last executing test programs:

3.077010515s ago: executing program 2 (id=422):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, 0x0, 0x40)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000001c0)={<r1=>0x0, 0x20, &(0x7f0000000080)=[@in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in={0x2, 0x4e22, @remote}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000400)={r1, @in6={{0xa, 0x4e21, 0x4, @empty, 0x9}}, 0x4, 0x4, 0x624e, 0xa, 0x55, 0x7f}, 0x9c)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x4, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000380), 0xffffffffffffffff)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={r1, @in={{0x2, 0x4e23, @empty}}, 0x0, 0x2, 0x40000002, 0x0, 0xa17433da3c5d69a5, 0x2, 0x81}, 0x9c)

1.738501521s ago: executing program 1 (id=427):
r0 = syz_open_procfs(0x0, &(0x7f0000000440)='net/route\x00')
preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000002380)=""/169, 0xa9}], 0x1, 0x80, 0x1)

1.690202707s ago: executing program 1 (id=428):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="30000000100001000000ce6bb9092919507f3400", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
setsockopt$packet_int(r0, 0x107, 0x8, &(0x7f0000000100)=0x40049, 0x4)
recvmmsg(r0, &(0x7f0000000480)=[{{0x0, 0x30, 0x0, 0x0, &(0x7f00000003c0)=""/11, 0x17}}], 0x400000000000179, 0x0, 0x0)

1.414549349s ago: executing program 2 (id=429):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f00005f5000)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="020300001600000003000000000000000400030007000000b9080000000000ffeb0cac00000000000000000000000000050006006c0000000a00000000000000fc010000000000000000000000000000000010000000000004000400000000000700000000000000000000000000000000000020000000000200010000000000000000070000000005000500008000000a00"], 0xb0}}, 0x40)

1.168568429s ago: executing program 0 (id=433):
r0 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x6)
symlinkat(&(0x7f0000000400)='./file0/../file0\x00', r1, &(0x7f0000000080)='./file0\x00')
readlinkat(r1, &(0x7f00000001c0)='./file0/../file0\x00', &(0x7f0000000780)=""/198, 0xc6)

1.168316462s ago: executing program 0 (id=434):
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x3200004, &(0x7f0000000800)=ANY=[@ANYBLOB="63726561746f723dbd3c66f52c756d61736b3d30303030303030303030303030303030303030303030372c6465636f6d706f73652c666f7263652c6e6c733d61736369692c747970653d621611362c0054bf83f91df0c1f50a0ef48003d4ecff35d6a07268c60464b42b524ba554c7e76882b728b372339ba56447099bca6a487fd14f9a48afc753d57a1e25647b7fa93ad022d51690d1e794320875774210f97d3509ecc56a6b19796366c9082f5fedba5b4e9e1991816b1d0390610047dd32a3f42fd3caf822b10064604d44a8c6e22a39b6f2533c7c9328a41539a61873acefe5131a14b1c58bb60f96c6f1878335c6a915a053c02ff01291936285c3c5b77b7e484e1deda0b313cb5e0f0363f8eb623280422bbf03591193c2bf4a84c2d022ed6554d5c5464ff877cd50a8c7119fd031bb0765ac1dd8"], 0x3, 0x6bd, &(0x7f0000001500)="$eJzs3U9sHFcZAPBv1pu110iu26ZpQIhajVRBIxLbq5IgITUghHyIUASXXq3Eaaxs0sp2kRshsgEKEidOqAcORcgcekIIIZUDQpQzEhIXLvgeiRuHHIBF82d3x7vrjbe1vab5/aTxvLdv3nvffJk/u+NYG8ATa+W1ONWKJFbOX91O67s7jebuTuNOpxwR0xFRiajmq0jqEcmHEVciX+LT6YvFcMl+87zy8IOk+u77jbxWLZZs+8qofgOGbtmKmOlWpiJiIS/++8DDDoyXLdk413vj7W96VGPSjTtN2LlO4mDS2gNavcbKY7sf/LwFTqz7+X1zwHzEbOR31+wWV1wdHn9lmLyR16bW8cUBAAAAR2XoZ/mypx7Fo9iOueMJBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Zkvw7A5NiqXTKC5F0vv+/VvpO/dqEw/2Y3rmZrb711KQDAQAAAAAAAICP5YVH8Si2Y65TbyfZ7/xfzCqns5+firdiM9ZiIy7EdqzGVmzFRixFxHxpoNr26tbWxtJgz59F2rPdbt8vei4P7bm8N65Wf6DD/qfBwEYAAAAAAAAA8MT6fqz0fv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnQRIxla+y5XSvXKlGxExE1JKF7ua1iQZ7CP446QAAAADg6NWL9Vzy37zQTrLP/Geyz/wz8Vbcja1Yj61oxlrcyJ4F5J/6K39tNZq7O4076TI48Ff/OVYc2YiRP3sYPvNitsVz3R4r8Y34dpyPhbgWG7Ee34nV2Iq1WIivZ6XVSGK+eHoxv7tTj06sg/Fe2VO71h/bC6VyGt/ZLJJ63Iz1LLYLcb3WCb1SbHe2NNvvahF9Mz5Is5O8Wjhgjm4U63SPflqsT4b5bM9PdTOyWOQ+zcbT5bwP5n7M46R/pqWodJ9Bne7Nklb7Z/pIOZ8t1mmuf3S0OR/zUdreTLR+ktY6R9+Z0TmP+MLf/nTtVuXu7Vs3N8+fnMPoI+o/JhqlTDy/u9OYKsr7Z6KZZqLVzcTM2CGM3+NI1Ips5Hs83tXyxazvXKzHN+ONuBFrcSkWYykux2J8OZajEculvD43+gjLzrXKeOfauc8XhfSe9OPSvenYTO/XkOb16VJey1e6+ayt/EovS88cIEtJLYZn6e9DQ6l+piikc/ygdMeZvP5MLJUy8ezoTPziP+2I2Gzevb1xa/XNEXPc+8PsS51yp5Cetu/svTb/8jD3awzF7qbHyzPpP1bkt43y0ZG2Pdtpy/OVVKPX73S3be99rlaL7HzO2x53pqYjnXkwbKS87fmhszSytrOltj3vcuKNaHbfhQBwgs2+PFurP6z/pf5e/Yf1W/WrM1+bvjz92Vqc+nP191O/rvyq8pXk5Xgvvhdzk44UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+CTbfvnd7tdlc2zikwj8+l497GANG5RADSwsPhjZ1UpG/UjvMbDx5helRR9RvImJE99okYq5HxIlIXVSPYa7pGNJ0tftKPaLSjScibp+QL7gDjsLFrTtvXtx8+94X1++svr72+trd5cuXXr3U+NLS/Ys315tri/nPSUcJHIXe24BJRwIAAAAAAAAAAAAc1HH8ecOQaZPWBPYVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P+08lqcakUSS4sXFtP67k6jmS6dcm/LakRUIiL5bkTyYcSVyJeYLw2X7DfPKw8/+PlL777f6I1V7Wxf6ev323+122PuRatYYiEipor1400faLzrpfFaYwaWS7p7mCbsXCdxMGn/CwAA///JrAEK")

1.049664481s ago: executing program 0 (id=435):
r0 = socket$nl_route(0x10, 0x3, 0x0)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="480000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="020000000000000014001280090001007665746800000000040002800a0001002aaaaaaaaa00c86608000400"], 0x48}}, 0x0)

1.049416206s ago: executing program 0 (id=436):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x1c, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setgroups(0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r3 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x161281, 0x0)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0040001e1d113c812e5d6000"})
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

948.966378ms ago: executing program 2 (id=437):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000140)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000240)={0xc})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000280)={0x28, 0x7, r2, 0x0, &(0x7f0000579000/0x2000)=nil, 0x2000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000400)={0x48, 0x5, r2, 0x0, <r3=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES(r1, 0x3ba0, &(0x7f00000005c0)={0x48, 0x7, r3, 0x0, 0x0, 0x0, 0x1000, 0x5})
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000001440), 0x49001, 0x0)
ioctl$IOMMU_TEST_OP_ACCESS_RW(r4, 0x3ba0, &(0x7f0000000480)={0x48, 0x8, r3, 0x0, 0x201, 0xe00, &(0x7f0000003080)="31bb4ec77ee0edf5a052e63ec7f79b3ab56d2c206e9c183499df90598e942f13cd9a2903a9d51fe4a07ebe6214d279e733874d16615bcb34cda1a44be72996af769eeebe39142eaf6b3744be4a86853813ae876b741b65c339f76441f04e8c34c428b5c9a6412dfc94af7cc2cb364274c9eb1595a1912dc107b889df1668051e6a27c07cb5f42f2d097acd8b95bf1d07139994056653c3cb83a1f756c5bd79374d81d10fffdd89cf613babd136c2ec27754fde021ecd84f4255881f3272a0f52f3b3ae232b0843e705daf97bd7c625a4f1c7ef9987515c7d33a8790047bb5daab6059e97253c1124b1e097f32cf3be7a04437da98bd749b391d21d374abe25c715604d562a4e163dc3bbc4568d558a04f361846bddc80c988302497546f62c0b1b7fe335af05668f50fc66fc2345f2fb4a13b72e762bcfe8977af9aab95e6d516a98bb0247b4cca89b2896867f81dae584118313c62fce1942952ebc75ff14e583bf1ace2101855cac909c53b2a5e129e6b6b780ecfa98d653aa0105fbd9d5c76906550af7f3f5b8cd612dc3d0823dd1ebf33ada49a82932365b869a0da45db213981589ad56b7b2f897469b1e73b1bd396f413074ad19a18dd095a2d3db75acdae5f5d8d486bff89c59277b0bfb89355d65ed97aadc56e6f81fe6abae5ab6b79e04e26bd7bdae87a68f8f6c9a034bfb7df2adf4dd81c29b57eb4d034e1c812ce2148d8770ee7691f96a7c31038fc5285293e3c34c9eeb26e81bb8c95c2b4ae0ca4ccb662e3acfaf651d4798f94439e03d8d1b54fc3faedc43905163d508bd265c41da50aa16b0203a3e34f502124e6c1e8737947ebc95b6f880f6f47bd2660ba0d3d902f3b4256f6b28d4f6b41039c952afe0886b3a351e3c3ce92be7e2b8aec310ba61560bde3954120d15d775c0094eb61cb665c327c25a72ad14ec6731b36fdab273ef785794697a1ad02193dd70619a0389a51219f0a95cd836e9aba775e6ef38e872a1aaad500a9360f1164f3e98ef7a96690248c7b125383de41019f35d1de2a38bd90a5f60c6aa7b6bcc62c951330a49bf9b8932289de5542a143b987c4f01acd2665123d603942cc727757ac16e17ac55f4e39cea7b5da45b13e2b8dc00b60ecb9086f000e197908f81cf3ca8bae652b78bb80357df1e8f5357eff0e5db2541910e645fbcda847e569483c169daea6628f3c942f357757eb327da64cd6cde61e295fa5872bcd6834a06d65a6c253fb7cb004ca971b59e1aece01c544835e48f8ed2c9861aa2390d70dadd02c27b3e308d26f476b34dbdc67444c62ba10ab9646b326bc3ebf0f92c96c64cb6c5f3ed78a3be919a2a983790cf3578602f7b69258b2a6fc58046b08bdbcad58e2c9d7025e20a78fe58520f8e3aafdeb944edfa728a5fba1629dee808bf22e205e797f84d64e73c40bbe660b899f39944520a58287620c87e766166bcb89f764d81c96f3804c7dbd17408bd7f765aec08dff46ba568073cd45060b646eb3215ec7ff511f769a0e5483f1dca9860ea21767f0fe68c45eb46396e418b25bd1065135e92e74cb8929f526ce293d002c354a9bb22b2dfbfcb5b0612d5f7625a559e85c3ac6f89790f78502df7b02f2affcdbbe2732a8632ae95e7a1a7388b6df19aafb2c6b94e985f26c159e2648ae1ce3cae0d176b060e152d003a439dcbe8463d462eb5e843bfd9c2b1e5b2d89e372100e96443e2e574fefcd2ed899ef6e12cc92dfdc3ff8eeba109fecb0f0f04d55fc148ab026a71976d9479999ee6fec731c144cc106668e703fab82d7061a36035b2221488d6f3d56ff1d552df990ae8a4a34a76bad5b7824bfd38df1065ef61cab967f7dea1a622b06f51b76441a6f218049959e988cc7f7e577a6c40db4dafed7bdc9ea52d4edb79b9d9a55d006d243af481d745ba62f7114d0f8aa14cd4e45899983cfc783c77cdce37cfbbe33fa369147880bfb7dea7e741d6c781eda3b84f383b6f3e0a14e58cf1302d2daebffbba86bebbc30abb16b47ed28f5b8d8a43f9aa9e0692e448a1ef4e16a73507a61cef339c6be89ce95ca399a3139b27bfbd0c93ff276e13345a93ee6a1515cff4dc107f3a862b68f6e6b4267f51903a81cc1b585b211a65307bd5573f13c955c1e179729fb361197bccbd5e4700f49f93a72948634e3b7882724b973b14dc168bed2538f81acd2ddc2bc9265a3729c50f92a1750d058102899cbca79b46cc11aea6363e740ef16587b7c45e685b7a8b7b8c3a7fe83d8e2d81ec86fd7e55d46688fc9002f2abf917062e5d10bf593a4ed80fa891057c8e360efe5cbec03c562cb9d947353cbda57383bf90c471f05e04745ba51b61ab347d04539f43408c3b5a998f71f36dec641fe6e4bb91367ec7d8d6cd3cb730803573b4cad5304ef7c60faa1c3105cea24f4fa65cedec131a814a9ba90d0830eedf9ddb4142bbf83a0609697199eebf1dc85bb5b8a9acc4617788589361d32caa0fa4776f37e11e3081bb3a4f88fdcc86a74d14c66276fe779f36475c902c395901f979a18d1740ac8bd56dcf56365fce544a8e0f7385dbd9e0c45dc93454ede05e8c069fddafd933d661e60f7c05b9efeaf601866eaa31393cad3e77d43401749ddd0690b68f6e785f4fea3dd4e68152ae269a16661f9b64549b974a415d1adc6f63a600d4af9e59473ed15c24bdef127428bf81f86fd4d7e0c0cf2ec29cf90351572e73a557a781322d729e29caddf5b8e49e3e5e27d111cc77c652a9da5d5ecf11ed6ea37b8e4e65ea499f9d084a89054761f46c778d60ef66a235414904a92a566aa9781177dc79aa727ee91aae76fc6f42f68e712db2052fd890ced01237bef531699f640fccef7c76c00d43c0d641be019298f2d18b02e230f1fa97be1ea1a3e9c7b7354d4753a7c5a16cc11efbb8b1ed27fedd9a09dcd4a16e496edb18495473bbc65d00696d572e0168d726d4551b72d6ddaebefa8ffe8eb8ea74e7628d18aac4eefe906217ff0300003834bdcb9098e5aea133787bdf89bd823977e085f00ce42841c2aae50c2d25003fc29cdef9ff63a86ff56a6bf5e4079b99cbe177fcdf83df61cb4f625c4c09adabda8730d343b47123ac7ce8bb2a02a11b76d60cbf12fb4e1d810b5fa4866fe3af57eb95de0f4a2c64b8e47b1ec490d4dac6f0fd8807f1b8de68ec6464c14850a2f5392726a657cb752a9ce1862eaa09edb99eb3361339e47256061296e353fe88c5f0f48adcfd1448ff5147ab72bf079aee5cd5db9a99a7c6dce61026e71bee7eac0c53d59e8b3df92b859dbb7de42c83b06f5351bc185f8f2bdee7576e6997d3c33e1292356803417518eabdc1c4ab9ce48d8225a7a6b6ff345ece2169e1d44ddc265d31d65a1fe424cde95c06ba38db2eaa1b3885c24d4ae406890859a00b6b897a143dd9a9be11701ad56d8c8fea930175980ccc1ca92bba2ead93e07f6e0edaa83217aa6db93c9c0d69bf7e8c95134eda2a9e4c9921f02ffe88adcbeaa9d30d8800187f056c5fb4748ab727c1f985d03e7fa6e32eb82cfd8bc74f3bdee3f9cbbeff224d7be84dc4ec3b18bc09ff618db548ac339284e54aa5479056a25060943ad1e0a8b163af504cbff63421b22559d6bc6c512ea6efa65d205998e16382283dc1bf253937b01149eb5787db87660c0cfcb978d3cc87fed5b0f426275d3efa8ce8fdc43b02793da2db569a65f809007543426ac636d354add7dfef2a630facb07dfe9b68b4fabf0aa08d22fb79c71f2876fdc3fe262f0e69e0bf3bf5809fe8069257e8de47f22cec88632ae148e15647946be3f03acd8481528e84c805b75c1dccd43830a662582d24ff9a826a427b94a3b0f11d96601e5925ecc91946b0984b078503e0a13c88a5d795fa7ac30ce93b477b238cd4092ff7ef9a6ac04f9f8753ef352af50755168119a56437f840e9612cdc17a4f93d3f2fbfd1d61bd40a14730d11238d0bab527f2526597f093070d0a7653660f3c011564691f3ff69e20ec73b0cb9df84b60d11760263735f799465cef870607ac1246f7c38fcdf9f301417ddadc2fc37a8ae59805038beaa98edbdf9f5001f3f7f0e36259b584a9ff6c5526c818c1798432f91e09fc1803d40feec71725122dc7cc7badc5eb67bed50382da58d53632718258c51e1886745d74624ee8ce43ad416908b97f1ccb8e020afedaada0438432a060e8bc6477cfa0d5ba13ca21ea93fbfe977e0e3ab0360aff422bae21c21c61bc3dc895f4ef8c0ad03860aada0eab0e087efa87e34e9269c2d4a3fbdad61fc214dd463c091b28e8265e3c38e53373b577a643e1a2d6e2e477fa1057ede21fb0d29a292780a06f4afde814002b6400e260b1a8fabed0fe20de12fdd4ddcd9863a2f065b6c04d1feb11b1f7c5fda211b17a5a4f2ffa66e15c3c95281ef91a952ae8e6bad9b57fea63f476ddf5cbe4694b662524de66eb49346f5f02b0379ed8f2d41b250d0f340f7cc28b96330778632cf2bb69b9926c055ed352413cfb14bafc57a8bf6dfd7f4fdc9a7d2939e9754d86b5b905387b5dd141cb7354f529c90eb52152bf34cec8cc380aed1e924a124a06d6a68d6df7de9bf699aa170af0f47203d83e89e0ff215e420eaeaa3593a23b41e04a1237b8c3b8123d7e5ce60f4355594d1c2bd2cff8677aa6532019cdb79363452f337bcedb5b12905cf253e22f7e82d7411c55d74525bf761c5529dcae6a7ffeecbdf1b1de19cee2aa18e2a3efebb32b3e023bea2dca94ccd30ce65a0cb0eb030365b71ed1d7762e9136066c006fd32bb9ee2312f6540ebde9d5d96639eba753b9a16ff1a7c25ffbe519e4f2c65abcb1655125f3cb44687455ed339cbb4fa480dc5685ee26a425b3f8732f796467fa230a677c008a3f852ccd45427e68ef972c1b134a43958453687516b805b904ad98b9a0f62bddb786c67572b14a40912776aae6e22ddcd5df40756e264497596de3436089860ba2abd550c14c1d1ecc3e7f86046546ae0661c4e9078f7bc613cdaab5583ace3d212c748c671b39bc94ce61f68b48ae5dfa62698100c06d51fa33d43dde913827fefb558", 0x4})

