last executing test programs:

5m35.474475585s ago: executing program 2 (id=740):
r0 = socket(0xa, 0x3, 0x3a)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000300)={'syz_tun\x00', &(0x7f0000000340)=@ethtool_eeprom={0x2f, 0xb0}})

5m35.474240194s ago: executing program 2 (id=741):
r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0)
mmap$usbmon(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x0, 0x13, r0, 0x0)
ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x6a1e)

5m35.343649094s ago: executing program 2 (id=744):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x1d4, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x1}, {0x0, 0x1}, {0x0, 0xb}}, [@filter_kind_options=@f_flower={{0xb}, {0x54, 0x2, [@TCA_FLOWER_KEY_CVLAN_ID={0x6, 0x4d, 0xfa7}, @TCA_FLOWER_KEY_ETH_DST={0xa}, @TCA_FLOWER_KEY_ICMPV4_CODE_MASK={0x5}, @TCA_FLOWER_KEY_ARP_SIP_MASK={0x8, 0x3a, 0xffffffff}, @TCA_FLOWER_KEY_IPV6_SRC_MASK={0x14, 0xf, [0xff000000, 0x0, 0xffffffff, 0xffffff00]}, @TCA_FLOWER_KEY_UDP_DST_MASK={0x6}, @TCA_FLOWER_KEY_ICMPV6_TYPE={0x5}, @TCA_FLOWER_KEY_MPLS_LABEL={0x8, 0x46, 0xa1}]}}, @TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_bpf={{0x8}, {0x140, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_ACT={0x34, 0x1, [@m_skbmod={0x30, 0xa, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x5, 0x1}}}}]}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x3}, @TCA_BPF_ACT={0xf8, 0x1, [@m_ctinfo={0xf4, 0x19, 0x0, 0x0, {{0xb}, {0x4}, {0xc5, 0x6, "ed5c1eb99390e7d0a8730c2f4ad7eab8a255351b763e5585c30ef05596ff09fd3ea6975074d4baa7805a08bfdd7f7fa2634cbcdbba1c88eea89d70023a7b9d8d2a94daf79fa1e5bffdc60fbea174f1aa7372acb7f356da638e68d8cc0dfa35b1ef1879e8526f439300c841829ae601a7811d02b21fcc5aaa7951b03466f8a1800a4b912630d3eb9f282786ef340f4e3cb08280f71f4ee2941ec13001a2c7884372e6ba0fb2f0aaa4766f88f4e7f768d299cf02a379f46bdc6682f28a257745a6d3"}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}]}]}}]}, 0x1d4}, 0x1, 0x0, 0x0, 0x81}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

5m35.143663801s ago: executing program 2 (id=746):
syz_mount_image$iso9660(&(0x7f0000000380), &(0x7f00000000c0)='./file0\x00', 0x60000a, &(0x7f0000000980)={[{@map_off}, {@check_strict}, {@map_off}, {@gid}, {@unhide}, {@hide}, {@utf8}, {@mode={'mode', 0x3d, 0x483}}]}, 0xff, 0x544, &(0x7f0000001000)="$eJzs3V9v01YfwPGfS/sQ5ZGqRw8TQlWBQ9mkIpXgJBAUceU5J+mBxI5sB7VXqKIpqkhhokxae8O4YZu0vQh2uRexd4T2EjbZTvqHJjHQv6u+nwjOiX3s8zup5Z/cxscCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADEcmu2XbSkabzOkhrNrQV+a/dtf+sDC+TWvmJMvyJW/E9yObmSLrry1e7qy/F/czKbvpuVXFzkZPu/l//34NLkxGD7MQF/lt+/cE+bW9vPV3q97qujCuQMunpx9LqG9kzom5bT0MqEvqpWKvadxXqo6qapw+Uw0i3lBtqJ/EDNu7dUsVotK11Y9jteo+Y09WDh/dsl266oh4W2doLQ9+48LITuomk2jddI2sSr4zb34wPxkYlUpJ2WUmvrvW45awBxo+KnNCplNSrZpVKxWCoVK/eq9+7b9uSBBfZH5ECLozto8e90hGdv4HAm+vlfmmLEk44siRr6cqUmgfjSGrG+b5D/v7mjx/a7N/8PsvyV3dUzkuT/a+m7a6Py/4hYTu61KVuyLc9lRXrSk668OvWITvbVEC2eGAnFFyMtcZIlqr9ESVUqUhFbnsii1CUUJXUx0hQtoSxLKJHo5IhyJRAtjkTiSyBK5sWVW6KkKFWpSlmUaCnIsvjSEU8aUhMn2cuarCefe1mUNSrGnUbFkcPID467rpTGjJb8j8M70vM3cBh/D/I/AAAAAAA4t6zkt+/x9f+UXE1qddPU9mmHBQAAAAAAjlDyl//ZuJiKa1fF4vofAAAAAIDzxkrusbNEJC/X09qaWMntUvwSAAAAAACAcyL5+/+1uEjmQLku1s50KVz/AwAAAABwTvycOcd+2L5o/fmXBMGU9ba99LW1kczN62xcSLe78PEeo/qMNd3fSVJU0mJy0tWzVi5ttDMJ5od+sZYVh7UbgLMTwI+fE8ClSflVbqRtbqym5epgTdpLvm6auuD6zQdFcZzpiUgvRd+/WP9BkuH/4rWmrZys97qFpy97q0ksb+O9vN3oT6B4YB7FMbG8TuZbSO65GDriqeRGjH6/eUvW1ntde+/4J9LNJ/b3+GZ6TJ/vZC5tNdef8Ta/f/y5uM9iYdTo+1EUDznyd3IzbXNz/mZaDImilBVFaW8Uwz+Lw0dRzoqifMgoAOC0rGVkIUsO5N0vOMt9WXaXz8zu72Q+bTM/k5xYJ2eGnNHtrDO6fcjs9seBZyCNyrFxv799lFXfxxu8H9lv2CxZ8Ud44fXGd3J5c2v79vrGyrPus+6LUqlcse/a9r2STCXD6BfkHgDAEHufsWMNzf+ZT+Gx7mZcVf9/5ysFBXkqL6Unq7KQ3G2QfONg6F7ze76GsJBx1ZpP0mT6hJeFMVd1/0nuchjstzS27f4YyifwkwAA4OTMZeThT8n/CxnX3ftz+fir4/yep7UBAIDjoYMPVj76yQoC035SrFaLTrSoVeC7j1Rgag2tjBfpwF10vIZW7cCPfNdvxpXHpqZDFXbabT+IVN0PVNsPzVIyfaDqP/o91C3Hi4wbtpvaCbVyfS9y3EjVTOiqdufbpgkXdZBsHLa1a+rGdSLjeyr0O4GrC0qFWu9paGrai0zdxFVPtQPTcoKceuw3Oy2tajp0A9OO/HSHg76MV/eDVrLbwml/2AAAnBGbW9vPV3q97qtjrAztOHfiQwUAAH0ZWRoAAAAAAAAAAAAAAAAAAAAAAJwBJ3H/H5VzXhlMBX1W4qFyBJXMU8ebYz85AThW/wQAAP//rVVPjw==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000002cc0)={0x2020}, 0x2020)

5m34.975039327s ago: executing program 2 (id=748):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000140)={'dummy0\x00', &(0x7f0000000280)=@ethtool_link_settings={0x1d, 0x9f2, 0xe7, 0x3, 0x2, 0xb1, 0x8, 0x5, 0x4, 0xe, [0xfffffffe, 0x2, 0x6, 0x3, 0x6, 0x6, 0x200, 0xd]}})

5m34.613776207s ago: executing program 2 (id=756):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'geneve1\x00', <r1=>0x0})
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001540)=@newqdisc={0x40, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0x0, 0xb, 0x2}}}}]}, 0x40}}, 0xc0)

5m34.51568562s ago: executing program 32 (id=756):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'geneve1\x00', <r1=>0x0})
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001540)=@newqdisc={0x40, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0x0, 0xb, 0x2}}}}]}, 0x40}}, 0xc0)

5m9.676485951s ago: executing program 0 (id=1083):
mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_SEND_PRIO(r0, 0x6b, 0x3, &(0x7f0000000380)=0x5, 0x4)

5m9.676320786s ago: executing program 0 (id=1084):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x13, &(0x7f0000000000), 0x4)

5m9.603107071s ago: executing program 0 (id=1086):
socket(0x3f, 0x2, 0x8000)

5m9.602488345s ago: executing program 0 (id=1088):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x808003, &(0x7f0000000000), 0x3, 0x4fc, &(0x7f0000001500)="$eJzs3c9vG1kdAPDvOHFIdlOSBQ7LSuxGiFV3BbWTDbuNOLRFQnCqBJR7CIkTRXHiKHbaJqpQKs4ICSFAcIETFyT+ACTUPwEhVYJ7hRCogrYcOBSMxh63wdhJqtpx6nw+0uu8efPj+32uPPabmXgCOLdmIuJaRIxExPsRMZW157ISB82Srvf40Z3ltCRRr9/4exJJ1tbaV5JNX882G4+Ib34t4jtJ0mw4pLq3v7FULpd2svlibXO7WN3bv7S+ubRWWittzc/PfbRweeHDhdme9fXKV/7y4x/86qtXfveFWw8W//bed9N8J7Nlh/vRS83XJN94LVpGI2KnH8EGYCTrT/4kKyf9zwcAgKOl3/E/ERGfjYgnPxt0NgAAAEA/1K9OxtMkog4AAAAMrVzjHtgkV8juBZiMXK5QaN7D+6m4GuVKtfb51cru1krzXtnpyOdW18ul2exe4enIJ+n8XKP+fP6Dtvn5iHgjIn40NdGYLyxXyiuDPvkBAAAA50Q6zp/MNevp5J9TzfE/AAAAMGSmB50AAAAA0HfG/wAAADD8/n/8P9OcJKOnnwwAAADQa1+/fj0t9dbzr1du7u1uVG5eWilVNwqbu8uF5crOdmGtUllr/Gbf5nH7K1cq21+Mrd3bxVqpWitW9/YXNyu7W7XFxnO9F0snek40AAAA0FNvvHPvT0lEHHxpolFSY9kyY3UYbrkXWz3pVx7A6RsZdALAwLjBF84v73/guIH9+CnlAQAA9M/FTz+7/j8Rh67/X3jg+j8Muxe8/g8MEdf/4fxqu/73ixNt9LTen2SAU2WMDxx3HqDr9f/f9z4XAACgPyYbJckVsjHAZORyhULEhcZjAfLJ6nq5NBsRH4+IP07lP5bOzw06aQAAAAAAAAAAAAAAAAAAAAAAAAB4xdTrSdQBAACAoRaR+2sSEUmMR0x9brL9/MBY8q+pxjQibv38xk9uL9VqO3Np+z+etdd+mrV/MIgzGAAAAEC71ji9NY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF56/OjOcqscan6333EffjkipjvFH43xxnQ88hHx2pMkRg9tl0TESA/iH9yNiDc7xU/StGI6y6I9fi4iJgYc//UexIfz7F56/LnW6f2Xi5nGtPP7bzQrL+vhTLfjX+7Z8W+ky/HvwjH7Hsumb93/TbFr/LsRb412Pv604o+95PH329/a3++2rP7LiIsdP3+S/4lVrG1uF6t7+5fWN5fWSmulrfn5uY8WLi98uDBbXF0vl7J/O8b44Wd++5+j+v9al/jTWf+T9v4nzZzq9c77fKdt/t/3bz/6ZKcVk4iH38/qHf7/3+wWP3vt380+B9LlF1v1g2b9sLd//Ye3j+r/Spf+jx8RP217r9tO27z/je/9uVnLn3ALAKCfqnv7G0vlcmnnVa+knTkDafSwMnM20hj2SmsUdVbyOSuVwR6XAACA3nv+pX/QmQAAAAAAAAAAAAAAAAAAAMD51fr7/9ZvOffj58QOxxtvVZLk1PsKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCU/wYAAP//VsvQDw==")
r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
write$binfmt_register(r0, &(0x7f0000000000)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x7, 0x3a, 'M', 0x3a, 'M', 0x3a, './file2', 0x3a, [0x46]}, 0x2a)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f0000000f80)=ANY=[], 0xb, 0x0, &(0x7f0000000000))

5m9.450051307s ago: executing program 0 (id=1092):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000040)={0x8, @sliced={0x0, [0xa2, 0x9, 0xd6eb, 0x5, 0x5, 0xda, 0xbf, 0x1000, 0x3, 0xffff, 0x200, 0x7f, 0x2, 0x7, 0x1, 0x3, 0xc7, 0x3, 0x1, 0x7c5c, 0x3ff, 0x4332, 0x5, 0x6914, 0x2, 0x1, 0xfff, 0xfff1, 0x1, 0x5, 0x81, 0x5, 0xe3, 0x10, 0x1, 0x1, 0x1, 0x8000, 0xe63, 0x833a, 0xfff1, 0xffff, 0xa16e, 0xf1ca, 0xf880, 0x6, 0x4, 0x1], 0x1000}})

5m9.012815905s ago: executing program 0 (id=1099):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r2, 0xffffffffffffffff, 0x0)

5m8.334038539s ago: executing program 33 (id=1099):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r2, 0xffffffffffffffff, 0x0)

2m36.562366807s ago: executing program 4 (id=3021):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2c, 0x1, 0x1, 0x301, 0x0, 0x0, {0x3, 0x0, 0x1}, [@CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x1}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x3ff}, @CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x3000}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4840}, 0x4000000)

2m36.562132264s ago: executing program 4 (id=3022):
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000380)={'syztnl0\x00', &(0x7f0000000300)={'syztnl0\x00', 0x0, 0x2, 0x8, 0x7, 0x7, 0x40, @empty, @loopback, 0x20, 0x20, 0x7ff0}})
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1ae96d0103010000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000340)=ANY=[], 0xffc9)

2m36.48829268s ago: executing program 4 (id=3023):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={0x30, 0x4a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x6e80}, [@typed={0x8, 0x0, 0x0, 0x0, @u32}, @nested={0x14, 0x1, 0x0, 0x1, [@generic="fec0ffff00fecb2f94c3ed92d9a40000"]}]}, 0x30}}, 0x0)

2m36.488086647s ago: executing program 4 (id=3024):
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x82, &(0x7f0000000700)=ANY=[@ANYBLOB='iocharset=default,noadinicb,gid=forget,gid=ignore,nostrict,gid=', @ANYRESDEC=0x0, @ANYBLOB="2c616e63686f723d30303030000088be0900303030303030303030312c7569643d666f726765742c00215e8c2e42462f3ab5e1f7c0527abbb422be9178aa60681964adb069ae876c4a599d560075ac47c0de1a9bb9146af6433efdcdac853a8e8f16d6bad90ecce0a1fab46f48331e6b3c325c08df3c334e4da28067a30b3b1dc64bf692c712fc273bc1702008f563765c6f3e67d97e1369973c2a87f0ecca7320819863179fb85e394a8cf1d62c70d8306633b6958ebf998a0685bc5cdd1f97291328743add4c867115fae1082f8faf482e15eb939968"], 0xfd, 0xc34, &(0x7f0000001080)="$eJzs3U9sHNd9B/DfGy5F0m4rJk5Uu42LTVukMmO5sqSYilW4q5pmG0CWiVDMLQBX5EpdmFoSJNXIbtowvfTQQ4Ci6CEnAq1RIEUDoymKHtnWBZKLD4VPPREtbARFD2wRIKeAxcy+FVf/LMkkJcr+fGzqOzv73sx7M+MZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxO+8cvb48+lhtwIAeJDOT3/1+AnPfwD4RLng//8BAAAAAAAAAAAAAOCgS1HEE5Fi6fxWmq0+dw2fa3euXpuZmLx9tZFU1Ryoypc/w8+fOHnqSy+Mn+7lh9ffa0/Fa9MXztZfXryytNxaWWnN12c67bnF+dY9b2G39W82Vh2A+pXXr85furRSP/HcyRu+vjb6wdDjR0bPjD9z7Ole2ZmJycnpvjK1wY+891vcaYTHoSjiWKR49vs/Ts2IKGL3x+Iu185+G6k6MVZ1YmZisurIQrvZWS2/nOodiCKi3lep0TtGD+Bc7EojYq1sftngsbJ700vN5ebFhVZ9qrm82l5tL3amUre1ZX/qUcTpFLEeEZtDt25uMIqoRYrvHt5KFyNioHccvlgNDL5zO4p97OM9KNtZH4xYLx6Bc3aADUURr0aKn7xTxFx5zPJPfCHi1TL/MeKtMl+KSOWFcSri/eo6GnnILWcv1KKIPyvP/5mtNF/dD3r3lXNfq3+lc2mxr2zvvvLIPx8epAN+bxqOIprVHX8rffTf7AAAAAAAAAAAAAAAAACw10aiiKcixSv//gfVuOKoxqUfPjP+u6M/3z9m/Mm7bKcs+1xErBX3Nib3UB5CPJWmUnrIY4k/yYajiD/K4/++/bAbAwAAAAAAAAAAAAAAAAAA8IlWxHuR4sV3j6b16J9TvN25XL/QvLjQnRW2N/dvb8707e3t7XrqZiPnbM61nOs5N3Ju5owi18/ZyDmbcy3nes6NnJs5YyDXz9nIOZtzLed6zo2cmzmjluvnbOSczbmWcz3nRs7NnHFA5u4FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPg4KaKIn0WK73xjK0WKiEbEbHRzY6hXBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4mIZSET+IFPXfa1xfV4uIVP3bdbT85VQ0DpX56WiMl/lSNM7mbFZZa3z7IbSf3RlMRfwoUgwNv339hOfzP9j9dP0yiLe+ufPpl2rdHOh9OfrB0ONHDp8Zn/yVJ++0nG7XgLFz7c7Va/WZicnJ6b7Vtbz3T/etG837Lfam60TEyhtvvt5cWGgtW/hkLNS6C7XY0y2PROztBvduodZdyPereOjtucNC42A0Y2chqnv/be/ZfGyUz//3I8VvvvsfvQd+7/n/c91P15/w8dM/3nn+v3jzhvbp+f9E37oX8+9GBmsRw6tXlgaPRAyvvPHmsfaV5uXW5Vbn1PHjXx4f//LJ44OHIoYvtRdafUu7PlQAAAAAAAAAAAAAAAAAD1Yq4rcjRfNHW6keEdeq8VqjZ8afOfb0QAxU461uGLf12vSFs/WXF68sLbdWVlrz9ZlOe25xvnWvuxuuhnvNTEzuS2fuamSf2z8y/PLi0hvL7cu/v3rb7x8bPntxZXW5OXf7r2MkiohG/5qxqsEzE5NVoxfazU5VdWqPBmYOpiL+M1LMnaqnz+d1efxfGe8N9pXtH/+/1re+Wt6n8X+fumk/KRXx00jxG3/+ZHy+audjccsxy+X+OlKMnf5cLheHynK9NnTfK9AdGViW/d9I8fc/u7Fsr+9P7JR9/v6O7sFXnv/DkeIHf/q9+NW87sb3P+yM/+w//4/dvKF9Ov+f6Vv32A3vK9h118nn/1ikeOmJt+PX8roPe/9HEdvb29+KOJoLX38/xz6d/8/2rRuN7n5/fe+6DwAAAAAAAAAA8MgaTEX8TaR4erKWXsjr7uXv/83fvKF9+vtfv9i3bv4BzVe064MKAAAAAAfEYCrivUhxefXt62Oo+8Z/3zj+87d25l6fSDd9W/053y9U7w3Yyz//6zea9zu7+24DAAAAAAAAAAAAAAAAAADAgZJSES/k+dRn7zKf+kakeOW/n83l0pGyXG8e+NHq1+Hzi51jZxcWFueaq82LC6369FJzrlXW/Uyk2Pqrz+W6RTW/em+++e4c78PbvbnYlyPF5N/2ynbnYu/NTd6dD7w7F3tZ9lOR4r/+7sayvXmsP7tT9kRZ9i8jxdf/6fZlj+yUPVmW/V6k+OHX672yj5Vle+9H7b6TdLgWC63n5hYXbnkVKgAAAAAAAAAAAAAAAAAAANyvwVTEn0SK/7myHmt52H+e/783A3+tV/atb/bN93+Ta9U8/6PV/P93Wv4o8/+P7llPAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg0ZGiiDcjxdL5rbQxVH7uGj7X7ly9NjMxeftqI6mqOVCVL3+Gnz9x8tSXXhg/3csPr7/XnorXpi+crb+8eGVpubWy0pqvz3Tac4vzrXvewm7r7xy6rrHqANSvvH51/tKllfqJ507e8PW10Q+GHj8yemb8mWNP98rOTExOTveVqQ3ex97vq3E7DkURfxEpnv3+j9M/D0UUsftjcZdrZ7+NVJ0YqzoxMzFZdWSh3eysll9O9Q5EEVHvq9ToHaMHcC52pRGxVja/bPBY2b3ppeZy8+JCqz7VXF5tr7YXO1Op29qyP/Uo4nSKWI+IzaFbNzcYRbweKb57eCv9y1DEQO84fPH89FePn7hzO4p97OM9KNtZH4xYLx6Bc3aADUUR/xApfvLO0fjXoYhadH/iCxGv9hd8KSKVF8apiPdvcx3xaKpFEf9Xnv8zW+mdofJ+0LuvnPta/SudS4t9ZXv3lYP0fNi+/2txZA92e+8O+L1pOIr4YXXH30r/5r9rAAAAAAAAAAAAAAAAgAOkiF+OFC++ezRV44Ovjyludy7XLzQvLnSH9fXG/tUj/rDM7e3t7XrqZiPnbM61nOs5N3Ju5owi18/ZyDmbcy3nes6NnJs5YyDXz9nIOZtzLed6zo2cmzmjVsX29va3uvVruX7OtZzrtYiirJ8/b+aMAzJ2DwAAAAAAAAAAAAAAAAAA+Hgpqn9SfOcbW6maS7URMRvd3DAf6Mfe/wcAAP//3sf+xA==")
symlink(&(0x7f0000000400)='./bus\x00', &(0x7f00000000c0)='./file0\x00')
creat(&(0x7f0000000300)='./bus\x00', 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x40, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x101, 0x1, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "806c64c97808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4, 0x400000]})
lstat(&(0x7f0000000280)='./file0\x00', 0x0)

2m36.42516053s ago: executing program 4 (id=3026):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000072"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000002340)=@base={0xe, 0x4, 0x4, 0x12}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000480)={r2, &(0x7f0000000440)}, 0x20)

2m36.35088928s ago: executing program 4 (id=3029):
kexec_load(0x4, 0xa, 0x0, 0x0)

2m36.198840261s ago: executing program 34 (id=3029):
kexec_load(0x4, 0xa, 0x0, 0x0)

53.173284642s ago: executing program 1 (id=4493):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f0000000240), 0x0)
r3 = openat$cgroup_procs(r0, &(0x7f0000000280)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f00000000c0), 0x12)
pread64(r3, &(0x7f0000001840)=""/4096, 0x1000, 0x1)

53.113586343s ago: executing program 1 (id=4495):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c000000020681010000000000000000000000000500050002000000050001"], 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x800)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="24000000190001002cbd700000c8c3532d"], 0x24}}, 0x0)

53.002276972s ago: executing program 1 (id=4496):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000140)={'dummy0\x00', &(0x7f0000000280)=@ethtool_link_settings={0x28, 0x9f2, 0xe7, 0x3, 0x2, 0xb1, 0x8, 0x5, 0x4, 0xe, [0xfffffffe, 0x2, 0x6, 0x3, 0x6, 0x6, 0x200, 0xd]}})

