last executing test programs:

3m6.875661468s ago: executing program 2 (id=152):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newlink={0x50, 0x10, 0xffffffffffffffff, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x2017, 0x2021}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x20, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MACADDR={0xa, 0x4, @remote}, @IFLA_MACVLAN_MACADDR_DATA={0x10, 0x5, 0x0, 0x1, [{0xa, 0x4, @broadcast}]}]}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x1}, 0x8000002)

3m6.875413495s ago: executing program 2 (id=153):
syz_mount_image$msdos(&(0x7f0000000140), &(0x7f0000001080)='./bus\x00', 0x80, &(0x7f00000010c0)=ANY=[@ANYBLOB="666c7573682c6e6f646f74732c646973636172642c646d61736b3d30303030303030303030303030303030303030303030322c646d61736b3d30303030303030303030303030303031303030303137372c646f74732c6e6f646f74732c71756965742c646f74732c0023c3cb4d2e3cbf18508098fe0de2af38db67d42d1bc4ab714d52f019082433fc9ca2d7174b2c4ece31c9f4c7a475f304e100"/167], 0x1, 0x140, &(0x7f0000000000)="$eJzs27Fq21AUBuDj2m3ddvFcOgi6dDJtn6CluFAqaEnwkEwJOFnsYIgXJZMfJS8YCJ683ZAo2Imxhwy2IPq+RT/8CO4dpMMV6OjT2XAwnpyO/8+i3WhE60dkMW9EJ15FM0rTAABeknlKcZNSSm+n8e4qUkpVrwgA2DbzHwDqx/wHgPox/wGgfvYPDv/+zPPeXpa1I66nRb/ol9ey//0n733N7nWWd82Kot9c9N/KPnvav473D/33tf2b+PK57O+6X//ylf5DDLa/fQAAAKiFbraw9nzf7W7qy/To+8DK+b0VH1s72wYA8AyTi8vh8Wh0ci4IgrAIVb+ZgG1bPvRVrwQAAAAAAAAAAAAAANhkF78TVb1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWHUbAAD//0DvUik=")
syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000180)='./file1\x00', 0x4040, &(0x7f00000015c0)=ANY=[], 0x2, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir")
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x141341)

3m6.674414486s ago: executing program 2 (id=154):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x5f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
r1 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$sock_bt_bnep_BNEPCONNADD(r1, 0x400442c8, &(0x7f00000002c0)=ANY=[@ANYRES32=r0, @ANYBLOB="0100e6"])

3m6.553127959s ago: executing program 2 (id=155):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x101091, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)

3m6.484409907s ago: executing program 2 (id=157):
r0 = syz_open_dev$midi(&(0x7f0000000000), 0x2, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_DRAIN(r0, 0x40045731, &(0x7f0000000100)=0x1)

3m6.126839232s ago: executing program 2 (id=161):
r0 = syz_io_uring_setup(0x53f, &(0x7f0000000340)={0x0, 0x807734, 0x400, 0xfffffff8, 0xfe}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f00000002c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)})
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x36, 0x0, 0x0, 0x202}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

3m5.958797331s ago: executing program 32 (id=161):
r0 = syz_io_uring_setup(0x53f, &(0x7f0000000340)={0x0, 0x807734, 0x400, 0xfffffff8, 0xfe}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f00000002c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)})
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x36, 0x0, 0x0, 0x202}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

2m13.372387556s ago: executing program 0 (id=676):
r0 = socket(0x10, 0x80003, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000004c0)={'vcan0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0xfff3}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xf, "00000000000000000001000f0e00"}}}]}, 0x48}}, 0x0)

2m13.14523299s ago: executing program 0 (id=677):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000140))
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000000140)=""/92})
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000140)={'#! ', './file2'}, 0xb)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1})
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000005f00250e00000000d94aa1"], 0x1c}], 0x1}, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=""/57, 0x0, &(0x7f0000000500)=""/4096})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)

2m12.271878518s ago: executing program 0 (id=691):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000e00)=ANY=[@ANYBLOB="61154c000000000061138c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000003000000160302000ee60060bf350000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dc725f431bcab0ef59b8f0e431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa0100000000000000b93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4ffcae1a8a793a7795a9214a92f66e9cc54db6c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc3086936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61dc18402cde8bf777b2eaa45c940aabc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154baa8e51489a614e69722bac30000000000000000000000000000a006b178438e930b2494db1bf624a70a19a45b8b71869afb13cb2ac1d2f3ec0d93a3e4fd0ad076c7d826f218aa6ba8ec5e58b7c64dc8616127087901dc65418a4b25bfa7ae8b5ad9642815f319230425e8bd89c6983d816d97d81a739917eecd26f9a3aecaf0acdaf6cffab38eae3b10b122b4bf521a46bf01a0c136f745113b589459fbe1666087a7c554a55e2b42ab7e405a77f405a348a64e356b7fb61e48ea9c87bf13f97052c51fdd49f3dbccf9874cf61807ae4b1665ccdd026d4580a068395e8cb851eeadb1da6d1009513ca73a685c66fb15f27eb74a7a4eb5966e3ef4be3ca8ba81b2d17d797265390ce616c3d7b566fe956fb93c6a43f4dc6bfc194daeb7b998d550773bc14aca"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)

2m11.336478142s ago: executing program 0 (id=694):
syz_mount_image$jfs(&(0x7f0000000080), &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480)=ANY=[], 0x1, 0x6276, &(0x7f0000003680)="$eJzs3c1vHGcdB/Df7JtfStOoh6pECLlteCmleS0hUKDtAQ5cOKBcUSLXrSJSQElAaRURV75w4I8AIXFBQogjJ/6AHrhy4w8gUoIE6qmD1n4eZzxde+2k3ln7+XwkZ+Y3z4z3mXx3vLueGT8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMQPf/Dj81VEXP1VWnAy4nPRj+hFLI3rlYhYWjmZ1x9ExPOx2RzPRcRwIaLKjc9EvBYRH52IePDw7up40YV99uP7f/nnH37y1I/+8efh2f/99Xb/9d3Wu3Pnt//9273H318AAAAoUV3XdZU+5p9Kn+97XXcKAJiJ/PpfJ3m5eu7q9Tnrj1qtVquPYN1UT3avWUTEenOb8XsGp+MB4IhZj4+77gIdkn/RBhHxVNedAOZa1XUHOBQPHt5drVK+VfP1YGWrPV8LsiP/9Wr7/o7dptO0rzGZ1fNrI/rx7C79WZpRH+ZJzr/Xzv/qVvsorXfY+c/KbvmPtm59Kk7Ov9/Ov+X45N+bmH+pcv6DA+Xflz8AAAAAAMyx/Pv/kx2f/1148l3Zl73O/67MqA8AAAAAAAAA8Fl70vH/tlXG/wMAAIB5Nf6sPva7E4+WNa/1H8XO5VeqiKdb6wOFSTfLLHfdDwAAAAAAAAAAAAAoyWDrGt4rVcQwIp5eXq7revzV1K4P6km3P+pK338oWdc/5AEAYMtHJ1r38lcRixFxJf2tv+Hy8nJdLy4t18v10kJ+PztaWKyXGp9r83S8bGG0jzfEg1E9/maLje2apn1entbe/n7jxxrV/X10bDY6DBwAImLr1eiBV6Rjpq6fia7f5XA0OP6PH8c/+9H18xQAAAA4fHVd11X6c96n0jn/XtedAgBmIr/+t88LqNVqtVqtPn51Uz3ZvWYREevNbcbvGQzHDwBHzHp83HUX6JD8izaIiOe77gQw16quO8ChePDw7mqV8q2arwdpfPd8LciO/Nerze3y9pOm07SvMZnV82sj+vHsLv15bkZ9mCc5/147/6tb7aO03mHnPyu75T/ez5Md9KdrOf9+O/+W45N/b2L+pcr5Dw6Uf1/+AAAAAAAwx/Lv/0/O1fnf0ePuzlR7nf9dObRHBQAAAAAAAIDD9eDh3dV832s+//+FCeu5//N4yvlX8i9Szr/Xyv+rrfX6jfn7bz3K/z8P767+8fa/P5+n+81/Ic9U6ZlVpWdElR6pGqTpk+zdp20M+6PxIw2rXn+Qrvmph+/E9bgRa3Fux7q99P/xqP38jvZxT4eb7XV/q/3CjvbBdnve/uKO9mG60qleyu1nYjV+Hjfi7c32cdvClP1fnNJeT2nP+fcd/0XK+Q8aX+P8l1N71ZqO3f+w96njvjmd9DhvXv/ib84d/u5MtRH97X1rGu/fix30Z/P/5KlR/PLW2s0zd67dvn3zfKTJjqUXIk0+Yzn/Yfra/vn/0lZ7/rnfPF7vfzg6cP7zYiMGu+b/UmN+vL8vz7hvXcj5j9JXzv/t1D75+D9A/r0/zWxf9mOv4/+VDvoDAAAAAAAAAAAAAAAAe6nrevMW0Tcj4lK6/6erezMBgNnKr/91kpfPqu7P+PHU6iNeV3PWn5nWn9Tz1R+1+ijWTfVkbzSLiPh7c5vxe4ZfT/pmAMA8+yQi/tV1J+iM/AuW/97feHq6684AM3Xr/Q9+eu3GjbWbt7ruCQAAAAAAAADwuPL4nyuN8Z9P13V9r7XejvFf34qVJx3/dZBntgcY3WWg6v7B92kvG71Rv9cYbvyF2G387+H23F7jfw+mPN5wSvtoSvvClPbFKe0Tb/RoyPm/0Bjv/HREnGoNv/7Y47/Omb3Gf22PeV+CnP+LjefzOP+vtNZr5l///ijn39uR/9nb7/3i7K33P3j1+nvX3l17d+1nF8+fP3fx0qXLly+ffef6jbVzW/922OPDlfPPY1+7DrQsOf+cufzLkvP/UqrlX5ac/5dTLf+y5Pzz+z35lyXnnz/7yL8sOf+XUy3/suT8v5Zq+Zcl5/9KquVflpz/11Mt/7Lk/F9NtfzLkvM/k2r5lyXnfzbV+8x/6bD7xWzk/PMZLsd/WXL++coG+Zcl538h1fIvS87/YqrlX5ac/2upln9Zcv7fSLX8y5Lzv5Rq+Zcl5//NVMu/LDn/y6mWf1ly/t9KtfzLkvP/dqrlX5ac/+upln9Zcv7fSbX8y5Lz/26q5V+WnP/3Ui3/suT830i1/Mvy6O//mzFjxkye6fonEwAAAAAAAAAAAADQNovLibveRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCnt3FyPXWd4B/Mx+eeNAYiCkTmrCxjHGOJvs+iP+oHUx4bPhqySEQj+wXe/aLPgLr10CjWpHgRIJo6KKtuGiLSDU5qbCqrigFaBcoFaVKkF7QW8QFSoXURVQQKrUVsBWM+d9352ZnZ3Z9Y7XZ875/ST78c6cmfedM++c2WfX/zkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANLv7DbOfqmVZVqvV8gs2ZdmL6vWmiU2NS157Y+cHAAAArN3PG3+/cGu64PAKbtS0zT/d9e2vLiwsLGTvG/7T0c8tLKQrJrJsdEOWNa6Lrv7g/bXmbYIns/HaUNPXQz2GH+5x/UiP60d7XD/W4/oNPa4f73H9kh2wxE1ZLd3ZtsY/N+W7NLstG21ct63DrZ6sbRiq77t026zWuM3C6IlsLjuVzWbTLdvn29Ya23/97vpYb83iWENNY22pr5CfPH48zqEW9vG2lrEW7zP60euziZ/+5PHjf33h+Ts61Z67oeX+8nnu2Fqf5yfCJflca9mGtE/iPIea5rmlw3My3DLPWuN29X+3z/OFFc5zeHGa66r9OR/Phhr//k5jP43Usg77aUu47H/uybLs8uK027dZMlY2lG1suWRo8fkZz1dk/T7qS+ml2Uj3dbpQa1mnd69gndbrzLbWddr+mojP/93hdiPLzKH5afrRE2NNz/vPFq5lnUb1R73ca6V9Dfb7tVKUNRjXxXcaD/qpjmtwW3j8j29ffg12XDsd1mB63E1rcGuvNTg0NtyYc3oSao3bLK7BXS3bDzdGqjXqc9u7r8GpC6fPTc1/7OP3zZ0+dnL25OyZPbt2Te/Zt+/AgQNTJ+ZOzU7nf1/j3i6+jdlQeg1sDfsuvgZe3bZt81Jd+OLYkuPvtb4Ox7u8Dje1bdvv1+FI+4Orrc8Lcumazl8b76nv9PErQ9kyr7HG87Nz7a/D9LibXocjTa/Dju8pHV6HIyt4Hda3ObdzZd+zjDT96TSH5d8L1rYGNzWtwfbvR9rXYL+/HynKGhwP6+J7O5d/L9gS5vvU5Gq/HxlesgbTww3Hnvol6fv98QON0mld3lm/4uax7OL87Pn7Hzt24cL5XVko6+JlTWulfb1ubHpM2ZL1OrTq9Xp47q6n7uxw+aawr8bvq/81vuxzVd9m7/3dn6vGu1vn/dly6e4slD4L+3Nhwzrtz07v5vX9OZZln//WEw9/4/HPv2HZ/VnvNz8xtfbvxVNf2nT8HV3m+Bv7/l/k46W7enJ4dCR//Q6nvTPacjxufapGGseuWmPsF6ZWdjweDX/W+3h8W5fj8ea2bft9PB5tf3DxeFzr9dOOtWl/PsfDOjk13f14XN9m8+7VrsmRrsfje0Kthf3/mtAppL6oae0st27TWCMjo+FxjcQRWtfpnpbtR0NvVh/rmd3Xtk533JPf13B6dIvWa51OtG3b73Wafva13Dqt9frp27Vpfz7Hw7q4bU/3dVrf5tm9az923hT/2XTsHOu1BkeHx+pzHk2LsHG8zxZuimvw/ux4djY7lc00rh1rrKdaY6zJB1a2BsfCn/U+Vm7usgZ3tG3b7zWY3seWW3u1kaUPvg/an8/xsC6efqD7Gqxv88b9/f3edUe4JG3T9L1r+8/XlvuZ151tu+l6rZWRMM9v7e/+s9n6NqcOrLbP7L6f7g2X3NxhP7W/fpd7Tc1k67OfNod5Pn9g+f1Un099m88dXOF6Opxl2aWPPNj4eW/4/crfXfzuV1t+79LpdzqXPvLgj1984h9XM38ABt8v8rIxf69r+s3USn7/DwAAAAyE2PcPhZro/wEAAKA0Yt8f/1d4ov8HAACA0oh9/0ioSUX6/81vfH7uF5eylMxfCOL1aTc8lG8XM67T4euJhUX1yx/88ux//8OllY09lGXZzx76g47bb34ozis3EeZ59U2tly/x1ftWNPbRRy+lcZvz618I9x8fz0qXQacI7nSWZV+/9TONcSbef6VRn33oaKM+fPmpJ+vbvHAw/zre/rmX5dv/RQj/Hj5xrOX2z4X98MNQp9/WeX/E233lymu27H/v4njxdrWttzQe9tMfyO83fk7OZ5/Mt4/7ebn5f+PTz3ylvv1jr+o8/0tDnef/TLjfL4f6v6/It29+Dupfx9t9Msw/jhdvd/+Xvtlx/lc/lW9/7s35dkdDjePvCF9ve/Pzc83767HasZbHlb0l3y6OP/3dP25cH+8v3n/7/MePXGnZH+3r49l/y+9nqm37eHkcJ/r7tvHr99O8PuP4z/zR0Zb93Gv8qw8/94r6/baPf2/bduc+srMx/uL9tX5i019+8jMdx4vzOfy351oez+F3h9dxGP/pD4T1GK7/v6v5/bV/usLRd7cef+L2X9h0qeXxRG/9aT7+1dedbNQN4zdtvPlFL77l8ivr+y7LvrMhv79e45/8q7Mt8//i7fn+iNfHjH77+MuJ45//6OSZs/MX52bSXn381sZn57w9n0+c763h2Nr+9ZGzFz44e35iemI6yybK+xF61+xLof44L5e7b72w5Ai689HwfN7551/fuP1fPx0v//f35JdfeVv+vvXqsN1nw+WbwvO3uvGXevru2xuv79qzYYYLSz8veC22bPuvAyvaMDz+9u8L4no/9/IPNvZD/brG+0Z8Xa9x/t+fye/na2G/LoRPZt56++J4zdvHz0a48kj+el/z/guHufi8/k14vt/xw/z+47zi4/1++D7mm5tbj3dxfXzt0lD7/Tc+xeNyOJ5kl/Pr41Zxf1954faO04ufQ5JdvqPx9Z+k+7ljVQ9zOfMfm586NXfm4mNTF2bnL0zNf+zjR06fvXjmwpHGZ3ke+VCv2y8enzY2jk8zs/v2Zo2j1dm8XGc3ev7nHj0+s396+8zsiWMXT1x49Nzs+ZPH5+ePz87Mbz924sTsR3vdfm7m0K7dB/fs3z15cm7m0IGDB/ccnJw7c7Y+jXxSPeyb/vDkmfNHGjeZP7T34K4HHtg7PXn67Mzsof3T05MXe92+8d40Wb/170+enz117MLc6dnJ+bmPzx7adXDfvt09Pw3w9LkT8xNT5y+embo4P3t+Kn8sExcaF9ff+3rdnnKa/4/8+9l2tfyD+LJ33bsvfT5r3ZefWPau8k3aPkD0+fBZNP/8knMHVvJ17PtHQ00q0v8DAABAFcS+fyzURP8PAAAApRH7/g2hJvp/AAAAKI3Y94+HmlSk/y9d/n/zpRWNL/8v/9+8v+T/K5b/f6Ro+f/8eCH/3x9rzd/L/wfy//L/8v8Dk/9fCG9I8v8UUdHy/7HvvynLKtn/AwAAQBXEvn9jqIn+HwAAAEoj9v03h5ro/wEAAKA0Yt//olCTivT/8v/y//L/8v/y/53Hl/8fTPL/3cn/9yD/P5VVK/9/uZ/zd/5/+X+WKlr+P/b9Lw41qUj/DwAAAFUQ+/5bQk30/wAAAFAase+/NdRE/w8AAAClEfv+TaEmFen/5f/l/+X/5f/l/zuPL/8/mOT/u5P/70H+3/n/5f/l/+mrouX/Y9//klCTivT/AAAAUAWx739pqIn+HwAAAIpn5NpuFvv+l4WaLOn/r3EAAAAA4IaLff9tWVsQvCK//5f/l/8vfv5/Q7pO/l/+Pytk/n84k/8vDvn/7uT/e5D/l/+X/5f/p6+Klv9v9P3ZePbyUJOK9P8AAABQBbHvvz3URP8PAAAApRH7/l8KNdH/AwAAQGnEvn9zqElF+n/5f/n/G53/H22bu/P/L95O/j9X/Py/8/8Xifx/d/L/Pcj/y//L/8v/01dFy//Hvv+OUJOK9P8AAABQBbHvvzPURP8PAAAApRH7/l8ONdH/AwAAQGnEvn9LqElF+n/5/4Ln/2NytMT5/97n/5f/l/+X/5f/Xzn5/+7k/3uQ/5f/l/+X/6evipb/j33/K0JNKtL/AwAAQBXEvv+uUBP9PwAAAJRG7PtfGWqi/wcAAIDSiH3/RKhJRfp/+f+C5//zHPxYmc//L/8v/y//L//fT/L/3cn/9xAOcz/Kskz+X/5f/l/+n7UrWv4/9v13h5pUpP8HAACAKoh9/9ZQE/0/AAAAlEbs++8JNdH/AwAAQGnEvn9bqElF+n/5/4HI/2fy//L/8v/y//L/KyP/3538fw/O/y//L/8v/09fFS3/H/v+V4WaVKT/BwAAgCqIff/2UBP9PwAAAJRG7PtfHWqi/wcAAIDSiH3/jlCTivT/8v/y//L/8v/y/53Hl/8fTPL/3cn/9yD/L/8v/y//T18VLf8f+/7XhJpUpP8HAACAKoh9/85QE/0/AAAAlEbs++8NNdH/AwAAQGnEvn8y1KQi/b/8v/y//L/8v/x/5/Hl/weT/H938v89yP/L/8v/y//TV0XL/8e+/75Qk4r0/wAAAFAFse+/P9RE/w8AAAClEfv+qVAT/T8AAACURuz7p0NNKtL/y//L/8v/y/+vKv//ysX7lf/Pyf8Xi/x/d/L/Pcj/y//f8Pz/qPw/pVK0/H/s+3eFmqTGb+waHiUAAABQJLHv3x1qUpHf/wMAAEAVxL5/T6iJ/h8AAABKI/b9e0NNKtL/y//L/8v/y/87/3/n8eX/B5P8f3f9z//Hhyj/L/8v/+/8//L/LFW0/H/s+x8INalI/w8AAABVEPv+faEm+n8AAAAojdj37w810f8DAABAacS+/0CoSUX6f/l/+X/5f/l/+f/O48v/Dyb5/+6c/7+H4uX/X9d88/XM/9fHkv+X/5f/Z/Ue+cPmr4qW/499/8FQk4r0/wAAAFAFse9/baiJ/h8AAABKI/b9vxJq0r3/33B9ZwUAAAD0U+z7fzXUpCK//5f/l/+X/5f/l//vPL78/2CS/+9O/r+H4uX/Wzj/f7HnL/8v/89SRcv/x77/UKhJRfp/AAAAqILY9/9aqIn+HwAAAEoj9v2vCzXR/wMAAEBpxL7/cKhBpzh3Kcn/y/8PZv5/XP5f/r90+f+xeL/y/2si/9+d/H8P8v/y//L/8v/0VdHy/7Hvf32oid//AwAAQGnEvv/BUBP9PwAAAJRG7PvfEGqi/wcAAIDSiH3/G0NNKtL/y//L/w9m/t/5/zP5/9Ll/53/vz/k/7uT/+9B/l/+X/5f/p++Klr+P/b9bwo1qUj/DwAAAFUQ+/43h5ro/wEAAKA0Yt//llAT/T8AAACURuz73xpqUpH+X/5f/v9G5v9zl+X/5f8b5P/l//tB/r87+f8e5P/l/+X/5f/pq6Ll/2Pf/+uhJhXp/wEAAKAKYt//UKiJ/h8AAABKI/b9bws10f8DAABAacS+/+2hJhXp/+X/5f+d/1/+X/6/8/jy/4NJ/r+7Acv///yWcLn8f07+v9jzX23+f6Tt6+uS///Bcvn/hQ3tt5f/53ooWv4/9v3vCDWpSP8PAAAAVRD7/neGmuj/AQAAoDRi3/+uUJOm/r+v//EOAAAAWHex7/+NUJOK/P5f/r8+j8X0svy//H/jAvl/+X/5/4El/9/dgOX/nf+/jfx/sefv/P/y/yxVtPx/7PvfHWpSkf4fAAAAqiD2/Q+Hmuj/AQAAoDRi3/9IqIn+HwAAAEoj9v3vCTWpSP8v/+/8//L/8v/y/53Hl/8fTPL/3cn/9yD/L/9ftPz/f8r/M9iKlv+Pff+joSYV6f8BAACgCmLf/95QE/0/AAAAlEbs+38z1ET/DwAAAKUR+/73hZpUpP+X/x+U/P/EgOb/n5D/v475/7tuybeT/5f/Z5H8f3fy/z3I/8v/Fy3/7/z/DLii5f9j3//+UJOV9//jK94SAAAAuI5Glr0m9v2/FWpSkd//AwAAQBXEvv+3Q030/wAAAFAase//nVCTivT/8v+Dkv93/v9M/t/5/9sej/y//H8n65f/j0ce+X/5/2Ll/zet6gG3utH5+bW60fOvbv4/f2eU/6eTouX/Y9//u6EmFen/AQAAoApi3/+BUBP9PwAAAAyETv8nu13s+4+Emuj/AQAAoDRi33801KQi/b/8v/y//H9B8/9/tvVfvvftdx7dJf8v/y//vyrrev7/+ovf+f/l/wuW/1+LG52fX6/515Y5NZj8v/P/039Fy//Hvv9YqElF+n8AAACogtj3/16oif4fAAAASiP2/cdDTfT/AAAAUBqx758JNalI/y//L/8v/1/Q/P8An/8/7g/5/1Z9y//Hg678f0frmv9/72JOXP5/tfn/sY6Xyv/L/w/y/OX/5f9Zqmj5/9j3z4aaVKT/BwAAgCoIff/QibwuXqH/BwAAgNKIff/JUBP9PwAAAJRG7Ps/GGpSkf5f/l/+X/5f/t/5/zuP3y3/Xxtx/v+ikv/vrjj5/87k/+X/B3n+8v/y/yxVtPx/7PvnQk0q0v8DAABAFcS+/0OhJvp/AAAAKI3Y93841ET/DwAAAKUR+/5ToSYV6f/l/+X/5f/l/+X/O49f2PP/y/93Jf/fnfx/D/L/8v/y//L//8/enXxZWtd3HL8FDV19yCK7LLLJOVnmT2AR1sk+WWSTRXJOTs4JRFFxpnEeUVScFcVZwQEEERXnCZxQnEFFxXnECVFPe6j6fr9dw1P3VlXf6vs8v9/rteCbrlB9r31a6E9Xv31YqrH1/7n7/y9u6WT/AwAAQA9y918ct9j/AAAA0Izc/ZfELfY/AAAANCN3///HLZ3sf/2//r/Z/v+f9f97vb7+X//fMv3/fPr/BfT/+n/9v/6fpRpb/5+7/2FxSyf7HwAAAHqQu//hcYv9DwAAAM3I3X9p3GL/AwAAQDNy9z8ibulk/+/o/9dmffb/mfHq/1vq/z3/f8/X1/+fQf9/rv5/7M5u/3/FQ//k0//r//X/Qf+/r/7/+F6fr/+nRWPr/3P3PzJu6WT/AwAAQA9y9z8qbrH/AQAAoBm5+y+LW+x/AAAAaEbu/kfHLZ3s/+U9///Exscn2v8X/b/+f+MD+n/9/179/7HT39b/j5Pn/8/XU/9/6V0XXHz/zX9/y0FeX/+v//f8f/0/yzW2/j93/2Pilk72PwAAAPQgd/9j4xb7HwAAAJqRu/9xcYv9DwAAAM3I3f/4uKWT/b+8/n/Sz/8v+n/9/8YH9P/6/736/3/z/P+x0//P11P/f5jX1//r//X/+n+Wa9X9f37H+e3c/U+IWzrZ/wAAANCD3P1PjFvsfwAAAGhG7v7L4xb7HwAAAJqRu/9k3NLJ/tf/H33//xf9v/4/rv5f/6//P3r6//n0/wvo//X/+n/9P0u16v5/57dz918Rt3Sy/wEAAKAHufufFLfY/wAAANCM3P1PjlvsfwAAAGhG7v6nxC2d7H/9v+f/6//1//r/4dfX/0+T/n8+/f8C+v8z7efP0/9PsP+PX0jp/zkKB+z/H5zzj+2l9P+5+58at3Sy/wEAAKAHufufFrfY/wAAANCM3P1Pj1vsfwAAAGhG7v5nxC2d7H/9v/5f/6//P3T/v/un3gb9/zD9/9mh/59vNP3/2rHBD+v/J9//e/7/FPv/oP/nKIzt+f+5+58Zt3Sy/wEAAKAHufufFbfM2f8H/s18AAAAYKVy9z87bvH1fwAAAJi8rM5y9z8nbulk/+v/9f/6f/2/5/8Pv/68/v+WLe9P/z8u+v/5RtP/70H/r/+f8vvX/+v/2W1s/X/u/ufGLZ3sfwAAAOhB7v4r4xb7HwAAAJqRu/95cYv9DwAAAM3I3f/8uKWT/T/c/5/+/+v/90f/v/396/+Hf34sq//P71H/P7f/v8jz//uk/5/v7Pf/x/X/279//f8RWvX7b7z/P7Ho8/X/DBlb/5+7/6q4pZP9DwAAAD3I3f+CuMX+BwAAgGbk7n9h3GL/AwAAQDNy978obulk/6/4+f9XnL/X+9L/b9D/6/89/3+cz/+fnfX+/5j+f5/0//N5/v8C+n/9v/7f8/9ZqrH1/7n7r45bOtn/AAAA0IOrH5ht7P4Xz2b2PwAAAEzR1j87sPMPlIbc/S+JW+x/AAAAaEbu/pfGLZ3s/xX3/0f1/P/zFr22/l//v/XHS/+v/x96/XH1/57/v1/6//n0/wvo/4+inz/WWP9/zV6fP4b+/3L9PyOzrf+/7fTHV9X/5+5/WdzSyf4HAACAHuTuf3ncYv8DAABAM3L3vyJusf8BAACgGbn7Xxm3dLL/j7z/P7H3ax9h/7+Q/l//v/XHS/+v/x96ff3/NOn/59P/L6D/9/x/z//X/7NU2/r/LVbV/+fuf1Xc0sn+BwAAgB7k7n913GL/AwAAQDNy918Tt9j/AAAA0Izc/a+JWzrZ/40+/38h/b/+f+uPl/5f/z/0+vr/adL/z6f/X0D/r//X/y/u/3f+izro/xkytv4/d/9r45ZO9j8AAAD0IHf/tXGL/Q8AAADNyN3/urjF/gcAAIBm5O5/fdzSyf7X/x9t/58f1//r/2cH6f/jE/T/m/T/+v+DmFr/v/O/P4fu19eG/k202x79/x3/c/Jft39E/6//1//r/z3/nyUYRf9/6vSvLnP3vyFu6WT/AwAAQA9y978xbrH/AQAAoBm5+98Ut9j/AAAA0Izc/W+OWw64//92qe/q7NH/e/6//n+E/X/Q/2/S/+v/D2Jq/f9Onv+v/9f/T/f96//1/+w2iv5/y7dz978lbvH1fwAAAGhG7v63xi32PwAAADQjd//b4hb7HwAAAJqRu/+6uKWT/a//1//r//X/+v/h1z9s/78+G6b/Pzv0//Pp/xfQ/+v/9f/6f5ZqbP1/7v7r45ZO9j8AAAD0IHf/2+MW+x8AAACakbv/HXGL/Q8AAABTkunYoNz974xbOtn/+n/9v/5f/6//H359z/+fpon2//WPwan2/+dOqf+/Yc4bGOr/Tx3X/+v/9f/6fw5pbP1/7v53xS2d7H8AAADoQe7+G+IW+x8AAACakbv/xrjF/gcAAIBm5O5/d9zSyf7X/+v/9f/6f/3/8Ovr/6dpov1/mWr/7/n/+v+Z/l//r/9nwNj6/9z9N8Utnex/AAAA6EHu/pvjFvsfAAAAmpG7/z1xi/0PAAAAzcjdf0vc0sn+1//r//X/+n/9//Dr6/+n6ej6/9nq+v/7zjnod7Mn/f8C+n/9v/5f/89Sja3/z93/3rilk/0PAAAAPcjdf2vcYv8DAABAM3L3vy9usf8BAACgGbn73x+3dLL/9f/6/2n2/1etD71//b/+f6b/757n/8+n/19A/6//1//r/1mqsfX/ufs/ELd0sv8BAACgB7n7b4tb7H8AAABoRu7+D8Yt9j8AAAA0I3f/h+KWTva//l//v73/n82m0f97/v9M/99C/78+0/8vnf5/vv31/xfp//X/bfX/58wa6v9P7Pn5+n/GaGz9f+7+D8ctnex/AAAA6EHu/o/ELfY/AAAANGDzz87k7v9o3GL/AwAAwJgdO8jfnLv/Y3FLJ/t/+v3/8R2fqP+fzWZ3X9b88//1/zP9fwv9f/2o6v+XR/8/n+f/L6D/b7P/9/x//T8rM7b+P3f/x+OWTvY/AAAA9CB3/yfiFvsfAAAAmpG7/5Nxi/0PAAAAzcjd/6m4pZP9P/3+f+cn6v9nZ/T8f/3/xgf0//p//f9k6f/n0/8voP9f2M+v7fHrnpn+X/+v/2fA2Pr/3P2fjls62f8AAADQg9z9t8ct9j8AAAA0I3f/HXGL/Q8AAADNyN3/mbilk/2v/9f/6/+n2f+v6//1//r/QWPp/y+88F/u1P/r/1vs/+fR/+v/9f/sNLb+P3f/Z+OWTvY/AAAA9CB3/+fiFvsfAAAAmpG7//Nxi/0PAAAAzcjd/4W4pZP9v7v/P2+2WahuGur/o1HT/2+h/9/+/vX/wz8/PP9f/6//P3pj6f89//9w71//r/+f8vs/UP//D7s/X/9Pi8bW/+fuvzNu6WT/AwAAQA9y938xbrH/AQAAoBm5+78Ut9j/AAAA0Izc/XfFLZ3sf8//1//r//X/+v/h19f/T5P+fz79/wL6f/2/5/9f8l/n6v9ZnrH1/7n7vxy3bAy/f/ybQ/7HBAAAAEYkd/9X4pZOvv4PAAAAPcjd/9W4xf4HAACAZuTu/1rc0sn+1//r//X/+n/9//Dr6/+nSf8/n/5/gX76//WhD666nz9Tq37/zfT/nv/PEo2t/8/d//W4pZP9DwAAAD3I3f+NuMX+BwAAgGbk7v9m3GL/AwAAQDNy998dt3Sy//X/+v/2+///1P/veH39v/6/Zfr//Df6MP3/Av30/4NW3c9P/f3r//X/7Da2/j93/z1xSyf7HwAAAHqQu/9bcYv9DwAAAM3I3f/tuMX+BwAAgGbk7v9O3NLJ/tf/99X/r8167P89/1//r//vyXT6/2uPDX3U8//1//r/6b5//b/+n93G1v/n7r937ViX+x8AAACm6t//6X/v2e/fe+/GX9dn341b7H8AAABoRu7+78Ut9j8AAAA0I3f/9+OWTva//r+v/r/P5//r//X/+v+eTKf/H6b/1//r/6f7/vX/+n92G1v/n7v/vrhly/Ab/B/oAQAAACYjd/8P4pZOvv4PAAAAPcjd/8O4Zdf+P7XPP9UOAAAAjE3u/h/FLZ18/V//P/L+f3ZE/X/8ffr/Tfp//f/Q6+v/p6m1/v/4bFT9/6k1/b/+fw79v/5f/89OY+v/c/ffetOsy/0PAAAAjdr2Owo/3vjr+uwncYv9DwAAAM3I3f/TuMX+BwAAgGbk7v9Z3NLJ/tf/j7z/P9Tz/0/U/+X5/533/1euD76+/l//37LW+n/P/9/8uP5/k/5/3O9f/6//Z7cD9P8bg/So+//c/T+PWzrZ/wAAANCD3P2/iFvsfwAAAGhG7v5fxi32PwAAADQjd/+v4pZO9r/+fwX9/1XHZ7Mj7f/38fx//X8f/f8er99O//93F5y8/T/++8br9f+cdjb7//y5oP/X/6+g/78ufv7p/0f0/vX/+n92G9vz/3P3/zpu6WT/AwAAQA9y998ft9j/AAAA0Izc/b+JW+x/AAAAaEbu/t/GLZ3sf/1/i8//n2b/nz/WK+j/T06v/8+muPf+3/P/9f+7ef7/fPr/BabT/2982/P/x/X+9f/6f3YbW/+fu/93cUsn+x8AAAB6kLv/93FL7v+1A//WPQAAADAyufv/ELf4+j8AAAA0I3f/A3FLJ/tf/6//H0v/nzz///Tnef7/Jv2//v8g9P/z6f8X0P/r//X/+n+Wamz9f+7+P8Ytnex/AAAA6EHu/gfjFvsfAAAAmpG7/09xi/0PAAAAzcjd/+e4pZP9r//X/+v/9f/6/+HX1/9Pk/5/Pv3/Q87f+w3o//X/+n/9P0s1tv4/d/9fAwAA//+9M2Fu")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000200)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
open$dir(&(0x7f0000000040)='./file0\x00', 0x800, 0xc8)

