last executing test programs:

2m40.417116294s ago: executing program 2 (id=61):
r0 = syz_open_dev$I2C(&(0x7f00000a77c0), 0x0, 0x100)
ioctl$I2C_TIMEOUT(r0, 0x702, 0xfffffffffffffffb)

2m40.33966798s ago: executing program 2 (id=62):
syz_mount_image$exfat(&(0x7f00000009c0), &(0x7f0000000000)='./file1\x00', 0x842, &(0x7f0000000200)=ANY=[@ANYBLOB="696f636861727365743d6370313235302c646973636172642c646d61736b3d30303030303030303030303030303030303030303030322c74696d655f6f66667365743d3078303030303030303030303030303031652c756d61736b3d30303030303030303030303031353736313035323131332c756d61736b3d30303030303030303030303030303030303030303137342c646d61736b3d3030303030303030303030303030363031302c666d61736b3d30303030303030303030303030303030303030303030302c616c6c6f775f7574696d653d30303030303030303030303030303030303030303036342c7379735f747a2c000000000000b84974a4647e1629f375432f41042ec4fcf5706a510d085e109807ea9c36edc97802f8ae6bce00f4d453d0e704a56fb7ed35ddb60cb64fd4892d76f4550ec3150e2e4f0a2157381ba1864880d601b8c4ac1e8eb0c8bcb450e2fe2ce4176031562a639026158eef77926324e9d49a4698108ae3f39e3897202e060cd9d4bfa3750011278c673394c9a14fe5b25831d4585bdad875df96c940bc29656b13c299bd71da385449d953d5187674f888f02f437a5459690fbee7b13a3335f9291121821d0f95336d73ffb9314d86bb288b1939306532ec4f783f5d8016f11fd8c46bce04d9eb3c9148f0c15acac38bfea6f010c36ead47f6e74a000000000000000000", @ANYRES64=0x0], 0x1, 0x1531, &(0x7f0000000a00)="$eJzs3QuYTlXbOPD7XmvtMSQ9TXIY1lr35kkOyyRJDklySJIkSXJKSJrklYTEkFPSkITkMCSHISSHiUnjfD4fEpImTZKE5JSs/6X41Fvv/33f7+3Ld31z/65rX9Y9a99rr/3c+3n2Ac9802Vozca1qjUkIviP4C9/JAFALAAMBIBrACAAgHJx5eIu9OeUmPSfbYT9uR5KvdIzYFcS1z974/pnb1z/7I3rn71x/bM3rn/2xvXP3rj+jGVnm6cXvJaX7Lvw8//sjM///4dklR77xdrS13cFiPkX1vbA9c/2uP7/R+Cl8+9/Cf6VNK5/9sb1z65ir/QE2P8C/P7PDnL8wx6uf7ajfh1w/RnLzq708+crvUAke78GV/r4Y4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDGWPZz2lykAuNS+0vNijDHGGGOMMcbYn8fn+G2srtREGGOMMcYYY4wx9j8IQYAEBQHEQA6IhZyQCwQAXA154BqIwLUQB9dBXrge8kF+KAAFIR4KQWHQYMACQQhFoChE4QYoBjdCcSgBJaEUOCgNCXATlIGboSzcAuXgVigPt0EFqAiVoDLcDlXgDqgKd0I1uAuqQw2oCbXgbqgN90AduBfqwn1QD+6H+vAANIAHoSE8BI3gYWgMj0ATeBSaQjNoDi2g5X8r/wXoAS9CT+gFSdAb+sBL0Bf6QX8YAAPhZRgEr8BgeBWSYQgMhddgGLwOw+ENGAEjYRS8CaPhLRgDY2EcjIcUmAAT4W2YBO/AZJgCU2EapMJ0mAHvwkyYBbPhPZgD78NcmAfzYQGkwQewEBZBOnwIi+EjyIAlsBSWwXJYASthFayGNbAW1sF62AAbYRNshi2wFbbBdtgBO+Fj2AWfwG7YA3vhU9gHn/2b+af+Lr8rAgIKFKhQYQzGYCzGYi7MhbkxN+bBPBjBCMZhHObFvJgP82EBLIDxGI+FsTAaNEhIWASLYBSjWAyLYXEsjiWxJDp0mIAJWAZvxrJYFsthOSyP5bECVsSKWBkrYxWsglWxKlbDalgdq2NNrIl3493YG+tgHayLdbEe1rv0eAobYkNshI2wMTbGJtgEm2JTbI7NsSW2xFbYCltja2yLbbEdtsP22B4TMRE7YAfsiB2xE3bCztgZu2AX7IrdsFvWCzkAX8QXsRdWF72xD/bBvpicoz8OwAH4Mg7CV/AVfBWTcQgOxdfwNXwdh+NJHIEjcRSOwiriLRyDY5HEeEzBFJyIE3ESTsLJOAWn4DRMxek4A2fgTJyFs/A9nIPv4/s4D+fhAkzDNFyIizAd03ExnsIMXIJLcRkuxxW4HFfhalyFa3EdrsUNuAE34SbcgltwG27DHbgDP0YFgJ/gHtyDybgP9+F+3I+ZmIkH8ABmYRYexIN4CA/hYTyMR/AIHsVjeByP4Qk8gSfxFJ7G03gWz+I5fC7+q0Yfl1iTDOICJZSIETEiVsSKXCKXyC1yizwij4iIiIgTcSKvyCvyiXyigCgg4kW8KCwKCyOMIBHGAICIiqgoJoqJ4qK4KClKCiecSBAJoowoI8qKsqKcuFWUF7eJCqKiaOMqi8qiimjrqoo7RTVRTVQXNURNUUvUErVFbVFH1BF1RV1RT9QT9cUDooHojf3xIXGhMo3FEGwihmJT0UzIi59grcRwbC3aiLbiCTESR2B70coliqdFBzEGO4q/ibH4rOgsxmMX8bzoKrqJ7uIF0UO0dj1FLzEZe4s+Yhr2Ff1EfzFAzMQa4j2ck7OmeFUkiyFiqHhNLMDXxXDxhhghRopR4k0xWrwlxoixYpwYL1LEBDFRvC0miXfEZDFFTBXTRKqYLmaId8VMMUvMFu+JOeJ9MVfME/PFApEmPhALxSKRLj4Ui8VHIkMsEUvFMrFcrBArxSqxWqwRa8U6sV5sEBvFJrFZbBFbxTaxXewQO8XHYpf4ROwWe8Re8anYJz4T+8XnIlN8IQ6IL0WW+EocFF+LQ+IbcVh8K46I78RRcUwcF9+LE+IHcVKcEqfFGXFW/CjOiZ/EeeEFSJRCSqlkIGNkDhkrc8pc8iqZWwYXX91rZZy8TuaV18t8Mr8sIAvKeFlIFpZaGmklyVAWkUVlVN4gi8kbZXFZQpaUpaSTpWWCvEmWkTfLsvIWWU7eKsvL22QFWVFWkpXl7bKKvENC5i/bqC5ryJqylrxbJsE9so68V9aV98l68n5ZXz4gG8gHZUP5kGwkH5aN5SOyiXxUNpXNZHPZQraUj8lW8nHZWraRbeUTsp18UraXT8lE+bTsIP3FQ+RZ2Vk+J7vI52VX2U12lz/J89LLnrKXhN4g+8iXZF/ZT/aXA+RA+bIcJF+Rg+WrMlkOkUPla3KYfF0Ol2/IEXKkHCXflKPlW3KMHCvHyfEyRU6QE+XbcpJ8R06WU+RUOU2myumy/8WRZkv5T/Pf/oP8wT9vfZPcLLfIrXKb3C53yJ3yY7lL7pK75W65V+6V++Q+uV/ul5kyUx6QB2SWzJIH5UF5SB6Sh+VheUQekUflMXlGfi9PyB/kSXlKnpJn5Fl5Vp67+BqAQiWUVEoFKkblULEqp8qlrlK51dUqj7pGRdS1Kk5dp/Kq61U+lV8VUAVVvCqkCiutjLKKVKiKqKIqqm7AiweMKqlKKadKqwR107+Tr4qpG1VxVeI3+Zfml/QP5tdStVStVCvVWrVWbVVb1U61U+1Ve5WoElUH1UF1VB1VJ9VJdVadVRfVRXVVXVV31V31UD1UT9VTJakk1Ue9pPqqfqq/GqAGqpfVIDVIDVaDVbJKVkPVUDVMDVPD1XA1Qo1Qo9QoNVqNVmPUGDVOjVMpKkVNVBPVJDVJTVaT1VQ1VaWqVDVDzVAz1Uw1W81Wc9QcNVfNVfPVfJWm0tRCtVClq3S1WC1WGWqJWqKWqWVqhVqhVqlVao1ao9apdWqD2qAy1Ga1WW1VW9V2tV3tVDvVLrVL7Va71V61V+1T+9R+tV9lqkx1QB1QWSpLHVQH1SF1SB1Wh9URdUQdVUfVcXVcnVAn1El1Up1Wp9VZdVadU+fUeXX+wmVfIAIRqEAFMUFMEBvEBrmCXEHuIHeQJ8gTRIJIEBfEBXmD64N8Qf6gQFAwiA8KBYUDHZjABuJi0aPBDUGx4MageFAiKBmUClxQOkgIbgrKBDcHZYNbgnLBrUH54LagQlAxqBRUDm4PqgR3BFWDO4NqwV1B9aBGUDOoFdwd1A7uCeoE9wZ1g/uCesH9Qf3ggaBB8GDQMHgoaBQ8HDQOHgmaBI8GTYNmQfOgRdDyTx3f+5P5H3c9dS+dpHvrPvol3Vf30/31AD1Qv6wH6Vf0YP2qTtZD9FD9mh6mX9fD9Rt6hB6pR+k39Wj9lh6jx+pxerxO0RP0RP22nqTf0ZP1FD1VT9Operqeod/VM/UsPVu/p+fo9/VcPU/P1wt0mv5AL9SLdLr+UC/WH+kMvUQv1cv0cr1Cr9Sr9Gq9Rq/V6/R6vUFv1Jv0Zr1Fb9Xb9Ha9Q+/UH+td+hO9W+/Re/Wnep/+TO/Xn+tM/YU+oL/UWforfVB/rQ/pb/Rh/a0+or/TR/UxfVx/r0/oH/RJfUqf1mf0Wf2jPqd/0ue1v3Bxf+H0bpRRJsbEmFgTa3KZXCa3yW3ymDwmYiImzsSZvCavyWfymQKmgIk38aawKWwuIEOmiClioiZqipliprgpbkqaksYZZxJMgiljypiypqwpZ8qZ8hcOIlPBVDKVzO3mdnOHucPcae40d5m7TA1Tw9QytUxtU9vUMXVMXVPX1DP1TH1T3zQwDUxD09A0Mo1MY9PYNDFNTFPT1DQ3zU1L09K0Mq1Ma9PatDVtTTvTzrQ37U2iSTQdTAfT0XQ0nUwn09l0Nl1MF9PVdDXdTXfTw/QwPU1Pk2SSTB/Tx/Q1fU1/098MNAPNIDPIDDaDTbJJNkPNUDPMDDPDzXAzwow0oy5cqJq3zBgz1owz402KSTETzUQzyUwyk81kM9VMNakm1cwwM8xMM9PMNrPNHDPHzDVzzXwz36SZNLPQLDTpJt0sNotNhskwS81Ss9wsNyvNSrParDZrzVqzHtabjWaj2Ww2m61mq9lutpudZqfZZXaZ3Wa32Wv2mn1mn9lv9ptMk2kOmAMmy2SZg+agOWQOmcPmsDlijpij5qg5bo6bE+aEOWlOmtPmtDlr8l88X3oTa3PaXPYqm9tebfPYa+zfxwVsQRtvC9nCVtt8Nv9vYmOtLW5L2JK2lHW2tE2wN/0urmAr2kq2sr3dVrF32Kq/i2vbe2wde6+ta++ztezdv4nr2fttffuIbYAIYJvZRraFbWwfsU3so7apbWab2xa2nX3StrdP2UT7tO1gn/ldvNAusqvtGrvWrrO77R572p6xh+w39qz90fa0vexA+7IdZF+xg+2rNtkO+V08yr5pR9u37Bg71o6z438XT7XTbKqdbmfYd+1MO+t3cZr9wM6x6XaunWfn2wU/xxfmlG4/tIvtRzbDBrDULrPL7Qq70q76r7kusxvsRrvJ7rKf2K12m91ud9idly6E7R67135q99nP7EH7tc20X9gD9rDNsl/9HF/Yv8P2W3vEfmeP2mP2uP3enrA/XPor/5/3/Xv7kz1vvQVCApKkKKAYykGxlJNy0VWUm66mPHQNRehaiqPrKC9dT/koPxWgghRPhagwaTJkiSikIlSUonQDXZpeSSpFjkpTAt1EZehmKku3UDm6lcrTbVSBKlIlqky3UxW6g6rSnVSN7qLqVINqUi26m2rTPVSH7qW6dB/Vo/upPj1ADehBakgPUSN6mBrTI9SEHqWm1IyaUwtqSY9RK3qcWlMbaktPUDt6ktrTU5RIT1MHeoY60t+oEz1Lnek56kLPU1fqRt3pBepBL1JP6kVJ1Jv60EvUl/pRfxpAA+llGkSv0GB6lZJpCA2l12gYvU7D6Q0aQSNpFL1Jo+ktGkNjaRyNpxSaQBPpbZpE79BkmkJTaRql0nSaQe/STJpFs+k9mkPv01yaR/NpAaXRB7SQFlE6fUiL6SPKoCW0lJbRclpBK2kVraY1tJbW0XraQBtpE22mLbSVttF22kE76WPaRZ/QbtpDe+lT2kef0X76nDLpCzpAX1IWfUUH6Ws6RN/QYfrW96Lv6Cgdo+P0PZ2gH+gknaLTdIbO0o90jn6i8+QJQgxFKEMVBmFMmCOMDXOGucKrwtzh1WGe8JowEl4bxoXXhXnD68N8Yf6wQFgwjA8LhYVDHZrQhhSGYZGwaBgNbwiLhTeGxcMSYcmwVOjC0mFCeFNYJrw5LBveEpYLbw3Lh7eFFcKK4SP3VQ5vD6uEd4RVwzvDauFdYfWwRlgzrHX13WHt8J6wTnhvWDe8Lywb3h/WDx8IG4QPhg3Dh8JG4cNh4/CRsEn4aNg0bBY2D1uELcPHwlbh42HrsE3YNnwibBc+GbYPnwoTw6fDDuEzP/ffv+gf9yeFvcM+4UvhS6H398r50QXRtOgH0YXRRdH06IfRxdGPohnRJdGl0WXR5dEV0ZXRVdHV0TXRtdF10fXRDdGN0U1R72vlAIdOOOmUC1yMy+FiXU6Xy13lcrurXR53jYu4a12cu87ldde7fC6/K+AKunhXyBV22hlnHbnQFXFFXdTd4Iq5G11xV8KVdKWcc6VdgmvhWrqWrpV73LV2bVxb94R7wj3pnnRPuafc066De8Z1dH9zndyzrrN7zj3nnnddXTfX3b3gergJeX55Tya5Pq6P6+v6uv6uvxvoBrpBbpAb7Aa7ZJfshrqhbpgb5oa74W6EG+FGuVFutBvtxrgxbpwb51JcipvoJrpJbpKb7Ca7qW6qS3Wpboab4Wa6ma7KrF+2MtfNdfPdfJfm0txCd+F0n+4Wu8Uuw2W4pW6pW+6Wu5VupVvtVru1bq1b79a7jW6j2+w2u61uq9vutrudbqfb5Xa53f6aXwZ1+9x+t99lukx3wH3pstxX7qD72h1y37jD7lt3xH3njrpj7rj73p1wP7iT7pQ77c64s+5Hd8795M4771IiEyITI29HJkXeiUyOTIlMjUyLpEamR2ZE3o3MjMyKzI68F5kTeT8yNzIvMj+yIJIW+SCyMLIokh75MLI48lEkI7IksjSyLLI8siLifaGtoS/ii/qov8EX8zf64r6EL+lLeedL+wR/ky/jb/Zl/S2+nL/Vl/e3+Qq+oq/kH/VNfTPf3LfwLf1jvpV/3Lf2bXxb/4Rv55/07f1TPtE/7Tv4Z3xH/zffyT/rO/vnfBf/vO/qu/nu/gXfw7/oe/pePsn39n38S76v7+f7+wF+oH/ZD/Kv+MH+VZ/sh/ih/jU/zL/uh/s3/Ag/0o+KedOPvnSLDON9ip/gJ/q3/ST/jp/sp/ipfppP9dP9DP+un+ln+dn+PT/Hv+/n+nl+vl/g0/wHfqFf5NP9h36x/8hn+CWXHir7lX6VX+3X+LV+nV/vN/iNfpPf7Lf4rX6b3+53+J3+Y7/Lf+J3+z1+r//U7/Of+f3+c5/pv/AH/Jc+y3/lD/qv/SH/jT/sv/VH/Hf+qD/mj/vv/Qn/gz/pT/nT/ow/63/05/xP/jz/nzXGGGOMsX/JhMtN8dueXx7n9/6DHPGrlfsAwNXbCmb9uv/CFeX6fL+0+4n4dhEAeLpXl4cuLdWrJyUlXVw3Q0JQdB4ARC7nx8DleAm0hSchEdpAmT+cfz/R7Sz9k/GjtwLk+lVOLFyOL4//+ek/+uqDfuKxJ0YtLB+ejvv/jD8PoHjRyzk54XK8BNr+/HylDZT9B/PP3+qfzD/nFykArX+Vkxsux5fnnwCPwzOQ+Js1GWOMMcYYY4yxX/QTlTpduv+89C8+/+j+PP5XXwyQAy7H/+z+nDHGGGOMMcYYY1fes926P/VYYmKbTv9+o+p/K+tfbjSB/6mRufGHDe8BLv1EAcB/OCDAhYb8K/diy1+yreSLb52/71p+xgfwv6OUf0bjCn8wMcYYY4wxxv50ly/6f/tz/j0AjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcbYX+ev+DqxK72PjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG2JX2/wIAAP//clsLyA==")
pivot_root(&(0x7f0000000240)='./file0\x00', &(0x7f0000000040)='./file0\x00')