52.954363358s ago: executing program 1 (id=4497):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x4000, &(0x7f0000000040)=ANY=[], 0xff, 0x60c0, &(0x7f000000d800)="$eJzs3U1vHVf9B/DfffC147RpVP1V5R+xcFMeWkrznEB5asqCBSxAQl2TyHWrlBRQEhCtIuLKC8QGeAmw6YZFJV4BL6CvASGxJVLSVReUQWOf44xvrn3tJp659vl8pJuZ35w7vmfyveOZ65m5EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/OD7PznXi4irv04Tjkc8FYOIfsSRul6KeuRKfv4wIk7EenM8FxGD+Yh6/vV/nom4GBEfH4u4/+DOcj35/C77cens7Zuf/fB7//jdH9dOvPPmTz8cb//x/1346Pd3I47/6NWPPrv7ZJYdAAAASlFVVdVLH/NPps/3/a47BQC0Im//qyRPV6vVavUTrf/Q38vznzradX/Vh7Ruqia72ywiYrU5T73P4HA8ABwwq/Fp112gQ/Iv2jAijnbdCWCm9bruAPvi/oM7y72Ub6+5PVjaaM9/p9yS/2pv8/qO7YbTjJ9j0tb7ay0G8ew2/TnSUh9mSc6/P57/1Y32UXrefufflu3yH21c+lScnP9gPP8xW/L/U0Qc2Pz7E/MvVc5/uJf8VwcHeP2XPwAAAAAAh1/++//xjo//zj/+ouzKTsd/l1rqAwAAAAAAAAA8aY97/79N7v8HAAAAM6v+rF7787GH07b7LrZ6+hu9iKfHng8UZqnx5YAAAAAAAAAAAAAAQDuGEYvpvP65iHh6cbGqqvrRNF7v1ePOf9CVvvxQsq5/yQMAwIaPj41dy9+LWIiIN9J3/c0tLi5W1VxELFZH5vP+7Gh+oTrS+Fybh/W0+dEudoiHo6r+YQuN+ZqmfV6e1j7+8+rXGlWDXXSsHR0GDgARsbE1um+LdMhU1TPR9V4OB4P1//Cx/rMbXb9PAQAAgP1XVVXVS1/nfTId8+933SkAoBV5+z9+XECtVquLqT/ZmDgz/VGr97Fuqia72ywiYrU5T73P4Hb8AHDArManXXeBDsm/aMOIONF1J4CZ1uu6A+yL+w/uLPdSvr3m9mBpoz2fC7Il/9Xe+nx5/knDacbPMWnr/bUWg3h2m/4811IfZknOvz+e/9WN9nyL/818FvYn/7Zsl3+9nMc76E/Xcv6D8fzH7Pf635a16E/Mv1Q5/+Ge8h/IHwAAAAAAZlj++/9xx3/zIgMAAAAAAADAgXP/wZ3lfN1rPv7/hQnP6zXHXP95aOT8e7vO3/W/h0nOvz+e/9gJOYPG+L3XH+b/yYM7yx/e/vf/5+HM5z83GNWvPdfrD4bpnJ9q7q24HjdiJc4+8vzhlvZzj7TPbWk/P6X9wiPto7r9SG4/Hcvxi7gRb262z085MWphSns1pT3nP7D+FynnP2w86vwXU3tvbFi790H/kfW+OZz0Olf++p8vP7p2tWG4pVqLweayNRyr/znVWp8eWv8/OTqKX91auXn6N9du3755LtJgy9TzkQZPWM5/Lj1y/i++sNGef+8319d7H4z2nP+sWIvhpPzX398vNMbr5X2p5b51Iec/So+cf94CTV7/D3L+E9f/9eV7uYP+AAAAAAAAAAAAAAAAwE6qqlq/RPRKRFxO1/90dW0mANCuvP2vkjxdre6g/tffZqs/arVavbXuzVh/PkfdVE32WrOIiL8356n3GX476YcBALPsvxHxz647QWfkX7D8fX/18ItddwZo1a333v/ZtRs3Vm7e6ronAAAAAAAAAMDnle//udS4//P6eUBj943ecv/X12PpwN7/sz8arN/rPC3Q87Hz/b9Pxc73/x5Oeb25Ke2jKe3zU9oXprRPvNCjIef/fMo4538yLVhJ9399sYP+dC3nfyrd6znn/5Wx5zXzr/5ykPPvb8n/zO13f3nm1nvvv3L93Wtvr7y98vNzZy9fvHDp4oVLl868df3GytmNfzvs8f7K+ed7XzsPtCw5/5y5/MuS8/9SquVflpT/5m6o/MuS1/+8vyf/suT882cf+Zcl5/9SquVflpz/V1Mt/7Lk/F9OtfzLkvP/WqrlX5ac/yupln9Zcv6nUy3/suT8z6Ra/mXJ+ecjXPIvS84/n9kg/7Lk/M+nWv5lyflfSLX8y5Lzv5hq+Zcl538p1fIvS87/cqrlX5ac/9dTLf+y5Py/kWr5lyXn/2qq5V+WnP83Uy3/suT8v5Vq+Zcl5//tVO+U/zst9ot25Py/k2rrf1ly/t9NtfzLkvN/LdXyL8vD7/83sueRxdnoRpsjVRUxA90wsu8jXf9mAgAAAAAAAAAAAADGtXE6cdfLCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRX27jVGrrO+H/izV6+TQPwnIYQQiO1cMGST3fUtMcFgrv809JIGQksLdYy9dgy+1buGBKFmaWgLAqmR2hf0RSkgQEhtlahCKpUoilSk9k1VXhVFlVArIdWVoDIRVKICtjpznufZmdnZmV3vrj1zzueD4p+9M2fmmTNnZve76DsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABotuNts380FEIo/mv8sS2E64q/bw2Hin8u7L/aKwQAAADW6+eNP//q+vyFQ6vYqOk6//iaf/n64uLiYvjgixd/8SeLi/mC7SGMbAmhcVnyTz/9yWLzdaKnw8TQcNO/h3vc/UiPy0d7XD7W4/LxHpdv6XH5RI/Ll+2AZbaWv49p3Ngdjb9uK3dpuDGMNS67o8NWTw9tGR5Ov8tpGGpsszh2PJwMp8JsmF62zVDjfyF8c0dxXw+GdF/DTfd1awjh0o8+fjStYSju4ztCy501ND93P3xL2P7ijz5+9KvzP3hlp9lzNyxbaQi7dhbr/GQIS7+uCkNhS94naZ3DTeu8tcM6R1rWOdTYrvh7+zovrXKd6XFPxHV+p8s6b41fe+L2EMJCWPE67Z4Ow+GatnvN+3uiPCKK2yieypeF0TUdJztWcZwU23z/9tbjpP2YTPt/R9wnoyusofnp+OEnxpft98s9TopH3Q/HanHbDxd3OjHR/KvVlmO1uM7H71z5GOj43HU4BvKx3HQM7Ox1DAyPjzSOgeGlNe9sOQZmlm0zHIYa93Xxzu7HwNT86XNTc09+7J6Tp4+cmD0xe2Zmev/ePfv27tm3b+r4yVOz0+Wfa9ulA+SaMJyPwZ3xvSYdg69tu27zIbn4xY17HUz0yeugeOzvuatY0HXDYYVjvLjOJ3et/3WQv+83vQ5Gm14HHd9TO7wORlfxOiiuc2nX6r5njjb912kNm/VeuK3pGLia3w+L+3z/61Z+L7w1rutTr1/r98ORZcdAelhD8bVXfCX/vDdxf9wvy4+LW4oLrh0PF+Zmz9/7xJH5+fMzIY4r4oam56r9eLmm6TGFZcfL8JqPl0N/+bO7bunw9W1xX03cvfRcjXd4Horr7J3s/lw13t0778+Wr+4OcWywK70/O303K/ZnzhJdjv3iOp+8Z/0/C+Zc0vT+N9br/W9kbLR8/xvJe2Os5f1v+VMz0lhZCJfuWd3731j870q//93YJ+9/xb56/73dj4HiOp+aWusxMNr1/e/2OIfiel4XE8NEU+7/RePyhfIwbXouex43o6Nj8bgZTffYetzsWbZNcWvFfe+avrzjZtftrc9Vy88tFTxuin31p9Pdj5viOs/PrP+9Y2v6a9N7x3ivY2BsZLxY71g+CMr3u8Wt6Ri4NxwNZ8OpcCxvUzzLxX1N7l7dMTAe/7vS7x0398kxUOyrz+3ufgwU1/n2no392WlX/Eq+TtPPTu2/X1gp898yunR77bttozN/sc637+3+u6HiOj/Yu9ac0X0/3R2/cm2H/dT++lnpmD4Wrsx+ujmu89S+7r+bKq5z4/5VHk+HQggvzLzQ+H1X/P3u31z416+3/N630++UX5h54aGpR767lvUDAHD5ftH4c2G8/Fmz6f+xXs3//w8AAAAMhJT7h+PM5H8AAACojJT7R+LM5H8AAACojJT7R+PMapL/H7//wLM/fyrkTwNcjNLlaTc8/KbyeqnjvRD/vX1xSfH1t3557NlPP7W6+x4OIfzsoVd1vP7jb0rrKp1L63xD69eXufm2Vd3/Y48uXa/58xMuHShvPz2e1R4Gqav8zandjdvd/uRMYz7/UGjMRxY+9XR5++W/0/Uv7imv/+fxQ0sOHR9q2X5XXM8dcW6Pnynz8KGl/VDMtN2zt77mH25479L9pe2Gdr608TA/93vl7abPiHrmhvL66XGvtP6//8zXni2u/8Sdndf/1HDn9V+Mt/v9OH96sLx+8z7/dNP6/yCuP91f2u7eL32r4/qfe0V5/eficfGFONvX/5Y/fvXPOz1f6X4OPVBul+5/+n/2NrZLt5duv339E0/NtOyP9tt//sXydg5+5McjzddPX0/3kzz2QOvxPRSf35YeeQjha38YWvZzeGO53d+1rT/d3rkHOq//7rZ1nhu6rbH90uPZ1vK4Pv+V3R0fb1rPob/e1vJ4nnlH3H8vTn27uN2Lj8TjMV7+v98pb6/9s0yfe0fr+026/he2la/bdHtTbet/pm39C7cV+673+h98sVz/c2/e0rL+Q++Mx9OD5ey1/hN/cX3L9l/8avl8nP/o5JmzcxdOHosPZlvb63jLxNZrrr3uJS+9Pr6Xtv/78Nn5x2fPb5/ePh3C9gH8yMDNXv+X4vzvcixs/D2Uvvvj8rj77LvK71uv/Un572fi1x+Lz2f6/vj5PxtrOV7bn/eFN5dzvet/fVzHar3iM/9xW4cv/+eyz/y9+IFvXvjb3/9B+88F6fGce/lE4/F9bsdNjcuGni8vb3+/6uXfX976uv7e6HRjfiPu18X4ycw7byrvr/3202eTfPbd5es3/SSXtg9tnyeybaT1cax3/d+LP8d86+bW9790fHzjqbZPc94WhoolLMT3h7BQXp6ulfb3Zy/d1PH+0ufwhIVXrmWZK5p7cm7q1MkzF56Ymp+dm5+ae/Jjh0+fvXBm/nDjs0sPf6jX9kuv72sar+9js/v3hsar/Ww5NtnVXv+5R48eu2/6rmOzx49cOD7/6LnZ8yeOzs0dnT02d9eR48dnP9pr+5PHDs7sPrDnvt2TJ04eO3j/gQN7DkyePHO2WEa5qB72T3948sz5w41N5g7uPTCzb9/e6cnTZ4/NHrxvenryQq/tG9+bJoutPzJ5fvbUkfmTp2cn505+bPbgzIH9+3f3/PTH0+eOz22fOn/hzNSFudnzU+Vj2T7f+HLxva/X9tTD3Nn4ftdmKP50/r679+fPxy18+RMr3lR5ldYfT8MP42dBpe9vvf6dcv9YnFlN8j8AAADUQcr98YP/ly6Q/wEAAKAyUu7fEmcm/wMAAEBlpNw/EWdWk/yv/6//r/+v/6//fwX7/0H/f6Pp/29I/385/f9V0f/X/9f/1/+nu37r/6fcvzWEWuZ/AAAAqIOU+6+JM5P/AQAAoDJS7r82zkz+BwAAgMpIuf+6OLN65P+x9r/q/+v/6/839//TdfX/g/6//v9l0v/X/+9G/1//f5DX34f9/636//Sbfuv/p9z/kjizeuR/AAAAqIWU+18aZyb/AwAAQGWk3H99nJn8DwAAAJWRcv+2OLOa5P8NPP//Z+JF+v/6/4Pe/z+djmPn/9f/1/9fP/1//f9u9P/1/wd5/X3Y/3f+f/pOv/X/U+7/f3FmNcn/AAAAUAcp978szkz+BwAAgMpIuf+GODP5HwAAACoj5f4b48xqkv83sP/v/P/6/1Xp/zed/1//v5n+v/7/5dD/1//vRv9f/3/j1z8Uf0zQ/++1vf4/V0K/9f9T7n95nFlN8j8AAADUQcr9N8WZyf8AAABQGSn3vyLOTP4HAACAyki5/+Y4s5rkf/1//X/9f/1//X/9/82k/6//343+v/7/IK9f/1//n976rf+fcv8r48xqkv8BAACgDlLuvyXOTP4HAACAyki5/1VxZvI/AAAAVEbK/bfGmdUk/+v/91X//8mg/7+8/z+s/6//X1pr/79hoff69f8312D1/4dXvET/v6T/30r/X/9f/1//n+76rf+fcv+r48xqkv8BAACgDlLuf02cmfwPAAAAlZFy/21xZvI/AAAAVEbK/dvjzGqS//X/+6r/7/z/zv+v/+/8/0v9//kh/f9VcP5//f+g/3/ZrnZ/ftDXr/+v/09v/db/T7l/R5xZTfI/AAAA1EHK/TvjzOR/AAAAqIyU+2+PM5P/AQAAoDJS7r8jzqwm+V///zL7/1tb/6n/33n9+v/6//r/zv+v/6//343+v/7/IK9f/391/f/xXjdEpfVb/z/l/jvjzGqS/wEAAKAOUu6/K85M/gcAAIDKSLn/tXFm8j8AAABURsr9u+LMapL/9f+d/1//X/9f/1//fzPp/6+6/7/1cta1Kf3/9Car/9+T/r/+/6D0/yc6bO/8/1wJ/db/T7n/dXFmNcn/AAAAUAcp978+zkz+BwAAgMpIuf/uODP5HwAAACoj5f7JOLOa5H/9f/1//X/9f/1//f/NVNX+f34fdf5//X/9f/3/Te7/f2WF7Qfl/P/UW7/1/1PuvyfOrCb5HwAAAOog5f5748zkfwAAAKiMlPun4szkfwAAAKiMlPun48xqkv+r3/9vbxaX9P9L+v/6/0H/X/9/k1W1/99+/v8Qgv6//n+m/6//32/n/+9E/58rYf39//G8SePPdfb/U+6fiTOrSf4HAACAOki5f3ecmfwPAAAAlZFy/544M/kfAAAAKiPl/r1xZjXJ/9Xv/3em/1/S/9f/D/r/+v+brC79f+f/Ly/X/y/p/+v/6//r/9fRcIevrb//v7RJ48919v9T7t8XZ1aT/A8AAAB1kHL//jgz+R8AAAAqI+X+++LM5H8AAACojJT7748zq0n+1//X/9f/1//v3/5/6/1vXv//v/T/N5H+v/5/N/r/+v+DvH79f/1/etvY/v/16+7/p9x/IM6sJvkfAAAA6iDl/jfEmcn/AAAAUBkp9z8QZyb/AwAAwEDpdB7CJOX+N8aZ1ST/6/9Xvf+/uEX/X/9/cPv/rfvT+f/1/zuJb5/6/6tUr/7/1mX3p//f6mr35wd9/fr/+v/0trH9/2U/nq65/59y/8E4s5rkfwAAAKiDlPvfFGcm/wMAAEBlpNz/5jgz+R8AAAAqI+X+Q3FmNcn/+v9V7//33/n/h8Lg9v9H9f/1//X/18z5//X/u3H+/8Hs/6fP3dD/75/+f3EM6f/Tj/qt/59y/1vizGqS/wEAAKAOUu5/a5yZ/A8AAACVkXL/2+LM5H8AAACojJT73x5nVpP8r/+v/+/8/87/r/+v/7+Z9P/1/7vR/x/M/n+i/98//X/n/6df9Vv/P+X+d8SZ1ST/AwAAQB2k3P/OODP5HwAAACoj5f7/H2cm/wMAAEBlpNz/YJxZTfJ/hfr/Y3Hq/+v/6//r/zfo//cH/X/9/270//X/B3n9+v/6//TWb/3/lPt/Kc6sJvkfAAAA6iDl/ofizOR/AAAAqIyU+98VZyb/AwAAQGWk3P/LcWY1yf8V6v+X+vT8/8P59vX/9f/1//X/9f830oD2/yf0/0v6//r/g7x+/X/9f3rrt/5/yv2/EmdWk/wPAAAAdZBy/6/Gmcn/AAAAUBkp9/9anJn8DwAAAJWRcv/DcWY1yf/6/87/r/+v/9+3/f/R1v2p/6//38mA9v+d/z/S/9f/H+T16//r/9Nbv/X/U+7/9TizmuR/AAAAqIOU+x+JM5P/AQAAoDJS7n93nJn8DwAAAJWRcv974sxqkv/1//X/9f/1//u2/9+2P/X/+7X//29dL9X/1//vRv9f/3+Q16//r/9Pb/3W/0+5/9E4s5rkfwAAAKiDlPvfG2cm/wMAAEBlpNz/G3Fm8j8AAABURsr9vxlnNpj5f3itG+j/6//r/+v/r7r/vxBC0P/X/18j/f/l/f/iPexq9v/HV3NF/f9V0f/X/9f/1/+nu37r/6fc/744s8HM/wAAAEAHKff/VpyZ/A8AAACVkXL/b8eZyf8AAABQGSn3vz/OrCb5X/9f/1//X//f+f/1/zeT/n+9zv8/HvT/g/6//r/+v/4/Wb/1/1Pu/0CcWU3yPwAAANRByv2/E2cm/wMAAEBlpNx/OM5M/gcAAIDKSLn/sTizmuR//f+r1P/fWl5f/1//vzr9/0X9f/3/jvT/69X/d/7/kv6//r/+v/4/pX7r/6fcfyTOrCb5HwAAAOog5f4PxpnJ/wAAAFAZKfcfjTOT/wEAAKAyUu4/FmdWk/yv/+/8//r/+v/O/6//v5n0//X/u9H/1/8f5PXr/+v/01u/9f9T7p+NM6tJ/gcAAIA6SLn/eJyZ/A8AAACVkXL/iTgz+R8AAAAqI+X+x+PMapL/9f/1/1fV/x8L+v/6//r/+v+XRf9f/78b/X/9/0Fev/6//j+9bVz//583pP+fcv/JOLOa5H8AAACog5T7PxRnJv8DAABAZaTc/+E4M/kfAAAAKiPl/lNxZjXJ//r/+v/O/1/B/v+o/n/Q/+8b+v/6/93o/+v/D/L69f/1/+ltKGxU/z9sSP8/5f7TcWY1yf8AAABQByn3n4kzk/8BAACgMlLuPxtnJv8DAABAZaTcfy7OrCb5X/9f/1//v4L9f+f/b9D/7w/6//r/3ej/6/8P8vr1//X/6W3jzv+/Mf3/lPt/N86sJvkfAAAA6iDl/v9j7z6a5LyrPY63riWPVK5bd3X3vAV27OAd+DWwYUuRc44GTE4m55yTiSbnnIPJORlMBkOVKWvOOfZIPd2t0fT08/zP57PgMGaseayhxvUr1beee8ct9j8AAAAMI3f/feIW+x8AAACGkbv/vnFLk/2v/9f/6//1//p//f826f/1/6vo/+fT/59Z8vfr//X/+n/WmVr/n7v/fnFLk/0PAAAAHeTuv3/cYv8DAADAMHL3PyBusf8BAABgGLn7Hxi3NNn/+n/9v/5/Mv3/fuen/9f/6/8vif5f/7/Ydf9/Lj4YvP9fRv+v/9f/s87U+v/c/Q+KW5rsfwAAAOggd/+D4xb7HwAAAIaRu/8hcYv9DwAAAMPI3f/QuKXJ/tf/6//H7f/35tb/e/9/fl9H7P9P3f5l9f/HS/+v/1/suv9v8v7/ZfT/+n/9P+tMrf/P3f+wuKXJ/gcAAIAOcvc/PG6x/wEAAGAYufsfEbfY/wAAADCM3P2PjFua7H/9v/5/3P5/du//1//n93WI/v9c/Tre/6//1/8fTv+v/5/z8+v/9f+sN7X+P3f/o+KWJvsfAAAAOsjd/+i4xf4HAACAYeTuf0zcYv8DAADAMHL3PzZuabL/9f/6f/2//l//fwLv/9f/6//1/0vp//X/c35+/b/+n/Wm1v/n7n9c3NJk/wMAAEAHufsfH7fY/wAAADCM3P1PiFvsfwAAABhG7v4nxi1N9v+l9f+n9P+H0P8vf379v/5f/6//1//r/1fR/+v/5/z8+n/9P+ttvf+/+przd9P+P3f/NXFLk/0PAAAAHeTuf1LcYv8DAADAMHL3Pzlusf8BAABgGLn7nxK3NNn/S/r/KxYzfv//2c2+tP4/vv7B/v/WU/p//f80+/9b4qeM/l//f7F59/9n9f876//39P8r+/nNfif0//p//T/rbL3/X9P7X/hx7v5r45Ym+x8AAAA6yN3/1LjF/gcAAIBh5O5/Wtxi/wMAAMAwcvc/PW5psv8v7f3/0+//vf9/t+//z193C/3/mWXPr//v0v/v8/5//f8y8+7/vf9/i/3/PfI30/v/D7frfn7uz7+q/7/rBs+v/6eDqfX/ufufEbc02f8AAADQQe7+Z8Yt9j8AAAAMI3f/s+IW+x8AAACGkbv/2XFLg/1/Wv9fz5H0/97/v1H/f27/79f/H3we/b/+fxn9v/5/ld29/1//v5hAPz/35/f+//X9/1XrfhGGN7X+P3f/c+KWBvsfAAAAusjd/9y4xf4HAACAYeTuf17cYv8DAADAMHL3Pz9uabL/9f/6f/2/9/9fVv9/xTb6/9NLfz/1//r/ZfT/+v+F/v/Idt3Pz/359f/e/896U+v/c/dfF7fU8Dt9hH9KAAAAYEpy978gbmny5/8AAADQQe7+F8Yt9j8AAAAMI3f/i+KWJvtf/6//1//r/73/X/+/Tfr/4fr/U/r/2+n/9f/6f/0/q02t/8/d/+K4pcn+BwAAgA5y978kbrH/AQAAYBi5+18at9j/AAAAMIzc/S+LW5rsf/2//l//r//X/+v/t0n/P1z/7/3/d6D/1//r//X/rDa1/j93/8vjlib7HwAAADrI3f+KuMX+BwAAgGHk7n9l3GL/AwAAwDBy978qbpnd/r+woN2M/l//r//X/+v/9f/bNP3+/8xGn6X/36f/P2hb/f/ZQ76e/n9az388/X9+9/X/jGkC/f/d7vhx7v5Xxy2z2/8AAADAYXL3vyZusf8BAABgGLn7Xxu32P8AAAAwjNz9r4tbmuz/w/r/m6/a/9/X9P/5G6b/j6v/1/8v9P9F/6//X8yi/9+M/n+f/v8g7//X/3v/v/6f1SbQ/x/4OHf/6+OWJvsfAAAAOsjd/4a4xf4HAACAYeTuf2PcYv8DAADAMHL3vyluabL/vf9f/6//1//r//X/26T/1/+vMqP+f2/ZX9T/6//1//p/Vpta/5+7/81xS5P9DwAAAB3k7n9L3GL/AwAAwDBy9781brH/AQAAYBi5+98WtzTZ//p//f/O+///GbL/P/+I+n/9v/5f/6//X21G/f9S+n/9v/5f/89qU+v/c/e/PW5psv8BAACgg9z974hb7H8AAAAYRu7+d8Yt9j8AAAAMI3f/u+KWJvtf/6//33n/7/3/Rf8f31f9v/7/Euj/9f8L/f+R7bqfn/vz6//1/6w3tf4/d/+745Ym+x8AAAA6yN3/nrjF/gcAAIBh5O6/Pm6x/wEAAGAYufvfG7c02f/6f/2//l//r//X/2+T/l//v8rJ9v/X3qz/P2jX/fzcn1//r/9nvan1/7n73xe3NNn/AAAA0EHu/vfHLfY/AAAADCN3/wfiFvsfAAAAhpG7/4NxS5P9r/+fe/9/95viCabW/+en6P/1/yv7/73FxfT/+v9Lof/X/y+28v7/C39SLKf/1//r//X/rHZi/f89r77XXW77L2v6/9z9H4pbmux/AAAA6CB3/w1xi/0PAAAAw8jd/+G4xf4HAACAYeTu/0jc0mT/9+j/z1z0aeP0/97/r/+fdP+fP1S9/1//r//X/y813f5/M/p//b/+X//PalN7/3/u/o/GLU32PwAAAHSQu/9jcYv9DwAAAMPI3f/xuMX+BwAAgGHk7v9E3NJk//fo/y+m/9937P3/rf+n/9f/l03e/6//1/9fLv2//n+h/z+yXffzc3/+ofv/Uwv9P8diav1/7v5Pxi1N9j8AAAB0kLv/U3GL/Q8AAADDyN3/6bjF/gcAAIBh5O7/TNxw5//d3SOdKP2//t/7//X/+n/9/zbp/4/Q/586vfFz6f/36f+PZtf9/Nyff+j+3/v/OSZT6/9z9382bvHn/wAAADCM3P2fi1vsfwAAABhG7v7Pxy32PwAAAAxgv3fP3f+FuKXJ/l/T/+/l5x25/z93+NfW/+v/F/p//b/+X/9/mYbs/y+B/n+f/v9odt3Pz/35Z9f/X3/wQ/0/J2FJ/3/+J/Gu+v/c/V+MW5rsfwAAAOggd/+X4hb7HwAAAIaRu//LcYv9DwAAAMPI3f+VuKXJ/l/a/+95/7/+X/+v/1/o//X/x0L/r/9fRf+v/5/z88+u/7+A/p+TMLX3/+fu/2rc0mT/AwAAQAe5+78Wt9j/AAAAMIzc/V+PW+x/AAAAGEbu/m/ELU32/5r3/+v/N/tH0f/r/5f+/0H/r//fsP8/s9D/H5n+X/+/0P8f2a77+bk//+X0/+f0/zQxtf4/d/8345Ym+x8AAAA6yN3/rbjF/gcAAIBh5O7/dtxi/wMAAMAwcvd/J25psv9H7v9XfZr+f5/+X/+/0P9Pof/3/v/LoP/X/y/0/0e2635+7s/v/f/6f9abWv+fu/+7cUuT/Q8AAAAd5O7/Xtxi/wMAAMAwcvffuFjcYP8DAADAmG48/59nF9+PW5rs/5H7/1X0//v0//r/hf5f/79l+n/9/yr6f/3/nJ9f/6//Z72p9f+5+38QtzTZ/wAAANBB7v4fxi32PwAAAAwjd/+P4hb7HwAAAIaRu//HcUuT/a//1//r//X/+n/9/zbp//X/q+j/9f9zfn79v/6f9abW/+fu/0nc0mT/AwAAQAe5+38at9j/AAAAMIzc/T+LW+x/AAAAGEbu/p/HLU32v/5f/6//1//r//X/26T/1/+vov/X/8/5+fX/+n/Wm1r/n7v/F3FLk/0PAAAAHeTu/2XcYv8DAADAMHL3/ypusf8BAABgGLn7fx23NNn/+v/bnuNc/XX9v/5f/6//T/r/49G2/7/tX6v6/7X0//r/OT+//l//z3pT6/9z9/8mbmmy/wEAAKCD3P2/jVvsfwAAABhG7v7fxS32PwAAAAwjd//v45Ym+1//7/3/+n/9/zz6/yv1//r/pSbb/3v//0b0//r/OT+//l//z3pT6/9z998UtzTZ/wAAANBB7v4/xC32PwAAAAwjd/8f4xb7HwAAAIaRu//muKXJ/tf/6/+H7P/39P/j9f/e/z/L/v9O+n/9/2r6f/3/nJ9f/6//Z72p9f+5+/8UtzTZ/wAAANBB7v4/xy32PwAAAAwjd/9f4hb7HwAAAIaRu/+vcUuT/a//1/8P2f97/7/+X/8/Gfp//f8q+n/9/5yfX/+v/2e9qfX/ufv/Frc02f8AAADQQe7+v8ct9j8AAAAMI3f/P+IW+x8AAACGkbv/n3FLk/2v/9f/6//1//p//f826f/n2/9fuThC/3/dQv+v/9f/6//1/5Sp9f+5+/8VtzTZ/wAAANBB7v5b4pal+///T+ipAAAAgOOUu//fcYs//wcAAIBh5O7/T9zSZP/r//X/+n/9v/5f/79N+v/59v/e/7+e/l//r//X/7Pa1Pr/3P3/DQAA///E7/7M")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8})

