][ T5841] RAX: 0000000000000000 RBX: 00007fbe11411c05 RCX: 00007fbe1138ff17
[   92.847334][ T5841] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffec79b8190
[   92.847342][ T5841] RBP: 00007ffec79b8190 R08: 0000000000000000 R09: 0000000000000000
[   92.847349][ T5841] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffec79b9220
[   92.847358][ T5841] R13: 00007fbe11411c05 R14: 0000000000016a16 R15: 00007ffec79b9260
[   92.847372][ T5841]  </TASK>
[   92.847378][ T5841] F2FS-fs (loop1): Remounting filesystem read-only
[   93.205724][ T7476] netlink: 15 bytes leftover after parsing attributes in process `syz.2.571'.
[   93.209568][ T7476] netlink: 4 bytes leftover after parsing attributes in process `syz.2.571'.
[   93.443296][ T7497] loop2: detected capacity change from 0 to 256
[   93.941312][ T5842] usb 3-1: new full-speed USB device number 8 using dummy_hcd
[   93.943294][ T7508] loop0: detected capacity change from 0 to 256
[   93.992603][ T7508] FAT-fs (loop0): Directory bread(block 64) failed
[   93.995394][ T7508] FAT-fs (loop0): Directory bread(block 65) failed
[   93.998140][ T7508] FAT-fs (loop0): Directory bread(block 66) failed
[   94.000935][ T7508] FAT-fs (loop0): Directory bread(block 67) failed
[   94.004132][ T7508] FAT-fs (loop0): Directory bread(block 68) failed
[   94.006694][ T7508] FAT-fs (loop0): Directory bread(block 69) failed
[   94.008892][ T7508] FAT-fs (loop0): Directory bread(block 70) failed
[   94.011811][ T7508] FAT-fs (loop0): Directory bread(block 71) failed
[   94.014513][ T7508] FAT-fs (loop0): Directory bread(block 72) failed
[   94.016837][ T7508] FAT-fs (loop0): Directory bread(block 73) failed
[   94.093061][ T5842] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[   94.096503][ T5842] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   94.099866][   T33] audit: type=1326 audit(2000000027.440:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7509 comm="syz.0.587" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d5e38ebe9 code=0x7ffc0000
[   94.110732][ T5842] usb 3-1: config 0 descriptor??
[   94.113031][   T33] audit: type=1326 audit(2000000027.440:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7509 comm="syz.0.587" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d5e38ebe9 code=0x7ffc0000
[   94.124409][ T5842] cp210x 3-1:0.0: cp210x converter detected
[   94.129052][   T33] audit: type=1326 audit(2000000027.440:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7509 comm="syz.0.587" exe="/syz-executor" sig=0 arch=c000003e syscall=137 compat=0 ip=0x7f7d5e38ebe9 code=0x7ffc0000
[   94.136669][   T33] audit: type=1326 audit(2000000027.440:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7509 comm="syz.0.587" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d5e38ebe9 code=0x7ffc0000
[   94.143839][   T33] audit: type=1326 audit(2000000027.450:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7509 comm="syz.0.587" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d5e38ebe9 code=0x7ffc0000
[   94.701430][ T5842] usb 3-1: cp210x converter now attached to ttyUSB0
[   94.762823][ T5892] usb 3-1: USB disconnect, device number 8
[   94.767930][ T5892] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[   94.773641][ T5892] cp210x 3-1:0.0: device disconnected
[   94.877466][ T7540] loop0: detected capacity change from 0 to 4096
[   94.880736][ T7540] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512).
[   94.887715][ T7540] ntfs3(loop0): ino=1a, mi_enum_attr
[   94.889534][ T7540] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[   95.300918][ T7562] futex_wake_op: syz.2.611 tries to shift op by 36; fix this program
[   95.322778][ T7566] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   95.403439][ T7568] Bluetooth: hci0: Opcode 0x0401 failed: -112
[   96.296500][ T7581] loop2: detected capacity change from 0 to 16
[   96.299575][ T7581] MTD: Attempt to mount non-MTD device "/dev/loop2"
[   96.346784][   T33] audit: type=1326 audit(2000000029.690:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7584 comm="syz.2.619" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f693378ebe9 code=0x7ffc0000
[   96.357015][   T33] audit: type=1326 audit(2000000029.690:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7584 comm="syz.2.619" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f693378ebe9 code=0x7ffc0000
[   96.366490][   T33] audit: type=1326 audit(2000000029.700:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7584 comm="syz.2.619" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f693378ebe9 code=0x7ffc0000
[   96.379602][   T33] audit: type=1326 audit(2000000029.700:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7584 comm="syz.2.619" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f693378ebe9 code=0x7ffc0000
[   96.388836][   T33] audit: type=1326 audit(2000000029.700:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7584 comm="syz.2.619" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f693378ebe9 code=0x7ffc0000
[   96.745289][ T7597] loop0: detected capacity change from 0 to 2048
[   96.750257][ T7597] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   96.790949][ T7599] loop0: detected capacity change from 0 to 512
[   96.826172][ T7599] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   96.832798][ T7599] ext4 filesystem being mounted at /226/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   96.891521][ T7599] loop0: detected capacity change from 512 to 64
[   96.905840][ T5852] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6334: Out of memory
[   96.910241][ T5852] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #2: comm syz-executor: mark_inode_dirty error
[   96.945427][ T7605] loop1: detected capacity change from 0 to 32768
[   97.104030][ T7117] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   97.111647][ T5712] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.147625][ T5712] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.196373][ T5712] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.263506][ T5712] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.294948][ T7614] netlink: 28 bytes leftover after parsing attributes in process `syz.2.633'.
[   97.298722][ T7614] netlink: 28 bytes leftover after parsing attributes in process `syz.2.633'.
[   97.342792][ T5843] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   97.346109][ T5843] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   97.350045][ T5843] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   97.353818][ T5843] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   97.356908][ T5712] bridge_slave_1: left allmulticast mode
[   97.357247][ T5843] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   97.358983][ T5712] bridge_slave_1: left promiscuous mode
[   97.362144][ T5847] Bluetooth: hci0: command 0x0401 tx timeout
[   97.362170][ T5234] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[   97.370263][ T5712] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.376509][ T5712] bridge_slave_0: left allmulticast mode
[   97.378922][ T5712] bridge_slave_0: left promiscuous mode
[   97.382368][ T5712] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.403335][ T7620] loop2: detected capacity change from 0 to 128
[   97.476804][ T5712] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   97.481641][ T5712] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   97.485457][ T5712] bond0 (unregistering): Released all slaves
[   97.547978][ T7615] chnl_net:caif_netlink_parms(): no params data found
[   97.582501][ T7615] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.585043][ T7615] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.588175][ T7615] bridge_slave_0: entered allmulticast mode
[   97.590532][ T7615] bridge_slave_0: entered promiscuous mode
[   97.593953][ T7615] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.596321][ T7615] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.599083][ T7615] bridge_slave_1: entered allmulticast mode
[   97.602476][ T7615] bridge_slave_1: entered promiscuous mode
[   97.613545][ T7615] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   97.618133][ T7615] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   97.628760][ T7615] team0: Port device team_slave_0 added
[   97.632709][ T7615] team0: Port device team_slave_1 added
[   97.642227][ T7615] batman_adv: batadv0: Adding interface: batadv_slave_0
[   97.644908][ T7615] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   97.656027][ T7615] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   97.661374][ T7615] batman_adv: batadv0: Adding interface: batadv_slave_1
[   97.663866][ T7615] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   97.674575][ T7632] loop2: detected capacity change from 0 to 32768
[   97.675027][ T7615] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   97.706322][ T7615] hsr_slave_0: entered promiscuous mode
[   97.708457][ T7615] hsr_slave_1: entered promiscuous mode
[   97.710490][ T7615] debugfs: 'hsr0' already exists in 'hsr'
[   97.713482][ T7615] Cannot create hsr debugfs directory
[   97.757259][ T7632] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,str_hash=crc32c,noacl,usrquota,grpquota,nojournal_transaction_names,allocator_stuck_timeout=256
[   97.757278][ T7632]   allowing incompatible features above 0.0: (unknown version)
[   97.757285][ T7632]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[   97.775535][ T7632] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[   97.776735][ T7615] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   97.778691][ T7632] bcachefs (loop2): initializing new filesystem
[   97.782811][ T7632] bcachefs (loop2): going read-write
[   97.789474][ T7632] bcachefs (loop2): marking superblocks
[   97.789758][ T7615] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   97.795333][ T7632] bcachefs (loop2): initializing freespace
[   97.798987][ T7632] bcachefs (loop2): done initializing freespace
[   97.802450][ T7632] bcachefs (loop2): reading snapshots table
[   97.804924][ T7632] bcachefs (loop2): reading snapshots done
[   97.813123][ T5712] hsr_slave_0: left promiscuous mode
[   97.815574][ T7632] bcachefs (loop2): done starting filesystem
[   97.817929][ T5712] hsr_slave_1: left promiscuous mode
[   97.839347][ T5712] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   97.843941][ T5712] batman_adv: batadv0: Removing interface: batadv_slave_0
[   97.847433][ T5712] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   97.850606][ T5712] batman_adv: batadv0: Removing interface: batadv_slave_1
[   97.859906][ T5712] veth1_macvtap: left promiscuous mode
[   97.863181][ T5712] veth0_macvtap: left promiscuous mode
[   97.865728][ T5712] veth1_vlan: left promiscuous mode
[   97.868091][ T5712] veth0_vlan: left promiscuous mode
[   97.940993][   T55] Bluetooth: hci0: unexpected event for opcode 0x080b
[   98.020940][ T7654] tipc: Can't bind to reserved service type 2
[   98.169527][ T5712] team0 (unregistering): Port device team_slave_1 removed
[   98.190224][ T5712] team0 (unregistering): Port device team_slave_0 removed
[   98.368305][ T7615] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   98.422466][ T7615] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   98.428672][ T7632] syz.2.639 (7632) used greatest stack depth: 15400 bytes left
[   98.444669][ T5846] bcachefs (loop2): shutting down
[   98.446783][ T5846] bcachefs (loop2): going read-only
[   98.448922][ T5846] bcachefs (loop2): finished waiting for writes to stop
[   98.463584][ T5846] bcachefs (loop2): flushing journal and stopping allocators, journal seq 700
[   98.485467][ T7665] loop1: detected capacity change from 0 to 1024
[   98.495860][ T5846] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 702
[   98.502649][ T5846] bcachefs (loop2): clean shutdown complete, journal seq 703
[   98.505975][ T5846] bcachefs (loop2): marking filesystem clean
[   98.506415][ T7665] hfsplus: bad catalog entry type
[   98.522324][ T5846] bcachefs (loop2): shutdown complete
[   98.530081][   T26] hfsplus: b-tree write err: -5, ino 4
[   98.559497][ T7615] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.570157][ T7615] 8021q: adding VLAN 0 to HW filter on device team0
[   98.576725][   T32] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.579645][   T32] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.593731][   T32] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.596851][   T32] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.609669][ T7615] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   98.614528][ T7615] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   98.664028][ T7680] loop1: detected capacity change from 0 to 4096
[   98.690799][ T7615] 8021q: adding VLAN 0 to HW filter on device batadv0
[   98.708690][ T7615] veth0_vlan: entered promiscuous mode
[   98.714439][ T7615] veth1_vlan: entered promiscuous mode
[   98.724262][ T7685] netlink: 16 bytes leftover after parsing attributes in process `syz.1.652'.
[   98.733276][ T7615] veth0_macvtap: entered promiscuous mode
[   98.736407][ T7615] veth1_macvtap: entered promiscuous mode
[   98.747691][ T7615] batman_adv: batadv0: Interface activated: batadv_slave_0
[   98.753965][ T7615] batman_adv: batadv0: Interface activated: batadv_slave_1
[   98.761095][ T5871] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.766572][ T5871] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.770301][ T5871] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.792606][ T5871] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.836034][   T27] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.839282][   T27] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.840799][ T7687] loop1: detected capacity change from 0 to 4096
[   98.846453][ T7687] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[   98.855223][   T27] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.857683][   T27] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.858733][ T7687] ntfs3(loop1): ino=19, mi_enum_attr
[   98.862512][ T7687] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[   98.869094][ T7687] ntfs3(loop1): failed to convert "c46c" to iso8859-14
[   98.872491][ T7687] ntfs3(loop1): ino=20, mi_enum_attr
[   98.983462][ T7703] No control pipe specified
[   99.078854][ T7709] loop3: detected capacity change from 0 to 4096
[   99.086430][ T7709] EXT4-fs (loop3): Test dummy encryption mode enabled
[   99.090766][ T7709] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[   99.095567][ T7709] System zones: 0-5
[   99.098405][ T7709] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.135093][ T7615] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.441350][   T55] Bluetooth: hci2: command tx timeout
[  100.182114][ T7727] loop3: detected capacity change from 0 to 512
[  100.217903][   T33] kauditd_printk_skb: 14 callbacks suppressed
[  100.217913][   T33] audit: type=1800 audit(2000000033.560:44): pid=7729 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.668" name="bus" dev="tmpfs" ino=71 res=0 errno=0
[  100.314974][ T7731] loop3: detected capacity change from 0 to 256
[  100.322548][ T7731] FAT-fs (loop3): Directory bread(block 64) failed
[  100.325197][ T7731] FAT-fs (loop3): Directory bread(block 65) failed
[  100.327850][ T7731] FAT-fs (loop3): Directory bread(block 66) failed
[  100.330345][ T7731] FAT-fs (loop3): Directory bread(block 67) failed
[  100.335195][ T7731] FAT-fs (loop3): Directory bread(block 68) failed
[  100.337808][ T7731] FAT-fs (loop3): Directory bread(block 69) failed
[  100.340380][ T7731] FAT-fs (loop3): Directory bread(block 70) failed
[  100.345206][ T7731] FAT-fs (loop3): Directory bread(block 71) failed
[  100.347907][ T7731] FAT-fs (loop3): Directory bread(block 72) failed
[  100.350553][ T7731] FAT-fs (loop3): Directory bread(block 73) failed
[  100.791409][ T5892] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  100.834343][ T7751] loop1: detected capacity change from 0 to 32768
[  100.837776][ T7751] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.678 (7751)
[  100.844397][ T7751] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  100.848916][ T7751] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  100.861000][ T7751] BTRFS info (device loop1): enabling ssd optimizations
[  100.864651][ T7751] BTRFS info (device loop1): enabling free space tree
[  100.879824][ T5841] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  100.941377][ T5892] usb 4-1: Using ep0 maxpacket: 16
[  100.944803][ T5892] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  100.957017][ T5892] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  100.960683][ T5892] usb 4-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  100.964986][ T5892] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.968607][ T5892] usb 4-1: config 0 descriptor??