2m40.220689199s ago: executing program 2 (id=63):
syz_mount_image$minix(&(0x7f0000000600), &(0x7f0000000100)='./file1\x00', 0x1804002, &(0x7f0000000200)=ANY=[@ANYRES8=0x0, @ANYRESHEX=0x0, @ANYBLOB="28eab73baea79cebfbcb377495a5091fc0b79703c790e209a76c53adec0a444df808db4a70188c30fc5f9c81caa83f2882fced04170dc6602feb4f971fa7b7c3d8be7345ca210ed1a2e91f15f7cf9f851773d36f4149ae4855f777c47e1a9ffb174a9daee48821b82196b5336460ba85b4ca92c2fe9b7ae175cab7acdd2c107c335a67c1a38efd4a2a19b18fe8ca", @ANYRESOCT, @ANYRES32, @ANYRES16, @ANYRESDEC], 0x11, 0x1d6, &(0x7f0000000bc0)="$eJzs289ulFAUx/EfDANa/9S/GzddaKIbS0cT0Z19lElL66SMNtZNGxPjA/gQvoE+kQu3nUR3rsTMZToOSIVhOtDpfD9Jw71wD/fcUJjDAgFYWjckWbLUlhTH8YdXD2ytNZ0UgFq09DsGsKz0459dXlIMALjYBpstUwfsS/r28/3W8eivPVEh/M9g0zbbl5KOJ+LdkvXH4KNltvecdPzwEXSpRHz8OYl/mJn/8pTzr2TiV0rHJ+t/dD8df0XSVUnXJF2XtDp617op6VbO/NuZ+e8Od34tmQRQkaX1bD+1w9ZOLwo3xv226Xcmxqe55vjTcd8z/fWtN9H22ScPYCZ2wf3fytz/Tub+B7C4Dg6P9rpRFL7Nb3w5/VDNDbsoVdPwVO6E338VjLHPwZJnbgxf3c7khG6J/5bCMWsVZj95+Zw655O6tOlLkDQcSVXDndFKcsf0Z83Qy71e7l43Ou2J4czvYQSgVv67/r5/cHj0uNfv7oa74esnwYsg6DzvPAt8U/n7Oz1po+k0AczB3x/98jHx6jwzAgAAAAAAAAAAAAAA07ot6U6FuDj74Q8AAACAc6+OT6DGk31qdKkAAAAAAAAAAAAAAAAAAADAwvsTAAD//2QeNU0=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000680)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000a900000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000a000000000000000000000080400000000000000000080000000000000000000000000000000044000500ac1414aa000000000000000000000000000000003c00000000000000ffffffff0000000000000000000000000000000000030000000000000000000000000000bbb7b6e33ab11040aff2f7ad2052e46fd7ea92ce0f7198d4834b013cd944072cb8d3177cf280b79de98ab719cf578ab3e45eef1c8cc2ae91a733c3e193a8324d3b85006b329c08ae5a2c69423392aa7cbac5317445eac24988002dcd57c66728c33fb8a4a2598fab0f70cc1a4a5df0546de4b6dc8b676ba601b494ba69450cad385f6f4cca467cf1d0a327d9716cd90a5ab067f37f013b1e71568c6ad51da0ed36d872ac8995e0d55905ff93e44a0a55bd319f7bcf8761dce7e338370eb544104d692ea446"], 0xfc}}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)=@migrate={0xa0, 0x21, 0x1, 0x0, 0x0, {{@in6=@private2, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa}}, [@migrate={0x50, 0x11, [{@in=@loopback, @in=@private=0xa010100, @in=@private=0xa010100, @in=@rand_addr=0x64010100, 0x3c, 0x0, 0x0, 0x0, 0xa, 0x2}]}]}, 0xa0}}, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0x20, &(0x7f0000000300)={&(0x7f0000000280)=""/67, 0x43, 0x0, &(0x7f0000000400)=""/166, 0xa6}}, 0x10)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x80)
pwrite64(r5, &(0x7f0000000140)='2', 0x1, 0x8000c61)
truncate(&(0x7f00000000c0)='./file1\x00', 0x8000008)

2m39.196270045s ago: executing program 2 (id=66):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000240), 0xfe, 0x557, &(0x7f0000000280)="$eJzs3c9qG8cfAPDvynb+Ob9fHAih7aEYcmhKGjm2+yeFHtJjaUMDfYBU2BsTLEfBkkPsBpocmksvJRRKaaD0AXrvMfQF+hSBNhBKMO2hF5eVV7FiS5ZsK7FSfT6w9szuyrOj2e94RiOhAAbWePajEPFqRHyTRBxrOjYc+cHx9fNWn9yaybYk1tY++zOJJN/XOD/Jf4/mmVci4tevIs4UtpZbXV6ZL5XL6WKen6gtXJ+oLq+cvbpQmkvn0mtT09Pn35meev+9d3tW1zcv/f39pw8+Ov/1qdXvfn50/F4SF+Jofqy5HntwuzkzHuP5czISFzadONmDwvpJst8XwK4M5XE+ElkfcCyG8qgH/vu+jIg1YEAl4h8GVGMc0Jjb92ge/NJ4/OH6BGhr/ZP110biUH1udGQ1eWZmlM13x3pQflbGL3/cv5dt0bvXIQA6un0nIs4ND7fv/3bvXBfnbC5D/wcvzoNs/PNWq/FP4en4J1qMf0ZbxO5udI7/wqMeFNNWNv77oOX49+mi1dhQnvtffcw3kly5Wk6zvu3/EXE6Rg5m+e3Wc86vPlxrd6x5/JdtWfmNsWB+HY+GDz77mNlSrbSXOjd7fCfitQ7j36RF+2fPx6UuyziZ3n+93bHN9T+8p9rs3NpPEW+0bP+NFa1k+/XJifr9MNG4K7b66+7J39qV37n9n6+s/Y9sX/+xpHm9tpp3CDvw46F/0nbHxpN80XQH93/z3PVAvu9mqVZbnIw4kHwSW/ZPbTy2kW+cn9X/9Knt+79W9392n37eZf3vnrjb9tR+aP/ZHbX/zhMPP/7ih3bld9f/vV1Pnc73dNP/dXuBe3nuAAAAAAAAoN8UIuJoJIXi03ShUCyuv7/jRBwplCvV2pkrlaVrs1H/rOxYjBQaK92jTe+HmMzfD9vIT23KT0fE8Yj4duhwPV+cqZRn97vyAAAAAAAAAAAAAAAAAAAA0CdGNz7/PxRNn//P/D60zxcHPH++8hsGV8f478U3PQF9yf9/GFziHwaX+IfBJf5hcIl/GFziHwaX+IfBJf4BAAAAAAAAAAAAAAAAAAAAAAAAAACgpy5dvJhta6tPbs1k+dkby0vzlRtnZ9PqfHFhaaY4U1m8XpyrVObKaXGmstDp75UrleuTU7F0c6KWVmsT1eWVywuVpWu1y1cXSnPp5XTkhdQKAAAAAAAAAAAAAAAAAAAAXi7V5ZX5UrmcLkpI7Cox3B+XIdHjxH73TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACw4d8AAAD//0gqNi0=")
r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x20)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x20000008)
renameat2(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0/file0\x00', 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0xf1)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