52.25014627s ago: executing program 1 (id=4500):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=@newtfilter={0x70, 0x2c, 0xd27, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xfff3, 0x7}, {}, {0xa, 0x1}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x40, 0x2, [@TCA_CGROUP_EMATCHES={0x3c, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x6}}, @TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0x2c, 0x1, 0x0, 0x0, {{0xe38, 0x9, 0x4}, [@TCA_EM_IPT_HOOK={0x8}, @TCA_EM_IPT_MATCH_NAME={0xb}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0xa}, @TCA_EM_IPT_MATCH_DATA={0x4}]}}]}]}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x80}, 0x40010)

51.534264174s ago: executing program 1 (id=4510):
r0 = memfd_create(&(0x7f0000000680)='-&:\n-\xb2];\x0f\xb2\x86NV6&\xb8=\x94Z}\xfaW~\xae\x87\x88\xea\xde\xd9=-\x01\x00\x00\x80=\x1d\x8bl\xd5\xc3DE\xbb0\x8e\xac\xf2r#TZ>\xfb\xdf\xc1\xd4\xd1\xee\x88\xebI\xab\xf6\xab}\x85\x18 \x8a\x8aG:\xacD-\x99JD/~\xd6\xb5m\xac\x8d\x1d\x1c\xe9\xe5<\xfcP)E\xc1\x8e\xeb\xc9\x158Mq\x01\xe1\xf6-\xc3\xaa\x9a\x9be\xcd\xf2\xde\xccx\x1f\x0fne\xe8C\xe4Y\xc9\vR2fY\x8e\x9d\x97 \x00\x00\x00\x00\xe8W\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe6JV\x80\xdd\x96F\xc90}SH\xe8\xd4RV\xb6\xc9h\xfb\xf3#\xcb\x14a\xab\b\x05\x7f\xaa\x92\x87#Yg\xef\xfb\x1fn.\x7f\xb1\xe26~$\xa9\v\x9b|>\xf5G\xb5\xac/\xc3n\x16\xee\xdf\xd0a', 0x0)
setuid(0xee00)
fremovexattr(r0, &(0x7f0000003bc0)=@known='system.posix_acl_access\x00')

51.409768957s ago: executing program 35 (id=4510):
r0 = memfd_create(&(0x7f0000000680)='-&:\n-\xb2];\x0f\xb2\x86NV6&\xb8=\x94Z}\xfaW~\xae\x87\x88\xea\xde\xd9=-\x01\x00\x00\x80=\x1d\x8bl\xd5\xc3DE\xbb0\x8e\xac\xf2r#TZ>\xfb\xdf\xc1\xd4\xd1\xee\x88\xebI\xab\xf6\xab}\x85\x18 \x8a\x8aG:\xacD-\x99JD/~\xd6\xb5m\xac\x8d\x1d\x1c\xe9\xe5<\xfcP)E\xc1\x8e\xeb\xc9\x158Mq\x01\xe1\xf6-\xc3\xaa\x9a\x9be\xcd\xf2\xde\xccx\x1f\x0fne\xe8C\xe4Y\xc9\vR2fY\x8e\x9d\x97 \x00\x00\x00\x00\xe8W\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe6JV\x80\xdd\x96F\xc90}SH\xe8\xd4RV\xb6\xc9h\xfb\xf3#\xcb\x14a\xab\b\x05\x7f\xaa\x92\x87#Yg\xef\xfb\x1fn.\x7f\xb1\xe26~$\xa9\v\x9b|>\xf5G\xb5\xac/\xc3n\x16\xee\xdf\xd0a', 0x0)
setuid(0xee00)
fremovexattr(r0, &(0x7f0000003bc0)=@known='system.posix_acl_access\x00')

2.700411476s ago: executing program 6 (id=5093):
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)="711f63377256c1d015c929eb9258", 0xe}, 0x1, 0x0, 0x0, 0x20008986}, 0x4044004)
recvmmsg(r0, &(0x7f0000001700)=[{{0x0, 0x0, 0x0}, 0x8}, {{0x0, 0x0, 0x0}, 0x1}], 0x2, 0x12162, 0x0)

2.650398969s ago: executing program 6 (id=5095):
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x17ef, 0x60fe, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x30, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x7ef}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000000c0)={0x2c, &(0x7f0000000100)={0x0, 0x0, 0x8, {0x8, 0x0, "392cdaab4a73"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

1.279342972s ago: executing program 5 (id=5104):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000006c0)={0x1, &(0x7f0000000500)=[{0x6, 0x43, 0x0, 0x7fff0000}]})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f00000000c0)={'macsec0\x00', 0x400})
close_range(r0, 0xffffffffffffffff, 0x0)

1.180555267s ago: executing program 5 (id=5105):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000000)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@mcast2, @in6=@dev={0xfe, 0x80, '\x00', 0x25}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x100}, {0xfffffffffffffffd, 0xa9, 0x0, 0x0, 0x5, 0xfffff7fffffffffd}, {0x2cf, 0xa00, 0x6}, 0x0, 0x6e6bc0}}, 0xb8}}, 0x40040)
syz_emit_ethernet(0x36, &(0x7f0000000240)={@local, @broadcast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x80}}}}}}, 0x0)

1.180442048s ago: executing program 5 (id=5106):
r0 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205647, &(0x7f0000000100)={0xf020000, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x98f911, 0x8000, '\x00', @p_u16=&(0x7f0000001b80)=0xa}})

1.109982287s ago: executing program 5 (id=5107):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'tunl0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001300)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@TCA_RATE={0x6, 0x5, {0x3, 0x5}}, @qdisc_kind_options=@q_blackhole={0xe}]}, 0x3c}}, 0x4000010)

1.109725685s ago: executing program 5 (id=5108):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000300)={[{@jqfmt_vfsv1}, {@dioread_lock}, {@barrier_val}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x5}}, {@errors_continue}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
truncate(&(0x7f0000000900)='./file1\x00', 0x469)

1.075308894s ago: executing program 6 (id=5109):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r1 = gettid()
r2 = syz_open_procfs(r1, &(0x7f0000000040)='timerslack_ns\x00')
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f0000000240)={0x30, 0x5, 0x0, {0x0, 0x0, 0x3, 0x7c}}, 0x30)

959.953478ms ago: executing program 5 (id=5110):
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="120100000000001081179808000000000001090224000100000000090400"], 0x0)

959.518118ms ago: executing program 6 (id=5111):
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x200000, &(0x7f0000001480)=ANY=[], 0x1, 0x1a6, &(0x7f0000000640)="$eJzKKC4sZmdgYFjNwcDAIMAABiwMPAwXGBgZWBgYGNQZIWIMTBBqPZT/AkrPhErbQPnNUHohlK64pb1uzSm/Myc9dbWWyTIzt8pDNUDF5FJ7jNwkF/NIsDBAdTQk5uSkFjWwMVTcYuBgQAUc/5kZGBhYGRgYsmY0lnBOktIUY2PLVDh75oP8OjaNIwyPVjBvrPPMa6wrTJ2ad4ohqSqrKmvexIkbZzZ2NjaunFgXlea3irElxWVTUycjircY2lc9TALbxsbAoPQ6lfmS8cIiqVMrqmbC/H+Hp2yFhIaGk8QVCYsGE4YjdbYNrgwVt5JTGhjStrAzJqmxibVtOTOHkYGRwW2BQkvyCabQoxxLZ0owHhCqOsnYoPnWIdFtxranDmxneA4f51lT0CdYf1yCwQlm/IGGhjKNtUxLbRd8KdL4K+G12tgpg8HdnmkZLEBZGkDkSihPFmR1QkLyCnYdTU0jQ4aEhk0SCUluBYbKDFv3cK4WaGBAijYVBgaG7VCNMPuuMTKMglEwCkbBKBgFo2AUjIJRMApGwSgYQQAQAAD//xrBd1c=")

900.440548ms ago: executing program 6 (id=5112):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020200600000000000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

900.252764ms ago: executing program 6 (id=5113):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x1b, 0x61, 0xe3, 0x8, 0x16d0, 0x10a9, 0x3052, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0xff, 0x7f, 0x88, 0x0, [], [{{0x9, 0x5, 0x3}}]}}]}}]}}, 0x0)

260.241146ms ago: executing program 3 (id=5120):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000440)={'ip_vti0\x00', &(0x7f0000000400)={'syztnl0\x00', <r1=>0x0, 0x0, 0x7c7, 0x3, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x86, 0x4, 0x0, @empty, @local}}}})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000480)={'syztnl0\x00', &(0x7f0000000380)={'tunl0\x00', r1, 0x40, 0x7800, 0x0, 0x4, {{0x5, 0x4, 0x0, 0x2c, 0x14, 0x66, 0x4, 0x40, 0x2f, 0x0, @broadcast, @multicast1}}}})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)

169.938827ms ago: executing program 3 (id=5121):
r0 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r0, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x81, 0x42}, 0x10)
connect$llc(r0, &(0x7f0000000340)={0x1a, 0x0, 0xff, 0x0, 0x0, 0x8, @random="48bd00"}, 0x10)
r1 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r1, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x10)

169.619208ms ago: executing program 3 (id=5122):
syz_emit_ethernet(0x66, &(0x7f0000000040)={@link_local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f53a04", 0x30, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x500, {0x0, 0x6, "508359", 0x0, 0x0, 0x0, @private1, @mcast1}}}}}}}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="4800000010001fff0000056800080000faff0000", @ANYRES32=0x0, @ANYBLOB="c30c424700000000280012800a00010076786c616e00000018000280140010"], 0x48}}, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x0)

78.870112ms ago: executing program 3 (id=5123):
r0 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(r0, 0xc01064c1, &(0x7f0000000080))

78.528344ms ago: executing program 3 (id=5124):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, 0x0, 0x0)

0s ago: executing program 3 (id=5125):
syz_mount_image$ocfs2(&(0x7f0000000000), &(0x7f00000048c0)='./file0\x00', 0x41, &(0x7f0000000040)={[{@user_xattr}, {@heartbeat_none}, {@coherency_buffered}, {@err_cont}, {@commit={'commit', 0x3d, 0x7f}}]}, 0x1, 0x4882, &(0x7f00000091c0)="$eJzs222MFGcBB/Bnttf2jpbj4KCl0JctpfRI7eUOE1swRl5aaVMtiLUav5zL3RWQ5Rbv9owmGmMT45ca35rQGJUvGFO1iUWMRjA0QWuT8sF+MDEao/GLNhGLtiVGS8/s7iy3M3fL7N3yYsrvl8DezDPPM8/O/+bZmXn2crHy7j0T+T0T+cJYvjT8+MS6/KdKxcl9oyHXTAjNy+ZhzvvnsrgYOcn+8tm25X0femxdCO/6/cg3p6ampkJFT5jVYMPP//7nZ4cbX+tyqTqVdmdvreZn34oWPrfwfFtk+VgIYemMflVcFULYfjyEa0MIi+N1S+LXrhDC9XF/nzh56qed7XShwdmjx08e3rtp47Fy71PLDx64p+mGUQjl9a+9sv6JHz6575evH7pAuwcAgPPaumPbh7cPDIbno9B9pGPm9fqN8Wv9+vjrf/zH3s0d0+VTtGbRJQwVAAAAUqbv/3uiM7PM19Vn1upTgn++ZtVnlkXT5VNTU1ddwu5ygT30yLb7HxgYjOd/oxnl98WrTm26qjqHmp73Tc//Lk7Vn33+d3o/9y764rJt186///X+1ffbE6Jcf2I5l+vvD6Gwuba8PFqQK5Ymync/XpocG5n/ft8ukvnXZu8TvwXxs75Tmzpayn9Jqv2s+f9vnzgyOdHRzjvoDenf2spyfuavMrNI5t98KD/0hail/HtT9bLyH3ny7z/62zXtvIP0HpmLZP61E3FV4wb52phQyf9rHdn5L021n5X/i88ee2DDPMb/FZWxPar0tTMxApyJ1zf5ChMpyfyvrq5LDJ3xgWx2/v83lf+yVPtZ+b/nhYMbTrTx+d9s/O/b3E6bV45k/rWBOJ/YYvr8X5zLPv9vSLWflf9f797wjc+19Q5m5l/pf5/P/5Yk849PxOTgWT2SrY7/N6baz8r/seGvvvTreZz/H+iK+9kdhd6Gb50eqXyEdU/PV1dvaSrF++e+jytBMv/aUUucOt21l+r535M9/i9PtZ+V/8uH33hp6CJc/w8Y/1uSzL+rum4u+b+Zyv+mVPtZ+Z++4UujP78I+T8o/5Yk818wo3z6+U+upfu/Fan6Wc9/uj+4+tW3rp5//+v9q++3/vyn/hyiL6o9/2F2yfyvm1E+1/xXpupn5V98eMuWTW1cq9X7V9+v/Ocmmf/1Tbdr9frv5lS9rPH/x0c7Pv+vdp7/RJ2eALUhmX/zP8RqNf9bUvWy8n/ht9+/JWrn81/+bUnmH1/szfIAqNX8b021n5X/1gOPruyex+d/9Y6vs57/dIffura2/uOu/1qSzL/5l5Rbzf+2VL2s/N/RdeZ3rxv/L5tk/vGDn8R4vLH6f/X+L5qZ+39S+edT7Wflf+tXjr13MP1Hw3My8/6v0v++ttq8ciTzj2fN55B/+vnP7an2s/Jf98zhR3ou8P1/Nf9V7bR55Ujmn569n1bJ/+UW7v/Shz0r/wcXvvLlfW3lH8KAZ/3zlsy/+Sdpq/nfkaqXOf83vPXV77Q1/y//diTzT8/eT6uO/53Z+a9O1cvK/7vP/WTtQBvfILxr/lWZkX969n5aq/nfmaqXlf9v/rTy4RNtnL/yb08y/9rs/Wzf/2t1/m9Nqv2s/J/9y4rT7V2qzz7/c5/7/5Yk86/N3reTf/p8zMq/5+lnfnDqAt//VZY3yr8lyfxrs/eNxzPKyD89/9uXaj8r/1+9+eLZd7b5/c/Z8t8u/5Yk86/N3s/l/E/nvzbVflb+h974Q9eii3D+f1T+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXxZL4tSdEuf7Eci7X3x9Cb7y8PCyIdhZGhnYWS8N7J0JYGq/PhyXRrmJpZ6E4tGesNDI6VCgWS8MhLIvLl4bOaKJYKg/tK+y/4VxbXdHu0cJ4eedooRxCuDFef3NYWG9r557yvsL+6rb1OtdFhU9OlsqF/smJ0fFw07n119fX7xovTe5fca6tRbnS+P7dhbGhkT3jGwYGBgbCyqZlg+Hmc+9ncTT66fLoWLn2Tmo1Q7jlPOWDIYRbz7XdEzUciGr125qXDeYb3scnSpPjY4Vitc7t8fq+5PrBZjlujF/vf2jHozveP3OzfJTMe9FHvrdmYkEIqxr6ViwNF4oN/b6jedng6objUR6fHBsulEeHiqVd9eN153nKK71b09B2Q67V6nc1Lxvsa2i3Mff6ftfG5adnKW968N4GsvK/PZX/hqWv3fuL3KXrHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/4/l3r386hNBRW8qFEPL1H6L4X11lXTh79PjJw3s3bTxW7n1q+cED96S2AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+x64cmzAIBlEAvoRskCZlFsgAwUbnsXUUQTt3sFXQAVxJENG/cQPh++Dg3uMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwO3P2byPidaRnRHzT8zgv2btYh2npyyIfq3f96ZrfZQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDG3v2DRtGEcQCe3SRfvkDQBBsLUUQhghKSRkSMYFBUMCaIsTWijYhoCrHQiGIRsEkvYmWvpLER/NOKhVgIWlipjRYWAUFR2WTXHHcHJxw4JvM8sMwuc+y8sHB3L/tbFgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+Odc3LrQW4zXd/csbn0DIXSXc/+FEHZlS/uf93WE/hDC1y9XT4cmY6W/7vw735y53bhq9nvvQs/Yi/Vt1F/VV63bF7J8sOZ4W5bng4NtLLBKbZ87d+hSZwh57EKI4vWeB+e7QggdsQship8fn80U3++dsQshioEPd3uL698VuxCiWDvyaUNX+R+P9FyeuLKj9rc/a/H5VvOsLK9O3HyXu6jJe1L2/1m56QfTMHv8yPtHsYsgmtlbk2OxawAAAP4u/X+a9P9p0/8DAEB6plvk/8Oapf17N7LQ39eY+/9Wl/+vz/I3z/8vezm/8PxkWyHUdQ3ZpOJ4aLSdc65+m0fmpu/I/ydL/j9t8v9pk/9Pm/x/2uT/0yb/T+Gp+/9Juj+3d+Fx7CKIxv1/AABIj/4/Tfr/tOn/AQAgPQePjU9ODA0Xzf//P7ob8/oby3GqzNOfndn0cKBmXn54ZTt8dHz/gaHh8ro3BoKW3/+QL85+L5/3qB8rp+qeu2j1/ofRLdfezjcJIU794fMbVX3Vut7/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPxidw5tGASDOI5+18oO0DVaBCsgISRYFAPAOiTswhwsA4IQcDjUe+Yu+Zk/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAnaIum+r3T3Ok1xqR8qUbr/17PP1+Plk7De+zx4NbAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjYgQMZAAAAAGH+1nm0HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAngoAAP//P2PAUA==")

kernel console output (not intermixed with test programs):