2m10.531183319s ago: executing program 0 (id=700):
r0 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r0, &(0x7f0000000440)=[{{&(0x7f00000003c0)={0x2, 0x1, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000200)="a9050000000074640000000000003552bde5c064", 0x14}, {&(0x7f0000000100)="174640b6d80fb2eedc81ba60ccbb9df1", 0x10}], 0x2}}, {{&(0x7f00000004c0)={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000340)="5825be57aff9352b356be67ca2746357d1787935589db15a23319e3f64fdf5f8", 0x20}], 0x1}}], 0x2, 0x840)

2m10.108851776s ago: executing program 0 (id=703):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ADD(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)={0x14, r1, 0x4c1dad3e3d6a7499, 0x70bd2d, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4000080}, 0x2400c000)

2m9.82918853s ago: executing program 33 (id=703):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ADD(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)={0x14, r1, 0x4c1dad3e3d6a7499, 0x70bd2d, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4000080}, 0x2400c000)

1m42.111062207s ago: executing program 1 (id=973):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@func_proto={0x0, 0x0, 0x0, 0xd, 0x3}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @volatile={0x0, 0x0, 0x0, 0xb, 0x2}]}}, 0x0, 0x3e}, 0x28)

1m42.061652053s ago: executing program 1 (id=975):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r0, &(0x7f0000000040)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x1, @default}, 0x1c)

1m42.005453003s ago: executing program 1 (id=977):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000180)=0x9, 0x8, 0x0)
get_mempolicy(0x0, 0x0, 0x1ff, &(0x7f00001a6000/0x3000)=nil, 0x2)

1m41.692672046s ago: executing program 1 (id=982):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000002080)='./file0\x00', 0x0, &(0x7f00000020c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000280)='binfmt_misc\x00', 0x800, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/../file0\x00')

1m40.867513214s ago: executing program 1 (id=984):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000a, 0x4031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f00003b2000/0x1000)=nil, 0x1000, 0x0, 0x800, 0x8000)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x3, 0x20)

1m40.63663065s ago: executing program 1 (id=987):
r0 = socket(0x10, 0x80803, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x4001, 0x0, 0x80000001, 0xffffffff}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c0000005e00010200"/20, @ANYRES8=r0], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x20008040)

1m40.41581519s ago: executing program 34 (id=987):
r0 = socket(0x10, 0x80803, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x4001, 0x0, 0x80000001, 0xffffffff}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c0000005e00010200"/20, @ANYRES8=r0], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x20008040)

49.541008667s ago: executing program 4 (id=1427):
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000500)='./bus\x00', 0x18418, &(0x7f0000000040)=ANY=[@ANYRES8=0x0, @ANYRES32=0x0], 0xfe, 0x4b1, &(0x7f0000001d00)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
ftruncate(r0, 0x4)

49.438532739s ago: executing program 4 (id=1428):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000280)='./bus\x00', 0x41, &(0x7f0000000080)={[{@errors_remount}, {@noload}, {@nogrpid}, {@acl}, {@noblock_validity}, {}, {@mblk_io_submit}, {@acl}, {@jqfmt_vfsv0}], [], 0x3d}, 0x1, 0x51f, &(0x7f00000007c0)="$eJzs3UFsI1cZAOB/HDvd7KZNChygEqXQouwK1k4a2kY9lCIhOFUCyn0JiRNFceIodtpNVEFWHDgiIQRInMqFCxInTkioEheOCKkSnEGAQAi2cEACdirb4+xuMk6yG8fOJt8nTea955n3v+doxn7jp5kALqxnIuLViLiTpum1iJjIygvZErudpbXde7ffWmgtSaTp6/9IIsnKunWlbY/FlWy3SxHxlS9GfD05GLexvbM6X6tVN7N8pbm2UWls71xfWZtfri5X12dnZ16ce2nuhbnpvvRzPCJe+fxfvv+dn3zhlV9++s0/3vjb1W8kWXns68cDKh72YqfrpfZ7ce8Omw8Z7CwqtnuYGcvbYuRAya1TbhMAAL19ICI+ERHXYiJGDv86CwAAADyC0s+Ox/+S7m93B4z2KAcAAAAeIYX2HNikUM7m+45HoVAuR3sO74ficqFWbzQ/tVTfWl/szJWdjFJhaaVWnc7mCk9GKWnlZ9rpu/nn9+VnI+LJiPjexFg7X16o1xaHffEDAAAALogr+8b//57ojP8BAACAc2Zy2A0AAAAATp3xPwAAAJx/xv8AAABwrn3ptddaS9p9/vXiG9tbq/U3ri9WG6vlta2F8kJ9c6O8XK8vt+/Zt3ZUfbV6feMzsb51s9KsNpqVxvbOjbX61nrzxsp9j8AGAAAABujJj73z+yQidl8eay8to8fb9ZibAWdVcS+VZOucw/oPT3TWfx5Qo4CBGBl2A4ChKQ67AcDQlIbdAGDokiNe7zl55zfZ+uP9bQ8AANB/Ux/J//3/6OuCu4UBNA84RQ5iALh42t/zjzuT15cFOFdKZgDChXfi3/+PlKYP1CAAAKDvxttLUihnl/fGo1AolyMebz8WoJQsrdSq0xHxRET8bqL0WCs/094zOXLMAAAAAAAAAAAAAAAAAAAAAAAAAAB0pGkSKQAAAHCuRRT+mvyqcy//qYnnxvdfHxhN/jMR2SNC3/zR6z+4Od9sbs60yv+5V978YVb+/DCuYAAAAMCFUHyQjbvj9O44HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD66b3bby10l0HG/fvnImIyL34xLrXXl6IUEZf/lUTxnv2SiBjpQ/yx1p8P58VPWs3aC5kXf+ztk8ffvXVo/JjM3oW8+FdOHh4utHda559X846/QjzTXucff8WI+/IPq/f5L/bOfyM9jv/HjxnjqXd/VukZ/1bEU8X88083ftIj/rN5Ff782weKvvbVnZ1e8dO3I6ZyP3+S+2JVmmsblcb2zvWVtfnl6nJ1fXZ25sW5l+ZemJuuLK3Uqtnf3Bjf/egv7hzW/8s94k8e0f/ncuobzSn7/7s3b3+wkyzlxb/6bE78X/842+Jg/EL22ffJLN16faqb3u2k7/X0T3/79GH9X+zR/6P+/1d7VbrPtS9/60/H3BQAGIDG9s7qfK1W3TwbiZej7zW3RvhD79ejl/hveiaacbqJb/a1wjRN09YxdYJ6khjcm5Ac3tRhn5kAAIB+u/ulf9gtAQAAAAAAAAAAAAAAAAAAgItrEHca2x9zdy+V9OMW2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAffF+AAAA///0iOAC")

49.279111299s ago: executing program 4 (id=1429):
r0 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x749})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
madvise(&(0x7f0000c0c000/0x1000)=nil, 0x1000, 0x4)
readv(r0, &(0x7f0000000480)=[{0x0}, {&(0x7f0000000540)=""/123, 0x20}], 0x2)

49.14885286s ago: executing program 4 (id=1432):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(0x0, &(0x7f00000004c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)

49.090845915s ago: executing program 4 (id=1435):
mount$cgroup(0x0, &(0x7f0000000600)='.\x00', &(0x7f0000000640), 0x2208000, &(0x7f0000000100)={[{@name={'name', 0x3d, 'qt_,\xac\xa7@\xef\xac\r\xbd\xe6\xec\xa64\x10*o\xe4\xc2\xd2\xa3\x02h\xd3\xee\xbao\xfe\x17\xfc\x0f\xedU\x7f\xdc\x005\x1f\xaaAa\x19V\xc6Ks9\xe6\xa8\xbc\x97\xe6\x1d,\xc4\x16\x8b[h~\t\x04\xdb\xe8\x14\x81\xae\x04\x9fX\xf0`W\x01\xd8\xb4Q\xc9\x96R\xd0\xcf\x85\xcfX\x9d\xdd\x89>Y\x8a\x95\xd7\xde@0R[\xd5'}}]})

48.862030752s ago: executing program 4 (id=1440):
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f0000000580)='./file0\x00', 0x0, &(0x7f00000005c0), 0x1, 0x538, &(0x7f0000000600)="$eJzs3c1rHOUfAPDvzGZ//fVFU/EF9VTQUqV0kzYtkltz8FipBo8Sw2YaQibZkN3UJuTQgncFBUUR1JN3ryLiH+BZRP8BRWywtN4ik91NNW+utelq5vOB2X1elnyfJ5Pvwz7DDAmgtE4UL2nEUxFxOYkY/EPfQHQ6T7Q/d3tttX5nbbWexPr6+C9JJBFxa2213v180nk/GhHXI+LJiPi6GnE63R63ubwyO5nn2WKnPtSaWxhqLq+cmZmbnM6ms/mR0QujI6MvjJ4fuW9zHZ8Yffnkdy8lXyZjL9766LWbSVxsz3/LPO6n9u+kGhe3tJ/fj2B9lPR7ANyTSifPqxHxeAxGpZP1wMG3fihiHSipRP5DSXW/BxT73+7xIL9//DzW3oAUcW93jnbPQGdv/v+NvcmRX5M/7UyK/ebxBzlQDqTrNyJieGBg+99/snlt6F4N348Bsq++GmufqO3nP91cf2KH9edY99rpP9Rd/25vW//uxq/ssv5d7jHG/Og3T+wa/0bE0zvGTzbjJzvETyPi9R7jj3/+06e79a1/EnEqdo7flex9fXjoykyeDbdfd4zx1ivDn+01/yO7xL+4x/yLtoUe5x+vPvr99T3iP/fM3ud/p/iHI+LtHsP/8ME7b+7WV8Sf2mX+e8Uv2j7uMf7J578Y6/GjAAAAAAAAAADA35Bu3MuWpLXNcprWau1neB+LI2neaLZOX2kszU+173k7HtW0e6fVYLueFPWznftxu/VzW+ojEfFIRLxbObxRr9Ub+VS/Jw8AAAAAAAAAAAAAAAAAAAD/Eke3PP9/q9J+/h8oCf/yG8pL/kN5yX8oL/kP5SX/obzkP5SX/Ifykv9QXvIfykv+Q3nJfwAAAAAAAAAAAAAAAAAAAAAAAAAA2BeXL10qjvU7a6v1oj51dXlptnH1zFTWnK3NLdVr9cbiQm260ZjOs1q9MfdXPy9vNBYuxPzStaFW1mwNNZdXJuYaS/OtiZm5yelsIqs+kFkBAAAAAAAAAAAAAAAAAADAf8uxjSNJaxGRbpTTtFaLeCgijkc1uTKTZ8MR8XBEfFupHirqZ/s9aAAAAAAAAAAAAAAAAAAAADhgmssrs5N5ni0qKCgobBb6vTIBAAAAAAAAAAAAAAAAAED53H3ot98jAQAAAAAAAAAAAAAAAAAAgDJLf0wiojhODT57bGvv/5LfKhvvEfHGh+PvXZtstRbPFu03N9tb73faz/Vj/ECvunnazWMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgrubyyuxknmeL+1jo9xwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7sXvAQAA//8GudfN")
r0 = open(&(0x7f0000000040)='./file1\x00', 0x14787e, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000100)={0x8, 0xb, 0x0, 0x0, 0x24ca})
writev(r0, &(0x7f0000000340)=[{&(0x7f00000001c0)="90", 0x1}], 0x1)

48.634286139s ago: executing program 35 (id=1440):
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f0000000580)='./file0\x00', 0x0, &(0x7f00000005c0), 0x1, 0x538, &(0x7f0000000600)="$eJzs3c1rHOUfAPDvzGZ//fVFU/EF9VTQUqV0kzYtkltz8FipBo8Sw2YaQibZkN3UJuTQgncFBUUR1JN3ryLiH+BZRP8BRWywtN4ik91NNW+utelq5vOB2X1elnyfJ5Pvwz7DDAmgtE4UL2nEUxFxOYkY/EPfQHQ6T7Q/d3tttX5nbbWexPr6+C9JJBFxa2213v180nk/GhHXI+LJiPi6GnE63R63ubwyO5nn2WKnPtSaWxhqLq+cmZmbnM6ms/mR0QujI6MvjJ4fuW9zHZ8Yffnkdy8lXyZjL9766LWbSVxsz3/LPO6n9u+kGhe3tJ/fj2B9lPR7ANyTSifPqxHxeAxGpZP1wMG3fihiHSipRP5DSXW/BxT73+7xIL9//DzW3oAUcW93jnbPQGdv/v+NvcmRX5M/7UyK/ebxBzlQDqTrNyJieGBg+99/snlt6F4N348Bsq++GmufqO3nP91cf2KH9edY99rpP9Rd/25vW//uxq/ssv5d7jHG/Og3T+wa/0bE0zvGTzbjJzvETyPi9R7jj3/+06e79a1/EnEqdo7flex9fXjoykyeDbdfd4zx1ivDn+01/yO7xL+4x/yLtoUe5x+vPvr99T3iP/fM3ud/p/iHI+LtHsP/8ME7b+7WV8Sf2mX+e8Uv2j7uMf7J578Y6/GjAAAAAAAAAADA35Bu3MuWpLXNcprWau1neB+LI2neaLZOX2kszU+173k7HtW0e6fVYLueFPWznftxu/VzW+ojEfFIRLxbObxRr9Ub+VS/Jw8AAAAAAAAAAAAAAAAAAAD/Eke3PP9/q9J+/h8oCf/yG8pL/kN5yX8oL/kP5SX/obzkP5SX/Ifykv9QXvIfykv+Q3nJfwAAAAAAAAAAAAAAAAAAAAAAAAAA2BeXL10qjvU7a6v1oj51dXlptnH1zFTWnK3NLdVr9cbiQm260ZjOs1q9MfdXPy9vNBYuxPzStaFW1mwNNZdXJuYaS/OtiZm5yelsIqs+kFkBAAAAAAAAAAAAAAAAAADAf8uxjSNJaxGRbpTTtFaLeCgijkc1uTKTZ8MR8XBEfFupHirqZ/s9aAAAAAAAAAAAAAAAAAAAADhgmssrs5N5ni0qKCgobBb6vTIBAAAAAAAAAAAAAAAAAED53H3ot98jAQAAAAAAAAAAAAAAAAAAgDJLf0wiojhODT57bGvv/5LfKhvvEfHGh+PvXZtstRbPFu03N9tb73faz/Vj/ECvunnazWMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgrubyyuxknmeL+1jo9xwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7sXvAQAA//8GudfN")
r0 = open(&(0x7f0000000040)='./file1\x00', 0x14787e, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000100)={0x8, 0xb, 0x0, 0x0, 0x24ca})
writev(r0, &(0x7f0000000340)=[{&(0x7f00000001c0)="90", 0x1}], 0x1)

