last executing test programs:

1m52.724403719s ago: executing program 1 (id=584):
r0 = msgget$private(0x0, 0x100)
msgsnd(r0, &(0x7f0000003900)=ANY=[@ANYBLOB="0100"], 0xc56, 0x0)
msgsnd(r0, &(0x7f0000002900)=ANY=[@ANYBLOB="03"], 0xfd1, 0x0)
msgctl$IPC_RMID(r0, 0x0)

1m52.487859385s ago: executing program 1 (id=588):
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000))
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r0 = syz_open_procfs$pagemap(0x0, &(0x7f00000001c0))
ioctl$PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f00000004c0)={0x60, 0x0, &(0x7f0000165000/0x4000)=nil, &(0x7f000075c000/0x3000)=nil, 0x9, &(0x7f0000000200)=[{0x0, 0x100000be63, 0x9}], 0x1, 0x9b, 0x0, 0x0, 0x0, 0xe4})

1m52.389531281s ago: executing program 1 (id=589):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[@ANYBLOB="240000000104010200000180000000000000000008000540000000000500010001"], 0x24}}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000300)={0x1c, 0x1, 0x4, 0x5, 0x0, 0x0, {0x7}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}}, 0x0)

1m52.320960798s ago: executing program 1 (id=591):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b80)=ANY=[@ANYBLOB="e80100000001050500000000000000000a0000003c0002802c00018014000300ff01000000000000000000000000000114000400ff0200000000000000000000000000010c00028005000100000000003c0001800c00028005000100000000002c00018014000300ff020d40f799000000000000000000011400040020010000000000000000000000000001080007400000000010000d800c000380060002004e210000080007400000000da800068004000380080002006401010124000380060001004e230000060001004e230000060001004e210000060002004e24000008000200e000000234000380060002004e230000060002004e240000060001004e200000060002004e200000060002004e230000060001004e200000140004000000000000000000000000000000000008000200ac1414aa140005000000000000000000000000000000000008000100e000000284000e80140001"], 0x1e8}, 0x1, 0x0, 0x0, 0x20000080}, 0x0)

1m52.222453311s ago: executing program 1 (id=595):
mkdir(&(0x7f0000000380)='./file1\x00', 0xa)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x800000, 0x0)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x80c8d0, &(0x7f0000000140)=ANY=[], 0x1, 0x34f, &(0x7f00000004c0)="$eJzs3M1vG0UYx/FfjO04qZr1AYE4oD4SF7isknDigrBQKyEiUYUa8SIhts0GrCx25LWCjBBpT1w4IP4IDlWPvVWC/gO5cOOAuHDLBYkDPSAWed+8bpzEdes2L9+PVO00M8/ubGazemalmf0Pf/hyazN0N72eSjXTnCQ9kOoqKTOXHktxuaq6hm7qtQt///by+x99/G5jbe3yutmVxrXXV81s6dLPX32zkDa7N6+9+qf7f63+uffC3kv7/137ohVaK7R2p2eeXe/80fOuB75ttMIt1+xq4Huhb6126HeT+mhXCnzbDDrb233z2gsXF7e7fhia1+7blt+3Xsd63b55n3uttrmuaxcXdbz5CdqcZc3b6+teI/3PG889WvCNWfQIjyca80h3uw1vMLYLB2qat59OrwAAwEmS5v95tl8apPTH5P9Fef5fTvL/3yUV8v879fu9Cx/cXUrz/3vVQf4vFfL/z/JT1WQbpTz/r0ka5v+dZH6Q5/8bTyb/P5gRnW7fjw6OoigvVse1H8n/cUYN8v/F9O83duuTO8txgfwfAAAAAAAAAAAAAAAAAAAAAIDT4EEUOVEUOckxWwEeOfPxghwpSusPCX/EJeM4aUbHf/hvwvHHKTfcuKO8JAXf7TR3mskxbXBfUiBfy3L0b/w8pAbl6k0rrqL7JdhN43d3msmrobGpVhy/Ikf1h+Oj6Mo7a5dXzLJdCwrxFS0W41fl6Hlpfkz8qiXy61cGx6pefaUQ78rRrzfUUaCNdGVcFv/titnb763ZaP8X4nYAAAAAAJwFruXq2fy3uIWg6x6sT+bHSX0yvy5r/PeBZH69/PD8PI4vq1R+VncNAAAAAMD5Eva/3vKCwO/OqHBL0lFtyprN1YffMCaNyjbIPaTNnOaefFdrkuJCdvHpzjPo2xRXr4ytqkz0GytN1dVL1ckHpXpoVfbZ6LBwXZ1mLCInHYvHGNMXf/zpn6PbJF/GpElO+Obd2jF3esQjUT6qTfW4O62MvCRKs30HAQAAAHg6hkl/9pO3pMqz7RMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOfNrPf/K+4sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJx3/wcAAP//QOD4ig==")
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0)

1m52.154935402s ago: executing program 1 (id=596):
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x78, 0xd, 0x66, 0x0, 0x3}, 0x0)
r0 = creat(&(0x7f0000000580)='./bus\x00', 0x0)
io_setup(0x6, &(0x7f0000000280)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r0, 0x0, 0x0, 0x8000000}])

1m37.148272977s ago: executing program 32 (id=596):
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x78, 0xd, 0x66, 0x0, 0x3}, 0x0)
r0 = creat(&(0x7f0000000580)='./bus\x00', 0x0)
io_setup(0x6, &(0x7f0000000280)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r0, 0x0, 0x0, 0x8000000}])

1m31.291470643s ago: executing program 3 (id=738):
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
rmdir(&(0x7f0000000040)='./control\x00')

1m31.222706172s ago: executing program 3 (id=739):
r0 = socket(0x22, 0x2, 0x24)
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0}, 0x1, 0x0, 0x0, 0x40880}, 0x20004000)

1m31.17193593s ago: executing program 3 (id=740):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/timer\x00', 0x0, 0x0)
read$FUSE(r0, &(0x7f0000001d00)={0x2020}, 0x2020)

1m31.171654065s ago: executing program 3 (id=741):
syz_mount_image$udf(&(0x7f0000000100), &(0x7f0000000f00)='./file0\x00', 0x14444, &(0x7f0000001d80)=ANY=[@ANYBLOB="696f636861727365743d61736369692c6e6f6164696e696362000064696e6963622c6769643d69676e6f72652c7569643d666f726765742c756d61736b3d30303030303030303030303030303030303030303030322c076f6e6761642c6769643d771d0f4d30dc61469a581342d98a7a4c3534a971c3e26de72edc9ec3db403d8b2e970b9dcea448ddbb5a116ce6f67d99a77aa50bce7fc5451bcf5b13e9698d80385c54fff77d38aa9703314cd19a075893a1648dd8ef78a118122ee7a0e400"/203, @ANYRESDEC=0x0, @ANYBLOB=',nostrict,\x00'], 0xfe, 0xc22, &(0x7f00000002c0)="$eJzs3UFsHNd9B+D/Gy1FSm4rJk5Uu43bTVukMmO5sqSYilW4q5pmG0CWiVDMLQBX5EpdmCIJkmpkI22YXnroIUBR9JATgdYokKKB0RRBj2zrAsnFhyKnnogWNoKiB7YIkFPAYGbfikuKsmhTpCj7+2zqNzvz3sx7M+sZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxO+/fOnMc+lhtwIAOEhXxr985qznPwB8rFz1//8AAAAAAAAAAAAAAHDYpSji8Ugxf2U9TVafOwYut2dv3Z4YGd252rFU1TxSlS9/Bp47e+78F54fvtDN96//oD0Zr45fvVR/ae7m/EJrcbE1XZ+YbU/NTbd2vYe91t9uqDoB9Zuv3Zq+fn2xfvbZc1s23x58r/+xk4MXh58+/VS37MTI6Oh4T5la34c++l3uNcLjaBRxOlI8890fp2ZEFLH3c3Gf785+O1Z1YqjqxMTIaNWRmXZzdqncONY9EUVEvadSo3uODuBa7EkjYrlsftngobJ74/PNhea1mVZ9rLmw1F5qz82OpU5ry/7Uo4gLKWIlItb6795dXxRRixTfPrGerkXEke55+Hw1MPje7Sj2sY+7ULaz3hexUjwC1+wQ648iXokUP3m7iKnynOWf+FzEK2V+P+LNMl+MSOUX43zEuzt8j3g01aKIvyiv/8X1NB0RGyc660frl79S/9Ls9bmest37yiP/fDhIh/zeNBBFNKs7/nr68L/ZAQAAAAAAAAAAAAAAAOBBOxZFPBkpXv6PP67GFUc1Lv3ExeE/GPzF3jHjT9xnP2XZZyNiudjdmNyjeQjxWBpL6SGPJf44G4gi/iSP//vmw24MAAAAAAAAAAAAAAAAAADAx1oRP4oUL7xzKq1E75zi7dkb9avNazOdWWG7c/9250zf2NjYqKdONnJO5lzOuZJzNedazihy/ZyNnJM5l3Ou5FzNuZYzjuT6ORs5J3Mu51zJuZpzLWfUcv2cjZyTOZdzruRczbmWMw7J3L0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8lRRTxs0jxra+tp0gR0YiYjE6u9nfLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPU38q4nuRov6HjTvrahGRqn87TpW/nI/G0TI/GY3hMl+MxqWczSprjW/e92hpX/rAh9eXivhhpOgfeOvO1cnXv6/zafOavfn1zU+/Uuvkke7Gwff6Hzt54uLw6K89ca/lHa/+0OX27K3b9YmR0dHxntW1fPRP9qwbzMctHkzXiYjF1994rTkz01qw8PFYqHUWanFI2nNQC/l+FYelPdsXGoejGZsLD/nGxIEon//vRorfeec/uw/87vP/Fzqf7jzh46d/uvn8f2H7jvbp+f94z7oX8u9G+moRA0s35/tORgwsvv7G6fbN5o3Wjdbs+TNnvjg8/MVzZ/qORgxcb8+0epb2fKoAAAAAAAAAAAAAAAAADlYq4vciRfOH66keEber8VqDF4efPv3UkThSjbfaMm7r1fGrl+ovzd2cX2gtLram6xOz7am56dZuDzdQDfeaGBndl87c17F9bv+xgZfm5l9faN/4o6Udtx8fuHRtcWmhObXz5jgWRUSjd81Q1eCJkdGq0TPt5mxVdewBvUqhLxXxX5Fi6nw9fTavy+P/to/w3zL+f3n7jvZp/N8netaVx0ypiJ9Git/+yyfis1U7j8dd5yyX+9tIMXThM7lcHC3LddvQea9AZ2RgWfb/IsU//mxr2e54yMc3yz636xP7iCiv/4lI8b0//078Rl639f0PO1//49t3tE/X/1M9645veV/BnrtOvv6nI8WLj78Vv5nXvd/7P4rY2Nj4RsSpXPjO+zn26fp/umfdYHSO+1sPrvsAAAAAAAAAAACPrL5UxN9FiqdGa+n5vG43f/9vevuO9unvf/1yz7rpA5qvaM8nFQAAAAAOib5UxI8ixY2lt+6Mod46/rtn/Ofvbs69PpK2ba3+nO+XqvcGPMg//+s1mI87ufduAwAAAAAAAAAAAAAAAAAAwKGSUhHP5/nUJ+8zn/pqpHj5f57J5dLJslx3HvjB6teBK3Ozpy/NzMxNNZea12Za9fH55lSrrPupSLH+N5/JdYtqfvXufPOdOd4HNrpzsS9EitG/75btzMXenZu8Mx94Zy72suwnIsV//8PWst15rD+9WfZsWfavI8VX/3nnsic3y54ry34nUvzgq/Vu2eNl2e77UTvvJB2oxUzr2am5mbtehQoAAAAAAAAAAAAAAAAAAAAfVF8q4s8ixf/eXInlPOw/z//fnYG/1i375td75vvf5nY1z/9gNf//vZY/zPz/gw+spwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8OhIUcQbkWL+ynpa7S8/dwxcbs/euj0xMrpztWOpqnmkKl/+DDx39tz5Lzw/fKGb71//QXsyXh2/eqn+0tzN+YXW4mJruj4x256am27teg97rb956jqGqhNQv/narenr1xfrZ589t2Xz7cH3+h87OXhx+OnTT3XLToyMjo73lKn1fYCjf6DGbToaRfxVpHjmuz9O/9IfUcTez8V9vjv77VjViaGqExMjo1VHZtrN2aVy41j3RBQR9Z5Kje45OoBrsSeNiOWy+WWDh8rujc83F5rXZlr1sebCUnupPTc7ljqtLftTjyIupIiViFjrv3t3fVHEa5Hi2yfW07/2RxzpnofPXxn/8pmz925HsY993IWynfW+iJXiEbhmh1h/FPFPkeInb5+Kf+uPqEXnJz4X8UqZ3494s8wXI1KK2PhGxLs7fI94NNWiiP8vr//F9fR2f3k/6N5XLn+l/qXZ63M9Zbv3lV09H3793sd86M+Hg3TI700DUcQPqjv+evp3/10DAAAAAAAAAAAAAAAAHCJF/GqkeOGdU6kaH3xnTHF79kb9avPaTGdYX3fsX3fM9MbGxkY9dbKRczLncs6VnKs513JGkevnbOSczLmccyXnas61nHEk18/ZyDmZcznnSs7VnGs5o5br52zknMy5nHMl52rOtZxxSMbuAQAAAAAAAAAAAAAAAAAAHy1F9U+Kb31tPW30d+aXnoxOrpoP9CPv5wEAAP//N4D+uw==")
symlinkat(&(0x7f00000000c0)='.\x00', 0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00')
creat(&(0x7f0000000000)='./bus\x00', 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f00000001c0)='./bus\x00', 0x40403, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
truncate(&(0x7f00000000c0)='./file0\x00', 0x7f)

1m31.017116396s ago: executing program 3 (id=743):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl$sock_inet_SIOCRTMSG(r0, 0x890d, 0x0)

1m29.604660322s ago: executing program 3 (id=753):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, 0x0, 0x0)

1m29.334844251s ago: executing program 33 (id=753):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, 0x0, 0x0)

1m3.632328359s ago: executing program 4 (id=1009):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="12000000700001000000000f0000000007"], 0x18}}, 0x0)

1m3.600036192s ago: executing program 4 (id=1010):
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000380), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000000c0)='./bus\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ftruncate(r0, 0x8008976)
ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f00000001c0)={0x0, 0x3, 0x1, 0x0, 0x0, [{{r0}}]})

1m3.531087063s ago: executing program 4 (id=1011):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f00000001c0)={0x1d, r2, 0x0, {0x1, 0xf0}}, 0x18)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000001440)={'vcan0\x00', <r4=>0x0})
bind$can_j1939(r3, &(0x7f0000000100)={0x1d, r4, 0x0, {0x1, 0x1, 0x4}, 0x1}, 0x18)
setsockopt$sock_int(r3, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="81b641f1f3843704b6", 0x9}], 0x1}, 0x48005)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=@newtfilter={0x24, 0x11, 0x1, 0x70bd2a, 0x25dfdbfc, {0x0, 0x0, 0x74, r2, {0xfff3, 0x10}, {0xc, 0xffff}, {0x2, 0x8}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x24000095}, 0x20000050)

1m3.259543265s ago: executing program 4 (id=1013):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0xc0, &(0x7f0000000600)=ANY=[@ANYBLOB='uid=', @ANYRESDEC=0x0, @ANYBLOB=',nostrict,umask=00000000000000000177777,gid=forget,volume=00000000000000001023,noadinicb,novrs,lastblock=00000000000000000002,iocharset=cp932,gid=', @ANYRESDEC=0x0, @ANYBLOB="2c000927ef269377351d90aeb50529825f700786beb0826da0bf9d36620d87d004d56ca63f2e70957efda4662ca0eab69a6221732d7cbdd8f6c022eb6c842004c94d392e87c4a0aa81d68ad1cca39fa8ddbb70aa75c886c11149d401ffcdab20fb3aed07ec97390337828e6bfa896e5875ceb3a020461d98fc2a61ac4685346c0fac3e0114e8bf33c9c8d36d9e451b5fb0b94421daa4e5142e0000000000000003ba53d105f78b91bc6e07d984c1071ac746a483083a8c2eb0ed62157c9c4b4ec5bf54162a901e9c1f3f8b4e8c813e2a061482a7ca495b2f7c5ba527fbbd320d96e977145ed6152b9ce4ccef88a3"], 0x1, 0xc32, &(0x7f0000009100)="$eJzs3U1sXNd9N+D/uRyKI/l9KyZ2FCeNi0lbpLJiufqKqViFO6pptgFkWQjF7AJwJI7UgSmSIKlGNtKC6aaLLgIURRdZEWiNAikaGE0RdMm0LpBsvCiy6opoYSMoumCLAFkFLO6dM9KQIm1GFCVKeh6b+s3ce86dc+4Z3ysLOvcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDxe6+dP3EyPexWAAAP0sXxr5445f4PAE+Uy/7/HwAAAAAAAAAAAAAA9rsURTwdKeYurqXJ6n1X/UJn8OatidGxrasdTFXNgap8+VM/eer0mS+9NHK2lxc6Mx9R/377bLwxfvl849XZG3Pz7YWF9lRjYqZzdXaqveMj7Lb+ZseqE9C48ebNqWvXFhqnXjy9Yfet4Q+HnjoyfG7k+ePP9cpOjI6Njd8pUu8vX7vnhnRtN8PjQBRxPFK88L2fplZEFLH7c1F/sGO/2cGqE8eqTkyMjlUdme60ZhbLnZd6J6KIaPRVavbO0dZjEbXBB9qH7TUjlsrmlw0+VnZvfK4137oy3W5cas0vdhY7szOXUre1ZX8aUcTZFLEcEatDdx9uMIqoRYrvHF5LVyJioHcevlhNDN6+HcUe9nEHynY2BiOWi0dgzPaxoSji9Ujxs/eOxtV8namuNV+IeL3MH0S8U+YrEan8YpyJ+GCL7xGPploU8efl+J9bS1PV9aB3XbnwtcZXZq7N9pXtXVd+yfvDXVeKh3R/OLgpH4x9fm2qRxGt6oq/lu79NzsAAAAAAAAAAAAAAAAA3G8Ho4jPRIrX/u2PqnnFUc1LP3xu5PeH/3//nPFnP+Y4ZdkXI2Kp2Nmc3AN5YuCldCmlhzyX+ElWjyL+OM//+9bDbgwAAAAAAAAAAAAAAAAAAMATrYifRIqX3z+alqN/TfHOzPXG5daV6e6qsL21f3trpq+vr683UjebOSdzLuVczrmSczVnFLl+zmbOyZxLOZdzruRczRkDuX7OZs7JnEs5l3Ou5FzNGbVcP2cz52TOpZzLOVdyruaMfbJ2LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaEZPRzZWhh906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA0lIr4fqRo/EHz9rZaRKTq366j5S9nonmgzE9Gc6TMV6J5PmerylrzWw+h/ezOYCrix5FiqP7u7QHP4z/YfXf7axDvfPPOu8/WujnQ2zn84dBTRw6fGxn7tWe3e522asCxC52Zm7caE6NjY+N9m2v50z/Zt204f25xf7pORCy89fabrenp9vy9vyi/Aruo/gi9SLUnpadeVC+iti+a8XD6zhOgvP9/ECl++/1/793wu/f/evy/7rvbd/j4+Z/cuf+/vPlAO7z/1zbXy/f/8p6+1f3/6b5tL+ffjQzWIuqLN+YGj0TUF956+3jnRut6+3p75syJE18eGfny6RODByLq1zrT7b5X9+V0AQAAAAAAAAAAAAAAADw4qYjfjRStH6+lRkTcquZrDZ8bef74cwMxUM232jBv+43xy+cbr87emJtvLyy0pxoTM52rs1PtnX5cvZruNTE6tied+VgH97j9B+uvzs69Nd+5/oeLW+4/VD9/ZWFxvnV1691xMIqIZv+WY1WDJ0bHqkZPd1ozVdVLW06m/+UNpiL+I1JcPdNIn8/b8vz/zTP8N8z/X9p8oD2a//+Jvm3lZ6ZUxM8jxW/9xbPx+aqdh+Kuc5bL/U2kOHb2c7lcHCjL9drQfa5Ad2ZgWfZ/IsU//GJj2d58yKfvlD254xP7iCjH/3Ck+P6ffTd+PW/b+PyHrcf/0OYD7dH4P9O37dCG5xXsuuvk8T8eKV55+t34jbzto57/0Xv2xtFc+PbzOfZo/D/Vt204f+5v3p+uAwAAAAAAAAAAPNIGUxF/Gyl+OFZLL+VtO/n7f1ObD7RHf//r033bpu7PekUf+2LXJxUAAAAA9onBVMRPIsX1xXdvz6HeOP+7b/7n79yZ/zmaNu2t/pzvV6rnBtzPP//rN5w/d3L33QYAAAAAAAAAAAAAAAAAAIB9JaUiXsrrqU9W8/mntl1PfSVSvPZfL+Ry6UhZrrcO/HD1a/3i7Mzx89PTs1dbi60r0+3G+Fzrarus+0ykWPvrz+W6RbW+em+9+e4a73fWYp+PFGN/1yvbXYu9tzb5M72yS+2TZdlPRIr//PuNZXvrWH/qznFPlWX/KlJ8/Z+2LnvkTtnTZdnvRooffb3RK3uoLNt7Puqn75R98epssQejAgAAAAAAAAAAAAAAAAAAwJNmMBXxp5Hiv28s357Ln9f/H+x7W3nnm33r/W9yq1rnf7ha/3+71/ey/n/1XIGl7T4VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTymKeDtSzF1cSytD5fuu+oXOzM1bE6NjW1c7mKqaA1X58qd+8tTpM196aeRsLz+6/v32mXhj/PL5xquzN+bm2wsL7anGxEzn6uxUe8dH2G39zY5VJ6Bx482bU9euLTROvXh6w+5bwx8OPXVk+NzI88ef65WdGB0bG+8rUxu850+/S9pm+4Eo4i8jxQvf+2n64VBEEbs/Fx/z3dlrB6tOHKs6MTE6VnVkutOaWSx3XuqdiCKi0Vep2TtHD2AsdqUZsVQ2v2zwsbJ743Ot+daV6XbjUmt+sbPYmZ25lLqtLfvTiCLOpojliFgduvtwg1HEm5HiO4fX0j8PRQz0zsMXL45/9cSp7dtR7GEfd6BsZ2MwYrn4qDHbosNsMBRF/GOk+Nl7R+NfhiJq0f2JL0S8XuYPIt6J7nin8otxJuIDp/WxUYsi/rcc/3Nr6b2h8nrQu65c+FrjKzPXZvvK9q4rj/z94UHa5/eTehTxo+qKv5b+1X/XAAAAAAAAAAAAAAAAAPtIEb8aKV5+/2iq5gffnlPcmbneuNy6Mt2d1teb+9ebM72+vr7eSN1s5pzMuZRzOedKztWcUeT6OZtl1tfXJ/P7pZzLOVdyruaMgVw/ZzPnZM6lnMs5V3Ku5oxarp+zmXMy51LO5ZwrOVdzxj6ZuwcAAAAAAAAAAAAAAAAAADxeiuqfFN/+xlpaH6rWlx7o7VuxHuhj7/8CAAD//0pa+Ck=")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x106)
lseek(r0, 0x101, 0x0)

1m2.977329158s ago: executing program 4 (id=1014):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r2 = syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace(0x8, r2)
r3 = syz_pidfd_open(r2, 0x0)
process_mrelease(r3, 0x700000000000000)

1m2.593535349s ago: executing program 4 (id=1015):
socket(0x1e, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x1, 0xbfdffffc}, &(0x7f00000000c0)=<r3=>0x0, &(0x7f00000003c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x85c3}})
io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0)

1m2.227663778s ago: executing program 34 (id=1015):
socket(0x1e, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x1, 0xbfdffffc}, &(0x7f00000000c0)=<r3=>0x0, &(0x7f00000003c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x85c3}})
io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0)

50.821557818s ago: executing program 0 (id=1111):
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x5543, 0x64, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x7, 0x0, 0x1, {0x22, 0x1}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x7}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000300)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x5, {[@local=@item_4={0x3, 0x2, 0xa, "f7d998d8"}]}}, 0x0}, 0x0)

49.251410553s ago: executing program 0 (id=1126):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={0x20, 0x2e, 0x9, 0x70bd27, 0x0, {0x4}, [@typed={0xc, 0x18, 0x0, 0x0, @binary="0aac0f0006ac0f00"}]}, 0x20}, 0x1, 0x0, 0x0, 0x42804}, 0x0)

48.941402419s ago: executing program 0 (id=1129):
r0 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r0, &(0x7f0000000000)={0x1a, 0x0, 0x2, 0x3, 0x0, 0x42}, 0x10)
connect$llc(r0, &(0x7f0000000240)={0x1a, 0x302, 0x0, 0x9, 0x2, 0x91, @random="4c01f00a4bb3"}, 0x10)
r1 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r1, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x10)

48.758335184s ago: executing program 0 (id=1130):
r0 = syz_open_procfs(0x0, &(0x7f00000190c0)='uid_map\x00')
pread64(r0, &(0x7f0000000080)=""/102397, 0x18ffd, 0x6)

48.592626217s ago: executing program 0 (id=1132):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsopen(&(0x7f0000000500)='ramfs\x00', 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
r3 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000000, 0x110, r3, 0x100000000)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x220)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
r5 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x888000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r5, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r4, {0x1}}, './file0\x00'})

47.537693494s ago: executing program 0 (id=1135):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000240)=ANY=[@ANYBLOB="1201fb00fb030320d812010079de01ec020109021b0001000003000904000001785ecc0009058502"], 0x0)
read$char_usb(0xffffffffffffffff, 0x0, 0x0)

32.094637514s ago: executing program 35 (id=1135):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000240)=ANY=[@ANYBLOB="1201fb00fb030320d812010079de01ec020109021b0001000003000904000001785ecc0009058502"], 0x0)
read$char_usb(0xffffffffffffffff, 0x0, 0x0)

3.6849253s ago: executing program 6 (id=1523):
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace00000000000000002100000002ff02000000000000000000000000000104004e200023b0"], 0x0)
splice(r1, 0x0, r0, 0x0, 0x45, 0x7)

1.138371109s ago: executing program 5 (id=1561):
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000240)=[@in6={0xa, 0x4e21, 0x5, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x6}, @in6={0xa, 0x4e21, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x4}, @in={0x2, 0x4e21, @local}, @in6={0xa, 0x4e20, 0x66d3, @empty, 0x8}], 0x64)

1.071303964s ago: executing program 5 (id=1563):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x34}, 0x4}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0x35, &(0x7f00000000c0)=0x1, 0x4)

591.215878ms ago: executing program 2 (id=1576):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@delqdisc={0x24, 0x25, 0x100, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xa, 0xfff2}, {0x10, 0xb}, {0x1b, 0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x2400b091}, 0x3000c81c)
r0 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
r1 = open(&(0x7f0000000100)='./bus\x00', 0x0, 0x0)
write$binfmt_elf64(r0, &(0x7f00000002c0)=ANY=[], 0x76)
lsetxattr$security_ima(&(0x7f00000002c0)='./bus\x00', &(0x7f0000000000), &(0x7f0000000140)=ANY=[@ANYBLOB="04"], 0x2, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000440)={{0x7f, 0x45, 0x4c, 0x46, 0x8, 0x9, 0x3, 0x7f, 0x8000000000000001, 0x1, 0x3, 0x0, 0x33b, 0x40, 0x2a4, 0x7, 0x40, 0x38, 0x2, 0x4, 0x5, 0x8}, [{0x0, 0x9, 0x8, 0x2, 0x2, 0x3, 0x2, 0x4}, {0x60000000, 0x1, 0x100, 0x1, 0x1, 0x9, 0x240000000000}], "ebf5b9080dae70605cc6e6dc927684d747a3675ccef54ab19b6548e86d0207e2fda903b9acc71cf61b9042f782e4aa5fcad92b25e7d36842c51bc4f9e4f4480b93fb91a9598b3296117be58f835ed8b58cdfd579aaf5364e4631f63feccc1514e52c4db1b2acc4999a52dbd368b72c58ef231201a6393cd5192df77b94aa267f89e33ee4d50b714e7986a50736da683fb2c99cd99e20bc58c2e695e01eee13254478400830f2801cba90b47d01c74e9447efcdc151abe62ef8b680079aa024b0e282011b5482c3dcabeb1f3c8133f04f7c14"}, 0x182)
dup3(r1, r0, 0x0)
finit_module(r1, 0x0, 0x100000000000000)

528.009212ms ago: executing program 6 (id=1577):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xa18}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @lowpan={{0xb}, {0x4}}}, @IFLA_ADDRESS={0xa, 0x1, @remote}]}, 0x40}}, 0x0)