943.701278ms ago: executing program 2 (id=438):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="0100000000230000000054"], 0x14}}, 0x0)
close(r0)

858.353721ms ago: executing program 2 (id=439):
syz_mount_image$squashfs(&(0x7f0000000040), &(0x7f0000000240)='./file0\x00', 0x800800, &(0x7f0000004140)=ANY=[], 0x1, 0x1d1, &(0x7f0000000280)="$eJzKKC4sZmdgYPj7sSaZQYABDBgZeBguMDAysDAwMKgzQsQYmCDUeij/BZSeCZW2gfKbofRCKF1xS3vdmlN+Z0566motk2VmaPX8Jo8sJpfaY+QmuZiHgYEhNPXIouLKquzEnJzUouKFDBW3WJMqTp9gYLluf02lWYLT4Y88h0OSpoMO0xEfj6wZjSWck6Q0xdjYMhXOnvkgv45N4wjDoxXMG+s88xrrClOn5qXlJVVlVWXNmzhx48zGzsbGlRProtL8VjG2pLhsaupkZHLYoiawmdlQfZKN9oR37aseJjmw9nj4NZ8yVnqdynzJeGGR1KkVVTMnfFGazWj4neEOT9kKCQ0NJ4krEhYNjA1H6mwbXBkqbiWnNDCkKYQxJqmxibVtOTMnhJmfzW2BQkvyCabQoxxLZ0pYHBCqOvnTUvOtQ6LbjG1PHdjO8Bw+zrOmoE/Q6LgEg9NCwf8yIGMSGhrKNNYyLbVd8KVI46+E12pjpwwGd3umZbAAZWkAkSuhPFmwnoTkFR46mppGKckJDZskEpLcCgyVGbbu4Vwt0MCAFG0qDAwM2xlhcQsB12CMUTAKRsEoGAWjYBSMglEwCkbBKBgFIwIAAgAA///A9Jlq")

543.576394ms ago: executing program 1 (id=440):
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
getsockopt$ax25_int(r0, 0x101, 0x3, &(0x7f0000000000), &(0x7f0000000100)=0x4)

477.302079ms ago: executing program 2 (id=441):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = socket$inet(0x2, 0xa, 0x4)
setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000180)=0x7b, 0x4)
recvmmsg(r1, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)

477.045428ms ago: executing program 1 (id=442):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001080)={0x14, 0x38, 0x301, 0x270bd24, 0x25dfdbfa, {0x1}}, 0x14}}, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), r0)

476.727136ms ago: executing program 1 (id=443):
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000000)='./bus\x00', 0x300000a, &(0x7f0000000180)={[{@metadata_ratio={'metadata_ratio', 0x3d, 0x401}}, {@space_cache_v1}, {@fatal_errors_bug}, {@datacow}, {@ssd}, {@clear_cache}, {@nobarrier}, {@nodatacow}, {@nodiscard}, {@enospc_debug}, {@ssd_spread}, {@noflushoncommit}]}, 0x3, 0x55a3, &(0x7f000000e0c0)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKAbRbfDNkX/YqW/AwN3Zcr8vqr3G4d+3Slh9cnJhqK53vrsB3cqRxV6QdatulpK6iOHaLg7bHau60XvNsKtvMST1vuF6nMN5TNW0LVoXxm26zpCzrmx0fKQ2Njn2I17aDned2mc2ZsTbrXvA5jBxq2y+vwgdpJ9Ze9PfHglSf/8fR956+duq3dfC5nk+amd7TqkHnN9ZrnMZrg86QXvP0KviUN9aUrhHD8nz5f9sycl3bf+MGrJ068/YWLr5628JopE58d9Iux/3jtLndPu7xg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MbKxP5uYAAADQa/SGvaZfHf3qS6c+dPeiF5cfV/Hdcb86abf6irO/33H8rivHf/HSK9sf36Vg/j+0tOP/8ZB/Xe5oV4cwoStxwYAQdut6PAn8LHbn5AEh7NWVaskPHJYKrA7hC12J/bNVpUr0jSWGpgK/r88EJqQCa2KgJRW4MQaWpAIXxsCKVGBGDKxOBQ6PgdCeP44D6jPjKDlQEwOtyUZcEc9CeKc+tpbaVuuyVQEAAGwnmdlhZf7dnHMdtjVDnF6uqOkpQzwDu2iG6lQN6RlsdlpVtIaKnmoo76mG7LgXffTwC2ou66nmgtMwyvIzfDjkO+UDJu79o7tuHHFT84sTv/vu2OO/8uc33129/z/993vOmX/dAQXz/6aPnv9Xd9ORsoLj/yFM7vobc5dnIh3ZeGtLXgYAAABgG1z12NInbzjgqP9z38v33fmla28oX3311//vKxsv2HvUccPL+v7dt1cUzP8nlHb+f9wn0icnc3g07oaYPSCEpvxAUu3BhYHkqHe/TAAAAAB6g+zx+Oyx8PbMbXKKdno+XZi/ZSvzxwP/E7rNf/mmv372y9c+eeLCYftsuOK/nflB2efH/m6XY9eOfPytPYf9Q0PfwvP/W0o7/782/zbpxJrYiysHhNA3J/BI7GVnoMvQGHj50PxAZvxr4gZYHKvKnJiQrWpxLNEaA02pwLJiJX6bLbFbfiDzZGUbvyA7jvZMiZwAAAAAfOLi7oB4XD6e/3/P5AO+tP+gl8a8uOe9C1+bsPSEU2t/uM8tu74+oGPSmAMnHHLEMwXz/9atO/+/ax5ccHp/R78QRlaE0Cf9w4BHa5OFAWOgriyTuL82qatPuqrzakMY3zmwdFWvZNb/r0ivMfhETVJVDOy29083DetM3FATwsjcwDPfvH5MZ2J+KpBt/Bs1IQzpHG268ZV9k8Yr041f0zeEPXMC2apO7htCZ2NV6aoerM5cxyBd1W3VIQzMCWSrOrA6hIUBgF4q/iudmfvgvIVnz57e0dF2xg5MxH34NWFWe0db44w5HTOri/RpZqrPecsYnVc4plKvfPN8ZomiqUNuH15KOvs7wabctjL78QtOHMzcj9+FKrvG2VyZd3d0esjD9ylsIuR8kyo25PIdPOTa3Eq2PIkF9cf8VaFf6LtgXtsZjWdNnz//jFHJ31KzNyd/42GmZFuNSm+r2u76VsLLo+hqWSkfd1vtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbkbw9D3a+7qlND3Xx9iePajkPdvSKnkk/iU0NCQqK3JaYvKTt/wrRf3/+tPdacdtZJe/z9HjNHnPRXl/9m7omNh0z+1fV/ubZg/j/3o+f/8VMnfvJn1mcodvy/IR7mTx7fcpi/NQaWlXr8v6HY0fzsiQFDU4FFMbDIYX4AAAA+G+LuyLg3M+6Vvq7un+4+cuaMQ97/5QlTrv7bseNOPWv9vg0XX33skv+w/p0lq454u2D+v6i03/9vp/X/s0vXf63YMv/7xxJNxdb/Ty/zn13/f1Gx9f/Ty/xn1/9f9ims/78gG0htknes/w8AAHwWfHLr//e4vH/6AgEFGXpc3j99gYCCDD0u41/qBQK2ev3/OR1/UTvo8jnjDh0x98ePrNp7ycDbvvT8xF/vs/SgEfeuvOW9UbcWzP+XlDb/t3A/AAAA7Dwe+mXfb1/87rD7n3rk/SPLLv3txpuO/6u2Aw75w8DmUyYfXfP9m/6tYP6/rLT5/ye//l8odv7/0GKBlmILA1r/DwAAgF6q2Pp/Nw98eejq+SNufOznb97yUusvZo5/7d8t+cFXpg9runnNut80zFhfMP9fUdr8P552UZ6XO/bmw/pkTbuQXtNuY332JwMAAADQO5SHxsbKEvPmrYx62Mdvc11mKdCPSud6+r5BqxaUP3RVWfXGH1wy7ZDGc489c86RF63/fu2TP6md2lh9RsH8f3Vp8/+832U8UDup/rK3Jx784cqT/3j6vvPXTt1y/B8AAADYcUrdLwEAAAAAAAAAAAAAAHz6nmpdetAHo45+Y+Zeo/70jWNf+MHiL37zkb+59s9n/vzw+/Zq3zxsSsHv/8PkrnLFfv8fr/sXf1+wa17u2GrP6/9l7k855taFXUsWPlofwj65gdnnz/5cyFybf7/cwKqp+w/uTJyfLnHfi4e/1pmYlg4cNWKX9zoT41OB1rhI4hfSgXhVxff6pwJxecUn04G4PVakA1WZwCX9k3GUpbfVhrpkW5Wlt9VzdSEMyAlkt9XddUkbZekBXpUKZAd4ejoQBzgpEyhP9+rWfkmvYqAuFv2bfkmvAADYacVvgZVhVntHW1P8Ch9vd6/Iv43yliw7r7DashKbfz6zNNnUIbcPLyXdJ/1ddMu1xitDdecQRhV8Xc3NUtY1yu1TSw+bbtciQ+5ptbfyIuXStnbTVRUfUU0yosYZczpmVvY48NE9Z2mu6DHLqILJTm6W8q5NWkItJfSlhBGVuG1K6HK8Xx4aG/ukco2LwYaQp6dXRKm/189d56/YqyA3z9/WXHtpn8F93v+38Rc99OCAyo5TJ7ddtPtj/zxw1Mwf//DB1mt+XzD/byht/l+dO673MhcDWBSvrHfwgBBaSxwRAAAAfPb9z3OX33HinDUbZq2uePZ3v5tdftyJlZvPueucsy967v7FR13y72/e1viKsqc2nfjGprP++o2ffOW6h8966fAZZ901ad0h69uqb/zuXyw/dUjB/H9oafP/uAcrcyg42duxOl7//4IBIXRdWr8hCfwsDvfkASHs1ZVqiSWSC+p/LZZoSgI/iztM9o8lWlvyq+obAytSgd/XZwKrU4E1MZDZS/HTkNmVc0V9CGO6UpPzS8yNJRpSgeNiYGgq0BgDTalA/xiYkAq82T8TaEkF/jEGQnv+trqzf2ZbAQAAbI3MPKsy/25Iz/NWVPSUoaynDLU9ZSjvKUN1TxmKjSLevyNmqEydvFKWk6kyXWtNqpaCDPFi+Fvdr4IM4bf5OdMFC5qO5x9kzzcoy88w7od3tB70tXk/3nTxjx4/8sALj1xy5duXHt1v8JXP/u/2c/v131RbMP9vKm3+X5t/m7S+Js7/t1z/Lwk8Ert3ZTx1fGgMvHxofiCzY2BNnOwuzlbVkimRmbQvjiUmxMDQVGBuDExIBVonZwLLBucHMjPtbOMXZBtvz5TICQAAAMAnLu4giLtp4vx/5bjwzh5Hvt+8+5UD5457/JHzjphes2t1zT+PX7t0/KXVD+3Xt2D+P6G0+X9sr19uYxfG3rzaP4S7y7b0JhsYUZcE4n6Muvjz+D3qQvhczg6ObIm22qREVarh8HBN8gv1qnRV99YkawzE+1OeeHDVZZ2Jq2pC2Ddn70u2jReqkzZq0oFhVUmgNh2YU5EE4p6fbOCe8iQA2yy7VzC+oDKnumQ1dF+uyOvvs3JN0PTwCvaBdpOvu99c7SjV6Qcy+1Sztu5pK6iOHaLg7bHau603vtsavNtyv0hlvqFs3hKqDuUz22ZNX9AxPz6S+0vWAjvoec79lWop6e3wOlz08Xvbs+p0B5pSHx9N3Zfr/nVYFqt7oHZS/WVvTzx45cl/PH3f+WunltyNIuIPhQ++de4Bz+Vs3h2tOmRec73u86TF50lv/Dcw1NMWQlh+wawnn/iX95+vWN/8Xw4cu/y2Nx9b/pODHpg14gsbLvnyxrfePapg/t9S2vy/InXb5YO4MecNCGF4zsZ9NG7+iQOSz8GcQPIpObAwkBxyX19f9JMTAAAAtrfs7o7s/oL2zG1yQnh6nlyYv2Ur88f9FRO6zV9qvweO+YfvHXrV69/4+vrdL3906VPr/tObrxwx7dAHNj29YuXrzcd+/umC+X/rR8//+6a66fi/4//sII7/d2tn3xXdN/3Aom3aFV1QHTuE4//d2tnfbY7/d8vxf8f/u+P4fw8c/+/Wzv60FXxLmutLVwihdcANt/+idvrwflec860Za3/+9DtN416oO/foO//H4YvDNeet+nPB/H9uafN/6/91v2hfdv2/1mLr/80ttv7fIuv/AQAAO1SRhebS87yC1fsKMqRX7yvI0OMCgT0uMWj9v61e/6/2pLNPeqX+rb2umXj7f75z+oXPn3Tis/v2ef6E20+4aeTVw1/68oaC+f+i0ub/8eXQL7f13rL+39DJRapaEgNzLQwIAADAzqjYDgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+XSseXPzFzYv3OeimZz9/0+H/umzNrL1/dcDm0WNObhy+eGDZlX/3L28NWrDwjbZJZ17bMn35NRtWLg2hvatcWVK87KFB5eWj/3DMXbdd8XDTtMFTzq3O1FuZuf1iXu7Y6of1ISzLeaQuJjbWd97ZEphyzK0LKzoTj9aHsE9uYPb5sz/XmbixPoT9cgOrpu4/uDNxfrrEfS8e/lpnYlo6cNSIXd7rTIzPBMrS3b2uf9LdsnR3L+sfwoCcQLa73+6fX1W2jf+YCZSn27i5LmkjBupi0R/VJW3EQEcs0d43hJEVIfRJV/Xr6qSqPumq/r46qapPuqr/Wh3C+BBCRbqqF6uSqirSI19blVQVA7vt/dNNwzoTy6pCGJkbeOab14/pTJyeCmQb/3pVCEM6XzLpxu+oTBqvTDd+VWUIe4YQqtIl/rUiKVGVLvFKRQgDcwLZxk+tCGFh4DMhfvjMzH1w3sKzZ0/v6Gg7YwcmqjJt1YRZ7R1tjTPmdMysTvWpmLKc9ObzPv7Yn990zozO26lDbh9eSroiU66yq8vNlXl3R+/svY/9qs2tZMvzUVB/zF8V+oW+C+a1ndF41vT5888YlfwtNXtz8rdPJppsq1G9ZVvtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbk7/YY6vWf/FB3r8ip5JP4AJCQkOhtifK8T7emnf2DvOCL/paOVobqrg/ogmlFbpayrlFuj0Ef9jFH/HG+p/Q4olEFE4eCLM09ZxldMJnYkqUmydL1va5gcphbU3nXJo33y0NjY59i26Eh/27u5n1rGzbvusymKzUNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/D924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUbPBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKUAAAD//5twzl8=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000080)=""/29, 0x1d)
getdents64(r0, 0xfffffffffffffffe, 0x29)