o 4096
[  359.064854][T14943] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  359.702704][T14968] sctp: [Deprecated]: syz.1.3704 (pid 14968) Use of struct sctp_assoc_value in delayed_ack socket option.
[  359.702704][T14968] Use struct sctp_sack_info instead
[  359.798735][T14972] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3706'.
[  360.640082][T14998] loop3: detected capacity change from 0 to 512
[  360.893861][T15004] overlayfs: failed to clone upperpath
[  361.442930][T15028] loop5: detected capacity change from 0 to 32768
[  361.448054][T15028] (syz.5.3730,15028,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  361.453737][T15028] (syz.5.3730,15028,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  361.468311][T15028] JBD2: Ignoring recovery information on journal
[  361.514632][T15028] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  361.591198][T13392] ocfs2: Unmounting device (7,5) on (node local)
[  361.670294][ T6975] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  361.822872][ T6975] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  361.826683][ T6975] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  361.833010][ T6975] usb 4-1: config 0 descriptor??
[  361.839635][ T6975] cp210x 4-1:0.0: cp210x converter detected
[  361.913257][T15042] loop5: detected capacity change from 0 to 4096
[  361.917604][T15042] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512).
[  361.942007][T15042] ntfs3(loop5): Failed to initialize $Extend/$Reparse.
[  362.359230][ T6975] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32
[  362.434268][ T6975] usb 4-1: cp210x converter now attached to ttyUSB0
[  362.570375][ T5884] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[  362.576924][ T6975] usb 4-1: USB disconnect, device number 38
[  362.582131][ T6975] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  362.589836][ T6975] cp210x 4-1:0.0: device disconnected
[  362.801956][ T5884] usb 6-1: unable to get BOS descriptor or descriptor too short
[  362.805523][ T5884] usb 6-1: not running at top speed; connect to a high speed hub
[  362.809552][ T5884] usb 6-1: config 5 has 1 interface, different from the descriptor's value: 2
[  362.814065][ T5884] usb 6-1: config 5 interface 0 has no altsetting 1
[  362.819607][ T5884] usb 6-1: New USB device found, idVendor=0582, idProduct=0074, bcdDevice=2a.70
[  362.826269][ T5884] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  362.829427][ T5884] usb 6-1: Product: syz
[  362.832215][ T5884] usb 6-1: Manufacturer: syz
[  362.834106][ T5884] usb 6-1: SerialNumber: syz
[  363.077128][ T5884] usb 6-1: USB disconnect, device number 5
[  363.189352][T15076] netlink: 'syz.1.3751': attribute type 5 has an invalid length.
[  363.859480][T15104] loop5: detected capacity change from 0 to 32768
[  363.890498][T15104] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  363.987892][T13392] ocfs2: Unmounting device (7,5) on (node local)
[  364.614216][ T5884] hid-generic 0004:0006:0003.0013: unknown main item tag 0x1
[  364.622010][ T5884] hid-generic 0004:0006:0003.0013: hidraw0: <UNKNOWN> HID v0.09 Device [syz1] on syz1
[  364.811864][T15138] syz.3.3779 (15138): drop_caches: 0
[  364.878415][T15141] loop3: detected capacity change from 0 to 1764
[  364.894930][T15141] iso9660: Corrupted directory entry in block 2 of inode 1920
[  364.951812][ T5884] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  365.067815][T15153] netlink: 'syz.3.3786': attribute type 9 has an invalid length.
[  365.070465][T15153] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3786'.
[  365.077647][T15153] hsr0: entered promiscuous mode
[  365.081894][T15153] macvlan2: entered promiscuous mode
[  365.084322][T15153] macvlan2: entered allmulticast mode
[  365.086341][T15153] hsr0: entered allmulticast mode
[  365.088292][T15153] hsr_slave_0: entered allmulticast mode
[  365.091425][T15153] hsr_slave_1: entered allmulticast mode
[  365.130302][ T5884] usb 6-1: Using ep0 maxpacket: 16
[  365.136003][ T5884] usb 6-1: config 0 has an invalid interface number: 214 but max is 0
[  365.139402][ T5884] usb 6-1: config 0 has no interface number 0
[  365.143487][ T5884] usb 6-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64
[  365.150273][ T5884] usb 6-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[  365.153909][ T5884] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  365.157000][ T5884] usb 6-1: Product: syz
[  365.158642][ T5884] usb 6-1: Manufacturer: syz
[  365.160585][ T5884] usb 6-1: SerialNumber: syz
[  365.165417][ T5884] usb 6-1: config 0 descriptor??
[  365.374620][ T5884] usbtouchscreen 6-1:0.214: Failed to read FW rev: -71
[  365.377135][ T5884] usbtouchscreen 6-1:0.214: probe with driver usbtouchscreen failed with error -71
[  365.382281][ T5884] usb 6-1: USB disconnect, device number 6
[  366.363753][T15176] loop5: detected capacity change from 0 to 256
[  366.371737][T15176] exFAT-fs (loop5): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d)
[  366.383186][T15176] exFAT-fs (loop5): start_clu is invalid cluster(0x400)
[  366.421767][T15172] loop3: detected capacity change from 0 to 32768
[  366.425657][T15172] ERROR: (device loop3): xtSearch: xt_getpage: xtree page corrupt
[  366.425657][T15172] 
[  366.429069][T15172] xtLookup: xtSearch returned -5
[  366.430942][T15172] read_mapping_page failed!
[  366.432724][T15172] jfs_mount: dbMount failed w/rc = -5
[  366.435034][T15172] Mount JFS Failure: -5
[  366.436618][T15172] jfs_mount failed w/return code = -5
[  366.757148][T15193] veth3: entered promiscuous mode
[  366.759221][T15193] veth3: entered allmulticast mode
[  366.895100][T15199] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3805'.
[  366.898350][T15200] netlink: 'syz.1.3806': attribute type 8 has an invalid length.
[  367.894346][T15206] loop3: detected capacity change from 0 to 32768
[  368.545387][T15238] loop5: detected capacity change from 0 to 1024
[  368.569685][T15238] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  368.575355][T15238] ext4 filesystem being mounted at /224/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  368.583949][T15238] EXT4-fs (loop5): shut down requested (1)
[  368.609141][T13392] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.880531][T15243] loop5: detected capacity change from 0 to 32768
[  368.887513][T15243] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  368.899490][T15243] XFS (loop5): Ending clean mount
[  368.908048][T15243] XFS (loop5): Quotacheck needed: Please wait.
[  368.935215][T15243] XFS (loop5): Quotacheck: Done.
[  368.980758][T13392] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  369.234384][T15257] loop3: detected capacity change from 0 to 4096
[  369.396555][T15276] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3838'.
[  369.562015][T15291] loop5: detected capacity change from 0 to 512
[  369.579175][T15291] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  369.621817][T13392] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  369.707614][T15302] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[  369.759815][T15304] loop5: detected capacity change from 0 to 1024
[  369.794322][T14523] hfsplus: b-tree write err: -5, ino 4
[  369.930513][ T6029] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  370.085687][ T6029] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 88, changing to 10
[  370.093754][ T6029] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  370.097523][ T6029] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1023
[  370.099606][T15312] ip6erspan0: entered promiscuous mode
[  370.104978][ T6029] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  370.108935][ T6029] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  370.112677][ T6029] usb 4-1: Product: syz
[  370.114494][ T6029] usb 4-1: Manufacturer: syz
[  370.116366][ T6029] usb 4-1: SerialNumber: syz
[  370.432066][T15320] loop5: detected capacity change from 0 to 2048
[  370.478724][T15320] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  370.502521][ T6029] cdc_ncm 4-1:1.0: bind() failure
[  370.553411][ T6029] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  370.556036][ T6029] cdc_ncm 4-1:1.1: bind() failure
[  370.592135][ T6029] usb 4-1: USB disconnect, device number 39
[  371.303792][T15362] loop3: detected capacity change from 0 to 512
[  371.307010][T15362] EXT4-fs: Ignoring removed oldalloc option
[  371.317806][T15364] loop5: detected capacity change from 0 to 256
[  371.341340][T15364] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  371.429309][T15369] loop3: detected capacity change from 0 to 2048
[  371.439766][T15369] udf: Unknown parameter 'iocharsvt'
[  371.493856][T15369] loop3: detected capacity change from 0 to 4096
[  371.564374][T15373] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[  371.568228][T15373] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[  371.576538][T15373] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[  371.580320][T15373] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[  371.584745][T15373] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[  371.587934][T15373] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[  371.592176][T15373] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256
[  371.595330][T15373] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512
[  371.598456][T15373] UDF-fs: warning (device nbd3): udf_fill_super: No partition found (1)
[  371.907497][T15381] sctp: [Deprecated]: syz.1.3882 (pid 15381) Use of int in maxseg socket option.
[  371.907497][T15381] Use struct sctp_assoc_value instead
[  372.765531][T15387] loop3: detected capacity change from 0 to 128
[  372.837756][T15398] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(4)
[  372.839821][T15398] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  372.845408][T15398] vhci_hcd vhci_hcd.0: Device attached
[  372.937579][   T33] audit: type=1326 audit(2000000418.477:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15406 comm="syz.1.3892" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f388098ec29 code=0x7ffc0000
[  372.946588][   T33] audit: type=1326 audit(2000000418.477:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15406 comm="syz.1.3892" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f388098ec29 code=0x7ffc0000
[  372.956099][   T33] audit: type=1326 audit(2000000418.487:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15406 comm="syz.1.3892" exe="/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7f388098ec29 code=0x7ffc0000
[  372.968354][   T33] audit: type=1326 audit(2000000418.487:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15406 comm="syz.1.3892" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f388098ec29 code=0x7ffc0000
[  372.977196][   T33] audit: type=1326 audit(2000000418.487:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15406 comm="syz.1.3892" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f388098ec29 code=0x7ffc0000
[  373.079532][T15399] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 0
[  373.085561][   T10] usb 43-1: new low-speed USB device number 2 using vhci_hcd
[  373.099174][T13471] vhci_hcd: stop threads
[  373.102827][T13471] vhci_hcd: release socket
[  373.104610][T13471] vhci_hcd: disconnect device
[  373.928188][T15439] loop3: detected capacity change from 0 to 16
[  374.012810][T15447] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3908'.
[  374.220922][T15463] netlink: 'syz.1.3915': attribute type 1 has an invalid length.
[  374.317055][T15473] loop5: detected capacity change from 0 to 1024
[  374.322287][T15473] EXT4-fs: Ignoring removed orlov option
[  374.324515][T15473] EXT4-fs: Ignoring removed mblk_io_submit option
[  374.327805][T15473] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  374.339196][T15468] loop3: detected capacity change from 0 to 4096
[  374.343871][T15468] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  374.355397][T15473] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  374.376258][T15468] ntfs3(loop3): ino=19, mi_enum_attr
[  374.434227][T13392] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  374.527062][T15488] loop5: detected capacity change from 0 to 1024
[  374.529978][T15488] EXT4-fs: Ignoring removed orlov option
[  374.532187][T15488] EXT4-fs: Ignoring removed nomblk_io_submit option
[  374.556439][T15488] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  374.589540][T13392] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  374.633111][T15497] loop5: detected capacity change from 0 to 128
[  374.643741][T15497] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  374.648700][T15498] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3928'.
[  374.650484][T15497] ext4 filesystem being mounted at /259/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  374.688536][T13392] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  374.699124][T15503] loop3: detected capacity change from 0 to 1024
[  374.714356][T15503] EXT4-fs: Ignoring removed nobh option
[  374.716610][T15503] EXT4-fs: Ignoring removed bh option
[  375.032814][T15517] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  375.040503][T15517] Error validating options; rc = [-22]
[  375.840409][ T6975] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  375.848935][T15542] loop3: detected capacity change from 0 to 2048
[  375.905932][T15544] loop3: detected capacity change from 0 to 1024
[  375.990339][ T6975] usb 6-1: Using ep0 maxpacket: 32
[  375.996085][ T6975] usb 6-1: unable to get BOS descriptor or descriptor too short
[  376.000140][ T6975] usb 6-1: config 7 has an invalid interface number: 187 but max is 0
[  376.352844][ T6975] usb 6-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  376.357076][ T6975] usb 6-1: config 7 has no interface number 0
[  376.359649][ T6975] usb 6-1: config 7 interface 187 altsetting 6 endpoint 0x1 has invalid wMaxPacketSize 0
[  376.367962][ T6975] usb 6-1: config 7 interface 187 altsetting 6 bulk endpoint 0x1 has invalid maxpacket 0
[  376.372460][ T6975] usb 6-1: config 7 interface 187 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  376.377577][ T6975] usb 6-1: config 7 interface 187 has no altsetting 0
[  376.386317][ T6975] usb 6-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb
[  376.391882][ T6975] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  376.395172][ T6975] usb 6-1: Product: syz
[  376.396952][ T6975] usb 6-1: Manufacturer: syz
[  376.399048][ T6975] usb 6-1: SerialNumber: syz
[  376.614557][ T6975] usb 6-1: Not enough endpoints found in device, aborting!
[  376.846523][ T5911] usb 6-1: USB disconnect, device number 7
[  377.958870][T15578] loop3: detected capacity change from 0 to 2048
[  378.038623][T15589] loop3: detected capacity change from 0 to 512
[  378.098148][T15591] could not allocate digest TFM handle sm3
[  378.111018][ T5884] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  378.146069][T15595] loop3: detected capacity change from 0 to 512
[  378.206801][   T10] vhci_hcd: vhci_device speed not set
[  378.273147][ T5884] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  378.280356][ T5884] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  378.293016][ T5884] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  378.296029][ T5884] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  378.303660][ T5884] usb 6-1: SerialNumber: syz
[  378.455468][ T1362] ieee802154 phy0 wpan0: encryption failed: -22
[  378.480902][ T1362] ieee802154 phy1 wpan1: encryption failed: -22
[  378.520983][ T5884] usb 6-1: 0:2 : does not exist
[  378.540978][ T5884] usb 6-1: USB disconnect, device number 8
[  379.694211][T15651] afs: Unknown parameter 'fl'
[  379.749376][T15652] program syz.5.3994 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  380.511237][T15664] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3999'.
[  380.576739][T15668] loop5: detected capacity change from 0 to 256
[  380.586457][T15668] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x311d6643, utbl_chksum : 0xe619d30d)
[  380.596337][T15668] exFAT-fs (loop5): valid_size(150994954) is greater than size(10)
[  380.600857][   T33] audit: type=1800 audit(2000000426.147:167): pid=15668 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.4001" name="file1" dev="loop5" ino=1048646 res=0 errno=0
[  380.796453][T15683] netlink: 'syz.1.4008': attribute type 10 has an invalid length.
[  380.799865][T15683] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4008'.
[  380.814623][T15681] netlink: 'syz.5.4007': attribute type 4 has an invalid length.
[  381.167971][T15719] loop3: detected capacity change from 0 to 8
[  381.534731][T15729] bond0: option resend_igmp: invalid value (18446744072098938880)
[  381.544164][T15729] bond0: option resend_igmp: allowed values 0 - 255
[  382.820326][ T5911] usb 6-1: new full-speed USB device number 9 using dummy_hcd
[  382.973394][ T5911] usb 6-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  382.978371][ T5911] usb 6-1: config 0 interface 0 has no altsetting 0
[  382.981396][ T5911] usb 6-1: New USB device found, idVendor=056e, idProduct=00fd, bcdDevice= 0.00
[  382.986550][ T5911] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  383.000818][ T5911] usb 6-1: config 0 descriptor??
[  383.233881][T15809] loop3: detected capacity change from 0 to 32768
[  383.238096][T15809] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.4067 (15809)
[  383.247086][T15809] BTRFS error: failed to open device for path /dev/loop3 with flags 0x23: -13
[  383.412118][ T5911] elecom 0003:056E:00FD.0014: unknown main item tag 0x0
[  383.414251][ T5911] elecom 0003:056E:00FD.0014: unknown main item tag 0x0
[  383.417036][ T5911] elecom 0003:056E:00FD.0014: unknown main item tag 0x0
[  383.422932][ T5911] elecom 0003:056E:00FD.0014: hidraw0: USB HID v1.01 Device [HID 056e:00fd] on usb-dummy_hcd.5-1/input0
[  383.432804][T15817] loop3: detected capacity change from 0 to 65
[  383.549016][T14523] Bluetooth: hci3: Frame reassembly failed (-84)
[  383.557005][   T53] Bluetooth: hci3: Frame reassembly failed (-90)
[  383.612775][ T5911] usb 6-1: USB disconnect, device number 9
[  384.264618][T15837] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4081'.
[  384.488009][   T33] audit: type=1326 audit(2000000430.027:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15850 comm="syz.5.4088" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f073438ec29 code=0x0
[  384.690434][T15863] netlink: 'syz.5.4093': attribute type 1 has an invalid length.
[  384.693731][T15863] netlink: 232 bytes leftover after parsing attributes in process `syz.5.4093'.
[  384.743759][T15868] Bluetooth: hci0: too big key_count value 38325
[  385.379038][ T5911] libceph: connect (1)[c::]:6789 error -101
[  385.386366][ T5911] libceph: mon0 (1)[c::]:6789 connect error
[  385.392190][ T5911] libceph: connect (1)[c::]:6789 error -101
[  385.394734][ T5911] libceph: mon0 (1)[c::]:6789 connect error
[  385.571292][ T5855] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  385.690613][T15904] loop3: detected capacity change from 0 to 1024
[  385.693268][T15904] EXT4-fs: Ignoring removed nomblk_io_submit option
[  385.765733][ T5911] libceph: connect (1)[c::]:6789 error -101
[  385.770788][ T5911] libceph: mon0 (1)[c::]:6789 connect error
[  385.844829][T15912] netlink: 'syz.1.4114': attribute type 5 has an invalid length.
[  385.931836][T15907] loop3: detected capacity change from 0 to 32768
[  386.236787][T15896] ceph: No mds server is up or the cluster is laggy
[  386.294595][ T5911] libceph: connect (1)[c::]:6789 error -101
[  386.297267][ T5911] libceph: mon0 (1)[c::]:6789 connect error
[  386.959854][T15950] loop5: detected capacity change from 0 to 128
[  386.967952][T15950] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  386.973603][T15950] ext4 filesystem being mounted at /328/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  387.027613][T13392] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  387.528970][T15964] loop5: detected capacity change from 0 to 2048
[  387.534925][T15964] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  387.674808][T15968] loop5: detected capacity change from 0 to 4096
[  387.678987][T15968] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512).
[  387.683689][T15968] ntfs3(loop5): $Volume is corrupted.
[  387.821187][T15976] veth0: entered promiscuous mode
[  387.824564][T15976] veth0: left promiscuous mode
[  387.935553][T15986] loop3: detected capacity change from 0 to 128
[  387.944290][T15986] ufs: ufs_fill_super(): fragment size 3263967611 is not a power of 2
[  388.150847][   T10] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  388.243857][T16001] netlink: 4436 bytes leftover after parsing attributes in process `syz.3.4156'.
[  388.248237][T16001] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096
[  388.300539][   T10] usb 6-1: Using ep0 maxpacket: 16
[  388.304884][   T10] usb 6-1: config 0 has an invalid interface number: 41 but max is 0
[  388.308044][   T10] usb 6-1: config 0 has no interface number 0
[  388.317283][   T10] usb 6-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  388.323471][   T10] usb 6-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  388.333624][   T10] usb 6-1: config 0 interface 41 has no altsetting 0
[  388.342926][   T10] usb 6-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  388.350386][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  388.353239][   T10] usb 6-1: Product: syz
[  388.354830][   T10] usb 6-1: Manufacturer: syz
[  388.356580][   T10] usb 6-1: SerialNumber: syz
[  388.369927][   T10] usb 6-1: config 0 descriptor??
[  388.375214][T15985] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  388.385401][T15985] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  388.388682][T16009] input: syz0 as /devices/virtual/input/input24
[  388.415841][T16011] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4161'.
[  388.474912][   T33] audit: type=1400 audit(2000000434.017:169): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=16014 comm="syz.3.4163"
[  388.603727][T15985] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  388.606814][T15985] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  389.213887][   T10] CoreChips 6-1:0.41 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffb9
[  389.219177][   T10] CoreChips 6-1:0.41: probe with driver CoreChips failed with error -71
[  389.224071][   T10] usb 6-1: USB disconnect, device number 10
[  389.412394][T16037] netlink: 'syz.3.4173': attribute type 1 has an invalid length.
[  390.568465][T16062] loop5: detected capacity change from 0 to 1024
[  390.573816][T16062] hfsplus: invalid extent btree flag
[  390.576290][T16062] hfsplus: failed to load extents file
[  390.946922][T16066] loop5: detected capacity change from 0 to 32768
[  390.951509][T16066] (syz.5.4186,16066,0):ocfs2_initialize_super:2087 ERROR: couldn't mount because of unsupported optional features (4).
[  390.956492][T16066] (syz.5.4186,16066,0):ocfs2_fill_super:1177 ERROR: status = -22
[  391.229927][T16080] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4193'.
[  391.235221][T16080] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4193'.
[  391.283785][T16082] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4194'.
[  391.319890][T16074] loop3: detected capacity change from 0 to 32768
[  391.324155][T16074] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.4190 (16074)
[  391.329694][T16074] BTRFS error: failed to open device for path /dev/loop3 with flags 0x23: -13
[  391.670899][T16098] netlink: 'syz.5.4202': attribute type 1 has an invalid length.
[  391.674143][T16098] netlink: 224 bytes leftover after parsing attributes in process `syz.5.4202'.
[  391.735314][T16102] loop5: detected capacity change from 0 to 512
[  391.741771][T16102] EXT4-fs (loop5): Invalid default hash set in the superblock
[  391.757002][T16104] loop3: detected capacity change from 0 to 1024
[  391.805378][T16108] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  392.270525][ T5884] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  392.424636][ T5884] usb 4-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[  392.428863][ T5884] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  392.434266][ T5884] usb 4-1: Product: syz
[  392.435858][ T5884] usb 4-1: Manufacturer: syz
[  392.437620][ T5884] usb 4-1: SerialNumber: syz
[  392.443561][ T5884] usb 4-1: config 0 descriptor??
[  392.449178][ T5884] gspca_main: sunplus-2.14.0 probing 055f:c230
[  392.649913][ T5884] gspca_sunplus: reg_r err -71
[  392.652936][ T5884] sunplus 4-1:0.0: probe with driver sunplus failed with error -71
[  392.658912][ T5884] usb 4-1: USB disconnect, device number 40
[  393.003883][T16148] 8021q: adding VLAN 0 to HW filter on device bond1
[  393.040963][T16148] bond0: (slave bond1): Enslaving as an active interface with an up link
[  393.544766][T16163] MTD: Couldn't look up '/dev/nullb0': -15
[  393.547186][T16163] /dev/nullb0: Can't lookup blockdev
[  393.768462][T16171] loop5: detected capacity change from 0 to 4096
[  394.045498][T16171] ntfs3(loop5): ino=1a, mi_enum_attr
[  394.047866][T16171] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  395.620481][ T5911] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  395.792912][ T5911] usb 6-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  395.796024][ T5911] usb 6-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  395.799329][ T5911] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  395.809068][ T5911] gspca_main: stv0680-2.14.0 probing 041e:4007
[  395.889022][T16241] binder: 16240:16241 unknown command 0
[  395.893138][T16241] binder: 16240:16241 ioctl c0306201 200000000640 returned -22
[  395.913031][T16243] 9pnet_fd: Insufficient options for proto=fd
[  395.940068][T16245] loop3: detected capacity change from 0 to 128
[  396.097712][   T33] audit: type=1326 audit(2000000441.637:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16258 comm="syz.3.4269" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f190a58ec29 code=0x0
[  396.855866][ T5911] gspca_stv0680: usb_control_msg error 0, request = 0x88, error = -32
[  396.859338][ T5911] stv0680 6-1:4.0: STV(e): camera ping failed!!
[  396.863283][ T5911] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -32
[  396.867548][ T5911] stv0680 6-1:4.0: last error: 0,  command = 0x0
[  396.874807][ T5911] usb 6-1: USB disconnect, device number 11
[  397.752208][T16291] loop5: detected capacity change from 0 to 32768
[  397.759710][T16291] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.4282 (16291)
[  397.768285][T16291] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  397.772139][T16291] BTRFS info (device loop5): using crc32c (crc32c-lib) checksum algorithm
[  397.802665][T14525] BTRFS warning (device loop5): checksum verify failed on logical 5328896 mirror 1 wanted 0x51ec978b found 0x9ef29efc level 0
[  397.807465][T16291] BTRFS warning (device loop5): failed to read root (objectid=4): -5
[  397.879049][T16291] BTRFS error (device loop5): open_ctree failed: -5
[  398.115143][T16314] netlink: 'syz.5.4286': attribute type 1 has an invalid length.
[  398.307696][T16333] ip6tnl3: entered promiscuous mode
[  398.310165][T16333] ip6tnl3: entered allmulticast mode
[  398.420445][    T9] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  398.574146][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  398.582389][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  398.592431][    T9] usb 4-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  398.596319][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  398.616395][    T9] usb 4-1: config 0 descriptor??
[  398.802923][T16357] loop5: detected capacity change from 0 to 256
[  398.852344][T16357] exFAT-fs (loop5): bogus data start sector
[  398.854967][T16357] exFAT-fs (loop5): failed to read boot sector
[  398.857646][T16357] exFAT-fs (loop5): failed to recognize exfat type
[  399.151272][    T9] usbhid 4-1:0.0: can't add hid device: -71
[  399.153232][    T9] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  399.158875][    T9] usb 4-1: USB disconnect, device number 41
[  399.503184][ T5911] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  399.650301][ T5911] usb 6-1: Using ep0 maxpacket: 8
[  399.654627][ T5911] usb 6-1: unable to get BOS descriptor or descriptor too short
[  399.658957][ T5911] usb 6-1: config 1 has an invalid interface number: 4 but max is 2
[  399.663212][ T5911] usb 6-1: config 1 has no interface number 1
[  399.665790][ T5911] usb 6-1: too many endpoints for config 1 interface 4 altsetting 16: 195, using maximum allowed: 30
[  399.670653][ T5911] usb 6-1: config 1 interface 4 altsetting 16 has 0 endpoint descriptors, different from the interface descriptor's value: 195
[  399.675662][ T5911] usb 6-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 127, changing to 7
[  399.683790][ T5911] usb 6-1: config 1 interface 4 has no altsetting 0
[  399.688825][ T5911] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  399.692946][ T5911] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  399.696210][ T5911] usb 6-1: Product: syz
[  399.697974][ T5911] usb 6-1: Manufacturer: syz
[  399.699953][ T5911] usb 6-1: SerialNumber: syz
[  399.916864][ T5911] usb 6-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  399.919521][ T5911] usb 6-1: 2:1 : invalid channels 0
[  399.930385][    T9] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  399.936430][ T5911] hub 6-1:1.4: Invalid hub with more than one config or interface
[  399.939657][ T5911] hub 6-1:1.4: probe with driver hub failed with error -22
[  399.947190][ T5911] usb 6-1: USB disconnect, device number 12
[  400.082750][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 52, changing to 7
[  400.087229][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 9272, setting to 1024
[  400.091824][    T9] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  400.096341][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  400.102475][    T9] usb 4-1: config 0 descriptor??
[  400.311677][    T9] ath6kl: Failed to submit usb control message: -71
[  400.314107][    T9] ath6kl: unable to send the bmi data to the device: -71
[  400.316919][    T9] ath6kl: Unable to send get target info: -71
[  400.319978][    T9] ath6kl: Failed to init ath6kl core: -71
[  400.333306][    T9] ath6kl_usb 4-1:0.0: probe with driver ath6kl_usb failed with error -71
[  400.338234][    T9] usb 4-1: USB disconnect, device number 42
[  400.894311][T16409] loop3: detected capacity change from 0 to 1024
[  400.928887][T16411] netlink: 'syz.3.4329': attribute type 1 has an invalid length.
[  400.992859][    T9] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  401.147515][    T9] usb 6-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config
[  401.157530][    T9] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  401.184983][    T9] usb 6-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[  401.195303][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  401.207278][    T9] usb 6-1: Product: syz
[  401.213212][    T9] usb 6-1: Manufacturer: syz
[  401.220878][    T9] usb 6-1: SerialNumber: syz
[  401.325622][    T9] rtl8150 6-1:1.0: couldn't find required endpoints
[  401.334452][    T9] rtl8150 6-1:1.0: probe with driver rtl8150 failed with error -5
[  401.377312][T16419] loop3: detected capacity change from 0 to 8192
[  401.518452][    T9] usb 6-1: USB disconnect, device number 13
[  401.856684][T16430] loop3: detected capacity change from 0 to 32768
[  402.007056][T16434] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4339'.
[  402.581255][T16444] loop3: detected capacity change from 0 to 32768
[  402.990405][ T5884] usb 4-1: new full-speed USB device number 43 using dummy_hcd
[  403.153510][ T5884] usb 4-1: config 0 has an invalid interface number: 50 but max is 0
[  403.156868][ T5884] usb 4-1: config 0 has no interface number 0
[  403.162254][ T5884] usb 4-1: New USB device found, idVendor=0b48, idProduct=1009, bcdDevice=87.f7