526.992143ms ago: executing program 2 (id=1578):
syz_mount_image$xfs(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x4000000, &(0x7f0000000140), 0x1, 0x983d, &(0x7f0000002240)="$eJzs3QW8pWWheP8zwwBDhyJYgJSYpISBdCiipCghSEsKiIDSoYQKioACCiiISHd3S3d3d3f8PwMDwrjgcn//e4XLWuvjnH12nH2e/Xzf5/Xs8x72XnLeReccGBh34LVeP/1XZ+1667KLjbXgukfvPOSavXZY6IHhF4/y2sl4sw8/nWP46ZwDAwODht/PoNcuGzLbUUcPHhgyMOx//2rM0UYfPObAwOjDzw6/n4GZXzsZY//Xb/fKCPFAJx327bZ/7d+rjTXsToZ9svRyL601MDAw9E1fP2xc0/7bA5W25BzzzfsvqzfcBg+/etC/rnv1dMhr/8bYd2BgjL0H3n77GHbbkd/0tf/Jhn3PcScfWPzW9+B7/59ryTnmW2AE/2FrcaThl808bI2PuAaNjbid77Do6vcNn8JBwyduyJvWy3ux3f8/teQc8y448PbreGCheTa595VX95tD5h4YGDLPwMCQeQcGhsz3XnvU/0zv6cZXVVVV70lzzDnDsOfsg0f4eWDo6z/X0s+F57043Z0DA0MWeu154pDlXn8uWFVVVVVVVVXvz+aYc4a54Pn/uO/0/H/SE7cer+f/VVVVVVVVVf93WmCOOWcY9lx/hOf/E73T8/9H7z94v9f+9n/2mV/7qpff2wdRVVVVVVVVVe/YvAvg8/9J3+n5/wVHTXpxz/+rqqqqqqqq/u+0yCuvvLLZm15nb/jFU79+PT3/P/mem5d5zwZcVVVVVVVVVf/tXn7ohFP+9ZrvEw+M8Hrvrzb89wKDDjvt0kvfs4G+Pxr0778P2fy9HtP/34Y5Dz1w0oGBtRZ/r4dS70H/Z16rvv5Xyt9d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v8xb3N8f83Xv//5CNWeP294D895QzXnvCvr3z1vf+HLLTAQ1u8R0N/L/qgHv8fWG3QwMBw33FXGxgYWGiORRabemBg4IRrZ5hyioE3rptl2HVfGX+kV98g/vX/TGSe8fiON5/stdNhG8rAh9+4j8Nevf8FXtlnpEEjDOJNjXfMfvutuuQzM454OtXbP47Bb3w21tH3v/7fsgwe4UZD3+aLX7//1x/LiM7Dxz71sLFPs/6a60yz3kYbf2G1NZdfZaVVVlpr1ulnmm7GWWedaaZpVl5tjZWmfe3j283ZpK9+nOvdzNmYI87ZQ3O8ec5GfGxvN2eTvvOcvXqPu5w/9Ouvz9mQ/+aczfXOczbpasO/0Xizjzyw3KtzM2hgYLy5Rx7YcNiZ6UYdGBhvnuG3nWjYbb86/uCBgZ3+9UCHfTbqG9vgoM2H3WbJeRed87Xd1MDAv07/1du8n/0ow0c++/DTOYafzvnatxl34F+b4pDZjjp68LC5eMt0jDna6IPHHBgYffjZ4fczMOtrJ6Of+Prt3uZ91kcY6Ksvs7L9a/9ebayBgYExhn0y8fInbzNs6v8D79P+//T////mNcugN7bHQcP/Db/Na15zzLfAv77Xq9MwbO5GGn7ZzMNM/off2v4t/dt4Jx06MOk7jPcdXhfn1Wj7WuOECbb8n3pdHBrvRO8w3nd4Hd+3He8Sd+5+32t39T823hH2dQu++nH2d7OvG3jnfd1IdAcrXfTJEfd133z7Ib5ld/n6HI06wo3ebl830Z6TbD7s/md/533dgsPGPvJb9nWDBwbGm+v1fd2wHd+8Iw/sNOzM9MPOzDfywAHDzszw6pnRBk4bduaLK6y9xorDLpj/37eDqQe95Q80YZ3NO8I6G/Smxz5ohL/vHPLa6Rj7vv4eTm+z3xw0/GH9l/sK2m7HfYfxvsP7T+E8D7tsxcOHTvA/9f5TNN6h7zzet3u/7Lcd745Pn3zr//B431hnI79puuZ/N+ts0reus2EPcaQ3rYx3+3PYinD71z6f6I1722DT+9/4mWLkEe73v/qZYv53XmfjrjbC122398Cgd5qb+d7N3Hzi3/ZBW7x5bt7tz1tTT/7a9SO9w9yMOuuyU70+N6P8N+dmvv/u3Mw+MNJb52bIwDwDAwNTDN8/zPtu5maid56bd7vdjA63f+3zld64aO4dDjzn9bkZcS7+q7mZ9787N5O+sd1M8ep1kw0eGGWUgQ2XX3/9dad77ePrZ6d/7eM7r8G5381cjvs/M5cfG/J2c/mvTXXMOy/e979Yg/+2T3/9/uf+787lwBtzObDaiIul3q/1+z93+bvL313+7vJ3l7+7/MW9zfH/N17/f7dxv7Lz8F9ujHzxJBNu+16P9z3uA338f7jvW47/bzvhJBcPHnjjunc8Pvvabd6Xx2dnfu1kjP1fv92Ixwd5oG9/fHbvWWfe+j90fPb/qdfX6rv4PVz7f3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+4tzn+P+3rfwdwz3QLPz78QOjID2y11MLv9Xjf4z7Qx/+H+77l+P/CS231wOCBN657x+P/r93Gcfz/9hfm3fH9fPz/9bXa8f/6L8rfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/MW9zfH/2V//O4CDD95949f/HuDK8bY/4b0e73vcB/X4f+//7639v7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y1/c8OP/AyO8veV32i4wOP7/f7u38V84f8ziv0j+mMV/0fwxi/9i+WMW/8Xzxyz+S+SPWfy/mz9m8V8yf8zi/738MYv/9/PHLP5L5Y9Z/JfOH7P4L5M/ZvFfNn/M4v+D/DGL/3L5Yxb/5fPHLP4/zB+z+K+QP2bxXzF/zOK/Uv6YxX/l/DGL/yr5Yxb/VfPHLP6r5Y9Z/H+UP2bxXz1/zOK/Rv6YxX/N/DGL/1r5Yxb/tfPHLP7r5I9Z/H+cP2bxXzd/zOK/Xv6YxX/9/DGL/0/yxyz+G+SPWfx/mj9m8d8wf8ziv1H+mMV/4/wxi//P8scs/j/PH7P4b5I/ZvHfNH/M4r9Z/pjFf/P8MYv/FvljFv8t88cs/lvlj1n8t84fs/hvkz9m8d82f8zi/4v8MYv/L/PHLP7b5Y9Z/LfPH7P475A/ZvHfMX/M4v+r/DGL/6/zxyz+v8kfs/jvlD9m8d85f8zi/9v8MYv/7/LHLP675I9Z/H+fP2bx3zV/zOK/W/6YxX/3/DGL/x/yxyz+f8wfs/jvkT9m8d8zf8ziv1f+mMX/T/ljFv8/549Z/PfOH7P475M/ZvHfN3/M4v+X/DGL/1/zxyz+++WPWfz3zx+z+P8tf8zif0D+mMX/7/ljFv8D88cs/v/IH7P4H5Q/ZvE/OH/M4n9I/pjF/9D8MYv/YfljFv/D88cs/kfkj1n8j8wfs/gflT9m8T86f8zif0z+mMX/2Pwxi/9x+WMW/+Pzxyz+J+SPWfxPzB+z+J+UP2bxPzl/zOJ/Sv6Yxf/U/DGL/2n5Yxb/0/PHLP5n5I9Z/M/MH7P4n5U/ZvE/O3/M4n9O/pjF/9z8MYv/efljFv/z88cs/hfkj1n8/5k/ZvG/MH/M4n9R/pjF/+L8MYv/JfljFv9L88cs/pflj1n8L88fs/hfkT9m8b8yf8zif1X+mMX/6vwxi/81+WMW/2vzxyz+1+WPWfyvzx+z+N+QP2bxvzF/zOJ/U/6Yxf/m/DGL/y35Yxb/W/PHLP635Y9Z/G/PH7P435E/ZvG/M3/M4n9X/pjF/+78MYv/PfljFv9788cs/vflj1n8788fs/g/kD9m8X8wf8zi/1D+mMX/4fwxi/8j+WMW/0fzxyz+j+WPWfwfzx+z+D+RP2bxfzJ/zOL/VP6Yxf/p/DGL/zP5Yxb/Z/PHLP7P5Y9Z/J/PH7P4v5A/ZvF/MX/M4v9S/pjF/+X8MYv/K/ljEv9BA/ljFv9B+WMW/8H5Yxb/kfLHLP5D8scs/iPnj1n8R8kfs/iPmj9m8R+aP2bxHy1/zOI/ev6YxX+M/DGL/5j5Yxb/sfLHLP5j549Z/MfJH7P4j5s/ZvEfL3/M4j9+/pjF/0P5Yxb/D+ePWfwnyB+z+H8kf8ziP2H+mMV/ovwxi/9H88cs/h/LH7P4fzx/zOL/ifwxi/8n88cs/hPnj1n8J8kfs/hPmj9m8f9U/pjFf7LX/Ye+R+N6n2bxn7z1j1n8p8gfs/hPmT9m8Z8qf8zi/+n8MYv/1PljFv/P5I9Z/D+bP2bx/1z+mMX/8/ljFv8v5I9Z/L+YP2bxnyZ/zOI/bf6YxX+6/DGL//T5Yxb/GfLHLP4z5o9Z/L+UP2bxnyl/zOI/c/6YxX+W/DGL/6z5Yxb/L+ePWfy/kj9m8f9q/pjF/2v5Yxb/2fLHLP5fzx+z+M+eP2bxnyN/zOI/Z/6YxX+u/DGL/9z5Yxb/efLHLP7z5o9Z/OfLH7P4z58/ZvFfIH/M4v+N/DGL/zfzxyz+C+aPWfy/lT9m8V8of8zi/+38MYv/d/LHLP4L549Z/BfJH7P4L5o/ZvFfLH/M4r94/pjFf4n8MYv/d/PHLP5L5o9Z/L+XP2bx/37+mMV/qfwxi//S+WMW/2Xyxyz+y+aPWfx/kD9m8V8uf8ziv3z+mMX/h/ljFv8V8scs/ivmj1n8V8ofs/ivnD9m8V8lf8ziv2r+mMV/tfwxi/+P8scs/qvnj1n818gf+4D6Xzcwgv+a+WMfUP9Xe7P/WvljFv+188cs/uvkj1n8f5w/ZvFfN3/M4r9e/pjFf/38MYv/T/LHLP4b5I9Z/H+aP2bx3zB/zOK/Uf6YxX/j/DGL/8/yxyz+P88fs/hvkj9m8d80f8ziv1n+mMV/8/wxi/8W+WMW/y3zxyz+W+WPWfy3zh+z+G+TP2bx3zZ/zOL/i/wxi/8v88cs/tvlj1n8t88fs/jvkD9m8d8xf8zi/6v8MYv/r/PHLP6/yR+z+O+UP2bx3zl/zOL/2/wxi//v8scs/rvkj1n8f58/ZvHfNX/M4r9b/pjFf/f8MYv/H/LHLP5/zB+z+O+RP2bx3zN/zOK/V/6Yxf9P+WMW/z/nj1n8984fs/jvkz9m8d83f8zi/5f8MYv/X/PHLP775Y9Z/PfPH7P4/+2t/nf/x8f1Ps3if0DrH7P4/z1/zOJ/YP6Yxf8f+WMW/4Pyxyz+B+ePWfwPyR+z+B+aP2bxPyx/zOJ/eP6Yxf+I/DGL/5H5Yxb/o/LHLP5H549Z/I/JH7P4H5s/ZvE/Ln/M4n98/pjF/4T8MYv/ifljFv+T8scs/ifnj1n8T8kfs/ifmj9m8T8tf8zif3r+mMX/jPwxi/+Z+WMW/7Pyxyz+Z+ePWfzPyR+z+J+bP2bxPy9/zOJ/fv6Yxf+C/DGJ/6vl/+9J/AddmD9m8b8of8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+z+F+ZP2bxvyp/zOJ/df6Yxf+a/DGL/7X5Yxb/6/LHLP7X549Z/G/IH7P435g/ZvG/KX/M4n9z/pjF/5b8MYv/rfljFv/b8scs/rfnj1n878gfs/jfmT9m8b8rf8zif3f+mMX/nvwxi/+9+WMW//vyxyz+9+ePWfwfyB+z+D+YP2bxfyh/zOL/cP6Yxf+R/DGL/6P5Yxb/x/LHLP6P549Z/J/IH7P4P5k/ZvF/Kn/M4v90/pjF/5n8MYv/s/ljFv/n8h+FLrT4P58/ZvF/IX/M4v9i/pjF/6X8MYv/y/ljFv9X8sck/q9+mv+/Z/EflD9m8R+cP2bxHyl/zOI/JH/M4j9y/pjFf5T8MYv/qPljFv+h+WMW/9Hyxyz+o+ePWfzHyB+z+I+ZP2bxHyt/zOI/dv6YxX+c/DGL/7j5Yxb/8fLHLP7j549Z/D+UP2bx/3D+mMV/gvwxi/9H8scs/hPmj1n8J8ofs/h/NH/M4v+x/DGL/8fzxyz+n8gfs/h/Mn/M4j9x/pjFf5L8MYv/pPljFv9P5Y9Z/CfLH7P4T54/ZvGfIn/M4j9l/pjFf6r8MYv/p/PHLP5T549Z/D+TP2bx/2z+mMX/c/ljFv/P549Z/L+QP2bx/2L+mMV/mvwxi/+0+WODztp15IGBgQ+8/3T5Y5b1P33+mMV/hvwxi/+M+WMW/y/lj1n8Z8ofs/jPnD9m8Z8lf8ziP2v+mMX/y/ljFv+v5I9Z/L+aP2bx/1r+mMV/tvwxi//X88cs/rPnj1n858gfs/jPmT9m8Z8rf8ziP3f+mMV/nvwxi/+8+WMW//nyxyz+8+ePWfwXyB+z+H8jf8zi/838MYv/gvljFv9v5Y9Z/BfKH7P4fzt/zOL/nfwxi//C+WMW/0Xyxyz+i+aPWfwXyx+z+C+eP2bxXyJ/zOL/3fwxi/+S+WMW/+/lj1n8v58/ZvFfKn/M4r90/pjFf5n8MYv/svljFv8f5I9Z/JfLH7P4L58/ZvH/Yf6YxX+F/DGL/4r5Yxb/lfLHLP4r549Z/FfJH7P4r5o/ZvFfLX/M4v+j/DGL/+r5Yxb/NfLHLP5r5o9Z/NfKH7P4r50/ZvFfJ3/M4v/j/DGL/7r5Yxb/9fLHLP7r549Z/H+SP2bx3yB/zOL/0/wxi/+G+WMW/43yxyz+G+ePWfx/lj9m8f95/pjFf5P8MYv/pvljFv/N8scs/pvnj1n8t8gfs/hvmT9m8d8qf8ziv3X+mMV/m/wxi/+2+WMW/1/kj1n8f5k/ZvHfLn/M4r99/pjFf4f8MYv/jvljFv9f5Y9Z/H+dP2bx/03+mMV/p/wxi//O+WMW/9/mj1n8f5c/ZvHfJX/M4v/7/DGL/675Yxb/3fLHLP67549Z/P+QP2bx/2P+mMV/j/wxi/+e+WMW/73yxyz+f8ofs/j/OX/M4r93/pjFf5/8MYv/vvljFv+/5I9Z/P+aP2bx3y9/zOK/f/6Yxf9v+WMW/wPyxyz+f88fs/gfmD9m8f9H/pjF/6D8MYv/wfljFv9D8scs/ofmj1n8D8sfs/gfnj9m8T8if8zif2T+mMX/qPwxi//R+WMW/2Pyxyz+x+aPWfyPyx+z+B+fP2bxPyF/zOJ/Yv6Yxf+k/DGL/8n5Yxb/U/LHLP6n5o9Z/E/LH7P4n54/ZvE/I3/M4n9m/pjF/6z8MYv/2fljFv9z8scs/ufmj1n8z8sfs/ifnz9m8b8gf8zi/8/8MYv/hfljFv+L8scs/hfnj1n8L8kfs/hfmj9m8b8sf8zif3n+mMX/ivwxi/+V+WMW/6vyxyz+V+ePWfyvyR+z+F+bP2bxvy5/zOJ/ff6Yxf+G/DGL/435Yxb/m/LHLP43549Z/G/JH7P435o/ZvG/LX/M4n97/pjF/478MYv/nfljFv+78scs/nfnj1n878kfs/jfmz9m8b8vf8zif3/+mMX/gfwxi/+D+WMW/4fyxyz+D+ePWfwfyR+z+D+aP2bxfyx/zOL/eP6Yxf+J/DGL/5P5Yxb/p/LHLP5P549Z/J/JH7P4P5s/ZvF/Ln/M4v98/pjF/4X8MYv/i/ljFv+X8scs/i/nj1n8X8kfk/iPNJA/ZvEflD9m8R+cP2bxHyl/zOI/JH/M4j9y/pjFf5T8MYv/qPljFv+h+WMW/9Hyxyz+o+ePWfzHyB+z+I+ZP2bxHyt/zOI/dv6YxX+c/DGL/7j5Yxb/8fLHLP7j549Z/D+UP2bx/3D+mMV/gvwxi/9H8scs/hPmj1n8J8ofs/h/NH/M4v+x/DGL/8fzxyz+n8gfs/h/Mn/M4j9x/pjFf5L8MYv/pPljFv9P5Y9Z/CfLH7P4T54/ZvGfIn/M4j9l/pjFf6r8MYv/p/PHLP5T549Z/D+TP2bx/2z+mMX/c/ljFv/P549Z/L+QP2bx/2L+mMV/mvwxi/+0+WMW/+nyxyz+0+ePWfxnyB+z+M+YP2bx/1L+mMV/pvwxi//M+WMW/1nyxyz+s+aPWfy/nD9m8f9K/pjF/6v5Yxb/r+WPWfxnyx+z+H89f8ziP3v+mMV/jvwxi/+c+WMW/7nyxyz+c+ePWfznyR+z+M+bP2bxny9/zOI/f/6YxX+B/DGL/zfyxyz+38wfs/gvmD9m8f9W/pjFf6H8MYv/t/PHLP7fyR+z+C+cP2bxXyR/zOK/aP6YxX+x/DGL/+L5Yxb/JfLHLP7fzR+z+C+ZP2bx/17+mMX/+/ljFv+l8scs/kvnj1n8l8kfs/gvmz9m8f9B/pjFf7n8MYv/8vljFv8f5o9Z/FfIH7P4r5g/ZvFfKX/M4r9y/pjFf5X8MYv/qvljFv/V8scs/j/KH7P4r54/ZvFfI3/M4r9m/pjFf638MYv/2vljFv918scs/j/OH7P4r5s/ZvFfL3/M4r9+/pjF/yf5Yxb/DfLHLP4/zR+z+G+YP2bx3yh/zOK/cf6Yxf9n+WMW/5/nj1n8N8kfs/hvmj9m8d8sf8ziv3n+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfy3yR+z+G+bP2bx/0X+mMX/l/ljFv/t8scs/tvnj1n8d8gfs/jvmD9m8f9V/pjF/9f5Yxb/3+SPWfx3yh+z+O+cP2bx/23+mMX/d/ljFv9d8scs/r/PH7P475o/ZvHfLX/M4r97/pjF/w/5Yxb/P+aPWfz3yB+z+O+ZP2bx3yt/zOL/p/wxi/+f88cs/nvnj1n898kfs/jvmz9m8f9L/pjF/6/5Yxb//fLHLP77549Z/P+WP2bxPyB/zOL/9/wxi/+B+WMW/3/kj1n8D8ofs/gfnD9m8T8kf8zif2j+mMX/sPwxi//h+WMW/yPyxyz+R+aPWfyPyh+z+B+dP2bxPyZ/zOJ/bP6Yxf+4/DGL//H5Yxb/E/LHLP4n5o9Z/E/KH7P4n5w/ZvE/JX/M4n9q/pjF/7T8MYv/6fljFv8z8scs/mfmj1n8z8ofs/ifnT9m8T8nf8zif27+mMX/vPwxi//5+WMW/wvyxyz+/8wfs/hfmD9m8b8of8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+z+F+ZP2bxvyp/zOJ/df6Yxf+a/DGL/7X5Yxb/6/LHLP7X549Z/G/IH7P435g/ZvG/KX/M4n9z/pjF/5b8MYv/rfljFv/b8scs/rfnj1n878gfs/jfmT9m8b8rf8zif3f+mMX/nvwxi/+9+WMW//vyxyz+9+ePWfwfyB+z+D+YP2bxfyh/zOL/cP6Yxf+R/DGL/6P5Yxb/x/LHLP6P549Z/J/IH7P4P5k/ZvF/Kn/M4v90/pjF/5n8MYv/s/ljFv/n8scs/s/nj1n8X8gfs/i/mD9m8X8pf8zi/3L+mMX/lfwxif+Qgfwxi/+gd+c/yv/auN6nWfwHt/4xi/9I+WMW/yH5Yxb/kfPHLP6j5I9Z/EfNH7P4D80fs/iPlj9m8R89f8ziP0b+mMV/zPwxi/9Y+WMW/7Hzxyz+4+SPWfzHzR+z+I+XP2bxHz9/zOL/ofwxi/+H88cs/hPkj1n8P5I/ZvGfMH/M4j9R/pjF/6P5Yxb/j+WPWfw/nj9m8f9E/pjF/5P5Yxb/ifPHLP6T5I9Z/CfNH7P4fyp/zOI/Wf6YxX/y/DGL/xT5Yxb/KfPHLP5T5Y9Z/D+dP2bxnzp/zOL/mfwxi/9n88cs/p/LH7P4fz5/zOL/hfwxi/8X88cs/tPkj1n8p80fs/hPlz9m8Z8+f8ziP0P+mMV/xvwxi/+X8scs/jPlj1n8Z84fs/jPkj9m8Z81f8zi/+X8MYv/V/LHLP5fzR+z+H8tf8ziP1v+mMX/6/ljFv/Z88cs/nPkj1n858wfs/jPlT9m8Z87f8ziP0/+mMV/3vwxi/98+WMW//nzxyz+C+SPWfy/kT9m8f9m/pjFf8H8MYv/t/LHLP4L5Y9Z/L+dP2bx/07+mMV/4fwxi/8i+WMW/0Xzxyz+i+WPWfwXzx+z+C+RP2bx/27+mMV/yfwxi//38scs/t/PH7P4L5U/ZvFfOn/M4r9M/pjFf9n8MYv/D/LHLP7L5Y9Z/JfPH7P4/zB/zOK/Qv6YxX/F/DGL/0r5Yxb/lfPHLP6r5I9Z/FfNH7P4r5Y/ZvH/Uf6YxX/1/DGL/xr5Yxb/NfPHLP5r5Y9Z/NfOH7P4r5M/ZvH/cf6YxX/d/DGL/3r5Yxb/9fPHLP4/yR+z+G+QP2bx/2n+mMV/w/wxi/9G+WMW/43zxyz+P8sfs/j/PH/M4r9J/pjFf9P8MYv/ZvljFv/N88cs/lvkj1n8t8wfs/hvlT9m8d86f8ziv03+mMV/2/wxi/8v8scs/r/MH7P4b5c/ZvHfPn/M4r9D/pjFf8f8MYv/r/LHLP6/zh+z+P8mf8ziv1P+mMV/5/wxi/9v88cs/r/LH7P475I/ZvH/ff6YxX/X/DGL/275Yxb/3fPHLP5/yB+z+P8xf8ziv0f+mMV/z/wxi/9e+WMW/z/lj1n8/5w/ZvHfO3/M4r9P/pjFf9/8MYv/X/LHLP5/zR+z+O+XP2bx3z9/zOL/t/wxi/8B+WMW/7/nj1n8D8wfs/j/I3/M4n9Q/pjF/+D8MYv/IfljFv9D88cs/oflj1n8D88fs/gfkT9m8T8yf8zif1T+mMX/6Pwxi/8x+WMW/2Pzxyz+x+WPWfyPzx+z+J+QP2bxPzF/zOJ/Uv6Yxf/k/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4n5E/ZvE/M3/M4n9W/pjF/+z8MYv/OfljFv9z88cs/uflj1n8z88fs/hfkD9m8f9n/pjF/8L8MYv/RfljFv+L88cs/pfkj1n8L80fs/hflj9m8b88f8zif0X+mMX/yvwxi/9V+WMW/6vzxyz+1+SPWfyvzR+z+F+XP2bxvz5/zOJ/Q/6Yxf/G/DGL/035Yxb/m/PHLP635I9Z/G/NH7P435Y/ZvG/PX/M4n9H/pjF/878MYv/XfljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8zi/0D+mMX/wfwxi/9D+WMW/4fzxyz+j+SPWfwfzR+z+D+WP2bxfzx/zOL/RP6Yxf/J/DGL/1P5Yxb/p/PHLP7P5I9Z/J/NH7P4P5c/ZvF/Pn/M4v9C/pjF/8X8MYv/S/ljFv+X88cs/q/kj0n8Rx7IH7P4D8ofs/gPzh+z+I+UP2bxH5I/ZvEfOX/M4j9K/pjFf9T8MYv/0Pwxi/9o+WMW/9Hzxyz+Y+SPWfzHzB+z+I+VP2bxHzt/zOI/Tv6YxX/c/DGL/3j5Yxb/8fPHLP4fyh+z+H84f8ziP0H+mMX/I/ljFv8J88cs/hPlj1n8P5o/ZvH/WP6Yxf/j+WMW/0/kj1n8P5k/ZvGfOH/M4j9J/pjFf9L8MYv/p/LHLP6T5Y9Z/CfPH7P4T5E/ZvGfMn/M4j9V/pjF/9P5Yxb/qfPHLP6fyR+z+H82f8zi/7n8MYv/5/PHLP5fyB+z+H8xf8ziP03+mMV/2vwxi/90+WMW/+nzxyz+M+SPWfxnzB+z+H8pf8ziP1P+mMV/5vwxi/8s+WMW/1nzxyz+X84fs/h/JX/M4v/V/DGL/9fyxyz+s+WPWfy/nj9m8Z89f8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+M+XP2bxnz9/zOK/QP6Yxf8b+WMW/2/mj1n8F8wfs/h/K3/M4r9Q/pjF/9v5Yxb/77j8h7zbG1r8F3b5v+ss/ovkj1n8F80fs/gvlj9m8V88f8ziv0T+mMX/u/ljFv8l88cs/t/LH7P4fz9/zOK/VP6YxX/p/DGL/zL5Yxb/ZfPHLP4/yB+z+C+XP2bxXz5/zOL/w/wxi/8K+WMW/xXzxyz+K+WPWfxXzh+z+K+SP2bxXzV/zOK/Wv6Yxf9H+WMW/9Xzxyz+a+SPWfzXzB+z+K+VP2bxXzt/zOK/Tv6Yxf/H+WMW/3Xzxyz+6+WPWfzXzx+z+P8kf8ziv0H+mMX/p/ljFv8N88cs/hvlj1n8N84fs/j/LH/M4v/z/DGL/yb5Yxb/TfPHLP6b5Y9Z/DfPH7P4b5E/ZvHfMn/M4r9V/pjFf+v8MYv/NvljFv9t88cs/r/IH7P4/zJ/zOK/Xf6YxX/7/DGL/w75Yxb/HfPHLP6/yh+z+P86f8zi/5v8MYv/TvljFv+d88cs/r/NH7P4/y5/zOK/S/6Yxf/3+WMW/13zxyz+u+WPWfx3zx+z+P8hf8zi/8f8MYv/HvljFv8988cs/nvlj1n8/5Q/ZvH/c/6YxX/v/DGL/z75Yxb/ffPHLP5/yR+z+P81f8ziv1/+mMV///wxi//f8scs/gfkj1n8/54/ZvE/MH/M4v+P/DGL/0H5Yxb/g/PHLP6H5I9Z/A/NH7P4H5Y/ZvE/PH/M4n9E/pjF/8j8MYv/UfljFv+j88cs/sfkj1n8j80fs/gflz9m8T8+f8zif0L+mMX/xPwxi/9J+WMW/5Pzxyz+p+SPWfxPzR+z+J+WP2bxPz1/zOJ/Rv6Yxf/M/DGL/1n5Yxb/s/PHLP7n5I9Z/M/NH7P4n5c/ZvE/P3/M4n9B/pjF/5/5Yxb/C/PHLP4X5Y9Z/C/OH7P4X5I/ZvG/NH/M4n9Z/pjF//L8MYv/FfljFv8r88cs/lflj1n8r84fs/hfkz9m8b82f8zif13+mMX/+vwxi/8N+WMW/xvzxyz+N+WPWfxvzh+z+N+SP2bxvzV/zOJ/W/6Yxf/2/DGL/x35Yxb/O/PHLP535Y9Z/O/OH7P435M/ZvG/N3/M4n9f/pjF//78MYv/A/ljFv8H88cs/g/lj1n8H84fs/g/kj9m8X80f8zi/1j+mMX/8fwxi/8T+WMW/yfzxyz+T+WPWfyfzh+z+D+TP2bxfzZ/zOL/XP6Yxf/5/DGL/wv5Yxb/F/PHLP4v5Y9Z/F/OH7P4v5I/JvEfZSB/zOI/KH/M4j84f8ziP1L+mMV/SP6YxX/k/DGL/yj5Yxb/UfPHLP5D88cs/qPlj1n8R88fs/iPkT9m8R8zf8ziP1b+mMV/7Pwxi/84+WMW/3Hzxyz+4+WPWfzHzx+z+H8of8zi/+H8MYv/BPljFv+P5I9Z/CfMH7P4T5Q/ZvH/aP6Yxf9j+WMW/4/nj1n8P5E/ZvH/ZP6YxX/i/DGL/yT5Yxb/SfPHLP6fyh+z+E+WP2bxnzx/zOI/Rf6YxX/K/DGL/1T5Yxb/T+ePWfynzh+z+H8mf8zi/9n8MYv/5/LHLP6fzx+z+H8hf8zi/8X8MYv/NPljFv9p88cs/tPlj1n8p88fs/jPkD9m8Z8xf8zi/6X8MYv/TPljFv+Z88cs/rPkj1n8Z80fs/h/OX/M4v+V/DGL/1fzxyz+X8sfs/jPlj9m8f96/pjFf/b/2n/U/9VxvU+z+M/R+scs/nPmj1n858ofs/jPnT9m8Z8nf8ziP2/+mMV/vvwxi//8+WMW/wXyxyz+38gfs/h/M3/M4r9g/pjF/1v5Yxb/hfLHLP7fzh+z+H8nf8ziv3D+mMV/kfwxi/+i+WMW/8Xyxyz+i+ePWfyXyB+z+H83f8ziv2T+mMX/e/ljFv/v549Z/JfKH/uA+g8awXqUpfPHPqD+r/bm9b9M/pjFf9n8MYv/D/LHLP7L5Y9Z/JfPH7P4/zB/zOK/Qv7YoLMGDZ+ZD7b/ivljlvW/Uv6YxX/l/DGL/yr5Yxb/VfPHLP6r5Y9Z/H+UP2bxXz1/zOK/Rv6YxX/N/DGL/1r5Yxb/tfPHLP7r5I9Z/H+cP2bxXzd/zOK/Xv6YxX/9/DGL/0/yxyz+G+SPWfx/mj9m8d8wf8ziv1H+mMV/4/wxi//P8scs/j/PH7P4b5I/ZvHfNH/M4r9Z/pjFf/P8MYv/FvljFv8t88cs/lvlj1n8t84fs/hvkz9m8d82f8zi/4v8MYv/L/PHLP7b5Y9Z/LfPH7P475A/ZvHfMX/M4v+r/DGL/6/zxyz+v8kfs/jvlD9m8d85f8zi/9v8MYv/7/LHLP675I9Z/H+fP2bx3zV/zOK/W/6YxX/3/DGL/x/yxyz+f8wfs/jvkT9m8d8zf8ziv1f+mMX/T/ljFv8/549Z/PfOH7P475M/ZvHfN3/M4v+X/DGL/1/zxyz+++WPWfz3zx+z+P8tf8zif0D+mMX/7/ljFv8D88cs/v/IH7P4H5Q/ZvE/OH/M4n9I/pjF/1Cd/6B39XAt/ofp/N9dFv/D88cs/kfkj1n8j8wfs/gflT9m8T86f8zif0z+mMX/2Pwxi/9x+WMW/+Pzxyz+J+SPWfxPzB+z+J+UP2bxPzl/zOJ/Sv6Yxf/U/DGL/2n5Yxb/0/PHLP5n5I9Z/M/MH7P4n5U/ZvE/O3/M4n9O/pjF/9z8MYv/efljFv/z88cs/hfkj1n8/5k/ZvG/MH/M4n9R/pjF/+L8MYv/JfljFv9L88cs/pflj1n8L88fs/hf8S79h/xvjet9msX/ytY/ZvG/Kn/M4n91/pjF/5r8MYv/tfljFv/r8scs/tfnj1n8b8gfs/jfmD9m8b8pf8zif3P+mMX/lvwxi/+t+WMW/9vyxyz+t+ePWfzvyB+z+N+ZP2bxvyt/zOJ/d/6Yxf+e/DGL/735Yxb/+/LHLP73549Z/B/IH7P4P5g/ZvF/KH/M4v9w/pjF/5H8MYv/o/ljFv/H8scs/o/nj1n8n8gfs/g/mf/AaHCZxf+p/DGL/9P5Yxb/Z/LHLP7P5o9Z/J/LH7P4P58/ZvF/IX/M4v9i/pjF/6X8MYv/y/ljFv9X8sck/qMO5I9Z/Aflj1n8B+ePWfxHyh+z+A/JH7P4j5w/ZvEfJX/M4j9q/pjFf2j+mMV/tPwxi//o+WMW/zHyxyz+Y+aPWfzHyh+z+I+dP2bxHyd/zOI/bv6YxX+8/Ic39C3nLP7j549Z/D+UP2bx/3D+mMV/gvwxi/9H8scs/hPmj1n8J8ofs/h/NH/M4v+x/DGL/8fzxyz+n8gfs/h/Mn/M4j9x/pjFf5L8MYv/pPljFv9P5Y9Z/CfLH7P4T54/ZvGfIn/M4j9l/pjFf6r8MYv/p/PHLP5T549Z/D+TP2bx/2z+mMX/c/ljFv/P549Z/L+QP2bx/2L+mMV/mvwxi/+0+WMW/+nyxyz+0+ePWfxnyB+z+M+YP2bx/1L+mMV/pvwxi//M+WMW/1nyxyz+s+aPWfy/nD9m8f9K/pjF/6v5Yxb/r+WPWfxnyx+z+H89f8ziP3v+mMV/jvwxi/+c+WMW/7nyxyz+c+ePWfznyR+z+M+bP2bxny9/zOI/f/6YxX+B/DGL/zfyxyz+38wfs/gvmD9m8f9W/pjFf6H8MYv/t/PHLP7fyR+z+C+cP2bxXyR/zOK/aP6YxX+x/DGL/+L5Yxb/JfLHLP7fzR+z+C+ZP2bx/17+mMX/+/ljFv+l8scs/kvnj1n8l8kfs/gvmz9m8f9B/pjFf7n8MYv/8vljFv8f5o9Z/FfIH7P4r5g/ZvFfKX/M4r9y/pjFf5X8MYv/qvljFv/V8scs/j/KH7P4r54/ZvFfI3/M4r9m/pjFf638MYv/2vljFv918scs/j/OH7P4r5s/ZvFfL3/M4r9+/pjF/yf5Yxb/DfLHLP4/zR+z+G+YP2bx3yh/zOK/cf6Yxf9n+WMW/5/nj1n8N8kfs/hvmj9m8d8sf8ziv3n+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfy3Qf+2CIv/tmljFv9f5I9Z/H+ZP2bx3y5/zOK/ff6YxX+H1/xfeuW9Gtf7NIv/jq1/zOL/q/wxi/+v88cs/r/JH7P475Q/ZvHfOX/M4v/b/DGL/+/yxyz+u+SPWfx/nz9m8d81f8ziv1v+mMV/9/wxi/8f8scs/n/MH7P475E/ZvHfM3/M4r9X/pjF/0/vyn/k/71xvU+z+P+59Y9Z/PfOH7P475M/ZvHfN3/M4v+X/DGL/1/zxyz+++WPWfz3zx+z+P8tf8zif0D+mMX/7/ljFv8D88cs/v/IH7P4H5Q/ZvE/OH/M4n9I/pjF/9D8MYv/YfljFv/D88cs/kfkj1n8j8wfs/gflT9m8T86f8zif0z+mMX/2Pwxi/9x+WMW/+Pzxyz+J+SPWfxPzB+z+J+UP2bxPzl/zOJ/Sv6Yxf/U/DGL/2n5Yxb/0/PHLP5n5I9Z/M/MH7P4n5U/ZvE/O3/M4n9O/pjF/9z8MYv/efljFv/z88cs/hfkj1n8/5k/ZvG/MH/M4n9R/pjF/+L8MYv/JfljFv9L88cs/pflj1n8L88fs/hfkT9m8b8yf8zif1X+mMX/6vwxi/81+WMW/2vzxyz+1+WPWfyvzx+z+N+QP2bxvzF/zOJ/U/6Yxf/m/DGL/y35Yxb/W/PHLP635Y9Z/G/PH7P435E/ZvG/M3/M4n9X/pjF/+78MYv/PfljFv9788cs/vflj1n8788fs/g/kD9m8X8wf8zi/1D+mMX/4fwxi/8j+WMW/0fzxyz+j+WPWfwfzx+z+D+RP2bxfzJ/zOL/VP6Yxf/p/DGL/zP5Yxb/Z/PHLP7P5Y9Z/J/PH7P4v5A/ZvF/MX/M4v9S/pjF/+X8MYv/K/ljEv+hA/ljFv9B+WMW/8H5Yxb/kfLHLP5D8scs/iPnj1n8R8kfs/iPmj9m8R+aP2bxHy1/zOI/ev6YxX+M/DGL/5j5Yxb/sfLHLP5j549Z/MfJH7P4j5s/ZvEfL3/M4j9+/pjF/0P5Yxb/D+ePWfwnyB+z+H8kf8ziP2H+mMV/ovwxi/9H88cs/h/LH7P4fzx/zOL/ifwxi/8n88cs/hPnj1n8J8kfs/hPmj9m8f9U/pjFf7L8MYv/