3.37026869s ago: executing program 3 (id=1875):
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4)
sendmsg$netlink(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000001200)=ANY=[@ANYBLOB="1c000000220001062abd700000040000050000f8"], 0x1c}], 0x1}, 0x0)

3.275697503s ago: executing program 3 (id=1876):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000180)={'sit0\x00', &(0x7f0000000240)={'sit0\x00', 0x0, 0x7, 0x1, 0x0, 0x7, {{0x5, 0x4, 0x2, 0x2a, 0x14, 0x68, 0x0, 0x19, 0x4, 0x0, @private=0xa010101, @remote}}}})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb010018000000000000001400000014000000090000000100000001000006040000000600dfff00000000002e"], 0x0, 0x35, 0x0, 0x1}, 0x28)

3.173534223s ago: executing program 3 (id=1880):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newsa={0x150, 0x10, 0x413, 0x70bd28, 0x0, {{@in=@multicast1, @in=@multicast1, 0x0, 0x0, 0x4e24, 0x0, 0x2, 0x20, 0x20}, {@in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x32}, @in=@private=0xa010100, {0x4, 0x7, 0x0, 0x40000000000004, 0xffffffffffffffff, 0x0, 0x7f}, {0x0, 0x2, 0xcc}, {0xf6}, 0x0, 0x0, 0x2, 0x1, 0x9}, [@algo_aead={0x60, 0x12, {{'rfc4309(ccm(aes))\x00'}, 0xa0, 0x40, "c62605ab15d56e02c1b4aa3a2deb607fd360b64a"}}]}, 0x150}}, 0x804)

2.569632323s ago: executing program 3 (id=1887):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000100001027bf00000005"], 0x50)
r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000280), 0x141641, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x410})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000380)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
r7 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_SET_FORCE_PACK_ID(r7, 0x227b, 0x0)
ioctl$TUNSETGROUP(r4, 0x400454ce, 0x0)
r8 = fcntl$dupfd(r7, 0x0, r7)
mbind(&(0x7f000075c000/0x4000)=nil, 0x4000, 0x2, 0x0, 0x9, 0x2)
read$FUSE(r8, 0x0, 0x0)
ioctl$sock_qrtr_TIOCOUTQ(r0, 0x5411, &(0x7f0000000340))
write$sndseq(r8, &(0x7f0000000180)=[{0xff, 0x0, 0x0, 0x0, @tick=0x4, {}, {}, @result={0x1, 0x2}}, {0x0, 0x0, 0xff, 0x3, @tick=0xf27, {0x1}, {}, @addr={0x2a, 0x5}}], 0x38)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0xd, 0x0, &(0x7f0000000000))
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000300), 0x404, &(0x7f0000000bc0)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@version_u}, {@privport}, {@access_client}]}})

1.611176724s ago: executing program 3 (id=1891):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000008c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000000)={0x38, r1, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'nicvf0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xa}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x240048d0)

1.507072441s ago: executing program 3 (id=1893):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xe4, 0xc5, 0xad, 0x10, 0x61d, 0xc020, 0x9c15, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x10, 0x2d, 0xb0}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000040)={0x44, &(0x7f00000000c0)=ANY=[@ANYRES16=r0, @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000840)={0x84, &(0x7f0000000380)={0x60, 0xf, 0x3, "ecc1a4"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)

1.247094088s ago: executing program 5 (id=1898):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0xb0, 0x44, 0x107, 0xfffffffc, 0x25dfdbfd, {0x1, 0x7c}, [@nested={0x99, 0x3, 0x0, 0x1, [@generic="9e717292e16cd97adf13c84ccd87bd8acaff4e9154eb3eb705e84fab9df085e514ac9e7f8481d64221acdb5b1a2f4c6e3e75460bf69334d78b6288859803765a962e9538fffb75cc927394033dedf075cc6d6d196ffef0d8906e89d6159ca29a8115a6f78032149beca2e7981747f0f6b24e890136d9c798e70376e46ae7054b86403818053e10634ef0fe7670beb8b305f96c759b"]}]}, 0xb0}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)

1.135864014s ago: executing program 5 (id=1899):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_udp_int(r0, 0x11, 0xa, &(0x7f00000000c0)=0x2, 0x4)
sendmmsg$inet6(r0, &(0x7f00000019c0)=[{{&(0x7f0000000100)={0xa, 0x4e23, 0x2, @mcast2, 0x4}, 0x1c, 0x0}}], 0x1, 0x2604002c)

1.135424664s ago: executing program 6 (id=1900):
r0 = socket$kcm(0x2, 0xa, 0x2)
capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000540)={0x2, 0x3, 0x516e, 0x4, 0xffff, 0xfff})
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})

1.088317651s ago: executing program 5 (id=1901):
r0 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000380)={0x1, @pix_mp={0x8000000, 0x500, 0x32525942, 0x9, 0x0, [{}, {0x0, 0xffffffff}, {}, {}, {}, {0x0, 0x6}, {0x6}], 0x0, 0x8, 0x16, 0x1, 0x7}})

1.028690635s ago: executing program 5 (id=1902):
r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_SETCONFIGURATION(r0, 0x80045505, 0x0)

1.028527468s ago: executing program 6 (id=1903):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_JOIN_FILTERS(r0, 0x65, 0x2, 0x0, &(0x7f0000000040))

1.027959692s ago: executing program 5 (id=1904):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
mount$afs(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000200), 0x4080, &(0x7f00000001c0)={[{@dyn}, {@flock_write}]})
read$FUSE(r0, &(0x7f0000002380)={0x2020}, 0x2020)

944.811766ms ago: executing program 6 (id=1905):
r0 = syz_io_uring_setup(0x37, &(0x7f0000000080)={0x0, 0x36c4, 0x10100}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000140)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
syz_io_uring_submit(r1, r2, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f0000000280)=""/204, 0xcc}], 0x1}, 0x0, 0x80002101})
io_uring_enter(r0, 0xd81, 0x0, 0x0, 0x0, 0x0)
write(r3, &(0x7f0000000780)="3564815c93f3e765891de4c26b2b9b00718f4467ab5ae61d5d4a5757518ddeeedecdabed1d6c38155e0e83a27695691d7d90d020f0f9c9d48de5968ac3bad7090fde4bcc04dcec5505dfe07a6482215a149091e4dc7acfed43bb3869b38d3d1e33384825be76bbcfbacf53d3b1e1168bd618bc1b644f2096e0298b9819180a5f70c7df7fc1a270bc86ccc00a0ff9f573ed6ec088173e5231ed9f2f7da5cad766ad08bf2bef0b93f650e56e03297581ec74a08bf685b0f883f0acf5c6023c63f82c6a2dbc4f5dc2a8032f5257f9", 0xcd)

944.446165ms ago: executing program 6 (id=1906):
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4)
setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f00000003c0)=0x6, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000100)=[@in6={0xa, 0x0, 0x0, @loopback}, @in6={0xa, 0x0, 0xffffffff, @private0}], 0x38)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f0000000380)=[@in={0x2, 0x4e21, @broadcast}], 0x10)

859.485704ms ago: executing program 5 (id=1907):
timer_create(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x1061, 0x80, 0x4, 0x1ab}, &(0x7f0000000040)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000300)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x2, 0xa3d8, &(0x7f00000005c0)=[{&(0x7f0000001500)="6c12a93ad50663a686493277e963eec81b456049bc2a6746304fe386732b539a0320ac7c3477a4153c15d357c026b603bac7164d00aefabf3908b6f722", 0x3d}], 0x1, 0x8, 0x1, {0x2}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r2, 0x47f8, 0x0, 0x0, 0x0, 0x0)

859.055316ms ago: executing program 6 (id=1908):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x4000, &(0x7f0000000040)=ANY=[], 0xff, 0x60c0, &(0x7f000000d800)="$eJzs3U1vHVf9B/DfffC147RpVP1V5R+xcFMeWkrznEB5asqCBSxAQl2TyHWrlBRQEhCtIuLKC8QGeAmw6YZFJV4BL6CvASGxJVLSVReUQWOf44xvrn3tJp659vl8pJuZ35w7vmfyveOZ65m5EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/OD7PznXi4irv04Tjkc8FYOIfsSRul6KeuRKfv4wIk7EenM8FxGD+Yh6/vV/nom4GBEfH4u4/+DOcj35/C77cens7Zuf/fB7//jdH9dOvPPmTz8cb//x/1346Pd3I47/6NWPPrv7ZJYdAAAASlFVVdVLH/NPps/3/a47BQC0Im//qyRPV6vVavUTrf/Q38vznzradX/Vh7Ruqia72ywiYrU5T73P4HA8ABwwq/Fp112gQ/Iv2jAijnbdCWCm9bruAPvi/oM7y72Ub6+5PVjaaM9/p9yS/2pv8/qO7YbTjJ9j0tb7ay0G8ew2/TnSUh9mSc6/P57/1Y32UXrefufflu3yH21c+lScnP9gPP8xW/L/U0Qc2Pz7E/MvVc5/uJf8VwcHeP2XPwAAAAAAh1/++//xjo//zj/+ouzKTsd/l1rqAwAAAAAAAAA8aY97/79N7v8HAAAAM6v+rF7787GH07b7LrZ6+hu9iKfHng8UZqnx5YAAAAAAAAAAAAAAQDuGEYvpvP65iHh6cbGqqvrRNF7v1ePOf9CVvvxQsq5/yQMAwIaPj41dy9+LWIiIN9J3/c0tLi5W1VxELFZH5vP+7Gh+oTrS+Fybh/W0+dEudoiHo6r+YQuN+ZqmfV6e1j7+8+rXGlWDXXSsHR0GDgARsbE1um+LdMhU1TPR9V4OB4P1//Cx/rMbXb9PAQAAgP1XVVXVS1/nfTId8+933SkAoBV5+z9+XECtVquLqT/ZmDgz/VGr97Fuqia72ywiYrU5T73P4Hb8AHDArManXXeBDsm/aMOIONF1J4CZ1uu6A+yL+w/uLPdSvr3m9mBpoz2fC7Il/9Xe+nx5/knDacbPMWnr/bUWg3h2m/4811IfZknOvz+e/9WN9nyL/818FvYn/7Zsl3+9nMc76E/Xcv6D8fzH7Pf635a16E/Mv1Q5/+Ge8h/IHwAAAAAAZlj++/9xx3/zIgMAAAAAAADAgXP/wZ3lfN1rPv7/hQnP6zXHXP95aOT8e7vO3/W/h0nOvz+e/9gJOYPG+L3XH+b/yYM7yx/e/vf/5+HM5z83GNWvPdfrD4bpnJ9q7q24HjdiJc4+8vzhlvZzj7TPbWk/P6X9wiPto7r9SG4/Hcvxi7gRb262z085MWphSns1pT3nP7D+FynnP2w86vwXU3tvbFi790H/kfW+OZz0Olf++p8vP7p2tWG4pVqLweayNRyr/znVWp8eWv8/OTqKX91auXn6N9du3755LtJgy9TzkQZPWM5/Lj1y/i++sNGef+8319d7H4z2nP+sWIvhpPzX398vNMbr5X2p5b51Iec/So+cf94CTV7/D3L+E9f/9eV7uYP+AAAAAAAAAAAAAAAAwE6qqlq/RPRKRFxO1/90dW0mANCuvP2vkjxdre6g/tffZqs/arVavbXuzVh/PkfdVE32WrOIiL8356n3GX476YcBALPsvxHxz647QWfkX7D8fX/18ItddwZo1a333v/ZtRs3Vm7e6ronAAAAAAAAAMDnle//udS4//P6eUBj943ecv/X12PpwN7/sz8arN/rPC3Q87Hz/b9Pxc73/x5Oeb25Ke2jKe3zU9oXprRPvNCjIef/fMo4538yLVhJ9399sYP+dC3nfyrd6znn/5Wx5zXzr/5ykPPvb8n/zO13f3nm1nvvv3L93Wtvr7y98vNzZy9fvHDp4oVLl868df3GytmNfzvs8f7K+ed7XzsPtCw5/5y5/MuS8/9SquVflpT/5m6o/MuS1/+8vyf/suT882cf+Zcl5/9SquVflpz/V1Mt/7Lk/F9OtfzLkvP/WqrlX5ac/yupln9Zcv6nUy3/suT8z6Ra/mXJ+ecjXPIvS84/n9kg/7Lk/M+nWv5lyflfSLX8y5Lzv5hq+Zcl538p1fIvS87/cqrlX5ac/9dTLf+y5Py/kWr5lyXn/2qq5V+WnP83Uy3/suT8v5Vq+Zcl5//tVO+U/zst9ot25Py/k2rrf1ly/t9NtfzLkvN/LdXyL8vD7/83sueRxdnoRpsjVRUxA90wsu8jXf9mAgAAAAAAAAAAAADGtXE6cdfLCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRX27jVGrrO+H/izV6+TQPwnIYQQiO1cMGST3fUtMcFgrv809JIGQksLdYy9dgy+1buGBKFmaWgLAqmR2hf0RSkgQEhtlahCKpUoilSk9k1VXhVFlVArIdWVoDIRVKICtjpznufZmdnZmV3vrj1zzueD4p+9M2fmmTNnZve76DsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABotuNts380FEIo/mv8sS2E64q/bw2Hin8u7L/aKwQAAADW6+eNP//q+vyFQ6vYqOk6//iaf/n64uLiYvjgixd/8SeLi/mC7SGMbAmhcVnyTz/9yWLzdaKnw8TQcNO/h3vc/UiPy0d7XD7W4/LxHpdv6XH5RI/Ll+2AZbaWv49p3Ngdjb9uK3dpuDGMNS67o8NWTw9tGR5Ov8tpGGpsszh2PJwMp8JsmF62zVDjfyF8c0dxXw+GdF/DTfd1awjh0o8+fjStYSju4ztCy501ND93P3xL2P7ijz5+9KvzP3hlp9lzNyxbaQi7dhbr/GQIS7+uCkNhS94naZ3DTeu8tcM6R1rWOdTYrvh7+zovrXKd6XFPxHV+p8s6b41fe+L2EMJCWPE67Z4Ow+GatnvN+3uiPCKK2yieypeF0TUdJztWcZwU23z/9tbjpP2YTPt/R9wnoyusofnp+OEnxpft98s9TopH3Q/HanHbDxd3OjHR/KvVlmO1uM7H71z5GOj43HU4BvKx3HQM7Ox1DAyPjzSOgeGlNe9sOQZmlm0zHIYa93Xxzu7HwNT86XNTc09+7J6Tp4+cmD0xe2Zmev/ePfv27tm3b+r4yVOz0+Wfa9ulA+SaMJyPwZ3xvSYdg69tu27zIbn4xY17HUz0yeugeOzvuatY0HXDYYVjvLjOJ3et/3WQv+83vQ5Gm14HHd9TO7wORlfxOiiuc2nX6r5njjb912kNm/VeuK3pGLia3w+L+3z/61Z+L7w1rutTr1/r98ORZcdAelhD8bVXfCX/vDdxf9wvy4+LW4oLrh0PF+Zmz9/7xJH5+fMzIY4r4oam56r9eLmm6TGFZcfL8JqPl0N/+bO7bunw9W1xX03cvfRcjXd4Horr7J3s/lw13t0778+Wr+4OcWywK70/O303K/ZnzhJdjv3iOp+8Z/0/C+Zc0vT+N9br/W9kbLR8/xvJe2Os5f1v+VMz0lhZCJfuWd3731j870q//93YJ+9/xb56/73dj4HiOp+aWusxMNr1/e/2OIfiel4XE8NEU+7/RePyhfIwbXouex43o6Nj8bgZTffYetzsWbZNcWvFfe+avrzjZtftrc9Vy88tFTxuin31p9Pdj5viOs/PrP+9Y2v6a9N7x3ivY2BsZLxY71g+CMr3u8Wt6Ri4NxwNZ8OpcCxvUzzLxX1N7l7dMTAe/7vS7x0398kxUOyrz+3ufgwU1/n2no392WlX/Eq+TtPPTu2/X1gp898yunR77bttozN/sc637+3+u6HiOj/Yu9ac0X0/3R2/cm2H/dT++lnpmD4Wrsx+ujmu89S+7r+bKq5z4/5VHk+HQggvzLzQ+H1X/P3u31z416+3/N630++UX5h54aGpR767lvUDAHD5ftH4c2G8/Fmz6f+xXs3//w8AAAAMhJT7h+PM5H8AAACojJT7R+LM5H8AAACojJT7R+PMapL/H7//wLM/fyrkTwNcjNLlaTc8/KbyeqnjvRD/vX1xSfH1t3557NlPP7W6+x4OIfzsoVd1vP7jb0rrKp1L63xD69eXufm2Vd3/Y48uXa/58xMuHShvPz2e1R4Gqav8zandjdvd/uRMYz7/UGjMRxY+9XR5++W/0/Uv7imv/+fxQ0sOHR9q2X5XXM8dcW6Pnynz8KGl/VDMtN2zt77mH25479L9pe2Gdr608TA/93vl7abPiHrmhvL66XGvtP6//8zXni2u/8Sdndf/1HDn9V+Mt/v9OH96sLx+8z7/dNP6/yCuP91f2u7eL32r4/qfe0V5/eficfGFONvX/5Y/fvXPOz1f6X4OPVBul+5/+n/2NrZLt5duv339E0/NtOyP9tt//sXydg5+5McjzddPX0/3kzz2QOvxPRSf35YeeQjha38YWvZzeGO53d+1rT/d3rkHOq//7rZ1nhu6rbH90uPZ1vK4Pv+V3R0fb1rPob/e1vJ4nnlH3H8vTn27uN2Lj8TjMV7+v98pb6/9s0yfe0fr+026/he2la/bdHtTbet/pm39C7cV+673+h98sVz/c2/e0rL+Q++Mx9OD5ey1/hN/cX3L9l/8avl8nP/o5JmzcxdOHosPZlvb63jLxNZrrr3uJS+9Pr6Xtv/78Nn5x2fPb5/ePh3C9gH8yMDNXv+X4vzvcixs/D2Uvvvj8rj77LvK71uv/Un572fi1x+Lz2f6/vj5PxtrOV7bn/eFN5dzvet/fVzHar3iM/9xW4cv/+eyz/y9+IFvXvjb3/9B+88F6fGce/lE4/F9bsdNjcuGni8vb3+/6uXfX976uv7e6HRjfiPu18X4ycw7byrvr/3202eTfPbd5es3/SSXtg9tnyeybaT1cax3/d+LP8d86+bW9790fHzjqbZPc94WhoolLMT3h7BQXp6ulfb3Zy/d1PH+0ufwhIVXrmWZK5p7cm7q1MkzF56Ymp+dm5+ae/Jjh0+fvXBm/nDjs0sPf6jX9kuv72sar+9js/v3hsar/Ww5NtnVXv+5R48eu2/6rmOzx49cOD7/6LnZ8yeOzs0dnT02d9eR48dnP9pr+5PHDs7sPrDnvt2TJ04eO3j/gQN7DkyePHO2WEa5qB72T3948sz5w41N5g7uPTCzb9/e6cnTZ4/NHrxvenryQq/tG9+bJoutPzJ5fvbUkfmTp2cn505+bPbgzIH9+3f3/PTH0+eOz22fOn/hzNSFudnzU+Vj2T7f+HLxva/X9tTD3Nn4ftdmKP50/r679+fPxy18+RMr3lR5ldYfT8MP42dBpe9vvf6dcv9YnFlN8j8AAADUQcr98YP/ly6Q/wEAAKAyUu7fEmcm/wMAAEBlpNw/EWdWk/yv/6//r/+v/6//fwX7/0H/f6Pp/29I/385/f9V0f/X/9f/1/+nu37r/6fcvzWEWuZ/AAAAqIOU+6+JM5P/AQAAoDJS7r82zkz+BwAAgMpIuf+6OLN65P+x9r/q/+v/6/839//TdfX/g/6//v9l0v/X/+9G/1//f5DX34f9/636//Sbfuv/p9z/kjizeuR/AAAAqIWU+18aZyb/AwAAQGWk3H99nJn8DwAAAJWRcv+2OLOa5P8NPP//Z+JF+v/6/4Pe/z+djmPn/9f/1/9fP/1//f9u9P/1/wd5/X3Y/3f+f/pOv/X/U+7/f3FmNcn/AAAAUAcp978szkz+BwAAgMpIuf+GODP5HwAAACoj5f4b48xqkv83sP/v/P/6/1Xp/zed/1//v5n+v/7/5dD/1//vRv9f/3/j1z8Uf0zQ/++1vf4/V0K/9f9T7n95nFlN8j8AAADUQcr9N8WZyf8AAABQGSn3vyLOTP4HAACAyki5/+Y4s5rkf/1//X/9f/1//X/9/82k/6//343+v/7/IK9f/1//n976rf+fcv8r48xqkv8BAACgDlLuvyXOTP4HAACAyki5/1VxZvI/AAAAVEbK/bfGmdUk/+v/91X//8mg/7+8/z+s/6//X1pr/79hoff69f8312D1/4dXvET/v6T/30r/X/9f/1//n+76rf+fcv+r48xqkv8BAACgDlLuf02cmfwPAAAAlZFy/21xZvI/AAAAVEbK/dvjzGqS//X/+6r/7/z/zv+v/+/8/0v9//kh/f9VcP5//f+g/3/ZrnZ/ftDXr/+v/09v/db/T7l/R5xZTfI/AAAA1EHK/TvjzOR/AAAAqIyU+2+PM5P/AQAAoDJS7r8jzqwm+V///zL7/1tb/6n/33n9+v/6//r/zv+v/6//343+v/7/IK9f/391/f/xXjdEpfVb/z/l/jvjzGqS/wEAAKAOUu6/K85M/gcAAIDKSLn/tXFm8j8AAABURsr9u+LMapL/9f+d/1//X/9f/1//fzPp/6+6/7/1cta1Kf3/9Car/9+T/r/+/6D0/yc6bO/8/1wJ/db/T7n/dXFmNcn/AAAAUAcp978+zkz+BwAAgMpIuf/uODP5HwAAACoj5f7JOLOa5H/9f/1//X/9f/1//f/NVNX+f34fdf5//X/9f/3/Te7/f2WF7Qfl/P/UW7/1/1PuvyfOrCb5HwAAAOog5f5748zkfwAAAKiMlPun4szkfwAAAKiMlPun48xqkv+r3/9vbxaX9P9L+v/6/0H/X/9/k1W1/99+/v8Qgv6//n+m/6//32/n/+9E/58rYf39//G8SePPdfb/U+6fiTOrSf4HAACAOki5f3ecmfwPAAAAlZFy/544M/kfAAAAKiPl/r1xZjXJ/9Xv/3em/1/S/9f/D/r/+v+brC79f+f/Ly/X/y/p/+v/6//r/9fRcIevrb//v7RJ48919v9T7t8XZ1aT/A8AAAB1kHL//jgz+R8AAAAqI+X+++LM5H8AAACojJT7748zq0n+1//X/9f/1//v3/5/6/1vXv//v/T/N5H+v/5/N/r/+v+DvH79f/1/etvY/v/16+7/p9x/IM6sJvkfAAAA6iDl/jfEmcn/AAAAUBkp9z8QZyb/AwAAwEDpdB7CJOX+N8aZ1ST/6/9Xvf+/uEX/X/9/cPv/rfvT+f/1/zuJb5/6/6tUr/7/1mX3p//f6mr35wd9/fr/+v/0trH9/2U/nq65/59y/8E4s5rkfwAAAKiDlPvfFGcm/wMAAEBlpNz/5jgz+R8AAAAqI+X+Q3FmNcn/+v9V7//33/n/h8Lg9v9H9f/1//X/18z5//X/u3H+/8Hs/6fP3dD/75/+f3EM6f/Tj/qt/59y/1vizGqS/wEAAKAOUu5/a5yZ/A8AAACVkXL/2+LM5H8AAACojJT73x5nVpP8r/+v/+/8/87/r/+v/7+Z9P/1/7vR/x/M/n+i/98//X/n/6df9Vv/P+X+d8SZ1ST/AwAAQB2k3P/OODP5HwAAACoj5f7/H2cm/wMAAEBlpNz/YJxZTfJ/hfr/Y3Hq/+v/6//r/zfo//cH/X/9/270//X/B3n9+v/6//TWb/3/lPt/Kc6sJvkfAAAA6iDl/ofizOR/AAAAqIyU+98VZyb/AwAAQGWk3P/LcWY1yf8V6v+X+vT8/8P59vX/9f/1//X/9f830oD2/yf0/0v6//r/g7x+/X/9f3rrt/5/yv2/EmdWk/wPAAAAdZBy/6/Gmcn/AAAAUBkp9/9anJn8DwAAAJWRcv/DcWY1yf/6/87/r/+v/9+3/f/R1v2p/6//38mA9v+d/z/S/9f/H+T16//r/9Nbv/X/U+7/9TizmuR/AAAAqIOU+x+JM5P/AQAAoDJS7n93nJn8DwAAAJWRcv974sxqkv/1//X/9f/1//u2/9+2P/X/+7X//29dL9X/1//vRv9f/3+Q16//r/9Pb/3W/0+5/9E4s5rkfwAAAKiDlPvfG2cm/wMAAEBlpNz/G3Fm8j8AAABURsr9vxlnNpj5f3itG+j/6//r/+v/r7r/vxBC0P/X/18j/f/l/f/iPexq9v/HV3NF/f9V0f/X/9f/1/+nu37r/6fc/744s8HM/wAAAEAHKff/VpyZ/A8AAACVkXL/b8eZyf8AAABQGSn3vz/OrCb5X/9f/1//X//f+f/1/zeT/n+9zv8/HvT/g/6//r/+v/4/Wb/1/1Pu/0CcWU3yPwAAANRByv2/E2cm/wMAAEBlpNx/OM5M/gcAAIDKSLn/sTizmuR//f+r1P/fWl5f/1//vzr9/0X9f/3/jvT/69X/d/7/kv6//r/+v/4/pX7r/6fcfyTOrCb5HwAAAOog5f4PxpnJ/wAAAFAZKfcfjTOT/wEAAKAyUu4/FmdWk/yv/+/8//r/+v/O/6//v5n0//X/u9H/1/8f5PXr/+v/01u/9f9T7p+NM6tJ/gcAAIA6SLn/eJyZ/A8AAACVkXL/iTgz+R8AAAAqI+X+x+PMapL/9f/1/1fV/x8L+v/6//r/+v+XRf9f/78b/X/9/0Fev/6//j+9bVz//583pP+fcv/JOLOa5H8AAACog5T7PxRnJv8DAABAZaTc/+E4M/kfAAAAKiPl/lNxZjXJ//r/+v/O/1/B/v+o/n/Q/+8b+v/6/93o/+v/D/L69f/1/+ltKGxU/z9sSP8/5f7TcWY1yf8AAABQByn3n4kzk/8BAACgMlLuPxtnJv8DAABAZaTcfy7OrCb5X/9f/1//v4L9f+f/b9D/7w/6//r/3ej/6/8P8vr1//X/6W3jzv+/Mf3/lPt/N86sJvkfAAAA6iDl/v9j7z6a5LyrPY63riWPVK5bd3X3vAV27OAd+DWwYUuRc44GTE4m55yTiSbnnIPJORlMBkOVKWvOOfZIPd2t0fT08/zP57PgMGaseayhxvUr1beee8ct9j8AAAAMI3f/feIW+x8AAACGkbv/vnFLk/2v/9f/6//1//p//f826f/1/6vo/+fT/59Z8vfr//X/+n/WmVr/n7v/fnFLk/0PAAAAHeTuv3/cYv8DAADAMHL3PyBusf8BAABgGLn7Hxi3NNn/+n/9v/5/Mv3/fuen/9f/6/8vif5f/7/Ydf9/Lj4YvP9fRv+v/9f/s87U+v/c/Q+KW5rsfwAAAOggd/+D4xb7HwAAAIaRu/8hcYv9DwAAAMPI3f/QuKXJ/tf/6//H7f/35tb/e/9/fl9H7P9P3f5l9f/HS/+v/1/suv9v8v7/ZfT/+n/9P+tMrf/P3f+wuKXJ/gcAAIAOcvc/PG6x/wEAAGAYufsfEbfY/wAAADCM3P2PjFua7H/9v/5/3P5/du//1//n93WI/v9c/Tre/6//1/8fTv+v/5/z8+v/9f+sN7X+P3f/o+KWJvsfAAAAOsjd/+i4xf4HAACAYeTuf0zcYv8DAADAMHL3PzZuabL/9f/6f/2//l//fwLv/9f/6//1/0vp//X/c35+/b/+n/Wm1v/n7n9c3NJk/wMAAEAHufsfH7fY/wAAADCM3P1PiFvsfwAAABhG7v4nxi1N9v+l9f+n9P+H0P8vf379v/5f/6//1//r/1fR/+v/5/z8+n/9P+ttvf+/+przd9P+P3f/NXFLk/0PAAAAHeTuf1LcYv8DAADAMHL3Pzlusf8BAABgGLn7nxK3NNn/S/r/KxYzfv//2c2+tP4/vv7B/v/WU/p//f80+/9b4qeM/l//f7F59/9n9f876//39P8r+/nNfif0//p//T/rbL3/X9P7X/hx7v5r45Ym+x8AAAA6yN3/1LjF/gcAAIBh5O5/Wtxi/wMAAMAwcvc/PW5psv8v7f3/0+//vf9/t+//z193C/3/mWXPr//v0v/v8/5//f8y8+7/vf9/i/3/PfI30/v/D7frfn7uz7+q/7/rBs+v/6eDqfX/ufufEbc02f8AAADQQe7+Z8Yt9j8AAAAMI3f/s+IW+x8AAACGkbv/2XFLg/1/Wv9fz5H0/97/v1H/f27/79f/H3we/b/+fxn9v/5/ld29/1//v5hAPz/35/f+//X9/1XrfhGGN7X+P3f/c+KWBvsfAAAAusjd/9y4xf4HAACAYeTuf17cYv8DAADAMHL3Pz9uabL/9f/6f/2/9/9fVv9/xTb6/9NLfz/1//r/ZfT/+v+F/v/Idt3Pz/359f/e/896U+v/c/dfF7fU8Dt9hH9KAAAAYEpy978gbmny5/8AAADQQe7+F8Yt9j8AAAAMI3f/i+KWJvtf/6//1//r/73/X/+/Tfr/4fr/U/r/2+n/9f/6f/0/q02t/8/d/+K4pcn+BwAAgA5y978kbrH/AQAAYBi5+18at9j/AAAAMIzc/S+LW5rsf/2//l//r//X/+v/t0n/P1z/7/3/d6D/1//r//X/rDa1/j93/8vjlib7HwAAADrI3f+KuMX+BwAAgGHk7n9l3GL/AwAAwDBy978qbpnd/r+woN2M/l//r//X/+v/9f/bNP3+/8xGn6X/36f/P2hb/f/ZQ76e/n9az388/X9+9/X/jGkC/f/d7vhx7v5Xxy2z2/8AAADAYXL3vyZusf8BAABgGLn7Xxu32P8AAAAwjNz9r4tbmuz/w/r/m6/a/9/X9P/5G6b/j6v/1/8v9P9F/6//X8yi/9+M/n+f/v8g7//X/3v/v/6f1SbQ/x/4OHf/6+OWJvsfAAAAOsjd/4a4xf4HAACAYeTuf2PcYv8DAADAMHL3vyluabL/vf9f/6//1//r//X/26T/1/+vMqP+f2/ZX9T/6//1//p/Vpta/5+7/81xS5P9DwAAAB3k7n9L3GL/AwAAwDBy9781brH/AQAAYBi5+98WtzTZ//p//f/O+///GbL/P/+I+n/9v/5f/6//X21G/f9S+n/9v/5f/89qU+v/c/e/PW5psv8BAACgg9z974hb7H8AAAAYRu7+d8Yt9j8AAAAMI3f/u+KWJvtf/6//33n/7/3/Rf8f31f9v/7/Euj/9f8L/f+R7bqfn/vz6//1/6w3tf4/d/+745Ym+x8AAAA6yN3/nrjF/gcAAIBh5O6/Pm6x/wEAAGAYufvfG7c02f/6f/2//l//r//X/2+T/l//v8rJ9v/X3qz/P2jX/fzcn1//r/9nvan1/7n73xe3NNn/AAAA0EHu/vfHLfY/AAAADCN3/wfiFvsfAAAAhpG7/4NxS5P9r/+fe/9/95viCabW/+en6P/1/yv7/73FxfT/+v9Lof/X/y+28v7/C39SLKf/1//r//X/rHZi/f89r77XXW77L2v6/9z9H4pbmux/AAAA6CB3/w1xi/0PAAAAw8jd/+G4xf4HAACAYeTu/0jc0mT/9+j/z1z0aeP0/97/r/+fdP+fP1S9/1//r//X/y813f5/M/p//b/+X//PalN7/3/u/o/GLU32PwAAAHSQu/9jcYv9DwAAAMPI3f/xuMX+BwAAgGHk7v9E3NJk//fo/y+m/9937P3/rf+n/9f/l03e/6//1/9fLv2//n+h/z+yXffzc3/+ofv/Uwv9P8diav1/7v5Pxi1N9j8AAAB0kLv/U3GL/Q8AAADDyN3/6bjF/gcAAIBh5O7/TNxw5//d3SOdKP2//t/7//X/+n/9/zbp/4/Q/586vfFz6f/36f+PZtf9/Nyff+j+3/v/OSZT6/9z9382bvHn/wAAADCM3P2fi1vsfwAAABhG7v7Pxy32PwAAAAxgv3fP3f+FuKXJ/l/T/+/l5x25/z93+NfW/+v/F/p//b/+X/9/mYbs/y+B/n+f/v9odt3Pz/35Z9f/X3/wQ/0/J2FJ/3/+J/Gu+v/c/V+MW5rsfwAAAOggd/+X4hb7HwAAAIaRu//LcYv9DwAAAMPI3f+VuKXJ/l/a/+95/7/+X/+v/1/o//X/x0L/r/9fRf+v/5/z88+u/7+A/p+TMLX3/+fu/2rc0mT/AwAAQAe5+78Wt9j/AAAAMIzc/V+PW+x/AAAAGEbu/m/ELU32/5r3/+v/N/tH0f/r/5f+/0H/r//fsP8/s9D/H5n+X/+/0P8f2a77+bk//+X0/+f0/zQxtf4/d/8345Ym+x8AAAA6yN3/rbjF/gcAAIBh5O7/dtxi/wMAAMAwcvd/J25psv9H7v9XfZr+f5/+X/+/0P9Pof/3/v/LoP/X/y/0/0e2635+7s/v/f/6f9abWv+fu/+7cUuT/Q8AAAAd5O7/Xtxi/wMAAMAwcvffuFjcYP8DAADAmG48/59nF9+PW5rs/5H7/1X0//v0//r/hf5f/79l+n/9/yr6f/3/nJ9f/6//Z72p9f+5+38QtzTZ/wAAANBB7v4fxi32PwAAAAwjd/+P4hb7HwAAAIaRu//HcUuT/a//1//r//X/+n/9/zbp//X/q+j/9f9zfn79v/6f9abW/+fu/0nc0mT/AwAAQAe5+38at9j/AAAAMIzc/T+LW+x/AAAAGEbu/p/HLU32v/5f/6//1//r//X/26T/1/+vov/X/8/5+fX/+n/Wm1r/n7v/F3FLk/0PAAAAHeTu/2XcYv8DAADAMHL3/ypusf8BAABgGLn7fx23NNn/+v/bnuNc/XX9v/5f/6//T/r/49G2/7/tX6v6/7X0//r/OT+//l//z3pT6/9z9/8mbmmy/wEAAKCD3P2/jVvsfwAAABhG7v7fxS32PwAAAAwjd//v45Ym+1//7/3/+n/9/zz6/yv1//r/pSbb/3v//0b0//r/OT+//l//z3pT6/9z998UtzTZ/wAAANBB7v4/xC32PwAAAAwjd/8f4xb7HwAAAIaRu//muKXJ/tf/6/+H7P/39P/j9f/e/z/L/v9O+n/9/2r6f/3/nJ9f/6//Z72p9f+5+/8UtzTZ/wAAANBB7v4/xy32PwAAAAwjd/9f4hb7HwAAAIaRu/+vcUuT/a//1/8P2f97/7/+X/8/Gfp//f8q+n/9/5yfX/+v/2e9qfX/ufv/Frc02f8AAADQQe7+v8ct9j8AAAAMI3f/P+IW+x8AAACGkbv/n3FLk/2v/9f/6//1//p//f826f/n2/9fuThC/3/dQv+v/9f/6//1/5Sp9f+5+/8VtzTZ/wAAANBB7v5b4pal+///T+ipAAAAgOOUu//fcYs//wcAAIBh5O7/T9zSZP/r//X/+n/9v/5f/79N+v/59v/e/7+e/l//r//X/7Pa1Pr/3P3/DQAA///E7/7M")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4242, 0x5c)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x2000, 0x0)
sendfile(r0, r1, 0x0, 0x20fffe82)
renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./bus\x00', 0x0)