[  403.166495][ T5884] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  403.169628][ T5884] usb 4-1: Product: syz
[  403.171693][ T5884] usb 4-1: Manufacturer: syz
[  403.173847][ T5884] usb 4-1: SerialNumber: syz
[  403.182523][ T5884] usb 4-1: config 0 descriptor??
[  403.188363][ T5884] ttusb_dec_send_command: command bulk message failed: error -22
[  403.194054][ T5884] ttusb-dec 4-1:0.50: probe with driver ttusb-dec failed with error -22
[  403.318235][T16450] loop5: detected capacity change from 0 to 40427
[  403.323070][T16450] F2FS-fs (loop5): build fault injection rate: 11
[  403.325628][T16450] F2FS-fs (loop5): build fault injection type: 0x3bfe8b
[  403.334788][T16450] F2FS-fs (loop5): invalid crc value
[  403.337688][T16450] F2FS-fs (loop5): inject kmalloc in f2fs_kmalloc of f2fs_fill_super+0x4520/0x7170
[  403.341573][T16450] F2FS-fs (loop5): Failed to initialize F2FS segment manager (-12)
[  403.390468][ T5911] usb 4-1: USB disconnect, device number 43
[  403.703440][T16457] tap0: tun_chr_ioctl cmd 2147767521
[  403.942202][T16468] netlink: 288 bytes leftover after parsing attributes in process `syz.3.4354'.
[  403.989317][   T33] audit: type=1326 audit(2000000449.527:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16473 comm="syz.3.4357" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f190a58ec29 code=0x7ffc0000
[  404.007248][   T33] audit: type=1326 audit(2000000449.537:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16473 comm="syz.3.4357" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f190a58ec29 code=0x7ffc0000
[  404.026831][   T33] audit: type=1326 audit(2000000449.547:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16473 comm="syz.3.4357" exe="/syz-executor" sig=0 arch=c000003e syscall=150 compat=0 ip=0x7f190a58ec29 code=0x7ffc0000
[  404.037187][   T33] audit: type=1326 audit(2000000449.547:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16473 comm="syz.3.4357" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f190a58ec29 code=0x7ffc0000
[  404.049170][   T33] audit: type=1326 audit(2000000449.547:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16473 comm="syz.3.4357" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f190a58ec29 code=0x7ffc0000
[  404.106736][T16488] netlink: 104 bytes leftover after parsing attributes in process `syz.3.4364'.
[  404.335705][T16506] netlink: 'syz.3.4372': attribute type 1 has an invalid length.
[  404.350342][T16506] bond3: entered promiscuous mode
[  404.352554][T16506] 8021q: adding VLAN 0 to HW filter on device bond3
[  404.369312][T16506] 8021q: adding VLAN 0 to HW filter on device bond3
[  404.373351][T16506] bond3: (slave wireguard0): The slave device specified does not support setting the MAC address
[  404.376940][T16506] bond3: (slave wireguard0): Setting fail_over_mac to active for active-backup mode
[  404.389688][T16506] bond3: (slave wireguard0): making interface the new active one
[  404.392305][T16506] wireguard0: entered promiscuous mode
[  404.395511][T16506] bond3: (slave wireguard0): Enslaving as an active interface with an up link
[  404.766762][T16523] loop3: detected capacity change from 0 to 512
[  404.840850][   T10] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  404.851611][T16513] loop5: detected capacity change from 0 to 32768
[  404.857603][T16513] btrfs: Unknown parameter 'ref_verify'
[  405.321017][   T10] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  405.693393][T16540] loop5: detected capacity change from 0 to 1024
[  405.696946][T16540] EXT4-fs: Ignoring removed nomblk_io_submit option
[  405.852874][T16540] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  405.888126][T16540] EXT4-fs error (device loop5): __ext4_new_inode:1073: comm syz.5.4387: reserved inode found cleared - inode=18
[  406.249109][T13392] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  406.791380][T16580] xt_l2tp: v2 tid > 0xffff: 1114244
[  407.030448][ T6975] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  407.190510][ T6975] usb 6-1: Using ep0 maxpacket: 16
[  407.195318][ T6975] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  407.199438][ T6975] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  407.203471][ T6975] usb 6-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.00
[  407.208126][ T6975] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  407.215954][ T6975] usb 6-1: config 0 descriptor??
[  407.235734][T16589] netlink: 'syz.1.4408': attribute type 21 has an invalid length.
[  407.238663][T16589] netlink: 164 bytes leftover after parsing attributes in process `syz.1.4408'.
[  407.627082][ T6975] apple 0003:05AC:024B.0015: unknown global tag 0xe
[  407.629752][ T6975] apple 0003:05AC:024B.0015: item 0 1 1 14 parsing failed
[  407.634035][ T6975] apple 0003:05AC:024B.0015: parse failed
[  407.636270][ T6975] apple 0003:05AC:024B.0015: probe with driver apple failed with error -22
[  407.835835][ T5884] usb 6-1: USB disconnect, device number 14
[  407.940482][ T5911] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  408.092848][ T5911] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  408.096764][ T5911] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  408.101412][ T5911] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121
[  408.107669][ T5911] usb 4-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  408.113450][ T5911] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  408.116701][ T5911] usb 4-1: Product: syz
[  408.118420][ T5911] usb 4-1: Manufacturer: syz
[  408.120527][ T5911] usb 4-1: SerialNumber: syz
[  408.125038][ T5911] usb 4-1: config 0 descriptor??
[  408.127751][T16597] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  408.131048][T16597] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  408.134918][ T5911] usb 4-1: ucan: probing device on interface #0
[  408.739913][ T5911] ucan 4-1:0.0: probe with driver ucan failed with error -71
[  408.746831][ T5911] usb 4-1: USB disconnect, device number 44
[  408.748745][T16618] syz.1.4421 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  408.898359][T16633] program syz.5.4428 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  408.968610][T16641] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4433'.
[  408.973525][T16643] input: syz1 as /devices/virtual/input/input25
[  409.145061][T16651] sctp: [Deprecated]: syz.1.4437 (pid 16651) Use of int in maxseg socket option.
[  409.145061][T16651] Use struct sctp_assoc_value instead
[  409.169893][T16653] loop5: detected capacity change from 0 to 512
[  409.185317][T16653] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  409.190765][T16653] ext4 filesystem being mounted at /438/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  409.416573][T16660] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.4438: bg 0: block 96: padding at end of block bitmap is not set
[  409.428968][T16660] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 1023 with error 117
[  409.436988][T16660] EXT4-fs (loop5): This should not happen!! Data will be lost
[  409.436988][T16660] 
[  409.474826][T16653] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 1024 with max blocks 256 with error 28
[  409.482921][T16677] loop3: detected capacity change from 0 to 512
[  409.486901][T16653] EXT4-fs (loop5): This should not happen!! Data will be lost
[  409.486901][T16653] 
[  409.491062][T16677] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  409.493651][T16677] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c01c, mo2=0002]
[  409.496384][T16677] System zones: 1-12
[  409.498102][T16653] EXT4-fs (loop5): Total free blocks count 0
[  409.501152][T16653] EXT4-fs (loop5): Free/Dirty block details
[  409.503442][T16677] EXT4-fs (loop3): write access unavailable, skipping orphan cleanup
[  409.507455][T16677] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  409.511942][T16653] EXT4-fs (loop5): free_blocks=0
[  409.514307][T16653] EXT4-fs (loop5): dirty_blocks=256
[  409.518407][T16653] EXT4-fs (loop5): Block reservation details
[  409.543975][ T7778] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  409.651884][T16682] ptrace attach of "/syz-executor exec"[7778] was attempted by ""[16682]
[  409.713874][T16688] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4452'.
[  409.755637][T16690] loop3: detected capacity change from 0 to 128
[  410.305845][T16720] loop5: detected capacity change from 0 to 4096
[  410.309189][T16720] ntfs3(loop5): Different NTFS sector size (2048) and media sector size (512).
[  410.349155][   T33] audit: type=1800 audit(2000000455.890:176): pid=16720 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.4467" name="file1" dev="loop5" ino=30 res=0 errno=0
[  410.372409][T16729] netlink: 'syz.1.4471': attribute type 11 has an invalid length.
[  410.396760][T16731] cgroup: none used incorrectly
[  410.431807][T16737] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4475'.
[  410.447292][T16737] vlan2: entered promiscuous mode
[  410.457843][T16737] macvtap0: entered promiscuous mode
[  410.804579][T16747] loop5: detected capacity change from 0 to 32768
[  410.816879][T16747] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  410.835906][T16747] XFS (loop5): Ending clean mount
[  410.856465][T13392] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  411.009564][T16763] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4485'.
[  411.072248][T16769] loop5: detected capacity change from 0 to 512
[  411.075286][T16769] EXT4-fs: Ignoring removed nomblk_io_submit option
[  411.082559][T16773] loop3: detected capacity change from 0 to 8
[  411.083832][T16769] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2
[  411.085499][T16773] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  411.088734][T16769] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 227 vs 220 free clusters
[  411.096568][T16769] EXT4-fs (loop5): Remounting filesystem read-only
[  411.099126][T16769] EXT4-fs (loop5): 1 truncate cleaned up
[  411.102054][T16769] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  411.120436][T13392] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  411.179492][T16777] loop3: detected capacity change from 0 to 1024
[  412.266261][   T33] audit: type=1804 audit(2000000457.800:177): pid=16800 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.4501" name="/newroot/454/bus/bus" dev="overlay" ino=2400 res=1 errno=0
[  412.292512][   T33] audit: type=1804 audit(2000000457.810:178): pid=16800 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.4501" name="/newroot/454/bus/bus" dev="overlay" ino=2400 res=1 errno=0
[  412.300141][   T33] audit: type=1800 audit(2000000457.810:179): pid=16800 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.4501" name="bus" dev="overlay" ino=2400 res=0 errno=0
[  412.685761][T16812] input: syz1 as /devices/virtual/input/input26
[  412.688687][T16812] input: failed to attach handler leds to device input26, error: -6
[  413.222337][T16824] loop3: detected capacity change from 0 to 512
[  413.282764][ T5855] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  413.287010][ T5855] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  413.291665][ T5855] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  413.297074][ T5855] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  413.300405][ T5855] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  413.344439][T16829] 8021q: adding VLAN 0 to HW filter on device bond4
[  413.362606][T16829] bond4: option mode: unable to set because the bond device is up
[  413.484562][T16825] chnl_net:caif_netlink_parms(): no params data found
[  413.595146][T16825] bridge0: port 1(bridge_slave_0) entered blocking state
[  413.598060][T16825] bridge0: port 1(bridge_slave_0) entered disabled state
[  413.602405][T16825] bridge_slave_0: entered allmulticast mode
[  413.606483][T16825] bridge_slave_0: entered promiscuous mode
[  413.621980][T16825] bridge0: port 2(bridge_slave_1) entered blocking state
[  413.624794][T16825] bridge0: port 2(bridge_slave_1) entered disabled state
[  413.627778][T16825] bridge_slave_1: entered allmulticast mode
[  413.653848][T16825] bridge_slave_1: entered promiscuous mode
[  413.883717][T16825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  413.888649][T16825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  414.024894][T16825] team0: Port device team_slave_0 added
[  414.051756][T16825] team0: Port device team_slave_1 added
[  414.119823][T16825] batman_adv: batadv0: Adding interface: batadv_slave_0
[  414.123592][T16825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  414.135242][T16825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  414.144074][T16825] batman_adv: batadv0: Adding interface: batadv_slave_1
[  414.147160][T16825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  414.161352][T16825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  414.212078][T16825] hsr_slave_0: entered promiscuous mode
[  414.215555][T16825] hsr_slave_1: entered promiscuous mode
[  414.218720][T16825] debugfs: 'hsr0' already exists in 'hsr'
[  414.222200][T16825] Cannot create hsr debugfs directory
[  414.404578][T16825] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  414.410726][T16825] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  414.495554][T16825] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  414.502355][T16825] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  414.578786][T16825] 8021q: adding VLAN 0 to HW filter on device bond0
[  414.603131][T16825] 8021q: adding VLAN 0 to HW filter on device team0
[  414.617278][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[  414.620296][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[  414.636685][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[  414.639526][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[  414.844414][T16825] 8021q: adding VLAN 0 to HW filter on device batadv0
[  415.026428][T16874] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4523'.
[  415.030074][T16874] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4523'.
[  415.330588][ T5855] Bluetooth: hci0: command tx timeout
[  415.371938][T16825] veth0_vlan: entered promiscuous mode
[  415.380610][T16825] veth1_vlan: entered promiscuous mode
[  415.403112][T16825] veth0_macvtap: entered promiscuous mode
[  415.408625][T16825] veth1_macvtap: entered promiscuous mode
[  415.425780][T16825] batman_adv: batadv0: Interface activated: batadv_slave_0
[  415.434396][T16825] batman_adv: batadv0: Interface activated: batadv_slave_1
[  415.445766][ T5866] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  415.448659][ T5866] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  415.451886][ T5866] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  415.455097][ T5866] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  415.529049][   T27] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  415.535969][   T27] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  415.553242][T15321] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  415.556695][T15321] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  415.695755][   T33] audit: type=1326 audit(2000000461.240:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16883 comm="syz.6.4526" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29d758ec29 code=0x7ffc0000
[  415.704096][   T33] audit: type=1326 audit(2000000461.240:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16883 comm="syz.6.4526" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29d758ec29 code=0x7ffc0000
[  415.713391][   T33] audit: type=1326 audit(2000000461.250:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16883 comm="syz.6.4526" exe="/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f29d758ec29 code=0x7ffc0000
[  415.722780][   T33] audit: type=1326 audit(2000000461.250:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16883 comm="syz.6.4526" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29d758ec29 code=0x7ffc0000
[  415.736885][   T33] audit: type=1326 audit(2000000461.250:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16883 comm="syz.6.4526" exe="/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f29d758ec29 code=0x7ffc0000
[  415.746114][   T33] audit: type=1326 audit(2000000461.250:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16883 comm="syz.6.4526" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29d758ec29 code=0x7ffc0000
[  415.757309][   T33] audit: type=1326 audit(2000000461.250:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16883 comm="syz.6.4526" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f29d758ec29 code=0x7ffc0000
[  415.766579][   T33] audit: type=1326 audit(2000000461.250:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16883 comm="syz.6.4526" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29d758ec29 code=0x7ffc0000
[  415.775697][   T33] audit: type=1326 audit(2000000461.250:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16883 comm="syz.6.4526" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29d758ec29 code=0x7ffc0000
[  415.974424][T16890] loop6: detected capacity change from 0 to 32768
[  415.991535][T16890] ERROR: (device loop6): dbAlloc: the hint is outside the map
[  415.991535][T16890] 
[  415.995895][T16890] ERROR: (device loop6): remounting filesystem as read-only
[  416.205518][T16898] netlink: 256 bytes leftover after parsing attributes in process `syz.6.4533'.
[  416.283004][T16902] usb usb1: usbfs: process 16902 (syz.6.4535) did not claim interface 0 before use
[  416.344752][T16906] affs: No valid root block on device nullb0
[  416.554437][T16910] loop6: detected capacity change from 0 to 32768
[  416.563196][T16910] XFS (loop6): logbuf size must be greater than or equal to log stripe size
[  416.805910][T16921] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null.
[  416.865872][T16925] loop6: detected capacity change from 0 to 1024
[  416.869209][T16925] EXT4-fs: Ignoring removed oldalloc option
[  416.877615][T16925] EXT4-fs (loop6): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  416.897115][T16925] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  416.945208][T16825] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  417.206883][T16937] loop6: detected capacity change from 0 to 40427
[  417.210142][T16937] F2FS-fs (loop6): build fault injection rate: 771
[  417.213737][T16937] F2FS-fs (loop6): invalid crc value
[  417.251233][T16937] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  417.255117][T16937] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  417.292218][T16825] syz-executor: attempt to access beyond end of device
[  417.292218][T16825] loop6: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  417.298938][T16825] CPU: 0 UID: 0 PID: 16825 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  417.298960][T16825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  417.298969][T16825] Call Trace:
[  417.298975][T16825]  <TASK>
[  417.298981][T16825]  dump_stack_lvl+0x189/0x250
[  417.299006][T16825]  ? __pfx_dump_stack_lvl+0x10/0x10
[  417.299023][T16825]  ? __pfx_queue_work_on+0x10/0x10
[  417.299035][T16825]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  417.299050][T16825]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  417.299073][T16825]  f2fs_handle_critical_error+0x37c/0x540
[  417.299095][T16825]  f2fs_write_end_io+0x886/0xb60
[  417.299127][T16825]  __submit_merged_bio+0x27a/0x6a0
[  417.299147][T16825]  __submit_merged_write_cond+0x255/0x530
[  417.299174][T16825]  f2fs_write_data_pages+0x261d/0x3000
[  417.299218][T16825]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  417.299296][T16825]  ? folio_unqueue_deferred_split+0x93/0x230
[  417.299321][T16825]  ? folios_put_refs+0x584/0x670
[  417.299347][T16825]  ? __pfx_folios_put_refs+0x10/0x10
[  417.299364][T16825]  ? rcu_is_watching+0x15/0xb0
[  417.299384][T16825]  ? __lock_acquire+0xab9/0xd20
[  417.299417][T16825]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  417.299433][T16825]  do_writepages+0x32e/0x550
[  417.299455][T16825]  ? do_raw_spin_unlock+0x4d/0x240
[  417.299476][T16825]  filemap_fdatawrite+0x199/0x240
[  417.299491][T16825]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  417.299562][T16825]  ? do_raw_spin_unlock+0x4d/0x240
[  417.299582][T16825]  f2fs_sync_dirty_inodes+0x31f/0x830
[  417.299643][T16825]  f2fs_write_checkpoint+0x93e/0x2440
[  417.299658][T16825]  ? stack_depot_save_flags+0x40/0x860
[  417.299701][T16825]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  417.299752][T16825]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  417.299769][T16825]  ? kfree+0x19a/0x6d0
[  417.299800][T16825]  kill_f2fs_super+0x2cc/0x6d0
[  417.299823][T16825]  ? __pfx_kill_f2fs_super+0x10/0x10
[  417.299854][T16825]  ? shrinker_free+0x2ce/0x3e0
[  417.299877][T16825]  deactivate_locked_super+0xbc/0x130
[  417.299902][T16825]  cleanup_mnt+0x425/0x4c0
[  417.299923][T16825]  ? lockdep_hardirqs_on+0x9c/0x150
[  417.299941][T16825]  task_work_run+0x1d4/0x260
[  417.299960][T16825]  ? __pfx_task_work_run+0x10/0x10
[  417.299974][T16825]  ? __x64_sys_umount+0x122/0x160
[  417.299991][T16825]  ? exit_to_user_mode_loop+0x40/0x130
[  417.300013][T16825]  exit_to_user_mode_loop+0xe9/0x130
[  417.300031][T16825]  do_syscall_64+0x2bd/0xfa0
[  417.300049][T16825]  ? lockdep_hardirqs_on+0x9c/0x150
[  417.300062][T16825]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  417.300076][T16825]  ? exc_page_fault+0xab/0x100
[  417.300094][T16825]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  417.300107][T16825] RIP: 0033:0x7f29d758ff57
[  417.300121][T16825] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  417.300133][T16825] RSP: 002b:00007ffcc96ece88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  417.300148][T16825] RAX: 0000000000000000 RBX: 00007f29d7611c2d RCX: 00007f29d758ff57
[  417.300157][T16825] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcc96ecf40
[  417.300165][T16825] RBP: 00007ffcc96ecf40 R08: 000000000000c088 R09: 0000000000000000
[  417.300172][T16825] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcc96edfd0
[  417.300181][T16825] R13: 00007f29d7611c2d R14: 0000000000065d7c R15: 00007ffcc96ee010
[  417.300207][T16825]  </TASK>
[  417.412701][ T5855] Bluetooth: hci0: command tx timeout
[  417.417892][T16825] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  417.422041][T16825] CPU: 0 UID: 0 PID: 16825 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  417.422052][T16825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  417.422057][T16825] Call Trace:
[  417.422061][T16825]  <TASK>
[  417.422065][T16825]  dump_stack_lvl+0x189/0x250
[  417.422081][T16825]  ? __pfx_dump_stack_lvl+0x10/0x10
[  417.422090][T16825]  ? __pfx_queue_work_on+0x10/0x10
[  417.422097][T16825]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  417.422107][T16825]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  417.422122][T16825]  f2fs_handle_critical_error+0x37c/0x540
[  417.422134][T16825]  f2fs_write_end_io+0x886/0xb60
[  417.422153][T16825]  __submit_merged_bio+0x27a/0x6a0
[  417.422164][T16825]  __submit_merged_write_cond+0x255/0x530
[  417.422180][T16825]  f2fs_write_data_pages+0x261d/0x3000
[  417.422206][T16825]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  417.422240][T16825]  ? folio_unqueue_deferred_split+0x93/0x230
[  417.422253][T16825]  ? folios_put_refs+0x584/0x670
[  417.422269][T16825]  ? __pfx_folios_put_refs+0x10/0x10
[  417.422279][T16825]  ? rcu_is_watching+0x15/0xb0
[  417.422292][T16825]  ? __lock_acquire+0xab9/0xd20
[  417.422311][T16825]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  417.422320][T16825]  do_writepages+0x32e/0x550
[  417.422333][T16825]  ? do_raw_spin_unlock+0x4d/0x240
[  417.422345][T16825]  filemap_fdatawrite+0x199/0x240
[  417.422354][T16825]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  417.422386][T16825]  ? do_raw_spin_unlock+0x4d/0x240
[  417.422397][T16825]  f2fs_sync_dirty_inodes+0x31f/0x830
[  417.422414][T16825]  f2fs_write_checkpoint+0x93e/0x2440
[  417.422423][T16825]  ? stack_depot_save_flags+0x40/0x860
[  417.422448][T16825]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  417.422477][T16825]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  417.422486][T16825]  ? kfree+0x19a/0x6d0
[  417.422499][T16825]  kill_f2fs_super+0x2cc/0x6d0
[  417.422513][T16825]  ? __pfx_kill_f2fs_super+0x10/0x10
[  417.422548][T16825]  ? shrinker_free+0x2ce/0x3e0
[  417.422562][T16825]  deactivate_locked_super+0xbc/0x130
[  417.422577][T16825]  cleanup_mnt+0x425/0x4c0
[  417.422614][T16825]  ? lockdep_hardirqs_on+0x9c/0x150
[  417.422626][T16825]  task_work_run+0x1d4/0x260
[  417.422637][T16825]  ? __pfx_task_work_run+0x10/0x10
[  417.422645][T16825]  ? __x64_sys_umount+0x122/0x160
[  417.422655][T16825]  ? exit_to_user_mode_loop+0x40/0x130
[  417.422668][T16825]  exit_to_user_mode_loop+0xe9/0x130
[  417.422679][T16825]  do_syscall_64+0x2bd/0xfa0
[  417.422688][T16825]  ? lockdep_hardirqs_on+0x9c/0x150
[  417.422697][T16825]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  417.422705][T16825]  ? exc_page_fault+0xab/0x100
[  417.422714][T16825]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  417.422721][T16825] RIP: 0033:0x7f29d758ff57
[  417.422730][T16825] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  417.422736][T16825] RSP: 002b:00007ffcc96ece88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  417.422745][T16825] RAX: 0000000000000000 RBX: 00007f29d7611c2d RCX: 00007f29d758ff57
[  417.422750][T16825] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcc96ecf40
[  417.422755][T16825] RBP: 00007ffcc96ecf40 R08: 000000000000c088 R09: 0000000000000000
[  417.422759][T16825] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcc96edfd0
[  417.422769][T16825] R13: 00007f29d7611c2d R14: 0000000000065d7c R15: 00007ffcc96ee010
[  417.422784][T16825]  </TASK>
[  417.423334][T16825] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  417.831081][T16958] Scaler: =================  START STATUS  =================
[  417.833534][T16958] Scaler: ==================  END STATUS  ==================
[  417.951360][T16966] loop5: detected capacity change from 0 to 4096
[  417.954992][T16973] loop3: detected capacity change from 0 to 1024
[  418.030459][T16976] loop3: detected capacity change from 0 to 1024
[  418.037197][T16976] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  418.043814][T16976] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  418.049568][T16976] EXT4-fs (loop3): invalid journal inode
[  418.053311][T16976] EXT4-fs (loop3): can't get journal size
[  418.056693][T16976] EXT4-fs (loop3): corrupt root inode, run e2fsck
[  418.059404][T16976] EXT4-fs (loop3): mount failed
[  418.098305][T16966] ntfs3(loop5): Failed to initialize $Extend/$ObjId.
[  418.628566][T16990] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4571'.
[  418.773595][T16999] loop3: detected capacity change from 0 to 2048
[  418.850102][T17003] overlayfs: failed to resolve './file1': -2
[  418.884186][T17005] loop6: detected capacity change from 0 to 256
[  418.958102][T16997] loop5: detected capacity change from 0 to 32768
[  418.967418][T16997] ocfs2: Slot 0 on device (7,5) was already allocated to this node!
[  418.976129][T16997] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  419.039613][T13392] ocfs2: Unmounting device (7,5) on (node local)
[  419.160751][    T9] usb 4-1: new full-speed USB device number 45 using dummy_hcd
[  419.266317][T17027] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  419.312408][    T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  419.317428][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  419.324307][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  419.328759][    T9] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  419.345112][    T9] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  419.348527][    T9] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  419.355217][    T9] usb 4-1: Manufacturer: syz
[  419.358204][    T9] usb 4-1: config 0 descriptor??
[  419.396548][T17027] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  419.471808][T17039] netlink: 35 bytes leftover after parsing attributes in process `syz.6.4594'.
[  419.474826][T17039] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4594'.
[  419.486632][T17027] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  419.491036][ T5855] Bluetooth: hci0: command tx timeout
[  419.579280][T17027] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  419.604384][T17041] sp0: Synchronizing with TNC
[  419.613480][T17040] [U] `
[  419.642230][    T9] rc_core: IR keymap rc-hauppauge not found
[  419.644173][    T9] Registered IR keymap rc-empty
[  419.645789][    T9] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  419.672555][    T9] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  419.701576][    T9] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  419.702926][ T5866] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  419.708158][    T9] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input27
[  419.722511][    T9] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  419.727575][ T5866] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  419.740583][    T9] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  419.758661][ T5866] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  419.770614][    T9] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  419.790754][    T9] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  419.805570][ T5866] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  419.810895][    T9] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  419.830534][    T9] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  419.850480][    T9] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  419.873322][    T9] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  419.892987][    T9] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  419.910769][    T9] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  419.929497][T17052] loop6: detected capacity change from 0 to 256
[  419.932883][    T9] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  419.935658][T17052] exfat: Deprecated parameter 'namecase'
[  419.942103][T17052] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x8d1bf2bd, utbl_chksum : 0xe619d30d)
[  419.949714][T17050] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4598'.
[  419.956905][    T9] mceusb 4-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  419.962458][    T9] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  420.028601][T17054] loop5: detected capacity change from 0 to 16
[  420.035868][T17054] erofs (device loop5): mounted with root inode @ nid 36.
[  420.063717][  T793] usb 4-1: USB disconnect, device number 45
[  420.916739][T17080] loop6: detected capacity change from 0 to 764
[  420.970393][  T793] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[  421.122720][  T793] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  421.129023][  T793] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  421.133240][  T793] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  421.136376][  T793] usb 4-1: SerialNumber: syz
[  421.570802][ T5855] Bluetooth: hci0: command tx timeout
[  421.763580][  T793] cdc_ether 4-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.3-1, CDC Ethernet Device, 42:42:42:42:42:42
[  422.177924][  T794] usb 4-1: USB disconnect, device number 46
[  422.191856][  T794] cdc_ether 4-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.3-1, CDC Ethernet Device
[  422.812118][T17092] sit0: Caught tx_queue_len zero misconfig
[  422.986440][T17096] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4617'.
[  423.091873][T17104] loop6: detected capacity change from 0 to 4096
[  423.096071][T17104] ntfs3(loop6): Different NTFS sector size (1024) and media sector size (512).
[  423.108861][T17104] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[  423.119739][T17104] ntfs3(loop6): Failed to load $LogFile (-22).
[  423.230881][T17110] loop3: detected capacity change from 0 to 4096