5PljH2D/wW/2nyJ/7APs/5b1P2X+mMV/qvwxi/+n88cs/lPnj1n8P5M/ZvH/bP6Yxf9z+WMW/8/nj1n8v5A/ZvH/Yv6YxX+a/DGL/7T5Yxb/6fLHLP7T549Z/GfIH7P4z5g/ZvH/Uv6YxX+m/DGL/8z5Yxb/WfLHLP6z5o9Z/L+cP2bx/8o7+u/+vz+u92kW/6+2/jGL/9fyxyz+s+WPWfy/nj9m8Z89f8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+M+XP2bxnz9/zOK/QP6Yxf8b+WMW/2/mj1n8F8wfs/h/K3/M4r9Q/pjF/9v5Yxb/7+SPWfwXzh+z+C+SP2bxXzR/zOK/WP6YxX/x/DGL/xL5Yxb/7+aPWfyXzB+z+H8vf8zi//38MYv/UvljFv+l88cs/svkj1n8l80fs/j/IH/M4r9c/pjFf/n8MYv/D/PHLP4r5I9Z/FfMH7P4r5Q/ZvFfOX/M4r9K/pjFf9X8MYv/avljFv8f5Y9Z/FfPH7P4r5E/ZvFfM3/M4r9W/pjFf+38MYv/OvljFv8f549Z/NfNH7P4r5c/ZvFfP3/M4v+T/LEPpv89nxnh0qEb5I99MP1f683r/6f5Yxb/DfPHLP4b5Y9Z/DfOH7P4/yx/zOL/8/wxi/8m+WMW/03zxyz+m+WPWfw3zx+z+G+RP2bx3zJ/zOK/Vf6YxX/r/DGL/zb5Yxb/bfPHLP6/yB+z+P8yf8ziv13+mMV/+/wxi/8O+WMW/x3zxyz+v8ofs/j/On/M4v+b/DGL/075Yxb/nfPHLP6/zR+z+P8uf8ziv0v+mMX/9/ljFv9d88cs/rvlj1n8d88fs/j/IX/M4v/H/DGL/x75Yxb/PfPHLP575Y9Z/P+UP2bx/3P+mMV/7/wxi/8++WMW/33zxyz+f8kfs/j/NX/M4r9f/pjFf//8MYv/3/LHLP4H5I9Z/P+eP2bxPzB/zOL/j/wxi/9B+WMW/4Pzxyz+h+SPWfwPzR+z+B+WP2bxPzx/zOJ/RP6Yxf/I/DGL/1H5Yxb/o/PHLP7H5I9Z/I/NH7P4H5c/ZvE/Pn/M4n9C/pjF/8T8MYv/SfljFv+T88cs/qfkj1n8T80fs/iflj9m8T89f8zif0b+mMX/zPwxi/9Z+WMW/7Pzxyz+5+SPWfzPzR+z+J+XP2bxPz9/zOJ/Qf6Yxf+f+WMW/wvzxyz+F+WPWfwvzh+z+F+SP2bxvzR/zOJ/Wf6Yxf/y/DGL/xX5Yxb/K/PHLP5X5Y9Z/K/OH7P4X5M/ZvG/Nn/M4n9d/pjF//r8MYv/DfljFv8b88cs/jflj1n8b84fs/jfkj9m8b81f8zif1v+mMX/9vwxi/8d+WMW/zvzxyz+d+WPWfzvzh+z+N+TP2bxvzd/zOJ/3zv5j/0fGNf7NIv//a1/zOL/QP6Yxf/B/DGL/0P5Ywb/QUMGhj6cP2bwH7b+H8kfs/g/mj9m8X8sf8zi/3j+mMX/ifwxi/+T+WMW/6fyxyz+T+ePWfyfyR+z+D+bP2bxfy5/zOL/fP6Yxf+F/DGL/4v5Yxb/l/LHLP4v549Z/F/JH5P4jzaQP2bxH5Q/ZvEfnD9m8R8pf8ziPyR/zOI/cv6YxX+U/DGL/6j5Yxb/ofljFv/R8scs/qPnj1n8x8gfs/iPmT9m8R8rf8ziP3b+mMV/nPwxi/+4+WMW//Hyxyz+4+ePWfw/lD9m8f9w/pjFf4L8MYv/R/LHLP4T5o9Z/CfKH7P4fzR/zOL/sfwxi//H88cs/p/IH7P4fzJ/zOI/cf6YxX+S/DGL/6T5Yxb/T+WPWfwnyx+z+E+eP2bxnyJ/zOI/Zf6YxX+q/DGL/6fzxyz+U+ePWfw/kz9m8f9s/pjF/3P5Yxb/z8v8p3uXt7P4f0Hm/26z+H8xf8ziP03+mMV/2oGBzd6rIb2fs/hP1/rHLP7T549Z/GfIH7P4z5g/ZvH/Uv6YxX+m/DGL/8z5Yxb/WfLHLP6z5o9Z/L+cP2bx/0r+mMX/q+/kL94wLP5fczO/bRb/2fLHLP5fzx+z+M+eP2bxnyN/zOI/Z/6YxX+u/DGL/9z5Yxb/efLHLP7z5o9Z/OfLH7P4z58/ZvFfIH/M4v+N/DGL/zfzxyz+C+aPWfy/lT9m8V8of8zi/+38MYv/d/LHLP4L549Z/BfJH7P4L5o/ZvFfLH/M4r94/pjFf4n8MYv/d/PHLP5L5o9Z/L+XP2bx/37+mMV/qfwxi//S+WMW/2Xyxyz+y+aPWfx/kD9m8V8uf8ziv3z+mMX/h/ljFv8V8scs/ivmj1n8V8ofs/ivnD9m8V8lf8ziv2r+mMV/tfwxi/+P8scs/qvnj1n818gfs/ivmT9m8V8rf8ziv3b+mMV/nfwxi/+P88cs/uvmj1n818sfs/ivnz9m8f9J/pjFf4P8MYv/T/PHLP4b5o9Z/DfKH7P4b5w/ZvH/Wf6Yxf/n+WMW/03yxyz+m+aPWfw3yx+z+G+eP2bx3yJ/zOK/Zf6YxX+r/DGL/9b5Yxb/bfLHLP7b5o9Z/H+RP2bx/2X+mMV/u/wxi//2+WMW/x3yxyz+O+aPWfx/lT9m8f91/pjF/zf5Yxb/nfLHLP47549Z/H+bP2bx/13+mMV/l/wxi//v88cs/rvmj1n8d8sfs/jvnj9m8f9D/pjF/4/5Yxb/PfLHLP575o9Z/PfKH7P4/yl/zOL/5/wxi//e+WMW/33yxyz+++aPWfz/kj9m8f9r/pjFf7/8MYv//vljFv+/5Y9Z/A/IH7P4/z1/zOJ/YP6Yxf8f+WMW/4Pyxyz+B+ePWfwPyR+z+B+aP2bxPyx/zOJ/eP6Yxf+I/DGL/5Ej+g/9D4/rfZrF/6jWP2bxPzp/zOJ/TP6Yxf/Y/DGL/3H5Yxb/4/PHLP4n5I9Z/E/MH/vg+u9x/psuHe2k/LEPrv9b1//J+WMW/1Pyxyz+p+aPWfxPyx+z+J+eP2bxPyN/zOJ/Zv6Yxf+s/DGL/9n5Yxb/c/LHLP7n5o9Z/M/LH7P4n58/ZvG/IH/M4v/P/DGL/4X5Yxb/i/LHLP4X549Z/C/JH7P4X5o/ZvG/LH/M4n95/pjF/4r8MYv/lfljFv+r8scs/lfnj1n8r8kfs/hfmz9m8b8uf8zif33+mMX/hvwxi/+N+WMW/5vyxyz+N+ePWfxvyR+z+N+aP2bxvy1/zOJ/e/6Yxf+O/DGL/535Yxb/u/LHLP53549Z/O/JH7P435s/ZvG/L3/M4n9//pjF/4H8MYv/g/ljFv+H8scs/g/nj1n8H8kfs/g/mj9m8X8sf8zi/3j+mMX/ifwxi/+T+WMW/6fyxyz+T+ePWfyfyR+z+D+bP2bxfy5/zOL/fP6Yxf+F/DGL/4v5Yxb/l/LHLP4v549Z/F/JH5P4jz6QP2bxH5Q/ZvEfnD9m8R8pf8ziPyR/zOI/cv6YxX+U/DGL/6gq/9He9S0t/kNV/u8+i/9o+WMW/9Hzxyz+Y+SPWfzHzB+z+I+VP2bxHzt/zOI/Tv6YxX/c/DGL/3j5Yxb/8fPHLP4fyh+z+H84f8ziP0H+mMX/I/ljFv8J88cs/hPlj1n8P5o/ZvH/WP6Yxf/j+WMW/0/kj1n8P5k/ZvGfOH/M4j9J/pjFf9L8MYv/p/LHLP6T5Y9Z/CfPH7P4T5E/ZvGfMn/M4j9V/pjF/9P5Yxb/qfPHLP6fyR+z+H82f8zi/7n8MYv/5/PHLP5fyB+z+H8xf8ziP03+mMV/2vwxi/90+WMW/+nzxyz+M+SPWfxnzB+z+H8pf8ziP1P+mMV/5vwxi/8s+WMW/1nzxyz+X84fs/h/JX/M4v/V/DGL/9fyxyz+s+WPWfy/nj9m8Z89f8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+M+XP2bxnz9/zOK/QP6Yxf8b+WMW/2/mj1n8F8wfs/h/K3/M4r9Q/pjF/9v5Yxb/7+SPWfwXzh+z+C+SP2bxXzR/zOK/WP6YxX/x/DGL/xL5Yxb/7+aPWfyXzB+z+H8vf8zi//38MYv/UvljFv+l88cs/svkj1n8l80fs/j/IH/M4r9c/pjFf/n8MYv/D/PHLP4r5I9Z/FfMH7P4r5Q/ZvFfOX/M4r9K/pjFf9X8MYv/avljFv8f5Y9Z/FfPH7P4r5E/ZvFfM3/M4r9W/pjFf+38MYv/OvljFv8f549Z/NfNH7P4r5c/ZvFfP3/M4v+T/DGL/wb5Yxb/n+aPWfw3zB+z+G+UP2bx3zh/zOL/s/wxi//P88cs/pvkj1n8N80fs/hvlj9m8d88f8ziv0X+mMV/y/wxi/9W+WMW/63zxyz+2+SPWfy3zR+z+P8if8zi/8v8MYv/dvljFv/t88cs/jvkj1n8d8wfs/j/Kn/M4v/r/DGL/2/yxyz+O+WPWfx3fjv/Uf9D43qfZvH/besfs/j/Ln/M4r9L/pjF//f5Yxb/XfPHLP675Y9Z/HfPH7P4/yF/zOL/x/wxi/8e+WMW/z3zxyz+e+WPWfz/lD9m8f9z/pjFf+/8MYv/PvljFv9988cs/n/JH7P4/zV/zOK/X/6YxX///DGL/9/yxyz+B+SPWfz/nj9m8T8wf8zi/4/8MYv/QfljFv+D88cs/ofkj1n8D80fs/gflj9m8T88f8zif0T+mMX/yPwxi/9R+WMW/6Pzxyz+x+SPWfyPzR+z+B+XP2bxPz5/zOJ/Qv6Yxf/EN/kPfi/G9T7N4n9S6x+z+J+cP2bxPyV/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8sbf6D3xg/c/PH7Os/wvyxyz+/8wfs/hfmD9m8b8of8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+z+F+ZP2bxvyp/zOJ/df6Yxf+a/DGL/7X5Yxb/6/LHLP7X549Z/G/IH7P435g/ZvG/KX/M4n9z/pjF/5b8MYv/rfljFv/b8scs/rfnj1n878gfs/jfmT9m8b8rf8zif3f+mMX/nvwxi/+9+WMW//vyxyz+9+ePWfwfyB+z+D+YP2bxfyh/zOL/cP6Yxf+R/DGL/6P5Yxb/x/LHLP6P549Z/J/IH7P4P5k/ZvF/Kn/M4v90/pjF/5n8MYv/s/ljFv/n8scs/s8L/Ud7F7ex+L8g9H83WfxfzB+z+L+UP2bxfzl/zOL/Sv6YxH+Mgfwxi/+g/DGL/+D8MYv/SPljFv8h+WMW/5Hzxyz+o+SPWfxHzR+z+A/NH7P4j5Y/ZvEfPX/M4j9G/pjFf8z8MYv/WPljFv+x88cs/uPkj1n8x80fs/iPlz9m8R8/f8zi/6H8MYv/h/PHLP4T5I9Z/D+SP2bxnzB/zOI/Uf6Yxf+j+WMW/4/lj1n8P54/ZvH/RP6Yxf+T+WMW/4nzxyz+k+SPWfwnzR+z+H8qf8ziP1n+mMV/8vwxi/8U+WMW/ynzxyz+U+WPWfw/nT9m8Z86f8zi/5n8MYv/Z/PHLP6fyx+z+H8+f8zi/4X8MYv/F/PHLP7T5I9Z/KfNH7P4T5c/ZvGfPn/M4j9D/pjFf8b8MYv/l/LHLP4z5Y9Z/GfOH7P4z5I/ZvGfNX/M4v/l/DGL/9xD86cs/l9t/WMW/6/lj1n8Z8sfs/h/PX/M4j97/pjFf478MYv/nPljFv+58scs/nPnj1n858kfs/jPmz9m8Z8vf8ziP3/+mMV/gfwxi/838scs/t/MH7P4L5g/ZvH/Vv6YxX+h/DGL/7fzxyz+38kfs/gvnD9m8V8kf8ziv2j+mMV/sfwxi//i+WMW/yXyxyz+380fs/gvmT9m8f9e/pjF//v5Yxb/pfLHLP5L549Z/JfJH7P4L5s/ZvH/Qf6YxX+5/DGL//L5Yxb/H+aPWfxXyB+z+K+YP2bxXyl/zOK/cv6YxX+V/DGL/6r5Yxb/1fLHLP4/yh+z+K+eP2bxXyN/zOK/Zv6YxX+t/DGL/9r5Yxb/dfLHLP4/zh+z+K+bP2bxXy9/zOK/fv6Yxf8n+WMW/w3yxyz+P80fs/hvmD9m8d8of8ziv3H+mMX/Z/ljFv+f549Z/DfJH7P4b5o/ZvHfLH/M4r95/pjFf4v8MYv/lvljFv+t8scs/lvnj1n8t8kfs/hvmz9m8f9F/pjF/5f5Yxb/7fLHLP7b549Z/HfIH7P475g/ZvH/Vf6Yxf/X+WMW/9/kj33g/N+E/Gb/nfLHPnD+b7P+d84fs/j/Nn/M4v+7/DGL/y75Yxb/3+ePWfx3zR+z+O+WP2bx3z1/zOL/h/wxi/8f88cs/nvkj1n898wfs/jvlT9m8f9T/pjF/8/5Yxb/vfPHLP775I9Z/PfNH7P4/yV/zOL/1/wxi/9++WMW//3zxyz+f8sfs/gfkD9m8f97/pjF/8D8MYv/P/LHLP4H5Y9Z/A/OH7P4H5I/ZvE/NH/M4n9Y/pjF//D8MYv/EfljFv8j88cs/kflj1n8j84fs/gfkz9m8T82f8zif1z+mMX/+Pwxi/8J+WMW/xPzx173Hxg6MPBB9j8pf8yy/k/OH7P4n5I/ZvE/NX/M4n9a/pjF//T8MYv/GfljFv8z88cs/mflj1n8z84fs/ifkz9m8T83f8zif17+mMX//Pwxi/8F+WMW/3/mj1n8L8wfs/hflD9m8b84f8zif0n+mMX/0vwxi/9l+WMW/8vzxyz+V+SPWfyvzB+z+F+VP2bxvzp/zOJ/Tf6Yxf/a/DGL/3X5Yxb/6/PHLP435I9Z/G/MH7P435Q/ZvG/OX/M4n9L/pjF/9b8MYv/bfljFv/b88cs/nfkj1n878wfs/jflT9m8b87f8zif0/+mMX/3vwxi/99+WMO/+TfLof/wBgPtBVgFv8H88cs/g/lj1n8H84fs/g/kj9m8X80f8zi/1j+mMX/8fwxi/8T+WMW/yfzxyz+T+WPWfyfzh+z+D+TP2bxfzZ/zOL/XP6Yxf/5/DGL/wv5Yxb/F/PHLP4v5Y9Z/F/OH7P4v5I/JvEfcyB/zOI/KH/M4j84f8ziP1L+mMV/SP6YxX/k/DGL/yj5Yxb/UfPHLP5D88cs/qPlj1n8R88fs/iPkT9m8R8zf8ziP1b+mMV/7Pwxi/84+WMW/3Hzxyz+4+WPWfzHzx+z+H8of8zi/+H8MYv/BPljFv+P5I9Z/CfMH7P4T5Q/ZvH/aP6Yxf9j+WMW/4/nj1n8P5E/ZvH/ZP6YxX/i/DGL/yT5Yxb/SfPHLP6fyh+z+E+WP2bxnzx/zOI/Rf6YxX/K/DGL/1T5Yxb/T+ePWfynzh+z+H8mf8zi/9n8MYv/5/LHLP6fzx+z+H8hf8zi/8X8MYv/NPljFv9p88cs/tPlj1n8p88fs/jPkD9m8Z8xf8zi/6X8MYv/TPljFv+Z88cs/rPkj1n8Z80fs/h/OX/M4v+V/DGL/1fzxyz+X8sfs/jPlj9m8f96/pjFf/b8MYv/HPljFv8588cs/nPlj1n8584fs/jPkz9m8Z83f8ziP1/+mMV//vwxi/8C+WMW/2/kj1n8v5k/ZvFfMH/M4v+t/DGL/0L5Yxb/b+ePWfy/kz9m8V84f8ziv0j+mMV/0fwxi/9i+WMW/8Xzxyz+S+SPWfy/mz9m8V8yf8zi/738MYv/9/PHLP5L5Y9Z/JfOH7P4L5M/ZvFfNn/M4v+D/DGL/3L5Yxb/5fPHLP4/zB+z+K+QP2bxX9Ho/y4esMV/JaP/u8jiv3L+mMV/lfwxi/+q+WMW/9Xyxyz+P8ofs/ivnj9m8V8jf8ziv2b+mMV/rfwxi//a+WMW/3Xyxyz+P84fs/ivmz9m8V8vf8ziv37+mMX/J/ljFv8N8scs/j/NH7P4b5g/ZvHfKH/M4r9x/pjF/2f5Yxb/n+ePWfw3yR+z+G+aP2bx3yx/zOK/ef6YxX+L/DGL/5b5Yxb/rfLHLP5b549Z/LfJH7P4b5s/ZvH/Rf6Yxf+X+WMW/+3yxyz+2+ePWfx3yB+z+O+YP2bx/1X+mMX/1/ljFv/f5I9Z/HfKH7P475w/ZvH/bf6Yxf93+WMW/13yxyz+v88fs/jvmj9m8d8tf8ziv3v+mMX/D/ljFv8/5o9Z/PfIH7P475k/ZvHfK3/M4v+n/DGL/5/zxyz+e+ePWfz3yR+z+O+bP2bx/0v+mMX/r/ljFv/98scs/vvnj1n8/5Y/ZvE/IH/M4v/3/DGL/4H5Yxb/f+SPWfwPyh+z+B+cP2bxPyR/zOJ/aP6Yxf+w/DGL/+H5Yxb/I/LHLP5H5o9Z/I/KH7P4H50/ZvE/Jn/M4n9s/pjF/7j8MYv/8fljFv8T8scs/ifmj1n8T8ofs/ifnD9m8T8lf8zif2r+mMX/tPwxi//p+WMW/zPyxyz+Z+aPWfzPyh+z+J+dP2bxPyd/zOJ/bv6Yxf+8/DGL//n5Yxb/C/LHLP7/zB+z+F+YP2bxvyh/zOJ/cf6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/K/IH7P4X5k/ZvG/Kn/M4n91/pjF/5r8MYv/tfljFv/r8scs/tfnj1n8b8gfs/jfmD9m8b8pf+yD7X/r65eOeXP+2Afb/43GvCV/zOJ/a/6Yxf+2/DGL/+35Yxb/O/LHLP535o9Z/O/KH7P4350/9gH1n3KES8e8J3/sA+r/am9e//fmj1n878sfs/jfnz9m8X8gf8zi/2D+mMX/ofwxi//D+WMW/0fyxyz+j+aPWfwfyx+z+D+eP2bxfyJ/zOL/ZP6Yxf+p/DGL/9P5Yxb/Z/LHLP7P5o9Z/J/LH7P4P58/ZvF/IX/M4v9i/pjF/6X8MYv/y/ljFv9X8sck/mMN5I9Z/Aflj1n8B+ePWfxHyh+z+A/JH7P4j5w/ZvEfJX/M4j9q/pjFf2j+mMV/tPwxi//o+WMW/zHyxyz+Y+aPWfzHyh+z+I+dP2bxHyd/zOI/bv6YxX+8/DGL//j5Yxb/D+WPWfw/nD9m8Z8gf8zi/5H8MYv/hPljFv+J8scs/h/NH7P4fyx/zOL/8fwxi/8n8scs/p/MH7P4T5w/ZvGfJH/M4j9p/pjF/1P5Yxb/yfLHLP6T549Z/KfIH7P4T5k/ZvGf6h39d/nfH9f7NIv/p1v/mMV/6vwxi/9n8scs/p/NH7P4fy5/zOL/+fwxi/8X8scs/l/MH7P4T5M/ZvGfNn/M4j9d/pjFf/r8MYv/DPljFv8Z88cs/l/KH7P4z5Q/ZvGfOX/M4j9L/thb/IdfNu57PKb/X72N/6z5Y5b1/+X8MYv/V/LHLP5fzR+z+H8tf8ziP1v+mMX/6/ljFv/Z88cs/nPkj1n858wfs/jPlT9m8Z87f8ziP0/+mMV/3vwxi/98+WMW//nzxyz+C+SPWfy/kT9m8f9m/pjFf8H8MYv/t/LHLP4L5Y9Z/L+dP2bx/07+mMV/4fwxi/8i+WMW/0Xzxyz+i+WPWfwXzx+z+C+RP2bx/27+mMV/yfwxi//38scs/t/PH7P4L5U/ZvFfOn/M4r9M/pjFf9n8MYv/D/LHLP7L5Y9Z/JfPH7P4/zB/zOK/Qv6YxX/F/DGL/0r5Yxb/lfPHLP6r5I9Z/FfNH7P4r5Y/ZvH/Uf6YxX/1/DGL/xr5Yxb/NfPHLP5r5Y9Z/NfOH7P4r5M/ZvH/cf6YxX/d/DGL/3r5Yxb/9fPHLP4/yR+z+G+QP2bx/2n+mMV/w/wxi/9G+WMW/43zxyz+P8sfs/j/PH/M4r9J/pjFf9P8MYv/ZvljFv/N88cs/lvkj1n8t8wfs/hvlT9m8d86f8ziv03+mMV/2/wxi/8v8scs/r/MH7P4b5c/ZvHfPn/M4r9D/pjFf8f8MYv/r/LHLP6/zh+z+P8mf8ziv1P+mMV/5/yxD6r/0BH8f5s/9kH1HxjB/3f5Yxb/XfLHLP6/zx+z+O+aP2bx3y1/zOK/e/6Yxf8P+WMW/z/mj1n898gfs/jvmT9m8d8rf8zi/6f8MYv/n/PHLP57549Z/PfJH7P475s/ZvH/S/6Yxf+v+WMW//3yxyz+++ePWfz/lj9m8T8gf8zi//f8MYv/gfljFv9/5I9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bxPyV/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/v/MH7P4X5g/ZvG/KH/M4n9x/pjF/5L8MYv/pfljFv/L8scs/pfnj1n8r8gfs/hfmT9m8b8qf8zif3X+mMX/mvwxi/+1+WMW/+vyxyz+1+ePWfxvyB+z+N+YP2bxvyl/zOJ/c/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/O/IH7P435k/ZvG/K3/M4n93/pjF/54R/Tf/D4/rfZrF/97WP2bxvy9/zOJ/f/6Yxf+B/DGL/4P5Yxb/h/LHLP4P549Z/B/JH7P4P5o/ZvF/LH/M4v94/pjF/4n8MYv/k/ljFv+n8scs/k/nj1n8n8kfs/g/mz9m8X8uf8zi/3z+mMX/hfwxi/+L+WMW/5fyxyz+L+ePWfxfyR+T+I89kD9m8R+UP2bxH5w/ZvEfKX/M4j8kf8ziP3L+mMV/lPwxi/+o+WMW/6H5Yxb/0fLHLP6j549Z/MfIH7P4j5k/ZvEfK3/M4j92/pjFf5z8MYv/uPljFv/x8scs/uPnj1n8P5Q/ZvH/cP6YxX+C/DGL/0fyxyz+E+aPWfwnyh+z+H80f8zi/7H8MYv/x/PHLP6fyB+z+H8yf8ziP3H+mMV/kvwxi/+k+WMW/0/lj1n8J8sfs/hPnj9m8Z8if8ziP2X+mMV/qvwxi/+n88cs/lPnj1n8P5M/ZvH/bP6Yxf9z+WMW/8/nj1n8v5A/ZvH/Yv6YxX+a/DGL/7T5Yxb/6fLHLP7T549Z/GfIH7P4z5g/ZvH/Uv6YxX+m/DGL/8z5Yxb/WfLHLP6z5o9Z/L+cP2bx/0r+mMX/q/ljFv+v5Y9Z/GfLH7P4f13tv9wYb3eNxX92tf/bZ/GfI3/M4j9n/pjFf678MYv/3PljFv958scs/vPmj1n858sfs/jPnz9m8V8gf8zi/438MYv/N/PHLP4L5o9Z/L+VP2bxXyh/zOL/7fwxi/938scs/gvnj1n8F8kfs/gvmj9m8V8sf8ziv3j+mMV/ifwxi/9388cs/kvmj1n8v5c/ZvH/fv6YxX+p/DGL/9L5Yxb/ZfLHLP7L5o9Z/H+QP2bxXy5/zOK/fP6Yxf+H+WMW/xXyxyz+K+aPWfxXyh+z+K+cP2bxXyV/zOK/av6YxX+1/DGL/4/yxyz+q+ePWfzXyB+z+K+ZP2bxXyt/zOK/dv6YxX+d/DGL/4/zxyz+6+aPWfzXyx+z+K+fP2bx/0n+mMV/g/wxi/9P88cs/hvmj1n8N8ofs/hvnD9m8f9Z/gMDA6P92yUW/5/nj1n8N8kfs/hvmj9m8d8sf8ziv3n+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfy3yR+z+G+bP2bx/0X+mMX/l/ljFv/t8scs/tvnj1n8d8gfs/jvmD9m8f9V/pjF/9f5Yxb/3+SPWfx3yh+z+O+cP2bx/23+mMX/d/ljFv9d8scs/r/PH7P475o/ZvHfLX/M4r97/pjF/w/5Yxb/P+aPWfz3yB+z+O+ZP2bx3yt/zOL/p/wxi/+f88cs/nvnj1n898kfs/jvmz9m8f9L/pjF/6/5Yxb//fLHLP77549Z/P+WP2bxPyB/zOL/9/wxi/+B+WMW/3/kj1n8D8ofs/gfnD9m8T8kf8zif2j+mMX/sPwxi//h+WMW/yPyxyz+R+aPWfyPyh+z+B+dP2bxPyZ/zOJ/bP6Yxf+4/DGL//H5Yxb/E/LHLP4n5o9Z/E/KH7P4n5w/ZvE/JX/M4n9q/pjF/7T8MYv/6fljFv8z8scs/mfmj1n8z8ofs/ifnT9m8T8nf8zif27+mMX/vPwxi//5+WMW/wvyxyz+/8wfs/hfmD9m8b8of8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+z+F+ZP2bxvyp/zOJ/df6Yxf+a/DGL/7X5Yxb/6/LHLP7X549Z/G/IH7P435g/ZvG/KX/M4n9z/pjF/5b8MYv/rfljFv/b8scs/rfnj1n878gfs/jfmT9m8b8rf8zif3f+mMX/nvwxi/+9+WMW//vyxyz+9+ePWfwfyB+z+D+YP2bxfyh/zOL/cP6Yxf+R/DGL/6P5Yxb/x/LHLP6P549Z/J/IH7P4P5k/ZvF/Kn/M4v90/pjF/5n8MYv/s/ljFv/n8scs/s/nj1n8X8gfs/i/mD9m8X8pf8zi/3L+mMX/lfwxif84A/ljFv9B+WMW/8H5Yxb/kfLHLP5D8scs/iPnj1n8R8kfs/iPmj9m8R+aP2bxHy1/zOI/ev6YxX+M/DGL/5j5Yxb/sfLHLP5j549Z/MfJH7P4j5s/ZvH//9i5/3Ct6/qO4ze/yXL2sU1d2nBozLUZiYxGLURF8fjjlIlm/kY9AgkiPyTBFNhopY5Nl7pZsImFY85WLXG4uX6taFjWbI3YWuUU18IYc7DInLHrwDkIZ2/PtfNl36/L9+PxB+fc9/F9pzyvl/ftxXVV9A9l6X+g/qEs/V+lfyhL/5/WP5Sl/8/oH8rS/yD9Q1n6H6x/KEv/Q/QPZen/s/qHsvR/tf6hLP0P1T+Upf9h+oey9H+N/qEs/X9O/1CW/sP0D2Xpf7j+oSz9f17/UJb+w/UPZel/hP6hLP2P1D+Upf9r9Q9l6T9C/1CW/r+gfyhL/6P0D2Xp/4v6h7L0f53+oSz9f0n/UJb+v6x/KEv/o/UPZen/ev1DWfqP1D+Upf8b9A9l6X+M/qEs/UfpH8rS/1j9Q1n6j9Y/lKX/r+gfytJ/jP6hLP3fqH8oS/9f1T+Upf9Y/UNZ+r9J/1CW/m/WP5Sl/6/pH8rS/y36h7L0H6d/KEv/4/QPZek/Xv9Qlv7H6x/K0v8E/UNZ+p+ofyhL/wn6h7L0P0n/UJb+J+sfytJ/ov6hLP1P0T+UpX+b/qEs/U/VP5Sl/2n6h7L0P13/UJb+Z+gfytK/Xf9Qlv5v1T+Upf/b9A9l6X+m/qEs/d+ufyhL/7P0D2XpP0n/UJb+Z+sfytL/HP1DWfq/Q/9Qlv7n6h/K0v+d+oey9D9P/1CW/ufrH8rS/wL9Q1n6X6h/KEv/i/QPZel/sf6hLP0v0T+Upf9k/UNZ+l+qfyhL/8v0D2Xpf7n+oSz9O/QPZel/hf6hLP2n6B/K0n+q/qEs/afpH8rS/136h7L0v1L/UJb+0/UPZek/Q/9Qlv5X6R/K0n+m/qEs/a/WP5Sl/yz9Q1n6z9Y/lKX/HP1DWfrP1T+Upf81+oey9J+nfyhL/3frH8rS/1r9Q1n6z9c/lKX/Av1DWfpfp38oS//36B/K0v96/UNZ+t+gfyhL/4X6h7L0X6R/KEv/xfqHsvT/df1DWfr/hv6hLP2X6B/K0v+9+oey9P9N/UNZ+r9P/1CW/u/XP5Sl/436h7L0v0n/UJb+N+sfytL/t/QPZem/VP9Qlv6/rX8oS//f0T+Upf8t+oey9L9V/1CW/r+rfyhL/w/oH8rS/zb9Q1n6365/KEv/O/QPZen/e/qHsvT/ff1DWfrfqX8oS/8P6h/K0v9D+oey9F+mfyhL/+X6h7L0/wP9Q1n6/6H+oSz979I/lKX/Cv1DWfrfrX8oS/8P6x/K0v8j+oey9F+pfyhL/3v0D2Xp/0f6h7L0X6V/KEv/P9Y/lKX/vfqHsvT/E/1DWfrfp38oS/+P6h/K0v9P9Q9l6f8x/UNZ+n9c/1CW/p/QP5Sl/5/pH8rS/5P6h7L0v1//UJb+q/UPZen/gP6hLP3/XP9Qlv5r9A9l6f+g/qEs/f9C/1CW/n+pfyhL/4f0D2Xp/1f6h7L0/5T+oSz9P61/KEv/z+gfytL/s/qHsvT/nP6hLP3/Wv9Qlv6f1z+Upf8X9A9l6b9W/1CW/l/UP5Sl/9/oH8rSf53+oSz9H9Y/lKX/l/QPZen/Zf1DWfo/on8oS/+v6B/K0v+r+oey9P9b/UNZ+j+qfyhL/6/pH8rS/+/0D2Xp/3X9Q1n6/73+oSz91+sfytL/G/qHsvTfoH8oS/9/0D+Upf8/6h/K0v+b+oey9P8n/UNZ+n9L/1CW/t/WP5Sl/3f0D2Xp/5j+oSz9/1n/UJb+j+sf6uo/YGCr9ZLu/4T+oSz736h/KEv/J/UPZen/L/qHsvT/rv6hLP3/Vf9Qlv7f0z+Upf8m/UNZ+j+lfyhL/+/rH8rSf7P+oSz9/03/UJb+W/QPZen/7/qHsvR/Wv9Qlv7/oX8oS/+t+oey9N+mfyhL///UP5Sl/w/0D2Xpv13/UJb+P9Q/lKX/M/qHsvT/kf6hLP2f1T+Upf9/6R/K0v85/UNZ+v9Y/1CW/jv0DyXp/8qW/qEs/fvpH8rSv7/+oSz9B+gfytJ/oP6hLP0H6R/K0n+w/qEs/YfoH8rSf6j+oSz9X6Z/KEv//fQPZen/cv1DWfq/Qv9Qlv776x/K0v+n9A9l6X+A/qGXXH8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/b+bMX3Dl5OnTO2b7xje+8c3ub17sfzMBAAD/157/0P9i/50AAAAAAAAAAAAAAAAAAABAXk3834m92P+MAAAAAAAAAAAAAADwk66t/fjNA/rt9dSAPR+85pGOnV9Hbz936sqVD5Tur10/Pi14yf57PtixY8eO5U+Pm9D1cEir1er8X3tl1+OhPY87X3/RsGWH7HpUxn/+jscumrT/6bNX3zrwG8tvbn9q0M5nB7UuuWLa9I439G+1yomDWtd2PjimX6tVTh7UuqXzwajOBxMHtVZ1Pjh254OXtT7T+eD1l82cfnnnE6dU/j2Dl4q29kWtAXsttrXXvw323P+iYY9P7f7ay0t2v9rAVtf+h6/+0sE9ftbtBfbf/frl+J777/M/IPCC+rb/ZzZ0f+3lJf/H+/+H121fEP3shfff/frlBPuH+gSf//faaM/P/T0+/x8evOTu++OGrrutc/9tZ997WNdTA/83n/+ff/1yYs/999/r83/n5/gJ3Z//h7Ra5aR9/O2AVNraF2/u7f2/9/0PfHWPm3577v/ur2x8Ref+73m2taTrqUF93P+E3t7/b+zx9wr0TVv7ih093v/7sP/WiOAld+9/0+r9d37+33jfZQft8bO+7P+knvsfOXfG1SPnzF9w9LQZk6d0TOm4auyoMceMHjt2zJiROz8R7Pp1H39TIIl9e/9v7dfjpl+r1bH7fu29N0/o3P+WB5d8pOupoX3c/8m9vv8f7v0fQsP7twYPbl07ee7c2cfs+rX74ahdv+76y4L99+G//484qusv6/4zw36t1iG770dcNHZI5/6vm1XWdD01uI/7n9jr/sfv/WeVQN/s4/v/5T1u9tr/cZtumNe5/yN/cODGrqf6+t//p/S6/7u8/8O+aGtv1fom2rn/Y4csPrXadWnz539Qnyb2P2zrLduqXZdT7R/q08T+Jy1986XVrstp9g/1aWL/D8y4eGm163K6/UN9mtj/c6/admi163KG/UN9mtj/o999cmW169Ju/1CfJvb/wTvbj612Xd5q/1CfJvZ/9DU/HFfturzN/qE+Tez/ipeftaradTnT/qE+Tez/1B0nHFTturzd/qE+Tey/3+LvLap2Xc6yf6hPE/t/YvLSmdWuyyT7h/o0sf9Vw0Y8U+26nG3/UJ8m9r/kqTdOrHZdzrF/qE8T+//q7cserXZd3mH/UJ8m9v+JCw5cVu26nGv/UJ8m9v+j4Q/uV+26vNP+oT5N7H/9+lX3V7su59k/1KeJ/S9fNWB4tetyvv1DfZrY/8JTpjxS7bpcYP9Qnyb2P3rMl8+vdl0utH+oTxP7P+Rz33qy2nW5yP6hPk3s/6yH5s2pdl0utn+oTxP7n3fox39c7bpcYv9Qnyb2/5aOQ6dWuy6T7R/q08T+y637ra92XS61f6hPE/s/b8uK8dWuy2X2D/VpYv9rDvjCx6pdl8vtH+rTxP63zrpqbLXr0mH/UJ8m9v+d9y58X7XrcoX9Q32a2P9tz369VLsuU+wf6tPE/jeNOu+Catdlqv1DfZrY/4rTn3642nWZZv9Qnyb2v3TNY3OrXZd32T/Up4n9r1172uPVrsuV9g/1aWL/R44YuX+16zLd/qE+Tex/5rlLPlTtusywf6hPE/s/8b7bX1vtulxl/1CfJvY/9GvjPlntusy0f6hPE/v/9Lj3f6radbna/qE+Tex/2/gjjqp2XWbZP9Snif1vuH/UHdWuy2z7h/o0sf8PPHxnxesyx/6hPk3sf9brnttS7brMtX+oTxP7f9Okc+ZXuy7X2D/Up4n9H3TXxC9Wuy7z7B/q08T+L/z298+sdl3ebf9Qnyb2f8TBlx5W7bpca/9Qnyb2P3XaupuqXZf59g/1aWL/E5ZvGF3tuiywf6hPE/s/4Ik5d1e7LtfZP9Snif1vHnDwGdWuy3vsH+rTxP7vuf6hb1a7LtfbP9Snif3fdONHO6pdlxvsH+rTxP4/u33w1mrXZaH9AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/80OHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADxwIAAAAAwvytg+jdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgKAAA//+93Olf")
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='fd/3\x00')
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0x541b, 0x0)