[  101.074028][ T7778] loop1: detected capacity change from 0 to 128
[  101.077611][ T7778] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  101.084091][ T7778] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  101.222329][ T7780] loop1: detected capacity change from 0 to 32768
[  101.552350][   T55] Bluetooth: hci2: command tx timeout
[  101.558996][ T5892] input: HID 05ac:8241 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:05AC:8241.0003/input/input11
[  101.563770][ T7790] sctp: [Deprecated]: syz.1.689 (pid 7790) Use of int in maxseg socket option.
[  101.563770][ T7790] Use struct sctp_assoc_value instead
[  101.625260][ T5892] appleir 0003:05AC:8241.0003: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.3-1/input0
[  101.719519][   T24] usb 4-1: USB disconnect, device number 2
[  102.364126][   T55] Bluetooth: hci2: Unknown advertising packet type: 0x52
[  102.382705][ T5892] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  102.541542][ T5892] usb 3-1: Using ep0 maxpacket: 32
[  102.549687][ T5892] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  102.556194][ T5892] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  102.562741][ T5892] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  102.566597][ T5892] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  102.586513][ T5892] usb 3-1: config 0 descriptor??
[  102.593570][ T5892] hub 3-1:0.0: USB hub found
[  102.787489][ T7814] loop3: detected capacity change from 0 to 2048
[  102.801052][ T5892] hub 3-1:0.0: config failed, hub has too many ports! (err -19)
[  102.813846][ T7814] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.909094][ T7615] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.016575][ T5892] usbhid 3-1:0.0: can't add hid device: -71
[  103.019202][ T5892] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  103.041556][ T5892] usb 3-1: USB disconnect, device number 9
[  103.116855][ T7823] loop3: detected capacity change from 0 to 4096
[  103.119642][ T7827] netlink: 10 bytes leftover after parsing attributes in process `syz.1.705'.
[  103.120364][ T7823] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[  103.234136][ T7835] loop1: detected capacity change from 0 to 512
[  103.237534][ T7835] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  103.243416][ T7835] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.709: bg 0: block 384: padding at end of block bitmap is not set
[  103.249318][ T7835] EXT4-fs (loop1): Remounting filesystem read-only
[  103.253093][ T7835] EXT4-fs (loop1): 1 truncate cleaned up
[  103.255720][ T7835] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.273806][ T5841] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.405632][ T7838] loop3: detected capacity change from 0 to 32768
[  103.611444][   T55] Bluetooth: hci2: command tx timeout
[  103.791440][ T7860] input: syz0 as /devices/virtual/input/input12
[  103.837748][   T33] audit: type=1326 audit(2000000037.180:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7869 comm="syz.3.723" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a2e78ebe9 code=0x7ffc0000
[  103.855835][   T33] audit: type=1326 audit(2000000037.180:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7869 comm="syz.3.723" exe="/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f5a2e78ebe9 code=0x7ffc0000
[  103.865259][ T7868] loop2: detected capacity change from 0 to 4096
[  103.868655][   T33] audit: type=1326 audit(2000000037.180:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7869 comm="syz.3.723" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a2e78ebe9 code=0x7ffc0000
[  103.869102][ T7868] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  103.878810][   T33] audit: type=1326 audit(2000000037.180:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7869 comm="syz.3.723" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a2e78ebe9 code=0x7ffc0000
[  103.890438][   T33] audit: type=1326 audit(2000000037.180:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7869 comm="syz.3.723" exe="/syz-executor" sig=0 arch=c000003e syscall=198 compat=0 ip=0x7f5a2e78ebe9 code=0x7ffc0000
[  103.895577][ T7868] ntfs3(loop2): ino=19, mi_enum_attr
[  103.899969][   T33] audit: type=1326 audit(2000000037.180:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7869 comm="syz.3.723" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a2e78ebe9 code=0x7ffc0000
[  103.902540][ T7868] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  103.910361][   T33] audit: type=1326 audit(2000000037.180:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7869 comm="syz.3.723" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a2e78ebe9 code=0x7ffc0000
[  103.919914][ T7868] ntfs3(loop2): failed to convert "c46c" to cp1255
[  103.926294][ T7868] ntfs3(loop2): ino=20, mi_enum_attr
[  104.337778][ T7882] loop1: detected capacity change from 0 to 1764
[  104.711511][ T5842] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  104.871293][ T5842] usb 2-1: Using ep0 maxpacket: 32
[  104.880810][ T5842] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  104.886001][ T5842] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34047, setting to 1024
[  104.891620][ T5842] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  104.895693][ T5842] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.908627][ T5842] usb 2-1: config 0 descriptor??
[  104.912064][ T7887] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  104.917630][ T5842] hub 2-1:0.0: USB hub found
[  105.308268][ T5842] hub 2-1:0.0: 1 port detected
[  105.650432][ T7896] loop3: detected capacity change from 0 to 40427
[  105.653310][ T7896] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  105.655820][ T7896] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  105.675065][ T7896] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  105.678841][ T7896] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  105.681496][   T55] Bluetooth: hci2: command tx timeout
[  105.683720][ T7896] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  105.707386][   T33] audit: type=1326 audit(2000000039.050:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7904 comm="syz.2.735" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f693378ebe9 code=0x7ffc0000
[  105.730023][   T33] audit: type=1326 audit(2000000039.050:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7904 comm="syz.2.735" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f693378ebe9 code=0x7ffc0000
[  105.762414][   T33] audit: type=1326 audit(2000000039.070:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7904 comm="syz.2.735" exe="/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f693378ebe9 code=0x7ffc0000
[  105.769300][   T33] audit: type=1326 audit(2000000039.070:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7904 comm="syz.2.735" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f693378ebe9 code=0x7ffc0000
[  105.773142][ T7909] loop2: detected capacity change from 0 to 8
[  105.798138][   T33] audit: type=1326 audit(2000000039.070:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7904 comm="syz.2.735" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f693378ebe9 code=0x7ffc0000
[  105.930619][ T7918] capability: warning: `syz.3.736' uses deprecated v2 capabilities in a way that may be insecure
[  106.037569][ T7925] loop3: detected capacity change from 0 to 512
[  106.043184][ T7925] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  106.048036][ T7925] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it
[  106.053527][ T7925] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.744: Corrupt directory, running e2fsck is recommended
[  106.059304][ T7925] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[  106.062936][ T7925] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.744: corrupted in-inode xattr: invalid ea_ino
[  106.067446][ T7925] EXT4-fs (loop3): Remounting filesystem read-only
[  106.070487][ T7925] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.089147][ T7615] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.144572][ T1272] hub 2-1:0.0: hub_ext_port_status failed (err = -71)
[  106.144703][   T10] usb 2-1: USB disconnect, device number 8
[  107.076750][ T7948] loop2: detected capacity change from 0 to 256
[  107.079663][ T7948] exfat: Deprecated parameter 'utf8'
[  107.082334][ T7948] exfat: Unexpected value for 'utf8'
[  107.352821][ T7954] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off.
[  107.357785][ T7954] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  107.514637][ T7958] loop3: detected capacity change from 0 to 1024
[  107.519223][ T7958] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only.
[  107.527282][ T7958] hfsplus: failed to load catalog file
[  107.675155][ T7952] loop2: detected capacity change from 0 to 32768
[  107.678850][ T7952] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.753 (7952)
[  107.686437][ T7952] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  107.692392][ T7952] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  107.696151][ T7952] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  107.749189][ T7952] BTRFS info (device loop2): rebuilding free space tree
[  107.759216][ T7952] BTRFS info (device loop2): disabling free space tree
[  107.772494][ T7952] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  107.775980][ T7952] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  107.799563][ T7952] BTRFS info (device loop2): setting nodatasum
[  107.804241][ T7952] BTRFS info (device loop2): setting nodatacow
[  107.807026][ T7952] BTRFS info (device loop2): enabling disk space caching
[  107.810036][ T7952] BTRFS info (device loop2): force clearing of disk cache
[  107.814247][ T7952] BTRFS info (device loop2): doing ref verification
[  107.931877][ T5846] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  108.120968][ T7988] netlink: 'syz.1.764': attribute type 3 has an invalid length.
[  108.444833][ T8029] loop2: detected capacity change from 0 to 4096
[  108.448388][ T8029] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  108.544466][ T8036] netlink: 32 bytes leftover after parsing attributes in process `syz.1.784'.
[  108.567689][ T8038] loop1: detected capacity change from 0 to 1024
[  108.568325][ T8032] loop2: detected capacity change from 0 to 32768
[  108.573353][ T8032] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.782 (8032)
[  108.578481][ T8032] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  108.581878][ T8032] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  108.585419][ T1089] hfsplus: b-tree write err: -5, ino 4
[  108.617599][ T8032] BTRFS info (device loop2): rebuilding free space tree
[  108.622231][ T8032] BTRFS info (device loop2): enabling ssd optimizations
[  108.625115][ T8032] BTRFS info (device loop2): turning on sync discard
[  108.627662][ T8032] BTRFS info (device loop2): enabling free space tree
[  108.630340][ T8032] BTRFS info (device loop2): force clearing of disk cache
[  108.634618][ T8032] BTRFS info (device loop2): enabling auto defrag
[  108.636846][ T8032] BTRFS info (device loop2): doing ref verification
[  108.644299][ T8032] BTRFS info (device loop2): max_inline set to 0
[  108.677593][ T5846] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  108.690346][ T8067] loop3: detected capacity change from 0 to 256
[  109.615609][ T8089] bond0: entered promiscuous mode
[  109.617315][ T8089] bond_slave_0: entered promiscuous mode
[  109.623410][ T8089] bond_slave_1: entered promiscuous mode
[  109.646428][ T8093] loop1: detected capacity change from 0 to 512
[  109.650192][ T8093] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  109.665133][ T8093] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.670425][ T8093] ext4 filesystem being mounted at /262/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  109.687690][ T5841] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.692295][ T8091] nbd3: detected capacity change from 0 to 1024
[  109.713666][ T8099] block nbd3: NBD_DISCONNECT
[  109.715310][ T8099] block nbd3: Send disconnect failed -89
[  109.919556][ T8106] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  110.456374][ T8091] block nbd3: Disconnected due to user request.
[  110.458961][ T8091] block nbd3: shutting down sockets
[  110.499574][ T8108] loop3: detected capacity change from 0 to 4096
[  110.569830][ T8114] netlink: 3176 bytes leftover after parsing attributes in process `syz.3.808'.
[  110.660480][ T8124] loop2: detected capacity change from 0 to 256
[  110.765851][ T8122] loop3: detected capacity change from 0 to 32768
[  110.772148][ T8122] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  110.783618][ T8122] XFS (loop3): Ending clean mount
[  110.786733][ T8122] XFS (loop3): Quotacheck needed: Please wait.
[  110.792476][ T8122] XFS (loop3): Quotacheck: Done.
[  110.797942][   T33] audit: type=1800 audit(2000524332.145:57): pid=8122 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.813" name="bus" dev="loop3" ino=4426 res=0 errno=0
[  110.834057][ T7615] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  111.410484][   T33] audit: type=1326 audit(2000524332.755:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8111 comm="syz.1.809" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe1138ebe9 code=0x7fc00000
[  111.465387][ T8157] loop3: detected capacity change from 0 to 40427
[  111.469254][ T8157] F2FS-fs (loop3): Image doesn't support compression
[  111.473572][ T8157] F2FS-fs (loop3): invalid crc value
[  111.475475][ T8159] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.825'.