[  423.234983][T17110] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512).
[  423.245963][T17110] ntfs3(loop3): Failed to load $Bitmap (-22).
[  423.379950][T17120] loop3: detected capacity change from 0 to 4096
[  423.530399][    T9] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  423.579440][T17130] loop3: detected capacity change from 0 to 512
[  423.680419][    T9] usb 7-1: Using ep0 maxpacket: 8
[  423.685413][    T9] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  423.688111][    T9] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  423.694257][    T9] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  423.697650][    T9] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  423.701279][    T9] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  423.706802][    T9] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  423.715925][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  423.748654][T17140] loop3: detected capacity change from 0 to 164
[  423.927139][    T9] usb 7-1: usb_control_msg returned -32
[  423.929358][    T9] usbtmc 7-1:16.0: can't read capabilities
[  424.290392][    T9] usb 4-1: new full-speed USB device number 47 using dummy_hcd
[  424.442597][    T9] usb 4-1: config 0 has an invalid interface number: 236 but max is 0
[  424.445965][    T9] usb 4-1: config 0 has no interface number 0
[  424.448625][    T9] usb 4-1: config 0 interface 236 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[  424.453219][    T9] usb 4-1: config 0 interface 236 altsetting 0 endpoint 0x83 has invalid maxpacket 255, setting to 64
[  424.461193][    T9] usb 4-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[  424.465660][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  424.469026][    T9] usb 4-1: Product: syz
[  424.471053][    T9] usb 4-1: Manufacturer: syz
[  424.473026][    T9] usb 4-1: SerialNumber: syz
[  424.477469][    T9] usb 4-1: config 0 descriptor??
[  424.480432][T17159] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  424.686606][    T9] usbtouchscreen 4-1:0.236: Failed to read FW rev: -71
[  424.689407][    T9] usbtouchscreen 4-1:0.236: probe with driver usbtouchscreen failed with error -71
[  424.694931][    T9] usb 4-1: USB disconnect, device number 47
[  425.161281][  T793] usb 6-1: new full-speed USB device number 15 using dummy_hcd
[  425.333181][  T793] usb 6-1: config index 0 descriptor too short (expected 35577, got 27)
[  425.336474][  T793] usb 6-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  425.339967][  T793] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 92
[  425.343730][  T793] usb 6-1: config 1 has no interface number 0
[  425.346261][  T793] usb 6-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  425.350960][  T793] usb 6-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  425.356116][  T793] usb 6-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  425.359711][  T793] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  425.396244][  T793] snd_usb_pod 6-1:1.1: Line 6 Pocket POD found
[  425.960703][  T793] snd_usb_pod 6-1:1.1: Line 6 Pocket POD now attached
[  426.179441][    T9] usb 6-1: USB disconnect, device number 15
[  426.185506][    T9] snd_usb_pod 6-1:1.1: Line 6 Pocket POD now disconnected
[  426.331806][ T6029] usb 7-1: USB disconnect, device number 2
[  426.573604][T17177] loop6: detected capacity change from 0 to 256
[  426.601817][T17177] FAT-fs (loop6): Directory bread(block 64) failed
[  426.604136][T17177] FAT-fs (loop6): Directory bread(block 65) failed
[  426.606701][T17177] FAT-fs (loop6): Directory bread(block 66) failed
[  426.609295][T17177] FAT-fs (loop6): Directory bread(block 67) failed
[  426.613663][T17177] FAT-fs (loop6): Directory bread(block 68) failed
[  426.617147][T17177] FAT-fs (loop6): Directory bread(block 69) failed
[  426.620026][T17177] FAT-fs (loop6): Directory bread(block 70) failed
[  426.623625][T17177] FAT-fs (loop6): Directory bread(block 71) failed
[  426.626251][T17177] FAT-fs (loop6): Directory bread(block 72) failed
[  426.628740][T17177] FAT-fs (loop6): Directory bread(block 73) failed
[  426.767177][T17189] loop3: detected capacity change from 0 to 1024
[  427.401312][T17229] loop5: detected capacity change from 0 to 512
[  427.991157][T17241] loop6: detected capacity change from 0 to 32768
[  428.000588][T17241] ERROR: (device loop6): dbAlloc: the hint is outside the map
[  428.000588][T17241] 
[  428.004667][T17241] ialloc: diAlloc returned -5!
[  428.082075][  T793] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  428.230360][  T793] usb 6-1: Using ep0 maxpacket: 32
[  428.236172][  T793] usb 6-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  428.239232][  T793] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  428.241749][  T793] usb 6-1: Product: syz
[  428.243382][  T793] usb 6-1: Manufacturer: syz
[  428.245040][  T793] usb 6-1: SerialNumber: syz
[  428.248317][  T793] usb 6-1: config 0 descriptor??
[  428.253708][  T793] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  428.332015][T17249] loop3: detected capacity change from 0 to 256
[  428.335873][T17249] FAT-fs (loop3): bogus number of FAT sectors
[  428.338278][T17249] FAT-fs (loop3): Can't find a valid FAT filesystem
[  428.400671][    T9] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  428.550372][    T9] usb 7-1: Using ep0 maxpacket: 32
[  428.558625][    T9] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  428.564371][    T9] usb 7-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0
[  428.568074][    T9] usb 7-1: config 0 interface 0 has no altsetting 0
[  428.573663][    T9] usb 7-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=dc.8e
[  428.577072][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  428.580871][    T9] usb 7-1: Product: syz
[  428.582647][    T9] usb 7-1: Manufacturer: syz
[  428.584445][    T9] usb 7-1: SerialNumber: syz
[  428.588495][    T9] usb 7-1: config 0 descriptor??
[  428.704559][T17261] loop3: detected capacity change from 0 to 1024
[  429.000629][ T5911] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[  429.001146][    T9] gs_usb 7-1:0.0: Configuring for 1 interfaces
[  429.150365][ T5911] usb 4-1: Using ep0 maxpacket: 16
[  429.153573][ T5911] usb 4-1: too many configurations: 112, using maximum allowed: 8
[  429.171656][ T5911] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  429.176470][ T5911] usb 4-1: New USB device strings: Mfr=144, Product=246, SerialNumber=0
[  429.179939][ T5911] usb 4-1: Product: syz
[  429.182970][ T5911] usb 4-1: Manufacturer: syz
[  429.189966][ T5911] r8152-cfgselector 4-1: Unknown version 0x0000
[  429.192617][ T5911] r8152-cfgselector 4-1: config 0 descriptor??
[  429.198101][ T5911] cdc_acm 4-1:0.0: Zero length descriptor references
[  429.201076][ T5911] cdc_acm 4-1:0.0: probe with driver cdc_acm failed with error -22
[  429.207278][    T9] gs_usb 7-1:0.0: Couldn't register candev for channel 0 (-EINVAL)
[  429.212359][    T9] gs_usb 7-1:0.0: probe with driver gs_usb failed with error -22
[  429.404643][    T9] r8152-cfgselector 4-1: USB disconnect, device number 48
[  429.412204][   T10] usb 7-1: USB disconnect, device number 3
[  429.683964][  T793] gspca_ov534_9: reg_r err -71
[  429.940477][  T793] gspca_ov534_9: Unknown sensor 0000
[  429.940563][  T793] ov534_9 6-1:0.0: probe with driver ov534_9 failed with error -22
[  429.961861][  T793] usb 6-1: USB disconnect, device number 16
[  430.064088][   T33] audit: type=1326 audit(2000000475.610:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17272 comm="syz.3.4697" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f190a58ec29 code=0x0
[  430.948124][T17290] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4704'.
[  431.013911][T17292] loop3: detected capacity change from 0 to 4096
[  431.352199][T17305] netlink: 4280 bytes leftover after parsing attributes in process `syz.3.4706'.
[  431.355377][T17305] netlink: 4280 bytes leftover after parsing attributes in process `syz.3.4706'.
[  431.647363][T17313] loop6: detected capacity change from 0 to 1024
[  432.199432][  T793] usb 6-1: new full-speed USB device number 17 using dummy_hcd
[  432.242621][T17317] netlink: 'syz.3.4715': attribute type 1 has an invalid length.
[  432.271830][T17317] 8021q: adding VLAN 0 to HW filter on device bond5
[  432.295663][T17317] bond5: (slave geneve2): making interface the new active one
[  432.299723][T17317] bond5: (slave geneve2): Enslaving as an active interface with an up link
[  432.324059][T17317] syz.3.4715 (17317) used greatest stack depth: 17688 bytes left
[  432.353051][  T793] usb 6-1: config 0 has an invalid interface number: 248 but max is 0
[  432.356755][  T793] usb 6-1: config 0 has no interface number 0
[  432.359561][  T793] usb 6-1: config 0 interface 248 altsetting 0 endpoint 0x5 has invalid maxpacket 48120, setting to 64
[  432.371210][  T793] usb 6-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  432.375048][  T793] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  432.378270][  T793] usb 6-1: Product: syz
[  432.380140][  T793] usb 6-1: Manufacturer: syz
[  432.385106][  T793] usb 6-1: SerialNumber: syz
[  432.391315][  T793] usb 6-1: config 0 descriptor??
[  432.397527][  T793] snd-usb-audio 6-1:0.248: probe with driver snd-usb-audio failed with error -22
[  432.428318][T17324] netlink: 27 bytes leftover after parsing attributes in process `syz.3.4718'.
[  432.604499][ T6029] usb 6-1: USB disconnect, device number 17
[  432.617138][T17333] QAT: Invalid ioctl 21531
[  432.660990][T17336] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4724'.
[  432.674689][T17338] loop6: detected capacity change from 0 to 256
[  432.678575][T17338] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  432.683426][T17338] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[  432.694737][T17338] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  432.699958][T17338] exFAT-fs (loop6): failed to load alloc-bitmap
[  432.703315][T17338] exFAT-fs (loop6): failed to recognize exfat type
[  432.788511][T17346] loop3: detected capacity change from 0 to 1764
[  432.893607][T17349] iso9660: Corrupted directory entry in block 2 of inode 1920
[  432.899944][T17349] iso9660: Corrupted directory entry in block 2 of inode 1920
[  433.183765][T17355] loop6: detected capacity change from 0 to 512
[  433.188170][T17355] EXT4-fs: Ignoring removed mblk_io_submit option
[  433.192995][T17355] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  433.208027][T17355] EXT4-fs (loop6): 1 truncate cleaned up
[  433.216624][T17355] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  433.299857][T16825] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  433.301334][T17361] netlink: 72 bytes leftover after parsing attributes in process `syz.5.4735'.
[  433.321820][T17361] netlink: 72 bytes leftover after parsing attributes in process `syz.5.4735'.
[  433.419460][T17363] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  433.790441][ T6029] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  433.950471][ T6029] usb 6-1: Using ep0 maxpacket: 16
[  433.958230][ T6029] usb 6-1: config 0 has an invalid interface number: 195 but max is 0
[  433.961653][ T6029] usb 6-1: config 0 has no interface number 0
[  433.980132][ T6029] usb 6-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.09
[  433.983674][ T6029] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  433.986370][ T6029] usb 6-1: Product: syz
[  433.991627][ T6029] usb 6-1: Manufacturer: syz
[  433.993151][ T6029] usb 6-1: SerialNumber: syz
[  434.011120][ T6029] usb 6-1: config 0 descriptor??
[  434.022517][ T6029] go7007 6-1:0.195: probe with driver go7007 failed with error -12
[  434.142916][T17381] loop3: detected capacity change from 0 to 1024
[  434.247610][ T5911] usb 6-1: USB disconnect, device number 18
[  434.344816][T17393] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4750'.
[  434.788350][T17410] loop5: detected capacity change from 0 to 128
[  434.794345][T17410] EXT4-fs (loop5): Test dummy encryption mode enabled
[  434.801369][T17410] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  434.807673][T17410] ext4 filesystem being mounted at /514/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  434.810498][ T5911] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[  434.837440][T13392] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  434.890855][ T5915] usb 7-1: new full-speed USB device number 4 using dummy_hcd
[  434.953493][T17415] loop5: detected capacity change from 0 to 8192
[  434.970490][ T5911] usb 4-1: Using ep0 maxpacket: 8
[  434.976991][ T5911] usb 4-1: config 0 has an invalid interface number: 252 but max is 0
[  434.980720][ T5911] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  434.984645][ T5911] usb 4-1: config 0 has no interface number 0
[  434.989627][ T5911] usb 4-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=f0.28
[  434.993789][ T5911] usb 4-1: New USB device strings: Mfr=244, Product=1, SerialNumber=3
[  434.997077][ T5911] usb 4-1: Product: syz
[  434.998732][ T5911] usb 4-1: Manufacturer: syz
[  435.001408][ T5911] usb 4-1: SerialNumber: syz
[  435.008891][ T5911] usb 4-1: config 0 descriptor??
[  435.071873][ T5915] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  435.075996][ T5915] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  435.082705][ T5915] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  435.086650][ T5915] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  435.230038][ T5911] usb 4-1: USB disconnect, device number 49
[  435.301968][ T5915] usb 7-1: usb_control_msg returned -32
[  435.304272][ T5915] usbtmc 7-1:16.0: can't read capabilities
[  435.420406][    T9] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  435.573033][    T9] usb 6-1: New USB device found, idVendor=18d1, idProduct=9400, bcdDevice= 0.00
[  435.575972][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  435.580073][    T9] usb 6-1: config 0 descriptor??
[  435.897451][T17430] autofs: Unknown parameter '0x0000000000000000'
[  436.648746][    T9] stadia 0003:18D1:9400.0016: collection stack underflow
[  436.652813][    T9] stadia 0003:18D1:9400.0016: item 0 1 0 12 parsing failed
[  436.656347][    T9] stadia 0003:18D1:9400.0016: parse failed
[  436.658749][    T9] stadia 0003:18D1:9400.0016: probe with driver stadia failed with error -22
[  436.665955][    T9] usb 6-1: USB disconnect, device number 19
[  436.736488][T17435] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4768'.
[  436.958592][T17447] netlink: 136 bytes leftover after parsing attributes in process `syz.5.4773'.
[  437.610862][T17449] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  437.651859][T17451] team0: Caught tx_queue_len zero misconfig
[  437.662246][  T793] usb 7-1: USB disconnect, device number 4
[  437.974358][T17454] loop6: detected capacity change from 0 to 32768
[  437.978088][T17454] XFS (loop6): invalid logbufs value: 1 [not 2-8]
[  438.120786][  T793] usb 6-1: new full-speed USB device number 20 using dummy_hcd
[  438.134007][T17475] (unnamed net_device) (uninitialized): option arp_interval: invalid value (18446744073709551615)
[  438.146427][T17475] (unnamed net_device) (uninitialized): option arp_interval: allowed values 0 - 2147483647
[  438.194865][T17480] loop3: detected capacity change from 0 to 764
[  438.199693][T17480] rock: directory entry would overflow storage
[  438.203385][T17480] rock: sig=0x4654, size=5, remaining=4
[  438.291142][  T793] usb 6-1: config 128 has an invalid interface number: 249 but max is 0
[  438.299245][  T793] usb 6-1: config 128 has no interface number 0
[  438.304303][  T793] usb 6-1: config 128 interface 249 has no altsetting 0
[  438.311329][  T793] usb 6-1: New USB device found, idVendor=06e1, idProduct=a190, bcdDevice= a.c0
[  438.319214][  T793] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  438.322510][  T793] usb 6-1: Product: syz
[  438.324201][  T793] usb 6-1: Manufacturer: syz
[  438.330262][  T793] usb 6-1: SerialNumber: syz
[  438.588165][T17499] loop3: detected capacity change from 0 to 256
[  438.639632][  T793] gspca_main: spca506-2.14.0 probing 06e1:a190
[  438.895675][  T793] usb 6-1: USB disconnect, device number 20
[  439.896291][ T1362] ieee802154 phy0 wpan0: encryption failed: -22
[  439.898774][ T1362] ieee802154 phy1 wpan1: encryption failed: -22
[  439.920579][T17514] netlink: 'syz.6.4805': attribute type 9 has an invalid length.
[  440.146906][T17508] loop5: detected capacity change from 0 to 32768
[  440.166056][T17508] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  440.188218][T17508] XFS (loop5): Ending clean mount
[  440.233216][T13392] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  440.589045][T17550] loop5: detected capacity change from 0 to 512
[  440.604946][T17550] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  440.609456][T17550] ext4 filesystem being mounted at /532/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  440.648699][T13392] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  440.792120][T17561] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4823'.
[  440.815207][T17541] loop6: detected capacity change from 0 to 32768
[  441.045343][T17564] netlink: 'syz.3.4824': attribute type 15 has an invalid length.
[  441.274336][T17568] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  441.521382][T17572] loop6: detected capacity change from 0 to 4096
[  441.535088][T17573] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  441.549507][T17572] NILFS (loop6): DAT doesn't have a block to manage vblocknr = 648518346341351424
[  441.554215][T17572] NILFS error (device loop6): nilfs_bmap_truncate: broken bmap (inode number=12)
[  441.565712][T17572] Remounting filesystem read-only
[  441.567883][T17572] NILFS (loop6): error -5 truncating bmap (ino=12)
[  441.591173][T16825] NILFS (loop6): disposed unprocessed dirty file(s) when detaching log writer
[  442.320671][ T6975] usb 6-1: new full-speed USB device number 21 using dummy_hcd
[  442.494385][ T6975] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  442.499400][ T6975] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  442.506306][ T6975] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 65535, setting to 64
[  442.512149][ T6975] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  442.524387][ T6975] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  442.528510][ T6975] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  442.538577][ T6975] usb 6-1: Manufacturer: syz
[  442.549692][ T6975] usb 6-1: config 0 descriptor??
[  442.960360][ T6975] rc_core: IR keymap rc-hauppauge not found
[  442.963317][ T6975] Registered IR keymap rc-empty
[  442.966569][ T6975] mceusb 6-1:0.0: Error: mce write urb status = -71
[  442.990121][ T6975] mceusb 6-1:0.0: Error: mce write urb status = -71
[  443.015981][ T6975] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0
[  443.039813][ T6975] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input29
[  443.056575][ T6975] mceusb 6-1:0.0: Error: mce write urb status = -71
[  443.083963][ T6975] mceusb 6-1:0.0: Error: mce write urb status = -71
[  443.115890][ T6975] mceusb 6-1:0.0: Error: mce write urb status = -71
[  443.134914][ T6975] mceusb 6-1:0.0: Error: mce write urb status = -71
[  443.150476][ T6975] mceusb 6-1:0.0: Error: mce write urb status = -71
[  443.180737][ T6975] mceusb 6-1:0.0: Error: mce write urb status = -71
[  443.222400][ T6975] mceusb 6-1:0.0: Error: mce write urb status = -71
[  443.263162][ T6975] mceusb 6-1:0.0: Error: mce write urb status = -71
[  443.291254][ T6975] mceusb 6-1:0.0: Error: mce write urb status = -71
[  443.315279][ T6975] mceusb 6-1:0.0: Error: mce write urb status = -71
[  443.351387][ T6975] mceusb 6-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  443.370396][ T6975] mceusb 6-1:0.0: 2 tx ports (0x1 cabled) and 2 rx sensors (0x0 active)
[  443.387500][ T6975] usb 6-1: USB disconnect, device number 21
[  443.515262][T17609] loop6: detected capacity change from 0 to 512
[  443.537347][T17609] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  443.543047][T17609] ext4 filesystem being mounted at /107/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  443.579383][T16825] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  443.696747][T17616] trusted_key: encrypted_key: key trusted:syz not found
[  443.941401][T17629] ieee802154 phy0 wpan0: encryption failed: -22
[  445.007464][T17664] loop3: detected capacity change from 0 to 4096
[  445.570006][T17672] loop3: detected capacity change from 0 to 32768
[  445.573217][T17672] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.4868 (17672)
[  445.577690][T17672] BTRFS error: failed to open device for path /dev/loop3 with flags 0x23: -13
[  445.705831][T17676] loop3: detected capacity change from 0 to 128
[  445.793525][T17680] loop3: detected capacity change from 0 to 4096
[  446.100330][ T6975] usb 4-1: new full-speed USB device number 50 using dummy_hcd
[  446.170582][ T6029] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  446.262291][ T6975] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  446.266590][ T6975] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  446.270582][ T6975] usb 4-1: New USB device found, idVendor=04f2, idProduct=1421, bcdDevice= 0.00
[  446.274327][ T6975] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  446.281536][ T6975] usb 4-1: config 0 descriptor??
[  446.331936][ T6029] usb 7-1: Using ep0 maxpacket: 16
[  446.336439][ T6029] usb 7-1: config index 0 descriptor too short (expected 65, got 36)
[  446.339721][ T6029] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  446.344099][ T6029] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  446.348403][ T6029] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  446.353292][ T6029] usb 7-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[  446.356907][ T6029] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  446.363670][ T6029] usb 7-1: config 0 descriptor??
[  446.372549][ T6029] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/input/input30
[  446.380712][ T5282] pxrc 7-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  446.393744][ T5282] pxrc 7-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  446.400781][ T5282] pxrc 7-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  446.406218][ T5282] pxrc 7-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[  446.576992][ T5911] usb 7-1: USB disconnect, device number 5
[  446.692738][ T6975] chicony 0003:04F2:1421.0017: hidraw0: USB HID v1.01 Device [HID 04f2:1421] on usb-dummy_hcd.3-1/input0
[  446.850410][ T5855] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  446.893627][ T6975] usb 4-1: USB disconnect, device number 50
[  447.205940][T17694] loop5: detected capacity change from 0 to 40427
[  447.209096][T17694] F2FS-fs: heap/no_heap options were deprecated
[  447.211674][T17694] F2FS-fs: heap/no_heap options were deprecated
[  447.214783][T17694] F2FS-fs (loop5): build fault injection rate: 19
[  447.219392][T17694] F2FS-fs (loop5): invalid crc value
[  447.283158][T17694] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  447.288008][T17707] loop6: detected capacity change from 0 to 512
[  447.291963][T17694] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  447.306168][T17707] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  447.308044][T17694] syz.5.4879: attempt to access beyond end of device
[  447.308044][T17694] loop5: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  447.312031][T17707] ext4 filesystem being mounted at /125/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  447.324514][T17694] syz.5.4879: attempt to access beyond end of device
[  447.324514][T17694] loop5: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  447.350490][T13392] syz-executor: attempt to access beyond end of device
[  447.350490][T13392] loop5: rw=2049, sector=45112, nr_sectors = 8 limit=40427
[  447.357300][T13392] CPU: 0 UID: 0 PID: 13392 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  447.357320][T13392] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  447.357328][T13392] Call Trace:
[  447.357333][T13392]  <TASK>
[  447.357372][T13392]  dump_stack_lvl+0x189/0x250
[  447.357396][T13392]  ? __pfx_dump_stack_lvl+0x10/0x10
[  447.357411][T13392]  ? __pfx_queue_work_on+0x10/0x10
[  447.357423][T13392]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  447.357439][T13392]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  447.357464][T13392]  f2fs_handle_critical_error+0x37c/0x540
[  447.357483][T13392]  f2fs_write_end_io+0x886/0xb60
[  447.357515][T13392]  __submit_merged_bio+0x27a/0x6a0
[  447.357535][T13392]  __submit_merged_write_cond+0x255/0x530
[  447.357561][T13392]  f2fs_write_data_pages+0x261d/0x3000
[  447.357607][T13392]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  447.357654][T13392]  ? lockdep_hardirqs_on+0x9c/0x150
[  447.357677][T13392]  ? folios_put_refs+0x58b/0x670
[  447.357703][T13392]  ? __pfx_folios_put_refs+0x10/0x10
[  447.357720][T13392]  ? rcu_is_watching+0x15/0xb0
[  447.357747][T13392]  ? __lock_acquire+0xab9/0xd20
[  447.357778][T13392]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  447.357794][T13392]  do_writepages+0x32e/0x550
[  447.357818][T13392]  ? do_raw_spin_unlock+0x4d/0x240
[  447.357837][T13392]  filemap_fdatawrite+0x199/0x240
[  447.357852][T13392]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  447.357905][T13392]  ? do_raw_spin_unlock+0x4d/0x240
[  447.357925][T13392]  f2fs_sync_dirty_inodes+0x31f/0x830
[  447.357955][T13392]  f2fs_write_checkpoint+0x93e/0x2440
[  447.357971][T13392]  ? __lock_acquire+0xab9/0xd20
[  447.358013][T13392]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  447.358077][T13392]  kill_f2fs_super+0x2cc/0x6d0
[  447.358100][T13392]  ? __pfx_kill_f2fs_super+0x10/0x10
[  447.358132][T13392]  ? shrinker_free+0x2ce/0x3e0
[  447.358154][T13392]  deactivate_locked_super+0xbc/0x130
[  447.358177][T13392]  cleanup_mnt+0x425/0x4c0
[  447.358197][T13392]  ? lockdep_hardirqs_on+0x9c/0x150
[  447.358214][T13392]  task_work_run+0x1d4/0x260
[  447.358233][T13392]  ? __pfx_task_work_run+0x10/0x10
[  447.358247][T13392]  ? __x64_sys_umount+0x122/0x160
[  447.358264][T13392]  ? exit_to_user_mode_loop+0x40/0x130
[  447.358285][T13392]  exit_to_user_mode_loop+0xe9/0x130
[  447.358303][T13392]  do_syscall_64+0x2bd/0xfa0
[  447.358318][T13392]  ? lockdep_hardirqs_on+0x9c/0x150
[  447.358333][T13392]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  447.358377][T13392]  ? exc_page_fault+0xab/0x100
[  447.358393][T13392]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  447.358406][T13392] RIP: 0033:0x7f073438ff57
[  447.358419][T13392] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  447.358431][T13392] RSP: 002b:00007fff34f53058 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  447.358446][T13392] RAX: 0000000000000000 RBX: 00007f0734411c2d RCX: 00007f073438ff57
[  447.358455][T13392] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff34f53110
[  447.358464][T13392] RBP: 00007fff34f53110 R08: 0000000000000000 R09: 0000000000000000
[  447.358471][T13392] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff34f541a0
[  447.358479][T13392] R13: 00007f0734411c2d R14: 000000000006d2ec R15: 00007fff34f541e0
[  447.358504][T13392]  </TASK>
[  447.358511][T13392] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  447.626465][T17717] loop3: detected capacity change from 0 to 256
[  447.732608][T16825] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  447.839143][T17724] loop5: detected capacity change from 0 to 4096
[  447.923958][T17734] random: crng reseeded on system resumption
[  448.640145][T17768] loop6: detected capacity change from 0 to 32768
[  448.645146][T17768] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.4909 (17768)
[  448.652656][T17768] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  448.656197][T17768] BTRFS info (device loop6): using crc32c (crc32c-lib) checksum algorithm
[  448.685975][T17768] BTRFS info (device loop6): enabling ssd optimizations
[  448.688428][T17768] BTRFS info (device loop6): enabling free space tree
[  448.692136][T17768] BTRFS info (device loop6): max_inline set to 0
[  448.744617][T16825] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  448.772116][ T6029] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  448.922548][ T6029] usb 6-1: Using ep0 maxpacket: 32
[  448.926521][ T6029] usb 6-1: config 0 has an invalid interface number: 12 but max is 0
[  448.929598][ T6029] usb 6-1: config 0 has no interface number 0
[  448.945321][ T6029] usb 6-1: config 0 interface 12 has no altsetting 0
[  448.955273][ T6029] usb 6-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  448.958882][ T6029] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  448.970366][ T6029] usb 6-1: Product: syz
[  448.972037][ T6029] usb 6-1: Manufacturer: syz
[  448.973747][ T6029] usb 6-1: SerialNumber: syz
[  448.990450][ T6029] usb 6-1: config 0 descriptor??
[  449.010541][T17795] loop3: detected capacity change from 0 to 1024
[  449.088772][T17799] loop3: detected capacity change from 0 to 512
[  449.203336][T17797] loop6: detected capacity change from 0 to 32768
[  449.234337][T17797] XFS (loop6): DAX unsupported by block device. Turning off DAX.
[  449.238455][T17797] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  449.259254][T17797] XFS (loop6): Ending clean mount
[  449.267417][T17797] XFS (loop6): Quotacheck needed: Please wait.
[  449.305117][T17797] XFS (loop6): Quotacheck: Done.
[  449.334700][T16825] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  449.392008][    T9] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  449.481815][T17811] loop6: detected capacity change from 0 to 128
[  449.486066][T17811] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535)
[  449.497589][T17811] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[  449.512635][T17811] EXT4-fs warning (device loop6): ext4_dirblock_csum_verify:375: inode #11: comm syz.6.4919: No space for directory leaf checksum. Please run e2fsck -D.
[  449.518745][T17811] EXT4-fs error (device loop6): __ext4_find_entry:1626: inode #11: comm syz.6.4919: checksumming directory block 0
[  449.542889][    T9] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  449.547388][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  449.553310][T16825] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  449.555842][    T9] usb 4-1: config 0 descriptor??
[  449.563281][    T9] cp210x 4-1:0.0: cp210x converter detected
[  449.852399][T17824] netlink: 168864 bytes leftover after parsing attributes in process `syz.6.4924'.
[  449.856231][T17824] openvswitch: netlink: Message has 44053 unknown bytes.
[  449.973860][    T9] usb 4-1: cp210x converter now attached to ttyUSB0
[  449.979250][    T9] usb 4-1: USB disconnect, device number 51
[  449.986279][    T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  449.990643][    T9] cp210x 4-1:0.0: device disconnected
[  450.172765][   T10] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  450.207827][ T6029] f81534 6-1:0.12: f81534_get_register: reg: 1003 failed: -71
[  450.211109][ T6029] f81534 6-1:0.12: f81534_find_config_idx: read failed: -71
[  450.213350][ T6029] f81534 6-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  450.215706][ T6029] f81534 6-1:0.12: probe with driver f81534 failed with error -71
[  450.220997][ T6029] usb 6-1: USB disconnect, device number 22
[  450.332553][   T10] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  450.336148][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  450.342568][   T10] usb 7-1: config 0 descriptor??
[  450.346738][   T10] cp210x 7-1:0.0: cp210x converter detected
[  450.673533][T17830] loop3: detected capacity change from 0 to 32768
[  450.960385][   T10] cp210x 7-1:0.0: failed to get vendor val 0x000e size 678: -71
[  450.963555][   T10] cp210x 7-1:0.0: GPIO initialisation failed: -71
[  450.968279][   T10] usb 7-1: cp210x converter now attached to ttyUSB0