2m38.902170953s ago: executing program 2 (id=69):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000018bbdecde39739fcd1df176dde746ec834120600000000003b814e50a959736d6572462abc30ef5b65c70f73ecea54b5e5bea9836c319f653557e79a002208ce996dda659bd5ba0f4ce5c2080002223dc60000000000000044cd0a1e3686873600000000005493b4b81d5b9fa9b40fe4d76afc3a989c6d60044e89eb96e44d01a1034e3797ffa86870b82939f41ffa0f3d726f085663c29cbdc4c766a7eb77cc36160191acf5ae7469c82ab4145b595b987d75912a0fcd1c061835294cc0c618aba204f8adaa20c80108d356cd88cc86177056b06e7068c40f807d9e539f8f5b64a8ee0725aa8d00000000007cb6020d90ea79b8027cf75964dd86c2ed2b5e75779677aa8c76b848dd03dab190b5f02ec52830a17b01eaae1c3df076000000000000000000000000000083a48a6b926c668b9b90195018ea3619f9d80a0b894e212178e1a19909d764666264fa29e2c055fd7f8e67c2acfb75f0a8d41692f4542a575ee42ed94a0014fba44985cca9df12fe93bfaccf0122a6e7e593613ac0111701b125cc6799c43aa4ff708dc4a00a6decad26f0378072a571da000000b1a6bdf03fd56697e348b5b494f6fddb9f56142a47a40ef81690a7eca421bd0ad198afa58ce69d61c29deaa93c0efea0df04f20020ee84075b4e1a2ad43d1be1138de4668e7b6137545708790c501f1ed7f6a571d500000000000000"], 0x25, 0x55a8, &(0x7f00000014c0)="$eJzs3EtvG2UXAOAzTtP71y9CLNh1pAopkWqrTi+CFQVacRGtKi4LVuDYruXW9kSx64asumCJWPBPEEisWPIbWMASdogFiB1SkWcm0KQNtI3jqO3zSDNn5vj1mXdGlqUzYzmAZ9ZC+sdvSZyIIxExFxHHk8i3k3KJuBNxsRj7QkScjIjKPUtS5v9OHIyIoxFxYlK8qJmUL31xenzq/K9v//7t94cOHPvymx/29cSBffViRPRXi+3b/SJmnSLeKPONcTeP/XPjMq5uqdHPivzt9kpe4XZjc1wjj2c7xfhs9dZwEq/3Gs1J7HSv5/nVQXHA4bizWWfyhvRGYy3fb7VX8tgdZnnsbBTHXd8ovts2hqOiTqus90lePkajzVjk2+vt4nxWb+axORiV+aJu1mqvT+K4jOXhopn1Wvk8Vh7zIj8B3ukObq2n4/basJsN0vO1+ku1+oVqfS1rtUftc9VGv3XhXLrY6U2GVUftRv9iJ8s6vXatmfWX0sVOs1mt19PFS+2VbmOQ1uu1s7Uz1fNL5dbp9I2rH6S9Vro4ia91B7dG3d4wvZ6tpcU7ltLl2tmXl9JT9fS9K9fSa+9evnzl2vsfXfrw6qtX3nq9HHTftNLF5TPLy9X6mepyfekZOv9Py0k/wvknD07/9OPuLhsUdviAAbCz+/r/2N7/h/4fmLrd9P/9m+X+3vT/8TD9f0yz/5+0VPr//+5/K4/U/56YSv87H/r/PTx/2JXH6/8PTn0eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADM3M/zX72ZbywU+8fK/P/K1HPlfhIRlYi4+wBzcXBLzbmyzvwO4+e3zeG7JPIKk2McKpejEXGxXP78/15fBQAAAHh6fX3n5OdFt16sFvZ7QsxScdOmcvzjKdVLImJ+4ZcpVatMVs9PqVj++T4Q61Oqlt/AOjylYsUttwPTqvZQ5raEw/eEpAiVmU4HAACYia2dwGy7EAAAAGbps3999ZWZzYMZS2LzUebms+D8l/f/PBA8Mlnd3fbjfgAAAOBJkuz3BAAAAIA9l/f//v8PAAAAnm7F//8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBf7NzPjdpAFAfgZ4OB/FNQlHtayQ3KSAk55hgoIE1QAmkhDVADkXJICStYYc8ieRek1TLGWvR9ku2d8ernGeDyxtIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXfpbree/f375dWnObn+ZPLMBAAAATtlW63n9x7Rpv0v9H1LXp9QuIqKMiFO1+yBGrcxByqnO/H/1aAx/IuqEQ/84HW8j4ms67j52/SkAAADA7dosV7OmWm9OaQngX7+j4kqaRZvy/bdMeUVEVNP/mdLKw+lzprD69z2MH5nS6gWsSaawZsltePreKNdD2gaty8NMFvWXWLfKbp4LAAD0qV0JnKlCAAAAuAHf+x4A1/C0tC+Op+N7xnFzSS8E37RaAAAAwCtU9D0AAAAAoHN1/d/N/n+TF+3/V9j/DwAAALJr9v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgS9tqPd8sV7Nz9xfPzNntL5NvRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9+zPOwqEQBiEwd71ncnc/7DSoKGxSRUIH39jMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABvfveX/xNT40wy99pYeh5J1k6NrVNj79w4+sP4+jUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsT8vKRACQRAFc8b/Tvr+h5UEPYMIEdDwqKIWDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBf97pf/E1PjTDJ32lg6HknWrhpbV429B42jB+Pt3wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsW//vm1UcQDA3/lspylUhIAiEUAFdYCFpm5p6YoQKGLgT0CKUqcEXAptBlpFlCxsKHMXBAsSQkigsOV/6NxIXcrWIUOQmBiC7lf6nJgmpO05TT8f6fl9/Xx5P86Wla/fHQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQWX83vNIo4zR7GCviqu32xuJsVq9tqzOry3cms5LFyUjVeuz1+mZ/oL0aPzk+MbyJAAAAcFgc2/WItMrvQwh3WyvTWd0Yy/P/VnVMlvP/UHaVlG3b8/61jcUj5UuTVf7/x+/3XtwaaCzNx8k6nZvvdU/tnEpz38t8wj236xHN/Mznv72k+RvS+HDphfVWfj6T727der+dhyN1zBYA2I+TVV0G1f9DWd0Z5sQAeGo0o8S7yv/TseHOCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAO60vhmSpOQgiTzftxZm1jcXZQ/c3yncnVspy7eXM57jProhVCmJvvdU/VuJaDqzqb1z+b6fW6V65eqzs4HkIY8NKNvf15Wk7/P49phxD6Wk68NKCfj/cw1rZ+dgTlxzPUew5Hs/XtenDS15LsOOHvbRaG8QGoK2iU78/jGGK09ve9P6g+e4++5//zXTLyaL6SAAA41FplyTLRu62V6awtGQ9h88f+/P+NKA59ef/mjaKleL4a5f/3Pjl3Ox4rzv87Na3vSTC1cOmLqavXrr81f2nmYvdi9/O3T3fe6Zw5f/bs+an8t5KpudDwiwkAAAAPoV2WOP8fHbD/fzSKwwP2/4st4SL///L7ztfxWKn8f6D7m37DngkAAMDTqL0VPf/a338lA45I2u3w1czCwpVO8bj1/HTxWOt092mkLHH+n44Pe1YAAABAHdaXkr79/wtRHB6w/x9f///szy//GveZFtcWXA4hdE/OXu5dqG85B1r/Tb8/pY/jRuV8oPawVwoAAMCwjJYl3v9vjWf5f2PrkodGCOHNEyH8U97DH/aY/6cffPtLPFZ8/f+ZWld58DQmivOR1xMhNCeGPSMAAAAOsyNlyZL9P1sr05/+dvSjtuv/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOr2bwAAAP//aR4tAA==")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x8cc00, 0x0, 0x0, 0x0, &(0x7f0000000000))
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000000), 0x0)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0)

2m37.990871927s ago: executing program 2 (id=79):
r0 = syz_open_dev$video4linux(&(0x7f0000000080), 0xe97, 0x0)
ioctl$VIDIOC_SUBDEV_S_CROP(r0, 0xc038563c, &(0x7f00000003c0)={0x1, 0x0, {0xfffffff9, 0xfffffffd, 0xfffff1b4}})

2m37.765907453s ago: executing program 32 (id=79):
r0 = syz_open_dev$video4linux(&(0x7f0000000080), 0xe97, 0x0)
ioctl$VIDIOC_SUBDEV_S_CROP(r0, 0xc038563c, &(0x7f00000003c0)={0x1, 0x0, {0xfffffff9, 0xfffffffd, 0xfffff1b4}})

29.495499609s ago: executing program 1 (id=1421):
chdir(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0xc)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]})
r4 = openat$mixer(0xffffffffffffff9c, &(0x7f00000018c0), 0x0, 0x0)
ioctl$mixer_OSS_GETVERSION(r4, 0x40086602, &(0x7f0000000000))
chdir(&(0x7f00000001c0)='./bus\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x3c, 0x3c, 0x107, 0x0, 0x0, {0x1, 0x7c}, [@nested={0x8, 0xfc, 0x0, 0x1, [@nested={0x4, 0x8}]}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0xa, 0x2, 0x0, 0x1, [@generic="97f0972655b2"]}, @typed={0x8, 0x5, 0x0, 0x0, @u32=0x9}]}, 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x4040)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='./cgroup.net/cgroup.procs\x00', 0x0, 0x82)

28.535359368s ago: executing program 1 (id=1428):
r0 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_DEL_RULE(r0, &(0x7f0000000340)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000300)={&(0x7f0000000b00)={0x428, 0x3f4, 0x1, 0x70bd2d, 0x25dfdbfd, {0x10, 0x1, 0x1f, [0x3, 0x3, 0x3, 0x3, 0x2, 0x400, 0xf, 0x2, 0x0, 0x50, 0x8, 0xd9, 0x7, 0x9, 0xffffff40, 0x30b, 0xffffffce, 0x0, 0x1, 0x1, 0x6, 0x2, 0x2, 0x1, 0x3, 0x1, 0xffffffff, 0x7, 0x9, 0x2, 0x6, 0x5, 0xfffffffa, 0x80000000, 0x80000001, 0x19, 0x40, 0x5, 0xfc, 0x3, 0x8, 0x5, 0x81, 0x3, 0xffffa0d6, 0x1, 0x3, 0xc, 0x0, 0x5, 0x2, 0x8, 0x5, 0x4, 0x7, 0x8, 0xaf5e, 0x6, 0x5, 0x256, 0x1, 0xcf7, 0xff, 0x7], [0x59, 0x5, 0x8001, 0x1, 0x3, 0x9, 0x6, 0xfffffffe, 0x9, 0x780b88c0, 0x1, 0x7, 0x5, 0x3, 0x5, 0x200, 0x6, 0x7b, 0x0, 0xfffffff8, 0x3, 0x52bd, 0x3, 0x8, 0x800, 0x7, 0x0, 0x5, 0x1, 0x7, 0x7, 0x2, 0x4, 0x2, 0x7, 0xfffffff8, 0x5e5, 0xa, 0x92b4, 0xffff, 0x5, 0x1, 0x8, 0x3, 0x8e95, 0x3, 0x400, 0x7f, 0xd, 0x3, 0x6, 0x1, 0x2, 0x3ff, 0x2, 0x401, 0x5, 0x6, 0x7, 0x5, 0x3, 0x7fff, 0x3, 0x10d4], [0x8000, 0x8000, 0x1, 0xfea, 0x699b, 0x7e, 0x9, 0x6, 0x5, 0x8, 0xdcb2, 0x7ff, 0x6, 0x2, 0x9, 0x9, 0x7fff, 0xffff, 0x9, 0x7f, 0x8, 0x8e6b8cc4, 0x6, 0xfffffff5, 0x2, 0x7fff, 0x3, 0x2, 0x10, 0x7, 0x9, 0x1, 0x401, 0x5, 0x9, 0x1000000, 0x0, 0x94, 0x3, 0x0, 0x7, 0x53f, 0xfffffff8, 0xa5d, 0x45cf, 0x2762, 0x93, 0x7c, 0x3, 0x1, 0x10001, 0x80000000, 0x7fffffff, 0x6, 0x6, 0xf7, 0x6, 0x80000000, 0x3, 0x0, 0xfffffffc, 0x1, 0x3], [0x5, 0xffffffa6, 0xb4d5, 0x6, 0x3cec8fbe, 0x7, 0x61, 0x7, 0x9, 0x1, 0x5, 0x9, 0x10001, 0x1, 0x5, 0x7c4, 0x10001, 0xed, 0x6, 0x4, 0x6, 0x1, 0x3, 0x3, 0x7, 0x7fffffff, 0x5, 0x2, 0x4, 0x5, 0xd, 0x1640, 0x6, 0x6, 0x8, 0x0, 0x8000, 0x0, 0xae2, 0xb15c, 0x2, 0x401, 0x7ff, 0x1, 0x0, 0x2, 0x1, 0x1, 0x3, 0x2, 0xfffffffa, 0x0, 0x80000000, 0x101, 0x5, 0x1000, 0x4, 0x2, 0x0, 0x0, 0x8, 0x0, 0x800, 0x5], 0x7, ['^\xfa2\x00', '/-\x00']}, [""]}, 0x428}, 0x1, 0x0, 0x0, 0x24000001}, 0x40800)