526.845644ms ago: executing program 6 (id=1579):
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000007, 0x2172, 0xffffffffffffffff, 0x0)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00')
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
setrlimit(0x40000000000008, &(0x7f0000000000))
preadv(r0, &(0x7f0000000040)=[{&(0x7f0000001440)=""/4106, 0x100a}], 0x1, 0x300, 0x0)

330.777845ms ago: executing program 6 (id=1580):
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000840), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x34, r0, 0x401, 0x0, 0x0, {}, [@ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0x2}, @ETHTOOL_A_CHANNELS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}]}]}, 0x34}}, 0x0)

330.444181ms ago: executing program 6 (id=1581):
r0 = syz_open_dev$sndctrl(&(0x7f0000000240), 0x2, 0x0)
ppoll(&(0x7f0000000000)=[{r0, 0x4}], 0x1, &(0x7f0000000040)={0x0, 0x3938700}, 0x0, 0x0)

200.271715ms ago: executing program 2 (id=1582):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f000000a700)=0x6, 0x4)

200.04029ms ago: executing program 5 (id=1583):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f0000000740)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000008000000060000000200000604000000010000000100000001000004d2240000002e305f302e5f"], 0x0, 0x3c, 0x0, 0x1, 0xffffffff}, 0x28)

199.806505ms ago: executing program 6 (id=1584):
syz_mount_image$ocfs2(&(0x7f00000002c0), &(0x7f0000000140)='./file1\x00', 0x8c0, &(0x7f0000000500)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c6572726f72733d72656d6f756e742d726f2c61636c2c00a9b504852143b698d2e379891a0dde7f9adfca8cc85bf8e749e04e", @ANYRES16, @ANYRESOCT, @ANYRES16], 0x11, 0x445c, &(0x7f0000004a80)="$eJzs3c9vE9kdAPA3k1ASyo+EcqBSpVoqUqu2ihJOtEFqEgIhgZSKFlT1YpzEQFonRolT9YBEekPtqVIPVQ9oV9pbTij/APsn7GWP7BlpOexlpZXQemV7HDwTezFgh2X1+Rw89vvtfGee3xwmL05U7q5u5lY3c4X1XHn59ubZ3N/Lpa21YogPSNv+Dx1c/3TnNc+TsN37Numhaxcu/fHm2RA+Xvn0WbVarYaawdDWRMv7L7+4v9x6bIozdWrttm+tV/4SQji1b1w1AyGEPycDmk7SZpLjcAjhWAghCiHcvP/vW7kejebx0+L5/IvFh7uTZxZ2Hu12/u5RCP8v/fjXd9Y+/9nA5Ge/7FH3AAAAAAAAAAAAAAAAAAC85+auX7vxh/GJ8CQKgzvR/ud155Jjp+djqz3z005D/FdPvzAAAAAAAAAAAAAAAAAAAAB8B718/j8XnWzz/P9scpzqUL/6uw4Zh3s7Tvpj/vfXZi+OTyT7v0f78s8lSc+nB8Jom33fs/u/T2fqt9//PWl04O3H3xxfs9+REMVj1Qd7+SMhjsfGQvgw2fj9dHQkLpU3K7+6Xd5aX3n7/t936fg3NstPnQXJ/vndxn8m037/9///UcietbXPt/afyrSRjn/nC/Kjf0Zdxf9Cpt5BxJ83l47/YD1tuLXAVGMCqMX/P4Ovjv9spv1+xf94CCEX1caaS80AtTVMLb3TeoW0dPwP1dNSU2fyh+x0/X+Vif/FTPud4n+i/vqDHnyD9vP/dvaHiLbS8W/EYyhV4uX1Pxp3vv6bc8alTPvv4ve/Nv5tv/9dScc/uWkbTBWp/yW7nf/nMu33K/434mScx6PUGbATNdI7/b860tLxH9qXfy5q3KU9n467Wv9dztT/1vu/Hmje/zX7rd//tdyH/CJq3P/RXjr+wx3LdXv9z2fq9Xv+n6qv/3hT6fgfqael184j9ddu47+Qab9f8a+vSoaa8X85n3x9uJH+gfVfV9Lx/2EjMW4tsV1/ra//onTcq9Xqg+z6/0qm/Xex/quNfzvub6/fF+n4H+1Yrhb/T7r4/b+aqdf/+Icwbq3/xtLxP5bJnapWq4139et/6NXxX8y00O/4/7yfjQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8B2aS40iI4rHU5zgeGwvhQvL5dDgSLRVW8kul8vLfNkOYTdJz4WR0p1ReKpTyq+vllWK+UCqVl0O4mOSfCkPRZqlcya8V7l3aa2s4ulssbFSWioVKCGEuSf9JONZsa2m1sla4F0K4vJd3Ii5v3LtbWM+vrG78dnx8fDzM741hNCr+o1JcrzR6b+SGsLBXdyRqGVw9+8reWI5Gfy1vbawXSvX0qy11SuXlQqmlzmKS998wGlU2ttaXC5VivlS+0+zvXZpKjrPz1/90/erEvvxbUeM4c7DDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOA1PZn8zf9CCIONT3EIYar5JmpX/vHT4vn8i8WHu5NnFnYe7T7rVA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Bt24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsEvHKBEDURiA34yF2nkMq5B0tgmKaGFE8AR6DA8Tj+IlvIOFha2FCGYGNO5Cmt3q+5oH+Xl5PyQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKxzeTfe37ZdRIqjr8OIl8fXt9/5dZnTMM+82D/YU0924+pmPL9ou/Ld07/8rDx67/NP+vnx9BAbZvU8/N1f/k+zeud4a69pWNe/9qt3TyLlJiL6kp+mnJtm3bsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+GYHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AsAAAAACDM3zqKvg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgVwAAAP//xmUngw==")
syz_mount_image$exfat(0x0, &(0x7f0000000300)='./bus\x00', 0x448c, 0x0, 0x0, 0x0, &(0x7f0000000300))
syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./bus/file0\x00', 0x80008, 0x0, 0x0, 0x0, &(0x7f0000000000))
rename(&(0x7f0000000000)='./bus/file0\x00', &(0x7f0000000080)='./file0\x00')

100.95957ms ago: executing program 5 (id=1585):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x16, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0xe, &(0x7f0000000000)=ANY=[], &(0x7f0000000580)='syzkaller\x00', 0x6, 0xc, &(0x7f0000000340)=""/12, 0x40f00, 0x20, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0), 0x0, 0x10, 0xfffffffe}, 0x94)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xe, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000010000000000000000000000a5000000a000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xb9)

100.753552ms ago: executing program 2 (id=1586):
r0 = syz_open_dev$video4linux(&(0x7f0000000080), 0x2, 0x0)
ioctl$VIDIOC_QUERYMENU(r0, 0xc040564a, &(0x7f0000000140)={0x0, 0x1, @value=0x100c})

51.390303ms ago: executing program 5 (id=1587):
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x5, 0xffffffff, 0xfffffffd})
open(0x0, 0x4c27e, 0x2)
setsockopt$PNPIPE_ENCAP(r0, 0x113, 0x1, &(0x7f0000000140)=0x1, 0x4)

51.138258ms ago: executing program 2 (id=1588):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000300)={0xa, 0x3, 0x8, @loopback, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_256={{0x304}, "41328ac33100", "e8582491a0c4050000000000f6542a9b6800000000000000003967d2daa45b4e", "61241765", "89b06aff130000fd"}, 0x38)
sendmsg$inet(r0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=[@ip_tos_int={{0x14, 0x0, 0x1, 0xf8ee}}, @ip_tos_int={{0x14, 0x11a, 0x1, 0x8}}], 0x30}, 0x0)

556.468µs ago: executing program 5 (id=1589):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x3, &(0x7f0000000000)=[{0x20, 0x0, 0x0, 0x5ae9}, {0x20, 0x7f, 0x4, 0xfffff010}, {0x6, 0x0, 0xfc, 0x3}]}, 0x10)
sendmmsg$inet(r0, &(0x7f0000002c40)=[{{0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f0000000a80)="2a73ed35", 0x732a}], 0x1}}], 0x400000000000292, 0x0)

0s ago: executing program 2 (id=1590):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
unshare(0x24060400)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0))
sendmsg$TIPC_NL_PEER_REMOVE(0xffffffffffffffff, 0x0, 0x81)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x400, &(0x7f0000000080)={[{@mpol={'mpol', 0x3d, {'prefer', '', @val={0x3a, [0x30]}}}}]})
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x420, &(0x7f00000000c0)={[{@mpol={'mpol', 0x3d, {'interleave', '=relative', @void}}}]})

kernel console output (not intermixed with test programs):