[  111.529320][ T8157] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  111.535335][ T8157] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  111.878301][ T8170] loop1: detected capacity change from 0 to 512
[  111.883244][ T8170] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  111.892081][ T8170] EXT4-fs (loop1): orphan cleanup on readonly fs
[  111.895308][ T8170] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:517: comm syz.1.830: Block bitmap for bg 0 marked uninitialized
[  111.901786][ T8170] EXT4-fs (loop1): Remounting filesystem read-only
[  111.905488][ T8170] EXT4-fs (loop1): 1 orphan inode deleted
[  111.909637][ T8170] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  111.950643][ T5841] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.113646][   T33] audit: type=1326 audit(2000524333.465:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8181 comm="syz.3.834" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a2e78ebe9 code=0x7ffc0000
[  112.124367][   T33] audit: type=1326 audit(2000524333.465:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8181 comm="syz.3.834" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a2e78ebe9 code=0x7ffc0000
[  112.133774][   T33] audit: type=1326 audit(2000524333.475:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8181 comm="syz.3.834" exe="/syz-executor" sig=0 arch=c000003e syscall=150 compat=0 ip=0x7f5a2e78ebe9 code=0x7ffc0000
[  112.142596][   T33] audit: type=1326 audit(2000524333.475:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8181 comm="syz.3.834" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a2e78ebe9 code=0x7ffc0000
[  112.151752][   T33] audit: type=1326 audit(2000524333.475:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8181 comm="syz.3.834" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a2e78ebe9 code=0x7ffc0000
[  112.235211][   T33] audit: type=1326 audit(2000524333.585:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8192 comm="syz.1.840" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbe1138ebe9 code=0x0
[  112.366189][ T8200] loop3: detected capacity change from 0 to 1024
[  112.369126][ T8200] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  112.375229][ T8200] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.843: bg 0: block 10: padding at end of block bitmap is not set
[  112.380335][ T8200] Quota error (device loop3): write_blk: dquota write failed
[  112.383345][ T8200] Quota error (device loop3): find_free_dqentry: Can't write quota data block 2
[  112.387251][ T8200] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.843: Failed to acquire dquot type 0
[  112.391693][ T8200] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.843: Failed to acquire dquot type 0
[  112.395532][ T8200] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.843: Freeing blocks not in datazone - block = 0, count = 4096
[  112.400825][ T8200] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.843: Failed to acquire dquot type 0
[  112.405464][ T8200] EXT4-fs (loop3): 1 orphan inode deleted
[  112.408111][ T8200] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.570289][ T8204] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.843: Failed to acquire dquot type 0
[  113.243440][ T7615] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.454810][ T8239] loop3: detected capacity change from 0 to 128
[  113.458322][ T8239] EXT4-fs: Ignoring removed nomblk_io_submit option
[  113.461992][ T8239] EXT4-fs: Ignoring removed nomblk_io_submit option
[  113.465200][ T8239] EXT4-fs (loop3): Test dummy encryption mode enabled
[  113.469974][ T8239] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  113.476752][ T8239] ext4 filesystem being mounted at /84/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  113.510803][ T8239] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))"
[  113.529139][ T7615] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  113.908500][ T8267] loop1: detected capacity change from 0 to 40427
[  113.910902][ T8267] F2FS-fs: heap/no_heap options were deprecated
[  113.915454][ T8267] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504)
[  113.917779][ T8267] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  113.921105][ T8267] F2FS-fs (loop1): invalid crc value
[  113.936663][ T8267] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  113.942224][ T8267] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  113.945289][ T8267] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  113.965338][ T5841] syz-executor: attempt to access beyond end of device
[  113.965338][ T5841] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  113.970530][ T5841] CPU: 1 UID: 0 PID: 5841 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  113.970542][ T5841] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  113.970547][ T5841] Call Trace:
[  113.970550][ T5841]  <TASK>
[  113.970553][ T5841]  dump_stack_lvl+0x189/0x250
[  113.970566][ T5841]  ? __pfx_dump_stack_lvl+0x10/0x10
[  113.970574][ T5841]  ? __pfx_queue_work_on+0x10/0x10
[  113.970582][ T5841]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  113.970592][ T5841]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  113.970602][ T5841]  f2fs_handle_critical_error+0x37c/0x540
[  113.970614][ T5841]  f2fs_write_end_io+0x886/0xb60
[  113.970623][ T5841]  __submit_merged_bio+0x27a/0x6a0
[  113.970633][ T5841]  __submit_merged_write_cond+0x255/0x530
[  113.970644][ T5841]  f2fs_write_data_pages+0x261d/0x3000
[  113.970653][ T5841]  ? arch_stack_walk+0xfc/0x150
[  113.970667][ T5841]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  113.970676][ T5841]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  113.970687][ T5841]  ? rcu_is_watching+0x15/0xb0
[  113.970700][ T5841]  ? folios_put_refs+0x559/0x640
[  113.970709][ T5841]  ? __pfx_folios_put_refs+0x10/0x10
[  113.970716][ T5841]  ? rcu_is_watching+0x15/0xb0
[  113.970723][ T5841]  ? lru_add+0xa2f/0xd80
[  113.970729][ T5841]  ? lru_add+0x198/0xd80
[  113.970736][ T5841]  ? do_raw_spin_lock+0x121/0x290
[  113.970746][ T5841]  ? do_raw_spin_unlock+0x4d/0x240
[  113.970754][ T5841]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  113.970764][ T5841]  do_writepages+0x32e/0x550
[  113.970773][ T5841]  ? rcu_is_watching+0x15/0xb0
[  113.970781][ T5841]  ? do_raw_spin_unlock+0x4d/0x240
[  113.970789][ T5841]  filemap_fdatawrite+0x199/0x240
[  113.970799][ T5841]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  113.970814][ T5841]  ? rcu_is_watching+0x15/0xb0
[  113.970821][ T5841]  ? do_raw_spin_unlock+0x4d/0x240
[  113.970830][ T5841]  f2fs_sync_dirty_inodes+0x31f/0x830
[  113.970839][ T5841]  f2fs_write_checkpoint+0x95a/0x1df0
[  113.970850][ T5841]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  113.970863][ T5841]  ? kill_f2fs_super+0x298/0x6c0
[  113.970871][ T5841]  kill_f2fs_super+0x2c3/0x6c0
[  113.970878][ T5841]  ? __pfx_kill_f2fs_super+0x10/0x10
[  113.970884][ T5841]  ? radix_tree_delete_item+0x2b6/0x400
[  113.970895][ T5841]  ? shrinker_free+0x2ce/0x3e0
[  113.970903][ T5841]  deactivate_locked_super+0xbc/0x130
[  113.970911][ T5841]  cleanup_mnt+0x425/0x4c0
[  113.970920][ T5841]  task_work_run+0x1d4/0x260
[  113.970930][ T5841]  ? __pfx_task_work_run+0x10/0x10
[  113.970938][ T5841]  ? __x64_sys_umount+0x122/0x160
[  113.970947][ T5841]  ? __pfx___x64_sys_umount+0x10/0x10
[  113.970956][ T5841]  ? rcu_is_watching+0x15/0xb0
[  113.970963][ T5841]  exit_to_user_mode_loop+0xec/0x110
[  113.970974][ T5841]  do_syscall_64+0x2bd/0x3b0
[  113.970984][ T5841]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.970991][ T5841]  ? exc_page_fault+0x9f/0xf0
[  113.971000][ T5841]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.971007][ T5841] RIP: 0033:0x7fbe1138ff17
[  113.971014][ T5841] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  113.971021][ T5841] RSP: 002b:00007ffec79b80d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  113.971052][ T5841] RAX: 0000000000000000 RBX: 00007fbe11411c05 RCX: 00007fbe1138ff17
[  113.971059][ T5841] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffec79b8190
[  113.971063][ T5841] RBP: 00007ffec79b8190 R08: 0000000000000000 R09: 0000000000000000
[  113.971068][ T5841] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffec79b9220
[  113.971072][ T5841] R13: 00007fbe11411c05 R14: 000000000001bc96 R15: 00007ffec79b9260
[  113.971080][ T5841]  </TASK>
[  113.971083][ T5841] F2FS-fs (loop1): Remounting filesystem read-only
[  114.052080][ T8278] loop2: detected capacity change from 0 to 32768
[  114.115120][ T8278] ERROR: (device loop2): dbAlloc: unable to allocate blocks
[  114.115120][ T8278] 
[  114.118454][ T8278] ERROR: (device loop2): remounting filesystem as read-only
[  114.192638][ T8282] tap0: tun_chr_ioctl cmd 1074025677
[  114.195080][ T8282] tap0: linktype set to 823
[  114.305522][   T32] Bluetooth: hci3: Frame reassembly failed (-84)
[  114.461816][ T1272] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  114.622988][ T1272] usb 2-1: New USB device found, idVendor=59cc, idProduct=980d, bcdDevice=b4.8e
[  114.626659][ T1272] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.630248][ T1272] usb 2-1: config 0 descriptor??
[  114.632953][ T1272] usb-storage 2-1:0.0: USB Mass Storage device detected
[  114.838685][  T793] usb 2-1: USB disconnect, device number 9
[  114.903251][ T8294] loop3: detected capacity change from 0 to 40427
[  114.906417][ T8294] F2FS-fs (loop3): Small segment_count (9 < 1 * 24)
[  114.908736][ T8294] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  114.928549][ T8294] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  114.932355][ T8294] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  114.934934][ T8294] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  114.949192][ T7615] syz-executor: attempt to access beyond end of device
[  114.949192][ T7615] loop3: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  114.956393][ T7615] CPU: 0 UID: 0 PID: 7615 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  114.956411][ T7615] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  114.956418][ T7615] Call Trace:
[  114.956423][ T7615]  <TASK>
[  114.956428][ T7615]  dump_stack_lvl+0x189/0x250
[  114.956447][ T7615]  ? __pfx_dump_stack_lvl+0x10/0x10
[  114.956461][ T7615]  ? __pfx_queue_work_on+0x10/0x10
[  114.956472][ T7615]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  114.956488][ T7615]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  114.956505][ T7615]  f2fs_handle_critical_error+0x37c/0x540
[  114.956523][ T7615]  f2fs_write_end_io+0x886/0xb60
[  114.956538][ T7615]  __submit_merged_bio+0x27a/0x6a0
[  114.956553][ T7615]  ? up_write+0x1c4/0x420
[  114.956566][ T7615]  __submit_merged_write_cond+0x44c/0x530
[  114.956583][ T7615]  f2fs_sync_node_pages+0x1479/0x15e0
[  114.956602][ T7615]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  114.956625][ T7615]  ? up_write+0x1c4/0x420
[  114.956636][ T7615]  ? do_raw_spin_unlock+0x4d/0x240
[  114.956651][ T7615]  f2fs_write_checkpoint+0xe6f/0x1df0
[  114.956668][ T7615]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  114.956689][ T7615]  ? rcu_is_watching+0x15/0xb0
[  114.956701][ T7615]  ? kill_f2fs_super+0x298/0x6c0
[  114.956714][ T7615]  kill_f2fs_super+0x2c3/0x6c0
[  114.956726][ T7615]  ? __pfx_kill_f2fs_super+0x10/0x10
[  114.956736][ T7615]  ? radix_tree_delete_item+0x2b6/0x400
[  114.956753][ T7615]  ? shrinker_free+0x2ce/0x3e0
[  114.956767][ T7615]  deactivate_locked_super+0xbc/0x130
[  114.956781][ T7615]  cleanup_mnt+0x425/0x4c0
[  114.956795][ T7615]  task_work_run+0x1d4/0x260
[  114.956810][ T7615]  ? __pfx_task_work_run+0x10/0x10
[  114.956825][ T7615]  ? __x64_sys_umount+0x122/0x160
[  114.956839][ T7615]  ? __pfx___x64_sys_umount+0x10/0x10
[  114.956855][ T7615]  ? rcu_is_watching+0x15/0xb0
[  114.956866][ T7615]  exit_to_user_mode_loop+0xec/0x110
[  114.956883][ T7615]  do_syscall_64+0x2bd/0x3b0
[  114.956899][ T7615]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.956910][ T7615]  ? exc_page_fault+0x9f/0xf0
[  114.956924][ T7615]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.956935][ T7615] RIP: 0033:0x7f5a2e78ff17
[  114.956945][ T7615] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  114.956956][ T7615] RSP: 002b:00007fff0e883a58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  114.956969][ T7615] RAX: 0000000000000000 RBX: 00007f5a2e811c05 RCX: 00007f5a2e78ff17
[  114.956978][ T7615] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff0e883b10
[  114.956985][ T7615] RBP: 00007fff0e883b10 R08: 0000000000000000 R09: 0000000000000000
[  114.956993][ T7615] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff0e884ba0
[  114.957000][ T7615] R13: 00007f5a2e811c05 R14: 000000000001c074 R15: 00007fff0e884be0
[  114.957012][ T7615]  </TASK>
[  114.957017][ T7615] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  115.229001][ T8302] loop3: detected capacity change from 0 to 1024
[  115.237573][ T8302] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.255582][ T7615] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.321294][ T5843] Bluetooth: hci3: command 0x1003 tx timeout
[  116.321327][   T55] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  117.009532][ T8349] loop3: detected capacity change from 0 to 128
[  117.015649][ T8349] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  117.020978][ T8349] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  117.075816][ T8353] sp0: Synchronizing with TNC
[  117.169882][ T8357] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  117.933672][ T8367] loop3: detected capacity change from 0 to 32768
[  117.939248][ T8367] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  117.958706][ T8367] XFS (loop3): Ending clean mount
[  117.962717][ T8367] XFS (loop3): Quotacheck needed: Please wait.
[  117.969095][ T8367] XFS (loop3): Quotacheck: Done.