28.449604678s ago: executing program 1 (id=1429):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000400)=ANY=[@ANYBLOB="54020000170001000000000000000000200100000000000000000000000000010000000000000000ac141400000000000000000000000000fc020000000000000003000000000000e000000200001000000000000000000000000000000000080a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="1242ffff040000000000000000000037660b6aff00000000000000000000000000000000000000000200002000", @ANYRES32, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000e0270300000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000650d000000000000e1"], 0x254}}, 0x0)

28.351480497s ago: executing program 1 (id=1430):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x4000, &(0x7f0000000040)=ANY=[], 0xff, 0x60c0, &(0x7f000000d800)="$eJzs3U1vHVf9B/DfffC147RpVP1V5R+xcFMeWkrznEB5asqCBSxAQl2TyHWrlBRQEhCtIuLKC8QGeAmw6YZFJV4BL6CvASGxJVLSVReUQWOf44xvrn3tJp659vl8pJuZ35w7vmfyveOZ65m5EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/OD7PznXi4irv04Tjkc8FYOIfsSRul6KeuRKfv4wIk7EenM8FxGD+Yh6/vV/nom4GBEfH4u4/+DOcj35/C77cens7Zuf/fB7//jdH9dOvPPmTz8cb//x/1346Pd3I47/6NWPPrv7ZJYdAAAASlFVVdVLH/NPps/3/a47BQC0Im//qyRPV6vVavUTrf/Q38vznzradX/Vh7Ruqia72ywiYrU5T73P4HA8ABwwq/Fp112gQ/Iv2jAijnbdCWCm9bruAPvi/oM7y72Ub6+5PVjaaM9/p9yS/2pv8/qO7YbTjJ9j0tb7ay0G8ew2/TnSUh9mSc6/P57/1Y32UXrefufflu3yH21c+lScnP9gPP8xW/L/U0Qc2Pz7E/MvVc5/uJf8VwcHeP2XPwAAAAAAh1/++//xjo//zj/+ouzKTsd/l1rqAwAAAAAAAAA8aY97/79N7v8HAAAAM6v+rF7787GH07b7LrZ6+hu9iKfHng8UZqnx5YAAAAAAAAAAAAAAQDuGEYvpvP65iHh6cbGqqvrRNF7v1ePOf9CVvvxQsq5/yQMAwIaPj41dy9+LWIiIN9J3/c0tLi5W1VxELFZH5vP+7Gh+oTrS+Fybh/W0+dEudoiHo6r+YQuN+ZqmfV6e1j7+8+rXGlWDXXSsHR0GDgARsbE1um+LdMhU1TPR9V4OB4P1//Cx/rMbXb9PAQAAgP1XVVXVS1/nfTId8+933SkAoBV5+z9+XECtVquLqT/ZmDgz/VGr97Fuqia72ywiYrU5T73P4Hb8AHDArManXXeBDsm/aMOIONF1J4CZ1uu6A+yL+w/uLPdSvr3m9mBpoz2fC7Il/9Xe+nx5/knDacbPMWnr/bUWg3h2m/4811IfZknOvz+e/9WN9nyL/818FvYn/7Zsl3+9nMc76E/Xcv6D8fzH7Pf635a16E/Mv1Q5/+Ge8h/IHwAAAAAAZlj++/9xx3/zIgMAAAAAAADAgXP/wZ3lfN1rPv7/hQnP6zXHXP95aOT8e7vO3/W/h0nOvz+e/9gJOYPG+L3XH+b/yYM7yx/e/vf/5+HM5z83GNWvPdfrD4bpnJ9q7q24HjdiJc4+8vzhlvZzj7TPbWk/P6X9wiPto7r9SG4/Hcvxi7gRb262z085MWphSns1pT3nP7D+FynnP2w86vwXU3tvbFi790H/kfW+OZz0Olf++p8vP7p2tWG4pVqLweayNRyr/znVWp8eWv8/OTqKX91auXn6N9du3755LtJgy9TzkQZPWM5/Lj1y/i++sNGef+8319d7H4z2nP+sWIvhpPzX398vNMbr5X2p5b51Iec/So+cf94CTV7/D3L+E9f/9eV7uYP+AAAAAAAAAAAAAAAAwE6qqlq/RPRKRFxO1/90dW0mANCuvP2vkjxdre6g/tffZqs/arVavbXuzVh/PkfdVE32WrOIiL8356n3GX476YcBALPsvxHxz647QWfkX7D8fX/18ItddwZo1a333v/ZtRs3Vm7e6ronAAAAAAAAAMDnle//udS4//P6eUBj943ecv/X12PpwN7/sz8arN/rPC3Q87Hz/b9Pxc73/x5Oeb25Ke2jKe3zU9oXprRPvNCjIef/fMo4538yLVhJ9399sYP+dC3nfyrd6znn/5Wx5zXzr/5ykPPvb8n/zO13f3nm1nvvv3L93Wtvr7y98vNzZy9fvHDp4oVLl868df3GytmNfzvs8f7K+ed7XzsPtCw5/5y5/MuS8/9SquVflpT/5m6o/MuS1/+8vyf/suT882cf+Zcl5/9SquVflpz/V1Mt/7Lk/F9OtfzLkvP/WqrlX5ac/yupln9Zcv6nUy3/suT8z6Ra/mXJ+ecjXPIvS84/n9kg/7Lk/M+nWv5lyflfSLX8y5Lzv5hq+Zcl538p1fIvS87/cqrlX5ac/9dTLf+y5Py/kWr5lyXn/2qq5V+WnP83Uy3/suT8v5Vq+Zcl5//tVO+U/zst9ot25Py/k2rrf1ly/t9NtfzLkvN/LdXyL8vD7/83sueRxdnoRpsjVRUxA90wsu8jXf9mAgAAAAAAAAAAAADGtXE6cdfLCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRX27jVGrrO+H/izV6+TQPwnIYQQiO1cMGST3fUtMcFgrv809JIGQksLdYy9dgy+1buGBKFmaWgLAqmR2hf0RSkgQEhtlahCKpUoilSk9k1VXhVFlVArIdWVoDIRVKICtjpznufZmdnZmV3vrj1zzueD4p+9M2fmmTNnZve76DsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABotuNts380FEIo/mv8sS2E64q/bw2Hin8u7L/aKwQAAADW6+eNP//q+vyFQ6vYqOk6//iaf/n64uLiYvjgixd/8SeLi/mC7SGMbAmhcVnyTz/9yWLzdaKnw8TQcNO/h3vc/UiPy0d7XD7W4/LxHpdv6XH5RI/Ll+2AZbaWv49p3Ngdjb9uK3dpuDGMNS67o8NWTw9tGR5Ov8tpGGpsszh2PJwMp8JsmF62zVDjfyF8c0dxXw+GdF/DTfd1awjh0o8+fjStYSju4ztCy501ND93P3xL2P7ijz5+9KvzP3hlp9lzNyxbaQi7dhbr/GQIS7+uCkNhS94naZ3DTeu8tcM6R1rWOdTYrvh7+zovrXKd6XFPxHV+p8s6b41fe+L2EMJCWPE67Z4Ow+GatnvN+3uiPCKK2yieypeF0TUdJztWcZwU23z/9tbjpP2YTPt/R9wnoyusofnp+OEnxpft98s9TopH3Q/HanHbDxd3OjHR/KvVlmO1uM7H71z5GOj43HU4BvKx3HQM7Ox1DAyPjzSOgeGlNe9sOQZmlm0zHIYa93Xxzu7HwNT86XNTc09+7J6Tp4+cmD0xe2Zmev/ePfv27tm3b+r4yVOz0+Wfa9ulA+SaMJyPwZ3xvSYdg69tu27zIbn4xY17HUz0yeugeOzvuatY0HXDYYVjvLjOJ3et/3WQv+83vQ5Gm14HHd9TO7wORlfxOiiuc2nX6r5njjb912kNm/VeuK3pGLia3w+L+3z/61Z+L7w1rutTr1/r98ORZcdAelhD8bVXfCX/vDdxf9wvy4+LW4oLrh0PF+Zmz9/7xJH5+fMzIY4r4oam56r9eLmm6TGFZcfL8JqPl0N/+bO7bunw9W1xX03cvfRcjXd4Horr7J3s/lw13t0778+Wr+4OcWywK70/O303K/ZnzhJdjv3iOp+8Z/0/C+Zc0vT+N9br/W9kbLR8/xvJe2Os5f1v+VMz0lhZCJfuWd3731j870q//93YJ+9/xb56/73dj4HiOp+aWusxMNr1/e/2OIfiel4XE8NEU+7/RePyhfIwbXouex43o6Nj8bgZTffYetzsWbZNcWvFfe+avrzjZtftrc9Vy88tFTxuin31p9Pdj5viOs/PrP+9Y2v6a9N7x3ivY2BsZLxY71g+CMr3u8Wt6Ri4NxwNZ8OpcCxvUzzLxX1N7l7dMTAe/7vS7x0398kxUOyrz+3ufgwU1/n2no392WlX/Eq+TtPPTu2/X1gp898yunR77bttozN/sc637+3+u6HiOj/Yu9ac0X0/3R2/cm2H/dT++lnpmD4Wrsx+ujmu89S+7r+bKq5z4/5VHk+HQggvzLzQ+H1X/P3u31z416+3/N630++UX5h54aGpR767lvUDAHD5ftH4c2G8/Fmz6f+xXs3//w8AAAAMhJT7h+PM5H8AAACojJT7R+LM5H8AAACojJT7R+PMapL/H7//wLM/fyrkTwNcjNLlaTc8/KbyeqnjvRD/vX1xSfH1t3557NlPP7W6+x4OIfzsoVd1vP7jb0rrKp1L63xD69eXufm2Vd3/Y48uXa/58xMuHShvPz2e1R4Gqav8zandjdvd/uRMYz7/UGjMRxY+9XR5++W/0/Uv7imv/+fxQ0sOHR9q2X5XXM8dcW6Pnynz8KGl/VDMtN2zt77mH25479L9pe2Gdr608TA/93vl7abPiHrmhvL66XGvtP6//8zXni2u/8Sdndf/1HDn9V+Mt/v9OH96sLx+8z7/dNP6/yCuP91f2u7eL32r4/qfe0V5/eficfGFONvX/5Y/fvXPOz1f6X4OPVBul+5/+n/2NrZLt5duv339E0/NtOyP9tt//sXydg5+5McjzddPX0/3kzz2QOvxPRSf35YeeQjha38YWvZzeGO53d+1rT/d3rkHOq//7rZ1nhu6rbH90uPZ1vK4Pv+V3R0fb1rPob/e1vJ4nnlH3H8vTn27uN2Lj8TjMV7+v98pb6/9s0yfe0fr+026/he2la/bdHtTbet/pm39C7cV+673+h98sVz/c2/e0rL+Q++Mx9OD5ey1/hN/cX3L9l/8avl8nP/o5JmzcxdOHosPZlvb63jLxNZrrr3uJS+9Pr6Xtv/78Nn5x2fPb5/ePh3C9gH8yMDNXv+X4vzvcixs/D2Uvvvj8rj77LvK71uv/Un572fi1x+Lz2f6/vj5PxtrOV7bn/eFN5dzvet/fVzHar3iM/9xW4cv/+eyz/y9+IFvXvjb3/9B+88F6fGce/lE4/F9bsdNjcuGni8vb3+/6uXfX976uv7e6HRjfiPu18X4ycw7byrvr/3202eTfPbd5es3/SSXtg9tnyeybaT1cax3/d+LP8d86+bW9790fHzjqbZPc94WhoolLMT3h7BQXp6ulfb3Zy/d1PH+0ufwhIVXrmWZK5p7cm7q1MkzF56Ymp+dm5+ae/Jjh0+fvXBm/nDjs0sPf6jX9kuv72sar+9js/v3hsar/Ww5NtnVXv+5R48eu2/6rmOzx49cOD7/6LnZ8yeOzs0dnT02d9eR48dnP9pr+5PHDs7sPrDnvt2TJ04eO3j/gQN7DkyePHO2WEa5qB72T3948sz5w41N5g7uPTCzb9/e6cnTZ4/NHrxvenryQq/tG9+bJoutPzJ5fvbUkfmTp2cn505+bPbgzIH9+3f3/PTH0+eOz22fOn/hzNSFudnzU+Vj2T7f+HLxva/X9tTD3Nn4ftdmKP50/r679+fPxy18+RMr3lR5ldYfT8MP42dBpe9vvf6dcv9YnFlN8j8AAADUQcr98YP/ly6Q/wEAAKAyUu7fEmcm/wMAAEBlpNw/EWdWk/yv/6//r/+v/6//fwX7/0H/f6Pp/29I/385/f9V0f/X/9f/1/+nu37r/6fcvzWEWuZ/AAAAqIOU+6+JM5P/AQAAoDJS7r82zkz+BwAAgMpIuf+6OLN65P+x9r/q/+v/6/839//TdfX/g/6//v9l0v/X/+9G/1//f5DX34f9/636//Sbfuv/p9z/kjizeuR/AAAAqIWU+18aZyb/AwAAQGWk3H99nJn8DwAAAJWRcv+2OLOa5P8NPP//Z+JF+v/6/4Pe/z+djmPn/9f/1/9fP/1//f9u9P/1/wd5/X3Y/3f+f/pOv/X/U+7/f3FmNcn/AAAAUAcp978szkz+BwAAgMpIuf+GODP5HwAAACoj5f4b48xqkv83sP/v/P/6/1Xp/zed/1//v5n+v/7/5dD/1//vRv9f/3/j1z8Uf0zQ/++1vf4/V0K/9f9T7n95nFlN8j8AAADUQcr9N8WZyf8AAABQGSn3vyLOTP4HAACAyki5/+Y4s5rkf/1//X/9f/1//X/9/82k/6//343+v/7/IK9f/1//n976rf+fcv8r48xqkv8BAACgDlLuvyXOTP4HAACAyki5/1VxZvI/AAAAVEbK/bfGmdUk/+v/91X//8mg/7+8/z+s/6//X1pr/79hoff69f8312D1/4dXvET/v6T/30r/X/9f/1//n+76rf+fcv+r48xqkv8BAACgDlLuf02cmfwPAAAAlZFy/21xZvI/AAAAVEbK/dvjzGqS//X/+6r/7/z/zv+v/+/8/0v9//kh/f9VcP