185][ T7881] netlink: 'syz.2.770': attribute type 3 has an invalid length.
[  143.938049][ T7821] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  143.960160][ T7821] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  143.971590][ T7821] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  143.977251][ T7821] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  144.086781][ T7821] 8021q: adding VLAN 0 to HW filter on device bond0
[  144.115213][ T7821] 8021q: adding VLAN 0 to HW filter on device team0
[  144.129100][   T54] bridge0: port 1(bridge_slave_0) entered blocking state
[  144.131934][   T54] bridge0: port 1(bridge_slave_0) entered forwarding state
[  144.155161][   T54] bridge0: port 2(bridge_slave_1) entered blocking state
[  144.158071][   T54] bridge0: port 2(bridge_slave_1) entered forwarding state
[  144.392923][ T7821] 8021q: adding VLAN 0 to HW filter on device batadv0
[  144.735644][ T7821] veth0_vlan: entered promiscuous mode
[  144.751375][ T7821] veth1_vlan: entered promiscuous mode
[  144.776569][ T7821] veth0_macvtap: entered promiscuous mode
[  144.782259][ T7821] veth1_macvtap: entered promiscuous mode
[  144.791571][ T7821] batman_adv: batadv0: Interface activated: batadv_slave_0
[  144.798047][ T7821] batman_adv: batadv0: Interface activated: batadv_slave_1
[  144.813645][   T13] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  144.819069][   T12] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  144.830834][   T12] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  144.834158][   T12] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  144.847075][ T7940] random: crng reseeded on system resumption
[  144.854111][   T24] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  144.933621][   T32] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  144.936545][   T32] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  144.975504][   T32] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  144.979157][   T32] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  145.003478][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  145.008080][   T24] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  145.024295][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.040208][   T24] usb 1-1: config 0 descriptor??
[  145.079289][ T7946] loop2: detected capacity change from 0 to 2048
[  145.094021][ T7950] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  145.293388][ T7954] Zero length message leads to an empty skb
[  145.608434][   T24] keytouch 0003:0926:3333.0006: fixing up Keytouch IEC report descriptor
[  145.621136][   T24] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0006/input/input8
[  145.651092][ T5906] Bluetooth: hci2: command tx timeout
[  145.713115][   T24] keytouch 0003:0926:3333.0006: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0
[  145.862794][ T7954] syz.2.787 (7954) used greatest stack depth: 18536 bytes left
[  146.014765][ T7958] loop2: detected capacity change from 0 to 4096
[  146.026119][ T7958] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  146.380840][ T2201] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[  146.542831][ T2201] usb 5-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[  146.545585][ T2201] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.549740][ T2201] usb 5-1: config 0 descriptor??
[  147.399064][ T7987] capability: warning: `syz.2.800' uses 32-bit capabilities (legacy support in use)
[  147.496770][ T7993] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  147.630561][   T24] usb 1-1: USB disconnect, device number 13
[  147.716253][ T7997] loop2: detected capacity change from 0 to 40427
[  147.725315][ T7997] F2FS-fs (loop2): invalid crc value
[  147.731013][ T5906] Bluetooth: hci2: command tx timeout
[  147.761762][ T7997] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  147.766009][ T7997] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  147.769136][ T2201] pegasus 5-1:0.0: can't reset MAC
[  147.772641][ T2201] pegasus 5-1:0.0: probe with driver pegasus failed with error -5
[  147.779758][ T2201] usb 5-1: USB disconnect, device number 2
[  147.789069][ T5904] syz-executor: attempt to access beyond end of device
[  147.789069][ T5904] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  147.794203][ T5904] CPU: 0 UID: 0 PID: 5904 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  147.794220][ T5904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  147.794227][ T5904] Call Trace:
[  147.794233][ T5904]  <TASK>
[  147.794238][ T5904]  dump_stack_lvl+0x189/0x250
[  147.794263][ T5904]  ? __pfx_dump_stack_lvl+0x10/0x10
[  147.794280][ T5904]  ? __pfx_queue_work_on+0x10/0x10
[  147.794294][ T5904]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  147.794314][ T5904]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  147.794343][ T5904]  f2fs_handle_critical_error+0x37c/0x540
[  147.794365][ T5904]  f2fs_write_end_io+0x886/0xb60
[  147.794423][ T5904]  __submit_merged_bio+0x27a/0x6a0
[  147.794447][ T5904]  __submit_merged_write_cond+0x255/0x530
[  147.794468][ T5904]  f2fs_write_data_pages+0x261d/0x3000
[  147.794514][ T5904]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  147.794569][ T5904]  ? __page_cache_release+0x8a6/0xbb0
[  147.794592][ T5904]  ? folios_put_refs+0x584/0x670
[  147.794618][ T5904]  ? __lock_acquire+0xab9/0xd20
[  147.794639][ T5904]  ? do_raw_spin_lock+0x121/0x290
[  147.794665][ T5904]  ? do_raw_spin_unlock+0x4d/0x240
[  147.794683][ T5904]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  147.794700][ T5904]  do_writepages+0x32e/0x550
[  147.794724][ T5904]  ? do_raw_spin_unlock+0x4d/0x240
[  147.794745][ T5904]  filemap_fdatawrite+0x199/0x240
[  147.794761][ T5904]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  147.794817][ T5904]  ? do_raw_spin_unlock+0x4d/0x240
[  147.794838][ T5904]  f2fs_sync_dirty_inodes+0x31f/0x830
[  147.794869][ T5904]  f2fs_write_checkpoint+0x93e/0x2440
[  147.794886][ T5904]  ? __lock_acquire+0xab9/0xd20
[  147.794923][ T5904]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  147.794989][ T5904]  kill_f2fs_super+0x2cc/0x6d0
[  147.795012][ T5904]  ? __pfx_kill_f2fs_super+0x10/0x10
[  147.795045][ T5904]  ? shrinker_free+0x2ce/0x3e0
[  147.795067][ T5904]  deactivate_locked_super+0xbc/0x130
[  147.795083][ T5904]  cleanup_mnt+0x425/0x4c0
[  147.795101][ T5904]  ? lockdep_hardirqs_on+0x9c/0x150
[  147.795116][ T5904]  task_work_run+0x1d4/0x260
[  147.795136][ T5904]  ? __pfx_task_work_run+0x10/0x10
[  147.795151][ T5904]  ? __x64_sys_umount+0x122/0x160
[  147.795169][ T5904]  ? exit_to_user_mode_loop+0x40/0x130
[  147.795184][ T5904]  exit_to_user_mode_loop+0xe9/0x130
[  147.795196][ T5904]  do_syscall_64+0x2bd/0xfa0
[  147.795208][ T5904]  ? lockdep_hardirqs_on+0x9c/0x150
[  147.795220][ T5904]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.795233][ T5904]  ? exc_page_fault+0xab/0x100
[  147.795248][ T5904]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.795259][ T5904] RIP: 0033:0x7f5107b902f7
[  147.795271][ T5904] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  147.795282][ T5904] RSP: 002b:00007ffc35d4bb78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  147.795297][ T5904] RAX: 0000000000000000 RBX: 00007f5107c11d7d RCX: 00007f5107b902f7
[  147.795307][ T5904] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc35d4bc30
[  147.795313][ T5904] RBP: 00007ffc35d4bc30 R08: 0000000000000000 R09: 0000000000000000
[  147.795321][ T5904] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc35d4ccc0
[  147.795329][ T5904] R13: 00007f5107c11d7d R14: 00000000000240d3 R15: 00007ffc35d4cd00
[  147.795354][ T5904]  </TASK>
[  147.795359][ T5904] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  148.246629][ T8008] loop2: detected capacity change from 0 to 32768
[  148.252879][ T8008] (syz.2.808,8008,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  148.257139][ T8008] (syz.2.808,8008,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  148.282295][ T8008] JBD2: Ignoring recovery information on journal
[  148.309162][ T8008] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  148.382512][ T5904] ocfs2: Unmounting device (7,2) on (node local)
[  148.838837][ T8044] netlink: 1 bytes leftover after parsing attributes in process `syz.2.824'.
[  148.997972][ T8052] gfs2: path_lookup on c::: returned error -2
[  149.028156][ T8053] loop0: detected capacity change from 0 to 512
[  149.096003][ T8053] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  149.100186][ T8053] ext4 filesystem being mounted at /254/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  149.182198][ T8041] loop4: detected capacity change from 0 to 32768
[  149.269401][ T8041] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  149.283456][ T5900] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.308471][ T8041] XFS (loop4): Ending clean mount
[  149.319026][ T8041] XFS (loop4): Quotacheck needed: Please wait.
[  149.363834][ T8041] XFS (loop4): Quotacheck: Done.
[  149.485810][ T7821] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  149.552555][ T8075] netlink: 16 bytes leftover after parsing attributes in process `syz.0.832'.
[  149.863173][ T5906] Bluetooth: hci2: command tx timeout
[  151.372816][ T8130] loop0: detected capacity change from 0 to 4096
[  151.437408][ T8131] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  152.031777][ T8135] netlink: 36 bytes leftover after parsing attributes in process `syz.2.846'.
[  152.131512][ T8133] loop0: detected capacity change from 0 to 40427
[  152.135301][ T8133] F2FS-fs (loop0): build fault injection rate: 14
[  152.137397][ T8133] F2FS-fs (loop0): build fault injection type: 0x3bfe8c
[  152.161157][ T8133] F2FS-fs (loop0): invalid crc value
[  152.172206][    C0] F2FS-fs (loop0): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  152.329529][ T8143] loop2: detected capacity change from 0 to 4096
[  152.345326][ T8143] ntfs3(loop2): mft corrupted
[  152.346968][ T8143] ntfs3(loop2): Failed to load $Volume (-22).
[  152.508172][    C0] F2FS-fs (loop0): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  152.571223][ T8133] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  152.574926][ T8133] F2FS-fs (loop0): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[  152.580235][ T8133] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  153.010245][ T8152] loop2: detected capacity change from 0 to 256
[  153.025107][ T8152] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d)
[  153.184625][ T8160] netlink: 'syz.2.856': attribute type 34 has an invalid length.
[  153.231359][   T10] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  153.376546][ T8168] loop2: detected capacity change from 0 to 1024
[  153.383578][ T8168] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  153.389634][ T8168] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  153.399530][ T8168] EXT4-fs (loop2): orphan cleanup on readonly fs
[  153.406100][   T10] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  153.412091][ T8168] EXT4-fs error (device loop2): ext4_free_blocks:6706: comm syz.2.860: Freeing blocks not in datazone - block = 0, count = 4096
[  153.418636][   T10] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  153.425310][   T10] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  153.428914][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  153.435028][ T8168] EXT4-fs (loop2): 1 orphan inode deleted
[  153.438570][ T8168] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  153.444084][   T10] usb 1-1: SerialNumber: syz
[  153.479952][ T5904] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.628314][ T8173] loop2: detected capacity change from 0 to 2048
[  153.788717][   T10] usb 1-1: 0:2 : does not exist
[  153.800192][   T10] usb 1-1: USB disconnect, device number 14
[  153.822769][ T5911] udevd[5911]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  154.610052][   T34] audit: type=1326 audit(1761920413.449:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8185 comm="syz.0.866" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8edf78efc9 code=0x7ffc0000
[  154.630286][   T34] audit: type=1326 audit(1761920413.449:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8185 comm="syz.0.866" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8edf78efc9 code=0x7ffc0000
[  154.649247][   T34] audit: type=1326 audit(1761920413.469:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8185 comm="syz.0.866" exe="/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f8edf78efc9 code=0x7ffc0000
[  154.663777][   T34] audit: type=1326 audit(1761920413.489:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8187 comm="syz.0.866" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f8edf7c1885 code=0x7ffc0000
[  154.673003][   T34] audit: type=1326 audit(1761920413.489:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8185 comm="syz.0.866" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8edf78efc9 code=0x7ffc0000
[  154.681623][   T34] audit: type=1326 audit(1761920413.489:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8185 comm="syz.0.866" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8edf78efc9 code=0x7ffc0000
[  154.690116][   T34] audit: type=1326 audit(1761920413.509:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8185 comm="syz.0.866" exe="/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f8edf78efc9 code=0x7ffc0000
[  154.698854][   T34] audit: type=1326 audit(1761920413.509:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8185 comm="syz.0.866" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8edf78efc9 code=0x7ffc0000
[  154.707472][   T34] audit: type=1326 audit(1761920413.509:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8185 comm="syz.0.866" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8edf78efc9 code=0x7ffc0000
[  154.716635][   T34] audit: type=1326 audit(1761920413.509:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8185 comm="syz.0.866" exe="/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8edf78efc9 code=0x7ffc0000
[  155.273711][ T8208] loop0: detected capacity change from 0 to 64
[  155.287262][ T8208] Trying to free block not in datazone
[  155.298704][ T8208] Trying to free block not in datazone
[  155.302223][ T8208] Trying to free block not in datazone
[  155.304824][ T8208] Trying to free block not in datazone
[  155.307413][ T8208] Trying to free block not in datazone
[  155.309690][ T8208] Trying to free block not in datazone
[  155.317679][ T8208] Trying to free block not in datazone
[  155.323241][ T8208] Trying to free block not in datazone
[  155.327207][ T8208] Trying to free block not in datazone
[  155.329450][ T8208] Trying to free block not in datazone
[  155.332550][ T8208] Trying to free block not in datazone
[  155.334458][ T8208] Trying to free block not in datazone
[  155.530253][ T8222] loop4: detected capacity change from 0 to 1024
[  155.659390][ T8223] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
[  155.663106][ T8223] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  156.179575][ T8233] loop4: detected capacity change from 0 to 4096
[  156.428129][ T8233] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  156.434695][ T8233] ntfs3(loop4): Failed to load $Extend (-22).
[  156.437139][ T8233] ntfs3(loop4): Failed to initialize $Extend.
[  156.904260][ T8257] netlink: 'syz.2.888': attribute type 21 has an invalid length.
[  156.907241][ T8257] IPv6: NLM_F_CREATE should be specified when creating new route
[  157.369723][ T8274] hugetlbfs: syz.4.895 (8274): Using mlock ulimits for SHM_HUGETLB is obsolete
[  158.114449][ T8295] loop2: detected capacity change from 0 to 512
[  158.132543][ T8295] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  158.139548][ T8295] EXT4-fs (loop2): orphan cleanup on readonly fs
[  158.144770][ T8295] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  158.152216][ T8295] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  158.163796][ T8295] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.902: bg 0: block 15: invalid block bitmap
[  158.172327][ T8295] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  158.175349][ T8295] EXT4-fs (loop2): 1 truncate cleaned up
[  158.177959][ T8295] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  158.196453][ T5904] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.313915][ T8304] loop2: detected capacity change from 0 to 256
[  158.326663][ T8304] exfat: Deprecated parameter 'namecase'
[  158.342888][ T8304] exfat: Deprecated parameter 'namecase'
[  158.365525][ T8304] exfat: Deprecated parameter 'namecase'
[  158.374997][ T8304] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  158.402393][ T8304] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d)
[  158.597838][ T8306] loop0: detected capacity change from 0 to 32768
[  158.616983][ T8306] ERROR: (device loop0): duplicateIXtree: 
[  158.616983][ T8306] 
[  158.621104][ T8306] ERROR: (device loop0): remounting filesystem as read-only
[  158.775014][ T5886] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  158.933372][ T5886] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  158.940058][ T5886] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  158.943966][ T5886] usb 3-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  158.947018][ T5886] usb 3-1: Product: syz
[  158.948643][ T5886] usb 3-1: SerialNumber: syz
[  158.989649][ T8317] loop4: detected capacity change from 0 to 32768
[  158.995979][ T8317] 
[  158.995979][ T8317]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  158.995979][ T8317] 
[  159.007845][ T8317] find_entry called with index = 0
[  159.010538][ T8317] read_mapping_page failed!
[  159.014012][ T8317] ERROR: (device loop4): txCommit: 
[  159.014012][ T8317] 
[  159.019005][ T8317] ERROR: (device loop4): remounting filesystem as read-only
[  159.578998][ T8340] netlink: 324 bytes leftover after parsing attributes in process `syz.4.919'.
[  159.748051][ T8342] loop0: detected capacity change from 0 to 512
[  159.751204][ T8342] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  159.757086][ T8342] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 159 vs 220 free clusters
[  159.764217][ T8342] EXT4-fs (loop0): Remounting filesystem read-only
[  159.766488][ T8342] EXT4-fs (loop0): 1 truncate cleaned up
[  159.770413][ T8342] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  159.794614][ T5900] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.827139][ T8346] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  159.865106][ T8348] netlink: 16 bytes leftover after parsing attributes in process `syz.0.926'.
[  159.868545][ T8348] netlink: 16 bytes leftover after parsing attributes in process `syz.0.926'.
[  160.377130][ T5886] cdc_ncm 3-1:1.0: MAC-Address: 42:42:42:42:42:42
[  160.379475][ T5886] cdc_ncm 3-1:1.0: dwNtbInMaxSize=1 is too small. Using 2048
[  160.383413][ T5886] cdc_ncm 3-1:1.0: setting rx_max = 2048
[  160.513789][ T5886] cdc_ncm 3-1:1.0: setting tx_max = 88
[  160.538895][ T5886] cdc_ncm 3-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.2-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  160.554945][ T5886] usb 3-1: USB disconnect, device number 12
[  160.564165][ T5886] cdc_ncm 3-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.2-1, CDC NCM (NO ZLP)
[  160.752563][ T8361] loop4: detected capacity change from 0 to 32768
[  160.756906][ T8361] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.931 (8361)
[  160.768716][ T8361] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  160.775517][ T8361] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  160.809902][ T8361] BTRFS info (device loop4): allowing degraded mounts
[  160.813609][ T8361] BTRFS info (device loop4): enabling ssd optimizations
[  160.816353][ T8361] BTRFS info (device loop4): turning on async discard
[  160.818944][ T8361] BTRFS info (device loop4): enabling free space tree
[  160.822329][ T8361] BTRFS info (device loop4): force zlib compression, level 3
[  160.986342][ T7821] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  161.171012][   T24] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  161.319157][ T8393] loop2: detected capacity change from 0 to 256
[  161.323552][   T24] usb 1-1: Using ep0 maxpacket: 8
[  161.326369][ T8393] exfat: Deprecated parameter 'utf8'
[  161.335537][   T24] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  161.338636][   T24] usb 1-1: config 179 has no interface number 0
[  161.349684][   T24] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  161.349834][ T8395] mmap: syz.4.938 (8395) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  161.362329][ T8393] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[  161.366816][   T24] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  161.372808][   T24] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  161.376988][   T24] usb 1-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  161.381261][   T24] usb 1-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  161.386255][   T24] usb 1-1: config 179 interface 65 has no altsetting 0
[  161.388877][   T24] usb 1-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  161.395417][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.463113][   T24] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input9
[  161.476666][ T8397] netlink: 16 bytes leftover after parsing attributes in process `syz.2.939'.
[  161.639298][   T24] usb 1-1: USB disconnect, device number 15
[  161.663789][ T8404] ip6erspan0: entered allmulticast mode
[  161.665612][ T8406] loop2: detected capacity change from 0 to 512
[  161.687788][ T8406] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.943: inode has both inline data and extents flags
[  161.705658][ T8406] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.943: couldn't read orphan inode 15 (err -117)
[  161.711918][ T8406] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.781626][ T5904] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.894579][ T8418] loop2: detected capacity change from 0 to 1024
[  162.707960][ T8441] loop4: detected capacity change from 0 to 512
[  162.715320][ T8441] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities
[  162.817403][   T10] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  162.821943][ T2985] hfsplus: b-tree write err: -5, ino 4
[  162.862197][ T8443] bridge0: entered promiscuous mode
[  162.864726][ T8443] macvlan2: entered allmulticast mode
[  162.866882][ T8443] bridge0: entered allmulticast mode
[  162.884379][ T8443] bridge0: port 3(macvlan2) entered blocking state
[  162.887126][ T8443] bridge0: port 3(macvlan2) entered disabled state
[  162.898865][ T8443] bridge0: left allmulticast mode
[  162.904313][ T8443] bridge0: left promiscuous mode
[  163.001142][   T10] usb 1-1: Using ep0 maxpacket: 8
[  163.011985][   T10] usb 1-1: config 0 has an invalid interface number: 50 but max is 0
[  163.014854][   T10] usb 1-1: config 0 has no interface number 0
[  163.016896][   T10] usb 1-1: New USB device found, idVendor=052b, idProduct=1803, bcdDevice=16.17
[  163.031737][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.041170][   T10] usb 1-1: config 0 descriptor??
[  163.049033][   T10] gspca_main: sunplus-2.14.0 probing 052b:1803
[  163.171204][ T8445] loop2: detected capacity change from 0 to 32768
[  163.221898][ T8451] netdevsim netdevsim4: Firmware load for '../file0/file0' refused, path contains '..' component
[  163.260877][   T10] gspca_sunplus: reg_r err -71
[  163.263331][   T10] sunplus 1-1:0.50: probe with driver sunplus failed with error -71
[  163.275755][   T10] usb 1-1: USB disconnect, device number 16
[  163.493729][ T8465] loop2: detected capacity change from 0 to 2048
[  163.513123][ T8465] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.537343][ T5904] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.198547][   T34] kauditd_printk_skb: 10 callbacks suppressed
[  164.198563][   T34] audit: type=1326 audit(1761920423.039:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8482 comm="syz.0.977" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8edf78efc9 code=0x0
[  164.513697][ T8487] loop4: detected capacity change from 0 to 1764
[  164.781287][   T33] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  164.933346][   T33] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  164.936592][   T33] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  164.940571][   T33] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  164.943996][   T33] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  164.946760][   T33] usb 5-1: SerialNumber: syz
[  165.158759][   T33] usb 5-1: 0:2 : does not exist
[  165.164362][   T33] usb 5-1: unit 48 not found!
[  165.187873][   T33] usb 5-1: USB disconnect, device number 3
[  165.227083][ T5911] udevd[5911]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  165.306415][ T8502] loop0: detected capacity change from 0 to 4096
[  165.318352][ T8502] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  165.336223][ T8502] ntfs3(loop0): ino=19, mi_enum_attr
[  165.347565][ T8502] ntfs3(loop0): failed to convert "c46c" to cp864
[  165.352926][ T8502] ntfs3(loop0): ino=20, mi_enum_attr
[  165.442490][ T8506] loop6: detected capacity change from 0 to 7
[  165.447265][ T5911] Dev loop6: unable to read RDB block 7
[  165.449142][ T5911]  loop6: unable to read partition table
[  165.451531][ T5911] loop6: partition table beyond EOD, truncated
[  165.459154][ T8506] Dev loop6: unable to read RDB block 7
[  165.461689][ T8506]  loop6: unable to read partition table
[  165.463974][ T8506] loop6: partition table beyond EOD, truncated
[  165.468861][ T8506] loop_reread_partitions: partition scan of loop6 (被x ) failed (rc=-5)
[  165.527252][ T8510] loop2: detected capacity change from 0 to 512
[  165.551299][ T8510] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  165.555406][ T8510] ext4 filesystem being mounted at /351/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  165.569586][ T8510] EXT4-fs (loop2): shut down requested (1)
[  165.595947][ T5904] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  165.648572][ T8516] loop2: detected capacity change from 0 to 512
[  165.652139][ T8516] EXT4-fs: Ignoring removed orlov option
[  165.655343][ T8516] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  165.660495][ T8516] EXT4-fs (loop2): orphan cleanup on readonly fs
[  165.669723][ T8516] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.990: bg 0: block 248: padding at end of block bitmap is not set
[  165.677112][ T8516] Quota error (device loop2): write_blk: dquota write failed
[  165.679613][ T8516] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  165.683593][ T8516] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.990: Failed to acquire dquot type 1
[  165.692369][ T8516] EXT4-fs (loop2): 1 truncate cleaned up
[  165.699964][ T8516] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  165.763486][ T8516] EXT4-fs (loop2): shut down requested (2)
[  165.782238][ T5904] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.802676][ T8522] loop4: detected capacity change from 0 to 128
[  166.043522][ T8539] loop4: detected capacity change from 0 to 128
[  166.067559][ T8539] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  166.086015][ T8539] ext4 filesystem being mounted at /67/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  166.715820][ T8554] loop2: detected capacity change from 0 to 512
[  166.719857][ T8554] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  166.741512][ T8554] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  166.744885][ T8554] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  166.748125][ T8554] System zones: 0-1, 15-15, 18-18, 34-34
[  166.750455][ T8554] EXT4-fs (loop2): orphan cleanup on readonly fs
[  166.753118][ T8554] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0
[  166.756919][ T8554] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  166.764798][ T8554] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  166.768366][ T8554] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1004: bg 0: block 40: padding at end of block bitmap is not set
[  166.774387][ T8554] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  166.778348][ T8554] EXT4-fs (loop2): 1 truncate cleaned up
[  166.782096][ T8554] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  166.790866][ T8554] EXT4-fs (loop2): shut down requested (2)
[  166.803509][ T5904] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.923967][ T7821] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  166.969587][ T8562] loop2: detected capacity change from 0 to 4096
[  166.974635][ T8556] loop0: detected capacity change from 0 to 32768
[  166.981234][ T8556] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1005 (8556)
[  167.016474][ T8556] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  167.020475][ T8556] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  167.031079][ T8566] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  167.115565][ T8556] BTRFS info (device loop0): enabling ssd optimizations
[  167.118342][ T8556] BTRFS info (device loop0): turning on async discard
[  167.130925][ T8556] BTRFS info (device loop0): enabling free space tree
[  167.133534][ T8556] BTRFS info (device loop0): use lzo compression, level 1
[  167.153023][ T8586] evm: overlay not supported
[  167.245678][ T8588] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1011'.
[  167.255514][ T5900] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  167.599006][ T8594] loop4: detected capacity change from 0 to 2048
[  167.620443][ T8594] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  167.674577][   T10] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  167.805226][ T7821] UDF-fs: error (device loop4): udf_read_inode: (ino 1317) failed !bh
[  167.813720][ T7821] UDF-fs: error (device loop4): udf_read_inode: (ino 1317) failed !bh
[  167.867231][   T10] usb 1-1: config 0 has an invalid interface number: 71 but max is 0
[  167.869871][   T10] usb 1-1: config 0 has no interface number 0
[  167.872451][   T10] usb 1-1: config 0 interface 71 altsetting 0 has an endpoint descriptor with address 0xFC, changing to 0x8C
[  167.877282][   T10] usb 1-1: config 0 interface 71 altsetting 0 bulk endpoint 0x8C has invalid maxpacket 1024
[  167.882109][   T10] usb 1-1: config 0 interface 71 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  167.905461][   T10] usb 1-1: New USB device found, idVendor=0bfd, idProduct=0012, bcdDevice=cc.c0
[  167.908343][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.911694][   T10] usb 1-1: Product: syz
[  167.912960][   T10] usb 1-1: Manufacturer: syz
[  167.914476][   T10] usb 1-1: SerialNumber: syz
[  167.925558][   T10] usb 1-1: config 0 descriptor??
[  167.928477][ T8592] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  167.944267][   T10] kvaser_usb 1-1:0.71: error -ENODEV: Cannot get usb endpoint(s)
[  168.184360][   T10] usb 1-1: USB disconnect, device number 17
[  168.206924][   T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.328232][   T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.399346][   T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.485043][   T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.605914][   T56] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  168.609864][   T56] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  168.613370][   T56] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  168.619012][   T56] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  168.622361][   T56] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  168.688979][   T12] bridge_slave_1: left allmulticast mode
[  168.692193][   T12] bridge_slave_1: left promiscuous mode
[  168.694528][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.700507][   T12] bridge_slave_0: left allmulticast mode
[  168.703890][   T12] bridge_slave_0: left promiscuous mode
[  168.706272][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  169.030807][ T2201] usb 1-1: new full-speed USB device number 18 using dummy_hcd
[  169.062070][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  169.067944][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  169.073632][   T12] bond0 (unregistering): Released all slaves
[  169.223896][ T2201] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  169.227203][ T2201] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.236814][ T8611] loop2: detected capacity change from 0 to 2048
[  169.237893][ T2201] usb 1-1: config 0 descriptor??
[  169.256596][ T2201] cp210x 1-1:0.0: cp210x converter detected
[  169.264389][ T8613] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  169.287730][ T8611] NILFS error (device loop2): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=1024, inode=0, rec_len=0, name_len=0
[  169.308963][ T8611] Remounting filesystem read-only
[  169.325559][ T8611] NILFS error (device loop2): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=1024, inode=0, rec_len=0, name_len=0
[  169.446712][ T8596] chnl_net:caif_netlink_parms(): no params data found
[  169.530990][   T12] hsr_slave_0: left promiscuous mode
[  169.546531][   T12] hsr_slave_1: left promiscuous mode
[  169.548853][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  169.551757][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  169.555867][ T8625] loop2: detected capacity change from 0 to 1764
[  169.561622][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  169.564211][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  169.596915][   T12] veth1_macvtap: left promiscuous mode
[  169.598730][   T12] veth0_macvtap: left promiscuous mode
[  169.600631][   T12] veth1_vlan: left promiscuous mode
[  169.603230][   T12] veth0_vlan: left promiscuous mode
[  169.673255][ T2201] usb 1-1: cp210x converter now attached to ttyUSB0
[  169.875875][ T2201] usb 1-1: USB disconnect, device number 18
[  169.883480][ T2201] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  169.917364][ T2201] cp210x 1-1:0.0: device disconnected
[  169.945260][   T12] team0 (unregistering): Port device team_slave_1 removed
[  169.974924][   T12] team0 (unregistering): Port device team_slave_0 removed
[  170.372799][ T8596] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.376023][ T8596] bridge0: port 1(bridge_slave_0) entered disabled state
[  170.379268][ T8596] bridge_slave_0: entered allmulticast mode
[  170.396245][ T8596] bridge_slave_0: entered promiscuous mode
[  170.402641][ T8596] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.405492][ T8596] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.408353][ T8596] bridge_slave_1: entered allmulticast mode
[  170.429403][ T8596] bridge_slave_1: entered promiscuous mode
[  170.485630][ T8596] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  170.502499][ T8596] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  170.601011][ T8596] team0: Port device team_slave_0 added
[  170.605391][ T8596] team0: Port device team_slave_1 added
[  170.693560][ T8596] batman_adv: batadv0: Adding interface: batadv_slave_0
[  170.701757][   T56] Bluetooth: hci2: command tx timeout
[  170.706081][ T8596] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  170.717238][ T8596] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  170.723748][ T8596] batman_adv: batadv0: Adding interface: batadv_slave_1
[  170.727182][ T8596] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  170.737415][ T8596] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  170.828016][ T8636] loop2: detected capacity change from 0 to 32768
[  170.878630][ T8636] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  170.901932][ T8596] hsr_slave_0: entered promiscuous mode
[  170.920075][ T8596] hsr_slave_1: entered promiscuous mode
[  170.933649][ T8596] debugfs: 'hsr0' already exists in 'hsr'
[  170.945809][ T8596] Cannot create hsr debugfs directory
[  170.978337][ T8636] XFS (loop2): Ending clean mount
[  170.997222][ T8636] XFS (loop2): Quotacheck needed: Please wait.
[  171.041662][ T8636] XFS (loop2): Quotacheck: Done.
[  171.098416][ T5904] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  171.324536][ T8596] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  171.337144][ T8596] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  171.371673][ T8596] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  171.381478][ T8596] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  171.483072][ T8596] 8021q: adding VLAN 0 to HW filter on device bond0
[  171.493794][ T8596] 8021q: adding VLAN 0 to HW filter on device team0
[  171.512299][ T4273] bridge0: port 1(bridge_slave_0) entered blocking state
[  171.514522][ T4273] bridge0: port 1(bridge_slave_0) entered forwarding state
[  171.519560][ T4273] bridge0: port 2(bridge_slave_1) entered blocking state
[  171.522242][ T4273] bridge0: port 2(bridge_slave_1) entered forwarding state
[  171.569877][ T8596] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  171.573982][ T8696] loop0: detected capacity change from 0 to 4096
[  171.576521][ T8596] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  171.776076][ T8699] loop2: detected capacity change from 0 to 2048
[  171.783422][ T8699] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  171.799351][ T8700] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  171.812663][ T8702] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  172.168941][ T8596] 8021q: adding VLAN 0 to HW filter on device batadv0
[  172.783224][   T56] Bluetooth: hci2: command tx timeout
[  172.974939][ T8596] veth0_vlan: entered promiscuous mode
[  172.988640][ T8721] loop2: detected capacity change from 0 to 1024
[  173.006690][ T8596] veth1_vlan: entered promiscuous mode
[  173.025536][ T8721] hfsplus: Unknown parameter 'decomd'
[  173.146128][ T8722] loop2: detected capacity change from 0 to 256
[  173.181024][ T8722] exfat: Deprecated parameter 'namecase'
[  173.231677][ T8722] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  173.786748][ T8596] veth0_macvtap: entered promiscuous mode
[  173.790447][ T8596] veth1_macvtap: entered promiscuous mode
[  173.800163][ T8596] batman_adv: batadv0: Interface activated: batadv_slave_0
[  173.806151][ T8596] batman_adv: batadv0: Interface activated: batadv_slave_1
[  173.821413][ T5914] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  173.825114][   T12] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  173.828746][   T12] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  173.857527][   T12] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  173.965617][   T54] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  173.968604][   T54] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  174.018744][   T32] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  174.021978][   T32] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  174.037423][ T8741] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1052'.
[  174.851342][   T56] Bluetooth: hci2: command tx timeout
[  175.272044][ T8769] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1062'.
[  176.031954][ T8777] loop5: detected capacity change from 0 to 1024
[  176.114266][ T8777] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.152740][ T8777] EXT4-fs error (device loop5): ext4_xattr_inode_iget:441: inode #11: comm syz.5.1065: missing EA_INODE flag
[  176.180818][ T8777] EXT4-fs (loop5): Remounting filesystem read-only
[  176.238299][ T8596] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.528165][ T8787] loop5: detected capacity change from 0 to 512
[  176.644133][ T8771] loop0: detected capacity change from 0 to 131072
[  176.648147][ T8787] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.1069: invalid indirect mapped block 4294967295 (level 1)
[  176.650317][ T8771] F2FS-fs (loop0): invalid crc value
[  176.659882][ T8787] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.1069: invalid indirect mapped block 4294967295 (level 1)
[  176.670582][ T8787] EXT4-fs (loop5): 2 truncates cleaned up
[  176.676340][ T8787] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  176.781802][ T8771] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  176.829706][ T8771] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  176.867230][ T8596] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.932053][   T56] Bluetooth: hci2: command tx timeout
[  177.008955][ T8795] tmpfs: Bad value for 'mpol'
[  177.120124][ T8797] loop5: detected capacity change from 0 to 64
[  177.505838][ T8804] @: renamed from vlan0 (while UP)
[  177.548203][ T8808] openvswitch: netlink: Actions may not be safe on all matching packets
[  177.615269][ T8812] loop2: detected capacity change from 0 to 512
[  177.624547][ T8812] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  177.640174][ T8812] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  177.652722][ T8812] EXT4-fs (loop2): 1 truncate cleaned up
[  177.655184][ T8812] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  177.781616][ T8811] loop5: detected capacity change from 0 to 32768
[  177.795951][ T8811] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  177.986244][ T8811] XFS (loop5): Ending clean mount
[  178.023635][ T8811] XFS (loop5): WARNING: Reset corrupted AGFL on AG 0. 1 blocks leaked. Please unmount and run xfs_repair.
[  178.067819][ T8596] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  178.551589][ T5904] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.581065][    T9] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[  178.699862][ T8850] af_packet: tpacket_rcv: packet too big, clamped from 39 to 4294967272. macoff=96