[  450.972844][   T10] usb 7-1: USB disconnect, device number 6
[  450.977912][   T10] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  450.987814][   T10] cp210x 7-1:0.0: device disconnected
[  451.163212][T17846] loop5: detected capacity change from 0 to 32768
[  451.181633][T17846] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  451.253260][T13392] ocfs2: Unmounting device (7,5) on (node local)
[  451.620318][   T10] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  451.770231][   T10] usb 6-1: Using ep0 maxpacket: 32
[  451.770292][ T5915] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  451.775512][   T10] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86
[  451.779996][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  451.783547][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[  451.787050][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x7 has an invalid bInterval 255, changing to 11
[  451.791926][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 59391, setting to 1024
[  451.797528][   T10] usb 6-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  451.800605][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  451.804063][   T10] usb 6-1: Product: syz
[  451.806188][   T10] usb 6-1: Manufacturer: syz
[  451.807840][   T10] usb 6-1: SerialNumber: syz
[  451.821400][   T10] usb 6-1: config 0 descriptor??
[  451.920388][ T5915] usb 7-1: Using ep0 maxpacket: 16
[  451.927587][ T5915] usb 7-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=10.00
[  451.931720][ T5915] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  451.934876][ T5915] usb 7-1: Product: syz
[  451.936538][ T5915] usb 7-1: Manufacturer: syz
[  451.938409][ T5915] usb 7-1: SerialNumber: syz
[  451.944837][ T5915] usb 7-1: config 0 descriptor??
[  451.953579][ T5915] ftdi_sio 7-1:0.0: FTDI USB Serial Device converter detected
[  451.957373][ T5915] usb 7-1: Detected FT-X
[  452.159845][ T5915] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  452.164732][ T5915] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  452.167329][ T5915] ftdi_sio 7-1:0.0: GPIO initialisation failed: -71
[  452.170583][ T5915] usb 7-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  452.174554][ T5915] usb 7-1: USB disconnect, device number 7
[  452.178526][ T5915] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  452.182640][ T5915] ftdi_sio 7-1:0.0: device disconnected
[  452.232073][   T10] iforce 6-1:0.0: usb_submit_urb failed: -71
[  452.234467][   T10] input input31: Device does not respond to id packet M
[  452.237766][   T10] iforce 6-1:0.0: usb_submit_urb failed: -71
[  452.240432][   T10] input input31: Device does not respond to id packet P
[  452.243434][   T10] iforce 6-1:0.0: usb_submit_urb failed: -71
[  452.245732][   T10] input input31: Device does not respond to id packet B
[  452.249263][   T10] iforce 6-1:0.0: usb_submit_urb failed: -71
[  452.251814][   T10] input input31: Device does not respond to id packet N
[  452.254924][   T10] iforce 6-1:0.0: usb_submit_urb failed: -71
[  452.271620][   T10] iforce 6-1:0.0: usb_submit_urb failed: -71
[  452.275049][   T10] iforce 6-1:0.0: usb_submit_urb failed: -71
[  452.278796][   T10] iforce 6-1:0.0: usb_submit_urb failed: -71
[  452.286592][   T10] input: Unknown I-Force Device [%04x:%04x] as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input31
[  452.298367][T17875] netlink: 'syz.3.4948': attribute type 83 has an invalid length.
[  452.300031][   T10] usb 6-1: USB disconnect, device number 23
[  452.814608][T17883] netlink: 'syz.6.4950': attribute type 83 has an invalid length.
[  453.110320][ T5915] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  453.255843][T17905] loop3: detected capacity change from 0 to 4096
[  453.258775][T17905] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  453.282276][ T5915] usb 7-1: config 0 has an invalid interface number: 18 but max is 0
[  453.285291][ T5915] usb 7-1: config 0 has no interface number 0
[  453.287864][ T5915] usb 7-1: config 0 interface 18 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  453.301100][ T5915] usb 7-1: config 0 interface 18 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  453.309139][ T5915] usb 7-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  453.320227][ T5915] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  453.331312][ T5915] usb 7-1: config 0 descriptor??
[  453.347084][T17911] loop5: detected capacity change from 0 to 4096
[  453.357461][T17911] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  453.368234][   T33] audit: type=1800 audit(2000000498.910:190): pid=17911 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.4964" name="file1" dev="loop5" ino=15 res=0 errno=0
[  453.405759][T13392] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  453.486231][T17919] loop3: detected capacity change from 0 to 512
[  453.693576][T17931] loop5: detected capacity change from 0 to 2048
[  453.705405][T17931] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  453.709904][T17931] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  453.716588][T17931] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  453.748704][ T5915] uclogic 0003:256C:006D.0018: interface is invalid, ignoring
[  453.951072][T17940] netlink: 'syz.5.4977': attribute type 3 has an invalid length.
[  453.963470][   T51] usb 7-1: USB disconnect, device number 8
[  454.000314][ T5915] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[  454.004790][T17942] Bluetooth: MGMT ver 1.23
[  454.160888][ T5915] usb 4-1: Using ep0 maxpacket: 8
[  454.170133][ T5915] usb 4-1: config 0 has no interfaces?
[  454.175282][ T5915] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  454.178758][ T5915] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  454.183385][ T5915] usb 4-1: Product: syz
[  454.185126][ T5915] usb 4-1: Manufacturer: syz
[  454.186904][ T5915] usb 4-1: SerialNumber: syz
[  454.194159][ T5915] usb 4-1: config 0 descriptor??
[  454.219233][T17951] loop5: detected capacity change from 0 to 8
[  454.230114][T17951] SQUASHFS error: xz decompression failed, data probably corrupt
[  454.235509][T17951] SQUASHFS error: Failed to read block 0x108: -5
[  454.238000][T17951] SQUASHFS error: Unable to read metadata cache entry [106]
[  454.241053][T17951] SQUASHFS error: Unable to read inode 0x11f
[  454.399601][ T6029] usb 4-1: USB disconnect, device number 52
[  454.584117][T17966] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4989'.
[  454.694676][T17977] loop6: detected capacity change from 0 to 128
[  454.698458][T17977] EXT4-fs (loop6): Test dummy encryption mode enabled
[  454.711632][T17977] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  454.719229][T17977] ext4 filesystem being mounted at /155/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  454.758775][T16825] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  455.251236][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  455.343383][T17993] loop6: detected capacity change from 0 to 2048
[  455.382712][T17993]  loop6: p1 p2 p3 < > p4 < p5 p6 >
[  455.384860][T17993] loop6: partition table partially beyond EOD, truncated
[  455.387817][T17993] loop6: p1 start 458755 is beyond EOD, truncated
[  455.393243][T17993] loop6: p2 start 16908804 is beyond EOD, truncated
[  455.395673][T17993] loop6: p3 start 4284289 is beyond EOD, truncated
[  455.399836][T17993] loop6: p5 start 458755 is beyond EOD, truncated
[  455.404192][T17993] loop6: p6 start 16908804 is beyond EOD, truncated
[  455.627795][T18004] loop5: detected capacity change from 0 to 764
[  455.631489][T18004] rock: directory entry would overflow storage
[  455.633422][T18004] rock: sig=0x4654, size=5, remaining=4
[  455.734301][ T5915] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  455.839561][  T793] kernel read not supported for file /2906/attr/prev (pid: 793 comm: kworker/1:2)
[  455.912677][ T5915] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  455.916883][ T5915] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  455.941456][ T5915] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  455.946873][ T5915] usb 7-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  455.955622][ T5915] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  455.966462][ T5915] usb 7-1: config 0 descriptor??
[  455.977409][ T5915] em28xx 7-1:0.0: New device   @ 480 Mbps (2040:1605, interface 0, class 0)
[  455.990238][ T5915] em28xx 7-1:0.0: Audio interface 0 found (Vendor Class)
[  456.122853][T18024] ptrace attach of "/syz-executor exec"[7778] was attempted by "/syz-executor exec"[18024]
[  456.324660][ T5915] em28xx 7-1:0.0: unknown em28xx chip ID (0)
[  456.332624][ T5915] em28xx 7-1:0.0: Config register raw data: 0xfffffffb
[  456.339008][ T5915] em28xx 7-1:0.0: AC97 chip type couldn't be determined
[  456.345108][ T5915] em28xx 7-1:0.0: No AC97 audio processor
[  456.352500][ T5915] usb 7-1: USB disconnect, device number 9
[  456.356732][ T5915] em28xx 7-1:0.0: Disconnecting em28xx
[  456.376965][ T5915] em28xx 7-1:0.0: Freeing device
[  456.824047][T18053] loop6: detected capacity change from 0 to 256
[  456.827278][T18053] exfat: Deprecated parameter 'utf8'
[  456.829853][T18053] exfat: Deprecated parameter 'namecase'
[  456.832449][T18053] exfat: Deprecated parameter 'namecase'
[  456.834716][T18053] exfat: Deprecated parameter 'utf8'
[  456.845680][T18053] exFAT-fs (loop6): failed to load upcase table (idx : 0x00012153, chksum : 0x9270b71c, utbl_chksum : 0xe619d30d)
[  456.917742][T18058] loop3: detected capacity change from 0 to 256
[  456.927872][T18058] exfat: Deprecated parameter 'namecase'
[  456.937519][T18058] exfat: Deprecated parameter 'namecase'
[  457.537838][T18077] loop3: detected capacity change from 0 to 8
[  457.702649][T18081] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[  457.706535][T18081] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[  457.723703][T18081] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[  457.727762][T18081] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[  457.736539][T18081] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[  457.740982][T18081] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[  457.745847][T18081] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[  457.749686][T18081] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[  457.754220][T18081] UDF-fs: warning (device nbd5): udf_fill_super: No partition found (1)
[  458.126414][T18086] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5038'.
[  458.162372][T18092] loop6: detected capacity change from 0 to 164
[  458.235974][T18098] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3)
[  458.238320][T18098] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  458.243178][T18098] vhci_hcd vhci_hcd.0: Device attached
[  458.320035][T18106] (unnamed net_device) (uninitialized): option min_links: invalid value (18446744073709551608)
[  458.324025][T18106] (unnamed net_device) (uninitialized): option min_links: allowed values 0 - 2147483647
[  458.499135][ T6029] vhci_hcd: vhci_device speed not set
[  458.550406][ T6975] usb 6-1: new low-speed USB device number 24 using dummy_hcd
[  458.564123][ T6029] usb 43-1: new full-speed USB device number 3 using vhci_hcd
[  458.794221][ T6975] usb 6-1: config 0 has no interfaces?
[  458.800101][ T6975] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  458.808236][ T6975] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  458.858815][ T6975] usb 6-1: config 0 descriptor??
[  459.093324][T18116] loop3: detected capacity change from 0 to 32768
[  459.096663][T18099] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 2
[  459.097319][ T6975] usb 6-1: USB disconnect, device number 24
[  459.104016][T18116] BTRFS error: failed to open device for path /dev/loop3 with flags 0x23: -13
[  459.107149][   T12] vhci_hcd: stop threads
[  459.108624][   T12] vhci_hcd: release socket
[  459.112178][   T12] vhci_hcd: disconnect device
[  459.242732][T18120] loop3: detected capacity change from 0 to 16
[  459.245986][T18120] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  459.439818][T18128] loop3: detected capacity change from 0 to 128
[  459.667011][T18137] loop5: detected capacity change from 0 to 4096
[  459.672001][T18137] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  459.682607][T18137] ntfs3(loop5): volume is dirty and "force" flag is not set!
[  459.690349][ T6975] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  459.840634][ T6975] usb 7-1: Using ep0 maxpacket: 32
[  459.847757][ T6975] usb 7-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  459.855069][ T6975] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  459.862675][ T6975] usb 7-1: config 0 descriptor??
[  459.867802][ T6975] gspca_main: sq930x-2.14.0 probing 041e:403c
[  460.165095][T18149] loop5: detected capacity change from 0 to 32768
[  460.876963][ T6975] gspca_sq930x: ucbus_write failed -71
[  460.878960][ T6975] sq930x 7-1:0.0: probe with driver sq930x failed with error -71
[  460.884819][ T6975] usb 7-1: USB disconnect, device number 10
[  460.976906][T18165] netlink: 'syz.3.5073': attribute type 1 has an invalid length.
[  460.980778][T18165] netlink: 224 bytes leftover after parsing attributes in process `syz.3.5073'.
[  461.013680][T18169] loop3: detected capacity change from 0 to 512
[  461.016347][T18169] EXT4-fs: Ignoring removed orlov option
[  461.018862][T18169] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  461.023567][T18169] EXT4-fs (loop3): write access unavailable, skipping orphan cleanup
[  461.027076][T18169] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  461.035898][T18169] EXT4-fs: Ignoring removed orlov option
[  461.052836][ T7778] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  461.074490][T18174] loop5: detected capacity change from 0 to 512
[  461.082293][T18174] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  461.106102][T18174] Quota error (device loop5): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  461.112121][T18174] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  461.116158][T18174] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.5078: Failed to acquire dquot type 1
[  461.124688][T18174] EXT4-fs (loop5): 1 truncate cleaned up
[  461.129148][T18174] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  461.161063][T13392] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  461.299045][T18187] loop5: detected capacity change from 0 to 8192
[  461.396638][T18189] loop5: detected capacity change from 0 to 2048
[  461.406890][T18189] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  461.410416][   T51] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[  461.425450][T18191] loop6: detected capacity change from 0 to 64
[  461.581807][   T51] usb 4-1: Using ep0 maxpacket: 16
[  461.591431][   T51] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  461.595998][   T51] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  461.601051][   T51] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 42580, setting to 1024
[  461.605526][   T51] usb 4-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice= 0.5a
[  461.620356][   T51] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  461.631243][T18201]  nullb0: [POWERTEC] p1
[  461.632328][   T51] usb 4-1: config 0 descriptor??
[  461.636717][T18183] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  461.644943][   T51] pegasus_notetaker 4-1:0.0: probe with driver pegasus_notetaker failed with error -12
[  461.852507][ T6975] usb 4-1: USB disconnect, device number 53
[  461.971525][   T51] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  462.000400][ T5915] usb 7-1: new full-speed USB device number 11 using dummy_hcd
[  462.131946][   T51] usb 6-1: config 0 has an invalid interface number: 117 but max is 0
[  462.134531][   T51] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  462.137656][   T51] usb 6-1: config 0 has no interface number 0
[  462.139501][   T51] usb 6-1: too many endpoints for config 0 interface 117 altsetting 0: 239, using maximum allowed: 30
[  462.143491][   T51] usb 6-1: config 0 interface 117 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  462.146456][   T51] usb 6-1: config 0 interface 117 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 239
[  462.152938][   T51] usb 6-1: New USB device found, idVendor=0742, idProduct=2009, bcdDevice=61.46
[  462.155736][   T51] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  462.158128][   T51] usb 6-1: Product: syz
[  462.159531][   T51] usb 6-1: Manufacturer: syz
[  462.161208][   T51] usb 6-1: SerialNumber: syz
[  462.164295][ T5915] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  462.168469][ T5915] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 2031, setting to 64
[  462.172563][   T51] usb 6-1: config 0 descriptor??
[  462.174266][ T5915] usb 7-1: New USB device found, idVendor=17ef, idProduct=60fe, bcdDevice= 0.00
[  462.177117][ T5915] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  462.181112][   T51] HFC-S_USB 6-1:0.117: probe with driver HFC-S_USB failed with error -5
[  462.186822][ T5915] usb 7-1: config 0 descriptor??
[  462.189042][T18211] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[  462.389193][T17819] usb 6-1: USB disconnect, device number 25
[  462.601652][T18213] loop3: detected capacity change from 0 to 32768
[  462.601832][ T5915] lenovo 0003:17EF:60FE.0019: unknown main item tag 0x0
[  462.608187][ T5915] lenovo 0003:17EF:60FE.0019: hidraw0: USB HID v0.00 Device [HID 17ef:60fe] on usb-dummy_hcd.6-1/input0
[  462.810844][T17819] usb 7-1: USB disconnect, device number 11
[  463.010368][  T793] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[  463.160289][  T793] usb 4-1: Using ep0 maxpacket: 32
[  463.164287][  T793] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD8, changing to 0x88
[  463.168698][  T793] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7
[  463.178108][  T793] usb 4-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=25.11
[  463.182226][  T793] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  463.185384][  T793] usb 4-1: Product: syz
[  463.187565][  T793] usb 4-1: Manufacturer: syz
[  463.189497][  T793] usb 4-1: SerialNumber: syz
[  463.194922][  T793] usb 4-1: config 0 descriptor??
[  463.201218][  T793] usb 4-1: no audio or video endpoints found
[  463.331410][T18238] loop5: detected capacity change from 0 to 1024
[  463.335528][T18238] EXT4-fs (loop5): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  463.363266][T18238] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  463.417331][T13392] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  463.421408][T17819] usb 4-1: USB disconnect, device number 54
[  463.434677][T18245] loop6: detected capacity change from 0 to 8
[  463.444496][T18245] SQUASHFS error: xz decompression failed, data probably corrupt
[  463.447581][T18245] SQUASHFS error: Failed to read block 0x9b: -5
[  463.450018][T18245] SQUASHFS error: Unable to read metadata cache entry [99]
[  463.454577][T18245] SQUASHFS error: Unable to read inode 0x127
[  463.640405][ T6029] vhci_hcd: vhci_device speed not set
[  463.700388][  T793] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  463.770502][ T5915] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  463.860277][  T793] usb 6-1: Using ep0 maxpacket: 16
[  463.863559][  T793] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  463.866665][  T793] usb 6-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[  463.869590][  T793] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  463.874406][  T793] usb 6-1: config 0 descriptor??
[  463.878235][  T793] pxrc 6-1:0.0: Could not find endpoint
[  463.930259][ T5915] usb 7-1: Using ep0 maxpacket: 8
[  463.933823][ T5915] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  463.943923][ T5915] usb 7-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[  463.947331][ T5915] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  463.950480][ T5915] usb 7-1: Product: syz
[  463.952077][ T5915] usb 7-1: Manufacturer: syz
[  463.953892][ T5915] usb 7-1: SerialNumber: syz
[  463.957484][ T5915] usb 7-1: config 0 descriptor??
[  464.087808][T17819] usb 6-1: USB disconnect, device number 26
[  464.132919][T18263] netlink: 'syz.3.5119': attribute type 12 has an invalid length.
[  464.135940][T18263] netlink: 132 bytes leftover after parsing attributes in process `syz.3.5119'.
[  464.169987][   T10] usb 7-1: USB disconnect, device number 12
[  464.588507][T18275] loop3: detected capacity change from 0 to 32768
[  464.598286][T18275] ocfs2: Readonly device (7,3) detected. Cluster services will not be used for this mount. Recovery will be skipped.
[  464.603852][T18275] ocfs2: Mounting device (7,3) on (node 0, slot 65535) with ordered data mode.
[  464.630983][ T7778] INFO: trying to register non-static key.
[  464.633358][ T7778] The code is fine but needs lockdep annotation, or maybe
[  464.636157][ T7778] you didn't initialize this object before use?
[  464.639629][ T7778] turning off the locking correctness validator.
[  464.642124][ T7778] CPU: 1 UID: 0 PID: 7778 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  464.642141][ T7778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  464.642151][ T7778] Call Trace:
[  464.642158][ T7778]  <TASK>
[  464.642164][ T7778]  dump_stack_lvl+0x189/0x250
[  464.642184][ T7778]  ? rcu_is_watching+0x15/0xb0
[  464.642197][ T7778]  ? __pfx_dump_stack_lvl+0x10/0x10
[  464.642210][ T7778]  ? __pfx__printk+0x10/0x10
[  464.642226][ T7778]  ? __is_module_percpu_address+0x39b/0x3f0
[  464.642239][ T7778]  ? is_module_address+0x17/0xf0
[  464.642255][ T7778]  assign_lock_key+0x133/0x150
[  464.642267][ T7778]  register_lock_class+0x105/0x320
[  464.642286][ T7778]  __lock_acquire+0x99/0xd20
[  464.642303][ T7778]  ? ktime_get+0x3e/0x1f0
[  464.642315][ T7778]  ? ocfs2_mark_lockres_freeing+0x125/0x580
[  464.642331][ T7778]  lock_acquire+0x120/0x360
[  464.642347][ T7778]  ? ocfs2_mark_lockres_freeing+0x125/0x580
[  464.642365][ T7778]  _raw_spin_lock_irqsave+0xa7/0xf0
[  464.642379][ T7778]  ? ocfs2_mark_lockres_freeing+0x125/0x580
[  464.642396][ T7778]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  464.642409][ T7778]  ? ktime_get+0x1cb/0x1f0
[  464.642421][ T7778]  ocfs2_mark_lockres_freeing+0x125/0x580
[  464.642438][ T7778]  ? __pfx_ocfs2_mark_lockres_freeing+0x10/0x10
[  464.642454][ T7778]  ? lockdep_hardirqs_on+0x9c/0x150
[  464.642483][ T7778]  ocfs2_dlm_shutdown+0x3a/0x240
[  464.642502][ T7778]  ocfs2_dismount_volume+0x63d/0x8d0
[  464.642517][ T7778]  ? __pfx_ocfs2_dismount_volume+0x10/0x10
[  464.642530][ T7778]  ? __pfx_evict_inodes+0x10/0x10
[  464.642548][ T7778]  ? __pfx_ocfs2_put_super+0x10/0x10
[  464.642559][ T7778]  generic_shutdown_super+0x135/0x2c0
[  464.642572][ T7778]  kill_block_super+0x44/0x90
[  464.642586][ T7778]  deactivate_locked_super+0xbc/0x130
[  464.642605][ T7778]  cleanup_mnt+0x425/0x4c0
[  464.642622][ T7778]  ? lockdep_hardirqs_on+0x9c/0x150
[  464.642635][ T7778]  task_work_run+0x1d4/0x260
[  464.642651][ T7778]  ? __pfx_task_work_run+0x10/0x10
[  464.642664][ T7778]  ? __x64_sys_umount+0x122/0x160
[  464.642678][ T7778]  ? exit_to_user_mode_loop+0x40/0x130
[  464.642695][ T7778]  exit_to_user_mode_loop+0xe9/0x130
[  464.642711][ T7778]  do_syscall_64+0x2bd/0xfa0
[  464.642725][ T7778]  ? lockdep_hardirqs_on+0x9c/0x150
[  464.642738][ T7778]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.642751][ T7778]  ? exc_page_fault+0xab/0x100
[  464.642764][ T7778]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.642776][ T7778] RIP: 0033:0x7f190a58ff57
[  464.642790][ T7778] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  464.642801][ T7778] RSP: 002b:00007ffcdd596ae8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  464.642815][ T7778] RAX: 0000000000000000 RBX: 00007f190a611c2d RCX: 00007f190a58ff57
[  464.642824][ T7778] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcdd596ba0
[  464.642832][ T7778] RBP: 00007ffcdd596ba0 R08: 0000000000000000 R09: 0000000000000000
[  464.642841][ T7778] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcdd597c30
[  464.642849][ T7778] R13: 00007f190a611c2d R14: 0000000000071670 R15: 00007ffcdd597c70
[  464.642862][ T7778]  </TASK>
[  464.781412][ T7778] ocfs2: Unmounting device (7,3) on (node 0)
[  464.784499][ T7778] Oops: general protection fault, probably for non-canonical address 0xdffffc000000000e: 0000 [#1] SMP KASAN PTI
[  464.789090][ T7778] KASAN: null-ptr-deref in range [0x0000000000000070-0x0000000000000077]
[  464.792274][ T7778] CPU: 1 UID: 0 PID: 7778 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  464.795980][ T7778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  464.799889][ T7778] RIP: 0010:ocfs2_evict_inode+0x26ae/0x4100
[  464.802213][ T7778] Code: ed 03 43 80 7c 25 00 00 74 08 4c 89 ff e8 5a 87 81 fe 4d 8b 27 48 83 c3 70 48 89 d8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 df e8 34 87 81 fe 48 8b 1b 48 c7 c7 e0 a2
[  464.809680][ T7778] RSP: 0018:ffffc90002edf340 EFLAGS: 00010202
[  464.812063][ T7778] RAX: 000000000000000e RBX: 0000000000000070 RCX: dffffc0000000000
[  464.815133][ T7778] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffc90002edf2c0
[  464.818280][ T7778] RBP: ffffc90002edfa70 R08: 0000000000000003 R09: 0000000000000004
[  464.821466][ T7778] R10: dffffc0000000000 R11: fffff520005dbe58 R12: 0000000000000000
[  464.824589][ T7778] R13: 1ffff11023f04db8 R14: 0000000000000001 R15: ffff88811f826dc0
[  464.827659][ T7778] FS:  0000555561194500(0000) GS:ffff8881a39fc000(0000) knlGS:0000000000000000
[  464.831016][ T7778] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  464.833537][ T7778] CR2: 00005555611af5c8 CR3: 000000010e7be000 CR4: 00000000000006f0
[  464.836513][ T7778] Call Trace:
[  464.837837][ T7778]  <TASK>
[  464.838992][ T7778]  ? stack_trace_save+0x9c/0xe0
[  464.840841][ T7778]  ? __pfx_stack_trace_save+0x10/0x10
[  464.842861][ T7778]  ? __pfx_ocfs2_evict_inode+0x10/0x10
[  464.844943][ T7778]  ? stack_depot_save_flags+0x40/0x860
[  464.846987][ T7778]  ? kasan_save_stack+0x4d/0x60
[  464.848855][ T7778]  ? kasan_save_stack+0x3e/0x60
[  464.850732][ T7778]  ? kasan_record_aux_stack+0xbd/0xd0
[  464.852809][ T7778]  ? call_rcu+0x157/0x9c0
[  464.854511][ T7778]  ? __schedule+0x17a0/0x4cc0
[  464.856338][ T7778]  ? preempt_schedule_common+0x83/0xd0
[  464.858531][ T7778]  ? preempt_schedule+0xae/0xc0
[  464.860407][ T7778]  ? preempt_schedule_thunk+0x16/0x30
[  464.862385][ T7778]  ? try_to_wake_up+0x82b/0x12b0
[  464.864291][ T7778]  ? kthread_stop+0x187/0x5c0
[  464.866009][ T7778]  ? destroy_workqueue+0x134/0xc70
[  464.867968][ T7778]  ? ocfs2_delete_osb+0x49/0x170
[  464.869895][ T7778]  ? ocfs2_dismount_volume+0x57a/0x8d0
[  464.871942][ T7778]  ? generic_shutdown_super+0x135/0x2c0
[  464.874129][ T7778]  ? kill_block_super+0x44/0x90
[  464.876009][ T7778]  ? deactivate_locked_super+0xbc/0x130
[  464.878143][ T7778]  ? cleanup_mnt+0x425/0x4c0
[  464.879917][ T7778]  ? task_work_run+0x1d4/0x260
[  464.881762][ T7778]  ? exit_to_user_mode_loop+0xe9/0x130
[  464.883825][ T7778]  ? do_syscall_64+0x2bd/0xfa0
[  464.885687][ T7778]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.888014][ T7778]  ? unwind_next_frame+0xa5/0x2390
[  464.890012][ T7778]  ? rcu_is_watching+0x15/0xb0
[  464.891890][ T7778]  ? unwind_next_frame+0xa5/0x2390
[  464.893843][ T7778]  ? unwind_next_frame+0xa5/0x2390
[  464.895872][ T7778]  ? rcu_is_watching+0x15/0xb0
[  464.897737][ T7778]  ? is_bpf_text_address+0x26/0x2b0
[  464.899736][ T7778]  ? rcu_is_watching+0x15/0xb0
[  464.901619][ T7778]  ? rcu_is_watching+0x15/0xb0
[  464.903492][ T7778]  ? lock_release+0x4b/0x3e0
[  464.905327][ T7778]  ? lock_release+0x4b/0x3e0
[  464.907147][ T7778]  ? is_bpf_text_address+0x292/0x2b0
[  464.909118][ T7778]  ? is_bpf_text_address+0x26/0x2b0
[  464.911147][ T7778]  ? kernel_text_address+0xa5/0xe0
[  464.913060][ T7778]  ? do_raw_spin_lock+0x121/0x290
[  464.915049][ T7778]  ? rcu_is_watching+0x15/0xb0
[  464.916938][ T7778]  ? do_raw_spin_unlock+0x4d/0x240
[  464.918980][ T7778]  ? _raw_spin_unlock+0x28/0x50
[  464.920912][ T7778]  ? writeback_single_inode+0x444/0x6a0
[  464.923131][ T7778]  ? write_inode_now+0x160/0x1d0
[  464.925079][ T7778]  ? __pfx_write_inode_now+0x10/0x10
[  464.927107][ T7778]  ? kasan_save_track+0x4f/0x80
[  464.929048][ T7778]  ? inode_wait_for_writeback+0xf9/0x290
[  464.931276][ T7778]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[  464.933665][ T7778]  ? rcu_is_watching+0x15/0xb0
[  464.935585][ T7778]  ? do_raw_spin_unlock+0x4d/0x240
[  464.937625][ T7778]  ? __pfx_ocfs2_evict_inode+0x10/0x10
[  464.939451][ T7778]  evict+0x504/0x9c0
[  464.940761][ T7778]  ? __pfx_evict+0x10/0x10
[  464.942459][ T7778]  ? _raw_spin_unlock+0x28/0x50
[  464.944006][ T7778]  ? iput+0x946/0xc50
[  464.945566][ T7778]  ocfs2_free_slot_info+0x79/0x260
[  464.947538][ T7778]  ? destroy_workqueue+0x894/0xc70
[  464.949484][ T7778]  ocfs2_delete_osb+0x58/0x170
[  464.951353][ T7778]  ocfs2_dismount_volume+0x57a/0x8d0
[  464.953448][ T7778]  ? __pfx_ocfs2_dismount_volume+0x10/0x10
[  464.955816][ T7778]  ? __pfx_evict_inodes+0x10/0x10
[  464.957814][ T7778]  ? __pfx_ocfs2_put_super+0x10/0x10
[  464.959749][ T7778]  generic_shutdown_super+0x135/0x2c0
[  464.961832][ T7778]  kill_block_super+0x44/0x90
[  464.963541][ T7778]  deactivate_locked_super+0xbc/0x130
[  464.965393][ T7778]  cleanup_mnt+0x425/0x4c0
[  464.967178][ T7778]  ? lockdep_hardirqs_on+0x9c/0x150
[  464.969083][ T7778]  task_work_run+0x1d4/0x260
[  464.970645][ T7778]  ? __pfx_task_work_run+0x10/0x10
[  464.972474][ T7778]  ? __x64_sys_umount+0x122/0x160
[  464.974192][ T7778]  ? exit_to_user_mode_loop+0x40/0x130
[  464.976087][ T7778]  exit_to_user_mode_loop+0xe9/0x130
[  464.978128][ T7778]  do_syscall_64+0x2bd/0xfa0
[  464.979562][ T7778]  ? lockdep_hardirqs_on+0x9c/0x150
[  464.981467][ T7778]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.983795][ T7778]  ? exc_page_fault+0xab/0x100
[  464.985580][ T7778]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.988040][ T7778] RIP: 0033:0x7f190a58ff57
[  464.989678][ T7778] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  464.996469][ T7778] RSP: 002b:00007ffcdd596ae8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  464.998849][ T7778] RAX: 0000000000000000 RBX: 00007f190a611c2d RCX: 00007f190a58ff57
[  465.001240][ T7778] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcdd596ba0
[  465.004358][ T7778] RBP: 00007ffcdd596ba0 R08: 0000000000000000 R09: 0000000000000000
[  465.007482][ T7778] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcdd597c30
[  465.010669][ T7778] R13: 00007f190a611c2d R14: 0000000000071670 R15: 00007ffcdd597c70
[  465.013645][ T7778]  </TASK>
[  465.014799][ T7778] Modules linked in:
[  465.016842][ T7778] ---[ end trace 0000000000000000 ]---
[  465.018988][ T7778] RIP: 0010:ocfs2_evict_inode+0x26ae/0x4100
[  465.021793][ T7778] Code: ed 03 43 80 7c 25 00 00 74 08 4c 89 ff e8 5a 87 81 fe 4d 8b 27 48 83 c3 70 48 89 d8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 df e8 34 87 81 fe 48 8b 1b 48 c7 c7 e0 a2
[  465.028173][ T7778] RSP: 0018:ffffc90002edf340 EFLAGS: 00010202
[  465.031220][ T7778] RAX: 000000000000000e RBX: 0000000000000070 RCX: dffffc0000000000
[  465.034215][ T7778] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffc90002edf2c0
[  465.037229][ T7778] RBP: ffffc90002edfa70 R08: 0000000000000003 R09: 0000000000000004
[  465.040650][ T7778] R10: dffffc0000000000 R11: fffff520005dbe58 R12: 0000000000000000
[  465.043705][ T7778] R13: 1ffff11023f04db8 R14: 0000000000000001 R15: ffff88811f826dc0
[  465.046721][ T7778] FS:  0000555561194500(0000) GS:ffff8881a39fc000(0000) knlGS:0000000000000000
[  465.050322][ T7778] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  465.052858][ T7778] CR2: 00005555611af5c8 CR3: 000000010e7be000 CR4: 00000000000006f0
[  465.055927][ T7778] Kernel panic - not syncing: Fatal exception
[  465.059086][ T7778] Kernel Offset: disabled
[  465.060847][ T7778] Rebooting in 86400 seconds..