5//f+g/3/ZrnZ/ftDXr/+v/09v/db/T7l/R5xZTfI/AAAA1EHK/TvjzOR/AAAAqIyU+2+PM5P/AQAAoDJS7r8jzqwm+V///zL7/1tb/6n/33n9+v/6//r/zv+v/6//343+v/7/IK9f/391/f/xXjdEpfVb/z/l/jvjzGqS/wEAAKAOUu6/K85M/gcAAIDKSLn/tXFm8j8AAABURsr9u+LMapL/9f+d/1//X/9f/1//fzPp/6+6/7/1cta1Kf3/9Car/9+T/r/+/6D0/yc6bO/8/1wJ/db/T7n/dXFmNcn/AAAAUAcp978+zkz+BwAAgMpIuf/uODP5HwAAACoj5f7JOLOa5H/9f/1//X/9f/1//f/NVNX+f34fdf5//X/9f/3/Te7/f2WF7Qfl/P/UW7/1/1PuvyfOrCb5HwAAAOog5f5748zkfwAAAKiMlPun4szkfwAAAKiMlPun48xqkv+r3/9vbxaX9P9L+v/6/0H/X/9/k1W1/99+/v8Qgv6//n+m/6//32/n/+9E/58rYf39//G8SePPdfb/U+6fiTOrSf4HAACAOki5f3ecmfwPAAAAlZFy/544M/kfAAAAKiPl/r1xZjXJ/9Xv/3em/1/S/9f/D/r/+v+brC79f+f/Ly/X/y/p/+v/6//r/9fRcIevrb//v7RJ48919v9T7t8XZ1aT/A8AAAB1kHL//jgz+R8AAAAqI+X+++LM5H8AAACojJT7748zq0n+1//X/9f/1//v3/5/6/1vXv//v/T/N5H+v/5/N/r/+v+DvH79f/1/etvY/v/16+7/p9x/IM6sJvkfAAAA6iDl/jfEmcn/AAAAUBkp9z8QZyb/AwAAwEDpdB7CJOX+N8aZ1ST/6/9Xvf+/uEX/X/9/cPv/rfvT+f/1/zuJb5/6/6tUr/7/1mX3p//f6mr35wd9/fr/+v/0trH9/2U/nq65/59y/8E4s5rkfwAAAKiDlPvfFGcm/wMAAEBlpNz/5jgz+R8AAAAqI+X+Q3FmNcn/+v9V7//33/n/h8Lg9v9H9f/1//X/18z5//X/u3H+/8Hs/6fP3dD/75/+f3EM6f/Tj/qt/59y/1vizGqS/wEAAKAOUu5/a5yZ/A8AAACVkXL/2+LM5H8AAACojJT73x5nVpP8r/+v/+/8/87/r/+v/7+Z9P/1/7vR/x/M/n+i/98//X/n/6df9Vv/P+X+d8SZ1ST/AwAAQB2k3P/OODP5HwAAACoj5f7/H2cm/wMAAEBlpNz/YJxZTfJ/hfr/Y3Hq/+v/6//r/zfo//cH/X/9/270//X/B3n9+v/6//TWb/3/lPt/Kc6sJvkfAAAA6iDl/ofizOR/AAAAqIyU+98VZyb/AwAAQGWk3P/LcWY1yf8V6v+X+vT8/8P59vX/9f/1//X/9f830oD2/yf0/0v6//r/g7x+/X/9f3rrt/5/yv2/EmdWk/wPAAAAdZBy/6/Gmcn/AAAAUBkp9/9anJn8DwAAAJWRcv/DcWY1yf/6/87/r/+v/9+3/f/R1v2p/6//38mA9v+d/z/S/9f/H+T16//r/9Nbv/X/U+7/9TizmuR/AAAAqIOU+x+JM5P/AQAAoDJS7n93nJn8DwAAAJWRcv974sxqkv/1//X/9f/1//u2/9+2P/X/+7X//29dL9X/1//vRv9f/3+Q16//r/9Pb/3W/0+5/9E4s5rkfwAAAKiDlPvfG2cm/wMAAEBlpNz/G3Fm8j8AAABURsr9vxlnNpj5f3itG+j/6//r/+v/r7r/vxBC0P/X/18j/f/l/f/iPexq9v/HV3NF/f9V0f/X/9f/1/+nu37r/6fc/744s8HM/wAAAEAHKff/VpyZ/A8AAACVkXL/b8eZyf8AAABQGSn3vz/OrCb5X/9f/1//X//f+f/1/zeT/n+9zv8/HvT/g/6//r/+v/4/Wb/1/1Pu/0CcWU3yPwAAANRByv2/E2cm/wMAAEBlpNx/OM5M/gcAAIDKSLn/sTizmuR//f+r1P/fWl5f/1//vzr9/0X9f/3/jvT/69X/d/7/kv6//r/+v/4/pX7r/6fcfyTOrCb5HwAAAOog5f4PxpnJ/wAAAFAZKfcfjTOT/wEAAKAyUu4/FmdWk/yv/+/8//r/+v/O/6//v5n0//X/u9H/1/8f5PXr/+v/01u/9f9T7p+NM6tJ/gcAAIA6SLn/eJyZ/A8AAACVkXL/iTgz+R8AAAAqI+X+x+PMapL/9f/1/1fV/x8L+v/6//r/+v+XRf9f/78b/X/9/0Fev/6//j+9bVz//583pP+fcv/JOLOa5H8AAACog5T7PxRnJv8DAABAZaTc/+E4M/kfAAAAKiPl/lNxZjXJ//r/+v/O/1/B/v+o/n/Q/+8b+v/6/93o/+v/D/L69f/1/+ltKGxU/z9sSP8/5f7TcWY1yf8AAABQByn3n4kzk/8BAACgMlLuPxtnJv8DAABAZaTcfy7OrCb5X/9f/1//v4L9f+f/b9D/7w/6//r/3ej/6/8P8vr1//X/6W3jzv+/Mf3/lPt/N86sJvkfAAAA6iDl/v9j7z6a5LyrPY63riWPVK5bd3X3vAV27OAd+DWwYUuRc44GTE4m55yTiSbnnIPJORlMBkOVKWvOOfZIPd2t0fT08/zP57PgMGaseayhxvUr1beee8ct9j8AAAAMI3f/feIW+x8AAACGkbv/vnFLk/2v/9f/6//1//p//f826f/1/6vo/+fT/59Z8vfr//X/+n/WmVr/n7v/fnFLk/0PAAAAHeTuv3/cYv8DAADAMHL3PyBusf8BAABgGLn7Hxi3NNn/+n/9v/5/Mv3/fuen/9f/6/8vif5f/7/Ydf9/Lj4YvP9fRv+v/9f/s87U+v/c/Q+KW5rsfwAAAOggd/+D4xb7HwAAAIaRu/8hcYv9DwAAAMPI3f/QuKXJ/tf/6//H7f/35tb/e/9/fl9H7P9P3f5l9f/HS/+v/1/suv9v8v7/ZfT/+n/9P+tMrf/P3f+wuKXJ/gcAAIAOcvc/PG6x/wEAAGAYufsfEbfY/wAAADCM3P2PjFua7H/9v/5/3P5/du//1//n93WI/v9c/Tre/6//1/8fTv+v/5/z8+v/9f+sN7X+P3f/o+KWJvsfAAAAOsjd/+i4xf4HAACAYeTuf0zcYv8DAADAMHL3PzZuabL/9f/6f/2//l//fwLv/9f/6//1/0vp//X/c35+/b/+n/Wm1v/n7n9c3NJk/wMAAEAHufsfH7fY/wAAADCM3P1PiFvsfwAAABhG7v4nxi1N9v+l9f+n9P+H0P8vf379v/5f/6//1//r/1fR/+v/5/z8+n/9P+ttvf+/+przd9P+P3f/NXFLk/0PAAAAHeTuf1LcYv8DAADAMHL3Pzlusf8BAABgGLn7nxK3NNn/S/r/KxYzfv//2c2+tP4/vv7B/v/WU/p//f80+/9b4qeM/l//f7F59/9n9f876//39P8r+/nNfif0//p//T/rbL3/X9P7X/hx7v5r45Ym+x8AAAA6yN3/1LjF/gcAAIBh5O5/Wtxi/wMAAMAwcvc/PW5psv8v7f3/0+//vf9/t+//z193C/3/mWXPr//v0v/v8/5//f8y8+7/vf9/i/3/PfI30/v/D7frfn7uz7+q/7/rBs+v/6eDqfX/ufufEbc02f8AAADQQe7+Z8Yt9j8AAAAMI3f/s+IW+x8AAACGkbv/2XFLg/1/Wv9fz5H0/97/v1H/f27/79f/H3we/b/+fxn9v/5/ld29/1//v5hAPz/35/f+//X9/1XrfhGGN7X+P3f/c+KWBvsfAAAAusjd/9y4xf4HAACAYeTuf17cYv8DAADAMHL3Pz9uabL/9f/6f/2/9/9fVv9/xTb6/9NLfz/1//r/ZfT/+v+F/v/Idt3Pz/359f/e/896U+v/c/dfF7fU8Dt9hH9KAAAAYEpy978gbmny5/8AAADQQe7+F8Yt9j8AAAAMI3f/i+KWJvtf/6//1//r/73/X/+/Tfr/4fr/U/r/2+n/9f/6f/0/q02t/8/d/+K4pcn+BwAAgA5y978kbrH/AQAAYBi5+18at9j/AAAAMIzc/S+LW5rsf/2//l//r//X/+v/t0n/P1z/7/3/d6D/1//r//X/rDa1/j93/8vjlib7HwAAADrI3f+KuMX+BwAAgGHk7n9l3GL/AwAAwDBy978qbpnd/r+woN2M/l//r//X/+v/9f/bNP3+/8xGn6X/36f/P2hb/f/ZQ76e/n9az388/X9+9/X/jGkC/f/d7vhx7v5Xxy2z2/8AAADAYXL3vyZusf8BAABgGLn7Xxu32P8AAAAwjNz9r4tbmuz/w/r/m6/a/9/X9P/5G6b/j6v/1/8v9P9F/6//X8yi/9+M/n+f/v8g7//X/3v/v/6f1SbQ/x/4OHf/6+OWJvsfAAAAOsjd/4a4xf4HAACAYeTuf2PcYv8DAADAMHL3vyluabL/vf9f/6//1//r//X/26T/1/+vMqP+f2/ZX9T/6//1//p/Vpta/5+7/81xS5P9DwAAAB3k7n9L3GL/AwAAwDBy9781brH/AQAAYBi5+98WtzTZ//p//f/O+///GbL/P/+I+n/9v/5f/6//X21G/f9S+n/9v/5f/89qU+v/c/e/PW5psv8BAACgg9z974hb7H8AAAAYRu7+d8Yt9j8AAAAMI3f/u+KWJvtf/6//33n/7/3/Rf8f31f9v/7/Euj/9f8L/f+R7bqfn/vz6//1/6w3tf4/d/+745Ym+x8AAAA6yN3/nrjF/gcAAIBh5O6/Pm6x/wEAAGAYufvfG7c02f/6f/2//l//r//X/2+T/l//v8rJ9v/X3qz/P2jX/fzcn1//r/9nvan1/7n73xe3NNn/AAAA0EHu/vfHLfY/AAAADCN3/wfiFvsfAAAAhpG7/4NxS5P9r/+fe/9/95viCabW/+en6P/1/yv7/73FxfT/+v9Lof/X/y+28v7/C39SLKf/1//r//X/rHZi/f89r77XXW77L2v6/9z9H4pbmux/AAAA6CB3/w1xi/0PAAAAw8jd/+G4xf4HAACAYeTu/0jc0mT/9+j/z1z0aeP0/97/r/+fdP+fP1S9/1//r//X/y813f5/M/p//b/+X//PalN7/3/u/o/GLU32PwAAAHSQu/9jcYv9DwAAAMPI3f/xuMX+BwAAgGHk7v9E3NJk//fo/y+m/9937P3/rf+n/9f/l03e/6//1/9fLv2//n+h/z+yXffzc3/+ofv/Uwv9P8diav1/7v5Pxi1N9j8AAAB0kLv/U3GL/Q8AAADDyN3/6bjF/gcAAIBh5O7/TNxw5//d3SOdKP2//t/7//X/+n/9/zbp/4/Q/586vfFz6f/36f+PZtf9/Nyff+j+3/v/OSZT6/9z9382bvHn/wAAADCM3P2fi1vsfwAAABhG7v7Pxy32PwAAAAxgv3fP3f+FuKXJ/l/T/+/l5x25/z93+NfW/+v/F/p//b/+X/9/mYbs/y+B/n+f/v9odt3Pz/35Z9f/X3/wQ/0/J2FJ/3/+J/Gu+v/c/V+MW5rsfwAAAOggd/+X4hb7HwAAAIaRu//LcYv9DwAAAMPI3f+VuKXJ/l/a/+95/7/+X/+v/1/o//X/x0L/r/9fRf+v/5/z88+u/7+A/p+TMLX3/+fu/2rc0mT/AwAAQAe5+78Wt9j/AAAAMIzc/V+PW+x/AAAAGEbu/m/ELU32/5r3/+v/N/tH0f/r/5f+/0H/r//fsP8/s9D/H5n+X/+/0P8f2a77+bk//+X0/+f0/zQxtf4/d/8345Ym+x8AAAA6yN3/rbjF/gcAAIBh5O7/dtxi/wMAAMAwcvd/J25psv9H7v9XfZr+f5/+X/+/0P9Pof/3/v/LoP/X/y/0/0e2635+7s/v/f/6f9abWv+fu/+7cUuT/Q8AAAAd5O7/Xtxi/wMAAMAwcvffuFjcYP8DAADAmG48/59nF9+PW5rs/5H7/1X0//v0//r/hf5f/79l+n/9/yr6f/3/nJ9f/6//Z72p9f+5+38QtzTZ/wAAANBB7v4fxi32PwAAAAwjd/+P4hb7HwAAAIaRu//HcUuT/a//1//r//X/+n/9/zbp//X/q+j/9f9zfn79v/6f9abW/+fu/0nc0mT/AwAAQAe5+38at9j/AAAAMIzc/T+LW+x/AAAAGEbu/p/HLU32v/5f/6//1//r//X/26T/1/+vov/X/8/5+fX/+n/Wm1r/n7v/F3FLk/0PAAAAHeTu/2XcYv8DAADAMHL3/ypusf8BAABgGLn7fx23NNn/+v/bnuNc/XX9v/5f/6//T/r/49G2/7/tX6v6/7X0//r/OT+//l//z3pT6/9z9/8mbmmy/wEAAKCD3P2/jVvsfwAAABhG7v7fxS32PwAAAAwjd//v45Ym+1//7/3/+n/9/zz6/yv1//r/pSbb/3v//0b0//r/OT+//l//z3pT6/9z998UtzTZ/wAAANBB7v4/xC32PwAAAAwjd/8f4xb7HwAAAIaRu//muKXJ/tf/6/+H7P/39P/j9f/e/z/L/v9O+n/9/2r6f/3/nJ9f/6//Z72p9f+5+/8UtzTZ/wAAANBB7v4/xy32PwAAAAwjd/9f4hb7HwAAAIaRu/+vcUuT/a//1/8P2f97/7/+X/8/Gfp//f8q+n/9/5yfX/+v/2e9qfX/ufv/Frc02f8AAADQQe7+v8ct9j8AAAAMI3f/P+IW+x8AAACGkbv/n3FLk/2v/9f/6//1//p//f826f/n2/9fuThC/3/dQv+v/9f/6//1/5Sp9f+5+/8VtzTZ/wAAANBB7v5b4pal+///T+ipAAAAgOOUu//fcYs//wcAAIBh5O7/T9zSZP/r//X/+n/9v/5f/79N+v/59v/e/7+e/l//r//X/7Pa1Pr/3P3/DQAA///E7/7M")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8})