0s ago: executing program 6 (id=1909):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x17c, 0x65, 0x8, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xe, 0x2}, {0x0, 0xe}, {0x6, 0xb}}, [@filter_kind_options=@f_flow={{0x9}, {0x144, 0x2, [@TCA_FLOW_ADDEND={0x8}, @TCA_FLOW_XOR={0x8, 0x7, 0x1ff}, @TCA_FLOW_XOR={0x8, 0x7, 0xfffffff9}, @TCA_FLOW_DIVISOR={0x8, 0x8, 0x7fff}, @TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_ACT={0x118, 0x9, 0x0, 0x1, [@m_ct={0x44, 0x1b, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_MARK={0x8, 0x5, 0x8}, @TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @rand_addr=0x64010101}, @TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @dev={0xac, 0x14, 0x14, 0x30}}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x3}}}}, @m_nat={0xa4, 0x2, 0x0, 0x0, {{0x8}, {0x7c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x80000001, 0x7, 0x6, 0x6, 0x4}, @multicast2, @broadcast, 0xffffff00, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x8, 0x6, 0x3, 0x5, 0xff}, @remote, @rand_addr=0x64010100, 0xff, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x4, 0x5, 0x3, 0x5, 0x5}, @rand_addr=0x64010102, @multicast1, 0xff000000}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x1}}}}, @m_ct={0x2c, 0xd, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x1}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0xff, 0x2}}]}, 0x17c}, 0x1, 0x0, 0x0, 0x80}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f, 0xa1}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

kernel console output (not intermixed with test programs):