160.123152ms ago: executing program 1 (id=444):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x20008d0, &(0x7f0000000680)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6e6f757365725f78617474722c636f686572656e63793d66756c6c2c646174613d77726974656261636b2c6c6f63616c616c6c6f633d30303030303030303030303030303030303030312c61636c2c6e6f61636c2c6c6f63616c616c6c6f633d30303030303030303030303030303030303030302c00a89f6b8d5800aa954e6c8735dcd52921ce08462fb4ce7c1600883251443ac332f4d17b77d29867e4321610936dbc5963e9fb59a032c92e32ebffc3b739951e866d52bff6bd63136a656222062a8eea0cf97480bc8ac6c0e8a2aa38ffa8fa758cd54b9ef39a7f536d7b85173a83c34d78e210ecf4d040817bbe989e9eb015acb84bb90577b8b405a48292eeca69f5275cb7b7027d4bf643bd69b034c0221a30"], 0x1, 0x442d, &(0x7f0000004480)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZM3cRObaNQQ6EmliZTSUmixptrGeNkusG3RhW1gMR56wFsTTyYejIdGE2+cGg5e65/gxWM9N9GDFxOTRszuzgIz7IaVsGDr53NgmOc3fGeefeYw+8SJyp25pdzcUq6wkCvP3Fo6k/u4XFqeL4Z4nzTt/9D+9U97OnGdHPS190929fzFd2+cCeH72R+frK+vr4eq7tDU0Jbff/v13szWY0OcqVNtt3lre+WDEMLJbeOq6gohvP9dCFEI4VySNpoce0MIx0I978a9z27m9mg0Dx8Xz+afTt1fGz49ufpgrfXfHoXwVel/r92e//nFruGfXtmj7gEAAAAAAAAAAAAAAAAAeMaNX7t6/Z3BofAoCt2r0fb3dceTY6v3Y9f3zAsh9HX+7wUAAAAAAAAAAAAAAAAAAIC/o833/3PRiSbv/48lx5EW9dff6vwY6ZyJt6+OXRgcSvZ/j7blv54k/XKuK/Q32fc9u//7uUz95vu/b+9ntxrja/TbF6J4IHUexwMDIXyTbPx+KjoSl8pLlVdvlZcXZvdsGM+sdPzru/enopNs6N9u/Ecz7Xd+////bruaquc39+4Se66l49/Vsty3n0Ztxf98pt5+xJ/dS8e/u5bWu7XASH0CqMb/8+6d4z+Wab9T8T8eQshF1bHmUjNAdQ1TTW+1XiEtHf9DtbTU1Jn8I1vd/79n4n8h0/5Bzf8r2Q8imkrH/1+1tJ5Uic37vz/e+f6/mGn/IOJfHf+Kz/+2pON/uJ7YnSpS+0+2O/+PZ9rvVPyvx8k4j0epK2A1qqe3+r460tLx79mWv/n8F7e1/ruUqb9fz3+NfhvPf43p/+Wo/vxHc+n497Ys1+79P5Gp1+n5f6S2/mO30vE/UktLr53rX8rZbvwnM+13Kv61VUlPI/6b88kfh+vpX1v/tSUd/3/XE+OtJVZqP2vrv2jn9f/lTPsHsf6rjn8l7myvz4t0/I+2LFeN/w9tfP5fydTrfPxDGLTW37V0/I+1LFe7/3t2jv9Upl6n4/9SJxsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeAaMJse+EMUDqfM4HhgI4XxyfiociaYLs/npUnnmo6UQxpL0XDgR3S6Vpwul/NxCebaYL5RK5ZkQLiT5J0NPtFQqV/LzhbsXN9rqje4UC4uV6WKhEkIYT9L/H4412pqeq8wX7oYQLm3k/ScuL969U1jIz84tvjk4ODgYJjbG0B8VP6kUFyr13uu5IUxu1O2Ltgyuln15YyxHow/Ly4sLhVIt/cqWOqXyTKG0pc5UkvdF6I8qi8sLM4VKMV8q3270d5BGkuPYxLX3rl0Z2pZ/M6ofR/d3WAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8RY+G3/gyhNBdP4tDCCONX6Jm5R8+Lp7NP526vzZ8enL1wdqTVuUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgT3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwS8coDQRRGIDfjIXaeQyrZbezXVFEC1cET6DH8DB6FC/hHVKkSJsiBJJZCJtd2Capvq95MD8z78E8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYJ6n9+7jrW4iUlxtLiP+vv4Xh/lLqT/34/cvzjAjp/P82j081k3593SU35WjZZt36Xr1/Rkjtfc72JPhPu31fa4n55rat6n5+r43kXIVEW3Jb1POVTXvLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAtO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBYwEAAAAAYf7WUfRtAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwKAAD//+UFHyA=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f00000005c0)='\"', 0x1, 0x4fed0)
r1 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r1, r1, 0x0, 0x800000009)
open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0)

133.480618ms ago: executing program 0 (id=445):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000140)={@my=0x1})
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x0})