27.570167758s ago: executing program 1 (id=1432):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, &(0x7f0000000480)=ANY=[@ANYBLOB="00000c000000070001"], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000180)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000001200)={0x84, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x20, 0x0, 0x4, {0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)

27.351566962s ago: executing program 1 (id=1438):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00'})
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x4c, r2, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x38, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_FLAGS={0xc}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_TIMEOUT={0x8}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0x6}]}]}, 0x4c}}, 0x0)
getsockopt$IP_VS_SO_GET_DESTS(r1, 0x0, 0x484, &(0x7f00000000c0)=""/24, &(0x7f0000000100)=0x18)

27.126464272s ago: executing program 33 (id=1438):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00'})
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x4c, r2, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x38, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_FLAGS={0xc}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_TIMEOUT={0x8}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0x6}]}]}, 0x4c}}, 0x0)
getsockopt$IP_VS_SO_GET_DESTS(r1, 0x0, 0x484, &(0x7f00000000c0)=""/24, &(0x7f0000000100)=0x18)

6.971041921s ago: executing program 3 (id=1634):
io_setup(0x3, &(0x7f0000000600)=<r0=>0x0)
r1 = userfaultfd(0x801)
io_submit(r0, 0x1, &(0x7f00000001c0)=[&(0x7f0000000080)={0x0, 0x0, 0x10, 0x1, 0x0, r1, 0x0, 0x0, 0x4}])

6.670373506s ago: executing program 3 (id=1636):
r0 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f00000001c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000640)="80", 0x26892}], 0x1}, 0xfc)
sendmsg$inet(r0, &(0x7f0000000680)={&(0x7f0000000000)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10, &(0x7f0000000540)=[{&(0x7f0000000240)="f9", 0x1}], 0x1}, 0x4000080)
sendmsg$inet(r0, &(0x7f0000000500)={&(0x7f0000000080)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000200)="cd", 0x1}], 0x1}, 0x240448c4)

5.750944766s ago: executing program 3 (id=1644):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000002140)={'wg2\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=@ipv6_newnexthop={0x3c, 0x68, 0x1, 0x0, 0x800, {}, [@NHA_ENCAP_TYPE={0x6, 0x7, 0x3}, @NHA_OIF={0x8, 0x5, r1}, @NHA_ENCAP={0x14, 0x8, 0x0, 0x1, @LWTUNNEL_IP6_OPTS={0x10, 0x8, @LWTUNNEL_IP_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, @LWTUNNEL_IP_OPT_VXLAN_GBP={0x8, 0x1, 0xfff}}}}]}, 0x3c}}, 0x0)

5.660188783s ago: executing program 3 (id=1646):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000680)={[{@nodioread_nolock}, {@init_itable}, {@noload}]}, 0x3, 0x470, &(0x7f0000001240)="$eJzs3MtvG1UXAPAzkzj98qUloZRXyyNQEBWPpGkLdMECEEgsioQEC1haSVqVpi1qjESrSKQsygohJPaIJf8CK9ggxAqJLexRpQp1Q8vKaOyZxHZsp2nsuMW/n+T23Hn43uOZa9+ZayeAoTWd/ZNE7I6I3yNisl5s3mC6/t+N6yvzN6+vzCdRrb77V1Lb7u/rK/PFpsV+E42FSOJAm3qXL146U15aWryQl2crZz+aXb546YXTZ8unFk8tnjty/Pixo3Mvv3TkxZ7kORFpHr31wVdvn/iiKf+WPHpkutvKp6vVHlc3WHsa4tEBtoOtGcmPV6nW/ydjpOHoTcabn60VPh1QA4G+qVar1YnOq1erwH9YEs1lXR6GRfFBX1z/trsOfrVvo4/Bu/Za/QIoy/tG/qivGV27Y1Bqub7tpemIeH/1n2+yR/TnPgQAQJMfsvHP89loZ2U+G3usjz/SeKBhu3vyuaGpiLg3IvZGxH1xLvZFxP0RtW0fjIiHtlh/6yTJxvFPevW2ErtF2fjvlXxuq3n8V4z+YmokL+2p5V9KTp5eWjycvyaHorQrK891qePHN377stO6xvFf9sjqL8aCeTuuju5q3mehXClvJ+dG1y5H7B9tl3+yNhOQRMTDEbG/3ROkm9dx+tnvHum0bvP8u+jBRFP124hn6sd/NVryLyTd5ydn/xdLi4dni7Nio19+vfJOp/q3lX8PZMf//23P/7X8p5LG+drlrddx5Y/PO17TTJfyYAvn/2q5Uh5L3qvFY/myT8qVyoW5iLHkRL3RjcuPrO9blIvts/wPHWzf//fG+itxICKyk/jRiHgsIh7Pj90TEfFkRBzskv/Prz/1Yeuy8SL/O+D4L2zp+K8HY9G6pH0wcuan75sqnVoP8/xvdn//O1aLDuVLbuX971badXtnMwAAANx90ojYHUk6sxan6cxM/Tv8+yLSpfPLledOnv/43EL9NwJTUUqLO12TDfdD5/LL+nr5ckTUv1pQrD8aae2+8dcj47XyzPz5pYVBJw9DbqJD/8/8OTLo1gF95wdbMLz0fxheXft/aefaAey8Df2/a5/f1de2ADurzef/+CDaAey8duN/f+8HhkNL/zftB0PE/X8YXvo/DC/9H4bS8nhs/iP5rkHxTLe5+2bBZMR2WziYIEp3RDP6FkTa9yrG+ntq9S1I7sI2bwgG954EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQS/8GAAD//3hZ0MA=")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2081413, 0x0, 0x1, 0x0, &(0x7f0000000080))
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000001100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}], [], 0x2c})
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x90)
getdents(r0, &(0x7f0000000040)=""/61, 0x3d)

5.516098559s ago: executing program 3 (id=1650):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
close(0x3)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
timer_create(0x0, 0x0, &(0x7f0000000300)=<r2=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r2, 0x1, &(0x7f0000000040)={{0x77359400}, {0x77359400}}, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f0000000000)=[@in6={0xa, 0x4e21, 0xd777ec1f, @dev={0xfe, 0x80, '\x00', 0x1c}, 0x4}], 0x1c)
setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, 0x0, 0x0)

4.140039492s ago: executing program 3 (id=1658):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0xc0042, 0x1)
close(r0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1})
r2 = socket$xdp(0x2c, 0x3, 0x0)
mount$9p_fd(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000480), 0x84, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})

4.06842876s ago: executing program 34 (id=1658):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0xc0042, 0x1)
close(r0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1})
r2 = socket$xdp(0x2c, 0x3, 0x0)
mount$9p_fd(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000480), 0x84, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})

2.457083906s ago: executing program 0 (id=1670):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
mlock2(&(0x7f0000549000/0x1000)=nil, 0x1000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@bloom_filter={0x1e, 0x0, 0x7, 0x6, 0x0, 0xffffffffffffffff, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x9}, 0x50)
ioctl$sock_inet_SIOCSIFDSTADDR(r3, 0x8918, &(0x7f0000000040)={'ipvlan0\x00', {0x2, 0x4e20, @loopback}})
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

1.81028529s ago: executing program 4 (id=1674):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x80)
r1 = syz_open_procfs(0x0, &(0x7f0000000180)='task\x00')
fchdir(r1)
write$cgroup_int(r0, &(0x7f0000000040)=0x800000000001c8, 0x12)

1.609397518s ago: executing program 4 (id=1675):
unshare(0x22020400)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000100)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x3d}]}, &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0xf, 0x4, 0x8, 0xb}, 0x50)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)={@map=r1, r0, 0x7}, 0x10)

1.508483706s ago: executing program 4 (id=1676):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x80040)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, &(0x7f0000000100)={{0x80}, {0x5, 0x5}, 0xf, 0x3, 0xe5})

1.389730733s ago: executing program 4 (id=1677):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bond0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001400)=@newlink={0x4c, 0x10, 0x49920d862a92153b, 0x800, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1b400}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x6}, @IFLA_BOND_MIIMON={0x8}]}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x4c}}, 0x0)