[  117.990157][ T7615] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  118.199487][ T8390] rdma_op ffff8881246121f0 conn xmit_rdma 0000000000000000
[  118.285283][ T8388] loop3: detected capacity change from 0 to 32768
[  118.306420][ T8388] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  118.315181][ T8388] XFS (loop3): Ending clean mount
[  118.345638][ T7615] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  118.463935][ T8413] loop2: detected capacity change from 0 to 256
[  118.477418][ T8413] exfat: Deprecated parameter 'utf8'
[  118.486774][ T8413] exfat: Deprecated parameter 'namecase'
[  118.497184][ T8413] exfat: Deprecated parameter 'namecase'
[  118.506373][ T8413] exfat: Deprecated parameter 'utf8'
[  118.526152][ T8413] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffad0, utbl_chksum : 0xe619d30d)
[  119.081200][ T5892] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  119.262708][ T5892] usb 3-1: config 1 interface 0 altsetting 127 bulk endpoint 0x81 has invalid maxpacket 64
[  119.266292][ T5892] usb 3-1: config 1 interface 0 altsetting 127 bulk endpoint 0x2 has invalid maxpacket 32
[  119.269625][ T5892] usb 3-1: config 1 interface 0 has no altsetting 0
[  119.275629][ T5892] usb 3-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.40
[  119.278790][ T5892] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  119.281741][ T5892] usb 3-1: Product: syz
[  119.283184][ T5892] usb 3-1: Manufacturer: syz
[  119.284852][ T5892] usb 3-1: SerialNumber: syz
[  119.290462][ T8421] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  119.295411][ T8421] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  119.476449][ T8431] loop1: detected capacity change from 0 to 256
[  119.480126][ T8431] exfat: Deprecated parameter 'namecase'
[  119.485462][ T8431] exfat: Deprecated parameter 'utf8'
[  119.488695][ T8431] exfat: Deprecated parameter 'utf8'
[  119.503679][ T8431] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[  119.522305][   T33] kauditd_printk_skb: 11 callbacks suppressed
[  119.522524][   T33] audit: type=1800 audit(2000524340.875:66): pid=8431 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.928" name="file1" dev="loop1" ino=1048638 res=0 errno=0
[  119.902889][ T8436] loop1: detected capacity change from 0 to 512
[  119.913141][ T8436] EXT4-fs (loop1): Test dummy encryption mode enabled
[  119.915851][ T8436] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  119.927148][ T8436] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.930: bad orphan inode 131083
[  119.941537][ T8436] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  119.964022][ T8436] EXT4-fs error (device loop1): ext4_find_dest_de:2052: inode #2: block 13: comm syz.1.930: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  119.994704][ T5892] rtl8150 3-1:1.0: couldn't reset the device
[  119.997203][ T5892] rtl8150 3-1:1.0: probe with driver rtl8150 failed with error -5
[  120.012576][ T5892] usb 3-1: USB disconnect, device number 10
[  120.019592][ T5841] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.463641][ T8449] netlink: 161716 bytes leftover after parsing attributes in process `syz.1.935'.
[  120.654873][ T8472] loop3: detected capacity change from 0 to 256
[  120.662755][ T8472] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  120.666852][ T8472] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512
[  120.670460][ T8472] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  120.674243][ T8472] UDF-fs: Scanning with blocksize 512 failed
[  120.710270][ T8464] loop2: detected capacity change from 0 to 32768
[  120.714097][ T8464] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.941 (8464)
[  120.724072][ T8472] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  120.727663][ T8464] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  120.728267][ T8472] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  120.730949][ T8464] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  121.013582][ T8464] BTRFS info (device loop2): rebuilding free space tree
[  121.019256][ T8464] BTRFS info (device loop2): allowing degraded mounts
[  121.022004][ T8464] BTRFS info (device loop2): enabling ssd optimizations
[  121.024664][ T8464] BTRFS info (device loop2): enabling free space tree
[  121.027052][ T8464] BTRFS info (device loop2): force clearing of disk cache
[  121.029512][ T8464] BTRFS info (device loop2): use zstd compression, level 3
[  121.033164][ T8464] BTRFS info (device loop2): max_inline set to 0
[  121.073081][   T33] audit: type=1800 audit(2000524342.425:67): pid=8464 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.941" name="bus" dev="loop2" ino=263 res=0 errno=0
[  121.165191][ T5846] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  121.347471][ T8496] loop2: detected capacity change from 0 to 1024
[  121.374678][ T8496] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  122.184480][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.242519][ T8515] loop2: detected capacity change from 0 to 2048
[  122.263390][ T8515] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  123.071255][ T1272] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  123.221204][ T1272] usb 2-1: Using ep0 maxpacket: 16
[  123.224613][ T1272] usb 2-1: config 0 has an invalid interface number: 104 but max is 1
[  123.227876][ T1272] usb 2-1: config 0 has an invalid interface number: 104 but max is 1
[  123.231268][ T1272] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[  123.234850][ T1272] usb 2-1: config 0 has no interface number 0
[  123.237380][ T1272] usb 2-1: config 0 interface 104 altsetting 0 endpoint 0x8 has an invalid bInterval 255, changing to 11
[  123.241875][ T1272] usb 2-1: config 0 interface 104 altsetting 0 endpoint 0x8 has invalid maxpacket 59391, setting to 1024
[  123.245737][ T1272] usb 2-1: config 0 interface 104 has no altsetting 1
[  123.250095][ T1272] usb 2-1: New USB device found, idVendor=1189, idProduct=0893, bcdDevice= 0.00
[  123.253440][ T1272] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.256906][ T1272] usb 2-1: Product: syz
[  123.258674][ T1272] usb 2-1: Manufacturer: syz
[  123.260654][ T1272] usb 2-1: SerialNumber: syz
[  123.265466][ T1272] usb 2-1: config 0 descriptor??
[  123.409622][ T6611] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  123.418513][ T6611] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 554 with error 28
[  123.424808][ T6611] EXT4-fs (loop2): This should not happen!! Data will be lost
[  123.424808][ T6611] 
[  123.429009][ T6611] EXT4-fs (loop2): Total free blocks count 0
[  123.432718][ T6611] EXT4-fs (loop2): Free/Dirty block details
[  123.437045][ T8529] loop3: detected capacity change from 0 to 256
[  123.439783][ T6611] EXT4-fs (loop2): free_blocks=2415919504
[  123.444004][ T6611] EXT4-fs (loop2): dirty_blocks=560
[  123.446236][ T6611] EXT4-fs (loop2): Block reservation details
[  123.448567][ T6611] EXT4-fs (loop2): i_reserved_data_blocks=35
[  123.461797][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.469875][ T1272] asix 2-1:0.104 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  123.474624][ T1272] asix 2-1:0.104: probe with driver asix failed with error -71
[  123.478577][ T1272] usb 2-1: USB disconnect, device number 10
[  123.577357][ T8541] pimreg: entered allmulticast mode
[  123.944377][ T8562] loop3: detected capacity change from 0 to 32768
[  123.950365][ T8562] o2cb: This node has not been configured.
[  123.952902][ T8562] o2cb: Cluster check failed. Fix errors before retrying.
[  123.955506][ T8562] (syz.3.975,8562,0):ocfs2_dlm_init:3354 ERROR: status = -22
[  123.958101][ T8562] (syz.3.975,8562,0):ocfs2_mount_volume:1735 ERROR: status = -22
[  123.961605][ T8562] (syz.3.975,8562,0):ocfs2_fill_super:1177 ERROR: status = -22
[  123.995461][ T8566] loop1: detected capacity change from 0 to 1024
[  123.998215][ T8566] hfsplus: Unknown parameter '5_%{쑤>VW϶$Ec_7ɱK<X'
[  124.196008][   T33] audit: type=1326 audit(2000524345.545:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8576 comm="syz.1.981" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe1138ebe9 code=0x7ffc0000
[  124.205311][   T33] audit: type=1326 audit(2000524345.545:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8576 comm="syz.1.981" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe1138ebe9 code=0x7ffc0000
[  124.216924][   T33] audit: type=1326 audit(2000524345.555:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8576 comm="syz.1.981" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbe1138ebe9 code=0x7ffc0000
[  124.227022][   T33] audit: type=1326 audit(2000524345.555:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8576 comm="syz.1.981" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe1138ebe9 code=0x7ffc0000
[  124.237106][   T33] audit: type=1326 audit(2000524345.555:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8576 comm="syz.1.981" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe1138ebe9 code=0x7ffc0000
[  124.245180][   T33] audit: type=1326 audit(2000524345.555:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8576 comm="syz.1.981" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbe1138ebe9 code=0x7ffc0000
[  124.253477][   T33] audit: type=1326 audit(2000524345.555:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8576 comm="syz.1.981" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe1138ebe9 code=0x7ffc0000
[  124.261984][   T33] audit: type=1326 audit(2000524345.555:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8576 comm="syz.1.981" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe1138ebe9 code=0x7ffc0000
[  124.263158][   T10] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  124.487839][   T10] usb 4-1: New USB device found, idVendor=0545, idProduct=808b, bcdDevice=31.ad
[  124.492815][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.511657][ T8583] evm: overlay not supported
[  124.529500][   T10] usb 4-1: config 0 descriptor??
[  124.544555][   T10] gspca_main: tv8532-2.14.0 probing 0545:808b
[  124.661399][ T1272] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  124.758815][   T10] usb 4-1: USB disconnect, device number 3
[  124.812593][ T1272] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  124.816861][ T1272] usb 2-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  124.820336][ T1272] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.824581][ T1272] usb 2-1: config 0 descriptor??
[  125.029908][   T10] usb 2-1: USB disconnect, device number 11
[  125.298442][ T8587] loop3: detected capacity change from 0 to 4096
[  125.302238][ T8587] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  125.314823][ T8587] ntfs3(loop3): ino=19, mi_enum_attr
[  125.420668][ T8594] loop2: detected capacity change from 0 to 1764
[  125.429130][ T8594] iso9660: Corrupted directory entry in block 2 of inode 1920
[  125.502633][ T8590] loop3: detected capacity change from 0 to 32768
[  125.529902][ T8590] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  125.591544][ T8590] XFS (loop3): Ending clean mount
[  125.595068][ T8590] XFS (loop3): Quotacheck needed: Please wait.
[  125.603010][ T8590] XFS (loop3): Quotacheck: Done.
[  125.631114][ T7615] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  125.846831][ T8623] loop3: detected capacity change from 0 to 256
[  125.867664][ T8623] FAT-fs (loop3): Directory bread(block 64) failed
[  125.870461][ T8623] FAT-fs (loop3): Directory bread(block 65) failed
[  125.873702][ T8623] FAT-fs (loop3): Directory bread(block 66) failed
[  125.876544][ T8623] FAT-fs (loop3): Directory bread(block 67) failed
[  125.879683][ T8623] FAT-fs (loop3): Directory bread(block 68) failed
[  125.883906][ T8623] FAT-fs (loop3): Directory bread(block 69) failed
[  125.886823][ T8623] FAT-fs (loop3): Directory bread(block 70) failed
[  125.889736][ T8623] FAT-fs (loop3): Directory bread(block 71) failed
[  125.894119][ T8623] FAT-fs (loop3): Directory bread(block 72) failed
[  125.897110][ T8623] FAT-fs (loop3): Directory bread(block 73) failed
[  126.533006][ T5885] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  126.686409][ T5885] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF4, changing to 0x84
[  126.696759][ T5885] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  126.701682][ T5885] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  126.705470][ T5885] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.709880][ T5885] usb 4-1: config 0 descriptor??
[  126.753788][ T8646] loop2: detected capacity change from 0 to 4096
[  126.923010][ T5885] ath6kl: Failed to submit usb control message: -71
[  126.925837][ T5885] ath6kl: unable to send the bmi data to the device: -71
[  126.928831][ T5885] ath6kl: Unable to send get target info: -71
[  126.932208][ T5885] ath6kl: Failed to init ath6kl core: -71
[  126.935130][ T5885] ath6kl_usb 4-1:0.0: probe with driver ath6kl_usb failed with error -71
[  126.942771][ T5885] usb 4-1: USB disconnect, device number 4
[  127.568247][ T8658] loop3: detected capacity change from 0 to 32768
[  127.775843][   T33] kauditd_printk_skb: 8 callbacks suppressed
[  127.775990][   T33] audit: type=1800 audit(2000524349.115:84): pid=8668 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1013" name="file2" dev="loop3" ino=9 res=0 errno=0
[  128.758293][ T8689] loop3: detected capacity change from 0 to 4096
[  128.761836][ T8689] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  128.769462][ T8689] ntfs3(loop3): Failed to initialize $Extend/$Reparse.
[  128.774771][   T33] audit: type=1800 audit(2000524350.125:85): pid=8689 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1024" name="file1" dev="loop3" ino=30 res=0 errno=0
[  129.014816][ T8695] loop2: detected capacity change from 0 to 512
[  129.018527][ T8695] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  129.021969][ T8695] EXT4-fs (loop2): orphan cleanup on readonly fs
[  129.024755][ T8695] EXT4-fs warning (device loop2): ext4_enable_quotas:7172: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  129.029810][ T8695] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  129.033437][ T8695] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #13: comm syz.2.1027: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  129.039909][ T8695] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.1027: couldn't read orphan inode 13 (err -117)
[  129.044620][ T5885] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  129.049120][ T8695] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  129.056614][ T8695] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  129.060495][ T8695] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  129.071872][ T8695] EXT4-fs warning (device loop2): ext4_enable_quotas:7172: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  129.131289][ T1272] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  129.191233][ T5885] usb 4-1: Using ep0 maxpacket: 8
[  129.196340][ T5885] usb 4-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  129.199601][ T5885] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  129.202718][ T5885] usb 4-1: Product: syz
[  129.204337][ T5885] usb 4-1: Manufacturer: syz
[  129.206142][ T5885] usb 4-1: SerialNumber: syz
[  129.209010][ T5885] usb 4-1: config 0 descriptor??
[  129.212653][ T5885] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  129.215413][ T5885] usb 4-1: setting power ON
[  129.216796][ T5885] dvb-usb: bulk message failed: -22 (2/0)
[  129.219509][ T5885] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  129.223586][ T5885] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  129.226373][ T5885] usb 4-1: media controller created
[  129.232140][ T5885] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  129.237313][ T5885] usb 4-1: selecting invalid altsetting 6
[  129.239216][ T5885] usb 4-1: digital interface selection failed (-22)
[  129.241513][ T5885] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  129.244687][ T5885] usb 4-1: setting power OFF
[  129.246197][ T5885] dvb-usb: bulk message failed: -22 (2/0)
[  129.248103][ T5885] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  129.251198][ T5885] (NULL device *): no alternate interface
[  129.256864][ T5885] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  129.281270][ T1272] usb 2-1: Using ep0 maxpacket: 32
[  129.284914][ T1272] usb 2-1: config 0 has an invalid interface number: 132 but max is 0
[  129.288174][ T1272] usb 2-1: config 0 has no interface number 0
[  129.290638][ T1272] usb 2-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  129.296605][ T1272] usb 2-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  129.300315][ T1272] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  129.303692][ T1272] usb 2-1: Product: syz
[  129.305511][ T1272] usb 2-1: Manufacturer: syz
[  129.307187][ T1272] usb 2-1: SerialNumber: syz
[  129.309697][ T1272] usb 2-1: config 0 descriptor??