[  178.699905][ T8848] loop0: detected capacity change from 0 to 256
[  178.731550][ T8848] FAT-fs (loop0): Directory bread(block 64) failed
[  178.737728][ T8848] FAT-fs (loop0): Directory bread(block 65) failed
[  178.739913][ T8848] FAT-fs (loop0): Directory bread(block 66) failed
[  178.747867][ T8848] FAT-fs (loop0): Directory bread(block 67) failed
[  178.750187][ T8848] FAT-fs (loop0): Directory bread(block 68) failed
[  178.756753][ T8848] FAT-fs (loop0): Directory bread(block 69) failed
[  178.758884][ T8848] FAT-fs (loop0): Directory bread(block 70) failed
[  178.762323][ T8852] loop2: detected capacity change from 0 to 512
[  178.765344][ T8848] FAT-fs (loop0): Directory bread(block 71) failed
[  178.770505][ T8848] FAT-fs (loop0): Directory bread(block 72) failed
[  178.775507][ T8848] FAT-fs (loop0): Directory bread(block 73) failed
[  178.785293][    T9] usb 6-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config
[  178.794834][ T8852] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  178.805426][    T9] usb 6-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[  178.808978][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  178.812421][ T8852] ext4 filesystem being mounted at /390/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  178.812745][    T9] usb 6-1: Product: syz
[  178.818114][    T9] usb 6-1: Manufacturer: syz
[  178.819926][    T9] usb 6-1: SerialNumber: syz
[  178.996944][ T5904] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.047148][    T9] comedi comedi5: Wrong number of endpoints
[  179.049490][    T9] ni6501 6-1:5.0: driver 'ni6501' failed to auto-configure device.
[  179.062435][ T8864] loop0: detected capacity change from 0 to 8
[  179.067150][ T8864] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  179.068511][    T9] usb 6-1: USB disconnect, device number 2
[  179.077108][ T8864] cramfs: unsupported filesystem features
[  179.529971][ T8882] usb usb4: usbfs: process 8882 (syz.0.1100) did not claim interface 0 before use
[  179.657191][   T56] Bluetooth: hci2: command tx timeout
[  179.802455][ T8896] sctp: [Deprecated]: syz.0.1107 (pid 8896) Use of struct sctp_assoc_value in delayed_ack socket option.
[  179.802455][ T8896] Use struct sctp_sack_info instead
[  180.131306][ T5950] usb 1-1: new full-speed USB device number 19 using dummy_hcd
[  180.312100][ T5950] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  180.315051][ T5950] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  180.318838][ T5950] usb 1-1: New USB device found, idVendor=5543, idProduct=0064, bcdDevice= 0.00
[  180.321691][ T5950] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.325321][ T5950] usb 1-1: config 0 descriptor??
[  180.450866][ T5886] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  180.602548][ T5886] usb 3-1: unable to get BOS descriptor or descriptor too short
[  180.611522][ T5886] usb 3-1: config 14 has an invalid interface number: 145 but max is 0
[  180.614373][ T5886] usb 3-1: config 14 has no interface number 0
[  180.616395][ T5886] usb 3-1: config 14 interface 145 altsetting 26 has a duplicate endpoint with address 0x8A, skipping
[  180.619784][ T5886] usb 3-1: config 14 interface 145 has no altsetting 0
[  180.635356][ T5886] usb 3-1: New USB device found, idVendor=093a, idProduct=2603, bcdDevice=84.40
[  180.638898][ T5886] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  180.642265][ T5886] usb 3-1: Product: syz
[  180.643968][ T5886] usb 3-1: Manufacturer: syz
[  180.645828][ T5886] usb 3-1: SerialNumber: syz
[  180.740307][ T5950] uclogic 0003:5543:0064.0007: item fetching failed at offset 0/1
[  180.750811][ T5950] uclogic 0003:5543:0064.0007: parse failed
[  180.757336][ T5950] uclogic 0003:5543:0064.0007: probe with driver uclogic failed with error -22
[  180.869273][ T5886] gspca_main: pac7311-2.14.0 probing 093a:2603
[  180.872210][ T5886] gspca_pac7311: reg_w() failed index 0xff, value 0x01, error -71
[  180.874884][ T5886] pac7311 3-1:14.145: probe with driver pac7311 failed with error -71
[  180.882484][ T5886] usb 3-1: USB disconnect, device number 13
[  180.947836][ T5950] usb 1-1: USB disconnect, device number 19
[  181.730578][ T8939] loop2: detected capacity change from 0 to 1024
[  181.756757][ T8939] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  181.804238][ T8939] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  181.821184][ T8939] EXT4-fs (loop2): orphan cleanup on readonly fs
[  181.835682][ T8939] EXT4-fs error (device loop2): __ext4_get_inode_loc:4832: comm syz.2.1128: Invalid inode table block 0 in block_group 0
[  181.855037][ T8939] EXT4-fs (loop2): Remounting filesystem read-only
[  181.865437][ T8939] Quota error (device loop2): write_blk: dquota write failed
[  181.872926][ T8939] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  181.902767][ T8939] EXT4-fs (loop2): 1 truncate cleaned up
[  181.921758][ T8939] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  182.032955][ T5904] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.259182][   T34] audit: type=1326 audit(1761920442.099:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8966 comm="syz.2.1137" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5107b8efc9 code=0x7ffc0000
[  183.274173][   T34] audit: type=1326 audit(1761920442.109:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8966 comm="syz.2.1137" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5107b8efc9 code=0x7ffc0000
[  183.309847][   T34] audit: type=1326 audit(1761920442.149:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8966 comm="syz.2.1137" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5107b8efc9 code=0x7ffc0000
[  183.316800][   T34] audit: type=1326 audit(1761920442.159:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8966 comm="syz.2.1137" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5107b8efc9 code=0x7ffc0000
[  183.323669][   T34] audit: type=1326 audit(1761920442.159:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8966 comm="syz.2.1137" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5107b8efc9 code=0x7ffc0000
[  183.383524][   T34] audit: type=1326 audit(1761920442.209:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8966 comm="syz.2.1137" exe="/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f5107b8efc9 code=0x7ffc0000
[  183.390056][   T34] audit: type=1326 audit(1761920442.209:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8966 comm="syz.2.1137" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5107b8efc9 code=0x7ffc0000
[  183.390609][ T8967] loop2: detected capacity change from 0 to 2048
[  183.408521][   T34] audit: type=1326 audit(1761920442.209:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8966 comm="syz.2.1137" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5107b8efc9 code=0x7ffc0000
[  183.705356][ T8983] loop2: detected capacity change from 0 to 128
[  183.718577][ T8983] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  183.723345][ T8983] hpfs: filesystem error: improperly stopped
[  183.725451][ T8983] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  183.728636][ T8983] hpfs: You really don't want any checks? You are crazy...
[  183.733767][ T8983] hpfs: hpfs_map_sector(): read error
[  183.736109][ T8983] hpfs: code page support is disabled
[  183.738097][ T8983] hpfs: hpfs_map_4sectors(): unaligned read
[  183.740412][ T8983] hpfs: hpfs_map_4sectors(): unaligned read
[  183.744283][ T8983] hpfs: filesystem error: unable to find root dir
[  184.203135][ T8994] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1141'.
[  184.230806][ T5950] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  184.254342][ T8996] qnx4: unable to read the superblock
[  184.410780][ T5950] usb 3-1: Using ep0 maxpacket: 8
[  184.418830][ T8998] loop5: detected capacity change from 0 to 32768
[  184.423641][ T5950] usb 3-1: New USB device found, idVendor=12d1, idProduct=fae2, bcdDevice=70.8b
[  184.426364][ T5950] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.428766][ T5950] usb 3-1: Product: syz
[  184.430055][ T5950] usb 3-1: Manufacturer: syz
[  184.431608][ T5950] usb 3-1: SerialNumber: syz
[  184.436660][ T5950] usb 3-1: config 0 descriptor??
[  184.440507][ T5950] option 3-1:0.0: GSM modem (1-port) converter detected
[  184.443593][ T8998] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  184.454193][ T8998] XFS (loop5): Ending clean mount
[  184.457280][ T8998] XFS (loop5): Quotacheck needed: Please wait.
[  184.475689][ T8998] XFS (loop5): Quotacheck: Done.
[  184.503357][ T8596] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  184.644576][   T24] usb 3-1: USB disconnect, device number 14
[  184.648149][   T24] option 3-1:0.0: device disconnected
[  184.850796][ T5950] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  185.012546][ T5950] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  185.015809][ T5950] usb 6-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00
[  185.019049][ T5950] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.029604][ T5950] usb 6-1: config 0 descriptor??
[  185.480126][ T5950] holtek 0003:1241:5015.0008: invalid report_size 1454446681
[  185.490455][ T5950] holtek 0003:1241:5015.0008: item 0 4 1 7 parsing failed
[  185.493885][ T5950] holtek 0003:1241:5015.0008: parse failed
[  185.495731][ T5950] holtek 0003:1241:5015.0008: probe with driver holtek failed with error -22
[  185.700719][ T5950] usb 6-1: USB disconnect, device number 3
[  186.035250][ T9015] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1147'.
[  186.612471][ T5950] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  186.775407][ T5950] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  186.778876][ T5950] usb 3-1: config 0 interface 0 has no altsetting 0
[  186.801179][ T5950] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  186.804749][ T5950] usb 3-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  186.807552][ T5950] usb 3-1: Product: syz
[  186.809135][ T5950] usb 3-1: Manufacturer: syz
[  186.810968][ T5950] usb 3-1: SerialNumber: syz
[  186.814552][ T5950] usb 3-1: config 0 descriptor??
[  186.818835][ T5950] usb 3-1: selecting invalid altsetting 0
[  187.074733][ T5886] usb 3-1: USB disconnect, device number 15
[  187.424330][ T9050] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1162'.
[  187.849581][ T9056] tmpfs: Bad value for 'mpol'
[  187.864588][ T9056] loop5: detected capacity change from 0 to 64
[  188.129421][ T9059] loop2: detected capacity change from 0 to 32768
[  188.139061][ T9059] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1165 (9059)
[  188.146818][ T9059] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  188.150561][ T9059] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  188.166636][ T9059] BTRFS info (device loop2): enabling ssd optimizations
[  188.168773][ T9059] BTRFS info (device loop2): turning on async discard
[  188.171005][ T9059] BTRFS info (device loop2): enabling free space tree
[  188.199850][ T5904] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  188.445328][ T9084] loop2: detected capacity change from 0 to 1024
[  188.512886][ T9084] hfsplus: bad catalog entry type
[  188.525501][   T32] hfsplus: b-tree write err: -5, ino 4
[  189.628819][ T9106] loop2: detected capacity change from 0 to 1024
[  189.662616][ T9108] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  190.098049][ T9110] loop5: detected capacity change from 0 to 16
[  190.105821][ T9110] MTD: Attempt to mount non-MTD device "/dev/loop5"
[  191.423531][ T9128] loop5: detected capacity change from 0 to 256
[  191.608339][ T9136] netlink: 'syz.5.1192': attribute type 1 has an invalid length.
[  192.615552][ T9158] loop5: detected capacity change from 0 to 128
[  192.622648][ T9158] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  192.626426][ T9158] ext4 filesystem being mounted at /63/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  192.657092][ T8596] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  192.793379][ T9176] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  192.873930][   T24] IPVS: starting estimator thread 0...
[  192.971248][ T9184] IPVS: using max 79 ests per chain, 189600 per kthread
[  193.150991][ T5950] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  193.320960][ T5950] usb 3-1: Using ep0 maxpacket: 32
[  193.326366][ T5950] usb 3-1: config 0 interface 0 has no altsetting 0
[  193.341391][ T5950] usb 3-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  193.344652][ T5950] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  193.349833][ T5950] usb 3-1: Product: syz
[  193.353895][ T5950] usb 3-1: Manufacturer: syz
[  193.355786][ T5950] usb 3-1: SerialNumber: syz
[  193.364908][ T5950] usb 3-1: config 0 descriptor??
[  193.863444][ T5950] gs_usb 3-1:0.0: Configuring for 1 interfaces
[  193.957030][ T9193] loop5: detected capacity change from 0 to 4096
[  193.984802][ T9193] ntfs3(loop5): MFT: r=19, expect seq=1 instead of a48d!
[  193.987720][ T9193] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  194.273006][ T9197] random: crng reseeded on system resumption
[  194.380491][ T1359] ieee802154 phy0 wpan0: encryption failed: -22
[  194.396882][ T1359] ieee802154 phy1 wpan1: encryption failed: -22
[  194.602347][ T5950] usb 3-1: USB disconnect, device number 16
[  194.954987][ T9201] loop5: detected capacity change from 0 to 1024
[  194.974092][ T9201] hfsplus: bad catalog entry type
[  194.985781][   T27] hfsplus: b-tree write err: -5, ino 4
[  195.155060][ T9207] loop2: detected capacity change from 0 to 8
[  195.161712][ T9205] loop5: detected capacity change from 0 to 40427
[  195.165482][ T9205] F2FS-fs (loop5): invalid crc value
[  195.171625][ T9207] SQUASHFS error: lzo decompression failed, data probably corrupt
[  195.183250][ T9207] SQUASHFS error: Failed to read block 0x91: -5
[  195.185774][ T9207] SQUASHFS error: Unable to read metadata cache entry [8f]
[  195.198077][ T9205] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  195.200922][ T9207] SQUASHFS error: Unable to read inode 0x11f
[  195.201167][ T9205] F2FS-fs (loop5): Start checkpoint disabled!
[  195.213533][ T9205] F2FS-fs (loop5): f2fs_disable_checkpoint() finish, err:0
[  195.218163][ T9205] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  195.226849][ T9205] F2FS-fs (loop5): f2fs_check_nid_range: out-of-range nid=9140d02f, run fsck to fix.
[  196.172970][   T24] usb 3-1: new full-speed USB device number 17 using dummy_hcd
[  196.253909][ T9225] loop5: detected capacity change from 0 to 1024
[  196.326825][   T24] usb 3-1: config 0 has an invalid interface number: 3 but max is 0
[  196.332300][   T24] usb 3-1: config 0 has no interface number 0
[  196.334182][   T24] usb 3-1: config 0 interface 3 altsetting 0 endpoint 0x3 has invalid maxpacket 1024, setting to 64
[  196.337368][   T24] usb 3-1: config 0 interface 3 altsetting 0 endpoint 0xB has invalid maxpacket 2015, setting to 64
[  196.340483][   T24] usb 3-1: New USB device found, idVendor=06cd, idProduct=0131, bcdDevice=a1.a3
[  196.345666][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.352413][   T24] usb 3-1: config 0 descriptor??
[  196.354390][ T9221] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  196.362285][   T24] keyspan 3-1:0.3: Keyspan 4 port adapter converter detected
[  196.364715][   T24] keyspan 3-1:0.3: found no endpoint descriptor for endpoint 81
[  196.367030][   T24] keyspan 3-1:0.3: found no endpoint descriptor for endpoint 88
[  196.370390][   T24] keyspan 3-1:0.3: found no endpoint descriptor for endpoint 1
[  196.377776][   T24] usb 3-1: Keyspan 4 port adapter converter now attached to ttyUSB0
[  196.382274][   T24] keyspan 3-1:0.3: found no endpoint descriptor for endpoint 2
[  196.386535][   T24] usb 3-1: Keyspan 4 port adapter converter now attached to ttyUSB1
[  196.391534][   T24] keyspan 3-1:0.3: found no endpoint descriptor for endpoint 4
[  196.400398][   T24] usb 3-1: Keyspan 4 port adapter converter now attached to ttyUSB2
[  196.403728][   T24] keyspan 3-1:0.3: found no endpoint descriptor for endpoint 6
[  196.406950][   T24] usb 3-1: Keyspan 4 port adapter converter now attached to ttyUSB3
[  196.452760][ T5902] Bluetooth: hci0: command 0x0406 tx timeout
[  196.454646][ T5902] Bluetooth: hci1: command 0x0406 tx timeout
[  196.468241][ T9231] loop5: detected capacity change from 0 to 8
[  196.471658][ T9231] MTD: Attempt to mount non-MTD device "/dev/loop5"
[  196.870368][ T9249] team0: Port device team_slave_1 removed
[  196.953288][ T9251] loop5: detected capacity change from 0 to 1024
[  196.957579][ T9251] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  196.977590][ T9251] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.1241: Invalid block bitmap block 0 in block_group 0
[  196.987869][ T9251] EXT4-fs (loop5): Remounting filesystem read-only
[  196.990010][ T9251] __quota_error: 44 callbacks suppressed
[  196.990018][ T9251] Quota error (device loop5): write_blk: dquota write failed
[  196.994371][ T9251] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  196.997825][ T9251] EXT4-fs (loop5): 1 orphan inode deleted
[  197.000391][ T9251] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.016000][ T8596] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.098149][   T34] audit: type=1800 audit(1761920455.939:112): pid=9257 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1243" name=20019C1437B3CFFCC3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=19366 res=0 errno=0
[  197.265284][ T9259] loop5: detected capacity change from 0 to 40427
[  197.269966][ T9259] F2FS-fs (loop5): invalid crc value
[  197.298864][ T9259] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  197.302002][ T9259] F2FS-fs (loop5): Start checkpoint disabled!
[  197.306018][ T9259] F2FS-fs (loop5): f2fs_disable_checkpoint() finish, err:0
[  197.308666][ T9259] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  197.345329][   T27] kworker/u10:0: attempt to access beyond end of device
[  197.345329][   T27] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  197.355190][   T27] CPU: 1 UID: 0 PID: 27 Comm: kworker/u10:0 Not tainted syzkaller #0 PREEMPT(full) 
[  197.355208][   T27] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  197.355216][   T27] Workqueue: writeback wb_workfn (flush-7:5)
[  197.355242][   T27] Call Trace:
[  197.355247][   T27]  <TASK>
[  197.355253][   T27]  dump_stack_lvl+0x189/0x250
[  197.355274][   T27]  ? __pfx_dump_stack_lvl+0x10/0x10
[  197.355289][   T27]  ? __pfx_queue_work_on+0x10/0x10
[  197.355303][   T27]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  197.355323][   T27]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  197.355370][   T27]  f2fs_handle_critical_error+0x37c/0x540
[  197.355391][   T27]  f2fs_write_end_io+0x886/0xb60
[  197.355421][   T27]  __submit_merged_bio+0x27a/0x6a0
[  197.355440][   T27]  __submit_merged_write_cond+0x255/0x530
[  197.355466][   T27]  f2fs_write_data_pages+0x261d/0x3000
[  197.355506][   T27]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  197.355532][   T27]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  197.355570][   T27]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  197.355592][   T27]  ? trace_f2fs_writepages+0x7f/0x200
[  197.355607][   T27]  ? f2fs_write_node_pages+0x478/0x6e0
[  197.355623][   T27]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  197.355637][   T27]  ? __lock_acquire+0xab9/0xd20
[  197.355653][   T27]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  197.355668][   T27]  do_writepages+0x32e/0x550
[  197.355687][   T27]  ? reacquire_held_locks+0x127/0x1d0
[  197.355701][   T27]  ? writeback_sb_inodes+0x384/0x1010
[  197.355720][   T27]  __writeback_single_inode+0x145/0xff0
[  197.355732][   T27]  ? do_raw_spin_unlock+0x4d/0x240
[  197.355750][   T27]  writeback_sb_inodes+0x6c7/0x1010
[  197.355781][   T27]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  197.355821][   T27]  ? rcu_is_watching+0x15/0xb0
[  197.355870][   T27]  wb_writeback+0x43b/0xaf0
[  197.355889][   T27]  ? queue_io+0x3b1/0x590
[  197.355905][   T27]  ? __pfx_wb_writeback+0x10/0x10
[  197.355924][   T27]  ? _raw_spin_unlock_irq+0x23/0x50
[  197.355944][   T27]  wb_workfn+0x409/0xef0
[  197.355973][   T27]  ? __pfx_wb_workfn+0x10/0x10
[  197.355993][   T27]  ? __lock_acquire+0xab9/0xd20
[  197.356012][   T27]  ? process_scheduled_works+0x9ef/0x17b0
[  197.356027][   T27]  ? _raw_spin_unlock_irq+0x23/0x50
[  197.356041][   T27]  ? process_scheduled_works+0x9ef/0x17b0
[  197.356051][   T27]  ? process_scheduled_works+0x9ef/0x17b0
[  197.356063][   T27]  process_scheduled_works+0xae1/0x17b0
[  197.356092][   T27]  ? __pfx_process_scheduled_works+0x10/0x10
[  197.356113][   T27]  worker_thread+0x8a0/0xda0
[  197.356140][   T27]  kthread+0x711/0x8a0
[  197.356156][   T27]  ? __pfx_worker_thread+0x10/0x10
[  197.356167][   T27]  ? __pfx_kthread+0x10/0x10
[  197.356181][   T27]  ? _raw_spin_unlock_irq+0x23/0x50
[  197.356195][   T27]  ? lockdep_hardirqs_on+0x9c/0x150
[  197.356205][   T27]  ? __pfx_kthread+0x10/0x10
[  197.356219][   T27]  ret_from_fork+0x4bc/0x870
[  197.356233][   T27]  ? __pfx_ret_from_fork+0x10/0x10
[  197.356250][   T27]  ? __switch_to_asm+0x39/0x70
[  197.356259][   T27]  ? __switch_to_asm+0x33/0x70
[  197.356267][   T27]  ? __pfx_kthread+0x10/0x10
[  197.356282][   T27]  ret_from_fork_asm+0x1a/0x30
[  197.356304][   T27]  </TASK>
[  197.356400][   T27] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  198.706146][   T56] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  198.712038][   T56] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  198.716424][   T56] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  198.720511][   T56] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  198.723623][   T56] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  198.764387][ T9273] loop5: detected capacity change from 0 to 1024
[  198.807846][ T9273] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  198.842129][ T5950] usb 3-1: USB disconnect, device number 17
[  198.859285][ T5950] keyspan_4 ttyUSB0: Keyspan 4 port adapter converter now disconnected from ttyUSB0
[  198.864796][ T5950] keyspan_4 ttyUSB1: Keyspan 4 port adapter converter now disconnected from ttyUSB1
[  198.880788][ T5950] keyspan_4 ttyUSB2: Keyspan 4 port adapter converter now disconnected from ttyUSB2
[  198.889909][ T5950] keyspan_4 ttyUSB3: Keyspan 4 port adapter converter now disconnected from ttyUSB3
[  198.890121][ T8596] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.896219][ T5950] keyspan 3-1:0.3: device disconnected
[  198.972396][ T9278] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  198.988664][ T9278] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  198.996188][ T9278] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  199.009677][ T9278] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  199.017647][ T9278] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  199.019433][ T9278] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  199.043890][ T9278] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  199.054585][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.148842][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.168127][ T9270] chnl_net:caif_netlink_parms(): no params data found
[  199.246181][ T9291] overlayfs: failed to resolve './file0': -2
[  199.347175][ T9292] libceph: resolve '400' (ret=-3): failed
[  199.440302][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.461018][ T5886] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  199.470822][ T9270] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.473024][ T9270] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.475250][ T9270] bridge_slave_0: entered allmulticast mode
[  199.478171][ T9270] bridge_slave_0: entered promiscuous mode
[  199.481426][ T9270] bridge0: port 2(bridge_slave_1) entered blocking state
[  199.484419][ T9270] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.486628][ T9270] bridge_slave_1: entered allmulticast mode
[  199.489370][ T9270] bridge_slave_1: entered promiscuous mode
[  199.520842][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.535605][ T9270] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  199.539979][ T9270] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  199.559110][ T9270] team0: Port device team_slave_0 added
[  199.562337][ T9270] team0: Port device team_slave_1 added
[  199.580081][ T9270] batman_adv: batadv0: Adding interface: batadv_slave_0
[  199.582304][ T9270] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  199.590451][ T9270] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  199.596762][ T9270] batman_adv: batadv0: Adding interface: batadv_slave_1
[  199.599074][ T9270] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  199.607296][ T9270] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  199.620764][ T5886] usb 3-1: Using ep0 maxpacket: 8
[  199.635761][ T5886] usb 3-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[  199.640720][ T5886] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.643016][ T5886] usb 3-1: Product: syz
[  199.644432][ T5886] usb 3-1: Manufacturer: syz
[  199.645914][ T5886] usb 3-1: SerialNumber: syz
[  199.655349][ T5886] usb 3-1: config 0 descriptor??
[  199.658578][ T5886] gspca_main: sonixj-2.14.0 probing 0c45:613a
[  199.673323][ T9270] hsr_slave_0: entered promiscuous mode
[  199.676046][ T9270] hsr_slave_1: entered promiscuous mode
[  199.678287][ T9270] debugfs: 'hsr0' already exists in 'hsr'
[  199.680123][ T9270] Cannot create hsr debugfs directory
[  199.780531][   T12] bridge_slave_1: left allmulticast mode
[  199.783153][   T12] bridge_slave_1: left promiscuous mode
[  199.785684][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.792161][   T12] bridge_slave_0: left allmulticast mode
[  199.794500][   T12] bridge_slave_0: left promiscuous mode
[  199.797692][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.868189][ T5886] gspca_sonixj: reg_w1 err -71
[  199.870240][ T5886] sonixj 3-1:0.0: probe with driver sonixj failed with error -71
[  199.875128][ T5886] usb 3-1: USB disconnect, device number 18
[  200.189959][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  200.193816][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  200.197080][   T12] bond0 (unregistering): Released all slaves
[  200.318542][ T9305] xt_l2tp: missing protocol rule (udp|l2tpip)
[  200.365020][ T9270] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  200.474549][ T9270] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  200.552838][ T9270] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  200.590244][ T9270] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  200.759910][ T9328] sctp: [Deprecated]: syz.2.1260 (pid 9328) Use of int in maxseg socket option.
[  200.759910][ T9328] Use struct sctp_assoc_value instead
[  200.920437][   T12] hsr_slave_0: left promiscuous mode
[  200.927639][   T12] hsr_slave_1: left promiscuous mode
[  200.937538][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  200.948716][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  200.955545][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  200.960839][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  200.998182][   T12] veth1_macvtap: left promiscuous mode
[  201.005990][   T12] veth0_macvtap: left promiscuous mode
[  201.012554][ T5906] Bluetooth: hci2: command 0x0c1a tx timeout
[  201.012578][   T56] Bluetooth: hci1: command 0x0406 tx timeout
[  201.017350][   T12] veth1_vlan: left promiscuous mode
[  201.019844][   T12] veth0_vlan: left promiscuous mode
[  201.094249][   T56] Bluetooth: hci3: command 0x041b tx timeout
[  201.129354][ T9342] loop5: detected capacity change from 0 to 64
[  201.472433][   T12] team0 (unregistering): Port device team_slave_1 removed
[  201.503672][   T12] team0 (unregistering): Port device team_slave_0 removed
[  201.680972][   T33] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  201.841135][   T33] usb 3-1: Using ep0 maxpacket: 8
[  201.851037][   T33] usb 3-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2
[  201.854512][   T33] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  201.857624][   T33] usb 3-1: Product: syz
[  201.859306][   T33] usb 3-1: Manufacturer: syz
[  201.870149][ T9270] 8021q: adding VLAN 0 to HW filter on device bond0
[  201.890886][   T33] usb 3-1: SerialNumber: syz
[  201.900585][   T33] usb 3-1: config 0 descriptor??
[  201.924574][ T9270] 8021q: adding VLAN 0 to HW filter on device team0
[  201.935423][ T3562] bridge0: port 1(bridge_slave_0) entered blocking state
[  201.937649][ T3562] bridge0: port 1(bridge_slave_0) entered forwarding state
[  201.944312][ T9350] loop5: detected capacity change from 0 to 512
[  201.959297][ T9350] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  201.960375][ T3562] bridge0: port 2(bridge_slave_1) entered blocking state
[  201.964549][ T3562] bridge0: port 2(bridge_slave_1) entered forwarding state
[  201.979559][ T9350] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002]
[  201.992926][ T9350] EXT4-fs (loop5): failed to initialize system zone (-117)
[  201.995245][ T9350] EXT4-fs (loop5): mount failed
[  202.134505][   T33] gspca_main: sunplus-2.14.0 probing 04a5:3003
[  202.233909][ T9270] 8021q: adding VLAN 0 to HW filter on device batadv0
[  202.308838][ T9371] IPVS: dh: FWM 3 0x00000003 - no destination available
[  202.440288][ T9270] veth0_vlan: entered promiscuous mode
[  202.448375][ T9270] veth1_vlan: entered promiscuous mode
[  202.465806][ T9270] veth0_macvtap: entered promiscuous mode
[  202.469595][ T9270] veth1_macvtap: entered promiscuous mode
[  202.478566][ T9270] batman_adv: batadv0: Interface activated: batadv_slave_0
[  202.484541][ T9270] batman_adv: batadv0: Interface activated: batadv_slave_1
[  202.494553][   T12] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  202.500200][   T12] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  202.503668][   T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  202.515362][   T12] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  202.550929][  T793] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  202.563137][   T32] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  202.568406][   T32] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  202.585326][ T1090] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  202.588574][ T1090] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  202.636228][ T9386] loop6: detected capacity change from 0 to 128
[  202.638743][ T9386] affs: Bad value for 'setgid'
[  202.640580][ T9386] affs: Bad value for 'setgid'
[  202.710818][  T793] usb 6-1: Using ep0 maxpacket: 32
[  202.716539][  T793] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  202.720390][  T793] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0
[  202.721498][ T9387] trusted_key: encrypted_key: key user:syz not found
[  202.737514][ T9387] nfs4: Unknown parameter 'protect'
[  202.737985][  T793] usb 6-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=25.11
[  202.745850][  T793] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  202.749202][  T793] usb 6-1: Product: syz
[  202.753293][  T793] usb 6-1: Manufacturer: syz
[  202.754902][  T793] usb 6-1: SerialNumber: syz
[  202.761738][  T793] usb 6-1: config 0 descriptor??
[  202.781385][  T793] usb 6-1: no audio or video endpoints found
[  202.938213][   T33] gspca_sunplus: reg_w_riv err -71
[  202.940387][   T33] sunplus 3-1:0.0: probe with driver sunplus failed with error -71
[  202.954174][   T33] usb 3-1: USB disconnect, device number 19
[  203.066531][ T5970] usb 6-1: USB disconnect, device number 4
[  203.091210][   T56] Bluetooth: hci2: command 0x0c1a tx timeout
[  203.171017][   T56] Bluetooth: hci3: command 0x041b tx timeout
[  203.847782][ T9397] loop2: detected capacity change from 0 to 2048
[  203.864516][ T9397] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  204.004554][ T9392] loop5: detected capacity change from 0 to 32768
[  204.039446][ T9392] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  204.065667][ T9392] XFS (loop5): Ending clean mount
[  204.076549][ T9392] XFS (loop5): Quotacheck needed: Please wait.
[  204.128395][ T9392] XFS (loop5): Quotacheck: Done.
[  204.880184][ T8596] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  205.170939][   T56] Bluetooth: hci2: command 0x0c1a tx timeout
[  205.250891][   T56] Bluetooth: hci3: command 0x041b tx timeout
[  205.302778][ T9445] loop2: detected capacity change from 0 to 64
[  205.315707][ T9445] syz.2.1292: attempt to access beyond end of device
[  205.315707][ T9445] loop2: rw=0, sector=268435468, nr_sectors = 2 limit=64
[  205.322373][ T9445] Buffer I/O error on dev loop2, logical block 134217734, async page read
[  205.371788][ T9447] netlink: 'syz.2.1293': attribute type 10 has an invalid length.
[  205.377908][ T9447] batadv0: entered allmulticast mode
[  205.385934][ T9447] 8021q: adding VLAN 0 to HW filter on device batadv0
[  205.389920][ T9447] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  205.395446][ T9447] netlink: 'syz.2.1293': attribute type 10 has an invalid length.
[  205.397987][ T9447] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1293'.
[  205.401130][ T9447] batadv0: entered promiscuous mode
[  205.404599][ T9447] bond0: (slave batadv0): Releasing backup interface
[  205.408208][ T9447] bridge0: port 3(batadv0) entered blocking state
[  205.410279][ T9447] bridge0: port 3(batadv0) entered disabled state
[  205.491256][   T12] batman_adv: batadv0: IGMP Querier appeared
[  205.493982][   T12] batman_adv: batadv0: MLD Querier appeared
[  206.330901][ T5886] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  206.361055][ T2201] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  206.480949][ T5886] usb 6-1: Using ep0 maxpacket: 16
[  206.485060][ T5886] usb 6-1: config 254 has an invalid interface number: 235 but max is 0
[  206.488322][ T5886] usb 6-1: config 254 has no interface number 0
[  206.491107][ T5886] usb 6-1: config 254 interface 235 altsetting 2 bulk endpoint 0x6 has invalid maxpacket 32
[  206.495163][ T5886] usb 6-1: config 254 interface 235 has no altsetting 0
[  206.499941][ T5886] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=2b.f1
[  206.503567][ T5886] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  206.506861][ T5886] usb 6-1: Product: syz
[  206.508469][ T5886] usb 6-1: Manufacturer: syz
[  206.510326][ T5886] usb 6-1: SerialNumber: syz
[  206.512329][ T2201] usb 7-1: Using ep0 maxpacket: 8
[  206.517406][ T2201] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 7
[  206.522900][ T9472] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  206.529318][ T2201] usb 7-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  206.533523][ T2201] usb 7-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  206.536820][ T2201] usb 7-1: Product: syz
[  206.538528][ T2201] usb 7-1: Manufacturer: syz
[  206.540447][ T2201] usb 7-1: SerialNumber: syz
[  206.650824][ T5950] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  206.730865][ T9472] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  206.734761][ T5886] usbtest 6-1:254.235: Linux gadget zero
[  206.736537][ T5886] usbtest 6-1:254.235: high-speed {control in/out bulk-in bulk-out} tests (+alt)
[  206.753509][ T2201] usb 7-1: palm_os_3_probe - error -71 getting connection information
[  206.756113][ T2201] visor 7-1:1.0: probe with driver visor failed with error -71
[  206.759915][ T2201] usb 7-1: USB disconnect, device number 2
[  206.807185][ T5950] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  206.810276][ T5950] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  206.813394][ T5950] usb 3-1: Product: syz
[  206.814791][ T5950] usb 3-1: Manufacturer: syz
[  206.816265][ T5950] usb 3-1: SerialNumber: syz
[  206.822420][ T5950] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  206.852420][   T10] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  206.937635][ T2201] usb 6-1: USB disconnect, device number 5
[  207.064239][    C0] usb 3-1: ath: unknown panic pattern!
[  207.270864][ T2201] usb 3-1: USB disconnect, device number 20
[  207.340816][   T56] Bluetooth: hci3: command 0x041b tx timeout
[  207.671551][ T9487] loop5: detected capacity change from 0 to 32768
[  207.675049][ T9487] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1312 (9487)
[  207.693014][ T9487] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  207.716021][ T9487] BTRFS info (device loop5): using crc32c (crc32c-lib) checksum algorithm
[  207.794049][ T9487] BTRFS info (device loop5): enabling ssd optimizations
[  207.796516][ T9487] BTRFS info (device loop5): turning on async discard
[  207.798389][ T9487] BTRFS info (device loop5): enabling free space tree
[  207.870364][ T8596] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  207.895845][   T10] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[  207.919359][   T10] ath9k_htc: Failed to initialize the device
[  207.943157][ T2201] usb 3-1: ath9k_htc: USB layer deinitialized
[  208.820839][ T5970] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  208.980752][ T5970] usb 7-1: Using ep0 maxpacket: 16
[  208.984387][ T5970] usb 7-1: unable to get BOS descriptor or descriptor too short
[  208.987612][ T5970] usb 7-1: config 8 has an invalid interface number: 223 but max is 0
[  208.990070][ T5970] usb 7-1: config 8 has no interface number 0
[  208.992308][ T5970] usb 7-1: config 8 interface 223 has no altsetting 0
[  208.996198][ T5970] usb 7-1: New USB device found, idVendor=2040, idProduct=7501, bcdDevice=3f.ac
[  208.998891][ T5970] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  209.001322][ T5970] usb 7-1: Product: syz
[  209.002900][ T5970] usb 7-1: Manufacturer: syz
[  209.004338][ T5970] usb 7-1: SerialNumber: syz
[  209.216396][ T5970] pvrusb2: Hardware description: WinTV HVR-1950 Model 751xx
[  209.218968][ T5970] usb 7-1: selecting invalid altsetting 0
[  209.222336][ T5970] usb 7-1: USB disconnect, device number 3
[  209.225997][ T2395] usb 7-1: Direct firmware load for v4l-pvrusb2-73xxx-01.fw failed with error -2
[  209.230389][ T2395] usb 7-1: Falling back to sysfs fallback for: v4l-pvrusb2-73xxx-01.fw
[  209.420945][   T56] Bluetooth: hci3: command 0x041b tx timeout
[  209.642094][ T9532] loop2: detected capacity change from 0 to 32768
[  209.647441][ T9532] BTRFS warning: excessive commit interval 2147483648, use with care
[  209.656533][ T9532] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1322 (9532)
[  209.666611][ T9532] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  209.671011][ T9532] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  209.686202][   T41] BTRFS warning (device loop2): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  209.696107][ T9532] BTRFS error (device loop2): failed to load root extent
[  209.698836][ T9532] BTRFS warning (device loop2): try to load backup roots slot 1
[  209.702763][   T41] BTRFS warning (device loop2): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  209.707827][ T9532] BTRFS warning (device loop2): couldn't read tree root
[  209.710552][ T9532] BTRFS warning (device loop2): try to load backup roots slot 2
[  209.721122][   T41] BTRFS error (device loop2): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  209.725152][ T9532] BTRFS warning (device loop2): couldn't read tree root
[  209.731323][ T9532] BTRFS warning (device loop2): try to load backup roots slot 3
[  209.761473][ T9532] BTRFS info (device loop2): checking UUID tree
[  209.766147][ T9532] BTRFS info (device loop2): setting nodatasum
[  209.768318][ T9532] BTRFS info (device loop2): setting nodatacow
[  209.770602][ T9532] BTRFS info (device loop2): enabling ssd optimizations
[  209.776084][ T9551] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  209.779365][ T9551] IPv6: NLM_F_CREATE should be set when creating new route
[  209.791465][ T9532] BTRFS info (device loop2): turning on flush-on-commit
[  209.794345][ T9532] BTRFS info (device loop2): turning on async discard
[  209.796982][ T9532] BTRFS info (device loop2): enabling free space tree
[  209.804484][ T9532] BTRFS info (device loop2): enabling auto defrag
[  209.811325][ T9532] BTRFS info (device loop2): trying to use backup root at mount time
[  209.834454][ T9553] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[  209.862464][   T34] audit: type=1800 audit(1761920468.709:113): pid=9532 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1322" name="file2" dev="loop2" ino=257 res=0 errno=0
[  209.926951][ T5904] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  210.335347][ T9559] loop2: detected capacity change from 0 to 65536
[  210.375250][ T9559] XFS (loop2): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  210.386090][ T9559] XFS (loop2): Ending clean mount
[  210.390481][ T9559] XFS (loop2): Quotacheck needed: Please wait.
[  210.401436][  T141] XFS (loop2): Metadata CRC error detected at xfs_agfl_read_verify+0x126/0x1f0, xfs_agfl block 0x3 
[  210.405927][  T141] XFS (loop2): Unmount and run xfs_repair
[  210.408319][  T141] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  210.411441][  T141] 00000000: 58 41 46 4c 00 00 00 00 d6 f6 9d bd 8c 5d 46 be  XAFL.........]F.
[  210.414813][  T141] 00000010: b8 8e 92 c0 ae 88 ce b2 00 00 00 00 00 00 00 00  ................
[  210.418247][  T141] 00000020: 35 fc 5c 25 ff 00 ff ff 00 00 00 05 00 00 00 06  5.\%............
[  210.421621][  T141] 00000030: 00 00 00 07 00 00 00 08 ff ff ff ff ff ff ff ff  ................