1.105833007s ago: executing program 0 (id=1678):
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_INIT(r0, 0x29, 0xc8, &(0x7f0000000340), 0x4)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1, 0x4, 0x0, 0x1002005}, 0xc)
setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, &(0x7f0000000000)=0x9, 0x4)

399.397709ms ago: executing program 4 (id=1679):
sched_setscheduler(0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x7ffe, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x3}, 0x0)
ioprio_set$pid(0x1, 0x0, 0x0)
add_key(&(0x7f00000018c0)='big_key\x00', &(0x7f0000001900)={'syz', 0x1}, &(0x7f0000001940)='\f', 0xfffff, 0xfffffffffffffffe)
syz_io_uring_setup(0x4d7, 0x0, 0x0, 0x0)

230.32675ms ago: executing program 4 (id=1680):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000fdc01a40f30c74933bbc0000000109021b0001000000000904000001a7a00f00090582020002"], 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x0, 0x0)

230.012862ms ago: executing program 0 (id=1681):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f00000014c0)={0xf})

148.10469ms ago: executing program 0 (id=1682):
r0 = socket$packet(0x11, 0x3, 0x300)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000100)={'bridge0\x00', &(0x7f0000002fc0)=@ethtool_link_settings={0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, [0x0, 0x10, 0x0, 0x0, 0x400000]}})

83.711664ms ago: executing program 0 (id=1683):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/disk', 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/disk', 0x121a02, 0x0)
sendfile(r1, r0, &(0x7f0000002700)=0x1, 0x8)

0s ago: executing program 0 (id=1684):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
setpgid(r0, r0)
setpgid(0x0, r0)
wait4(r0, 0x0, 0x2, 0x0)
tkill(r0, 0x3)

kernel console output (not intermixed with test programs):