[  129.314591][ T1272] em28xx 2-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[  129.318597][ T1272] em28xx 2-1:0.132: Video interface 132 found:
[  129.321332][  T793] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  129.420081][ T5885] usb 4-1: USB disconnect, device number 5
[  129.473287][  T793] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid maxpacket 245, setting to 64
[  129.477850][  T793] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  129.482000][  T793] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.486431][  T793] usb 3-1: config 0 descriptor??
[  129.691047][  T793] ath6kl: Failed to submit usb control message: -71
[  129.693983][  T793] ath6kl: unable to send the bmi data to the device: -71
[  129.696918][  T793] ath6kl: Unable to send get target info: -71
[  129.699591][  T793] ath6kl: Failed to init ath6kl core: -71
[  129.703318][  T793] ath6kl_usb 3-1:0.0: probe with driver ath6kl_usb failed with error -71
[  129.709104][  T793] usb 3-1: USB disconnect, device number 11
[  129.716790][ T1272] em28xx 2-1:0.132: unknown em28xx chip ID (0)
[  129.920806][ T1272] em28xx 2-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5)
[  129.923964][ T1272] em28xx 2-1:0.132: board has no eeprom
[  129.993863][ T1272] em28xx 2-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[  129.997163][ T1272] em28xx 2-1:0.132: analog set to bulk mode.
[  130.003838][ T5885] em28xx 2-1:0.132: Registering V4L2 extension
[  130.010936][ T1272] usb 2-1: USB disconnect, device number 12
[  130.018408][ T1272] em28xx 2-1:0.132: Disconnecting em28xx
[  130.054683][ T5885] em28xx 2-1:0.132: Config register raw data: 0xffffffed
[  130.057717][ T5885] em28xx 2-1:0.132: AC97 chip type couldn't be determined
[  130.060676][ T5885] em28xx 2-1:0.132: No AC97 audio processor
[  130.064274][ T5885] usb 2-1: Decoder not found
[  130.066233][ T5885] em28xx 2-1:0.132: failed to create media graph
[  130.068979][ T5885] em28xx 2-1:0.132: V4L2 device video103 deregistered
[  130.073148][ T5885] em28xx 2-1:0.132: Remote control support is not available for this card.
[  130.077347][ T1272] em28xx 2-1:0.132: Closing input extension
[  130.080962][ T1272] em28xx 2-1:0.132: Freeing device
[  130.204367][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.256643][ T8715] loop2: detected capacity change from 0 to 1024
[  131.028664][ T5712] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.087068][ T5712] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.156454][ T5712] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.224942][ T5712] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.231005][   T55] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  131.234247][   T55] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  131.237210][   T55] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  131.240725][   T55] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  131.244846][   T55] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  131.314561][ T5712] bridge_slave_1: left allmulticast mode
[  131.316922][ T5712] bridge_slave_1: left promiscuous mode
[  131.319279][ T5712] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.324217][ T5712] bridge_slave_0: left allmulticast mode
[  131.326499][ T5712] bridge_slave_0: left promiscuous mode
[  131.328800][ T5712] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.401969][ T8751] loop2: detected capacity change from 0 to 1024
[  131.454516][ T5712] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  131.458548][ T5712] bond_slave_0: left promiscuous mode
[  131.462765][ T5712] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  131.466809][ T5712] bond_slave_1: left promiscuous mode
[  131.471444][ T5712] bond0 (unregistering): Released all slaves
[  131.524620][ T5712] tipc: Left network mode
[  131.529737][ T8737] chnl_net:caif_netlink_parms(): no params data found
[  131.571111][ T8737] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.575103][ T8737] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.578134][ T8737] bridge_slave_0: entered allmulticast mode
[  131.584267][ T8737] bridge_slave_0: entered promiscuous mode
[  131.587605][ T8737] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.590073][ T8737] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.593402][ T8737] bridge_slave_1: entered allmulticast mode
[  131.595898][ T8737] bridge_slave_1: entered promiscuous mode
[  131.620522][ T8737] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  131.626184][ T8737] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  131.640956][ T8737] team0: Port device team_slave_0 added
[  131.649684][ T8737] team0: Port device team_slave_1 added
[  131.834316][ T5712] hsr_slave_0: left promiscuous mode
[  131.837100][ T5712] hsr_slave_1: left promiscuous mode
[  131.839791][ T5712] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  131.843523][ T5712] batman_adv: batadv0: Removing interface: batadv_slave_0
[  131.847033][ T5712] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  131.850150][ T5712] batman_adv: batadv0: Removing interface: batadv_slave_1
[  131.856783][ T5712] veth1_macvtap: left promiscuous mode
[  131.859230][ T5712] veth0_macvtap: left promiscuous mode
[  131.862032][ T5712] veth1_vlan: left promiscuous mode
[  131.864340][ T5712] veth0_vlan: left promiscuous mode
[  131.958952][ T5712] team0 (unregistering): Port device team_slave_1 removed
[  131.966015][ T5712] team0 (unregistering): Port device team_slave_0 removed
[  132.027700][ T8737] batman_adv: batadv0: Adding interface: batadv_slave_0
[  132.030196][ T8737] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  132.039899][ T8737] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  132.046705][ T8737] batman_adv: batadv0: Adding interface: batadv_slave_1
[  132.049015][ T8737] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  132.058095][ T8737] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  132.072221][ T8737] hsr_slave_0: entered promiscuous mode
[  132.074460][ T8737] hsr_slave_1: entered promiscuous mode
[  132.124181][ T8737] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  132.127827][ T8737] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  132.134438][ T8737] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  132.138341][ T8737] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  132.183320][ T8737] 8021q: adding VLAN 0 to HW filter on device bond0
[  132.190669][ T8737] 8021q: adding VLAN 0 to HW filter on device team0
[  132.195946][  T671] bridge0: port 1(bridge_slave_0) entered blocking state
[  132.198515][  T671] bridge0: port 1(bridge_slave_0) entered forwarding state
[  132.208470][  T671] bridge0: port 2(bridge_slave_1) entered blocking state
[  132.211053][  T671] bridge0: port 2(bridge_slave_1) entered forwarding state
[  132.270834][ T8737] 8021q: adding VLAN 0 to HW filter on device batadv0
[  132.375255][ T8737] veth0_vlan: entered promiscuous mode
[  132.380400][ T8737] veth1_vlan: entered promiscuous mode
[  132.393960][ T8737] veth0_macvtap: entered promiscuous mode
[  132.398138][ T8737] veth1_macvtap: entered promiscuous mode
[  132.416093][ T8737] batman_adv: batadv0: Interface activated: batadv_slave_0
[  132.425515][ T8737] batman_adv: batadv0: Interface activated: batadv_slave_1
[  132.443724][ T5906] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  132.447564][ T5906] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  132.454650][ T5906] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  132.469300][ T5906] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  132.483274][ T1089] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  132.486535][ T1089] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  132.497838][ T1089] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  132.500985][ T1089] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  132.501455][ T8788] netlink: 212 bytes leftover after parsing attributes in process `syz.2.1057'.
[  132.508173][ T8788] netlink: 'syz.2.1057': attribute type 1 has an invalid length.
[  132.600243][ T8796] loop4: detected capacity change from 0 to 1024
[  132.606394][ T8796] hfsplus: bad catalog entry type
[  132.615438][ T1089] hfsplus: b-tree write err: -5, ino 4
[  132.653076][ T8802] syz.4.1063 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  132.676193][   T33] audit: type=1804 audit(2000524354.025:86): pid=8804 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1065" name="/newroot/5/bus" dev="tmpfs" ino=44 res=1 errno=0
[  132.722829][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  132.725522][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  132.858054][ T8823] loop4: detected capacity change from 0 to 256
[  132.955723][ T8832] loop2: detected capacity change from 0 to 22
[  132.958826][ T8832] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  132.964250][ T8832] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  133.281468][   T55] Bluetooth: hci0: command tx timeout
[  134.228104][ T5892] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  134.404634][ T5892] usb 4-1: Using ep0 maxpacket: 16
[  134.461884][ T5892] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[  134.469572][ T5892] usb 4-1: too many endpoints for config 0 interface 0 altsetting 231: 229, using maximum allowed: 30
[  134.474567][ T5892] usb 4-1: config 0 interface 0 altsetting 231 has 0 endpoint descriptors, different from the interface descriptor's value: 229
[  134.480105][ T5892] usb 4-1: config 0 interface 0 has no altsetting 1
[  134.486525][ T5892] usb 4-1: New USB device found, idVendor=046d, idProduct=08f0, bcdDevice=97.0d
[  134.490068][ T5892] usb 4-1: New USB device strings: Mfr=99, Product=242, SerialNumber=132
[  134.495310][ T5892] usb 4-1: Product: syz
[  134.496983][ T5892] usb 4-1: Manufacturer: syz
[  134.498848][ T5892] usb 4-1: SerialNumber: syz
[  134.504734][ T5892] usb 4-1: config 0 descriptor??
[  134.508805][ T5892] usb-storage 4-1:0.0: USB Mass Storage device detected
[  134.565371][ T5892] gspca_main: STV06xx-2.14.0 probing 046d:08f0
[  134.567939][ T5892] gspca_stv06xx: st6422 sensor detected
[  135.313989][ T5892] STV06xx 4-1:0.0: probe with driver STV06xx failed with error -71
[  135.319668][ T5892] usb 4-1: USB disconnect, device number 6
[  135.371331][   T55] Bluetooth: hci0: command tx timeout
[  136.608252][ T8911] loop2: detected capacity change from 0 to 764
[  136.614492][ T8911] rock: directory entry would overflow storage
[  136.617163][ T8911] rock: sig=0x4654, size=5, remaining=4
[  136.658735][ T8915] loop2: detected capacity change from 0 to 4096
[  136.662108][ T8915] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  136.670060][ T8915] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  136.673149][ T8915] ntfs3(loop2): Failed to initialize $Extend/$Reparse.
[  136.700877][ T8918] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1115'.
[  136.701220][ T1272] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  136.735470][ T8920] netlink: 164 bytes leftover after parsing attributes in process `syz.2.1116'.
[  136.861373][ T1272] usb 4-1: Using ep0 maxpacket: 32
[  136.865352][ T1272] usb 4-1: config 0 has an invalid interface number: 23 but max is 0
[  136.868875][ T1272] usb 4-1: config 0 has no interface number 0
[  136.872555][ T1272] usb 4-1: config 0 interface 23 has no altsetting 0
[  136.873863][ T8930] loop2: detected capacity change from 0 to 736
[  136.877590][ T1272] usb 4-1: New USB device found, idVendor=0557, idProduct=2002, bcdDevice=b6.ad
[  136.881711][ T1272] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.885125][ T1272] usb 4-1: Product: syz
[  136.885950][ T8930] rock: directory entry would overflow storage
[  136.886988][ T1272] usb 4-1: Manufacturer: syz
[  136.889157][ T8930] rock: sig=0x00, size=4, remaining=3
[  136.892264][ T1272] usb 4-1: SerialNumber: syz
[  136.896208][ T1272] usb 4-1: config 0 descriptor??
[  136.964253][ T8936] loop4: detected capacity change from 0 to 256
[  136.972163][ T8936] FAT-fs (loop4): Directory bread(block 64) failed
[  136.974625][ T8936] FAT-fs (loop4): Directory bread(block 65) failed
[  136.977526][ T8936] FAT-fs (loop4): Directory bread(block 66) failed
[  136.979915][ T8936] FAT-fs (loop4): Directory bread(block 67) failed
[  136.984785][ T8936] FAT-fs (loop4): Directory bread(block 68) failed
[  136.987375][ T8936] FAT-fs (loop4): Directory bread(block 69) failed
[  136.989888][ T8936] FAT-fs (loop4): Directory bread(block 70) failed
[  136.992432][ T8936] FAT-fs (loop4): Directory bread(block 71) failed
[  136.995106][ T8936] FAT-fs (loop4): Directory bread(block 72) failed
[  136.997779][ T8936] FAT-fs (loop4): Directory bread(block 73) failed
[  137.101893][ T8895] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  137.105533][ T8895] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  137.119102][ T1272] kaweth 4-1:0.23: Firmware present in device.
[  137.122363][ T1272] kaweth 4-1:0.23: Error reading configuration (-71), no net device created
[  137.126313][ T1272] kaweth 4-1:0.23: probe with driver kaweth failed with error -5
[  137.131837][ T1272] usb 4-1: USB disconnect, device number 7
[  137.151358][  T793] usb 3-1: new full-speed USB device number 12 using dummy_hcd
[  137.303083][  T793] usb 3-1: New USB device found, idVendor=04f2, idProduct=1236, bcdDevice= 0.00
[  137.306973][  T793] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.311522][  T793] usb 3-1: config 0 descriptor??
[  137.441278][   T55] Bluetooth: hci0: command tx timeout
[  137.718075][  T793] chicony 0003:04F2:1236.0004: unknown main item tag 0x0
[  137.720388][  T793] chicony 0003:04F2:1236.0004: unknown main item tag 0x0
[  137.722998][  T793] chicony 0003:04F2:1236.0004: unknown main item tag 0x0
[  137.725259][  T793] chicony 0003:04F2:1236.0004: unknown main item tag 0x0
[  137.727585][  T793] chicony 0003:04F2:1236.0004: unknown main item tag 0x0
[  137.730484][  T793] chicony 0003:04F2:1236.0004: hidraw0: USB HID v1.01 Device [HID 04f2:1236] on usb-dummy_hcd.2-1/input0
[  137.919075][ T1272] usb 3-1: USB disconnect, device number 12
[  138.043357][ T8956] netlink: 144 bytes leftover after parsing attributes in process `syz.4.1132'.