0s ago: executing program 0 (id=446):
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x7e, 0x9e, 0xb4, 0x10, 0x54c, 0x38, 0x16f5, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x8, 0xc5, 0x38}}]}}]}}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:53035' (ED25519) to the list of known hosts.
syzkaller login: [   56.139714][ T5834] cgroup: Unknown subsys name 'net'
[   56.245061][ T5834] cgroup: Unknown subsys name 'cpuset'
[   56.250004][ T5834] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   58.030265][ T5834] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   63.526354][ T5856] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   63.530254][ T5856] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   63.533728][ T5856] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   63.537273][ T5856] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   63.537655][ T5854] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   63.540290][ T5856] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   63.545871][ T5854] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   63.549334][ T5854] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   63.559559][ T5854] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   63.564108][ T5854] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   63.581782][ T5854] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   63.586608][ T5854] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   63.600046][ T5854] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   63.604629][ T5854] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   63.609060][ T5854] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   63.902702][ T5849] chnl_net:caif_netlink_parms(): no params data found
[   63.993741][ T5851] chnl_net:caif_netlink_parms(): no params data found
[   64.158592][ T5849] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.162112][ T5849] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.164985][ T5849] bridge_slave_0: entered allmulticast mode
[   64.168827][ T5849] bridge_slave_0: entered promiscuous mode
[   64.210508][ T5849] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.215852][ T5849] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.218738][ T5849] bridge_slave_1: entered allmulticast mode
[   64.223006][ T5849] bridge_slave_1: entered promiscuous mode
[   64.227407][ T5851] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.230598][ T5851] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.234424][ T5851] bridge_slave_0: entered allmulticast mode
[   64.238498][ T5851] bridge_slave_0: entered promiscuous mode
[   64.275732][ T5849] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   64.279276][ T5851] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.281866][ T5851] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.284426][ T5851] bridge_slave_1: entered allmulticast mode
[   64.287561][ T5851] bridge_slave_1: entered promiscuous mode
[   64.298290][ T5858] chnl_net:caif_netlink_parms(): no params data found
[   64.320655][ T5849] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   64.345218][ T5851] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   64.380564][ T5851] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   64.401378][ T5849] team0: Port device team_slave_0 added
[   64.425139][ T5851] team0: Port device team_slave_0 added
[   64.429803][ T5851] team0: Port device team_slave_1 added
[   64.434712][ T5849] team0: Port device team_slave_1 added
[   64.515880][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_0
[   64.518097][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.528560][ T5849] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   64.534873][ T5851] batman_adv: batadv0: Adding interface: batadv_slave_0
[   64.537684][ T5851] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.549820][ T5851] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   64.567852][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_1
[   64.570591][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.583084][ T5849] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   64.588458][ T5851] batman_adv: batadv0: Adding interface: batadv_slave_1
[   64.591608][ T5851] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.601619][ T5851] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   64.606268][ T5858] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.609084][ T5858] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.613084][ T5858] bridge_slave_0: entered allmulticast mode
[   64.616881][ T5858] bridge_slave_0: entered promiscuous mode
[   64.635349][ T5858] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.638100][ T5858] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.641805][ T5858] bridge_slave_1: entered allmulticast mode
[   64.645613][ T5858] bridge_slave_1: entered promiscuous mode
[   64.708675][ T5858] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   64.731736][ T5849] hsr_slave_0: entered promiscuous mode
[   64.735481][ T5849] hsr_slave_1: entered promiscuous mode
[   64.741258][ T5858] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   64.764219][ T5851] hsr_slave_0: entered promiscuous mode
[   64.767691][ T5851] hsr_slave_1: entered promiscuous mode
[   64.770619][ T5851] debugfs: 'hsr0' already exists in 'hsr'
[   64.773577][ T5851] Cannot create hsr debugfs directory
[   64.827305][ T5858] team0: Port device team_slave_0 added
[   64.853437][ T5858] team0: Port device team_slave_1 added
[   64.926539][ T5858] batman_adv: batadv0: Adding interface: batadv_slave_0
[   64.929256][ T5858] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.937861][ T5858] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   64.963865][ T5858] batman_adv: batadv0: Adding interface: batadv_slave_1
[   64.966138][ T5858] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.975014][ T5858] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   65.059594][ T5858] hsr_slave_0: entered promiscuous mode
[   65.062112][ T5858] hsr_slave_1: entered promiscuous mode
[   65.064580][ T5858] debugfs: 'hsr0' already exists in 'hsr'
[   65.066536][ T5858] Cannot create hsr debugfs directory
[   65.213554][ T5851] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   65.223114][ T5851] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   65.248861][ T5851] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   65.266144][ T5851] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   65.313446][ T5849] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   65.321903][ T5849] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   65.331389][ T5849] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   65.351750][ T5849] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   65.406091][ T5858] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   65.413911][ T5858] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   65.425259][ T5858] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   65.435148][ T5858] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   65.523250][ T5851] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.582207][   T54] Bluetooth: hci0: command tx timeout
[   65.582685][ T5854] Bluetooth: hci1: command tx timeout
[   65.593889][ T5851] 8021q: adding VLAN 0 to HW filter on device team0
[   65.619485][ T5849] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.625596][   T40] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.628664][   T40] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.636823][   T40] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.639149][   T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.660913][ T5854] Bluetooth: hci2: command tx timeout
[   65.673171][ T5849] 8021q: adding VLAN 0 to HW filter on device team0
[   65.682256][ T5858] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.703219][   T40] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.706216][   T40] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.716674][ T5851] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   65.733863][   T40] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.736928][   T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.768814][ T5858] 8021q: adding VLAN 0 to HW filter on device team0
[   65.787697][   T80] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.790391][   T80] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.808757][   T80] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.812282][   T80] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.917189][ T5851] 8021q: adding VLAN 0 to HW filter on device batadv0
[   66.012743][ T5851] veth0_vlan: entered promiscuous mode
[   66.022202][ T5849] 8021q: adding VLAN 0 to HW filter on device batadv0
[   66.036144][ T5851] veth1_vlan: entered promiscuous mode
[   66.085153][ T5851] veth0_macvtap: entered promiscuous mode
[   66.099868][ T5858] 8021q: adding VLAN 0 to HW filter on device batadv0
[   66.105738][ T5851] veth1_macvtap: entered promiscuous mode
[   66.124256][ T5849] veth0_vlan: entered promiscuous mode
[   66.147153][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_0
[   66.157195][ T5849] veth1_vlan: entered promiscuous mode
[   66.172328][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.200093][ T5858] veth0_vlan: entered promiscuous mode
[   66.203753][ T5862] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.218844][ T5862] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.223968][ T5862] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.243007][ T5862] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.261790][ T5858] veth1_vlan: entered promiscuous mode
[   66.296958][ T5849] veth0_macvtap: entered promiscuous mode
[   66.320368][ T5849] veth1_macvtap: entered promiscuous mode
[   66.336229][ T5858] veth0_macvtap: entered promiscuous mode
[   66.368909][ T5858] veth1_macvtap: entered promiscuous mode
[   66.381608][  T762] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.381912][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_0
[   66.384657][  T762] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.391844][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.423252][ T5880] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.426654][ T5880] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.430389][ T5880] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.442080][ T5858] batman_adv: batadv0: Interface activated: batadv_slave_0
[   66.463434][ T5880] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.474334][ T5858] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.484522][  T762] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.488381][  T762] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.499895][ T5862] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.506760][ T5862] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.520097][ T5862] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.547525][ T5862] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.589863][ T5851] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   66.622926][   T29] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.625553][   T29] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.662837][   T26] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.665381][   T26] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.694034][   T29] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.696651][   T29] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.753161][   T26] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.755732][   T26] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.887551][ T5926] syz.2.3 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   67.023750][ T5933] loop2: detected capacity change from 0 to 16
[   67.074245][ T5933] erofs (device loop2): mounted with root inode @ nid 36.
[   67.662008][ T5854] Bluetooth: hci1: command tx timeout
[   67.662308][   T54] Bluetooth: hci0: command tx timeout
[   67.824743][   T54] Bluetooth: hci2: command tx timeout
[   69.750889][   T54] Bluetooth: hci0: command tx timeout
[   69.753398][   T54] Bluetooth: hci1: command tx timeout
[   69.981272][ T5854] Bluetooth: hci2: command tx timeout
[   70.347325][ T5965] loop2: detected capacity change from 0 to 256
[   70.375175][ T5965] exFAT-fs (loop2): failed to read boot sector
[   70.377177][ T5965] exFAT-fs (loop2): failed to recognize exfat type
[   70.527756][ T5961] loop1: detected capacity change from 0 to 32768
[   70.533965][ T5963] loop0: detected capacity change from 0 to 32768
[   70.539787][ T5961] =======================================================
[   70.539787][ T5961] WARNING: The mand mount option has been deprecated and
[   70.539787][ T5961]          and is ignored by this kernel. Remove the mand
[   70.539787][ T5961]          option from the mount to silence this warning.
[   70.539787][ T5961] =======================================================
[   70.601318][ T5961] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[   70.616550][ T5963] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,fix_errors=yes,norecovery,nojournal_transaction_names,read_only
[   70.616564][ T5963]   allowing incompatible features above 0.0: (unknown version)
[   70.616570][ T5963]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[   70.632364][ T5963] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[   70.635433][ T5963] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[   70.638580][ T5963] bcachefs (loop0): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.28: inode_has_case_insensitive
[   70.638580][ T5963]   running recovery passes: check_allocations,check_extents_to_backpointers,check_inodes
[   70.657531][ T5963] bcachefs (loop0): btree node read error at btree alloc level 0/0
[   70.657559][ T5963]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0
[   70.657566][ T5963]   loop0 node offset 0/24: got wrong btree node: got
[   70.657571][ T5963]   btree=alloc level=0 seq 98dc7e261 1
[   70.657575][ T5963]   min: POS_MIN
[   70.657579][ T5963]   max: SPOS_MAX
[   70.657583][ T5963]   loop0 btree validate error
[   70.657587][ T5963]   flagging btree alloc lost data
[   70.657591][ T5963]   running recovery pass check_topology (2), currently at recovery_pass_empty (0)
[   70.657596][ T5963]   running recovery pass check_lrus (14), currently at recovery_pass_empty (0)
[   70.657601][ T5963]   running recovery pass check_backpointers_to_extents (16), currently at recovery_pass_empty (0)
[   70.657607][ T5963]   running recovery pass check_alloc_info (13), currently at recovery_pass_empty (0)
[   70.657613][ T5963]   ret btree_node_read_err_bad_node
[   70.692516][ T5963] bcachefs (loop0): error reading btree root btree=alloc level=0: btree_node_read_error, fixing
[   70.702176][ T5963] bcachefs (loop0): btree node read error at btree lru level 0/0
[   70.702188][ T5963]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 28f61e078e70b95c written 16 min_key 0:196608:0 durability: 1 ptr: 0:28:0 gen 0
[   70.702195][ T5963]   loop0 node offset 0/16: incorrect min_key: got POS_MIN should be 0:196608:0
[   70.702201][ T5963]   loop0 btree validate error
[   70.702218][ T5963]   flagging btree lru lost data
[   70.702224][ T5963]   ret btree_node_read_err_bad_node
[   70.719125][ T5963] bcachefs (loop0): error reading btree root btree=lru level=0: btree_node_read_error, fixing
[   70.724577][ T5963] bcachefs (loop0): btree node read error at btree freespace level 0/0
[   70.724592][ T5963]   u64s 11 type btree_ptr_v2 36591746972385279:U64_MAX:U32_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0
[   70.724620][ T5963]   loop0 node offset 0/32 bset u64s 0: incorrect max key SPOS_MAX
[   70.724629][ T5963]   loop0 btree validate error
[   70.724636][ T5963]   flagging btree freespace lost data
[   70.724644][ T5963]   ret btree_node_read_err_bad_node
[   70.746931][ T5963] bcachefs (loop0): error reading btree root btree=freespace level=0: btree_node_read_error, fixing
[   70.752443][ T5963] bcachefs (loop0): check_topology... done
[   70.755087][ T5963] bcachefs (loop0): accounting_read... done
[   70.759634][ T5963] bcachefs (loop0): alloc_read... done
[   70.762762][ T5963] bcachefs (loop0): snapshots_read... done
[   70.765267][ T5963] bcachefs (loop0): Fixed errors, running fsck a second time to verify fs is clean
[   70.768647][ T5963] bcachefs (loop0): done starting filesystem
[   70.769275][ T5849] ocfs2: Unmounting device (7,1) on (node local)
[   70.805711][ T5888] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   70.841834][ T5851] bcachefs (loop0): shutting down
[   70.885249][ T5851] bcachefs (loop0): shutdown complete
[   70.985947][ T5888] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   70.991132][ T5888] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[   70.995434][ T5888] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[   70.999587][ T5888] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   71.013022][ T5888] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   71.016913][ T5888] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   71.026801][ T5888] usb 3-1: config 0 descriptor??
[   71.194453][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[   71.197745][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[   71.202823][ T5915] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   71.361597][ T5915] usb 2-1: Using ep0 maxpacket: 32
[   71.366644][ T5915] usb 2-1: config 6 has an invalid interface number: 111 but max is 0
[   71.369929][ T5915] usb 2-1: config 6 has no interface number 0
[   71.374314][ T5915] usb 2-1: config 6 interface 111 has no altsetting 0
[   71.380669][ T5915] usb 2-1: New USB device found, idVendor=05ac, idProduct=0264, bcdDevice=fa.e9
[   71.391127][ T5915] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   71.394459][ T5915] usb 2-1: Product: syz
[   71.397847][ T5915] usb 2-1: Manufacturer: syz
[   71.399754][ T5915] usb 2-1: SerialNumber: syz
[   71.426884][ T5915] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:6.111/input/input4
[   71.464605][ T5888] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[   71.617435][ T5280] bcm5974 2-1:6.111: could not read from device
[   71.625486][ T5280] bcm5974 2-1:6.111: could not read from device
[   71.636840][ T5280] bcm5974 2-1:6.111: could not read from device
[   71.646754][ T5915] usb 2-1: USB disconnect, device number 2
[   71.649943][ T5280] bcm5974 2-1:6.111: could not read from device
[   71.715401][ T5888] usb 3-1: USB disconnect, device number 2
[   71.822762][   T54] Bluetooth: hci0: command tx timeout
[   71.825385][ T5854] Bluetooth: hci1: command tx timeout
[   72.061054][ T5854] Bluetooth: hci2: command tx timeout
[   72.110997][   T24] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   72.274017][   T24] usb 1-1: Using ep0 maxpacket: 32
[   72.283568][   T24] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[   72.302129][   T24] usb 1-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[   72.306052][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   72.309214][   T24] usb 1-1: Product: syz
[   72.322087][   T24] usb 1-1: Manufacturer: syz
[   72.324083][   T24] usb 1-1: SerialNumber: syz
[   72.336092][   T24] usb 1-1: config 0 descriptor??
[   72.339133][ T5977] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   72.347636][   T24] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[   72.469098][ T5987] loop2: detected capacity change from 0 to 4096
[   72.482312][ T5987] ntfs3(loop2): ino=0, mi_enum_attr
[   72.487082][ T5987] ntfs3(loop2): ino=0, mi_enum_attr
[   72.489226][ T5987] ntfs3(loop2): Failed to load $MFT (-22).
[   72.586709][    T9] usb 1-1: USB disconnect, device number 2
[   72.829998][ T5992] loop2: detected capacity change from 0 to 2048
[   72.845334][ T5992] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   73.170235][ T5854] Bluetooth: hci2: Unknown advertising packet type: 0x7f
[   73.170281][ T5854] Bluetooth: hci2: Unknown advertising packet type: 0x5d
[   73.179085][ T5854] Bluetooth: hci2: Unknown advertising packet type: 0x7f
[   73.180577][ T5998] netlink: 4 bytes leftover after parsing attributes in process `syz.2.33'.
[   73.193862][ T5854] Bluetooth: hci2: Unknown advertising packet type: 0x7f
[   73.193887][ T5854] Bluetooth: hci2: Malformed LE Event: 0x0d
[   74.347764][ T6019] netlink: 12 bytes leftover after parsing attributes in process `syz.0.43'.
[   75.012096][ T6034] loop1: detected capacity change from 0 to 32768
[   75.026937][ T6034] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.50 (6034)
[   75.040353][ T6034] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   75.044685][ T6034] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[   75.047937][ T6034] BTRFS info (device loop1): disk space caching is enabled
[   75.050493][ T6034] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[   75.077262][ T6034] BTRFS info (device loop1): rebuilding free space tree
[   75.090818][ T5915] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   75.095955][ T6034] BTRFS info (device loop1): disabling free space tree