[ T5907] usb 4-1: config 0 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  176.752149][ T5907] usb 4-1: config 0 interface 0 has no altsetting 0
[  176.757823][ T5907] usb 4-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[  176.760782][ T5907] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.766346][ T5907] usb 4-1: config 0 descriptor??
[  176.846424][T12248] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  176.865679][T12248] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  176.911316][T12638] loop4: detected capacity change from 0 to 4096
[  176.994435][T12248] team0: Port device team_slave_0 added
[  177.005947][T12248] team0: Port device team_slave_1 added
[  177.084271][T12248] batman_adv: batadv0: Adding interface: batadv_slave_0
[  177.086613][T12248] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  177.114706][T12248] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  177.122440][T12248] batman_adv: batadv0: Adding interface: batadv_slave_1
[  177.125169][T12248] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  177.136538][T12248] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  177.195618][ T5907] uclogic 0003:5543:0781.0006: ignoring exceeding usage max
[  177.198449][ T5907] uclogic 0003:5543:0781.0006: unbalanced collection at end of report description
[  177.206513][ T5907] uclogic 0003:5543:0781.0006: parse failed
[  177.208429][ T5907] uclogic 0003:5543:0781.0006: probe with driver uclogic failed with error -22
[  177.223289][T12248] hsr_slave_0: entered promiscuous mode
[  177.227093][T12248] hsr_slave_1: entered promiscuous mode
[  177.240197][T12248] debugfs: 'hsr0' already exists in 'hsr'
[  177.242373][T12248] Cannot create hsr debugfs directory
[  177.353455][ T5894] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  177.394121][ T5907] usb 4-1: USB disconnect, device number 22
[  177.497191][ T5894] usb 5-1: Using ep0 maxpacket: 32
[  177.501236][ T5894] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  177.511351][ T5894] usb 5-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[  177.514231][ T5894] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.518060][ T5894] usb 5-1: Product: syz
[  177.519433][ T5894] usb 5-1: Manufacturer: syz
[  177.520880][ T5894] usb 5-1: SerialNumber: syz
[  177.525331][ T5894] usb 5-1: config 0 descriptor??
[  177.535039][ T5894] usb 5-1: bad CDC descriptors
[  177.537594][ T5894] usb 5-1: unsupported MDLM descriptors
[  177.697947][T12248] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  177.702488][T12248] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  177.707792][T12248] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  177.712238][T12248] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  177.729396][   T24] usb 5-1: USB disconnect, device number 11
[  177.796865][T12248] 8021q: adding VLAN 0 to HW filter on device bond0
[  177.810709][T12248] 8021q: adding VLAN 0 to HW filter on device team0
[  177.816690][ T1091] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.818981][ T1091] bridge0: port 1(bridge_slave_0) entered forwarding state
[  177.831271][ T1091] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.833659][ T1091] bridge0: port 2(bridge_slave_1) entered forwarding state
[  177.967189][T12872] loop3: detected capacity change from 0 to 2048
[  178.004131][T12248] 8021q: adding VLAN 0 to HW filter on device batadv0
[  178.054438][T12872] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  178.058353][T12872] ext4 filesystem being mounted at /329/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  178.253747][T12248] veth0_vlan: entered promiscuous mode
[  178.260080][T12248] veth1_vlan: entered promiscuous mode
[  178.471993][   T33] audit: type=1800 audit(1755120742.308:4804): pid=12891 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1120" name="file0" dev="loop3" ino=13 res=0 errno=0
[  178.682856][ T5846] Bluetooth: hci1: command tx timeout
[  178.694719][T12248] veth0_macvtap: entered promiscuous mode
[  178.701300][T12248] veth1_macvtap: entered promiscuous mode
[  178.726352][T12248] batman_adv: batadv0: Interface activated: batadv_slave_0
[  178.775815][T12900] netlink: 'syz.4.1124': attribute type 21 has an invalid length.
[  178.844443][T12248] batman_adv: batadv0: Interface activated: batadv_slave_1
[  178.852716][ T9529] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  178.881394][ T6342] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.889551][ T9529] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  178.899949][ T9529] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  178.911274][ T9529] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  179.005641][ T1147] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  179.015521][ T1147] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  179.058563][ T1147] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  179.061771][ T1147] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  179.099613][T12902] loop4: detected capacity change from 0 to 32768
[  179.106426][T12902] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1125 (12902)
[  179.158204][T12902] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  179.162655][T12902] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  179.166300][T12902] BTRFS info (device loop4): using free-space-tree
[  179.263056][T12945] macsec0: entered promiscuous mode
[  179.265283][T12945] macsec0: entered allmulticast mode
[  179.267419][T12945] veth1_macvtap: entered allmulticast mode
[  179.279218][T12945] batman_adv: batadv0: Adding interface: macsec0
[  179.282986][T12945] batman_adv: batadv0: The MTU of interface macsec0 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  179.301523][T12945] batman_adv: batadv0: Interface activated: macsec0
[  179.305402][T12902] BTRFS info (device loop4): rebuilding free space tree
[  179.512283][   T33] audit: type=1800 audit(1755120743.508:4805): pid=12902 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1125" name="bus" dev="loop4" ino=263 res=0 errno=0
[  179.992108][T12965] loop5: detected capacity change from 0 to 1764
[  180.021599][ T9440] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  180.040418][T12965] loop5: detected capacity change from 0 to 128
[  180.057658][T12965] omfs: Bad value for 'dmask'
[  180.078998][T12965] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  180.104142][T12965] CIFS mount error: No usable UNC path provided in device string!
[  180.104142][T12965] 
[  180.115950][T12965] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  180.352667][T12984] loop3: detected capacity change from 0 to 8192
[  180.455920][T12981] loop5: detected capacity change from 0 to 40427
[  180.459136][T12981] F2FS-fs: heap/no_heap options were deprecated
[  180.468220][T12981] F2FS-fs (loop5): build fault injection rate: 19
[  180.470410][T12981] F2FS-fs (loop5): build fault injection type: 0x3bfe8c
[  180.490248][T12981] F2FS-fs (loop5): invalid crc value
[  180.523053][T12981] F2FS-fs (loop5): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[  180.536470][T12984]  loop3: AHDI p2 p3 p4
[  180.538439][T12984] loop3: p2 size 8426755 extends beyond EOD, truncated
[  180.545019][T12984] loop3: p4 size 100663296 extends beyond EOD, truncated
[  180.553724][T12981] F2FS-fs (loop5): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x20a/0x3f0
[  180.559601][T12981] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  180.563860][T12981] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  180.584840][ T5293]  loop3: AHDI p2 p3 p4
[  180.586833][ T5293] loop3: p2 size 8426755 extends beyond EOD, truncated
[  180.590746][ T5293] loop3: p4 size 100663296 extends beyond EOD, truncated
[  180.625060][T12981] F2FS-fs (loop5): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  180.632382][T12981] F2FS-fs (loop5): inject lock_op in f2fs_trylock_op of f2fs_write_single_data_page+0x9f1/0x16a0
[  180.636867][T12981] F2FS-fs (loop5): inject checkpoint error in f2fs_balance_fs of f2fs_write_single_data_page+0xfaf/0x16a0
[  180.640983][T12981] syz.5.1135: attempt to access beyond end of device
[  180.640983][T12981] loop5: rw=2049, sector=45096, nr_sectors = 48 limit=40427
[  180.648508][T12981] CPU: 0 UID: 0 PID: 12981 Comm: syz.5.1135 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  180.648526][T12981] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  180.648534][T12981] Call Trace:
[  180.648538][T12981]  <TASK>
[  180.648543][T12981]  dump_stack_lvl+0x189/0x250
[  180.648561][T12981]  ? __pfx_dump_stack_lvl+0x10/0x10
[  180.648571][T12981]  ? __pfx_queue_work_on+0x10/0x10
[  180.648581][T12981]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  180.648594][T12981]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  180.648605][T12981]  ? f2fs_hw_is_readonly+0x39b/0x470
[  180.648621][T12981]  f2fs_handle_critical_error+0x37c/0x540
[  180.648634][T12981]  f2fs_balance_fs+0x32d/0x7f0
[  180.648646][T12981]  ? f2fs_write_single_data_page+0xfaf/0x16a0
[  180.648658][T12981]  ? __pfx_f2fs_balance_fs+0x10/0x10
[  180.648674][T12981]  ? folio_unlock+0x101/0x160
[  180.648688][T12981]  f2fs_write_single_data_page+0xfaf/0x16a0
[  180.648705][T12981]  ? __pfx_f2fs_write_single_data_page+0x10/0x10
[  180.648723][T12981]  ? mlock_drain_local+0x79/0x490
[  180.648731][T12981]  ? mlock_drain_local+0x28e/0x490
[  180.648741][T12981]  f2fs_write_data_pages+0x195b/0x3000
[  180.648766][T12981]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  180.648817][T12981]  ? __lock_acquire+0xab9/0xd20
[  180.648835][T12981]  ? do_raw_spin_lock+0x121/0x290
[  180.648850][T12981]  ? do_raw_spin_unlock+0x4d/0x240
[  180.648882][T12981]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  180.648894][T12981]  do_writepages+0x32e/0x550
[  180.648912][T12981]  ? do_raw_spin_unlock+0x4d/0x240
[  180.648924][T12981]  file_write_and_wait_range+0x23e/0x340
[  180.648937][T12981]  ? __pfx_file_write_and_wait_range+0x10/0x10
[  180.648966][T12981]  ? do_raw_spin_lock+0x121/0x290
[  180.648982][T12981]  f2fs_do_sync_file+0x5e0/0x1860
[  180.648998][T12981]  ? __pfx_f2fs_do_sync_file+0x10/0x10
[  180.649026][T12981]  ? f2fs_file_write_iter+0x4ac/0x2410
[  180.649035][T12981]  ? vfs_fsync_range+0x12c/0x1c0
[  180.649043][T12981]  ? f2fs_sync_file+0xe9/0x160
[  180.649055][T12981]  f2fs_file_write_iter+0x753/0x2410
[  180.649073][T12981]  ? __pfx_f2fs_file_write_iter+0x10/0x10
[  180.649080][T12981]  ? rcu_read_lock_any_held+0xb3/0x120
[  180.649097][T12981]  vfs_write+0x54b/0xa90
[  180.649110][T12981]  ? __pfx_f2fs_file_write_iter+0x10/0x10
[  180.649118][T12981]  ? __pfx_vfs_write+0x10/0x10
[  180.649133][T12981]  ? __fget_files+0x2a/0x420
[  180.649149][T12981]  ksys_write+0x145/0x250
[  180.649160][T12981]  ? __pfx_ksys_write+0x10/0x10
[  180.649169][T12981]  ? rcu_is_watching+0x15/0xb0
[  180.649180][T12981]  ? do_syscall_64+0xbe/0x3b0
[  180.649192][T12981]  do_syscall_64+0xfa/0x3b0
[  180.649201][T12981]  ? lockdep_hardirqs_on+0x9c/0x150
[  180.649209][T12981]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.649218][T12981]  ? exc_page_fault+0x9f/0xf0
[  180.649228][T12981]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.649237][T12981] RIP: 0033:0x7f7b9e58ebe9
[  180.649247][T12981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  180.649255][T12981] RSP: 002b:00007f7b9f34b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  180.649266][T12981] RAX: ffffffffffffffda RBX: 00007f7b9e7b5fa0 RCX: 00007f7b9e58ebe9
[  180.649272][T12981] RDX: 0000000000007bc6 RSI: 00002000000001c0 RDI: 0000000000000004
[  180.649278][T12981] RBP: 00007f7b9e611e19 R08: 0000000000000000 R09: 0000000000000000
[  180.649283][T12981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  180.649288][T12981] R13: 00007f7b9e7b6038 R14: 00007f7b9e7b5fa0 R15: 00007ffdd97c34d8
[  180.649302][T12981]  </TASK>
[  180.762939][T12981] F2FS-fs (loop5): Stopped filesystem due to reason: 1
[  180.774117][ T5846] Bluetooth: hci1: command tx timeout
[  180.888821][ T6359] udevd[6359]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  180.893737][ T5847] udevd[5847]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  180.901899][T12994] loop4: detected capacity change from 0 to 32768
[  180.911279][T12994] XFS: noikeep mount option is deprecated.
[  180.948816][T12994] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  180.970091][ T5847] udevd[5847]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  180.979825][ T6359] udevd[6359]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  181.006087][T12994] XFS (loop4): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  181.017339][T12994] XFS (loop4): Starting recovery (logdev: internal)
[  181.041200][T12994] XFS (loop4): Ending recovery (logdev: internal)
[  181.103262][T12994] XFS (loop4): Metadata corruption detected at xfs_inobt_verify+0x9e/0x1f0, xfs_finobt block 0x8 
[  181.107566][T12994] XFS (loop4): Unmount and run xfs_repair
[  181.109354][T12994] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[  181.111572][T12994] 00000000: 41 42 33 42 00 00 00 02 ff ff ff ff ff ff ff ff  AB3B............
[  181.114252][T12994] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 10  ................
[  181.117241][T12994] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[  181.119980][T12994] 00000030: 00 00 00 00 c8 fc 31 e4 00 00 04 4e 00 00 00 02  ......1....N....
[  181.122571][T12994] 00000040: 00 00 04 60 00 00 0b a0 00 00 00 00 00 00 00 00  ...`............
[  181.125329][T12994] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  181.127936][T12994] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  181.130502][T12994] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  181.133598][T12994] XFS (loop4): metadata I/O error in "xfs_btree_read_buf_block+0x290/0x470" at daddr 0x8 len 8 error 117
[  181.174886][ T9440] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  181.183296][ T9440] XFS (loop4): Uncorrected metadata errors detected; please run xfs_repair.
[  181.461220][T13050] loop5: detected capacity change from 0 to 32768
[  181.476176][T13050] bcachefs: bch2_fs_parse_param() Error parsing option fsck_memory_usage_percent: option_value
[  181.514553][T13061] loop4: detected capacity change from 0 to 2048
[  181.626442][T13061] hpfs: filesystem error: improperly stopped; already mounted read-only
[  181.647409][T13061] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  181.649832][T13061] hpfs: filesystem error: sector(s) 'dir_band_bitmap' badly placed at 7b318cc4
[  181.919292][T13074] loop3: detected capacity change from 0 to 32768
[  181.942734][   T36] read_mapping_page failed!
[  181.944895][   T36] ERROR: (device loop3): txCommit: 
[  181.944895][   T36] 
[  181.950606][   T36] jfs_write_inode: jfs_commit_inode failed!
[  181.952715][   T24] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  182.108858][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  182.123942][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  182.134727][   T24] usb 6-1: New USB device found, idVendor=18b1, idProduct=0037, bcdDevice= 0.00
[  182.148654][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.175701][   T24] usb 6-1: config 0 descriptor??
[  182.181382][ T5293] udevd[5293]: worker [5847] terminated by signal 33 (Unknown signal 33)
[  182.193191][ T5293] udevd[5293]: worker [5847] failed while handling '/devices/virtual/block/loop3'
[  182.274101][T13105] bridge: RTM_NEWNEIGH with invalid state 0x0
[  182.606159][   T24] petalynx 0003:18B1:0037.0007: hidraw0: USB HID v0.00 Device [HID 18b1:0037] on usb-dummy_hcd.5-1/input0
[  182.787541][   T24] usb 6-1: USB disconnect, device number 3
[  183.494315][T13140] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[  183.536439][T13140] veth0_to_bridge: entered promiscuous mode
[  183.552199][T13140] hsr1: entered allmulticast mode
[  183.556914][T13140] netdevsim netdevsim5 netdevsim0: entered allmulticast mode
[  183.563254][T13140] veth0_to_bridge: entered allmulticast mode
[  183.778244][T13154] netlink: 376 bytes leftover after parsing attributes in process `syz.5.1170'.
[  183.840909][   T24] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  184.079745][   T24] usb 5-1: Using ep0 maxpacket: 8
[  184.100906][   T24] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  184.103879][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.107700][   T24] usb 5-1: Product: syz
[  184.109167][   T24] usb 5-1: Manufacturer: syz
[  184.110633][   T24] usb 5-1: SerialNumber: syz
[  184.128106][   T24] usb 5-1: config 0 descriptor??
[  184.304231][  T124] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  184.385277][   T24] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  184.460365][  T124] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  184.463161][  T124] usb 6-1: config 0 has no interface number 0
[  184.468129][  T124] usb 6-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  184.471841][  T124] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.475442][  T124] usb 6-1: Product: syz
[  184.477115][  T124] usb 6-1: Manufacturer: syz
[  184.478733][  T124] usb 6-1: SerialNumber: syz
[  184.484155][  T124] usb 6-1: config 0 descriptor??
[  184.491669][  T124] usb 6-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  184.494990][  T124] usb 6-1: selecting invalid altsetting 1
[  184.497149][  T124] usb 6-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  184.515262][  T124] usb 6-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter)
[  184.889235][ T5907] usb 6-1: USB disconnect, device number 4
[  185.250263][T13228] netlink: 'syz.3.1186': attribute type 10 has an invalid length.
[  185.252691][T13228] netdevsim netdevsim3 netdevsim0: left allmulticast mode
[  185.260607][T13228] team0: Failed to send options change via netlink (err -105)
[  185.263025][T13228] team0: Port device netdevsim0 added
[  185.331950][T13231] loop3: detected capacity change from 0 to 4096
[  185.341133][T13231] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  185.367775][T13231] ntfs3(loop3): ino=19, mi_enum_attr
[  185.369573][T13231] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  185.387222][   T33] audit: type=1800 audit(1755120749.698:4806): pid=13231 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1187" name="file0" dev="loop3" ino=0 res=0 errno=0
[  185.558481][T13238] pimreg: entered allmulticast mode
[  185.561700][T13244] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  185.577159][T13238] pimreg: left allmulticast mode
[  185.609890][   T33] audit: type=1326 audit(1755120749.940:4807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13246 comm="syz.3.1191" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0258ebe9 code=0x7ffc0000
[  185.619405][   T33] audit: type=1326 audit(1755120749.940:4808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13246 comm="syz.3.1191" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0258ebe9 code=0x7ffc0000
[  185.626906][   T33] audit: type=1326 audit(1755120749.951:4809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13246 comm="syz.3.1191" exe="/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7fba0258ebe9 code=0x7ffc0000
[  185.634159][   T33] audit: type=1326 audit(1755120749.951:4810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13246 comm="syz.3.1191" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0258ebe9 code=0x7ffc0000
[  185.656761][   T33] audit: type=1326 audit(1755120749.951:4811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13246 comm="syz.3.1191" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0258ebe9 code=0x7ffc0000
[  185.738536][   T24] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  185.748235][   T24] usb 5-1: USB disconnect, device number 12
[  185.883417][ T5907] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  186.031554][ T5907] usb 4-1: New USB device found, idVendor=09e1, idProduct=5121, bcdDevice=40.c1
[  186.036340][ T5907] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  186.039404][ T5907] usb 4-1: Product: syz
[  186.041040][ T5907] usb 4-1: Manufacturer: syz
[  186.042861][ T5907] usb 4-1: SerialNumber: syz
[  186.049234][ T5907] usb 4-1: config 0 descriptor??
[  186.168064][ T5844] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  186.255150][ T5907] int51x1 4-1:0.0: probe with driver int51x1 failed with error -22
[  186.312299][ T5844] usb 6-1: Using ep0 maxpacket: 8
[  186.318858][ T5844] usb 6-1: New USB device found, idVendor=0cf3, idProduct=e004, bcdDevice=b5.2e
[  186.322499][ T5844] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  186.325826][ T5844] usb 6-1: Product: syz
[  186.327463][ T5844] usb 6-1: Manufacturer: syz
[  186.329300][ T5844] usb 6-1: SerialNumber: syz
[  186.338342][ T5844] usb 6-1: config 0 descriptor??
[  186.448847][ T5844] usb 4-1: USB disconnect, device number 23
[  186.538332][T13293] loop4: detected capacity change from 0 to 32768
[  186.542639][T13293] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1200 (13293)
[  186.556343][ T5894] usb 6-1: USB disconnect, device number 5
[  186.557179][T13293] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  186.572674][T13293] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm
[  186.580643][T13293] BTRFS info (device loop4): using free-space-tree
[  186.664858][ T9440] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  186.828228][ T5844] IPVS: starting estimator thread 0...
[  186.928828][T13333] IPVS: using max 58 ests per chain, 139200 per kthread
[  187.441146][T13353] loop3: detected capacity change from 0 to 2048
[  187.869915][T13353] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  187.874160][T13353] UDF-fs: Scanning with blocksize 512 failed
[  187.897330][T13353] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  188.375937][T13380] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1214'.
[  188.389665][T13382] IPVS: sync thread started: state = MASTER, mcast_ifn = veth1_to_team, syncid = 4, id = 0
[  188.643184][T13403] loop3: detected capacity change from 0 to 16
[  188.653877][T13403] erofs (device loop3): mounted with root inode @ nid 36.
[  188.680005][T13403] erofs (device loop3): read error -22 @ 43 of nid 36
[  188.939610][T13414] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.1221'.
[  189.013959][T13419] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1223'.
[  189.310580][T13447] loop3: detected capacity change from 0 to 1024
[  189.327234][T13450] loop4: detected capacity change from 0 to 16
[  189.346578][T13450] erofs (device loop4): mounted with root inode @ nid 36.
[  189.786899][T13466] mmap: syz.4.1235 (13466) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  190.167504][ T1147] hfsplus: b-tree write err: -5, ino 4
[  190.262359][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  190.269625][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  191.204796][T13503] loop3: detected capacity change from 0 to 16
[  191.229945][T13503] erofs (device loop3): mounted with root inode @ nid 36.
[  191.529021][   T33] audit: type=1800 audit(1755120756.118:4812): pid=13513 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1245" name="file1" dev="loop3" ino=86 res=0 errno=0
[  191.707319][T13521] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1250'.
[  191.859855][ T5907] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  192.040468][ T5907] usb 5-1: Using ep0 maxpacket: 8
[  192.044822][ T5907] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  192.048103][ T5907] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  192.086696][ T5907] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  192.107336][ T5907] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  192.111243][ T5907] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  192.156438][ T5907] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  192.159904][ T5907] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.292951][T13545] loop5: detected capacity change from 0 to 4096
[  192.315668][T13550] netlink: 'syz.3.1259': attribute type 3 has an invalid length.
[  192.321566][T13550] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1259'.
[  192.325093][T13550] netlink: 'syz.3.1259': attribute type 1 has an invalid length.
[  192.362316][T13545] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  192.390912][ T5907] usb 5-1: GET_CAPABILITIES returned 0
[  192.395594][ T5907] usbtmc 5-1:16.0: can't read capabilities
[  192.400287][T13545] ntfs3(loop5): Failed to initialize $Extend/$ObjId.
[  192.435992][   T33] audit: type=1800 audit(1755120757.117:4813): pid=13545 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1258" name="file1" dev="loop5" ino=34 res=0 errno=0
[  192.494498][T13563] zonefs (nullb0) ERROR: Not a zoned block device
[  192.601994][ T5907] usb 5-1: USB disconnect, device number 13
[  193.608661][T13607] binder: 13606:13607 ioctl 4018620d 0 returned -22
[  193.854669][T13611] binder: 13606:13611 ioctl c018620c 0 returned -14
[  193.882108][   T33] audit: type=1326 audit(1755120758.633:4814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13603 comm="syz.4.1271" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe3ec18ebe9 code=0x0
[  193.987706][T13616] loop3: detected capacity change from 0 to 1024
[  194.089814][   T26] hfsplus: b-tree write err: -5, ino 4
[  194.193999][T13626] netlink: 'syz.3.1275': attribute type 4 has an invalid length.
[  194.214844][T13626] netlink: 'syz.3.1275': attribute type 4 has an invalid length.
[  194.719250][T13662] loop5: detected capacity change from 0 to 1024
[  194.726915][T13662] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  194.738266][T13662] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  194.749843][T13662] EXT4-fs (loop5): orphan cleanup on readonly fs
[  194.758895][T13662] Quota error (device loop5): v2_read_file_info: Can't read info structure
[  194.762885][T13662] EXT4-fs warning (device loop5): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  194.778026][T13662] EXT4-fs (loop5): Cannot turn on quotas: error -5
[  194.788880][T13662] EXT4-fs (loop5): 1 truncate cleaned up
[  194.792015][T13647] loop4: detected capacity change from 0 to 40427
[  194.793631][T13662] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  194.795424][T13647] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  194.806069][T13647] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  194.836060][T13647] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  194.848729][T13671] loop3: detected capacity change from 0 to 16
[  194.853623][T13671] erofs (device loop3): EXPERIMENTAL EROFS subpage compressed block support in use. Use at your own risk!
[  194.882252][T13671] erofs (device loop3): mounted with root inode @ nid 36.
[  194.887646][T12248] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.978784][T13647] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  195.004697][T13647] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  195.011464][T13647] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  195.149225][T13695] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  195.198298][ T5894] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  195.299009][T13692] syz.4.1280: attempt to access beyond end of device
[  195.299009][T13692] loop4: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  195.308693][T13692] syz.4.1280: attempt to access beyond end of device
[  195.308693][T13692] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  195.346899][T13647] syz.4.1280: attempt to access beyond end of device
[  195.346899][T13647] loop4: rw=2049, sector=77824, nr_sectors = 520 limit=40427
[  195.353786][ T5894] usb 6-1: config 220 has an invalid interface number: 76 but max is 2
[  195.364933][ T5894] usb 6-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  195.383472][ T5894] usb 6-1: config 220 has no interface number 2
[  195.394796][ T5894] usb 6-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  195.415831][ T5894] usb 6-1: config 220 interface 0 has no altsetting 0
[  195.420572][ T5894] usb 6-1: config 220 interface 76 has no altsetting 0
[  195.425198][ T5894] usb 6-1: config 220 interface 1 has no altsetting 0
[  195.431186][ T5894] usb 6-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  195.436102][ T5894] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  195.454153][ T5894] usb 6-1: Product: syz
[  195.455532][ T5894] usb 6-1: Manufacturer: syz
[  195.457019][ T5894] usb 6-1: SerialNumber: syz
[  195.693099][ T5894] usb 6-1: selecting invalid altsetting 0
[  195.710973][ T5894] usb 6-1: selecting invalid altsetting 0
[  195.716010][ T5894] usb 6-1: Found UVC 7.01 device syz (8086:0b07)
[  195.718188][ T5894] usb 6-1: No valid video chain found.
[  195.740502][ T5894] usb 6-1: selecting invalid altsetting 0
[  195.742677][ T5894] usbtest 6-1:220.1: probe with driver usbtest failed with error -22
[  195.750335][ T5894] usb 6-1: USB disconnect, device number 6
[  196.398232][T13727] ieee802154 phy0 wpan0: encryption failed: -22
[  198.244300][T13784] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1309'.
[  199.313436][T13812] loop3: detected capacity change from 0 to 1024
[  199.352961][T13812] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.423695][ T6342] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.637838][ T5907] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  200.129847][ T5907] usb 5-1: config 0 has no interfaces?
[  200.137701][ T5907] usb 5-1: New USB device found, idVendor=18b1, idProduct=0037, bcdDevice= 0.00
[  200.142873][ T5907] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  200.156574][ T5907] usb 5-1: config 0 descriptor??
[  200.558651][T13867] loop5: detected capacity change from 0 to 128
[  200.576590][T13867] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2
[  200.993558][ T5907] libceph: connect (1)[c::]:6789 error -101
[  200.997038][ T5907] libceph: mon0 (1)[c::]:6789 connect error
[  201.066959][T13889] ceph: No mds server is up or the cluster is laggy
[  201.084572][   T33] audit: type=1326 audit(1755121022.210:4815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13898 comm="syz.3.1338" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0258ebe9 code=0x7ffc0000
[  201.107734][   T33] audit: type=1326 audit(1755121022.221:4816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13898 comm="syz.3.1338" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0258ebe9 code=0x7ffc0000
[  201.139784][   T33] audit: type=1326 audit(1755121022.221:4817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13898 comm="syz.3.1338" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fba0258ebe9 code=0x7ffc0000
[  201.163836][   T33] audit: type=1326 audit(1755121022.221:4818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13898 comm="syz.3.1338" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0258ebe9 code=0x7ffc0000
[  201.192233][   T33] audit: type=1326 audit(1755121022.221:4819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13898 comm="syz.3.1338" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0258ebe9 code=0x7ffc0000
[  201.209985][   T33] audit: type=1326 audit(1755121022.221:4820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13898 comm="syz.3.1338" exe="/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7fba0258ebe9 code=0x7ffc0000
[  201.220644][T13904] tipc: Started in network mode
[  201.223124][T13904] tipc: Node identity ac1414aa, cluster identity 4711
[  201.229977][T13904] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  201.238248][   T33] audit: type=1326 audit(1755121022.221:4821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13898 comm="syz.3.1338" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0258ebe9 code=0x7ffc0000
[  201.250746][   T33] audit: type=1326 audit(1755121022.221:4822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13898 comm="syz.3.1338" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0258ebe9 code=0x7ffc0000
[  201.257660][   T33] audit: type=1326 audit(1755121022.221:4823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13898 comm="syz.3.1338" exe="/syz-executor" sig=0 arch=c000003e syscall=48 compat=0 ip=0x7fba0258ebe9 code=0x7ffc0000
[  201.286145][   T33] audit: type=1326 audit(1755121022.221:4824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13898 comm="syz.3.1338" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba0258ebe9 code=0x7ffc0000
[  201.433015][T13918] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1344'.
[  201.493059][T13921] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1345'.
[  201.556453][T13924] loop3: detected capacity change from 0 to 2048
[  201.605155][ T6359]  loop3: AHDI p1 p2
[  201.607838][ T6359] loop3: p1 start 4278648832 is beyond EOD, truncated
[  201.612640][T13924]  loop3: AHDI p1 p2
[  201.614514][T13924] loop3: p1 start 4278648832 is beyond EOD, truncated
[  202.275515][ T5844] usb 5-1: USB disconnect, device number 14
[  202.590661][ T5907] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[  202.689290][T13976] input: syz1 as /devices/virtual/input/input12
[  202.744813][ T5907] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  202.748144][ T5907] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  202.763127][ T5907] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 121, setting to 64
[  202.774747][ T5907] usb 6-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  202.778255][ T5907] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  202.780810][ T5907] usb 6-1: Product: syz
[  202.790897][ T5907] usb 6-1: Manufacturer: syz
[  202.792637][ T5907] usb 6-1: SerialNumber: syz
[  202.798447][ T5907] usb 6-1: config 0 descriptor??
[  202.805129][T13958] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  202.807404][T13958] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  202.819574][ T5907] usb 6-1: ucan: probing device on interface #0
[  202.996353][T13988] loop3: detected capacity change from 0 to 32768
[  203.246553][T14014] loop3: detected capacity change from 0 to 512
[  203.254641][T14014] EXT4-fs: Ignoring removed oldalloc option
[  203.259067][T14014] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  203.267913][T14014] EXT4-fs (loop3): 1 truncate cleaned up
[  203.271508][T14014] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  203.286834][   T10] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  203.309361][ T6342] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.419550][ T5907] ucan 6-1:0.0 can0: registered device
[  203.457484][   T10] usb 5-1: Using ep0 maxpacket: 8
[  203.464671][   T10] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  203.469750][   T10] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint descriptor of length 2, skipping
[  203.474291][   T10] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  203.485047][   T10] usb 5-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1
[  203.489024][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  203.492323][   T10] usb 5-1: Product: syz
[  203.494896][   T10] usb 5-1: Manufacturer: syz
[  203.497029][   T10] usb 5-1: SerialNumber: syz
[  203.514414][   T10] usb 5-1: config 0 descriptor??
[  203.530815][   T10] imon_raw 5-1:0.0: IR endpoint missing
[  203.604481][ T5907] ucan 6-1:0.0 can0: firmware string: unknown
[  203.621931][ T5907] usb 6-1: USB disconnect, device number 7
[  203.753274][ T5844] usb 5-1: USB disconnect, device number 15
[  204.316849][T14060] netlink: 'syz.3.1375': attribute type 1 has an invalid length.
[  204.321005][T14060] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1375'.
[  204.387457][T14063] comedi comedi0: aio_aio12_8: I/O port conflict (0x2,32)
[  204.443248][T14068] loop3: detected capacity change from 0 to 16
[  204.477459][T14068] erofs (device loop3): mounted with root inode @ nid 36.
[  204.513101][T14075] loop5: detected capacity change from 0 to 512
[  204.525455][T14075] EXT4-fs: Ignoring removed oldalloc option
[  204.554542][T14075] EXT4-fs error (device loop5): ext4_xattr_inode_iget:442: comm syz.5.1380: error while reading EA inode 32 err=-116
[  204.581949][T14075] EXT4-fs (loop5): Remounting filesystem read-only
[  204.598823][T14075] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  204.615175][T14075] EXT4-fs (loop5): 1 orphan inode deleted
[  204.626895][T14075] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  204.694715][T12248] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.071312][T14089] loop4: detected capacity change from 0 to 32768
[  205.157755][T14089] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  205.274496][ T9440] ocfs2: Unmounting device (7,4) on (node local)
[  206.416439][T14180] ptrace attach of "/syz-executor exec"[12248] was attempted by "\x09                                        0                                           "[14180]
[  206.687455][ T5907] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  206.715450][T14192] loop5: detected capacity change from 0 to 32768
[  206.720709][T14192] 
[  206.720709][T14192]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  206.720709][T14192] 
[  206.743858][   T53] ERROR: (device loop5): diWrite: ixpxd invalid
[  206.743858][   T53] 
[  206.747880][   T53] ERROR: (device loop5): txCommit: 
[  206.747880][   T53] 
[  206.750938][   T53] jfs_write_inode: jfs_commit_inode failed!
[  206.755197][T12248] 
[  206.755197][T12248]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  206.755197][T12248] 
[  206.759791][T12248] 
[  206.759791][T12248]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  206.759791][T12248] 
[  206.839427][ T5907] usb 4-1: Using ep0 maxpacket: 16
[  206.850958][ T5907] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  206.854335][ T5907] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  206.858195][ T5907] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  206.882130][ T5907] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  206.885571][ T5907] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  206.899075][ T5907] usb 4-1: Product: syz
[  206.900868][ T5907] usb 4-1: Manufacturer: syz
[  206.901549][T14198] loop5: detected capacity change from 0 to 4096
[  206.904647][ T5907] usb 4-1: SerialNumber: syz
[  206.911032][T14198] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512).
[  206.950766][T14198] ntfs3(loop5): ino=1a, mi_enum_attr
[  206.952523][T14198] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  206.956307][T14198] ntfs3(loop5): ino=1a, mi_enum_attr
[  206.957966][T14198] ntfs3(loop5): Failed to initialize $Extend/$Reparse.
[  206.969298][T14198] ntfs3(loop5): ino=5, "/" ntfs_readdir
[  207.061874][T14213] loop4: detected capacity change from 0 to 256
[  207.068321][T14213] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  207.072739][T14213] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  207.091705][T14213] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  207.160488][T14218] loop5: detected capacity change from 0 to 512
[  207.183356][T14218] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  207.206234][T14218] EXT4-fs (loop5): 1 truncate cleaned up
[  207.209981][T14218] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  207.227531][T14218] EXT4-fs error (device loop5): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.5.1418: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  207.240224][T14218] EXT4-fs (loop5): Remounting filesystem read-only
[  207.260733][T12248] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.307653][ T5907] usb 4-1: 0:2 : does not exist
[  207.335211][T14233] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  207.625775][T14240] loop5: detected capacity change from 0 to 32768
[  207.688585][T14240] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,background_target=invalid device 79,nojournal_transaction_names
[  207.688600][T14240]   allowing incompatible features above 0.0: (unknown version)