[  138.635330][ T8980] veth0: entered promiscuous mode
[  138.649198][ T8980] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1143'.
[  138.663777][ T8980] veth0 (unregistering): left promiscuous mode
[  138.764951][ T8995] netlink: 260 bytes leftover after parsing attributes in process `syz.3.1150'.
[  139.075297][ T9006] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1154'.
[  139.371466][  T793] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  139.501326][   T24] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  139.521336][   T55] Bluetooth: hci0: command tx timeout
[  139.533564][  T793] usb 4-1: config index 0 descriptor too short (expected 1042, got 18)
[  139.537499][  T793] usb 4-1: too many endpoints for config 0 interface 0 altsetting 237: 123, using maximum allowed: 30
[  139.542439][  T793] usb 4-1: config 0 interface 0 altsetting 237 has 0 endpoint descriptors, different from the interface descriptor's value: 123
[  139.548208][  T793] usb 4-1: config 0 interface 0 has no altsetting 0
[  139.553157][  T793] usb 4-1: New USB device found, idVendor=054c, idProduct=002e, bcdDevice= 5.00
[  139.557068][  T793] usb 4-1: New USB device strings: Mfr=16, Product=0, SerialNumber=0
[  139.560572][  T793] usb 4-1: Manufacturer: syz
[  139.564138][  T793] usb 4-1: config 0 descriptor??
[  139.567979][  T793] usb-storage 4-1:0.0: USB Mass Storage device detected
[  139.572930][  T793] usb-storage 4-1:0.0: Quirks match for vid 054c pid 002e: 1
[  139.576127][  T793] usb-storage 4-1:0.0: This device (054c,002e,0500 S 04 P 18) has an unneeded SubClass entry in unusual_devs.h (kernel syzkaller)
[  139.576127][  T793]    Please send a copy of this message to <linux-usb@vger.kernel.org> and <usb-storage@lists.one-eyed-alien.net>
[  139.661200][   T24] usb 5-1: Using ep0 maxpacket: 8
[  139.667155][   T24] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  139.673710][   T24] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  139.677824][   T24] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  139.678206][ T9027] loop2: detected capacity change from 0 to 128
[  139.683008][   T24] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  139.691742][   T24] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  139.695737][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.725842][ T9029] cgroup: Unknown subsys name '@﬽4*oңhoU'
[  139.769912][  T793] usb 4-1: USB disconnect, device number 8
[  139.902754][   T24] usb 5-1: GET_CAPABILITIES returned 0
[  139.904659][   T24] usbtmc 5-1:16.0: can't read capabilities
[  140.105256][  T793] usb 5-1: USB disconnect, device number 2
[  140.297277][ T9034] vlan2: entered promiscuous mode
[  140.299320][ T9034] macvtap0: entered promiscuous mode
[  140.364888][ T9036] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  140.580394][ T9044] loop3: detected capacity change from 0 to 32768
[  140.586374][ T9044] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  140.618862][ T9044] XFS (loop3): Ending clean mount
[  140.622227][ T9044] XFS (loop3): Quotacheck needed: Please wait.
[  140.631507][ T9044] XFS (loop3): Quotacheck: Done.
[  140.680258][ T7615] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  140.836448][ T9066] loop4: detected capacity change from 0 to 32768
[  141.035467][ T9109] syzkaller1: entered promiscuous mode
[  141.037663][ T9109] syzkaller1: entered allmulticast mode
[  141.163141][ T9115] loop2: detected capacity change from 0 to 256
[  141.789490][   T55] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[  142.385843][ T9146] loop2: detected capacity change from 0 to 40427
[  142.388884][ T9146] F2FS-fs (loop2): build fault injection rate: 771
[  142.392092][ T9146] F2FS-fs (loop2): invalid crc value
[  142.407372][ T9146] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  142.410886][ T9146] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  142.520175][ T5846] syz-executor: attempt to access beyond end of device
[  142.520175][ T5846] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  142.524768][ T5846] CPU: 0 UID: 0 PID: 5846 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  142.524779][ T5846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  142.524784][ T5846] Call Trace:
[  142.524788][ T5846]  <TASK>
[  142.524791][ T5846]  dump_stack_lvl+0x189/0x250
[  142.524803][ T5846]  ? __pfx_dump_stack_lvl+0x10/0x10
[  142.524811][ T5846]  ? __pfx_queue_work_on+0x10/0x10
[  142.524819][ T5846]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  142.524829][ T5846]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  142.524840][ T5846]  f2fs_handle_critical_error+0x37c/0x540
[  142.524851][ T5846]  f2fs_write_end_io+0x886/0xb60
[  142.524860][ T5846]  __submit_merged_bio+0x27a/0x6a0
[  142.524888][ T5846]  __submit_merged_write_cond+0x255/0x530
[  142.524902][ T5846]  f2fs_write_data_pages+0x261d/0x3000
[  142.524918][ T5846]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  142.524931][ T5846]  ? kernel_text_address+0xa5/0xe0
[  142.524945][ T5846]  ? stack_depot_save_flags+0x40/0x860
[  142.524958][ T5846]  ? cleanup_mnt+0x425/0x4c0
[  142.524965][ T5846]  ? task_work_run+0x1d4/0x260
[  142.524973][ T5846]  ? exit_to_user_mode_loop+0xec/0x110
[  142.524983][ T5846]  ? do_syscall_64+0x2bd/0x3b0
[  142.524993][ T5846]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.525002][ T5846]  ? do_raw_spin_lock+0x121/0x290
[  142.525012][ T5846]  ? do_raw_spin_unlock+0x4d/0x240
[  142.525020][ T5846]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  142.525030][ T5846]  do_writepages+0x32e/0x550
[  142.525040][ T5846]  ? rcu_is_watching+0x15/0xb0
[  142.525048][ T5846]  ? do_raw_spin_unlock+0x4d/0x240
[  142.525056][ T5846]  filemap_fdatawrite+0x199/0x240
[  142.525066][ T5846]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  142.525081][ T5846]  ? rcu_is_watching+0x15/0xb0
[  142.525088][ T5846]  ? do_raw_spin_unlock+0x4d/0x240
[  142.525097][ T5846]  f2fs_sync_dirty_inodes+0x31f/0x830
[  142.525106][ T5846]  f2fs_write_checkpoint+0x95a/0x1df0
[  142.525117][ T5846]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  142.525130][ T5846]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  142.525137][ T5846]  ? kfree+0x18e/0x440
[  142.525146][ T5846]  ? kill_f2fs_super+0x298/0x6c0
[  142.525153][ T5846]  kill_f2fs_super+0x2c3/0x6c0
[  142.525161][ T5846]  ? __pfx_kill_f2fs_super+0x10/0x10
[  142.525167][ T5846]  ? radix_tree_delete_item+0x2b6/0x400
[  142.525177][ T5846]  ? shrinker_free+0x2ce/0x3e0
[  142.525185][ T5846]  deactivate_locked_super+0xbc/0x130
[  142.525193][ T5846]  cleanup_mnt+0x425/0x4c0
[  142.525201][ T5846]  task_work_run+0x1d4/0x260
[  142.525210][ T5846]  ? __pfx_task_work_run+0x10/0x10
[  142.525218][ T5846]  ? __x64_sys_umount+0x122/0x160
[  142.525227][ T5846]  ? __pfx___x64_sys_umount+0x10/0x10
[  142.525236][ T5846]  ? rcu_is_watching+0x15/0xb0
[  142.525243][ T5846]  exit_to_user_mode_loop+0xec/0x110
[  142.525253][ T5846]  do_syscall_64+0x2bd/0x3b0
[  142.525262][ T5846]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.525269][ T5846]  ? exc_page_fault+0x9f/0xf0
[  142.525277][ T5846]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.525284][ T5846] RIP: 0033:0x7f693378ff17
[  142.525291][ T5846] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  142.525300][ T5846] RSP: 002b:00007fffe93699f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  142.525313][ T5846] RAX: 0000000000000000 RBX: 00007f6933811c05 RCX: 00007f693378ff17
[  142.525320][ T5846] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffe9369ab0
[  142.525326][ T5846] RBP: 00007fffe9369ab0 R08: 0000000000000000 R09: 0000000000000000
[  142.525332][ T5846] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffe936ab40
[  142.525339][ T5846] R13: 00007f6933811c05 R14: 0000000000022c04 R15: 00007fffe936ab80
[  142.525352][ T5846]  </TASK>
[  142.525780][ T5846] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  142.925536][ T9161] loop4: detected capacity change from 0 to 1024
[  142.938222][ T9161] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.978301][ T8737] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.024343][ T9168] loop4: detected capacity change from 0 to 16
[  143.040962][ T9168] erofs (device loop4): mounted with root inode @ nid 36.
[  143.075295][ T9172] loop2: detected capacity change from 0 to 256
[  143.086210][ T9172] FAT-fs (loop2): Directory bread(block 64) failed
[  143.088962][ T9172] FAT-fs (loop2): Directory bread(block 65) failed
[  143.091930][ T9172] FAT-fs (loop2): Directory bread(block 66) failed
[  143.094401][ T9172] FAT-fs (loop2): Directory bread(block 67) failed
[  143.097151][ T9172] FAT-fs (loop2): Directory bread(block 68) failed
[  143.100161][ T9172] FAT-fs (loop2): Directory bread(block 69) failed
[  143.119777][ T9172] FAT-fs (loop2): Directory bread(block 70) failed
[  143.125117][ T9172] FAT-fs (loop2): Directory bread(block 71) failed
[  143.127717][ T9172] FAT-fs (loop2): Directory bread(block 72) failed
[  143.130273][ T9172] FAT-fs (loop2): Directory bread(block 73) failed
[  143.217518][ T9174] netlink: 'syz.4.1221': attribute type 10 has an invalid length.
[  143.220171][ T9174] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1221'.
[  143.227483][ T9174] batman_adv: batadv0: Adding interface: virt_wifi0
[  143.229793][ T9174] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  143.237997][ T9174] batman_adv: batadv0: Interface activated: virt_wifi0
[  143.664560][ T9176] loop2: detected capacity change from 0 to 40427
[  143.669275][ T9176] F2FS-fs (loop2): invalid crc value
[  143.703502][ T9176] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  143.706802][ T9176] F2FS-fs (loop2): Start checkpoint disabled!
[  143.710072][ T9176] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  143.740165][   T26] kworker/u9:0: attempt to access beyond end of device
[  143.740165][   T26] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  143.745452][   T26] CPU: 1 UID: 0 PID: 26 Comm: kworker/u9:0 Not tainted syzkaller #0 PREEMPT(full) 
[  143.745464][   T26] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  143.745470][   T26] Workqueue: writeback wb_workfn (flush-7:2)
[  143.745485][   T26] Call Trace:
[  143.745488][   T26]  <TASK>
[  143.745492][   T26]  dump_stack_lvl+0x189/0x250
[  143.745502][   T26]  ? __pfx_dump_stack_lvl+0x10/0x10
[  143.745510][   T26]  ? __pfx_queue_work_on+0x10/0x10
[  143.745518][   T26]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  143.745528][   T26]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  143.745538][   T26]  f2fs_handle_critical_error+0x37c/0x540
[  143.745550][   T26]  f2fs_write_end_io+0x886/0xb60
[  143.745559][   T26]  __submit_merged_bio+0x27a/0x6a0
[  143.745569][   T26]  __submit_merged_write_cond+0x255/0x530
[  143.745579][   T26]  f2fs_write_data_pages+0x261d/0x3000
[  143.745595][   T26]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  143.745614][   T26]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  143.745627][   T26]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  143.745638][   T26]  ? lock_release+0x4b/0x3e0
[  143.745650][   T26]  ? bpf_trace_run4+0x322/0x4a0
[  143.745658][   T26]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  143.745667][   T26]  ? do_raw_spin_lock+0x121/0x290
[  143.745678][   T26]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  143.745688][   T26]  do_writepages+0x32e/0x550
[  143.745700][   T26]  __writeback_single_inode+0x145/0xff0
[  143.745710][   T26]  ? do_raw_spin_unlock+0x4d/0x240
[  143.745718][   T26]  writeback_sb_inodes+0x6c7/0x1010
[  143.745751][   T26]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  143.745769][   T26]  ? rcu_is_watching+0x15/0xb0
[  143.745778][   T26]  wb_writeback+0x43b/0xaf0
[  143.745788][   T26]  ? queue_io+0x301/0x590
[  143.745796][   T26]  ? __pfx_wb_writeback+0x10/0x10
[  143.745806][   T26]  ? rcu_is_watching+0x15/0xb0
[  143.745813][   T26]  wb_workfn+0x409/0xef0
[  143.745822][   T26]  ? __pfx_wb_workfn+0x10/0x10
[  143.745831][   T26]  ? rcu_is_watching+0x15/0xb0
[  143.745838][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[  143.745844][   T26]  ? rcu_is_watching+0x15/0xb0
[  143.745850][   T26]  ? lock_acquire+0x5f/0x360
[  143.745861][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[  143.745867][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[  143.745874][   T26]  process_scheduled_works+0xae1/0x17b0
[  143.745885][   T26]  ? __pfx_process_scheduled_works+0x10/0x10
[  143.745895][   T26]  worker_thread+0x8a0/0xda0
[  143.745906][   T26]  kthread+0x711/0x8a0
[  143.745915][   T26]  ? __pfx_worker_thread+0x10/0x10
[  143.745921][   T26]  ? __pfx_kthread+0x10/0x10
[  143.745929][   T26]  ? _raw_spin_unlock_irq+0x23/0x50
[  143.745938][   T26]  ? lockdep_hardirqs_on+0x9c/0x150
[  143.745946][   T26]  ? __pfx_kthread+0x10/0x10
[  143.745954][   T26]  ret_from_fork+0x3fc/0x770
[  143.745962][   T26]  ? __pfx_ret_from_fork+0x10/0x10
[  143.745970][   T26]  ? __switch_to_asm+0x39/0x70
[  143.745978][   T26]  ? __switch_to_asm+0x33/0x70
[  143.745987][   T26]  ? __pfx_kthread+0x10/0x10
[  143.745995][   T26]  ret_from_fork_asm+0x1a/0x30
[  143.746006][   T26]  </TASK>
[  143.746010][   T26] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  143.982836][ T9182] tmpfs: Bad value for 'size'
[  144.270107][ T9193] loop2: detected capacity change from 0 to 256
[  144.535552][ T9197] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1232'.