[   75.098686][ T6034] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   75.104626][ T6034] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   75.193212][ T5849] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   75.243724][ T5915] usb 1-1: Using ep0 maxpacket: 32
[   75.255739][ T5915] usb 1-1: config 0 has an invalid interface number: 51 but max is 0
[   75.258631][ T5915] usb 1-1: config 0 has no interface number 0
[   75.274687][ T5915] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[   75.283782][ T5915] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   75.286422][ T5915] usb 1-1: Product: syz
[   75.298897][ T5915] usb 1-1: Manufacturer: syz
[   75.301072][ T5915] usb 1-1: SerialNumber: syz
[   75.309822][ T5915] usb 1-1: config 0 descriptor??
[   75.316198][ T5915] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[   75.532303][ T5915] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[   75.541642][ T5915] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[   75.815022][ T6052] loop1: detected capacity change from 0 to 32768
[   75.818738][ T6052] XFS: attr2 mount option is deprecated.
[   75.853324][ T6052] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[   75.860373][ T6052] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   75.888047][ T6052] XFS (loop1): Ending clean mount
[   75.896627][ T6052] XFS (loop1): Quotacheck needed: Please wait.
[   75.926683][ T6052] XFS (loop1): Quotacheck: Done.
[   75.929999][    C0] usb 1-1: qt2_read_bulk_callback - non-zero urb status: -71
[   75.933262][    T9] usb 1-1: USB disconnect, device number 3
[   75.942164][    T9] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[   75.956643][    T9] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[   75.965359][ T5849] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   75.970521][    T9] quatech2 1-1:0.51: device disconnected
[   76.100964][ T5915] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   76.252355][ T5915] usb 3-1: Using ep0 maxpacket: 32
[   76.257840][ T5915] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   76.268140][ T5915] usb 3-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[   76.272171][ T5915] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   76.275408][ T5915] usb 3-1: Product: syz
[   76.277192][ T5915] usb 3-1: Manufacturer: syz
[   76.279273][ T5915] usb 3-1: SerialNumber: syz
[   76.286821][ T5915] usb 3-1: config 0 descriptor??
[   76.300405][ T5915] cdc_ether 3-1:0.0: skipping garbage
[   76.303241][ T5915] usb 3-1: bad CDC descriptors
[   76.306368][ T5915] usb 3-1: unsupported MDLM descriptors
[   76.377858][ T6083] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   76.470346][ T6087] loop9: detected capacity change from 0 to 7
[   76.485591][ T6087] Dev loop9: unable to read RDB block 7
[   76.487628][ T6087]  loop9: unable to read partition table
[   76.489652][ T6087] loop9: partition table beyond EOD, truncated
[   76.500791][ T6087] loop_reread_partitions: partition scan of loop9 (被x ) failed (rc=-5)
[   76.501559][ T5915] usb 3-1: USB disconnect, device number 3
[   76.637989][ T6095] loop1: detected capacity change from 0 to 2048
[   76.678679][ T6095] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.697303][ T6095] ext4 filesystem being mounted at /30/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.748368][ T5849] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.834982][ T6108] tipc: Started in network mode
[   76.837284][ T6108] tipc: Node identity c, cluster identity 4711
[   76.839717][ T6108] tipc: Node number set to 12
[   77.040837][ T5915] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   77.320856][ T5915] usb 1-1: Using ep0 maxpacket: 32
[   77.326106][ T5915] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[   77.333482][ T5915] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[   77.337426][ T5915] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[   77.341383][ T5915] usb 1-1: Product: syz
[   77.343145][ T5915] usb 1-1: Manufacturer: syz
[   77.345116][ T5915] usb 1-1: SerialNumber: syz
[   77.350397][ T5915] usb 1-1: config 0 descriptor??
[   77.359009][ T6106] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   77.363740][ T5915] hub 1-1:0.0: bad descriptor, ignoring hub
[   77.366240][ T5915] hub 1-1:0.0: probe with driver hub failed with error -5
[   77.761645][ T5888] usb 1-1: USB disconnect, device number 4
[   77.782415][ T6122] trusted_key: encrypted_key: keylen parameter is missing
[   78.826751][ T6138] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   79.329054][ T6155] netlink: 56 bytes leftover after parsing attributes in process `syz.1.92'.
[   79.472508][ T6161] loop1: detected capacity change from 0 to 2048
[   79.506839][ T6163] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   79.578907][   T33] audit: type=1800 audit(1755519691.016:2): pid=6161 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.94" name="file1" dev="loop1" ino=15 res=0 errno=0
[   79.689801][   T33] audit: type=1326 audit(1755519691.126:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6170 comm="syz.1.97" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa1da78ebe9 code=0x0
[   79.965551][ T6181] netlink: 9 bytes leftover after parsing attributes in process `syz.2.103'.
[   79.976964][ T6181] 0: renamed from hsr0 (while UP)
[   79.984007][ T6181] 0: entered allmulticast mode
[   79.985705][ T6181] hsr_slave_0: entered allmulticast mode
[   79.987604][ T6181] hsr_slave_1: entered allmulticast mode
[   79.990284][ T6181] A link change request failed with some changes committed already. Interface 70 may have been left with an inconsistent configuration, please check.
[   80.012492][ T6185] netlink: 8 bytes leftover after parsing attributes in process `syz.0.105'.
[   80.715545][   T33] audit: type=1326 audit(1755519692.156:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6195 comm="syz.1.109" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1da78ebe9 code=0x7ffc0000
[   80.727473][   T33] audit: type=1326 audit(1755519692.156:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6195 comm="syz.1.109" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1da78ebe9 code=0x7ffc0000
[   80.738686][   T33] audit: type=1326 audit(1755519692.156:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6195 comm="syz.1.109" exe="/syz-executor" sig=0 arch=c000003e syscall=207 compat=0 ip=0x7fa1da78ebe9 code=0x7ffc0000
[   80.747610][   T33] audit: type=1326 audit(1755519692.156:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6195 comm="syz.1.109" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1da78ebe9 code=0x7ffc0000
[   81.013771][ T6208] x_tables: ip_tables: DSCP target: only valid in mangle table, not syz0
[   81.218238][ T6222] loop2: detected capacity change from 0 to 764
[   81.225066][ T6225] netlink: 8 bytes leftover after parsing attributes in process `syz.0.123'.
[   81.279562][ T6222] Symlink component flag not implemented
[   81.284331][ T6222] Symlink component flag not implemented
[   81.287165][ T6222] Symlink component flag not implemented (128)
[   81.290163][ T6222] Symlink component flag not implemented (122)
[   81.311852][ T6230] process 'syz.1.126' launched '/dev/fd/3' with NULL argv: empty string added
[   81.318264][ T6228] team_slave_0: entered promiscuous mode
[   81.320926][ T6228] team_slave_1: entered promiscuous mode
[   81.380204][ T6232] loop1: detected capacity change from 0 to 1024
[   81.404725][ T6232] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.442944][ T6232] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: inode #11: comm syz.1.128: missing EA_INODE flag
[   81.473495][ T6232] EXT4-fs (loop1): Remounting filesystem read-only
[   81.475733][ T6232] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   81.489382][ T6239] loop0: detected capacity change from 0 to 512
[   81.549951][ T5849] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.557406][ T6239] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.585133][ T6239] ext4 filesystem being mounted at /40/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.624990][   T33] audit: type=1800 audit(1755519693.056:8): pid=6239 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.129" name="file1" dev="loop0" ino=15 res=0 errno=0
[   81.645432][   T33] audit: type=1800 audit(1755519693.056:9): pid=6239 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.129" name="file2" dev="loop0" ino=16 res=0 errno=0
[   81.679227][   T33] audit: type=1800 audit(1755519693.066:10): pid=6239 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.129" name="file1" dev="loop0" ino=15 res=0 errno=0
[   81.784496][ T5851] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.995141][ T6257] loop0: detected capacity change from 0 to 2048
[   82.013237][ T6260] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   82.130955][    T9] usb 3-1: new low-speed USB device number 4 using dummy_hcd
[   82.311782][    T9] usb 3-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config
[   82.315939][    T9] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[   82.320398][    T9] usb 3-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   82.361548][    T9] usb 3-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config
[   82.366177][    T9] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[   82.370310][    T9] usb 3-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   82.386763][    T9] usb 3-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config
[   82.389962][    T9] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[   82.395469][    T9] usb 3-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   82.402793][    T9] usb 3-1: string descriptor 0 read error: -22
[   82.405355][    T9] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[   82.408479][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   82.435144][    T9] adutux 3-1:168.0: interrupt endpoints not found
[   82.435828][ T6264] loop0: detected capacity change from 0 to 32768
[   82.465591][ T6264] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   82.477767][ T6264] XFS (loop0): Ending clean mount
[   82.538334][ T5851] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   82.713430][  T795] usb 3-1: USB disconnect, device number 4
[   82.787721][ T6280] loop1: detected capacity change from 0 to 512
[   82.825798][ T6280] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   83.053259][ T6288] netlink: 28 bytes leftover after parsing attributes in process `syz.1.147'.
[   83.380965][ T6295] loop1: detected capacity change from 0 to 32768
[   83.405149][ T6295] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[   83.416647][ T6295] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[   83.441227][ T6300] capability: warning: `syz.0.152' uses deprecated v2 capabilities in a way that may be insecure
[   84.063937][ T6295] syz.1.150 (6295) used greatest stack depth: 19528 bytes left
[   84.144826][ T5849] ocfs2: Unmounting device (7,1) on (node local)
[   84.580966][    T9] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   84.708954][ T6324] loop2: detected capacity change from 0 to 256
[   84.720365][ T6324] exfat: Deprecated parameter 'namecase'
[   84.744872][ T6324] exfat: Deprecated parameter 'namecase'
[   84.766142][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   84.768980][ T6324] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[   84.771248][    T9] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[   84.796491][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   84.808204][    T9] usb 2-1: config 0 descriptor??
[   85.082250][ T6327] netlink: 4 bytes leftover after parsing attributes in process `syz.2.161'.
[   85.083394][    T9] ath6kl: Failed to submit usb control message: -71
[   85.088840][    T9] ath6kl: unable to send the bmi data to the device: -71
[   85.095023][    T9] ath6kl: Unable to send get target info: -71
[   85.107181][    T9] ath6kl: Failed to init ath6kl core: -71
[   85.115386][    T9] ath6kl_usb 2-1:0.0: probe with driver ath6kl_usb failed with error -71
[   85.129064][    T9] usb 2-1: USB disconnect, device number 3
[   85.993135][ T6353] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   86.051178][ T5888] usb 1-1: new full-speed USB device number 5 using dummy_hcd
[   86.200861][    T9] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   86.216637][ T5888] usb 1-1: config 0 has an invalid interface number: 171 but max is 0
[   86.216661][ T5888] usb 1-1: config 0 has an invalid interface number: 5 but max is 0
[   86.216675][ T5888] usb 1-1: config 0 has 2 interfaces, different from the descriptor's value: 1
[   86.216724][ T5888] usb 1-1: config 0 has no interface number 0
[   86.216737][ T5888] usb 1-1: config 0 has no interface number 1
[   86.216768][ T5888] usb 1-1: too many endpoints for config 0 interface 5 altsetting 9: 214, using maximum allowed: 30
[   86.216838][ T5888] usb 1-1: config 0 interface 5 altsetting 9 has 0 endpoint descriptors, different from the interface descriptor's value: 214
[   86.216856][ T5888] usb 1-1: config 0 interface 171 has no altsetting 0
[   86.216867][ T5888] usb 1-1: config 0 interface 5 has no altsetting 0
[   86.219540][ T5888] usb 1-1: New USB device found, idVendor=041e, idProduct=4052, bcdDevice=5e.9c
[   86.219555][ T5888] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   86.219564][ T5888] usb 1-1: Product: syz
[   86.219570][ T5888] usb 1-1: Manufacturer: syz
[   86.219577][ T5888] usb 1-1: SerialNumber: syz
[   86.222980][ T5888] usb 1-1: config 0 descriptor??
[   86.352294][    T9] usb 3-1: Using ep0 maxpacket: 8
[   86.361016][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[   86.369070][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   86.375316][    T9] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   86.378615][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[   86.383370][    T9] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[   86.386652][    T9] usb 3-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[   86.389534][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   86.394781][    T9] usb 3-1: config 0 descriptor??
[   86.414156][ T5854] Bluetooth: hci3: urb ffff888020990100 submission failed (90)
[   86.452438][ T5888] usb 1-1: USB disconnect, device number 5
[   86.552320][   T10] cfg80211: failed to load regulatory.db
[   86.610349][   T10] usb 3-1: USB disconnect, device number 5
[   86.802254][   T24] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   86.950896][   T24] usb 2-1: Using ep0 maxpacket: 16
[   86.956471][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   86.961404][   T24] usb 2-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.00
[   86.965112][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   86.970683][   T24] usb 2-1: config 0 descriptor??
[   86.983768][   T24] usbhid 2-1:0.0: can't add hid device: -22
[   86.986219][   T24] usbhid 2-1:0.0: probe with driver usbhid failed with error -22
[   87.025069][ T6375] netlink: 'syz.0.183': attribute type 1 has an invalid length.
[   87.273166][   T10] usb 2-1: USB disconnect, device number 4
[   88.705283][ T6396] syzkaller1: entered promiscuous mode
[   88.707286][ T6396] syzkaller1: entered allmulticast mode
[   89.110559][ T6409] netlink: 277 bytes leftover after parsing attributes in process `syz.0.195'.
[   89.232006][ T6413] binder: 6411:6413 unknown command 0
[   89.236172][ T6413] binder: 6411:6413 ioctl c0306201 200000000080 returned -22
[   89.535277][ T6426] loop2: detected capacity change from 0 to 128
[   89.539359][ T6426] hpfs: Bad value for 'uid'
[   89.543903][ T6426] hpfs: Bad value for 'uid'
[   89.896024][ T6428] loop0: detected capacity change from 0 to 40427
[   89.902683][ T6428] F2FS-fs (loop0): build fault injection rate: 771
[   89.908833][ T6428] F2FS-fs (loop0): invalid crc value
[   89.952889][ T6428] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   89.958935][ T6428] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   91.713936][ T6471] netlink: 32 bytes leftover after parsing attributes in process `syz.1.221'.
[   91.940860][   T10] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[   92.092642][   T10] usb 1-1: config 160 has an invalid interface number: 200 but max is 0
[   92.096021][   T10] usb 1-1: config 160 has an invalid descriptor of length 0, skipping remainder of the config
[   92.121201][   T10] usb 1-1: config 160 has no interface number 0
[   92.125797][   T10] usb 1-1: config 160 interface 200 has no altsetting 0
[   92.131920][   T10] usb 1-1: New USB device found, idVendor=21bb, idProduct=2070, bcdDevice=87.0b
[   92.138987][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   92.151116][   T10] usb 1-1: Product: syz
[   92.152926][   T10] usb 1-1: Manufacturer: syz
[   92.154997][   T10] usb 1-1: SerialNumber: syz
[   92.165043][   T33] audit: type=1326 audit(1755519703.596:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6502 comm="syz.2.237" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9d7f8ebe9 code=0x7ffc0000
[   92.207136][   T33] audit: type=1326 audit(1755519703.596:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6502 comm="syz.2.237" exe="/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fe9d7f8ebe9 code=0x7ffc0000
[   92.232169][   T33] audit: type=1326 audit(1755519703.596:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6502 comm="syz.2.237" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9d7f8ebe9 code=0x7ffc0000
[   92.261149][   T33] audit: type=1326 audit(1755519703.596:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6502 comm="syz.2.237" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9d7f8ebe9 code=0x7ffc0000
[   92.290222][   T33] audit: type=1326 audit(1755519703.616:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6502 comm="syz.2.237" exe="/syz-executor" sig=0 arch=c000003e syscall=224 compat=0 ip=0x7fe9d7f8ebe9 code=0x7ffc0000
[   92.320059][   T33] audit: type=1326 audit(1755519703.616:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6502 comm="syz.2.237" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9d7f8ebe9 code=0x7ffc0000
[   92.340522][   T33] audit: type=1326 audit(1755519703.616:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6502 comm="syz.2.237" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9d7f8ebe9 code=0x7ffc0000
[   92.358607][ T6507] netlink: 'syz.2.239': attribute type 29 has an invalid length.
[   92.366631][ T6507] netlink: 'syz.2.239': attribute type 29 has an invalid length.
[   92.369503][ T6507] netlink: 'syz.2.239': attribute type 29 has an invalid length.
[   92.402036][   T10] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[   92.404506][   T10] usb 1-1: MIDIStreaming interface descriptor not found
[   92.452931][   T10] usb 1-1: USB disconnect, device number 6
[   92.471303][ T6496] loop1: detected capacity change from 0 to 131072
[   92.474700][ T6496] F2FS-fs (loop1): Wrong CP boundary, start(512) end(1536) blocks(0)
[   92.477448][ T6496] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   92.502334][ T6496] F2FS-fs (loop1): invalid crc value
[   92.549512][ T6496] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   92.557970][ T6496] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   92.561668][ T6496] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[   92.573754][ T5860] udevd[5860]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:160.200/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   92.790396][ T6516] loop2: detected capacity change from 0 to 32768
[   92.804582][ T6516] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.241 (6516)
[   92.837915][ T6516] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   92.851025][ T6516] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[   92.861509][ T6516] BTRFS info (device loop2): using free-space-tree
[   93.075927][   T12] BTRFS info (device loop2): qgroup scan completed (inconsistency flag cleared)
[   93.203634][ T5858] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   93.400884][   T24] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[   93.434274][ T6545] loop2: detected capacity change from 0 to 512
[   93.467985][ T6545] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   93.495915][ T6545] ext4 filesystem being mounted at /84/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   93.552399][   T24] usb 1-1: Using ep0 maxpacket: 8
[   93.574246][   T24] usb 1-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[   93.577862][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   93.577868][ T5858] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.590860][   T24] usb 1-1: Product: syz
[   93.592563][   T24] usb 1-1: Manufacturer: syz
[   93.594288][   T24] usb 1-1: SerialNumber: syz
[   93.606634][   T24] usb 1-1: config 0 descriptor??
[   93.623079][   T24] gspca_main: sq930x-2.14.0 probing 2770:930c
[   93.655582][ T6553] loop1: detected capacity change from 0 to 4096
[   93.719447][ T6553] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   93.729842][ T6553] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   93.762036][ T6553] EXT4-fs (loop1): shut down requested (2)
[   93.815646][ T5849] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.856967][ T6555] loop2: detected capacity change from 0 to 32768
[   93.859657][ T6555] XFS: ikeep mount option is deprecated.