[  207.688606][T14240]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  207.701901][T14240] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0
[  207.704529][T14240] bcachefs (loop5): initializing new filesystem
[  207.716476][T14240] bcachefs (loop5): going read-write
[  207.722408][T14240] bcachefs (loop5): marking superblocks
[  207.739914][T14240] bcachefs (loop5): initializing freespace
[  207.745569][T14240] bcachefs (loop5): done initializing freespace
[  207.750427][T14240] bcachefs (loop5): reading snapshots table
[  207.752435][T14240] bcachefs (loop5): reading snapshots done
[  207.773632][T14240] bcachefs (loop5): done starting filesystem
[  207.899922][T12248] bcachefs (loop5): shutting down
[  207.901751][T12248] bcachefs (loop5): going read-only
[  207.907068][T12248] bcachefs (loop5): finished waiting for writes to stop
[  207.923376][T12248] bcachefs (loop5): flushing journal and stopping allocators, journal seq 2
[  207.966500][T12248] bcachefs (loop5): flushing journal and stopping allocators complete, journal seq 3
[  207.971557][T12248] bcachefs (loop5): clean shutdown complete, journal seq 4
[  207.975929][T12248] bcachefs (loop5): marking filesystem clean
[  207.998482][T12248] bcachefs (loop5): shutdown complete
[  208.188556][   T33] kauditd_printk_skb: 1 callbacks suppressed
[  208.188575][   T33] audit: type=1326 audit(1755121029.664:4826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14262 comm="syz.4.1425" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3ec18ebe9 code=0x7ffc0000
[  208.205777][ T5907] usb 4-1: USB disconnect, device number 24
[  208.220369][   T33] audit: type=1326 audit(1755121029.664:4827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14262 comm="syz.4.1425" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3ec18ebe9 code=0x7ffc0000
[  208.238625][   T33] audit: type=1326 audit(1755121029.664:4828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14262 comm="syz.4.1425" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe3ec18ebe9 code=0x7ffc0000
[  208.251804][ T6359] udevd[6359]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  208.258120][   T33] audit: type=1326 audit(1755121029.664:4829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14262 comm="syz.4.1425" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3ec18ebe9 code=0x7ffc0000
[  208.271069][   T33] audit: type=1326 audit(1755121029.664:4830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14262 comm="syz.4.1425" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe3ec18ebe9 code=0x7ffc0000
[  208.285104][   T33] audit: type=1326 audit(1755121029.664:4831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14262 comm="syz.4.1425" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3ec18ebe9 code=0x7ffc0000
[  208.297489][   T33] audit: type=1326 audit(1755121029.664:4832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14262 comm="syz.4.1425" exe="/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7fe3ec18ebe9 code=0x7ffc0000
[  208.306014][   T33] audit: type=1326 audit(1755121029.664:4833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14262 comm="syz.4.1425" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3ec18ebe9 code=0x7ffc0000
[  208.315152][   T33] audit: type=1326 audit(1755121029.664:4834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14262 comm="syz.4.1425" exe="/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fe3ec18ebe9 code=0x7ffc0000
[  208.328162][   T33] audit: type=1326 audit(1755121029.664:4835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14262 comm="syz.4.1425" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3ec18ebe9 code=0x7ffc0000
[  208.353826][T14278] tmpfs: Bad value for 'mpol'
[  208.364606][T14278] tmpfs: Bad value for 'mpol'
[  208.408467][T14280] loop4: detected capacity change from 0 to 128
[  208.415686][T14280] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  208.561843][T14288] loop4: detected capacity change from 0 to 512
[  208.567845][T14288] EXT4-fs: Ignoring removed mblk_io_submit option
[  208.573239][T14288] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  208.577050][T14288] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  208.586753][T14288] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  208.590121][T14288] EXT4-fs (loop4): orphan cleanup on readonly fs
[  208.597129][T14288] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.1428: Invalid block bitmap block 0 in block_group 0
[  208.608962][T14288] EXT4-fs (loop4): Remounting filesystem read-only
[  208.614734][T14288] EXT4-fs (loop4): 1 orphan inode deleted
[  208.618873][T14288] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  208.651221][ T9440] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.758671][T14301] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1431'.
[  209.149047][   T13] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.256691][   T13] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.471279][   T13] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.684462][   T13] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.759754][T14351] loop5: detected capacity change from 0 to 1024
[  209.790640][T14351] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  209.826429][T14362] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  209.834020][T14362] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  209.838375][T14362] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  209.843608][T14362] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  209.849918][T14362] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  210.009156][   T13] bridge_slave_1: left allmulticast mode
[  210.016194][   T13] bridge_slave_1: left promiscuous mode
[  210.018620][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.052801][   T13] bridge_slave_0: left allmulticast mode
[  210.054657][   T13] bridge_slave_0: left promiscuous mode
[  210.056710][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.074615][T12248] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.489314][T14389] loop5: detected capacity change from 0 to 32768
[  210.490378][   T13] team0: Port device geneve0 removed
[  210.724831][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  210.738071][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  210.746353][   T13] bond0 (unregistering): Released all slaves
[  211.145498][T14359] chnl_net:caif_netlink_parms(): no params data found
[  211.670092][T14565] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1459'.
[  211.706666][T14362] Bluetooth: hci2: command 0x0406 tx timeout
[  211.737914][T14359] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.742749][T14359] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.747484][T14359] bridge_slave_0: entered allmulticast mode
[  211.751559][T14359] bridge_slave_0: entered promiscuous mode
[  211.769574][T14359] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.772891][T14359] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.778864][T14359] bridge_slave_1: entered allmulticast mode
[  211.783163][ T5846] Bluetooth: hci0: command tx timeout
[  211.789898][T14359] bridge_slave_1: entered promiscuous mode
[  211.962650][T14359] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  211.996005][T14359] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  212.043625][T14359] team0: Port device team_slave_0 added
[  212.051434][T14359] team0: Port device team_slave_1 added
[  212.118283][T14681] overlayfs: empty lowerdir
[  212.174873][T14359] batman_adv: batadv0: Adding interface: batadv_slave_0
[  212.177615][T14359] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  212.208960][T14359] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  212.214420][T14359] batman_adv: batadv0: Adding interface: batadv_slave_1
[  212.216750][T14359] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  212.227378][T14359] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  212.284979][T14725] loop5: detected capacity change from 0 to 164
[  212.311236][T14725] Unable to read rock-ridge attributes
[  212.349155][T14725] Unable to read rock-ridge attributes
[  212.363084][T14359] hsr_slave_0: entered promiscuous mode
[  212.377147][T14359] hsr_slave_1: entered promiscuous mode
[  212.379387][T14359] debugfs: 'hsr0' already exists in 'hsr'
[  212.390160][T14359] Cannot create hsr debugfs directory
[  212.818842][ T5846] Bluetooth: hci2: unexpected event for opcode 0x0c5a
[  213.225348][   T13] hsr_slave_0: left promiscuous mode
[  213.228547][   T13] hsr_slave_1: left promiscuous mode
[  213.232604][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  213.239465][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  213.253292][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  213.255969][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  213.284765][   T13] veth1_macvtap: left promiscuous mode
[  213.286931][   T13] veth0_macvtap: left promiscuous mode
[  213.289216][   T13] veth1_vlan: left promiscuous mode
[  213.291111][   T13] veth0_vlan: left promiscuous mode
[  213.764391][ T5846] Bluetooth: hci0: command tx timeout
[  214.164088][   T13] team0 (unregistering): Port device team_slave_1 removed
[  214.255524][   T13] team0 (unregistering): Port device team_slave_0 removed
[  215.399307][T14359] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  215.437519][T14359] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  215.450223][T14359] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  215.487957][T14359] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  215.516902][ T5907] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  215.659745][ T5907] usb 6-1: Using ep0 maxpacket: 32
[  215.674557][ T5907] usb 6-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[  215.691586][ T5907] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  215.760250][ T5846] Bluetooth: hci0: command tx timeout
[  215.766985][ T5907] usb 6-1: config 0 descriptor??
[  215.954494][ T5907] as10x_usb: device has been detected
[  215.963984][ T5907] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[  216.046451][T14359] 8021q: adding VLAN 0 to HW filter on device bond0
[  216.103550][ T5907] usb 6-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[  216.108530][T14359] 8021q: adding VLAN 0 to HW filter on device team0
[  216.115018][T11996] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.117531][T11996] bridge0: port 1(bridge_slave_0) entered forwarding state
[  216.154166][T14359] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  216.179977][ T5907] as10x_usb: error during firmware upload part1
[  216.182785][ T5907] Registered device nBox DVB-T Dongle
[  216.190358][ T5907] usb 6-1: USB disconnect, device number 8
[  216.210379][T14359] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  216.234316][T11996] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.237264][T11996] bridge0: port 2(bridge_slave_1) entered forwarding state
[  216.258706][ T5907] Unregistered device nBox DVB-T Dongle
[  216.283473][   T13] IPVS: stop unused estimator thread 0...
[  216.294597][ T5907] as10x_usb: device has been disconnected
[  216.495369][T14359] 8021q: adding VLAN 0 to HW filter on device batadv0
[  216.538717][T14915] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1478'.
[  216.716923][T14926] loop5: detected capacity change from 0 to 2048
[  216.742046][T14926] UDF-fs: error (device loop5): udf_process_sequence: Primary Volume Descriptor not found!
[  216.753350][T14926] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  216.784970][T14926] UDF-fs: error (device loop5): udf_verify_fi: directory (ino 1376) has entry at pos 100 with incorrect tag 0
[  216.806692][T14926] UDF-fs: error (device loop5): udf_verify_fi: directory (ino 1376) has entry at pos 100 with incorrect tag 0
[  216.844547][T14359] veth0_vlan: entered promiscuous mode
[  216.864248][T14359] veth1_vlan: entered promiscuous mode
[  216.882330][T14359] veth0_macvtap: entered promiscuous mode
[  216.890387][T14359] veth1_macvtap: entered promiscuous mode
[  216.920169][T14359] batman_adv: batadv0: Interface activated: batadv_slave_0
[  216.947700][T14359] batman_adv: batadv0: Interface activated: batadv_slave_1
[  216.977317][ T5871] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  216.980898][ T5871] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  216.997159][ T5871] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  217.140470][ T5871] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  217.508055][T11996] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  217.513551][T11996] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  217.548038][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  217.550891][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  217.726947][ T5846] Bluetooth: hci0: command tx timeout
[  217.949342][T14990] netlink: 36 bytes leftover after parsing attributes in process `syz.6.1488'.
[  218.047946][T15002] loop6: detected capacity change from 0 to 1024
[  218.291203][T15010] loop3: detected capacity change from 0 to 1024
[  218.372242][T15010] EXT4-fs (loop3): stripe (8) is not aligned with cluster size (4096), stripe is disabled
[  218.401756][T15010] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  218.410722][T15010] EXT4-fs (loop3): orphan cleanup on readonly fs
[  218.428228][T15010] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix.
[  218.487371][T15010] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  218.532847][T15010] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.1493: Freeing blocks not in datazone - block = 0, count = 4096
[  218.545424][T15010] EXT4-fs (loop3): Remounting filesystem read-only
[  218.547864][T15010] EXT4-fs (loop3): 1 orphan inode deleted
[  218.556513][T15010] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  218.698792][ T6342] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.172862][T15035] netlink: 'syz.3.1498': attribute type 2 has an invalid length.
[  220.241750][   T47] usb 6-1: new full-speed USB device number 9 using dummy_hcd
[  220.390254][   T47] usb 6-1: New USB device found, idVendor=10b8, idProduct=1bb4, bcdDevice=34.65
[  220.393253][   T47] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=67
[  220.396367][   T47] usb 6-1: Product: syz
[  220.397769][   T47] usb 6-1: Manufacturer: syz
[  220.404528][   T47] usb 6-1: SerialNumber: syz
[  220.412570][   T47] usb 6-1: config 0 descriptor??
[  220.612276][   T47] dvb-usb: found a 'DiBcom TFE7090PVR reference design' in warm state.
[  220.619294][   T47] dvb-usb: will use the device's hardware PID filter (table count: 32).
[  220.627235][   T47] dvbdev: DVB: registering new adapter (DiBcom TFE7090PVR reference design)
[  220.632423][   T47] usb 6-1: media controller created
[  220.646181][   T47] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  220.713507][   T47] DVB: Unable to find symbol dib7000p_attach()
[  220.715505][   T47] dvb-usb: no frontend was attached by 'DiBcom TFE7090PVR reference design'
[  220.719443][   T47] dvb-usb: will use the device's hardware PID filter (table count: 32).
[  220.722749][   T47] dvbdev: DVB: registering new adapter (DiBcom TFE7090PVR reference design)
[  220.725523][   T47] usb 6-1: media controller created
[  220.733830][   T47] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  220.746054][   T47] dib0700: the master dib7090 has to be initialized first
[  220.749328][   T47] dvb-usb: no frontend was attached by 'DiBcom TFE7090PVR reference design'
[  220.813546][   T47] rc_core: IR keymap rc-dib0700-rc5 not found
[  220.815455][   T47] Registered IR keymap rc-empty
[  220.817637][   T47] dvb-usb: could not initialize remote control.
[  220.826452][   T47] dvb-usb: DiBcom TFE7090PVR reference design successfully initialized and connected.
[  220.854444][   T47] usb 6-1: USB disconnect, device number 9
[  220.945480][   T47] dvb-usb: DiBcom TFE7090PVR reference design successfully deinitialized and disconnected.
[  220.965242][T15110] loop6: detected capacity change from 0 to 128
[  221.045119][T15115] netlink: 'syz.3.1512': attribute type 10 has an invalid length.
[  221.067956][T15115] team0: Port device geneve1 added
[  221.357631][T15144] comedi comedi2: comedi_parport: I/O port conflict (0xe,3)
[  221.380464][T15147] netlink: 212 bytes leftover after parsing attributes in process `syz.5.1520'.
[  221.383351][T15147] netlink: 'syz.5.1520': attribute type 1 has an invalid length.
[  221.480985][ T5894] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  221.488322][T15157] netlink: 140 bytes leftover after parsing attributes in process `syz.6.1525'.
[  221.535184][T15163] loop6: detected capacity change from 0 to 8
[  221.558538][T15163] SQUASHFS error: lzo decompression failed, data probably corrupt
[  221.562114][T15163] SQUASHFS error: Failed to read block 0x91: -5
[  221.564826][T15163] SQUASHFS error: Unable to read metadata cache entry [8f]
[  221.573879][T15163] SQUASHFS error: Unable to read inode 0x11f
[  221.633128][ T5894] usb 4-1: Using ep0 maxpacket: 8
[  221.637287][ T5894] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  221.641324][ T5894] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  221.671514][ T5894] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  221.674998][ T5894] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  221.696340][ T5894] usb 4-1: config 0 descriptor??
[  221.814883][T15186] loop5: detected capacity change from 0 to 512
[  221.858087][T15186] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.866522][T15186] ext4 filesystem being mounted at /129/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  221.896602][   T33] kauditd_printk_skb: 4 callbacks suppressed
[  221.896621][   T33] audit: type=1800 audit(1755121044.056:4837): pid=15186 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1534" name="file2" dev="loop5" ino=16 res=0 errno=0
[  221.951522][T12248] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.162934][T15189] loop6: detected capacity change from 0 to 32768
[  222.197930][T15189] XFS (loop6): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  222.231670][T15189] XFS (loop6): Ending clean mount
[  222.260735][T14359] XFS (loop6): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  222.584000][   T47] usb 4-1: USB disconnect, device number 25
[  222.662001][T15239] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1544'.
[  222.666266][T15239] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  222.789258][T15239] batman_adv: batadv0: Removing interface: batadv_slave_1
[  222.804397][T15245] netlink: 44 bytes leftover after parsing attributes in process `syz.6.1543'.
[  223.011059][T15263] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1548'.
[  223.110026][ T5907] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  223.253411][ T5907] usb 7-1: Using ep0 maxpacket: 32
[  223.266666][ T5907] usb 7-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  223.269623][ T5907] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  223.286443][T15284] loop5: detected capacity change from 0 to 2048
[  223.299190][ T5907] usb 7-1: config 0 descriptor??
[  223.311969][ T5907] gspca_main: sunplus-2.14.0 probing 041e:400b
[  223.324081][T15284] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.370092][T15284] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  223.425711][T11996] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 65793 with max blocks 1 with error 28
[  223.431297][T11996] EXT4-fs (loop5): This should not happen!! Data will be lost
[  223.431297][T11996] 
[  223.442043][T11996] EXT4-fs (loop5): Total free blocks count 0
[  223.445985][T11996] EXT4-fs (loop5): Free/Dirty block details
[  223.448515][T11996] EXT4-fs (loop5): free_blocks=2415919504
[  223.450936][T11996] EXT4-fs (loop5): dirty_blocks=16
[  223.454795][T11996] EXT4-fs (loop5): Block reservation details
[  223.457260][T11996] EXT4-fs (loop5): i_reserved_data_blocks=1
[  223.464069][T12248] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.716070][ T5907] gspca_sunplus: reg_w_riv err -71
[  223.717842][ T5907] sunplus 7-1:0.0: probe with driver sunplus failed with error -71
[  223.732836][ T5907] usb 7-1: USB disconnect, device number 2
[  223.736589][T15314] overlayfs: failed to verify upper (523/file0, ino=2732, err=-116)
[  223.744677][T15314] overlayfs: failed to verify index dir 'upper' xattr
[  223.753568][T15314] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index.
[  223.830584][T15330] loop3: detected capacity change from 0 to 512
[  223.856966][T15330] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.863911][T15330] ext4 filesystem being mounted at /524/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  223.891650][T15330] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  223.920470][ T6342] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.287437][T15359] loop6: detected capacity change from 0 to 1024
[  224.297335][T15359] EXT4-fs: Ignoring removed nomblk_io_submit option
[  224.308516][T15359] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  224.332194][T15359] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.398671][T14359] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.723946][T15396] loop6: detected capacity change from 0 to 1024
[  225.018432][T15386] loop3: detected capacity change from 0 to 32768
[  225.049744][T15386] bcachefs: bch2_fs_parse_param() Error parsing option move_bytes_in_flight: option_value
[  225.252801][T15426] netlink: 'syz.5.1584': attribute type 10 has an invalid length.
[  225.330219][T15426] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  225.336936][T15425] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  225.383930][   T33] audit: type=1326 audit(1755121047.720:4838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15435 comm="syz.6.1587" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01e2f8ebe9 code=0x7ffc0000
[  225.396681][   T33] audit: type=1326 audit(1755121047.731:4839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15435 comm="syz.6.1587" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01e2f8ebe9 code=0x7ffc0000
[  225.408155][   T33] audit: type=1326 audit(1755121047.731:4840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15435 comm="syz.6.1587" exe="/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7f01e2f8ebe9 code=0x7ffc0000
[  225.427594][   T33] audit: type=1326 audit(1755121047.731:4841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15435 comm="syz.6.1587" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01e2f8ebe9 code=0x7ffc0000
[  225.442981][   T33] audit: type=1326 audit(1755121047.731:4842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15435 comm="syz.6.1587" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01e2f8ebe9 code=0x7ffc0000
[  225.467447][   T33] audit: type=1326 audit(1755121047.731:4843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15435 comm="syz.6.1587" exe="/syz-executor" sig=0 arch=c000003e syscall=232 compat=0 ip=0x7f01e2f8ebe9 code=0x7ffc0000
[  225.476671][   T33] audit: type=1326 audit(1755121047.731:4844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15435 comm="syz.6.1587" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01e2f8ebe9 code=0x7ffc0000
[  225.620140][T15451] netlink: 'syz.6.1593': attribute type 21 has an invalid length.
[  225.664529][T15453] loop3: detected capacity change from 0 to 4096
[  225.668181][T15453] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[  225.859652][T15470] loop6: detected capacity change from 0 to 1024
[  225.879954][T15470] EXT4-fs: inline encryption not supported
[  225.889349][T15470] EXT4-fs: Ignoring removed i_version option
[  225.897350][T15470] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  225.970698][T15470] EXT4-fs error (device loop6): ext4_map_blocks:778: inode #3: block 2: comm syz.6.1597: lblock 2 mapped to illegal pblock 2 (length 1)
[  225.981080][T15470] Quota error (device loop6): qtree_write_dquot: dquota write failed
[  225.983617][T15470] EXT4-fs error (device loop6): ext4_map_blocks:778: inode #3: block 48: comm syz.6.1597: lblock 0 mapped to illegal pblock 48 (length 1)
[  226.001447][T15470] Quota error (device loop6): v2_write_file_info: Can't write info structure
[  226.007280][T15470] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.1597: Failed to acquire dquot type 0
[  226.168194][T15470] EXT4-fs error (device loop6) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  226.217145][T15470] EXT4-fs error (device loop6): ext4_evict_inode:254: inode #11: comm syz.6.1597: mark_inode_dirty error
[  226.221132][T15470] EXT4-fs warning (device loop6): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  226.224626][T15470] EXT4-fs (loop6): 1 orphan inode deleted
[  226.227328][T15470] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  226.235418][T15470] EXT4-fs error (device loop6): ext4_map_blocks:778: inode #3: block 1: comm syz.6.1597: lblock 1 mapped to illegal pblock 1 (length 1)
[  226.265093][ T6033] EXT4-fs error (device loop6): ext4_map_blocks:778: inode #3: block 1: comm kworker/u10:4: lblock 1 mapped to illegal pblock 1 (length 1)
[  226.275805][ T6033] EXT4-fs error (device loop6): ext4_release_dquot:6969: comm kworker/u10:4: Failed to release dquot type 0
[  226.286822][T14359] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.296617][T14359] EXT4-fs error (device loop6): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0
[  226.313542][T14359] EXT4-fs error (device loop6) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  226.322246][T14359] EXT4-fs error (device loop6): ext4_quota_off:7217: inode #3: comm syz-executor: mark_inode_dirty error
[  226.804875][ T5894] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  226.860635][T15509] loop5: detected capacity change from 0 to 32768
[  226.878961][T15509] BTRFS warning: excessive commit interval 2147483647, use with care
[  226.883958][T15509] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1606 (15509)
[  226.908649][T15509] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  226.922257][T15509] BTRFS info (device loop5): using crc32c (crc32c-lib) checksum algorithm
[  226.924994][T15509] BTRFS info (device loop5): disk space caching is enabled
[  226.927171][T15509] BTRFS warning (device loop5): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  226.954583][ T5894] usb 7-1: New USB device found, idVendor=0c45, idProduct=6005, bcdDevice=b5.55
[  226.961221][ T5894] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  226.966953][ T5894] usb 7-1: Product: syz
[  226.970054][T15509] BTRFS info (device loop5): rebuilding free space tree
[  226.971771][ T5894] usb 7-1: Manufacturer: syz
[  226.973916][ T5894] usb 7-1: SerialNumber: syz
[  226.989342][ T5894] usb 7-1: config 0 descriptor??
[  226.994258][ T5894] gspca_main: sonixb-2.14.0 probing 0c45:6005
[  227.007237][T15509] BTRFS info (device loop5): disabling free space tree
[  227.009598][T15509] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  227.012724][T15509] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  227.109219][T12248] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  227.339775][T15560] loop5: detected capacity change from 0 to 16
[  227.352810][T15560] erofs (device loop5): mounted with root inode @ nid 36.
[  227.419014][ T5894] input: sonixb as /devices/platform/dummy_hcd.6/usb7/7-1/input/input14
[  227.606638][ T5894] usb 7-1: USB disconnect, device number 3
[  227.621473][T15573] loop5: detected capacity change from 0 to 4096
[  228.011414][T15588] loop3: detected capacity change from 0 to 32768
[  228.098916][T15622] loop5: detected capacity change from 0 to 512
[  228.152503][T15622] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  228.157021][T15622] ext4 filesystem being mounted at /161/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  228.395803][ T5894] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  228.479717][T15656] loop3: detected capacity change from 0 to 512
[  228.507997][T15656] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  228.513326][T15656] ext4 filesystem being mounted at /548/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  228.546093][T15656] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 3: comm syz.3.1625: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=2, rec_len=2060, size=2048 fake=1
[  228.553666][ T5894] usb 6-1: Using ep0 maxpacket: 8
[  228.561691][ T5894] usb 6-1: config 0 has an invalid interface number: 31 but max is 0
[  228.565463][ T5894] usb 6-1: config 0 has no interface number 0
[  228.565801][T15656] EXT4-fs (loop3): Remounting filesystem read-only
[  228.577956][ T5894] usb 6-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  228.592539][ T5894] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  228.597473][ T5894] usb 6-1: Product: syz
[  228.599212][ T5894] usb 6-1: Manufacturer: syz
[  228.601078][ T5894] usb 6-1: SerialNumber: syz
[  228.622388][ T5894] usb 6-1: config 0 descriptor??
[  228.849623][ T5894] usb 6-1: Found UVC 0.04 device syz (046d:08c3)
[  228.866501][ T5894] usb 6-1: No valid video chain found.
[  228.881419][ T5894] usb 6-1: USB disconnect, device number 10
[  228.940759][T15673] loop6: detected capacity change from 0 to 40427
[  228.945433][T15673] F2FS-fs (loop6): Image doesn't support compression
[  228.948406][T15673] F2FS-fs (loop6): build fault injection rate: 690
[  228.953347][T15673] F2FS-fs (loop6): invalid crc value
[  229.011295][T15673] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  229.018204][T15673] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  229.356101][T12248] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.356116][ T6342] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.458703][  T792] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  230.497257][T15755] loop5: detected capacity change from 0 to 4096
[  230.528381][T15755] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  230.578211][T15755] EXT4-fs error (device loop5): ext4_get_first_dir_block:3553: inode #12: block 80: comm syz.5.1645: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  230.592616][T15755] EXT4-fs (loop5): Remounting filesystem read-only
[  230.618123][  T792] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  230.626771][  T792] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  230.630790][  T792] usb 7-1: New USB device found, idVendor=2006, idProduct=0118, bcdDevice= 0.00
[  230.636742][T12248] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.643057][  T792] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  230.666514][  T792] usb 7-1: config 0 descriptor??
[  230.748360][    T9] usb 4-1: new full-speed USB device number 26 using dummy_hcd
[  230.861560][T15782] bond0: Removing last ns target with arp_interval on
[  230.862080][ T9529] bond0: (slave bond_slave_0): interface is now down
[  230.872785][ T9529] bond0: (slave bond_slave_1): interface is now down
[  230.923352][    T9] usb 4-1: unable to get BOS descriptor or descriptor too short
[  230.937524][    T9] usb 4-1: not running at top speed; connect to a high speed hub
[  230.951167][    T9] usb 4-1: New USB device found, idVendor=0694, idProduct=0001, bcdDevice=2e.65
[  230.954322][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.962218][    T9] usb 4-1: Product: syz
[  230.963983][    T9] usb 4-1: Manufacturer: syz
[  230.966230][    T9] usb 4-1: SerialNumber: syz
[  231.083264][  T792] hkems 0003:2006:0118.0008: ignoring exceeding usage max
[  231.086326][  T792] hkems 0003:2006:0118.0008: item fetching failed at offset 5/7
[  231.089184][  T792] hkems 0003:2006:0118.0008: parse failed
[  231.091000][  T792] hkems 0003:2006:0118.0008: probe with driver hkems failed with error -22
[  231.178427][    T9] legousbtower 4-1:14.0: interrupt endpoints not found
[  231.184665][    T9] usb 4-1: USB disconnect, device number 26
[  231.288615][  T792] usb 7-1: USB disconnect, device number 4
[  232.253642][  T792] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  232.329755][ T5894] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  232.425062][  T792] usb 4-1: Using ep0 maxpacket: 32
[  232.438802][  T792] usb 4-1: config 0 has an invalid interface number: 58 but max is 27
[  232.441432][  T792] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  232.445170][  T792] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 28
[  232.447998][  T792] usb 4-1: config 0 has no interface number 0
[  232.450503][  T792] usb 4-1: config 0 interface 58 altsetting 0 endpoint 0x6 has invalid maxpacket 56166, setting to 64
[  232.454043][  T792] usb 4-1: config 0 interface 58 altsetting 0 endpoint 0x7 has invalid maxpacket 64800, setting to 64
[  232.457507][  T792] usb 4-1: config 0 interface 58 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  232.460480][  T792] usb 4-1: config 0 interface 58 altsetting 0 endpoint 0x8 has an invalid bInterval 0, changing to 7
[  232.463910][  T792] usb 4-1: config 0 interface 58 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0
[  232.466871][  T792] usb 4-1: config 0 interface 58 altsetting 0 has 5 endpoint descriptors, different from the interface descriptor's value: 6
[  232.474113][ T5894] usb 6-1: Using ep0 maxpacket: 32
[  232.476240][  T792] usb 4-1: New USB device found, idVendor=05ac, idProduct=021c, bcdDevice=5c.24
[  232.479509][  T792] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  232.482416][  T792] usb 4-1: Product: syz
[  232.482615][ T5894] usb 6-1: config 4 has an invalid interface number: 128 but max is 0
[  232.483946][  T792] usb 4-1: Manufacturer: syz
[  232.487284][ T5894] usb 6-1: config 4 has no interface number 0
[  232.488584][  T792] usb 4-1: SerialNumber: syz
[  232.495426][ T5894] usb 6-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  232.497820][  T792] usb 4-1: config 0 descriptor??
[  232.499540][ T5894] usb 6-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  232.504956][ T5894] usb 6-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  232.507967][ T5894] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  232.564017][ T5894] hub 6-1:4.128: USB hub found
[  232.727661][  T792] appletouch 4-1:0.58: Could not find int-in endpoint
[  232.738172][  T792] appletouch 4-1:0.58: probe with driver appletouch failed with error -5
[  232.779727][  T792] usbhid 4-1:0.58: couldn't find an input interrupt endpoint
[  232.787009][ T5894] hub 6-1:4.128: 2 ports detected
[  232.788780][ T5894] hub 6-1:4.128: Using single TT (err -22)
[  232.835787][  T792] usb 4-1: USB disconnect, device number 27
[  232.980710][ T5894] hub 6-1:4.128: hub_hub_status failed (err = -71)
[  232.984370][ T5894] hub 6-1:4.128: config failed, can't get hub status (err -71)
[  233.008049][ T5894] usb 6-1: USB disconnect, device number 11
[  233.351885][T15884] loop3: detected capacity change from 0 to 256
[  233.386303][T15884] FAT-fs (loop3): Directory bread(block 64) failed
[  233.397462][T15884] FAT-fs (loop3): Directory bread(block 65) failed
[  233.399906][T15884] FAT-fs (loop3): Directory bread(block 66) failed
[  233.402411][T15884] FAT-fs (loop3): Directory bread(block 67) failed
[  233.404467][T15884] FAT-fs (loop3): Directory bread(block 68) failed
[  233.416896][T15878] loop6: detected capacity change from 0 to 32768
[  233.420765][T15884] FAT-fs (loop3): Directory bread(block 69) failed
[  233.423094][T15884] FAT-fs (loop3): Directory bread(block 70) failed
[  233.435177][T15884] FAT-fs (loop3): Directory bread(block 71) failed
[  233.437912][T15884] FAT-fs (loop3): Directory bread(block 72) failed
[  233.440408][T15884] FAT-fs (loop3): Directory bread(block 73) failed
[  233.500636][T15878] bcachefs (loop6): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  233.500664][T15878]   allowing incompatible features above 0.0: (unknown version)
[  233.500674][T15878]   features: 
[  233.516708][T15878] bcachefs (loop6): Using encoding defined by superblock: utf8-12.1.0
[  233.519951][T15878] bcachefs (loop6): initializing new filesystem
[  233.530580][T15878] bcachefs (loop6): going read-write
[  233.560011][T15878] bcachefs (loop6): marking superblocks
[  233.590484][T15905] loop3: detected capacity change from 0 to 128
[  233.608148][T15878] bcachefs (loop6): initializing freespace
[  233.614723][T15905] vfat: Unknown parameter 'shortn^e'
[  233.633636][T15878] bcachefs (loop6): done initializing freespace
[  233.647429][T15878] bcachefs (loop6): reading snapshots table
[  233.659991][T15878] bcachefs (loop6): reading snapshots done
[  233.736270][T15878] bcachefs (loop6): done starting filesystem
[  233.753141][   T33] kauditd_printk_skb: 2 callbacks suppressed
[  233.753154][   T33] audit: type=1800 audit(1755121056.507:4845): pid=15878 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1666" name="file1" dev="loop6" ino=4098 res=0 errno=0
[  233.822026][T14359] bcachefs (loop6): shutting down
[  233.823937][T14359] bcachefs (loop6): going read-only
[  233.828606][T14359] bcachefs (loop6): finished waiting for writes to stop
[  233.842403][T14359] bcachefs (loop6): flushing journal and stopping allocators, journal seq 3
[  233.915887][T14359] bcachefs (loop6): flushing journal and stopping allocators complete, journal seq 4
[  233.946202][T14359] bcachefs (loop6): clean shutdown complete, journal seq 5
[  233.956599][T14359] bcachefs (loop6): marking filesystem clean
[  233.993120][T14359] bcachefs (loop6): shutdown complete
[  234.813604][ T5871] bond0: (slave bond_slave_0): interface is now down
[  234.837293][ T5871] bond0: (slave bond_slave_1): interface is now down
[  235.956462][T16007] loop6: detected capacity change from 0 to 1024
[  236.026227][T16014] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1693'.
[  236.029188][T16014] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1693'.
[  236.038145][T16014] vlan0: entered promiscuous mode
[  236.225857][   T33] audit: type=1326 audit(1755121059.100:4846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16027 comm="syz.3.1696" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fba0258ebe9 code=0x0
[  236.332396][T16045] loop5: detected capacity change from 0 to 8192
[  236.413275][T16058] loop5: detected capacity change from 0 to 4096
[  236.428933][T16060] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  236.550175][  T792] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  236.570284][T16070] loop5: detected capacity change from 0 to 512
[  236.584020][T16070] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 227 vs 220 free clusters
[  236.591659][T16070] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.1705: attempt to clear invalid blocks 1024 len 1
[  236.600319][T16070] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.1705: invalid indirect mapped block 1819239214 (level 0)
[  236.608429][T16070] EXT4-fs (loop5): 1 truncate cleaned up
[  236.611135][T16070] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  236.640088][T12248] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.695601][  T792] usb 7-1: config 0 has an invalid interface number: 51 but max is 0
[  236.704336][  T792] usb 7-1: config 0 has an invalid interface number: 4 but max is 0
[  236.707499][  T792] usb 7-1: config 0 has 2 interfaces, different from the descriptor's value: 1
[  236.711212][  T792] usb 7-1: config 0 has no interface number 0
[  236.714668][  T792] usb 7-1: config 0 has no interface number 1
[  236.719825][  T792] usb 7-1: New USB device found, idVendor=cc35, idProduct=693f, bcdDevice=e7.0f
[  236.723773][  T792] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  236.726877][  T792] usb 7-1: Product: syz
[  236.728467][  T792] usb 7-1: Manufacturer: syz
[  236.730217][  T792] usb 7-1: SerialNumber: syz
[  236.736407][  T792] usb 7-1: config 0 descriptor??
[  236.741441][  T792] cdc_acm 7-1:0.51: probe with driver cdc_acm failed with error -22
[  236.936151][ T5894] usb 7-1: USB disconnect, device number 5