VM DIAGNOSIS:
04:38:36  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffffffff90fbc101 RCX=ffffc90003517f50 RDX=ffffc90003517101
RSI=dffffc0000000000 RDI=ffffc90003517170 RBP=dffffc0000000000 RSP=ffffc90003517098
R8 =ffffc90003517f38 R9 =0000000000000000 R10=ffffc900035171b8 R11=fffff520006a2e39
R12=ffffc90003517f48 R13=ffffc90003510000 R14=ffffc90003517168 R15=ffffffff81742d25
RIP=ffffffff8174461a RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b83fc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f28c5aa8270 CR3=000000002005a000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=ff00000000000000 0000000000000000 XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000065 RBX=0000000000000065 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc90002edf1b0
R8 =ffff8881075d0237 R9 =1ffff11020eba046 R10=dffffc0000000000 R11=ffffffff8556cf50
R12=dffffc0000000000 R13=ffffffff99d19923 R14=ffffffff9a00f5a0 R15=0000000000000000
RIP=ffffffff8556cfcc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000555561194500 ffffffff 00c00000
GS =0000 ffff8881a39fc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00005555611af5c8 CR3=000000010e7be000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 ff000000000000ff XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=6161616161616161 6161616161616161
XMM06=6161616161616161 6161616161616161 XMM07=6161616161616161 6161616161616161
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f190a612fed
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