[   93.889016][ T6555] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   93.931638][ T6555] XFS (loop2): Ending clean mount
[   93.935155][ T6555] XFS (loop2): Quotacheck needed: Please wait.
[   93.942332][   T29] XFS (loop2): Metadata CRC error detected at xfs_rmapbt_read_verify+0x42/0xe0, xfs_rmapbt block 0x14 
[   93.952533][   T29] XFS (loop2): Unmount and run xfs_repair
[   93.954903][   T29] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[   93.957816][   T29] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff  RMB3............
[   93.961699][   T29] 00000010: 00 00 00 00 00 00 00 14 00 00 00 01 00 00 00 80  ................
[   93.964625][   T29] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91  ..G...N..b..1...
[   93.968507][   T29] 00000030: 00 00 00 00 5b af 3b 1d 00 00 00 00 00 00 00 01  ....[.;.........
[   93.972860][   T29] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00  ................
[   93.976495][   T29] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb  ................
[   93.980287][   T29] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02  ................
[   93.984457][   T29] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00  ................
[   93.988347][   T29] XFS (loop2): metadata I/O error in "xfs_btree_read_buf_block+0x290/0x470" at daddr 0x14 len 4 error 74
[   93.998189][   T29] XFS (loop2): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x517/0x8e0 (fs/xfs/xfs_trans_buf.c:311).  Shutting down filesystem.
[   94.004192][   T29] XFS (loop2): Please unmount the filesystem and rectify the problem(s)
[   94.011028][ T6555] XFS (loop2): Quotacheck: Unsuccessful (Error -117): Disabling quotas.
[   94.019042][ T6555] XFS (loop2): Error -5 reserving per-AG metadata reserve pool.
[   94.731148][   T24] gspca_sq930x: reg_w 0105 0f00 failed -71
[   94.824333][ T6570] loop1: detected capacity change from 0 to 32768
[   94.829521][ T6570] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.253 (6570)
[   94.842323][ T6570] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   94.855532][ T6570] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[   94.859305][ T6570] BTRFS info (device loop1): using free-space-tree
[   94.932166][ T6570] BTRFS info (device loop1): setting incompat feature flag for SIMPLE_QUOTA (0x10000)
[   94.964244][ T5849] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   94.991323][   T24] gspca_sq930x: Sensor ov9630 not yet treated
[   94.997149][   T24] sq930x 1-1:0.0: probe with driver sq930x failed with error -22
[   95.018270][   T24] usb 1-1: USB disconnect, device number 7
[   96.831033][   T10] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   96.962668][ T6622] loop0: detected capacity change from 0 to 40427
[   96.972416][ T6622] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   96.975137][ T6622] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   96.983455][ T6622] F2FS-fs (loop0): invalid crc value
[   96.990975][   T10] usb 2-1: Using ep0 maxpacket: 16
[   96.996224][   T10] usb 2-1: config 0 has an invalid interface number: 9 but max is 1
[   96.999402][   T10] usb 2-1: config 0 has an invalid interface number: 9 but max is 1
[   97.009355][   T10] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[   97.013661][   T10] usb 2-1: config 0 has no interface number 0
[   97.016336][   T10] usb 2-1: config 0 interface 9 has no altsetting 0
[   97.022395][   T10] usb 2-1: config 0 interface 9 has no altsetting 1
[   97.035269][   T10] usb 2-1: New USB device found, idVendor=1199, idProduct=6891, bcdDevice=89.a0
[   97.040265][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   97.048124][   T10] usb 2-1: Product: syz
[   97.050059][   T10] usb 2-1: Manufacturer: syz
[   97.052352][   T10] usb 2-1: SerialNumber: syz
[   97.057370][   T10] usb 2-1: config 0 descriptor??
[   97.127211][ T6622] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   97.137474][ T6622] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   97.140527][ T6622] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   97.286552][   T10] usb 2-1: selecting invalid altsetting 1
[   97.288986][   T10] sierra 2-1:0.9: Sierra USB modem converter detected
[   97.296371][   T10] usb 2-1: Sierra USB modem converter now attached to ttyUSB0
[   97.305705][   T10] usb 2-1: USB disconnect, device number 5
[   97.317300][   T10] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0
[   97.320650][   T10] sierra 2-1:0.9: device disconnected
[   97.581287][ T5854] Bluetooth: hci0: command tx timeout
[   97.637357][ T6630] netlink: 8 bytes leftover after parsing attributes in process `syz.2.271'.
[   97.746892][ T6634] loop0: detected capacity change from 0 to 512
[   97.789894][ T6634] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   97.799928][ T6634] ext4 filesystem being mounted at /74/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   98.005393][ T5851] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   98.104378][ T6652] loop1: detected capacity change from 0 to 256
[   98.124400][ T6654] netlink: 4 bytes leftover after parsing attributes in process `syz.0.276'.
[   98.567100][ T6669] netlink: 748 bytes leftover after parsing attributes in process `syz.1.284'.
[   98.581748][ T6669] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   98.903278][ T6682] autofs4:pid:6682:validate_dev_ioctl: invalid path supplied for cmd(0xc018937a)
[   98.993007][ T6686] loop1: detected capacity change from 0 to 512
[   98.999198][ T6686] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[   99.012878][ T6686] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.291: casefold flag without casefold feature
[   99.018395][ T6686] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.291: couldn't read orphan inode 15 (err -117)
[   99.038371][ T6686] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.182916][ T5849] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.393060][   T10] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   99.540963][   T10] usb 3-1: Using ep0 maxpacket: 16
[   99.548495][   T10] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[   99.554016][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.557173][   T10] usb 3-1: Product: syz
[   99.558812][   T10] usb 3-1: Manufacturer: syz
[   99.562436][   T10] usb 3-1: SerialNumber: syz
[   99.646462][   T10] r8152-cfgselector 3-1: Unknown version 0x0000
[   99.655780][   T10] r8152-cfgselector 3-1: config 0 descriptor??
[  100.195209][   T10] r8152-cfgselector 3-1: USB disconnect, device number 6
[  100.430402][ T6702] netlink: 20 bytes leftover after parsing attributes in process `syz.1.298'.
[  101.002964][ T6708] loop1: detected capacity change from 0 to 32768
[  101.024626][ T6708] XFS (loop1): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  101.061616][ T6708] XFS (loop1): Ending clean mount
[  101.099393][ T5849] XFS (loop1): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  101.239412][ T6730] overlay: filesystem on ./file0 not supported as upperdir
[  102.410991][ T6750] loop2: detected capacity change from 0 to 40427
[  102.417522][ T6750] F2FS-fs (loop2): build fault injection rate: 14
[  102.419884][ T6750] F2FS-fs (loop2): build fault injection type: 0x3bfe8c
[  102.442776][ T6750] F2FS-fs (loop2): invalid crc value
[  102.447327][    C1] F2FS-fs (loop2): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  102.464801][    C1] F2FS-fs (loop2): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  102.541236][ T6750] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  102.544270][ T6750] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[  102.553641][ T6750] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  102.611879][ T6750] F2FS-fs (loop2): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  102.643874][ T6750] F2FS-fs (loop2): inject dquot initialize in f2fs_dquot_initialize of f2fs_mknod+0x155/0x5d0
[  102.649322][ T6750] F2FS-fs (loop2): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  102.663234][ T6750] F2FS-fs (loop2): inject inconsistent footer in sanity_check_node_footer of f2fs_get_dnode_of_data+0x249/0x1cf0
[  102.668363][ T6750] F2FS-fs (loop2): inconsistent node block, node_type:1, nid:3, node_footer[nid:3,ino:3,ofs:0,cpver:1219692001,blkaddr:4098]
[  102.705650][ T6750] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_folio of f2fs_new_node_folio+0x131/0xa40
[  102.739667][ T6758] loop0: detected capacity change from 0 to 4096
[  102.755956][ T5858] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_folio of f2fs_grab_meta_folio+0x6a/0x1d0
[  102.808725][ T6758] ntfs3(loop0): ino=1e, "file1" attr_set_size
[  102.821069][ T6758] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  103.056606][ T6762] loop2: detected capacity change from 0 to 512
[  103.089854][ T6762] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.098119][ T6762] ext4 filesystem being mounted at /110/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  103.110371][ T6762] EXT4-fs error (device loop2): ext4_empty_dir:3081: inode #12: comm syz.2.317: invalid size
[  103.116162][ T6762] EXT4-fs (loop2): Remounting filesystem read-only
[  103.139078][ T5858] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.142247][   T10] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  103.146696][  T762] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  103.152158][  T762] Quota error (device loop2): write_blk: dquota write failed
[  103.155157][  T762] Quota error (device loop2): free_dqentry: Can't write quota data block 5
[  103.158855][  T762] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  103.166980][  T762] Quota error (device loop2): write_blk: dquota write failed
[  103.169856][  T762] Quota error (device loop2): free_dqentry: Can't write quota data block 5
[  103.209633][ T6769] dvmrp0: entered allmulticast mode
[  103.240347][ T6771] netlink: 40 bytes leftover after parsing attributes in process `syz.2.320'.
[  103.300802][   T10] usb 1-1: Using ep0 maxpacket: 32
[  103.304214][   T10] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86
[  103.309540][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  103.315550][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[  103.319013][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x7 has an invalid bInterval 255, changing to 11
[  103.322662][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 59391, setting to 1024
[  103.329177][   T10] usb 1-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  103.333157][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  103.338360][   T10] usb 1-1: Product: syz
[  103.341177][   T10] usb 1-1: Manufacturer: syz
[  103.343227][   T10] usb 1-1: SerialNumber: syz
[  103.352931][   T10] usb 1-1: config 0 descriptor??
[  103.376779][ T6777] binder: 6776:6777 unknown command 0
[  103.378545][ T6777] binder: 6776:6777 ioctl c0306201 200000000080 returned -22
[  103.430117][ T6779] netlink: 'syz.2.324': attribute type 1 has an invalid length.
[  103.493770][ T6781] loop2: detected capacity change from 0 to 2048
[  103.520169][ T6781] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  103.536088][   T33] audit: type=1800 audit(1755519714.976:18): pid=6781 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.325" name="file1" dev="loop2" ino=1415 res=0 errno=0
[  103.543648][   T33] audit: type=1800 audit(1755519714.986:19): pid=6781 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.325" name="file1" dev="loop2" ino=1415 res=0 errno=0
[  103.774012][   T10] input input6: Device does not respond to id packet M
[  103.814712][ T6788] loop2: detected capacity change from 0 to 1024
[  103.820307][ T6788] EXT4-fs: test_dummy_encryption requires encrypt feature
[  103.980864][   T10] iforce 1-1:0.0: usb_submit_urb failed: -71
[  103.985444][   T10] input input6: Device does not respond to id packet P
[  103.996855][   T10] iforce 1-1:0.0: usb_submit_urb failed: -71
[  103.999399][   T10] input input6: Device does not respond to id packet B
[  104.005618][   T10] iforce 1-1:0.0: usb_submit_urb failed: -71
[  104.008475][   T10] input input6: Device does not respond to id packet N
[  104.012679][   T10] iforce 1-1:0.0: usb_submit_urb failed: -71
[  104.020979][   T10] iforce 1-1:0.0: usb_submit_urb failed: -71
[  104.023522][   T10] iforce 1-1:0.0: usb_submit_urb failed: -71
[  104.034956][   T10] iforce 1-1:0.0: usb_submit_urb failed: -71
[  104.042973][ T6794] netlink: 'syz.2.331': attribute type 12 has an invalid length.
[  104.044044][   T10] input: Unknown I-Force Device [%04x:%04x] as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input6
[  104.046559][ T6794] netlink: 'syz.2.331': attribute type 29 has an invalid length.
[  104.055064][ T6794] netlink: 148 bytes leftover after parsing attributes in process `syz.2.331'.
[  104.058816][ T6794] netlink: 'syz.2.331': attribute type 2 has an invalid length.
[  104.063595][ T6794] netlink: 'syz.2.331': attribute type 3 has an invalid length.
[  104.067637][   T10] usb 1-1: USB disconnect, device number 8
[  104.073083][ T6794] netlink: 35 bytes leftover after parsing attributes in process `syz.2.331'.
[  104.077894][ T6794] Zero length message leads to an empty skb
[  104.504971][ T6801] loop1: detected capacity change from 0 to 2048
[  104.531127][ T6801] UDF-fs: error (device loop1): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  104.534859][ T6801] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  104.562860][ T6801] UDF-fs: Scanning with blocksize 512 failed
[  104.581564][ T6801] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  104.584505][ T6803] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  104.594268][ T6803] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  104.599031][ T6803] overlayfs: missing 'lowerdir'
[  104.602179][   T33] audit: type=1800 audit(1755519716.046:20): pid=6801 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.334" name="bus" dev="loop1" ino=851 res=0 errno=0
[  104.663969][ T6805] loop0: detected capacity change from 0 to 512
[  104.677072][ T6805] EXT4-fs: inline encryption not supported
[  104.692807][ T6805] EXT4-fs error (device loop0): ext4_iget_extra_inode:5104: inode #15: comm syz.0.337: corrupted in-inode xattr: invalid ea_ino
[  104.706462][ T6805] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.337: couldn't read orphan inode 15 (err -117)
[  104.716109][ T6805] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.727784][ T6805] cgroup: name respecified
[  104.754016][ T5851] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.809241][ T6810] loop0: detected capacity change from 0 to 512
[  104.818455][ T6810] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  104.884140][ T5851] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.089172][ T6824] netlink: 180 bytes leftover after parsing attributes in process `syz.2.342'.
[  105.093652][ T6808] loop1: detected capacity change from 0 to 32768
[  105.111067][ T6819] netlink: 180 bytes leftover after parsing attributes in process `syz.2.342'.
[  105.119507][ T6808] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  105.123980][ T6819] netlink: 180 bytes leftover after parsing attributes in process `syz.2.342'.
[  105.170509][   T33] audit: type=1804 audit(1755519716.606:21): pid=6808 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.336" name="/newroot/121/file1/bus" dev="loop1" ino=17058 res=1 errno=0
[  105.319210][ T5849] ocfs2: Unmounting device (7,1) on (node local)
[  105.437601][ T6838] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  107.282652][ T6874] loop1: detected capacity change from 0 to 32768
[  107.343895][ T6874] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,metadata_target=invalid label 246,noinodes_use_key_cache,journal_flush_delay=3,journal_reclaim_delay=1000,nocow
[  107.343910][ T6874]   allowing incompatible features above 0.0: (unknown version)
[  107.343916][ T6874]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  107.371369][ T6874] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[  107.375573][ T6874] bcachefs (loop1): initializing new filesystem
[  107.388188][ T6874] bcachefs (loop1): going read-write
[  107.403147][ T6874] bcachefs (loop1): marking superblocks
[  107.451893][ T6874] bcachefs (loop1): initializing freespace
[  107.459459][ T6874] bcachefs (loop1): done initializing freespace
[  107.463384][   T24] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  107.474808][ T6874] bcachefs (loop1): reading snapshots table
[  107.476798][ T6874] bcachefs (loop1): reading snapshots done
[  107.493954][ T6874] bcachefs (loop1): done starting filesystem
[  107.515831][ T6895] veth1_macvtap: left promiscuous mode
[  107.517929][ T6895] macsec0: entered promiscuous mode
[  107.519677][ T6895] macsec0: entered allmulticast mode
[  107.529759][ T6895] veth1_macvtap: entered promiscuous mode
[  107.531825][ T6895] veth1_macvtap: entered allmulticast mode
[  107.534804][ T6895] macsec0: left promiscuous mode
[  107.538193][ T6895] macsec0: left allmulticast mode
[  107.539880][ T6895] veth1_macvtap: left allmulticast mode
[  107.549348][ T6874] syz.1.363 (6874) used greatest stack depth: 16616 bytes left
[  107.556189][ T5849] bcachefs (loop1): shutting down
[  107.558353][ T5849] bcachefs (loop1): going read-only
[  107.561964][ T5849] bcachefs (loop1): finished waiting for writes to stop
[  107.581264][ T5849] bcachefs (loop1): flushing journal and stopping allocators, journal seq 4
[  107.612165][   T24] usb 3-1: Using ep0 maxpacket: 32
[  107.623328][   T24] usb 3-1: config 64 has an invalid interface number: 110 but max is 0
[  107.625962][   T24] usb 3-1: config 64 has no interface number 0
[  107.627914][   T24] usb 3-1: config 64 interface 110 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  107.631922][   T24] usb 3-1: config 64 interface 110 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[  107.634457][ T5849] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 6
[  107.635634][   T24] usb 3-1: config 64 interface 110 altsetting 0 endpoint 0x8B has invalid maxpacket 28739, setting to 1024
[  107.643872][   T24] usb 3-1: config 64 interface 110 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  107.647319][   T24] usb 3-1: config 64 interface 110 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  107.651621][   T24] usb 3-1: config 64 interface 110 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  107.653382][ T5849] bcachefs (loop1): clean shutdown complete, journal seq 7
[  107.663639][   T24] usb 3-1: config 64 interface 110 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  107.664556][ T5849] bcachefs (loop1): marking filesystem clean
[  107.672954][   T24] usb 3-1: New USB device found, idVendor=04fc, idProduct=0231, bcdDevice=6f.a9
[  107.677669][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  107.681757][   T24] usb 3-1: Product: syz
[  107.683628][   T24] usb 3-1: Manufacturer: syz
[  107.685650][   T24] usb 3-1: SerialNumber: syz
[  107.695785][ T6878] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  107.709194][   T24] spcp8x5 3-1:64.110: SPCP8x5 converter detected
[  107.717450][ T5849] bcachefs (loop1): shutdown complete
[  107.732503][   T24] usb 3-1: SPCP8x5 converter now attached to ttyUSB0
[  107.923033][   T24] usb 3-1: USB disconnect, device number 7
[  107.932033][   T24] SPCP8x5 ttyUSB0: SPCP8x5 converter now disconnected from ttyUSB0
[  107.935785][   T24] spcp8x5 3-1:64.110: device disconnected
[  108.686337][ T6912] loop0: detected capacity change from 0 to 256
[  108.720194][ T6912] exFAT-fs (loop0): failed to load upcase table (idx : 0x000106cd, chksum : 0x3aeaf2c0, utbl_chksum : 0xe619d30d)
[  108.733553][ T6912] exFAT-fs (loop0): error, in sector 160, dentry 11 should be unused, but 0xc1
[  108.737296][ T6912] exFAT-fs (loop0): Filesystem has been set read-only
[  108.908119][ T6910] loop1: detected capacity change from 0 to 32768
[  108.911916][ T6910] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.368 (6910)
[  108.928954][ T6910] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  108.941258][ T6910] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[  109.086279][ T6910] BTRFS info (device loop1): rebuilding free space tree
[  109.110203][ T6910] BTRFS info (device loop1): disabling free space tree
[  109.120993][ T6910] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  109.124816][ T6910] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  109.158456][ T6910] capability: warning: `syz.1.368' uses 32-bit capabilities (legacy support in use)
[  109.195287][ T5849] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  109.321630][ T6936] netlink: 24 bytes leftover after parsing attributes in process `syz.1.378'.
[  109.618966][ T6947] loop1: detected capacity change from 0 to 164
[  109.624565][ T6947] iso9660: Bad value for 'dmode'
[  109.740945][ T6942] loop0: detected capacity change from 0 to 32768
[  109.757378][ T6942] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  109.770863][ T5888] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  109.819608][ T6942] XFS (loop0): Ending clean mount
[  109.826303][ T6942] XFS (loop0): Quotacheck needed: Please wait.
[  109.860087][ T6942] XFS (loop0): Quotacheck: Done.
[  109.874531][   T33] audit: type=1800 audit(1755519721.316:22): pid=6942 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.381" name="bus" dev="loop0" ino=9291 res=0 errno=0