[  237.692224][T16116] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1713'.
[  237.703588][T16116] netlink: 'syz.5.1713': attribute type 1 has an invalid length.
[  237.714308][T16116] netlink: 'syz.5.1713': attribute type 2 has an invalid length.
[  237.726789][T16116] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1713'.
[  237.782568][T16119] netlink: 'syz.6.1714': attribute type 2 has an invalid length.
[  238.208530][T16130] loop6: detected capacity change from 0 to 1764
[  238.482083][T16140] loop6: detected capacity change from 0 to 2048
[  238.498966][T16140] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  238.509441][T16140] UDF-fs: unknown compression code (0)
[  238.525887][T16140] UDF-fs: unknown compression code (0)
[  238.650400][T16164] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1724'.
[  238.798545][T16187] netlink: 84 bytes leftover after parsing attributes in process `syz.6.1728'.
[  238.836226][ T9529] bond0: (slave wlan1): interface is now down
[  238.855041][ T9529] bond0: now running without any active interface!
[  238.912247][  T792] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  239.008583][T16196] loop6: detected capacity change from 0 to 1024
[  239.019868][T16196] EXT4-fs: Ignoring removed oldalloc option
[  239.028214][T16196] EXT4-fs: Ignoring removed bh option
[  239.049166][T16196] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  239.065115][  T792] usb 6-1: Using ep0 maxpacket: 16
[  239.071403][  T792] usb 6-1: config 0 has an invalid interface number: 41 but max is 0
[  239.074997][  T792] usb 6-1: config 0 has no interface number 0
[  239.078123][  T792] usb 6-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  239.084644][  T792] usb 6-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  239.088962][  T792] usb 6-1: config 0 interface 41 has no altsetting 0
[  239.091282][T14359] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.097086][  T792] usb 6-1: New USB device found, idVendor=0fe6, idProduct=9700, bcdDevice=d1.9a
[  239.101116][  T792] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  239.118950][  T792] usb 6-1: Product: syz
[  239.120688][  T792] usb 6-1: Manufacturer: syz
[  239.123389][  T792] usb 6-1: SerialNumber: syz
[  239.128680][  T792] usb 6-1: config 0 descriptor??
[  239.147250][T16166] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  239.160599][T16166] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  239.190732][T16207] loop6: detected capacity change from 0 to 2048
[  239.195624][T16207] UDF-fs: error (device loop6): udf_process_sequence: Primary Volume Descriptor not found!
[  239.205691][T16207] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  239.373131][  T792] dm9601 6-1:0.41: probe with driver dm9601 failed with error -71
[  239.388032][  T792] sr9700 6-1:0.41: probe with driver sr9700 failed with error -71
[  239.433352][  T792] usb 6-1: USB disconnect, device number 12
[  239.719792][T16239] loop6: detected capacity change from 0 to 32768
[  239.736411][T16239] ERROR: (device loop6): dbAlloc: unable to allocate blocks
[  239.736411][T16239] 
[  239.739886][T16239] jfs_create: dtInsert returned -EIO
[  239.743293][T16239] ERROR: (device loop6): jfs_create: 
[  239.743293][T16239] 
[  239.946044][T16253] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1743'.
[  240.255438][   T24] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  240.280830][T16281] loop5: detected capacity change from 0 to 1024
[  240.351295][T16281] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  240.381566][T16281] EXT4-fs warning (device loop5): ext4_empty_dir:3103: inode #11: comm syz.5.1751: directory missing '..'
[  240.411436][T12248] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.455205][   T24] usb 7-1: Using ep0 maxpacket: 16
[  240.461581][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  240.468483][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  240.472189][   T24] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  240.479273][   T24] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  240.482746][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  240.519238][   T24] usb 7-1: config 0 descriptor??
[  240.973354][   T24] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[  240.976239][   T24] microsoft 0003:045E:07DA.0009: ignoring exceeding usage max
[  241.123792][T16307] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1756'.
[  241.173190][   T24] microsoft 0003:045E:07DA.0009: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.6-1/input0
[  241.269842][   T24] microsoft 0003:045E:07DA.0009: no inputs found
[  241.272414][   T24] microsoft 0003:045E:07DA.0009: could not initialize ff, continuing anyway
[  241.283451][   T24] usb 7-1: USB disconnect, device number 6
[  241.411440][T16335] loop5: detected capacity change from 0 to 512
[  241.760682][ T5894] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  241.960162][ T5894] usb 6-1: Using ep0 maxpacket: 8
[  241.982375][ T5894] usb 6-1: config 0 has an invalid interface number: 31 but max is 0
[  241.995797][ T5894] usb 6-1: config 0 has no interface number 0
[  242.012515][ T5894] usb 6-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  242.016611][ T5894] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  242.023041][ T5894] usb 6-1: Product: syz
[  242.028026][ T5894] usb 6-1: Manufacturer: syz
[  242.031749][ T5894] usb 6-1: SerialNumber: syz
[  242.080258][ T5894] usb 6-1: config 0 descriptor??
[  242.295704][ T5894] usb 6-1: Found UVC 0.04 device syz (046d:08c3)
[  242.304930][ T5894] uvcvideo 6-1:0.31: Entity type for entity Output 6 was not initialized!
[  242.312592][ T5894] usb 6-1: Failed to create links for entity 5
[  242.314719][ T5894] usb 6-1: Failed to register entities (-22).
[  242.334012][ T5894] usb 6-1: USB disconnect, device number 13
[  243.059017][T16390] loop5: detected capacity change from 0 to 4096
[  243.106580][T16390] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  243.133033][T16390] ntfs3(loop5): Failed to load $Extend (-22).
[  243.135697][T16390] ntfs3(loop5): Failed to initialize $Extend.
[  243.494812][  T792] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  243.595540][T16439] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1785'.
[  243.646411][  T792] usb 4-1: Using ep0 maxpacket: 16
[  243.662356][  T792] usb 4-1: config 2 has an invalid interface number: 14 but max is 0
[  243.672712][  T792] usb 4-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  243.694693][  T792] usb 4-1: config 2 has no interface number 0
[  243.702405][  T792] usb 4-1: config 2 interface 14 altsetting 9 has an invalid endpoint descriptor of length 6, skipping
[  243.718911][  T792] usb 4-1: config 2 interface 14 altsetting 9 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  243.729859][  T792] usb 4-1: config 2 interface 14 has no altsetting 0
[  243.747914][  T792] usb 4-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice=77.73
[  243.756630][  T792] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  243.762756][  T792] usb 4-1: Product: syz
[  243.764811][  T792] usb 4-1: Manufacturer: syz
[  243.766818][  T792] usb 4-1: SerialNumber: syz
[  244.037422][  T792] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  244.182992][  T792] snd-usb-audio 4-1:2.14: probe with driver snd-usb-audio failed with error -2
[  244.195568][  T792] usb 4-1: USB disconnect, device number 28
[  244.307244][ T6096] udevd[6096]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:2.14/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  244.788774][T16480] loop5: detected capacity change from 0 to 32768
[  244.815203][T16480] (syz.5.1791,16480,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  244.826660][T16480] (syz.5.1791,16480,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  244.849987][T16480] JBD2: Ignoring recovery information on journal
[  244.907715][T16480] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  245.006610][T16495] loop6: detected capacity change from 0 to 512
[  245.013230][T16495] EXT4-fs: Ignoring removed bh option
[  245.035187][T16495] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  245.066027][T16495] EXT4-fs (loop6): 1 truncate cleaned up
[  245.070048][T16495] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  245.170278][T12248] ocfs2: Unmounting device (7,5) on (node local)
[  245.226039][T14359] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  245.375616][T16516] netlink: 'syz.6.1799': attribute type 32 has an invalid length.
[  245.378761][T16516] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1799'.
[  245.393611][T16516] (unnamed net_device) (uninitialized): Setting coupled_control to off (0)
[  245.579289][T16563] loop5: detected capacity change from 0 to 8
[  245.625719][T16563] SQUASHFS error: lzo decompression failed, data probably corrupt
[  245.649896][T16563] SQUASHFS error: Failed to read block 0x91: -5
[  245.658714][T16563] SQUASHFS error: Unable to read metadata cache entry [8f]
[  245.662148][T16563] SQUASHFS error: Unable to read inode 0x11f
[  245.925234][T16571] loop6: detected capacity change from 0 to 32768
[  245.932843][T16571] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1806 (16571)
[  245.965432][T16571] BTRFS info (device loop6): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  245.969639][T16571] BTRFS info (device loop6): using blake2b (blake2b-256-generic) checksum algorithm
[  245.976735][T16577] loop5: detected capacity change from 0 to 40427
[  245.981373][T16571] BTRFS info (device loop6): using free-space-tree
[  245.988974][T16577] F2FS-fs (loop5): build fault injection rate: 19
[  245.994824][T16577] F2FS-fs (loop5): build fault injection type: 0x3bfe8c
[  246.002145][T16577] F2FS-fs (loop5): invalid crc value
[  246.010201][T16577] F2FS-fs (loop5): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[  246.109732][T16577] F2FS-fs (loop5): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x20a/0x3f0
[  246.138645][T16577] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  246.152609][T16577] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  246.210075][T14359] BTRFS info (device loop6): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  246.217547][T16577] F2FS-fs (loop5): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  246.242445][T16577] syz.5.1807: attempt to access beyond end of device
[  246.242445][T16577] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  246.274315][T16577] F2FS-fs (loop5): inject write IO error in f2fs_write_end_io of __submit_merged_bio+0x27a/0x6a0
[  246.323296][T16577] CPU: 1 UID: 0 PID: 16577 Comm: syz.5.1807 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  246.323316][T16577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  246.323322][T16577] Call Trace:
[  246.323327][T16577]  <TASK>
[  246.323332][T16577]  dump_stack_lvl+0x189/0x250
[  246.323351][T16577]  ? __pfx_dump_stack_lvl+0x10/0x10
[  246.323362][T16577]  ? __pfx_queue_work_on+0x10/0x10
[  246.323372][T16577]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  246.323384][T16577]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  246.323400][T16577]  f2fs_handle_critical_error+0x37c/0x540
[  246.323415][T16577]  f2fs_write_end_io+0x886/0xb60
[  246.323437][T16577]  __submit_merged_bio+0x27a/0x6a0
[  246.323451][T16577]  __submit_merged_write_cond+0x255/0x530
[  246.323465][T16577]  f2fs_write_data_pages+0x261d/0x3000
[  246.323494][T16577]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  246.323529][T16577]  ? check_path+0x21/0x40
[  246.323537][T16577]  ? check_noncircular+0xe0/0x160
[  246.323569][T16577]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  246.323580][T16577]  do_writepages+0x32e/0x550
[  246.323598][T16577]  ? do_raw_spin_unlock+0x4d/0x240
[  246.323609][T16577]  filemap_fdatawrite+0x199/0x240
[  246.323621][T16577]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  246.323654][T16577]  ? do_raw_spin_unlock+0x4d/0x240
[  246.323681][T16577]  f2fs_sync_dirty_inodes+0x31f/0x830
[  246.323703][T16577]  f2fs_write_checkpoint+0x95a/0x1df0
[  246.323729][T16577]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  246.323760][T16577]  ? down_write+0x162/0x1f0
[  246.323773][T16577]  ? __pfx_down_write+0x10/0x10
[  246.323794][T16577]  f2fs_issue_checkpoint+0x3ac/0x570
[  246.323809][T16577]  ? __pfx_f2fs_issue_checkpoint+0x10/0x10
[  246.323822][T16577]  ? __lock_acquire+0xab9/0xd20
[  246.323844][T16577]  ? __up_read+0x280/0x680
[  246.323858][T16577]  ? f2fs_sync_fs+0x200/0x3d0
[  246.323870][T16577]  f2fs_do_sync_file+0x869/0x1860
[  246.323887][T16577]  ? __pfx_f2fs_do_sync_file+0x10/0x10
[  246.323917][T16577]  ? down_write+0x162/0x1f0
[  246.323927][T16577]  ? __pfx_down_write+0x10/0x10
[  246.323937][T16577]  ? sb_start_write+0x114/0x1c0
[  246.323948][T16577]  ? mnt_want_write_file+0x164/0x200
[  246.323958][T16577]  __f2fs_ioctl+0x3a51/0xb610
[  246.323979][T16577]  ? file_ioctl+0x22d/0x780
[  246.323990][T16577]  ? __pfx_file_ioctl+0x10/0x10
[  246.324006][T16577]  ? kasan_quarantine_put+0xdd/0x220
[  246.324018][T16577]  ? __pfx___f2fs_ioctl+0x10/0x10
[  246.324056][T16577]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  246.324068][T16577]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  246.324080][T16577]  ? do_vfs_ioctl+0xb33/0x1430
[  246.324090][T16577]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  246.324109][T16577]  ? __lock_acquire+0xab9/0xd20
[  246.324130][T16577]  ? __fget_files+0x2a/0x420
[  246.324143][T16577]  ? __fget_files+0x2a/0x420
[  246.324154][T16577]  ? __fget_files+0x3a0/0x420
[  246.324165][T16577]  ? __fget_files+0x2a/0x420
[  246.324177][T16577]  ? f2fs_ioctl+0x135/0x250
[  246.324188][T16577]  ? __pfx_f2fs_ioctl+0x10/0x10
[  246.324200][T16577]  __se_sys_ioctl+0xfc/0x170
[  246.324212][T16577]  do_syscall_64+0xfa/0x3b0
[  246.324222][T16577]  ? lockdep_hardirqs_on+0x9c/0x150
[  246.324231][T16577]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.324240][T16577]  ? exc_page_fault+0x9f/0xf0
[  246.324250][T16577]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.324258][T16577] RIP: 0033:0x7f7b9e58ebe9
[  246.324269][T16577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.324276][T16577] RSP: 002b:00007f7b9f34b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  246.324287][T16577] RAX: ffffffffffffffda RBX: 00007f7b9e7b5fa0 RCX: 00007f7b9e58ebe9
[  246.324308][T16577] RDX: 0000000000000000 RSI: 000000000000f502 RDI: 0000000000000005
[  246.324313][T16577] RBP: 00007f7b9e611e19 R08: 0000000000000000 R09: 0000000000000000
[  246.324318][T16577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  246.324323][T16577] R13: 00007f7b9e7b6038 R14: 00007f7b9e7b5fa0 R15: 00007ffdd97c34d8
[  246.324337][T16577]  </TASK>
[  246.324480][T16577] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  246.406139][T16614] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  246.884014][T16634] loop5: detected capacity change from 0 to 512
[  246.911664][T16634] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  246.942496][T16634] ext4 filesystem being mounted at /237/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  247.387156][T12248] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.888690][T16664] loop6: detected capacity change from 0 to 32768
[  247.914954][T16664] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1817 (16664)
[  247.934215][T16664] BTRFS info (device loop6): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  247.937727][T16664] BTRFS info (device loop6): using blake2b (blake2b-256-generic) checksum algorithm
[  247.952027][T16664] BTRFS info (device loop6): using free-space-tree
[  248.196401][T16717] netlink: 'syz.3.1826': attribute type 21 has an invalid length.
[  248.212333][T14359] BTRFS info (device loop6): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  248.266244][    T9] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  248.462367][    T9] usb 6-1: config index 0 descriptor too short (expected 23569, got 27)
[  248.476305][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  248.482105][    T9] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  248.487722][    T9] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  248.491061][    T9] usb 6-1: Manufacturer: syz
[  248.507567][    T9] usb 6-1: config 0 descriptor??
[  248.711350][T16732] loop3: detected capacity change from 0 to 32768
[  248.720176][T16732] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1829 (16732)
[  248.731789][T16732] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  248.736001][T16732] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  248.739371][T16732] BTRFS info (device loop3): disk space caching is enabled
[  248.742168][T16732] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  248.754128][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  248.756641][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  248.811620][T16754] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1832'.
[  248.873990][T16732] BTRFS info (device loop3): rebuilding free space tree
[  248.890106][T16732] BTRFS info (device loop3): disabling free space tree
[  248.892304][T16732] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  248.895376][T16732] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  248.901715][    T9] rc_core: IR keymap rc-hauppauge not found
[  248.903687][    T9] Registered IR keymap rc-empty
[  248.913075][    T9] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0
[  248.932253][    T9] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input16
[  248.944442][T16777] loop6: detected capacity change from 0 to 256
[  248.969559][T16732] BTRFS info (device loop3): scrub: started on devid 1
[  248.977001][T16732] BTRFS info (device loop3): scrub: finished on devid 1 with status: 0
[  249.024572][    C0] igorplugusb 6-1:0.0: Error: urb status = -32
[  249.049890][    T9] usb 6-1: USB disconnect, device number 14
[  249.064872][T16777] netlink: 'syz.6.1833': attribute type 16 has an invalid length.
[  249.082084][T16777] netlink: 'syz.6.1833': attribute type 3 has an invalid length.
[  249.102948][ T6342] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  249.107160][T16777] netlink: 34014 bytes leftover after parsing attributes in process `syz.6.1833'.
[  249.745101][T16828] loop6: detected capacity change from 0 to 2048
[  249.751202][T16828] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  249.827995][T16833] GUP no longer grows the stack in syz.5.1844 (16833): 200000005000-200000008000 (200000004000)
[  249.836116][T16833] CPU: 1 UID: 0 PID: 16833 Comm: syz.5.1844 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  249.836135][T16833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  249.836142][T16833] Call Trace:
[  249.836147][T16833]  <TASK>
[  249.836152][T16833]  dump_stack_lvl+0x189/0x250
[  249.836188][T16833]  ? __pfx_dump_stack_lvl+0x10/0x10
[  249.836199][T16833]  ? __pfx__printk+0x10/0x10
[  249.836212][T16833]  ? find_vma+0xe7/0x160
[  249.836233][T16833]  fixup_user_fault+0x661/0x720
[  249.836249][T16833]  fault_in_user_writeable+0x72/0xe0
[  249.836263][T16833]  futex_lock_pi+0x773/0xa90
[  249.836279][T16833]  ? __pfx_futex_lock_pi+0x10/0x10
[  249.836301][T16833]  ? futex_private_hash_put+0x4b/0x280
[  249.836313][T16833]  ? __pfx_futex_wake_mark+0x10/0x10
[  249.836328][T16833]  ? __pfx_futex_wake+0x10/0x10
[  249.836339][T16833]  ? userfaultfd_unmap_complete+0x278/0x2d0
[  249.836356][T16833]  ? __pfx_userfaultfd_unmap_complete+0x10/0x10
[  249.836370][T16833]  do_futex+0x292/0x420
[  249.836383][T16833]  ? __pfx_do_futex+0x10/0x10
[  249.836393][T16833]  ? __vm_munmap+0x301/0x3d0
[  249.836405][T16833]  __se_sys_futex+0x36f/0x400
[  249.836418][T16833]  ? __pfx___se_sys_futex+0x10/0x10
[  249.836428][T16833]  ? rcu_is_watching+0x15/0xb0
[  249.836439][T16833]  ? __x64_sys_futex+0x21/0xf0
[  249.836450][T16833]  do_syscall_64+0xfa/0x3b0
[  249.836462][T16833]  ? lockdep_hardirqs_on+0x9c/0x150
[  249.836471][T16833]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.836479][T16833]  ? exc_page_fault+0x9f/0xf0
[  249.836489][T16833]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.836497][T16833] RIP: 0033:0x7f7b9e58ebe9
[  249.836506][T16833] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  249.836513][T16833] RSP: 002b:00007f7b9f34b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  249.836523][T16833] RAX: ffffffffffffffda RBX: 00007f7b9e7b5fa0 RCX: 00007f7b9e58ebe9
[  249.836529][T16833] RDX: 00000000fffffffd RSI: 000000000000008d RDI: 0000200000004000
[  249.836535][T16833] RBP: 00007f7b9e611e19 R08: 0000000000000000 R09: 0000000000000000
[  249.836540][T16833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  249.836544][T16833] R13: 00007f7b9e7b6038 R14: 00007f7b9e7b5fa0 R15: 00007ffdd97c34d8
[  249.836558][T16833]  </TASK>
[  250.050280][T16810] loop3: detected capacity change from 0 to 40427
[  250.054779][T16810] F2FS-fs: heap/no_heap options were deprecated
[  250.061159][T16810] F2FS-fs (loop3): build fault injection rate: 19
[  250.064396][T16810] F2FS-fs (loop3): build fault injection type: 0x3bfe8c
[  250.069225][T16810] F2FS-fs (loop3): invalid crc value
[  250.082915][T16838] loop5: detected capacity change from 0 to 8192
[  250.084052][T16810] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[  250.137417][ T5928]  loop5: p1 < > p3 p4 < >
[  250.142456][ T5928] loop5: p3 size 33554432 extends beyond EOD, truncated
[  250.177124][T16810] F2FS-fs (loop3): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x20a/0x3f0
[  250.184967][T16838]  loop5: p1 < > p3 p4 < >
[  250.187570][T16810] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  250.193370][T16810] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  250.200106][T16838] loop5: p3 size 33554432 extends beyond EOD, truncated
[  250.309309][T16810] syz.3.1837: attempt to access beyond end of device
[  250.309309][T16810] loop3: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  250.313109][ T5940] udevd[5940]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[  250.325555][ T6359] udevd[6359]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  250.337426][ T5928] udevd[5928]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory
[  250.394582][ T5940] udevd[5940]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[  250.394792][ T5928] udevd[5928]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory
[  250.400931][ T6359] udevd[6359]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  250.443814][ T6342] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_folio of f2fs_grab_meta_folio+0x6a/0x1d0
[  251.405944][T16906] loop6: detected capacity change from 0 to 40427
[  251.412904][T16906] F2FS-fs (loop6): Insane cp_payload (553648128 >= 504)
[  251.415146][T16906] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  251.450263][T16906] F2FS-fs (loop6): invalid crc value
[  251.549777][T16906] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  251.557543][T16906] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  251.559818][T16906] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  251.931582][T16906] syz.6.1859: attempt to access beyond end of device
[  251.931582][T16906] loop6: rw=2049, sector=53248, nr_sectors = 520 limit=40427
[  251.978414][T16905] syz.6.1859: attempt to access beyond end of device
[  251.978414][T16905] loop6: rw=524288, sector=53248, nr_sectors = 256 limit=40427
[  251.986041][T16905] syz.6.1859: attempt to access beyond end of device
[  251.986041][T16905] loop6: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  251.994039][T16905] syz.6.1859: attempt to access beyond end of device
[  251.994039][T16905] loop6: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  252.000521][T16905] syz.6.1859: attempt to access beyond end of device
[  252.000521][T16905] loop6: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  252.005194][T16905] syz.6.1859: attempt to access beyond end of device
[  252.005194][T16905] loop6: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  252.011935][T16905] syz.6.1859: attempt to access beyond end of device
[  252.011935][T16905] loop6: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  252.016553][T16905] syz.6.1859: attempt to access beyond end of device
[  252.016553][T16905] loop6: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  252.022311][T16905] syz.6.1859: attempt to access beyond end of device
[  252.022311][T16905] loop6: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  252.027201][T16905] syz.6.1859: attempt to access beyond end of device
[  252.027201][T16905] loop6: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  252.067422][  T792] usb 4-1: new full-speed USB device number 29 using dummy_hcd
[  252.112092][T14359] CPU: 0 UID: 0 PID: 14359 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  252.112112][T14359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  252.112119][T14359] Call Trace:
[  252.112124][T14359]  <TASK>
[  252.112131][T14359]  dump_stack_lvl+0x189/0x250
[  252.112157][T14359]  ? __pfx_dump_stack_lvl+0x10/0x10
[  252.112172][T14359]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  252.112188][T14359]  ? __pfx_queue_work_on+0x10/0x10
[  252.112197][T14359]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  252.112205][T14359]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  252.112219][T14359]  f2fs_handle_critical_error+0x37c/0x540
[  252.112234][T14359]  f2fs_write_end_io+0x886/0xb60
[  252.112254][T14359]  __submit_merged_bio+0x27a/0x6a0
[  252.112267][T14359]  __submit_merged_write_cond+0x255/0x530
[  252.112280][T14359]  f2fs_write_data_pages+0x261d/0x3000
[  252.112290][T14359]  ? __lock_acquire+0xab9/0xd20
[  252.112318][T14359]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  252.112348][T14359]  ? __kernel_text_address+0xd/0x40
[  252.112359][T14359]  ? unwind_get_return_address+0x4d/0x90
[  252.112369][T14359]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  252.112382][T14359]  ? __pfx_hlock_conflict+0x10/0x10
[  252.112400][T14359]  ? __lock_acquire+0xab9/0xd20
[  252.112419][T14359]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  252.112429][T14359]  do_writepages+0x32e/0x550
[  252.112447][T14359]  ? do_raw_spin_unlock+0x4d/0x240
[  252.112459][T14359]  filemap_fdatawrite+0x199/0x240
[  252.112494][T14359]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  252.112529][T14359]  f2fs_sync_dirty_inodes+0x31f/0x830
[  252.112549][T14359]  f2fs_write_checkpoint+0x95a/0x1df0
[  252.112570][T14359]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  252.112603][T14359]  ? kill_f2fs_super+0x298/0x6c0
[  252.112616][T14359]  kill_f2fs_super+0x2c3/0x6c0
[  252.112630][T14359]  ? __pfx_kill_f2fs_super+0x10/0x10
[  252.112639][T14359]  ? radix_tree_delete_item+0x2b6/0x400
[  252.112653][T14359]  ? shrinker_free+0x2ce/0x3e0
[  252.112663][T14359]  deactivate_locked_super+0xbc/0x130
[  252.112674][T14359]  cleanup_mnt+0x425/0x4c0
[  252.112684][T14359]  ? lockdep_hardirqs_on+0x9c/0x150
[  252.112695][T14359]  task_work_run+0x1d4/0x260
[  252.112707][T14359]  ? __pfx_task_work_run+0x10/0x10
[  252.112715][T14359]  ? __x64_sys_umount+0x122/0x160
[  252.112728][T14359]  ? exit_to_user_mode_loop+0x40/0x110
[  252.112743][T14359]  exit_to_user_mode_loop+0xec/0x110
[  252.112754][T14359]  do_syscall_64+0x2bd/0x3b0
[  252.112764][T14359]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.112772][T14359]  ? asm_sysvec_call_function_single+0x1a/0x20
[  252.112783][T14359]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.112791][T14359] RIP: 0033:0x7f01e2f8ff17
[  252.112800][T14359] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  252.112808][T14359] RSP: 002b:00007ffe0b6e86b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  252.112818][T14359] RAX: 0000000000000000 RBX: 00007f01e3011c05 RCX: 00007f01e2f8ff17
[  252.112823][T14359] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe0b6e8770
[  252.112828][T14359] RBP: 00007ffe0b6e8770 R08: 0000000000000000 R09: 0000000000000000
[  252.112833][T14359] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe0b6e9800
[  252.112839][T14359] R13: 00007f01e3011c05 R14: 000000000003f2d0 R15: 00007ffe0b6e9840
[  252.112852][T14359]  </TASK>
[  252.112900][T14359] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  252.317196][  T792] usb 4-1: config index 0 descriptor too short (expected 149, got 148)
[  252.319816][  T792] usb 4-1: config 1 has an invalid descriptor of length 37, skipping remainder of the config
[  252.322930][  T792] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  252.328308][  T792] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[  252.331173][  T792] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  252.334024][  T792] usb 4-1: SerialNumber: syz
[  252.342966][  T792] usb 4-1: 0:2 : does not exist
[  252.344840][  T792] usb 4-1: unit 48 not found!
[  252.563791][  T792] usb 4-1: USB disconnect, device number 29
[  253.015074][T16966] loop6: detected capacity change from 0 to 1024
[  253.030238][T16966] EXT4-fs: Ignoring removed orlov option
[  253.054062][T16966] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  253.160719][T14359] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.182984][T16958] loop5: detected capacity change from 0 to 32768
[  253.200850][T16958] XFS (loop5): invalid logbufs value: 1 [not 2-8]
[  253.400563][ T5907] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  253.437773][T16995] loop5: detected capacity change from 0 to 1024
[  253.460424][T16995] hfsplus: extend alloc file! (8192,512,17039360)
[  253.505234][    T9] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  253.537661][T17002] loop5: detected capacity change from 0 to 136
[  253.550733][T17002] Attempt to read inode for relocated directory
[  253.556030][ T5907] usb 4-1: unable to get BOS descriptor or descriptor too short
[  253.560290][ T5907] usb 4-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  253.566922][ T5907] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  253.570984][ T5907] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  253.581001][ T5907] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  253.584640][ T5907] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  253.587901][ T5907] usb 4-1: Product: syz
[  253.589563][ T5907] usb 4-1: Manufacturer: syz
[  253.591602][ T5907] usb 4-1: SerialNumber: syz
[  253.672590][    T9] usb 7-1: unable to get BOS descriptor or descriptor too short
[  253.677699][    T9] usb 7-1: config 5 has an invalid interface number: 58 but max is 0
[  253.681272][    T9] usb 7-1: config 5 has no interface number 0
[  253.683969][    T9] usb 7-1: config 5 interface 58 has no altsetting 0
[  253.693043][    T9] usb 7-1: New USB device found, idVendor=045e, idProduct=0775, bcdDevice= a.af
[  253.696649][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  253.699194][    T9] usb 7-1: Product: syz
[  253.700658][    T9] usb 7-1: Manufacturer: syz
[  253.702176][    T9] usb 7-1: SerialNumber: syz
[  253.808118][ T5907] usb 4-1: 0:2 : does not exist
[  253.866211][ T5907] usb 4-1: USB disconnect, device number 30
[  253.924697][ T6359] udevd[6359]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  254.180409][    T9] usb 7-1: USB disconnect, device number 7
[  254.587219][T17041] netlink: 'syz.5.1874': attribute type 1 has an invalid length.
[  254.590344][T17041] netlink: 'syz.5.1874': attribute type 4 has an invalid length.
[  254.609802][T17041] netlink: 9462 bytes leftover after parsing attributes in process `syz.5.1874'.
[  254.732186][   T24] IPVS: starting estimator thread 0...
[  254.858025][T17054] IPVS: using max 32 ests per chain, 76800 per kthread
[  254.924050][T17070] netlink: 248 bytes leftover after parsing attributes in process `syz.5.1882'.
[  254.935946][T17070] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1882'.
[  255.159649][T17085] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1885'.
[  255.175906][T17085] netlink: 'syz.5.1885': attribute type 11 has an invalid length.
[  255.205960][ T9529] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  255.226103][T17085] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1885'.
[  255.230320][ T5851] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  255.232309][T17085] netlink: 'syz.5.1885': attribute type 11 has an invalid length.
[  255.236225][ T5851] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  255.247189][ T5851] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  255.272233][T17059] loop6: detected capacity change from 0 to 32768
[  255.291637][T17059] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1879 (17059)
[  255.329733][T17059] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  255.333729][T17059] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm
[  255.348419][T17059] BTRFS info (device loop6): using free-space-tree
[  255.538525][T14359] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  256.524066][T17132] loop6: detected capacity change from 0 to 32768
[  256.567668][T17132] JBD2: Ignoring recovery information on journal
[  256.604859][T17157] loop5: detected capacity change from 0 to 8
[  256.604976][T17132] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  256.611735][T17157] MTD: Attempt to mount non-MTD device "/dev/loop5"
[  256.633508][T17157] cramfs: Error -5 while decompressing!
[  256.636078][T17157] cramfs: ffffffff99be8628(26)->ffff88811f280000(4096)
[  256.638859][T17157] cramfs: Error -3 while decompressing!
[  256.641938][T17157] cramfs: ffffffff99be8642(26)->ffff888111dd5000(4096)
[  256.644858][T17157] cramfs: Error -3 while decompressing!
[  256.647094][T17157] cramfs: ffffffff99be865c(16)->ffff888111dc7000(4096)
[  256.650095][T17157] cramfs: Error -5 while decompressing!
[  256.652363][T17157] cramfs: ffffffff99be8628(26)->ffff88811f280000(4096)
[  256.689780][T14359] ocfs2: Unmounting device (7,6) on (node local)
[  256.744466][    T9] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  256.803189][T17171] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1897'.
[  256.806645][T17171] openvswitch: netlink: nsh attribute has 5276 unknown bytes.
[  256.809207][T17171] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  256.907732][    T9] usb 4-1: Using ep0 maxpacket: 16
[  256.914404][    T9] usb 4-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[  256.925492][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  256.928732][    T9] usb 4-1: Product: syz
[  256.930453][    T9] usb 4-1: Manufacturer: syz
[  256.932328][    T9] usb 4-1: SerialNumber: syz
[  256.958277][    T9] usb 4-1: config 0 descriptor??
[  256.967265][    T9] ssu100 4-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[  257.456481][T17203] loop6: detected capacity change from 0 to 32768
[  257.493672][   T33] audit: type=1800 audit(1755121081.429:4847): pid=17203 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1908" name="file1" dev="loop6" ino=4 res=0 errno=0
[  257.893359][T17203] ERROR: (device loop6): dbAdjCtl: the maximum free buddy is not the old root
[  257.893359][T17203] 
[  257.899526][T17203] ERROR: (device loop6): remounting filesystem as read-only
[  257.976776][T14359] ------------[ cut here ]------------
[  257.979078][T14359] kernel BUG at fs/jfs/inode.c:169!
[  257.982105][T14359] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[  257.984108][T14359] CPU: 0 UID: 0 PID: 14359 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  257.989479][T14359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  257.992645][T14359] RIP: 0010:jfs_evict_inode+0x438/0x440
[  257.994679][T14359] Code: fe e9 e0 fd ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 23 fe ff ff 4c 89 f7 e8 73 f2 e8 fe e9 16 fe ff ff e8 f9 87 85 fe 90 <0f> 0b 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  258.001514][T14359] RSP: 0018:ffffc90008befae0 EFLAGS: 00010293
[  258.003383][T14359] RAX: ffffffff833a23b7 RBX: ffff88802c8d9fd8 RCX: ffff88811ca9d640
[  258.006046][T14359] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88802c8d9fd8
[  258.008548][T14359] RBP: 0000000000000001 R08: ffffffff8fa34237 R09: 1ffffffff1f46846
[  258.010877][T14359] R10: dffffc0000000000 R11: ffffffff833a00b0 R12: dffffc0000000000
[  258.013247][T14359] R13: dffffc0000000000 R14: ffff88802c8d9c60 R15: ffffffff833a1f80
[  258.015606][T14359] FS:  000055558d818500(0000) GS:ffff8880b8623000(0000) knlGS:0000000000000000
[  258.018607][T14359] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  258.020611][T14359] CR2: 00007ffe0b6e7f08 CR3: 0000000106474000 CR4: 00000000000006f0
[  258.023160][T14359] Call Trace:
[  258.024198][T14359]  <TASK>
[  258.025132][T14359]  ? evict+0x4f8/0x9c0
[  258.026396][T14359]  ? __pfx_jfs_evict_inode+0x10/0x10
[  258.028483][T14359]  evict+0x504/0x9c0
[  258.029676][T14359]  ? __pfx_evict+0x10/0x10
[  258.031025][T14359]  ? do_raw_spin_unlock+0x4d/0x240
[  258.032619][T14359]  evict_inodes+0x64c/0x6d0
[  258.034246][T14359]  ? __pfx_evict_inodes+0x10/0x10
[  258.035831][T14359]  generic_shutdown_super+0x9a/0x2c0
[  258.037479][T14359]  kill_block_super+0x44/0x90
[  258.038920][T14359]  deactivate_locked_super+0xbc/0x130
[  258.040497][T14359]  cleanup_mnt+0x425/0x4c0
[  258.041826][T14359]  ? lockdep_hardirqs_on+0x9c/0x150
[  258.043439][T14359]  task_work_run+0x1d4/0x260
[  258.044834][T14359]  ? __pfx_task_work_run+0x10/0x10
[  258.046358][T14359]  ? __x64_sys_umount+0x122/0x160
[  258.047977][T14359]  ? exit_to_user_mode_loop+0x40/0x110
[  258.049664][T14359]  exit_to_user_mode_loop+0xec/0x110
[  258.051308][T14359]  do_syscall_64+0x2bd/0x3b0
[  258.052674][T14359]  ? lockdep_hardirqs_on+0x9c/0x150
[  258.054297][T14359]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.056164][T14359]  ? exc_page_fault+0x9f/0xf0
[  258.057679][T14359]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.059502][T14359] RIP: 0033:0x7f01e2f8ff17
[  258.060849][T14359] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  258.066581][T14359] RSP: 002b:00007ffe0b6e86b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  258.069138][T14359] RAX: 0000000000000000 RBX: 00007f01e3011c05 RCX: 00007f01e2f8ff17
[  258.071482][T14359] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe0b6e8770
[  258.073863][T14359] RBP: 00007ffe0b6e8770 R08: 0000000000000000 R09: 0000000000000000
[  258.076208][T14359] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe0b6e9800
[  258.079196][T14359] R13: 00007f01e3011c05 R14: 0000000000040af3 R15: 00007ffe0b6e9840
[  258.082300][T14359]  </TASK>
[  258.083534][T14359] Modules linked in:
[  258.085744][T14359] ---[ end trace 0000000000000000 ]---
[  258.094626][T14359] RIP: 0010:jfs_evict_inode+0x438/0x440
[  258.096807][T14359] Code: fe e9 e0 fd ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 23 fe ff ff 4c 89 f7 e8 73 f2 e8 fe e9 16 fe ff ff e8 f9 87 85 fe 90 <0f> 0b 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  258.104995][T14359] RSP: 0018:ffffc90008befae0 EFLAGS: 00010293
[  258.109581][T14359] RAX: ffffffff833a23b7 RBX: ffff88802c8d9fd8 RCX: ffff88811ca9d640
[  258.112744][T14359] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88802c8d9fd8
[  258.130510][    T9] usb 4-1: Quatech SSU-100 USB to Serial Driver converter now attached to ttyUSB0
[  258.137970][T14359] RBP: 0000000000000001 R08: ffffffff8fa34237 R09: 1ffffffff1f46846
[  258.141449][T14359] R10: dffffc0000000000 R11: ffffffff833a00b0 R12: dffffc0000000000
[  258.144707][T14359] R13: dffffc0000000000 R14: ffff88802c8d9c60 R15: ffffffff833a1f80
[  258.147596][T14359] FS:  000055558d818500(0000) GS:ffff8880b8623000(0000) knlGS:0000000000000000
[  258.152157][T14359] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  258.156948][T14359] CR2: 0000001b3081cff8 CR3: 0000000106474000 CR4: 00000000000006f0
[  258.160091][T14359] Kernel panic - not syncing: Fatal exception
[  258.162648][T14359] Kernel Offset: disabled
[  258.163998][T14359] Rebooting in 86400 seconds..