[  210.424471][  T141] 00000040: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  210.427214][  T141] 00000050: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  210.429940][  T141] 00000060: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  210.433084][  T141] 00000070: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  210.436022][  T141] XFS (loop2): metadata I/O error in "xfs_alloc_read_agfl+0x202/0x410" at daddr 0x3 len 1 error 74
[  210.441226][ T9559] XFS (loop2): Quotacheck: Unsuccessful (Error -117): Disabling quotas.
[  210.458879][ T9559] overlayfs: missing 'lowerdir'
[  210.675527][ T9569] XFS (loop2): Metadata CRC error detected at xfs_agfl_read_verify+0x126/0x1f0, xfs_agfl block 0x3 
[  210.678940][ T9569] XFS (loop2): Unmount and run xfs_repair
[  210.680817][ T9569] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  210.683029][ T9569] 00000000: 58 41 46 4c 00 00 00 00 d6 f6 9d bd 8c 5d 46 be  XAFL.........]F.
[  210.685629][ T9569] 00000010: b8 8e 92 c0 ae 88 ce b2 00 00 00 00 00 00 00 00  ................
[  210.688329][ T9569] 00000020: 35 fc 5c 25 ff 00 ff ff 00 00 00 05 00 00 00 06  5.\%............
[  210.691329][ T9569] 00000030: 00 00 00 07 00 00 00 08 ff ff ff ff ff ff ff ff  ................
[  210.694236][ T9569] 00000040: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  210.696950][ T9569] 00000050: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  210.699713][ T9569] 00000060: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  210.702738][ T9569] 00000070: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  210.705425][ T9569] XFS (loop2): metadata I/O error in "xfs_alloc_read_agfl+0x202/0x410" at daddr 0x3 len 1 error 74
[  210.802321][ T9569] XFS (loop2): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x517/0x8e0 (fs/xfs/xfs_trans_buf.c:311).  Shutting down filesystem.
[  210.807613][ T9569] XFS (loop2): Please unmount the filesystem and rectify the problem(s)
[  210.943462][ T5904] XFS (loop2): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  210.954542][ T9572] loop6: detected capacity change from 0 to 32768
[  210.968245][ T9572] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1327 (9572)
[  210.994867][ T9572] BTRFS info (device loop6): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  211.016766][ T9572] BTRFS info (device loop6): using blake2b (blake2b-256-generic) checksum algorithm
[  211.224735][ T9572] BTRFS info (device loop6): enabling ssd optimizations
[  211.226829][ T9572] BTRFS info (device loop6): turning on async discard
[  211.231817][ T9572] BTRFS info (device loop6): enabling free space tree
[  211.237511][ T9594] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1330'.
[  211.286511][ T9572] BTRFS info (device loop6): setting incompat feature flag for COMPRESS_LZO (0x8)
[  211.325454][ T9270] BTRFS info (device loop6): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  211.493205][   T56] Bluetooth: hci3: command 0x041b tx timeout
[  211.544953][ T5950] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  211.727826][ T5950] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  211.735313][ T5950] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  211.746865][ T5950] usb 6-1: config 0 interface 0 has no altsetting 0
[  211.754726][ T5950] usb 6-1: New USB device found, idVendor=15c2, idProduct=0041, bcdDevice=1f.20
[  211.758519][ T5950] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  211.765743][ T5950] usb 6-1: Product: syz
[  211.767786][ T5950] usb 6-1: Manufacturer: syz
[  211.769852][ T5950] usb 6-1: SerialNumber: syz
[  211.778573][ T5950] usb 6-1: config 0 descriptor??
[  211.995034][ T5950] imon:imon_init_intf0: usb_submit_urb failed for intf0 (-90)
[  212.001030][ T5950] imon 6-1:0.0: unable to initialize intf0, err -90
[  212.003202][ T5950] imon:imon_probe: failed to initialize context!
[  212.005374][ T5950] imon 6-1:0.0: unable to register, err -19
[  212.010140][ T5950] usb 6-1: USB disconnect, device number 6
[  212.426805][ T9638] loop6: detected capacity change from 0 to 64
[  212.741911][ T5950] usb 3-1: new full-speed USB device number 21 using dummy_hcd
[  212.781094][ T5886] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  212.892867][ T5950] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  212.896961][ T5950] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[  212.900616][ T5950] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  212.904228][ T5950] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.909907][ T9640] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  212.913978][ T9640] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  212.920516][ T5950] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  212.931011][ T5886] usb 6-1: Using ep0 maxpacket: 8
[  212.937123][ T5886] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  212.949575][ T5886] usb 6-1: config 0 has no interface number 0
[  212.952745][ T5886] usb 6-1: config 0 interface 1 has no altsetting 0
[  212.962865][ T5886] usb 6-1: New USB device found, idVendor=10c4, idProduct=eac1, bcdDevice=70.2f
[  212.966683][ T5886] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  212.969797][ T5886] usb 6-1: Product: syz
[  212.976904][ T5886] usb 6-1: Manufacturer: syz
[  212.978684][ T5886] usb 6-1: SerialNumber: syz
[  212.990972][ T5886] usb 6-1: config 0 descriptor??
[  213.128048][ T2201] usb 3-1: USB disconnect, device number 21
[  213.169502][ T9660] loop6: detected capacity change from 0 to 32768
[  213.192971][ T9660] XFS (loop6): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  213.213780][ T5886] i2c-cp2615 6-1:0.1: probe with driver i2c-cp2615 failed with error -22
[  213.224880][ T9660] XFS (loop6): Ending clean mount
[  213.232316][ T9660] XFS (loop6): Quotacheck needed: Please wait.
[  213.268478][ T9660] XFS (loop6): Quotacheck: Done.
[  213.307447][ T9270] XFS (loop6): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  213.434022][ T5950] usb 6-1: USB disconnect, device number 7
[  213.979676][ T9692] netlink: 'syz.5.1358': attribute type 10 has an invalid length.
[  214.043471][ T9694] loop5: detected capacity change from 0 to 512
[  214.051322][ T9694] EXT4-fs: Ignoring removed nobh option
[  214.055474][ T9694] EXT4-fs (loop5): Test dummy encryption mode enabled
[  214.064909][ T9694] EXT4-fs error (device loop5): __ext4_iget:5443: inode #11: block 1: comm syz.5.1359: invalid block
[  214.073777][ T9694] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.1359: couldn't read orphan inode 11 (err -117)
[  214.083809][ T9694] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  214.118204][ T8596] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.183021][ T9704] loop5: detected capacity change from 0 to 1024
[  214.210082][ T9704] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  214.283610][ T9712] loop2: detected capacity change from 0 to 8
[  214.285684][ T8596] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.286999][ T9712] SQUASHFS error: zlib decompression failed, data probably corrupt
[  214.308816][ T9712] SQUASHFS error: Failed to read block 0x9b: -5
[  214.311668][ T9712] SQUASHFS error: Unable to read metadata cache entry [99]
[  214.314091][ T9712] SQUASHFS error: Unable to read inode 0x127
[  214.435831][ T9720] loop2: detected capacity change from 0 to 4096
[  214.459624][ T9720] ntfs3(loop2): ino=1a, mi_enum_attr
[  214.464787][ T9720] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  214.536298][ T9731] atomic_op ffff88801d29a198 conn xmit_atomic 0000000000000000
[  214.593291][ T9736] loop6: detected capacity change from 0 to 256
[  214.598794][ T9736] exfat: Deprecated parameter 'namecase'
[  214.600632][ T9736] exfat: Deprecated parameter 'utf8'
[  214.620272][ T9736] exfat: Deprecated parameter 'namecase'
[  214.624337][ T9736] exfat: Deprecated parameter 'utf8'
[  214.642604][ T9734] nbd0: detected capacity change from 0 to 127
[  214.662286][ T9736] exFAT-fs (loop6): failed to load upcase table (idx : 0x00012153, chksum : 0x555ffa9e, utbl_chksum : 0xe619d30d)
[  214.666855][ T9734] netlink: 64 bytes leftover after parsing attributes in process `syz.5.1377'.
[  214.672112][ T9736] exFAT-fs (loop6): start_clu is invalid cluster(0x400)
[  214.674831][   T57] block nbd0: Receive control failed (result -104)
[  214.850649][ T9759] netlink: 'syz.2.1385': attribute type 1 has an invalid length.
[  214.858108][ T9759] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1385'.
[  214.925613][ T9766] loop2: detected capacity change from 0 to 256
[  214.939594][ T9766] FAT-fs (loop2): Directory bread(block 64) failed
[  214.946810][ T9766] FAT-fs (loop2): Directory bread(block 65) failed
[  214.948897][ T9766] FAT-fs (loop2): Directory bread(block 66) failed
[  214.959483][ T9766] FAT-fs (loop2): Directory bread(block 67) failed
[  214.960805][ T5886] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  214.964591][ T9766] FAT-fs (loop2): Directory bread(block 68) failed
[  214.967421][ T9766] FAT-fs (loop2): Directory bread(block 69) failed
[  214.974370][ T9766] FAT-fs (loop2): Directory bread(block 70) failed
[  214.976969][ T9766] FAT-fs (loop2): Directory bread(block 71) failed
[  214.979604][ T9766] FAT-fs (loop2): Directory bread(block 72) failed
[  214.983487][ T9766] FAT-fs (loop2): Directory bread(block 73) failed
[  215.059705][ T9770] loop2: detected capacity change from 0 to 64
[  215.387044][ T5886] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  215.391035][ T5886] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[  215.394478][ T5886] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  215.402163][ T5886] usb 6-1: New USB device found, idVendor=8086, idProduct=0b5b, bcdDevice=e1.c5
[  215.405341][ T5886] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  215.408270][ T5886] usb 6-1: Product: syz
[  215.409926][ T5886] usb 6-1: Manufacturer: syz
[  215.412798][ T5886] usb 6-1: SerialNumber: syz
[  215.421149][ T5886] usb 6-1: config 0 descriptor??
[  215.426700][ T5886] uvcvideo 6-1:0.0: probe with driver uvcvideo failed with error -22
[  215.436480][ T9776] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1391'.
[  215.440007][ T9775] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1391'.
[  215.631106][ T5937] usb 6-1: USB disconnect, device number 8
[  215.862339][ T9797] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1401'.
[  215.866445][ T9797] netlink: 312 bytes leftover after parsing attributes in process `syz.2.1401'.
[  215.869893][ T9797] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1401'.
[  216.036398][ T9808]  nullb0: [POWERTEC] p1 p2
[  216.040167][ T9808] nullb0: p2 size 1734553390 extends beyond EOD, truncated
[  216.800827][  T793] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  216.951426][  T793] usb 6-1: Using ep0 maxpacket: 16
[  216.955025][  T793] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  216.958524][  T793] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  216.969704][  T793] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  216.973593][  T793] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  216.977439][  T793] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  216.981311][  T793] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  216.984982][  T793] usb 6-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  216.996787][  T793] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  217.001858][  T793] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  217.012783][  T793] usb 6-1: SerialNumber: syz
[  217.017117][  T793] cdc_acm 6-1:1.0: Control and data interfaces are not separated!
[  217.023693][  T793] cdc_acm 6-1:1.0: probe with driver cdc_acm failed with error -12
[  217.036107][ T9828] loop2: detected capacity change from 0 to 8
[  217.040578][ T9828] Filesystem uses "lzma" compression. This is not supported
[  217.222704][  T793] usb 6-1: USB disconnect, device number 9
[  217.441363][ T5937] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  217.590813][ T5937] usb 3-1: Using ep0 maxpacket: 32
[  217.594743][ T5937] usb 3-1: config 0 has an invalid interface number: 67 but max is 0
[  217.597093][ T5937] usb 3-1: config 0 has no interface number 0
[  217.601220][ T5937] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  217.604037][ T5937] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.606416][ T5937] usb 3-1: Product: syz
[  217.607653][ T5937] usb 3-1: Manufacturer: syz
[  217.608976][ T5937] usb 3-1: SerialNumber: syz
[  217.613269][ T5937] usb 3-1: config 0 descriptor??
[  217.618089][ T5937] smsc95xx v2.0.0
[  217.981000][ T5280] block nbd0: Connection timed out, retrying (0/1 alive)
[  217.984735][ T5280] block nbd0: Connection timed out, retrying (0/1 alive)
[  217.987579][ T5280] block nbd0: Connection timed out, retrying (0/1 alive)
[  217.990262][ T5280] block nbd0: Connection timed out, retrying (0/1 alive)
[  217.994593][   T11] block nbd0: Dead connection, failed to find a fallback
[  217.997469][   T11] block nbd0: shutting down sockets
[  217.999845][   T11] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  218.006000][   T11] Buffer I/O error on dev nbd0, logical block 2, async page read
[  218.009204][   T11] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  218.012966][   T11] Buffer I/O error on dev nbd0, logical block 1, async page read
[  218.016091][   T11] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  218.019631][   T11] Buffer I/O error on dev nbd0, logical block 0, async page read
[  218.022900][   T11] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  218.027461][   T11] Buffer I/O error on dev nbd0, logical block 3, async page read
[  218.029793][ T5937] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  218.032766][ T6349] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  218.038142][ T6349] Buffer I/O error on dev nbd0, logical block 0, async page read
[  218.040417][ T5937] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  218.041620][ T6349] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  218.048815][ T6349] Buffer I/O error on dev nbd0, logical block 1, async page read
[  218.052319][ T6349] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  218.055930][ T6349] Buffer I/O error on dev nbd0, logical block 2, async page read
[  218.056678][ T9840] loop5: detected capacity change from 0 to 32768
[  218.059098][ T6349] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  218.064624][ T6349] Buffer I/O error on dev nbd0, logical block 3, async page read
[  218.067679][ T6349] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  218.071257][ T6349] Buffer I/O error on dev nbd0, logical block 0, async page read
[  218.074456][ T6349] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  218.078036][ T6349] Buffer I/O error on dev nbd0, logical block 1, async page read
[  218.083366][ T6349] ldm_validate_partition_table(): Disk read failed.
[  218.087435][ T6349] Dev nbd0: unable to read RDB block 0
[  218.091349][ T6349]  nbd0: unable to read partition table
[  218.091938][ T9840] ocfs2: Slot 0 on device (7,5) was already allocated to this node!
[  218.100862][ T6349] ldm_validate_partition_table(): Disk read failed.
[  218.107476][ T6349] Dev nbd0: unable to read RDB block 0
[  218.109198][ T9840] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  218.111249][ T6349]  nbd0: unable to read partition table
[  218.137654][ T9840] (syz.5.1419,9840,1):ocfs2_read_blocks:239 ERROR: status = -12
[  218.140869][ T9840] (syz.5.1419,9840,1):ocfs2_xattr_block_find:2831 ERROR: status = -12
[  218.164033][ T8596] ocfs2: Unmounting device (7,5) on (node local)
[  218.457589][ T5937] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  218.462085][ T5937] smsc95xx 3-1:0.67: probe with driver smsc95xx failed with error -71
[  218.467369][ T5937] usb 3-1: USB disconnect, device number 22
[  218.488377][ T9852] loop5: detected capacity change from 0 to 512
[  219.185661][ T9873] loop2: detected capacity change from 0 to 4096
[  219.195851][ T9873] ntfs3(loop2): Primary boot: invalid index size -14.
[  219.205211][ T9873] ntfs3(loop2): try to read out of volume at offset 0x1ffe00
[  219.785208][ T9883] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1436'.
[  219.893206][ T9889] syzkaller1: entered promiscuous mode
[  219.895029][ T9889] syzkaller1: entered allmulticast mode
[  219.902806][ T9884] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  220.353461][ T9899] loop5: detected capacity change from 0 to 32768
[  220.381445][ T9899] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  220.387859][ T9914] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1448'.
[  220.398718][ T9899] XFS (loop5): Ending clean mount
[  220.405099][ T9899] XFS (loop5): Quotacheck needed: Please wait.
[  220.436459][ T9899] XFS (loop5): Quotacheck: Done.
[  220.473406][ T8596] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  220.704748][ T9919] loop2: detected capacity change from 0 to 32768
[  220.707898][ T9919] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1449 (9919)
[  220.728787][ T9919] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  220.737555][ T9919] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  220.863030][ T9919] BTRFS info (device loop2): enabling ssd optimizations
[  220.865802][ T9919] BTRFS info (device loop2): turning on async discard
[  220.868470][ T9919] BTRFS info (device loop2): enabling free space tree
[  220.920159][ T5904] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  221.057075][ T9946] loop6: detected capacity change from 0 to 4096
[  221.159897][ T9946] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[  221.215818][ T9946] ntfs3(loop6): ino=1a, mi_enum_attr
[  221.218171][ T9946] ntfs3(loop6): ino=1a, mi_enum_attr
[  221.219960][ T9946] ntfs3(loop6): Failed to initialize $Extend/$Reparse.
[  222.035956][ T9952] loop6: detected capacity change from 0 to 32768
[  222.050090][ T9952] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  222.067924][ T9952] XFS (loop6): Ending clean mount
[  222.075285][ T9952] XFS (loop6): Quotacheck needed: Please wait.
[  222.095691][ T9952] XFS (loop6): Quotacheck: Done.
[  222.132593][ T9270] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  222.291865][ T9976] loop6: detected capacity change from 0 to 256
[  222.297776][ T9976] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[  222.569452][ T2985] Bluetooth: hci4: Frame reassembly failed (-84)
[  222.610341][ T9997] loop6: detected capacity change from 0 to 512
[  222.613433][ T9997] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  222.618430][ T9997] EXT4-fs (loop6): 1 truncate cleaned up
[  222.623481][ T9997] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.659032][ T9270] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.639398][T10012] loop6: detected capacity change from 0 to 1024
[  223.666884][T10012] hfsplus: bad catalog entry type
[  223.687881][   T27] hfsplus: b-tree write err: -5, ino 4
[  223.745568][T10014] loop6: detected capacity change from 0 to 2048
[  223.758494][T10015] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  223.780598][T10015] NILFS (loop6): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  223.784202][T10015] NILFS error (device loop6): nilfs_bmap_propagate: broken bmap (inode number=4)
[  223.787257][T10015] Remounting filesystem read-only
[  223.798046][ T9270] NILFS (loop6): disposed unprocessed dirty file(s) when stopping log writer
[  223.829902][T10017] loop6: detected capacity change from 0 to 1024
[  223.889898][T10019] loop6: detected capacity change from 0 to 1024
[  223.894445][T10019] hfsplus: invalid catalog max_key_len 0
[  223.896635][T10019] hfsplus: failed to load catalog file
[  223.900869][   T56] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  224.188221][T10038] loop2: detected capacity change from 0 to 128
[  224.198035][T10038] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  224.210262][T10038] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  224.319516][T10044] loop6: detected capacity change from 0 to 64
[  224.348259][T10044] minix_free_block (loop6:1): bit already cleared
[  224.351135][T10044] minix_free_block (loop6:4): bit already cleared
[  224.353580][T10044] minix_free_block (loop6:3): bit already cleared
[  224.356051][T10044] minix_free_block (loop6:2): bit already cleared
[  224.368921][T10044] minix_free_block (loop6:1): bit already cleared
[  224.377318][T10048] loop2: detected capacity change from 0 to 164
[  224.508060][T10052] loop2: detected capacity change from 0 to 4096
[  224.537872][T10052] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  224.542973][T10052] ntfs3(loop2): ino=1a, mi_enum_attr
[  224.545632][T10052] ntfs3(loop2): ino=1a, mi_enum_attr
[  224.548147][T10052] ntfs3(loop2): Failed to initialize $Extend/$Reparse.
[  224.548219][T10054] netlink: 32 bytes leftover after parsing attributes in process `syz.6.1497'.
[  224.611096][   T56] Bluetooth: hci4: command 0x1003 tx timeout
[  224.617119][ T5906] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  224.790074][T10062] loop5: detected capacity change from 0 to 512
[  224.818551][T10062] EXT4-fs (loop5): orphan cleanup on readonly fs
[  224.826396][T10062] Quota error (device loop5): v2_read_file_info: Block with free entry 9 out of range (1, 6).
[  224.832836][T10062] EXT4-fs warning (device loop5): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  224.841838][T10062] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  224.847331][T10062] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1500: bg 0: block 248: padding at end of block bitmap is not set
[  224.861237][T10062] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  224.867406][T10062] EXT4-fs (loop5): 1 orphan inode deleted
[  224.874089][T10062] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  224.915959][ T8596] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.981165][T10071] loop5: detected capacity change from 0 to 128
[  225.005352][T10071] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  225.017488][T10071] ext4 filesystem being mounted at /171/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  225.064713][ T8596] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  225.277670][T10069] loop2: detected capacity change from 0 to 32768
[  225.283945][T10069] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1503 (10069)
[  225.306421][T10069] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  225.320381][T10069] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  225.445608][T10069] BTRFS info (device loop2): enabling ssd optimizations
[  225.448221][T10069] BTRFS info (device loop2): turning on async discard
[  225.450509][T10069] BTRFS info (device loop2): enabling free space tree
[  225.460830][   T10] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  225.596230][ T5904] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  225.633390][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 254, changing to 11
[  225.640735][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  225.646733][   T10] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  225.660916][   T10] usb 6-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  225.664471][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.683632][   T10] usb 6-1: config 0 descriptor??
[  226.115788][   T10] steelseries 0003:1038:1410.0009: item fetching failed at offset 5/7
[  226.119250][   T10] steelseries 0003:1038:1410.0009: parse failed
[  226.122763][   T10] steelseries 0003:1038:1410.0009: probe with driver steelseries failed with error -22
[  226.188581][T10104] loop6: detected capacity change from 0 to 32768
[  226.208207][ T5950] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  226.223755][   T34] audit: type=1800 audit(1761920741.055:114): pid=10104 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1511" name="file2" dev="loop6" ino=5 res=0 errno=0
[  226.321654][   T10] usb 6-1: USB disconnect, device number 10
[  226.381047][ T5950] usb 3-1: Using ep0 maxpacket: 32
[  226.385140][ T5950] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[  226.387493][ T5950] usb 3-1: config 0 has no interface number 0
[  226.389303][ T5950] usb 3-1: config 0 interface 184 has no altsetting 0
[  226.394697][ T5950] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  226.397444][ T5950] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  226.399842][ T5950] usb 3-1: Product: syz
[  226.410770][ T5950] usb 3-1: Manufacturer: syz
[  226.412224][ T5950] usb 3-1: SerialNumber: syz
[  226.414967][ T5950] usb 3-1: config 0 descriptor??
[  226.421770][ T5950] smsc75xx v1.0.0
[  226.422175][T10111] loop6: detected capacity change from 0 to 4096
[  226.446339][T10111] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512).
[  226.449192][T10111] ntfs3(loop6): $Volume is corrupted.
[  226.729010][T10119] loop6: detected capacity change from 0 to 2048
[  226.774254][T10119] EXT4-fs error (device loop6): ext4_ext_check_inode:523: inode #2: comm syz.6.1518: pblk 0 bad header/extent: too large eh_depth - magic f30a, entries 1, max 4(4), depth 25349(25349)
[  226.792995][T10119] EXT4-fs (loop6): Remounting filesystem read-only
[  226.795129][T10119] EXT4-fs (loop6): get root inode failed
[  226.796916][T10119] EXT4-fs (loop6): mount failed
[  226.878365][T10124] loop5: detected capacity change from 0 to 512
[  226.888255][T10124] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[  226.920411][ T5162] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[  227.009270][T10130] overlayfs: upper fs does not support file handles, falling back to index=off.
[  227.012706][T10130] overlayfs: NFS export requires "index=on", falling back to nfs_export=off.
[  227.030296][ T5950] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  227.064466][ T5950] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  227.067372][ T5950] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_bind
[  227.078420][ T5950] smsc75xx 3-1:0.184: probe with driver smsc75xx failed with error -71
[  227.098897][ T5950] usb 3-1: USB disconnect, device number 23
[  228.029845][T10154] ALSA: seq fatal error: cannot create timer (-16)
[  228.434712][T10168] loop2: detected capacity change from 0 to 32768
[  228.440459][T10168] *** Log Is Dirty ! ***
[  228.443470][T10168] lmLogInit: exit(-22)
[  228.446879][T10168] lmLogOpen: exit(-22)
[  228.448183][T10168] jfs_mount_rw failed, return code = -22
[  228.643448][T10170] loop5: detected capacity change from 0 to 32768
[  228.658933][T10176] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1543'.
[  228.934245][T10183] loop5: detected capacity change from 0 to 32768
[  228.942562][T10183] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1545 (10183)
[  228.963367][T10183] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  228.969674][T10183] BTRFS info (device loop5): using crc32c (crc32c-lib) checksum algorithm
[  228.974264][T10183] BTRFS warning (device loop5): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  229.025436][T10183] BTRFS info (device loop5): rebuilding free space tree
[  229.035638][T10183] BTRFS info (device loop5): disabling free space tree
[  229.038225][T10183] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  229.043200][T10183] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  229.049178][T10183] BTRFS info (device loop5): checking UUID tree
[  229.051749][T10183] BTRFS info (device loop5): enabling ssd optimizations
[  229.056494][T10183] BTRFS info (device loop5): turning on flush-on-commit
[  229.059282][T10183] BTRFS info (device loop5): enabling disk space caching
[  229.062336][T10183] BTRFS info (device loop5): force clearing of disk cache
[  229.064914][T10183] BTRFS info (device loop5): use zstd compression, level 3
[  229.067213][T10183] BTRFS info (device loop5): max_inline set to 0
[  229.215895][ T8596] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  229.267366][T10218] loop2: detected capacity change from 0 to 32768
[  229.293022][T10218] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[  229.367840][T10223] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1555'.
[  229.382153][T10218] (syz.2.1554,10218,0):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options
[  229.429729][T10225] loop5: detected capacity change from 0 to 512
[  229.446367][ T5904] ocfs2: Unmounting device (7,2) on (node local)
[  229.538727][T10229] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1559'.
[  229.584078][T10233] bridge1: trying to set multicast startup query interval above maximum, setting to 8640000 (86400000ms)
[  230.003734][T10262] netlink: 'syz.2.1572': attribute type 1 has an invalid length.
[  230.167427][T10270] Invalid ELF header magic: != ELF
[  230.236551][T10276] GUP no longer grows the stack in syz.6.1579 (10276): 200000004000-20000000a000 (200000002000)
[  230.239992][T10276] CPU: 1 UID: 0 PID: 10276 Comm: syz.6.1579 Not tainted syzkaller #0 PREEMPT(full) 
[  230.240003][T10276] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  230.240008][T10276] Call Trace:
[  230.240012][T10276]  <TASK>
[  230.240015][T10276]  dump_stack_lvl+0x189/0x250
[  230.240030][T10276]  ? __pfx_dump_stack_lvl+0x10/0x10
[  230.240041][T10276]  ? __pfx__printk+0x10/0x10
[  230.240047][T10276]  ? find_vma+0xe7/0x160
[  230.240063][T10276]  __get_user_pages+0x2463/0x29f0
[  230.240085][T10276]  get_user_pages_remote+0x2f1/0xac0
[  230.240094][T10276]  ? __pfx_mtree_load+0x10/0x10
[  230.240105][T10276]  ? __pfx_get_user_pages_remote+0x10/0x10
[  230.240115][T10276]  ? __access_remote_vm+0x367/0x7d0
[  230.240128][T10276]  __access_remote_vm+0x211/0x7d0
[  230.240142][T10276]  ? __pfx___access_remote_vm+0x10/0x10
[  230.240154][T10276]  ? alloc_pages_noprof+0xbe/0x190
[  230.240164][T10276]  proc_pid_cmdline_read+0x430/0x810
[  230.240178][T10276]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  230.240195][T10276]  ? rw_verify_area+0x2a6/0x4d0
[  230.240205][T10276]  vfs_readv+0x5aa/0x850
[  230.240215][T10276]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  230.240226][T10276]  ? __pfx_vfs_readv+0x10/0x10
[  230.240242][T10276]  ? __fget_files+0x2a/0x420
[  230.240253][T10276]  ? __fget_files+0x3a0/0x420
[  230.240261][T10276]  ? __fget_files+0x2a/0x420
[  230.240274][T10276]  __x64_sys_preadv+0x197/0x2a0
[  230.240284][T10276]  ? __pfx___x64_sys_preadv+0x10/0x10
[  230.240295][T10276]  ? do_syscall_64+0xbe/0xfa0
[  230.240305][T10276]  do_syscall_64+0xfa/0xfa0
[  230.240312][T10276]  ? lockdep_hardirqs_on+0x9c/0x150
[  230.240320][T10276]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.240327][T10276]  ? exc_page_fault+0xab/0x100
[  230.240335][T10276]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.240342][T10276] RIP: 0033:0x7f73c058efc9
[  230.240349][T10276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  230.240370][T10276] RSP: 002b:00007f73c1500038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  230.240379][T10276] RAX: ffffffffffffffda RBX: 00007f73c07e5fa0 RCX: 00007f73c058efc9
[  230.240384][T10276] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000003
[  230.240389][T10276] RBP: 00007f73c0611f91 R08: 0000000000000000 R09: 0000000000000000
[  230.240394][T10276] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  230.240398][T10276] R13: 00007f73c07e6038 R14: 00007f73c07e5fa0 R15: 00007fffa12a3ec8
[  230.240412][T10276]  </TASK>
[  230.419847][T10274] loop2: detected capacity change from 0 to 32768
[  230.428531][T10274] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  230.452731][T10274] XFS (loop2): Ending clean mount
[  230.474583][ T5904] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  230.784192][T10292] loop6: detected capacity change from 0 to 32768
[  230.804112][T10292] ocfs2: Slot 0 on device (7,6) was already allocated to this node!
[  230.808935][T10292] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  230.817780][T10292] 
[  230.818567][T10292] ======================================================
[  230.820697][T10292] WARNING: possible circular locking dependency detected
[  230.822842][T10292] syzkaller #0 Not tainted
[  230.824352][T10292] ------------------------------------------------------
[  230.827264][T10292] syz.6.1584/10292 is trying to acquire lock:
[  230.829117][T10292] ffff888118e41578 (&oi->ip_xattr_sem){++++}-{4:4}, at: ocfs2_init_acl+0x2f9/0x720
[  230.829754][ T5914] (kworker/u8:3,5914,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=312, inode=13845347915746889, rec_len=25793, name_len=214
[  230.831981][T10292] 
[  230.831981][T10292] but task is already holding lock:
[  230.831987][T10292] ffff8881b877c950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x1f87/0x21c0
[  230.832020][T10292] 
[  230.832020][T10292] which lock already depends on the new lock.
[  230.832020][T10292] 
[  230.832023][T10292] 
[  230.832023][T10292] the existing dependency chain (in reverse order) is:
[  230.832026][T10292] 
[  230.832026][T10292] -> #3 (jbd2_handle){++++}-{0:0}:
[  230.852713][T10292]        lock_acquire+0x120/0x360
[  230.854339][T10292]        start_this_handle+0x1fa7/0x21c0
[  230.855968][T10292]        jbd2__journal_start+0x2c1/0x5b0
[  230.857987][T10292]        jbd2_journal_start+0x2a/0x40
[  230.859980][T10292]        ocfs2_start_trans+0x376/0x6d0
[  230.861940][T10292]        ocfs2_mknod+0xe93/0x2050
[  230.863623][T10292]        ocfs2_mkdir+0x191/0x440
[  230.865165][T10292]        vfs_mkdir+0x306/0x510
[  230.866857][T10292]        do_mkdirat+0x247/0x590
[  230.868618][T10292]        __x64_sys_mkdir+0x6c/0x80
[  230.870621][T10292]        do_syscall_64+0xfa/0xfa0
[  230.872640][T10292]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.875136][T10292] 
[  230.875136][T10292] -> #2 (&journal->j_trans_barrier){.+.+}-{4:4}:
[  230.878481][T10292]        lock_acquire+0x120/0x360
[  230.880415][T10292]        down_read+0x46/0x2e0
[  230.882147][T10292]        ocfs2_start_trans+0x36a/0x6d0
[  230.884044][T10292]        ocfs2_mknod+0xe93/0x2050
[  230.886046][T10292]        ocfs2_mkdir+0x191/0x440
[  230.888031][T10292]        vfs_mkdir+0x306/0x510
[  230.889960][T10292]        do_mkdirat+0x247/0x590
[  230.891895][T10292]        __x64_sys_mkdir+0x6c/0x80
[  230.893886][T10292]        do_syscall_64+0xfa/0xfa0
[  230.895839][T10292]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.898265][T10292] 
[  230.898265][T10292] -> #1 (sb_internal#4){.+.+}-{0:0}:
[  230.901194][T10292]        lock_acquire+0x120/0x360
[  230.903178][T10292]        ocfs2_start_trans+0x26b/0x6d0
[  230.905490][T10292]        ocfs2_xattr_set+0xd69/0x11f0
[  230.907656][T10292]        __vfs_removexattr+0x431/0x470
[  230.909836][T10292]        __vfs_removexattr_locked+0x1ed/0x230
[  230.912279][T10292]        vfs_removexattr+0x80/0x1b0
[  230.914372][T10292]        ovl_get_workdir+0xd00/0x17b0
[  230.916550][T10292]        ovl_fill_super+0x154a/0x3da0
[  230.918708][T10292]        get_tree_nodev+0xbb/0x150
[  230.920715][T10292]        vfs_get_tree+0x92/0x2b0
[  230.922736][T10292]        do_new_mount+0x302/0xa10
[  230.924773][T10292]        __se_sys_mount+0x313/0x410
[  230.926860][T10292]        do_syscall_64+0xfa/0xfa0
[  230.928753][T10292]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.931127][T10292] 
[  230.931127][T10292] -> #0 (&oi->ip_xattr_sem){++++}-{4:4}:
[  230.933901][T10292]        validate_chain+0xb9b/0x2140
[  230.935983][T10292]        __lock_acquire+0xab9/0xd20
[  230.938033][T10292]        lock_acquire+0x120/0x360
[  230.940023][T10292]        down_read+0x46/0x2e0
[  230.941903][T10292]        ocfs2_init_acl+0x2f9/0x720
[  230.944008][T10292]        ocfs2_mknod+0x1321/0x2050
[  230.946089][T10292]        ocfs2_mkdir+0x191/0x440
[  230.948087][T10292]        vfs_mkdir+0x306/0x510
[  230.950031][T10292]        do_mkdirat+0x247/0x590
[  230.951992][T10292]        __x64_sys_mkdirat+0x87/0xa0
[  230.954086][T10292]        do_syscall_64+0xfa/0xfa0
[  230.955876][T10292]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.957999][T10292] 
[  230.957999][T10292] other info that might help us debug this:
[  230.957999][T10292] 
[  230.961115][T10292] Chain exists of:
[  230.961115][T10292]   &oi->ip_xattr_sem --> &journal->j_trans_barrier --> jbd2_handle
[  230.961115][T10292] 
[  230.965140][T10292]  Possible unsafe locking scenario:
[  230.965140][T10292] 
[  230.967310][T10292]        CPU0                    CPU1
[  230.968874][T10292]        ----                    ----
[  230.970423][T10292]   rlock(jbd2_handle);
[  230.971693][T10292]                                lock(&journal->j_trans_barrier);
[  230.974023][T10292]                                lock(jbd2_handle);
[  230.976009][T10292]   rlock(&oi->ip_xattr_sem);
[  230.977438][T10292] 
[  230.977438][T10292]  *** DEADLOCK ***
[  230.977438][T10292] 
[  230.979764][T10292] 8 locks held by syz.6.1584/10292:
[  230.981299][T10292]  #0: ffff888112240420 (sb_writers#25){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  230.983963][T10292]  #1: ffff888118e41840 (&type->i_mutex_dir_key#20/1){+.+.}-{4:4}, at: filename_create+0x1f8/0x3c0
[  230.987153][T10292]  #2: ffff888116f59840 (&ocfs2_sysfile_lock_key[INODE_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  230.991214][T10292]  #3: ffff888116f5d240 (&ocfs2_sysfile_lock_key[EXTENT_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  230.995301][T10292]  #4: ffff8881abda89c0 (&ocfs2_sysfile_lock_key[LOCAL_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_reserve_local_alloc_bits+0x125/0x24e0
[  230.999381][T10292]  #5: ffff888112240610 (sb_internal#4){.+.+}-{0:0}, at: ocfs2_mknod+0xe93/0x2050
[  231.002202][T10292]  #6: ffff8881119368e8 (&journal->j_trans_barrier){.+.+}-{4:4}, at: ocfs2_start_trans+0x36a/0x6d0
[  231.005771][T10292]  #7: ffff8881b877c950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x1f87/0x21c0
[  231.009420][T10292] 
[  231.009420][T10292] stack backtrace:
[  231.011621][T10292] CPU: 1 UID: 0 PID: 10292 Comm: syz.6.1584 Not tainted syzkaller #0 PREEMPT(full) 
[  231.011632][T10292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  231.011638][T10292] Call Trace:
[  231.011642][T10292]  <TASK>
[  231.011647][T10292]  dump_stack_lvl+0x189/0x250
[  231.011660][T10292]  ? __pfx_dump_stack_lvl+0x10/0x10
[  231.011669][T10292]  ? __pfx__printk+0x10/0x10
[  231.011677][T10292]  ? stack_trace_save+0x9c/0xe0
[  231.011689][T10292]  print_circular_bug+0x2ee/0x310
[  231.011699][T10292]  check_noncircular+0x134/0x160
[  231.011709][T10292]  validate_chain+0xb9b/0x2140
[  231.011719][T10292]  ? __pfx_find_get_block_common+0x10/0x10
[  231.011733][T10292]  __lock_acquire+0xab9/0xd20
[  231.011741][T10292]  ? ocfs2_init_acl+0x2f9/0x720
[  231.011751][T10292]  lock_acquire+0x120/0x360
[  231.011758][T10292]  ? ocfs2_init_acl+0x2f9/0x720
[  231.011768][T10292]  ? do_raw_spin_unlock+0x4d/0x240
[  231.011778][T10292]  down_read+0x46/0x2e0
[  231.011787][T10292]  ? ocfs2_init_acl+0x2f9/0x720
[  231.011798][T10292]  ocfs2_init_acl+0x2f9/0x720
[  231.011809][T10292]  ? __pfx_ocfs2_init_acl+0x10/0x10
[  231.011818][T10292]  ? dquot_alloc_inode+0x216/0xa50
[  231.011825][T10292]  ? __pfx_ocfs2_journal_dirty+0x10/0x10
[  231.011832][T10292]  ? ocfs2_block_signals+0x94/0xe0
[  231.011842][T10292]  ? __pfx_ocfs2_block_signals+0x10/0x10
[  231.011851][T10292]  ? ocfs2_metadata_cache_get_super+0x43/0x80
[  231.011861][T10292]  ? ocfs2_inode_cache_get_super+0xd/0x40
[  231.011872][T10292]  ocfs2_mknod+0x1321/0x2050
[  231.011883][T10292]  ? __pfx_ocfs2_mknod+0x10/0x10
[  231.011892][T10292]  ? do_raw_spin_unlock+0x4d/0x240
[  231.011902][T10292]  ? ocfs2_inode_lock_full_nested+0xabe/0x1b40
[  231.011921][T10292]  ? __lock_acquire+0xab9/0xd20
[  231.011931][T10292]  ? __lock_acquire+0xab9/0xd20
[  231.011938][T10292]  ? do_raw_spin_lock+0x121/0x290
[  231.011949][T10292]  ? do_raw_spin_unlock+0x4d/0x240
[  231.011959][T10292]  ? put_pid+0xe9/0x130
[  231.011968][T10292]  ocfs2_mkdir+0x191/0x440
[  231.011977][T10292]  ? __pfx_from_kgid+0x10/0x10
[  231.011984][T10292]  ? apparmor_path_mkdir+0x1a7/0x220
[  231.011996][T10292]  ? __pfx_ocfs2_mkdir+0x10/0x10
[  231.012005][T10292]  ? HAS_UNMAPPED_ID+0x11a/0x180
[  231.012016][T10292]  ? inode_permission+0x149/0x470
[  231.012026][T10292]  ? __pfx_ocfs2_permission+0x10/0x10
[  231.012034][T10292]  ? bpf_lsm_inode_mkdir+0x9/0x20
[  231.012041][T10292]  vfs_mkdir+0x306/0x510
[  231.012050][T10292]  do_mkdirat+0x247/0x590
[  231.012057][T10292]  ? __pfx_do_mkdirat+0x10/0x10
[  231.012065][T10292]  ? getname_flags+0x1e5/0x540
[  231.012074][T10292]  __x64_sys_mkdirat+0x87/0xa0
[  231.012082][T10292]  do_syscall_64+0xfa/0xfa0
[  231.012089][T10292]  ? lockdep_hardirqs_on+0x9c/0x150
[  231.012096][T10292]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.012103][T10292]  ? exc_page_fault+0xab/0x100
[  231.012110][T10292]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.012117][T10292] RIP: 0033:0x7f73c058d717
[  231.012125][T10292] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  231.012132][T10292] RSP: 002b:00007f73c14ffe68 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  231.012140][T10292] RAX: ffffffffffffffda RBX: 00007f73c14ffef0 RCX: 00007f73c058d717
[  231.012146][T10292] RDX: 00000000000001ff RSI: 0000200000000300 RDI: 00000000ffffff9c
[  231.012150][T10292] RBP: 0000000000000000 R08: 0000200000000300 R09: 0000000000000000
[  231.012155][T10292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000300
[  231.012163][T10292] R13: 00007f73c14ffeb0 R14: 0000000000000000 R15: 0000000000000000
[  231.012171][T10292]  </TASK>
[  231.139743][T10292] (syz.6.1584,10292,1):ocfs2_rename:1286 ERROR: status = -2
[  231.142067][T10292] (syz.6.1584,10292,1):ocfs2_rename:1702 ERROR: status = -2
[  231.151912][ T9270] ocfs2: Unmounting device (7,6) on (node local)