[  144.540762][ T9197] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1232'.
[  145.002406][ T9216] loop4: detected capacity change from 0 to 8
[  145.006905][ T9216] SQUASHFS error: xz decompression failed, data probably corrupt
[  145.009543][ T9216] SQUASHFS error: Failed to read block 0x108: -5
[  145.012439][ T9216] SQUASHFS error: Unable to read metadata cache entry [106]
[  145.014841][ T9216] SQUASHFS error: Unable to read inode 0x11f
[  145.113031][ T9220] loop4: detected capacity change from 0 to 16384
[  145.122655][ T9221] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  145.141256][  T793] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[  145.207112][   T33] audit: type=1326 audit(2000524366.555:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9228 comm="syz.4.1246" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b038ebe9 code=0x7ffc0000
[  145.217793][   T33] audit: type=1326 audit(2000524366.555:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9228 comm="syz.4.1246" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b038ebe9 code=0x7ffc0000
[  145.226926][   T33] audit: type=1326 audit(2000524366.565:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9228 comm="syz.4.1246" exe="/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7fa7b038ebe9 code=0x7ffc0000
[  145.235992][   T33] audit: type=1326 audit(2000524366.565:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9228 comm="syz.4.1246" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b038ebe9 code=0x7ffc0000
[  145.246818][   T33] audit: type=1326 audit(2000524366.565:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9228 comm="syz.4.1246" exe="/syz-executor" sig=0 arch=c000003e syscall=306 compat=0 ip=0x7fa7b038ebe9 code=0x7ffc0000
[  145.255788][   T33] audit: type=1326 audit(2000524366.565:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9228 comm="syz.4.1246" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7b038ebe9 code=0x7ffc0000
[  145.293808][  T793] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  145.298153][  T793] usb 4-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  145.302308][  T793] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.307933][  T793] usb 4-1: config 0 descriptor??
[  145.310350][ T9210] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  145.455956][ T9238] loop2: detected capacity change from 0 to 1024
[  145.459448][ T9238] EXT4-fs: Ignoring removed orlov option
[  145.477990][ T9238] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.510223][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.631344][   T24] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  145.642994][ T9253] loop2: detected capacity change from 0 to 1024
[  145.648759][ T9253] hfsplus: bad catalog entry type
[  145.658792][   T27] hfsplus: b-tree write err: -5, ino 4
[  145.675749][ T9255] syz_tun: entered promiscuous mode
[  145.679270][ T9255] syz_tun: left promiscuous mode
[  145.717412][  T793] elan 0003:04F3:0755.0005: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.3-1/input0
[  145.784378][   T24] usb 5-1: Using ep0 maxpacket: 16
[  145.787840][   T24] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  145.791439][   T24] usb 5-1: config 0 has no interface number 0
[  145.795804][   T24] usb 5-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  145.800561][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.806286][   T24] usb 5-1: Product: syz
[  145.808059][   T24] usb 5-1: Manufacturer: syz
[  145.809983][   T24] usb 5-1: SerialNumber: syz
[  145.813359][   T24] usb 5-1: config 0 descriptor??
[  145.825259][   T24] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  145.988944][ T5892] usb 4-1: USB disconnect, device number 9
[  146.513821][ T9266] loop3: detected capacity change from 0 to 8
[  146.519938][ T9266] SQUASHFS error: xz decompression failed, data probably corrupt
[  146.523322][ T9266] SQUASHFS error: Failed to read block 0x108: -5
[  146.525963][ T9266] SQUASHFS error: Unable to read metadata cache entry [106]
[  146.528943][ T9266] SQUASHFS error: Unable to read inode 0x0
[  147.252661][   T24] gspca_spca1528: reg_w err -71
[  147.254933][   T24] spca1528 5-1:0.1: probe with driver spca1528 failed with error -71
[  147.259313][   T24] usb 5-1: USB disconnect, device number 3
[  147.609799][ T9283] loop3: detected capacity change from 0 to 1024
[  147.639389][ T1089] hfsplus: b-tree write err: -5, ino 4
[  147.839572][ T9305] loop4: detected capacity change from 0 to 512
[  147.856750][ T9305] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.862458][ T9305] ext4 filesystem being mounted at /81/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  147.895658][ T8737] VFS: Lookup of '' in ext4 loop4 would have caused loop
[  147.898794][ T8737] VFS: Lookup of '' in ext4 loop4 would have caused loop
[  147.921016][ T8954] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.563844][ T5843] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  148.567317][ T5843] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  148.570184][ T5843] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  148.574543][ T5843] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  148.578568][ T5843] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  148.861497][ T9316] chnl_net:caif_netlink_parms(): no params data found
[  148.884995][ T9311] comedi comedi2: reset error (fatal)
[  149.010357][ T9325] loop3: detected capacity change from 0 to 8
[  149.015654][ T9316] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.016456][ T9325] SQUASHFS error: zlib decompression failed, data probably corrupt
[  149.018728][ T9316] bridge0: port 1(bridge_slave_0) entered disabled state
[  149.022850][ T9325] SQUASHFS error: Failed to read block 0x9b: -5
[  149.025170][ T9316] bridge_slave_0: entered allmulticast mode
[  149.027643][ T9325] SQUASHFS error: Unable to read metadata cache entry [99]
[  149.031376][ T9316] bridge_slave_0: entered promiscuous mode
[  149.036223][ T9325] SQUASHFS error: Unable to read inode 0x127
[  149.037328][ T9316] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.043258][ T9316] bridge0: port 2(bridge_slave_1) entered disabled state
[  149.046411][ T9316] bridge_slave_1: entered allmulticast mode
[  149.050557][ T9316] bridge_slave_1: entered promiscuous mode
[  149.081991][ T9316] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  149.088922][ T9316] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  149.207399][ T9316] team0: Port device team_slave_0 added
[  149.219125][ T9316] team0: Port device team_slave_1 added
[  149.257349][ T9316] batman_adv: batadv0: Adding interface: batadv_slave_0
[  149.260457][ T9316] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  149.273341][ T9316] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  149.278288][ T9316] batman_adv: batadv0: Adding interface: batadv_slave_1
[  149.282655][ T9316] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  149.292126][ T9316] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  149.457608][ T9316] hsr_slave_0: entered promiscuous mode
[  149.460027][ T9316] hsr_slave_1: entered promiscuous mode
[  149.462638][ T9316] debugfs: 'hsr0' already exists in 'hsr'
[  149.467405][ T9316] Cannot create hsr debugfs directory
[  149.519464][ T9316] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  149.524072][ T9316] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  149.528577][ T9316] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  149.533316][ T9316] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  149.545545][ T9316] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.548172][ T9316] bridge0: port 2(bridge_slave_1) entered forwarding state
[  149.550572][ T9316] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.553479][ T9316] bridge0: port 1(bridge_slave_0) entered forwarding state
[  149.572862][ T9316] 8021q: adding VLAN 0 to HW filter on device bond0
[  149.580135][ T1089] bridge0: port 1(bridge_slave_0) entered disabled state
[  149.584391][ T1089] bridge0: port 2(bridge_slave_1) entered disabled state
[  149.591238][ T9316] 8021q: adding VLAN 0 to HW filter on device team0
[  149.596401][ T1089] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.598825][ T1089] bridge0: port 1(bridge_slave_0) entered forwarding state
[  149.608069][ T1089] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.610916][ T1089] bridge0: port 2(bridge_slave_1) entered forwarding state
[  149.640335][ T9331] loop2: detected capacity change from 0 to 32768
[  149.679103][ T9316] 8021q: adding VLAN 0 to HW filter on device batadv0
[  149.767289][ T9316] veth0_vlan: entered promiscuous mode
[  149.773215][ T9316] veth1_vlan: entered promiscuous mode
[  149.787915][ T9316] veth0_macvtap: entered promiscuous mode
[  149.794892][ T9316] veth1_macvtap: entered promiscuous mode
[  149.807598][ T9316] batman_adv: batadv0: Interface activated: batadv_slave_0
[  149.819164][ T9316] batman_adv: batadv0: Interface activated: batadv_slave_1
[  149.830367][ T5906] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  149.837336][ T5906] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  149.843780][ T5906] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  149.847635][ T5906] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  150.148975][ T6611] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  150.152164][ T6611] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  150.166966][   T26] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  150.170145][   T26] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  150.642997][   T55] Bluetooth: hci0: command tx timeout
[  150.673906][ T9370] loop2: detected capacity change from 0 to 1024
[  150.697391][ T9370] hfsplus: keylen 65060 too large
[  150.700294][ T9370] hfsplus: xattr searching failed
[  151.440149][ T9372] loop2: detected capacity change from 0 to 32768
[  151.477069][ T9372] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  151.550507][ T9372] XFS (loop2): Ending clean mount
[  151.610513][ T5846] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  151.708910][ T9382] loop5: detected capacity change from 0 to 2048
[  151.714737][ T9383] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  151.725179][ T9383] NILFS (loop5): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  151.729575][ T9383] NILFS error (device loop5): nilfs_bmap_propagate: broken bmap (inode number=4)
[  151.734930][ T9383] Remounting filesystem read-only
[  151.736424][ T9385] loop2: detected capacity change from 0 to 512
[  151.740936][ T9385] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  151.745211][ T9385] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  151.749996][ T9316] NILFS (loop5): disposed unprocessed dirty file(s) when stopping log writer
[  151.754318][ T9385] EXT4-fs (loop2): orphan cleanup on readonly fs
[  151.756955][ T9385] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.1296: bad orphan inode 15
[  151.760459][ T9385] ext4_test_bit(bit=14, block=18) = 1
[  151.762787][ T9385] is_bad_inode(inode)=0
[  151.764114][ T9385] NEXT_ORPHAN(inode)=1023
[  151.765580][ T9385] max_ino=32
[  151.766724][ T9385] i_nlink=0
[  151.767977][ T9385] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2962: inode #15: comm syz.2.1296: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  151.773608][ T9385] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117)
[  151.776793][ T9385] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  151.789833][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.301302][  T793] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  152.461318][  T793] usb 3-1: Using ep0 maxpacket: 16
[  152.465749][  T793] usb 3-1: unable to get BOS descriptor or descriptor too short
[  152.470068][  T793] usb 3-1: config 5 has an invalid interface number: 29 but max is 0
[  152.473549][  T793] usb 3-1: config 5 has no interface number 0
[  152.476213][  T793] usb 3-1: config 5 interface 29 has no altsetting 0
[  152.481689][  T793] usb 3-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=90.00
[  152.484782][  T793] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  152.487443][  T793] usb 3-1: Product: syz
[  152.488848][  T793] usb 3-1: Manufacturer: syz
[  152.490872][  T793] usb 3-1: SerialNumber: syz
[  152.731382][   T55] Bluetooth: hci0: command tx timeout
[  152.743076][  T793] usb 3-1: Found UVC 0.00 device syz (05ac:8501)
[  152.746122][  T793] usb 3-1: No valid video chain found.
[  152.749394][  T793] usb 3-1: USB disconnect, device number 13
[  152.758078][ T9397] loop5: detected capacity change from 0 to 1764
[  152.762250][ T9397] isofs_fill_super: get root inode failed
[  152.820407][ T9401] loop5: detected capacity change from 0 to 128
[  152.824698][ T9401] EXT4-fs (loop5): Test dummy encryption mode enabled
[  152.829667][ T9401] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  152.835207][ T9401] ext4 filesystem being mounted at /7/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  152.860410][ T9316] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  153.222390][ T9421] netlink: 5 bytes leftover after parsing attributes in process `syz.2.1312'.
[  153.241571][  T793] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  153.319210][ T9419] loop3: detected capacity change from 0 to 40427
[  153.322802][ T9419] F2FS-fs (loop3): Corrupted extension count (64 + 1 > 64)
[  153.325502][ T9419] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  153.343253][ T9419] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  153.350257][ T9419] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  153.353615][ T9419] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  153.421234][  T793] usb 6-1: Using ep0 maxpacket: 8
[  153.425907][  T793] usb 6-1: config 179 has an invalid interface number: 65 but max is 0
[  153.429445][  T793] usb 6-1: config 179 has no interface number 0
[  153.434222][  T793] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  153.439028][  T793] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  153.444812][  T793] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  153.448858][  T793] usb 6-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  153.472718][  T793] usb 6-1: config 179 interface 65 has no altsetting 0
[  153.480917][  T793] usb 6-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  153.496942][  T793] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  153.724594][ T9433] binder: binder_mmap: 9432 200000ffb000-200000ffd000 bad vm_flags failed -1
[  153.763095][  T793] usb 6-1: USB disconnect, device number 2
[  153.907715][ T9437] loop3: detected capacity change from 0 to 32768
[  153.911362][ T9437] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1317 (9437)
[  153.918283][ T9437] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  153.922692][ T9437] BTRFS info (device loop3): using crc32c (crc32c-lib) checksum algorithm
[  153.937458][ T9437] BTRFS info (device loop3): rebuilding free space tree
[  153.943777][ T9437] BTRFS info (device loop3): allowing degraded mounts
[  153.946764][ T9437] BTRFS info (device loop3): enabling ssd optimizations
[  153.949802][ T9437] BTRFS info (device loop3): enabling free space tree
[  153.952860][ T9437] BTRFS info (device loop3): force clearing of disk cache
[  153.955972][ T9437] BTRFS info (device loop3): use zstd compression, level 3
[  153.959147][ T9437] BTRFS info (device loop3): max_inline set to 0
[  153.984198][ T7615] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  154.202550][ T9468] loop3: detected capacity change from 0 to 512
[  154.214686][ T9468] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  154.220050][ T9468] ext4 filesystem being mounted at /229/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  154.253043][ T7615] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  154.468843][ T9490] input: syz0 as /devices/virtual/input/input13
[  154.511331][   T24] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  154.661301][   T24] usb 4-1: Using ep0 maxpacket: 32
[  154.670256][   T24] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  154.679258][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.773690][   T24] usb 4-1: config 0 descriptor??