[  109.890467][ T5851] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  109.953586][ T5888] usb 3-1: Using ep0 maxpacket: 8
[  109.960539][ T5888] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  109.965081][ T5888] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89
[  109.986806][ T5888] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  109.994372][ T5888] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 59391, setting to 1024
[  110.016279][ T5888] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  110.024139][ T5888] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  110.068432][ T5888] usb 3-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=4f.c8
[  110.074698][ T5888] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  110.078071][ T5888] usb 3-1: Product: syz
[  110.079835][ T5888] usb 3-1: Manufacturer: syz
[  110.085972][ T5888] usb 3-1: SerialNumber: syz
[  110.094687][ T5888] usb 3-1: config 0 descriptor??
[  110.102229][ T6944] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  110.233015][ T6976] loop1: detected capacity change from 0 to 8192
[  110.544668][ T6369]  loop1: p1[EZD] p2 p3 p4
[  110.552944][ T6369] loop1: p3 start 117772289 is beyond EOD, truncated
[  110.556054][ T6369] loop1: p4 size 262144 extends beyond EOD, truncated
[  110.573330][ T6976]  loop1: p1[EZD] p2 p3 p4
[  110.578203][ T6976] loop1: p3 start 117772289 is beyond EOD, truncated
[  110.580637][ T6976] loop1: p4 size 262144 extends beyond EOD, truncated
[  110.615251][ T5295]  loop1: p1[EZD] p2 p3 p4
[  110.619209][ T5295] loop1: p3 start 117772289 is beyond EOD, truncated
[  110.624419][ T5295] loop1: p4 size 262144 extends beyond EOD, truncated
[  110.669741][ T6981] sctp: [Deprecated]: syz.1.394 (pid 6981) Use of int in max_burst socket option.
[  110.669741][ T6981] Use struct sctp_assoc_value instead
[  110.689935][ T6369] udevd[6369]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  110.690455][ T5850] udevd[5850]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  110.699863][ T6511] udevd[6511]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  110.733187][ T6369] udevd[6369]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  110.741503][ T5850] udevd[5850]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  110.747427][ T6511] udevd[6511]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  110.776760][ T6511] udevd[6511]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  110.777494][ T6369] udevd[6369]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  110.788785][ T5850] udevd[5850]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  111.254160][ T6996] netlink: 8 bytes leftover after parsing attributes in process `syz.2.400'.
[  111.620874][ T5888] rc_core: IR keymap rc-snapstream-firefly not found
[  111.623538][ T5888] Registered IR keymap rc-empty
[  111.628589][ T5888] rc rc0: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  111.634649][ T5888] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input7
[  111.645053][ T5888] input: syz syz mouse as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input8
[  111.663560][ T5888] usb 3-1: USB disconnect, device number 8
[  111.663621][    C1] ati_remote 3-1:0.0: ati_remote_irq_in: usb_submit_urb()=-19
[  112.228755][ T7022] loop1: detected capacity change from 0 to 32768
[  112.272105][ T5888] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  112.351147][  T795] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  112.430925][ T5888] usb 1-1: Using ep0 maxpacket: 32
[  112.434520][ T5888] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  112.438834][ T5888] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  112.442832][ T5888] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  112.446121][ T5888] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.452216][ T5888] usb 1-1: config 0 descriptor??
[  112.462151][ T5888] hub 1-1:0.0: USB hub found
[  112.513364][  T795] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  112.518009][  T795] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  112.522159][  T795] usb 3-1: New USB device found, idVendor=1d34, idProduct=0004, bcdDevice= 0.00
[  112.526212][  T795] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.533605][  T795] usb 3-1: config 0 descriptor??
[  112.660852][ T5916] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  112.672995][ T5888] hub 1-1:0.0: 1 port detected
[  112.820833][ T5916] usb 2-1: Using ep0 maxpacket: 16
[  112.825785][ T5916] usb 2-1: config 0 has an invalid interface number: 51 but max is 0
[  112.828398][ T5916] usb 2-1: config 0 has no interface number 0
[  112.830392][ T5916] usb 2-1: config 0 interface 51 has no altsetting 0
[  112.835784][ T5916] usb 2-1: New USB device found, idVendor=1004, idProduct=61aa, bcdDevice=4f.d5
[  112.839455][ T5916] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  112.843994][ T5916] usb 2-1: Product: syz
[  112.846328][ T5916] usb 2-1: Manufacturer: syz
[  112.848415][ T5916] usb 2-1: SerialNumber: syz
[  112.860297][ T5916] usb 2-1: config 0 descriptor??
[  112.866350][ T5916] usb 2-1: bad CDC descriptors
[  113.076994][   T10] usb 2-1: USB disconnect, device number 6
[  113.146792][  T795] hid-led 0003:1D34:0004.0002: probe with driver hid-led failed with error -71
[  113.151979][  T795] usb 3-1: USB disconnect, device number 9
[  113.283403][ T5888] hub 1-1:0.0: activate --> -90
[  113.631835][ T7030] syz.1.416 (7030) used obsolete PPPIOCDETACH ioctl
[  113.692484][  T795] usb 1-1: USB disconnect, device number 9
[  113.765995][ T7034] syzkaller0: entered promiscuous mode
[  113.767821][ T7034] syzkaller0: entered allmulticast mode
[  113.879994][ T7032] loop2: detected capacity change from 0 to 40427
[  113.890820][ T7032] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  113.894074][ T7032] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  113.909526][ T7032] F2FS-fs (loop2): invalid crc value
[  113.964103][ T7032] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  113.968326][ T7032] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  113.971367][ T7032] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  114.514153][ T7048] netlink: 'syz.2.422': attribute type 13 has an invalid length.
[  114.812049][ T7053] loop0: detected capacity change from 0 to 32768
[  114.818105][ T7053] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.424 (7053)
[  114.844492][ T7053] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  114.848574][ T7053] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  114.852988][ T7053] BTRFS info (device loop0): using free-space-tree
[  114.962590][ T7053] BTRFS info (device loop0): rebuilding free space tree
[  115.096902][ T5862] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  115.155038][ T5851] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  115.797821][ T7048] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.801716][ T7048] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.904627][ T7048] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  115.920255][ T7048] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  116.123800][ T7078] bridge_slave_0: left allmulticast mode
[  116.126195][ T7078] bridge_slave_0: left promiscuous mode
[  116.128865][ T7078] bridge0: port 1(bridge_slave_0) entered disabled state
[  116.157467][ T7078] bridge_slave_1: left allmulticast mode
[  116.159932][ T7078] bridge_slave_1: left promiscuous mode
[  116.162268][ T7078] bridge0: port 2(bridge_slave_1) entered disabled state
[  116.179006][ T7078] bond0: (slave bond_slave_0): Releasing backup interface
[  116.187867][ T7078] bond0: (slave bond_slave_1): Releasing backup interface
[  116.196204][ T7078] team0: Port device team_slave_0 removed
[  116.218336][ T7078] team0: Port device team_slave_1 removed
[  116.231700][ T7078] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  116.235062][ T7078] batman_adv: batadv0: Removing interface: batadv_slave_0
[  116.245679][ T7078] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  116.249384][ T7078] batman_adv: batadv0: Removing interface: batadv_slave_1
[  116.270257][ T5862] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  116.276894][ T5862] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  116.300463][ T5862] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  116.307210][ T5862] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  116.401688][ T7101] loop0: detected capacity change from 0 to 1024
[  116.419343][ T7101] hfsplus: failed to load catalog file
[  116.646257][ T7114] loop2: detected capacity change from 0 to 8
[  116.660407][ T7114] SQUASHFS error: zlib decompression failed, data probably corrupt
[  116.663640][ T7114] SQUASHFS error: Failed to read block 0x9b: -5
[  116.665720][ T7114] SQUASHFS error: Unable to read metadata cache entry [99]
[  116.668072][ T7114] SQUASHFS error: Unable to read inode 0x127
[  117.054315][ T7123] syz.2.441 uses obsolete (PF_INET,SOCK_PACKET)
[  117.196893][ T7125] loop1: detected capacity change from 0 to 32768
[  117.201645][ T7125] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.443 (7125)
[  117.213767][ T7125] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  117.219390][ T7125] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  117.222914][ T7125] BTRFS info (device loop1): disk space caching is enabled
[  117.225957][ T7125] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  117.266402][ T7125] BTRFS info (device loop1): rebuilding free space tree
[  117.281283][ T7125] BTRFS info (device loop1): disabling free space tree
[  117.283441][ T7125] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  117.286605][ T7125] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  117.329697][ T5849] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  117.682652][ T7144] loop1: detected capacity change from 0 to 32768
[  117.696701][ T7144] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  117.781035][    T9] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  117.781563][ T7152] 
[  117.784370][ T7152] ======================================================
[  117.786665][ T7152] WARNING: possible circular locking dependency detected
[  117.788992][ T7152] 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 Not tainted
[  117.792378][ T7152] ------------------------------------------------------
[  117.794988][ T7152] syz.1.444/7152 is trying to acquire lock:
[  117.796958][ T7152] ffff888115584ee0 (&ocfs2_file_ip_alloc_sem_key){++++}-{4:4}, at: ocfs2_try_remove_refcount_tree+0xb6/0x320
[  117.800729][ T7152] 
[  117.800729][ T7152] but task is already holding lock:
[  117.803555][ T7152] ffff888115584f78 (&oi->ip_xattr_sem){++++}-{4:4}, at: ocfs2_try_remove_refcount_tree+0xa4/0x320
[  117.807176][ T7152] 
[  117.807176][ T7152] which lock already depends on the new lock.
[  117.807176][ T7152] 
[  117.810634][ T7152] 
[  117.810634][ T7152] the existing dependency chain (in reverse order) is:
[  117.813565][ T7152] 
[  117.813565][ T7152] -> #4 (&oi->ip_xattr_sem){++++}-{4:4}:
[  117.816213][ T7152]        lock_acquire+0x120/0x360
[  117.817932][ T7152]        down_read+0x46/0x2e0
[  117.819793][ T7152]        ocfs2_init_acl+0x2f9/0x720
[  117.821938][ T7152]        ocfs2_mknod+0x1321/0x2050
[  117.824029][ T7152]        ocfs2_create+0x1a5/0x440
[  117.826139][ T7152]        path_openat+0x14f4/0x3830
[  117.827916][ T7152]        do_filp_open+0x1fa/0x410
[  117.829829][ T7152]        do_sys_openat2+0x121/0x1c0
[  117.831681][ T7152]        __x64_sys_openat+0x138/0x170
[  117.833575][ T7152]        do_syscall_64+0xfa/0x3b0
[  117.835238][ T7152]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.837204][ T7152] 
[  117.837204][ T7152] -> #3 (jbd2_handle){++++}-{0:0}:
[  117.839830][ T7152]        lock_acquire+0x120/0x360
[  117.841795][ T7152]        start_this_handle+0x1fa7/0x21c0
[  117.843928][ T7152]        jbd2__journal_start+0x2c1/0x5b0
[  117.846054][ T7152]        jbd2_journal_start+0x2a/0x40
[  117.848277][ T7152]        ocfs2_start_trans+0x376/0x6d0
[  117.850622][ T7152]        ocfs2_mknod+0xe93/0x2050
[  117.852841][ T7152]        ocfs2_create+0x1a5/0x440
[  117.854897][ T7152]        path_openat+0x14f4/0x3830
[  117.856997][ T7152]        do_filp_open+0x1fa/0x410
[  117.858989][ T7152]        do_sys_openat2+0x121/0x1c0
[  117.861074][ T7152]        __x64_sys_openat+0x138/0x170
[  117.863156][ T7152]        do_syscall_64+0xfa/0x3b0
[  117.865182][ T7152]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.867771][ T7152] 
[  117.867771][ T7152] -> #2 (&journal->j_trans_barrier){.+.+}-{4:4}:
[  117.871185][ T7152]        lock_acquire+0x120/0x360
[  117.873243][ T7152]        down_read+0x46/0x2e0
[  117.875071][ T7152]        ocfs2_start_trans+0x36a/0x6d0
[  117.877322][ T7152]        ocfs2_mknod+0xe93/0x2050
[  117.879380][ T7152]        ocfs2_create+0x1a5/0x440
[  117.881461][ T7152]        path_openat+0x14f4/0x3830
[  117.883356][ T7152]        do_filp_open+0x1fa/0x410
[  117.884944][ T7152]        do_sys_openat2+0x121/0x1c0
[  117.886727][ T7152]        __x64_sys_openat+0x138/0x170
[  117.888870][ T7152]        do_syscall_64+0xfa/0x3b0
[  117.890933][ T7152]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.894000][ T7152] 
[  117.894000][ T7152] -> #1 (sb_internal#2){.+.+}-{0:0}:
[  117.897534][ T7152]        lock_acquire+0x120/0x360
[  117.899364][ T7152]        ocfs2_start_trans+0x26b/0x6d0
[  117.901573][ T7152]        ocfs2_write_begin_nolock+0x26ee/0x4340
[  117.904101][ T7152]        ocfs2_write_begin+0x1bb/0x310
[  117.906340][ T7152]        generic_perform_write+0x2c5/0x900
[  117.908736][ T7152]        ocfs2_file_write_iter+0x157a/0x1d10
[  117.911216][ T7152]        vfs_write+0x5c9/0xb30
[  117.913164][ T7152]        ksys_write+0x145/0x250
[  117.915129][ T7152]        do_syscall_64+0xfa/0x3b0
[  117.917188][ T7152]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.919852][ T7152] 
[  117.919852][ T7152] -> #0 (&ocfs2_file_ip_alloc_sem_key){++++}-{4:4}:
[  117.923450][ T7152]        validate_chain+0xb9b/0x2140
[  117.925143][ T7152]        __lock_acquire+0xab9/0xd20
[  117.926772][ T7152]        lock_acquire+0x120/0x360
[  117.928357][ T7152]        down_write+0x96/0x1f0
[  117.929844][ T7152]        ocfs2_try_remove_refcount_tree+0xb6/0x320
[  117.932058][ T7152]        ocfs2_truncate_file+0xda0/0x1420
[  117.933985][ T7152]        ocfs2_setattr+0x1520/0x1b40
[  117.936104][ T7152]        notify_change+0xb36/0xe40
[  117.938240][ T7152]        do_truncate+0x1a4/0x220
[  117.939897][ T7152]        path_openat+0x306c/0x3830
[  117.941685][ T7152]        do_filp_open+0x1fa/0x410
[  117.943623][ T7152]        do_sys_openat2+0x121/0x1c0
[  117.945235][ T7152]        __x64_sys_open+0x11e/0x150
[  117.946860][ T7152]        do_syscall_64+0xfa/0x3b0
[  117.948436][ T7152]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.950436][ T7152] 
[  117.950436][ T7152] other info that might help us debug this:
[  117.950436][ T7152] 
[  117.954056][ T7152] Chain exists of:
[  117.954056][ T7152]   &ocfs2_file_ip_alloc_sem_key --> jbd2_handle --> &oi->ip_xattr_sem
[  117.954056][ T7152] 
[  117.958387][ T7152]  Possible unsafe locking scenario:
[  117.958387][ T7152] 
[  117.960792][ T7152]        CPU0                    CPU1
[  117.962884][ T7152]        ----                    ----
[  117.964551][ T7152]   lock(&oi->ip_xattr_sem);
[  117.966347][ T7152]                                lock(jbd2_handle);
[  117.968860][ T7152]                                lock(&oi->ip_xattr_sem);
[  117.971652][ T7152]   lock(&ocfs2_file_ip_alloc_sem_key);
[  117.973824][ T7152] 
[  117.973824][ T7152]  *** DEADLOCK ***
[  117.973824][ T7152] 
[  117.976953][ T7152] 3 locks held by syz.1.444/7152:
[  117.978870][ T7152]  #0: ffff888038be6428 (sb_writers#12){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  117.982477][ T7152]  #1: ffff888115585240 (&sb->s_type->i_mutex_key#20){+.+.}-{4:4}, at: do_truncate+0x171/0x220
[  117.985970][ T7152]  #2: ffff888115584f78 (&oi->ip_xattr_sem){++++}-{4:4}, at: ocfs2_try_remove_refcount_tree+0xa4/0x320
[  117.989754][ T7152] 
[  117.989754][ T7152] stack backtrace:
[  117.991948][ T7152] CPU: 1 UID: 0 PID: 7152 Comm: syz.1.444 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  117.991960][ T7152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  117.991966][ T7152] Call Trace:
[  117.991972][ T7152]  <TASK>
[  117.991983][ T7152]  dump_stack_lvl+0x189/0x250
[  117.991996][ T7152]  ? __pfx_dump_stack_lvl+0x10/0x10
[  117.992006][ T7152]  ? __pfx__printk+0x10/0x10
[  117.992017][ T7152]  ? print_lock_name+0xde/0x100
[  117.992028][ T7152]  print_circular_bug+0x2ee/0x310
[  117.992039][ T7152]  check_noncircular+0x134/0x160
[  117.992048][ T7152]  validate_chain+0xb9b/0x2140
[  117.992059][ T7152]  __lock_acquire+0xab9/0xd20
[  117.992071][ T7152]  ? ocfs2_try_remove_refcount_tree+0xb6/0x320
[  117.992080][ T7152]  lock_acquire+0x120/0x360
[  117.992089][ T7152]  ? ocfs2_try_remove_refcount_tree+0xb6/0x320
[  117.992100][ T7152]  down_write+0x96/0x1f0
[  117.992107][ T7152]  ? ocfs2_try_remove_refcount_tree+0xb6/0x320
[  117.992115][ T7152]  ? __pfx_down_write+0x10/0x10
[  117.992128][ T7152]  ocfs2_try_remove_refcount_tree+0xb6/0x320
[  117.992137][ T7152]  ? __pfx_ocfs2_try_remove_refcount_tree+0x10/0x10
[  117.992146][ T7152]  ? up_write+0x1c4/0x420
[  117.992155][ T7152]  ocfs2_truncate_file+0xda0/0x1420
[  117.992169][ T7152]  ? __pfx_ocfs2_truncate_file+0x10/0x10
[  117.992180][ T7152]  ? do_raw_spin_unlock+0x4d/0x240
[  117.992189][ T7152]  ? _raw_spin_unlock+0x28/0x50
[  117.992197][ T7152]  ? ocfs2_inode_lock_tracker+0x3ec/0x660
[  117.992206][ T7152]  ? __pfx_ocfs2_inode_lock_tracker+0x10/0x10
[  117.992213][ T7152]  ? ocfs2_rw_lock+0x13a/0x240
[  117.992220][ T7152]  ? __pfx_ocfs2_rw_lock+0x10/0x10
[  117.992227][ T7152]  ? inode_newsize_ok+0x11b/0x1c0
[  117.992237][ T7152]  ocfs2_setattr+0x1520/0x1b40
[  117.992250][ T7152]  ? __pfx_ocfs2_setattr+0x10/0x10
[  117.992260][ T7152]  ? ktime_get_coarse_real_ts64_mg+0x52/0x1e0
[  117.992270][ T7152]  ? seqcount_lockdep_reader_access+0x175/0x1c0
[  117.992302][ T7152]  ? __pfx_rwsem_down_write_slowpath+0x10/0x10
[  117.992312][ T7152]  ? ktime_get_coarse_real_ts64_mg+0x1be/0x1e0
[  117.992324][ T7152]  ? current_time+0x222/0x370
[  117.992332][ T7152]  ? evm_inode_setattr+0x1b6/0x7d0
[  117.992342][ T7152]  ? __pfx_current_time+0x10/0x10
[  117.992351][ T7152]  ? try_break_deleg+0x79/0x130
[  117.992361][ T7152]  ? __pfx_ocfs2_setattr+0x10/0x10
[  117.992372][ T7152]  notify_change+0xb36/0xe40
[  117.992383][ T7152]  do_truncate+0x1a4/0x220
[  117.992394][ T7152]  ? __pfx_do_truncate+0x10/0x10
[  117.992402][ T7152]  ? apparmor_file_truncate+0x23e/0x2d0
[  117.992418][ T7152]  path_openat+0x306c/0x3830
[  117.992426][ T7152]  ? arch_stack_walk+0xfc/0x150
[  117.992438][ T7152]  ? stack_depot_save_flags+0x40/0x860
[  117.992452][ T7152]  ? __pfx_path_openat+0x10/0x10
[  117.992459][ T7152]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.992471][ T7152]  do_filp_open+0x1fa/0x410
[  117.992479][ T7152]  ? __lock_acquire+0xab9/0xd20
[  117.992490][ T7152]  ? __pfx_do_filp_open+0x10/0x10
[  117.992503][ T7152]  ? _raw_spin_unlock+0x28/0x50
[  117.992511][ T7152]  ? alloc_fd+0x64c/0x6c0
[  117.992522][ T7152]  do_sys_openat2+0x121/0x1c0
[  117.992531][ T7152]  ? __pfx_do_sys_openat2+0x10/0x10
[  117.992538][ T7152]  ? exc_page_fault+0x76/0xf0
[  117.992549][ T7152]  ? do_user_addr_fault+0xc8a/0x1390
[  117.992561][ T7152]  __x64_sys_open+0x11e/0x150
[  117.992570][ T7152]  do_syscall_64+0xfa/0x3b0
[  117.992581][ T7152]  ? lockdep_hardirqs_on+0x9c/0x150
[  117.992590][ T7152]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.992597][ T7152]  ? exc_page_fault+0x9f/0xf0
[  117.992606][ T7152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.992613][ T7152] RIP: 0033:0x7fa1da78ebe9
[  117.992623][ T7152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.992631][ T7152] RSP: 002b:00007fa1db58e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  117.992639][ T7152] RAX: ffffffffffffffda RBX: 00007fa1da9b6090 RCX: 00007fa1da78ebe9
[  117.992645][ T7152] RDX: 0000000000000000 RSI: 0000000000080242 RDI: 0000200000000040
[  117.992650][ T7152] RBP: 00007fa1da811e19 R08: 0000000000000000 R09: 0000000000000000
[  117.992663][ T7152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  117.992668][ T7152] R13: 00007fa1da9b6128 R14: 00007fa1da9b6090 R15: 00007fff6188f898
[  117.992676][ T7152]  </TASK>
[  118.141293][    T9] usb 1-1: Using ep0 maxpacket: 16
[  118.154982][    T9] usb 1-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  118.159122][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.162872][    T9] usb 1-1: Product: syz
[  118.164661][    T9] usb 1-1: Manufacturer: syz
[  118.166640][    T9] usb 1-1: SerialNumber: syz
[  118.171425][    T9] usb 1-1: config 0 descriptor??
[  118.175326][    T9] visor 1-1:0.0: Sony Clie 3.5 converter detected
[  118.190479][ T5849] ocfs2: Unmounting device (7,1) on (node local)
[  118.378125][    T9] usb 1-1: clie_3_5_startup: get config number failed: -71
[  118.381369][    T9] visor 1-1:0.0: probe with driver visor failed with error -71
[  118.385783][    T9] usb 1-1: USB disconnect, device number 10