VM DIAGNOSIS:
21:20:50  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000020 RBX=0000000000000020 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc90008bef1f0
R8 =ffff8880213b8237 R9 =1ffff11004277046 R10=dffffc0000000000 R11=ffffffff854e75e0
R12=dffffc0000000000 R13=ffffffff99af28de R14=ffffffff99de74e0 R15=0000000000000000
RIP=ffffffff854e765c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055558d818500 ffffffff 00c00000
GS =0000 ffff8880b8623000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffe0b6e7f08 CR3=0000000106474000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000001 XMM01=0000000000000015 000000000003bf12
XMM02=0342100001dfb003 07b010000ff00307 XMM03=e00303a1100001df d00318800401dfc0
XMM04=0000000000000000 0000000000000000 XMM05=000055558a46c864 000055558a46c780
XMM06=0000000000000000 0000000000000000 XMM07=0a0156e600100001 dc90030ef3acd080
XMM08=100001dc80030008 0001dff00302c208 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000001 RBX=0000000000000000 RCX=0000000000000002 RDX=0000000000000000
RSI=0000000000000000 RDI=ffffffff8e139fa0 RBP=ffffffff822e5b0a RSP=ffffc900084af278
R8 =0000000000000000 R9 =0000000000000000 R10=dffffc0000000000 R11=fffff940008cab31
R12=0000000000000002 R13=ffffffff8e139fa0 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff819d5b18 RFL=00000297 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f7b9c7f66c0 ffffffff 00c00000
GS =0000 ffff8881a3c23000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b31b1bff8 CR3=000000000df36000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffff8167983b ffffffff8133c57e
XMM02=22f7b60839bffaae ffffffff8133c57e XMM03=c057d3153c15a477 347cac20039a532b
XMM04=00007f7b9f2ed100 00007f7b9e787460 XMM05=00007f7b9e787478 00007f7b9e7874c0
XMM06=00007f7b9e7874b8 00007f7b9e7874b0 XMM07=00007f7b9e7874a8 00007f7b9e7874a0
XMM08=0000000000000000 00007f7b9e612ee7 XMM09=0000000000000000 00007f7b9e612fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