[  154.801947][   T55] Bluetooth: hci0: command tx timeout
[  154.979143][   T24] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  154.983560][   T24] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  154.988149][   T24] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  154.991796][   T24] usb 4-1: media controller created
[  155.002540][   T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  155.125915][ T9496] loop2: detected capacity change from 0 to 32768
[  155.140526][ T9496] XFS (loop2): DAX unsupported by block device. Turning off DAX.
[  155.143602][ T9496] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  155.161463][ T9496] XFS (loop2): Ending clean mount
[  155.163821][ T9496] XFS (loop2): Quotacheck needed: Please wait.
[  155.168059][ T9496] XFS (loop2): Quotacheck: Done.
[  155.180925][   T24] az6027: usb out operation failed. (-71)
[  155.184228][ T5846] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  155.186981][   T24] az6027: usb out operation failed. (-71)
[  155.192288][   T24] stb0899_attach: Driver disabled by Kconfig
[  155.194926][   T24] az6027: no front-end attached
[  155.194926][   T24] 
[  155.198234][   T24] az6027: usb out operation failed. (-71)
[  155.200764][   T24] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  155.204939][   T24] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input14
[  155.210563][   T24] dvb-usb: schedule remote query interval to 400 msecs.
[  155.213754][   T24] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  155.218197][   T24] usb 4-1: USB disconnect, device number 10
[  155.233108][   T24] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  155.364441][ T9510] vlan2: entered promiscuous mode
[  155.366248][ T9510] vlan2: entered allmulticast mode
[  155.368192][ T9510] hsr_slave_1: entered allmulticast mode
[  155.379744][ T9510] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1339'.
[  155.502976][ T9512] loop5: detected capacity change from 0 to 32768
[  155.508566][ T9512] ocfs2: Slot 0 on device (7,5) was already allocated to this node!
[  155.514475][ T9512] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  155.538511][ T9316] ocfs2: Unmounting device (7,5) on (node local)
[  155.781277][ T9520] block nbd1: server does not support multiple connections per device.
[  155.784940][ T9520] block nbd1: shutting down sockets
[  155.876412][ T9530] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1348'.
[  155.947439][ T9538] loop3: detected capacity change from 0 to 256
[  155.950004][ T9538] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  155.960665][ T9538] FAT-fs (loop3): Directory bread(block 64) failed
[  155.964720][ T9538] FAT-fs (loop3): Directory bread(block 65) failed
[  155.966974][ T9538] FAT-fs (loop3): Directory bread(block 66) failed
[  155.969218][ T9538] FAT-fs (loop3): Directory bread(block 67) failed
[  155.971780][ T9538] FAT-fs (loop3): Directory bread(block 68) failed
[  155.973986][ T9538] FAT-fs (loop3): Directory bread(block 69) failed
[  155.976133][ T9538] FAT-fs (loop3): Directory bread(block 70) failed
[  155.978321][ T9538] FAT-fs (loop3): Directory bread(block 71) failed
[  155.980554][ T9538] FAT-fs (loop3): Directory bread(block 72) failed
[  155.983410][ T9538] FAT-fs (loop3): Directory bread(block 73) failed
[  156.070945][ T9541] befs: (nullb0): No write support. Marking filesystem read-only
[  156.074463][ T9541] befs: (nullb0): invalid magic header
[  156.669488][ T9554] program syz.2.1359 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  156.882299][   T55] Bluetooth: hci0: command tx timeout
[  157.418365][ T1272] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  157.429981][ T1272] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  157.612569][ T9575] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1366'.
[  157.619826][ T9571] loop2: detected capacity change from 0 to 8192
[  157.622926][ T9574] loop3: detected capacity change from 0 to 8
[  157.734533][ T9588] block device autoloading is deprecated and will be removed.
[  157.773959][ T9594] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1376'.
[  157.777573][ T9594] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1376'.
[  157.934929][ T9610] loop5: detected capacity change from 0 to 512
[  157.983397][ T9600] loop2: detected capacity change from 0 to 32768
[  157.986716][ T9600] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1378 (9600)
[  158.000304][ T9600] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  158.004739][ T9616] netlink: 'syz.5.1386': attribute type 1 has an invalid length.
[  158.008422][ T9616] netlink: 244 bytes leftover after parsing attributes in process `syz.5.1386'.
[  158.010629][ T9600] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[  158.013127][ T9616] NCSI netlink: No device for ifindex 0
[  158.027149][ T9600] BTRFS info (device loop2): rebuilding free space tree
[  158.038464][ T9600] BTRFS info (device loop2): disabling free space tree
[  158.040993][ T9600] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  158.045351][ T9600] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  158.050748][ T9600] BTRFS info (device loop2): setting nodatasum
[  158.053556][ T9600] BTRFS info (device loop2): allowing degraded mounts
[  158.056351][ T9600] BTRFS info (device loop2): enabling ssd optimizations
[  158.059245][ T9600] BTRFS info (device loop2): force clearing of disk cache
[  158.063367][ T9600] BTRFS info (device loop2): force zlib compression, level 3
[  158.079797][ T9600] capability: warning: `syz.2.1378' uses 32-bit capabilities (legacy support in use)
[  158.107336][ T5846] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  158.886737][ T9652] loop2: detected capacity change from 0 to 32768
[  158.926688][   T33] audit: type=1800 audit(2000524380.275:93): pid=9652 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1395" name="file1" dev="loop2" ino=4 res=0 errno=0
[  159.183539][ T9652] ERROR: (device loop2): dbAdjCtl: the maximum free buddy is not the old root
[  159.183539][ T9652] 
[  159.187704][ T9652] ERROR: (device loop2): remounting filesystem as read-only
[  159.280166][ T5846] ------------[ cut here ]------------
[  159.283053][ T5846] kernel BUG at fs/jfs/inode.c:169!
[  159.285450][ T5846] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[  159.288552][ T5846] CPU: 0 UID: 0 PID: 5846 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  159.292569][ T5846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  159.296634][ T5846] RIP: 0010:jfs_evict_inode+0x438/0x440
[  159.298907][ T5846] Code: fe e9 e0 fd ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 23 fe ff ff 4c 89 f7 e8 f3 75 e8 fe e9 16 fe ff ff e8 89 0c 85 fe 90 <0f> 0b 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  159.306527][ T5846] RSP: 0018:ffffc900039bfae0 EFLAGS: 00010293
[  159.309038][ T5846] RAX: ffffffff833a9ea7 RBX: ffff88802bd41fd8 RCX: ffff888107ac8000
[  159.312187][ T5846] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88802bd41fd8
[  159.315408][ T5846] RBP: 0000000000000001 R08: ffffffff8fa38337 R09: 1ffffffff1f47066
[  159.318603][ T5846] R10: dffffc0000000000 R11: ffffffff833a7ba0 R12: dffffc0000000000
[  159.321816][ T5846] R13: dffffc0000000000 R14: ffff88802bd41c60 R15: ffffffff833a9a70
[  159.325014][ T5846] FS:  00005555732a1500(0000) GS:ffff8880b861b000(0000) knlGS:0000000000000000
[  159.328626][ T5846] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  159.331313][ T5846] CR2: 00005555732bc5c8 CR3: 0000000012400000 CR4: 00000000000006f0
[  159.334525][ T5846] Call Trace:
[  159.335932][ T5846]  <TASK>
[  159.337170][ T5846]  ? evict+0x4f8/0x9c0
[  159.338843][ T5846]  ? __pfx_jfs_evict_inode+0x10/0x10
[  159.340960][ T5846]  evict+0x504/0x9c0
[  159.342599][ T5846]  ? __pfx_evict+0x10/0x10
[  159.344437][ T5846]  ? rcu_is_watching+0x15/0xb0
[  159.346374][ T5846]  ? do_raw_spin_unlock+0x4d/0x240
[  159.348429][ T5846]  evict_inodes+0x64c/0x6d0
[  159.350293][ T5846]  ? __pfx_evict_inodes+0x10/0x10
[  159.352316][ T5846]  generic_shutdown_super+0x9a/0x2c0
[  159.354427][ T5846]  kill_block_super+0x44/0x90
[  159.356334][ T5846]  deactivate_locked_super+0xbc/0x130
[  159.358494][ T5846]  cleanup_mnt+0x425/0x4c0
[  159.360255][ T5846]  task_work_run+0x1d4/0x260
[  159.362082][ T5846]  ? __pfx_task_work_run+0x10/0x10
[  159.364179][ T5846]  ? __x64_sys_umount+0x122/0x160
[  159.366234][ T5846]  ? __pfx___x64_sys_umount+0x10/0x10
[  159.368412][ T5846]  ? rcu_is_watching+0x15/0xb0
[  159.370422][ T5846]  exit_to_user_mode_loop+0xec/0x110
[  159.372597][ T5846]  do_syscall_64+0x2bd/0x3b0
[  159.374488][ T5846]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.376932][ T5846]  ? exc_page_fault+0x9f/0xf0
[  159.378816][ T5846]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.381130][ T5846] RIP: 0033:0x7f693378ff17
[  159.382957][ T5846] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  159.390777][ T5846] RSP: 002b:00007fffe93699f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  159.394158][ T5846] RAX: 0000000000000000 RBX: 00007f6933811c05 RCX: 00007f693378ff17
[  159.397407][ T5846] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffe9369ab0
[  159.400635][ T5846] RBP: 00007fffe9369ab0 R08: 0000000000000000 R09: 0000000000000000
[  159.403806][ T5846] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffe936ab40
[  159.407038][ T5846] R13: 00007f6933811c05 R14: 0000000000026d89 R15: 00007fffe936ab80
[  159.410209][ T5846]  </TASK>
[  159.411499][ T5846] Modules linked in:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  159.413767][ T5846] ---[ end trace 0000000000000000 ]---
[  159.421842][ T5846] RIP: 0010:jfs_evict_inode+0x438/0x440
[  159.424147][ T5846] Code: fe e9 e0 fd ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 23 fe ff ff 4c 89 f7 e8 f3 75 e8 fe e9 16 fe ff ff e8 89 0c 85 fe 90 <0f> 0b 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  159.434103][ T5846] RSP: 0018:ffffc900039bfae0 EFLAGS: 00010293
[  159.436598][ T5846] RAX: ffffffff833a9ea7 RBX: ffff88802bd41fd8 RCX: ffff888107ac8000
[  159.439772][ T5846] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88802bd41fd8
[  159.443763][ T5846] RBP: 0000000000000001 R08: ffffffff8fa38337 R09: 1ffffffff1f47066
[  159.447032][ T5846] R10: dffffc0000000000 R11: ffffffff833a7ba0 R12: dffffc0000000000
[  159.450306][ T5846] R13: dffffc0000000000 R14: ffff88802bd41c60 R15: ffffffff833a9a70
[  159.454655][ T5846] FS:  00005555732a1500(0000) GS:ffff8880b861b000(0000) knlGS:0000000000000000
[  159.475119][ T5846] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  159.478025][ T5846] CR2: 00005555732bc5c8 CR3: 0000000012400000 CR4: 00000000000006f0
[  159.481502][ T5846] Kernel panic - not syncing: Fatal exception
[  159.484767][ T5846] Kernel Offset: disabled
[  159.486510][ T5846] Rebooting in 86400 seconds..

VM DIAGNOSIS:
19:50:59  Registers:
info registers vcpu 0

CPU#0
RAX=1ffffffff33bde60 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=0000000000000000 RDI=0000000000000020 RBP=ffffffff99def670 RSP=ffffc900039bf1d0
R8 =ffff8881063c0237 R9 =1ffff11020c78046 R10=dffffc0000000000 R11=ffffffff854f1bf0
R12=dffffc0000000000 R13=0000000000000000 R14=ffffffff99def3e0 R15=0000000000000000
RIP=ffffffff854f1c67 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00005555732a1500 ffffffff 00c00000
GS =0000 ffff8880b861b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00005555732bc5c8 CR3=0000000012400000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 ff000000000000ff XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=7712c53e93b9f1e8 728370bf3cb3486e
XMM06=63e772d7f3a22482 dabb339f3c035440 XMM07=bd0dad416e16bee6 46815929601aad29
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f6933812fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000004 RBX=0000000000000440 RCX=ffffffff99aba303 RDX=0000000000000000
RSI=0000000000111ecd RDI=0000000000000001 RBP=ffffc90007147650 RSP=ffffc900071472f8
R8 =ffffea000447b347 R9 =1ffffd400088f668 R10=dffffc0000000000 R11=fffff9400088f669
R12=dffffc0000000000 R13=1ffffd400088f66b R14=0000000000111ecd R15=dffffc0000000000
RIP=ffffffff818ffcf6 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c1b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000000110c2ae86e CR3=000000000df36000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=00007f5a2e987498 00007f5a2e987470 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=00007f5a2e987478 00007f5a2e9874c0
XMM06=00007f5a2e9874b8 00007f5a2e9874b0 XMM07=00007f5a2e9874a8 00007f5a2e9874a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f5a2e812fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