VM DIAGNOSIS:
14:21:38  Registers:
info registers vcpu 0

CPU#0
RAX=ffffffff8231aefd RBX=0000000000000000 RCX=0000000000000002 RDX=ffff88810ab21d00
RSI=0000000000000000 RDI=0000000000000000 RBP=0000000000000001 RSP=ffffc90007c9f100
R8 =ffff8881018bb07f R9 =1ffff1102031760f R10=dffffc0000000000 R11=ffffed1020317610
R12=ffff8881018bb080 R13=0000000000000001 R14=ffffffff8231ac2a R15=000000000002a568
RIP=ffffffff8231af11 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f5108a536c0 ffffffff 00c00000
GS =0000 ffff88818eb35000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f5108a52fc8 CR3=0000000109fae000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f5107db7498 00007f5107db7470 XMM03=00007f5107db74a8 00007f5107db74a0
XMM04=00007f510891d100 00007f5107db7460 XMM05=00007f5107db7478 00007f5107db74c0
XMM06=00007f5107db74b8 00007f5107db74b0 XMM07=00007f5107db74a8 00007f5107db74a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f5107c1315a
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000000002d RBX=000000000000002d RCX=0000000000000000 RDX=00000000000003f8
RSI=00000000000025b8 RDI=00000000000025b9 RBP=00000000000003f8 RSP=ffffc900052c6d10
R8 =ffff888169f60237 R9 =1ffff1102d3ec046 R10=dffffc0000000000 R11=ffffffff8515b630
R12=dffffc0000000000 R13=ffffffff997df912 R14=ffffffff99af2f20 R15=0000000000000000
RIP=ffffffff8515b6ac RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f73c15006c0 ffffffff 00c00000
GS =0000 ffff8882a9f35000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b30323ffc CR3=0000000112634000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffffffffffff ffffffffffffffff
XMM02=0000000000000000 0000000000000000 XMM03=ffffffffffffffff ffffffffffffffff
XMM04=0000000000000000 00000000000000ff XMM05=6161616161616161 6161616161616161
XMM06=6161616161616161 6161616161616161 XMM07=6161616161616161 6161616161616161
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f73c061315a
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