VM DIAGNOSIS:
12:22:09  Registers:
info registers vcpu 0

CPU#0
RAX=c14fb3ba4cc20800 RBX=ffffffff81968308 RCX=c14fb3ba4cc20800 RDX=0000000000000001
RSI=ffffffff8be333e0 RDI=ffffffff81968308 RBP=ffffffff8de07eb8 RSP=ffffffff8de07d80
R8 =ffff88804b032f9b R9 =1ffff110096065f3 R10=dffffc0000000000 R11=ffffed10096065f4
R12=ffffffff8fa37e30 R13=0000000000000000 R14=0000000000000000 R15=1ffffffff1bd2a20
RIP=ffffffff8b7943f3 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b861c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fa1db58dfc8 CR3=000000010a3cc000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000ffff0000 00000000000000ff XMM01=0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=00000000ffff0000 00000000000000ff XMM05=000000ffff000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000020 RBX=0000000000000020 RCX=0000000000000000 RDX=00000000000003f8
RSI=000000000001a882 RDI=000000000001a883 RBP=00000000000003f8 RSP=ffffc9000417e850
R8 =ffff888020a68237 R9 =1ffff1100414d046 R10=dffffc0000000000 R11=ffffffff854efeb0
R12=dffffc0000000000 R13=ffffffff99af98d0 R14=ffffffff99dee3a0 R15=0000000000000000
RIP=ffffffff854eff2c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fa1db58e6c0 ffffffff 00c00000
GS =0000 ffff8881a3c1c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fa1db58ed58 CR3=000000001f9f6000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=7712c53e93b9f1e8 728370bf3cb3486e
XMM06=63e772d7f3a22482 dabb339f3c035440 XMM07=bd0dad416e16bee6 46815929601aad29
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f379ee12fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