s_on+0x9c/0x150
[  127.237245][ T5920]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  127.237271][ T5920]  ? rcu_is_watching+0x15/0xb0
[  127.237283][ T5920]  wb_writeback+0x43b/0xaf0
[  127.237294][ T5920]  ? queue_io+0x301/0x590
[  127.237304][ T5920]  ? __pfx_wb_writeback+0x10/0x10
[  127.237315][ T5920]  ? _raw_spin_unlock_irq+0x23/0x50
[  127.237325][ T5920]  wb_workfn+0x409/0xef0
[  127.237343][ T5920]  ? __pfx_wb_workfn+0x10/0x10
[  127.237355][ T5920]  ? __lock_acquire+0xab9/0xd20
[  127.237370][ T5920]  ? process_scheduled_works+0x9ef/0x17b0
[  127.237384][ T5920]  ? _raw_spin_unlock_irq+0x23/0x50
[  127.237391][ T5920]  ? process_scheduled_works+0x9ef/0x17b0
[  127.237401][ T5920]  ? process_scheduled_works+0x9ef/0x17b0
[  127.237412][ T5920]  process_scheduled_works+0xae1/0x17b0
[  127.237438][ T5920]  ? __pfx_process_scheduled_works+0x10/0x10
[  127.237456][ T5920]  worker_thread+0x8a0/0xda0
[  127.237469][ T5920]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  127.237480][ T5920]  ? __kthread_parkme+0x7b/0x200
[  127.237492][ T5920]  kthread+0x711/0x8a0
[  127.237502][ T5920]  ? __pfx_worker_thread+0x10/0x10
[  127.237513][ T5920]  ? __pfx_kthread+0x10/0x10
[  127.237522][ T5920]  ? _raw_spin_unlock_irq+0x23/0x50
[  127.237529][ T5920]  ? lockdep_hardirqs_on+0x9c/0x150
[  127.237537][ T5920]  ? __pfx_kthread+0x10/0x10
[  127.237545][ T5920]  ret_from_fork+0x4bc/0x870
[  127.237558][ T5920]  ? __pfx_ret_from_fork+0x10/0x10
[  127.237571][ T5920]  ? __switch_to_asm+0x39/0x70
[  127.237580][ T5920]  ? __switch_to_asm+0x33/0x70
[  127.237588][ T5920]  ? __pfx_kthread+0x10/0x10
[  127.237596][ T5920]  ret_from_fork_asm+0x1a/0x30
[  127.237613][ T5920]  </TASK>
[  127.237641][ T5920] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  127.588281][ T5740] plantronics 0003:047F:FFFF.0003: reserved main item tag 0xd
[  127.624114][ T5740] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  127.876970][ T5740] usb 2-1: USB disconnect, device number 10
[  127.998179][ T7379] loop3: detected capacity change from 0 to 32768
[  128.007427][ T7379] jfs_mount: dbMount failed w/rc = -22
[  128.013934][ T7379] Mount JFS Failure: -22
[  128.203806][ T7400] loop3: detected capacity change from 0 to 256
[  128.231698][ T7400] FAT-fs (loop3): Directory bread(block 64) failed
[  128.233711][ T7400] FAT-fs (loop3): Directory bread(block 65) failed
[  128.241197][ T7400] FAT-fs (loop3): Directory bread(block 66) failed
[  128.243212][ T7400] FAT-fs (loop3): Directory bread(block 67) failed
[  128.245179][ T7400] FAT-fs (loop3): Directory bread(block 68) failed
[  128.247183][ T7400] FAT-fs (loop3): Directory bread(block 69) failed
[  128.256960][ T7400] FAT-fs (loop3): Directory bread(block 70) failed
[  128.259768][ T7400] FAT-fs (loop3): Directory bread(block 71) failed
[  128.262019][ T7400] FAT-fs (loop3): Directory bread(block 72) failed
[  128.263943][ T7400] FAT-fs (loop3): Directory bread(block 73) failed
[  128.393541][ T7412] netlink: 8 bytes leftover after parsing attributes in process `syz.3.571'.
[  128.396546][ T7412] netlink: 8 bytes leftover after parsing attributes in process `syz.3.571'.
[  128.401330][ T7412] netlink: 8 bytes leftover after parsing attributes in process `syz.3.571'.
[  128.404819][ T7412] netlink: 8 bytes leftover after parsing attributes in process `syz.3.571'.
[  128.408172][ T7412] netlink: 8 bytes leftover after parsing attributes in process `syz.3.571'.
[  128.411442][ T7412] netlink: 8 bytes leftover after parsing attributes in process `syz.3.571'.
[  128.415242][ T7412] netlink: 8 bytes leftover after parsing attributes in process `syz.3.571'.
[  128.418194][ T7412] netlink: 8 bytes leftover after parsing attributes in process `syz.3.571'.
[  128.421386][ T7412] netlink: 8 bytes leftover after parsing attributes in process `syz.3.571'.
[  128.575397][ T7426] erofs (device nbd3): cannot find valid erofs superblock
[  128.620640][  T794] IPVS: starting estimator thread 0...
[  128.709401][ T7431] IPVS: using max 64 ests per chain, 153600 per kthread
[  128.990742][ T7442] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  129.380183][ T7444] loop1: detected capacity change from 0 to 4096
[  129.633279][ T7459] loop1: detected capacity change from 0 to 256
[  129.753207][ T7467] loop3: detected capacity change from 0 to 256
[  129.783491][ T7467] FAT-fs (loop3): Directory bread(block 64) failed
[  129.785725][ T7467] FAT-fs (loop3): Directory bread(block 65) failed
[  129.789318][ T7467] FAT-fs (loop3): Directory bread(block 66) failed
[  129.791479][ T7467] FAT-fs (loop3): Directory bread(block 67) failed
[  129.793507][ T7467] FAT-fs (loop3): Directory bread(block 68) failed
[  129.795526][ T7467] FAT-fs (loop3): Directory bread(block 69) failed
[  129.812565][ T7467] FAT-fs (loop3): Directory bread(block 70) failed
[  129.814584][ T7467] FAT-fs (loop3): Directory bread(block 71) failed
[  129.816620][ T7467] FAT-fs (loop3): Directory bread(block 72) failed
[  129.818614][ T7467] FAT-fs (loop3): Directory bread(block 73) failed
[  130.033045][ T7479] loop3: detected capacity change from 0 to 1024
[  130.074516][ T7483] capability: warning: `syz.1.603' uses 32-bit capabilities (legacy support in use)
[  130.350907][ T7499] unsupported nla_type 52263
[  130.400271][ T7502] loop3: detected capacity change from 0 to 64
[  130.416623][ T7502] syz.3.612: attempt to access beyond end of device
[  130.416623][ T7502] loop3: rw=2049, sector=268435468, nr_sectors = 2 limit=64
[  131.353383][ T7522] netlink: 'syz.0.621': attribute type 26 has an invalid length.
[  131.369539][ T5883] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  131.559765][ T5883] usb 4-1: Using ep0 maxpacket: 8
[  131.614480][ T5883] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  131.635125][ T5883] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.737559][ T5883] pvrusb2: Hardware description: Terratec Grabster AV400
[  131.741033][ T5883] pvrusb2: **********
[  131.742871][ T5883] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  131.747538][ T5883] pvrusb2: Important functionality might not be entirely working.
[  131.751260][ T5883] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  131.756178][ T5883] pvrusb2: **********
[  131.881702][ T7527] loop0: detected capacity change from 0 to 8192
[  131.942799][ T2396] pvrusb2: Invalid write control endpoint
[  131.954706][ T7529] loop0: detected capacity change from 0 to 256
[  131.975226][   T33] audit: type=1800 audit(1759223775.302:14): pid=7529 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.624" name="file0" dev="loop0" ino=1048617 res=0 errno=0
[  132.040164][ T2396] pvrusb2: Invalid write control endpoint
[  132.042614][ T2396] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  132.046312][ T2396] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  132.131625][ T2396] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  132.147750][ T2396] pvrusb2: Device being rendered inoperable
[  132.152763][ T2396] cx25840 2-0044: Unable to detect h/w, assuming cx23887
[  132.159839][ T2396] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  132.171666][ T2396] pvrusb2: Attached sub-driver cx25840
[  132.174058][ T2396] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  132.182911][ T2396] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  132.271705][ T5740] usb 4-1: USB disconnect, device number 8
[  132.529151][   T10] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  132.574900][ T1361] ieee802154 phy0 wpan0: encryption failed: -22
[  132.577529][ T1361] ieee802154 phy1 wpan1: encryption failed: -22
[  132.681362][   T10] usb 2-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  132.684930][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.690837][   T10] usb 2-1: config 0 descriptor??
[  132.702290][   T10] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  133.369370][   T10] gspca_stv06xx: vv6410 sensor detected
[  133.653751][   T10] STV06xx 2-1:0.0: probe with driver STV06xx failed with error -71
[  133.673121][   T10] usb 2-1: USB disconnect, device number 11
[  133.961296][ T7553] __nla_validate_parse: 64 callbacks suppressed
[  133.961356][ T7553] netlink: 8 bytes leftover after parsing attributes in process `syz.0.633'.
[  134.108778][ T7557] loop3: detected capacity change from 0 to 512
[  134.113143][ T7557] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  134.137655][ T7557] EXT4-fs (loop3): 1 truncate cleaned up
[  134.166319][ T7557] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.250747][ T7557] EXT4-fs (loop3): shut down requested (2)
[  134.940508][   T24] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[  135.104364][   T24] usb 4-1: config 4 has an invalid interface number: 231 but max is 0
[  135.107306][   T24] usb 4-1: config 4 has no interface number 0
[  135.113931][   T24] usb 4-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d
[  135.116807][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  135.119470][   T24] usb 4-1: Product: syz
[  135.121131][   T24] usb 4-1: Manufacturer: syz
[  135.122781][   T24] usb 4-1: SerialNumber: syz
[  135.140409][   T24] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state.
[  135.350595][   T24] vp7045: USB control message 'out' went wrong.
[  135.352703][   T24] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  135.355774][   T24] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19)
[  135.389289][   T24] usb 4-1: USB disconnect, device number 9
[  135.636731][ T7584] loop1: detected capacity change from 0 to 512
[  135.639318][ T7584] EXT4-fs: Ignoring removed mblk_io_submit option
[  135.641355][ T7584] EXT4-fs: Ignoring removed mblk_io_submit option
[  135.648404][ T7584] EXT4-fs (loop1): Test dummy encryption mode enabled
[  135.652240][ T7584] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  135.663752][ T7584] EXT4-fs (loop1): 1 truncate cleaned up
[  135.667122][ T7584] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.714409][ T5846] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.868308][ T6129] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.889100][ T5883] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  135.947261][ T7598] loop3: detected capacity change from 0 to 16
[  135.950257][ T7598] erofs (device loop3): unidentified incompatible feature 1000000, please upgrade kernel
[  136.062657][ T5883] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  136.065433][ T5883] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.070672][ T5883] usb 1-1: config 0 descriptor??
[  136.074222][ T5883] cp210x 1-1:0.0: cp210x converter detected
[  136.491626][ T5883] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32
[  136.499656][ T5883] usb 1-1: cp210x converter now attached to ttyUSB0
[  136.702040][   T10] usb 1-1: USB disconnect, device number 11
[  136.719396][   T10] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  136.734586][   T10] cp210x 1-1:0.0: device disconnected
[  136.877770][ T7609] loop1: detected capacity change from 0 to 32768
[  136.881570][ T7609] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.656 (7609)
[  136.906244][ T7609] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  136.910294][ T7609] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  137.044577][ T7609] BTRFS info (device loop1): setting nodatasum
[  137.049970][ T7609] BTRFS info (device loop1): enabling ssd optimizations
[  137.052058][ T7609] BTRFS info (device loop1): disabling tree log
[  137.058654][ T7609] BTRFS info (device loop1): enabling free space tree
[  137.062157][ T7609] BTRFS info (device loop1): enabling auto defrag
[  137.182486][ T5846] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  137.283508][ T5883] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  137.440723][ T5883] usb 4-1: Using ep0 maxpacket: 8
[  137.444211][ T5883] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  137.447943][ T5883] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  137.451553][ T5883] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  137.454954][ T5883] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x7E, changing to 0xE
[  137.464791][ T5883] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0
[  137.468054][ T5883] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0xE has invalid maxpacket 0
[  137.471920][ T5883] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  137.475814][ T5883] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.482124][ T5883] usb 4-1: config 0 descriptor??
[  137.507328][ T7639] loop1: detected capacity change from 0 to 128
[  137.565653][ T7641] hsr0 speed is unknown, defaulting to 1000
[  137.567824][ T7641] hsr0 speed is unknown, defaulting to 1000
[  137.577128][ T7641] hsr0 speed is unknown, defaulting to 1000
[  137.592566][ T7641] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  137.606045][ T7641] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  137.633495][ T7641] hsr0 speed is unknown, defaulting to 1000
[  137.638447][ T7641] hsr0 speed is unknown, defaulting to 1000
[  137.647322][ T7641] hsr0 speed is unknown, defaulting to 1000
[  137.651574][ T7645] loop0: detected capacity change from 0 to 1024
[  137.692699][ T5883] usb 4-1: USB disconnect, device number 10
[  137.719926][ T7649] loop1: detected capacity change from 0 to 64
[  137.722979][ T7649] BFS-fs: bfs_fill_super(): loop1 is unclean, continuing
[  138.061253][ T7677] loop1: detected capacity change from 0 to 2048
[  138.069576][ T7677] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  138.072684][ T6346] udevd[6346]: incorrect nilfs2 checksum on /dev/loop1
[  138.080820][ T7680] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  138.410499][ T7699] loop0: detected capacity change from 0 to 512
[  138.457780][ T7699] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.491756][ T7702] Illegal XDP return value 4294967262 on prog  (id 71) dev N/A, expect packet loss!
[  138.688256][ T5843] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.976930][ T7731] loop3: detected capacity change from 0 to 1024
[  139.985111][ T7731] EXT4-fs: Ignoring removed bh option
[  140.004904][ T7731] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.054093][ T6129] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.237750][ T7741] netlink: 40 bytes leftover after parsing attributes in process `syz.0.706'.
[  140.240788][ T7741] netlink: 88 bytes leftover after parsing attributes in process `syz.0.706'.
[  140.267909][ T7743] netlink: 36 bytes leftover after parsing attributes in process `syz.0.707'.
[  140.599334][ T7761] loop0: detected capacity change from 0 to 128
[  140.605576][ T7761] EXT4-fs: Ignoring removed nobh option
[  140.613322][ T7761] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  140.621596][ T7761] ext4 filesystem being mounted at /251/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  140.651188][ T7761] fscrypt (loop0, inode 12): Reserved bits set in encryption policy
[  140.684543][ T5843] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  141.089137][ T5740] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  141.239097][ T5740] usb 4-1: Using ep0 maxpacket: 32
[  141.243490][ T5740] usb 4-1: config index 0 descriptor too short (expected 32334, got 36)
[  141.246728][ T5740] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  141.250680][ T5740] usb 4-1: New USB device found, idVendor=0c70, idProduct=f00a, bcdDevice= 0.00
[  141.254133][ T5740] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.259668][ T5740] usb 4-1: config 0 descriptor??
[  141.671077][ T5740] aquacomputer_d5next 0003:0C70:F00A.0004: unknown main item tag 0x7
[  141.677611][ T5740] aquacomputer_d5next 0003:0C70:F00A.0004: hidraw0: USB HID v0.00 Device [HID 0c70:f00a] on usb-dummy_hcd.3-1/input0
[  141.721805][ T7783] IPv6: NLM_F_CREATE should be specified when creating new route
[  141.870891][ T5740] usb 4-1: USB disconnect, device number 11
[  142.717557][ T7821] netdevsim netdevsim3: Direct firmware load for ./file0/file1 failed with error -2
[  142.730266][ T7821] netdevsim netdevsim3: Falling back to sysfs fallback for: ./file0/file1
[  142.772137][ T7823] loop0: detected capacity change from 0 to 4096
[  142.791048][ T7823] ntfs3(loop0): Failed to initialize $Extend/$ObjId.
[  143.813854][ T7825] loop0: detected capacity change from 0 to 262144
[  144.168511][ T7825] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  144.174889][ T7825] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  145.179295][ T6321] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  145.339137][ T6321] usb 4-1: Using ep0 maxpacket: 16
[  145.350580][ T6321] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  145.369282][ T6321] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  145.372457][ T6321] usb 4-1: config 0 interface 0 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  145.376601][ T6321] usb 4-1: config 0 interface 0 has no altsetting 0
[  145.378642][ T6321] usb 4-1: New USB device found, idVendor=05ac, idProduct=025a, bcdDevice= 0.00
[  145.389098][ T6321] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.393124][ T6321] usb 4-1: config 0 descriptor??
[  145.641535][ T6321] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input12
[  145.652635][ T5278] bcm5974 4-1:0.0: could not read from device
[  145.660723][ T5278] bcm5974 4-1:0.0: could not read from device
[  145.673424][ T5278] bcm5974 4-1:0.0: could not read from device
[  145.680165][ T6321] usb 4-1: USB disconnect, device number 12
[  145.684325][ T5845] bcm5974 4-1:0.0: could not read from device
[  145.690766][ T5278] bcm5974 4-1:0.0: could not read from device
[  145.702682][ T5845] udevd[5845]: Error opening device "/dev/input/event3": No such file or directory
[  145.706145][ T5845] udevd[5845]: Unable to EVIOCGABS device "/dev/input/event3"
[  145.711055][ T5845] udevd[5845]: Unable to EVIOCGABS device "/dev/input/event3"
[  145.713947][ T5845] udevd[5845]: Unable to EVIOCGABS device "/dev/input/event3"
[  145.716755][ T5845] udevd[5845]: Unable to EVIOCGABS device "/dev/input/event3"
[  146.010661][   T24] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  146.172955][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  146.176677][   T24] usb 1-1: New USB device found, idVendor=046d, idProduct=c71f, bcdDevice= 0.00
[  146.200498][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.208043][   T24] usb 1-1: config 0 descriptor??
[  146.371907][ T7870] netlink: 'syz.3.757': attribute type 3 has an invalid length.
[  146.646641][   T24] logitech-djreceiver 0003:046D:C71F.0005: hidraw0: USB HID v0.00 Device [HID 046d:c71f] on usb-dummy_hcd.0-1/input0
[  146.747074][   T24] kernel write not supported for file /459/gid_map (pid: 24 comm: kworker/1:0)
[  146.838141][ T6321] usb 1-1: USB disconnect, device number 12
[  147.072762][ T7893] loop3: detected capacity change from 0 to 32768
[  147.189577][ T7897] loop3: detected capacity change from 0 to 1024
[  147.192618][ T7897] EXT4-fs: Ignoring removed nomblk_io_submit option
[  147.204391][ T7897] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  147.233146][ T6129] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.449822][ T7912] loop0: detected capacity change from 0 to 128
[  147.568118][ T7912] syz.0.775: attempt to access beyond end of device
[  147.568118][ T7912] loop0: rw=2049, sector=140, nr_sectors = 8 limit=128
[  147.575355][ T7912] syz.0.775: attempt to access beyond end of device
[  147.575355][ T7912] loop0: rw=2049, sector=156, nr_sectors = 1 limit=128
[  147.581202][ T7912] Buffer I/O error on dev loop0, logical block 156, lost async page write
[  147.585093][ T7912] syz.0.775: attempt to access beyond end of device
[  147.585093][ T7912] loop0: rw=2049, sector=157, nr_sectors = 1 limit=128
[  147.590817][ T7912] Buffer I/O error on dev loop0, logical block 157, lost async page write
[  147.595450][ T7912] syz.0.775: attempt to access beyond end of device
[  147.595450][ T7912] loop0: rw=2049, sector=158, nr_sectors = 1 limit=128
[  147.604884][ T7912] Buffer I/O error on dev loop0, logical block 158, lost async page write
[  147.609560][ T7912] syz.0.775: attempt to access beyond end of device
[  147.609560][ T7912] loop0: rw=2049, sector=159, nr_sectors = 1 limit=128
[  147.613904][ T7912] Buffer I/O error on dev loop0, logical block 159, lost async page write
[  147.616976][ T7912] syz.0.775: attempt to access beyond end of device
[  147.616976][ T7912] loop0: rw=2049, sector=160, nr_sectors = 1 limit=128
[  147.627170][ T7912] Buffer I/O error on dev loop0, logical block 160, lost async page write
[  147.630562][ T7912] syz.0.775: attempt to access beyond end of device
[  147.630562][ T7912] loop0: rw=2049, sector=161, nr_sectors = 1 limit=128
[  147.635628][ T7912] Buffer I/O error on dev loop0, logical block 161, lost async page write
[  147.661928][ T7912] syz.0.775: attempt to access beyond end of device
[  147.661928][ T7912] loop0: rw=2049, sector=132, nr_sectors = 1 limit=128
[  147.675005][ T7912] Buffer I/O error on dev loop0, logical block 132, lost async page write
[  147.686639][ T7912] syz.0.775: attempt to access beyond end of device
[  147.686639][ T7912] loop0: rw=2049, sector=133, nr_sectors = 1 limit=128
[  147.696807][ T7912] Buffer I/O error on dev loop0, logical block 133, lost async page write
[  147.707244][ T7912] syz.0.775: attempt to access beyond end of device
[  147.707244][ T7912] loop0: rw=2049, sector=150, nr_sectors = 1 limit=128
[  147.717326][ T7912] Buffer I/O error on dev loop0, logical block 150, lost async page write
[  147.718484][ T7924] loop1: detected capacity change from 0 to 4096
[  147.723440][ T7925] loop3: detected capacity change from 0 to 2048
[  147.725769][ T7912] Buffer I/O error on dev loop0, logical block 151, lost async page write
[  147.733707][ T7924] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[  147.740654][ T7924] ntfs3(loop1): ino=3, mi_enum_attr
[  147.764242][ T7925] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.795893][ T6129] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.122705][ T7941] loop3: detected capacity change from 0 to 4096
[  148.136041][ T7941] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512).
[  148.196006][ T7941] ntfs3(loop3): ino=4, mi_enum_attr
[  148.197782][ T7941] ntfs3(loop3): ino=4, Correct links count -> 2.
[  148.217107][ T7941] ntfs3(loop3): Failed to load $AttrDef (-22)
[  149.740425][ T7992] netlink: 44 bytes leftover after parsing attributes in process `syz.0.804'.
[  149.744496][ T7992] netem: unknown loss type 12
[  149.786761][ T7996] loop0: detected capacity change from 0 to 16
[  149.791821][ T7996] erofs (device loop0): mounted with root inode @ nid 36.
[  149.801746][ T7996] erofs (device loop0): read error -5 @ 43 of nid 36
[  149.807587][ T7996] erofs (device loop0): read error -5 @ 43 of nid 36
[  149.923502][ T7988] loop1: detected capacity change from 0 to 32768
[  150.416931][ T7988] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  150.471533][ T7988] XFS (loop1): Ending clean mount
[  150.515250][ T5846] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  150.926471][ T8031] loop0: detected capacity change from 0 to 256
[  150.950701][ T8031] exfat: Deprecated parameter 'utf8'
[  150.956872][ T8031] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d)
[  151.171438][ T8039] loop0: detected capacity change from 0 to 512
[  151.175835][ T8039] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e028, mo2=0002]
[  151.179486][ T8039] System zones: 1-12
[  151.185878][ T8039] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.820: invalid indirect mapped block 8 (level 2)
[  151.210381][ T8039] EXT4-fs (loop0): Remounting filesystem read-only
[  151.214660][ T8039] EXT4-fs (loop0): 1 truncate cleaned up
[  151.225377][ T8039] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  151.277307][ T5843] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.366020][ T8045] use of bytesused == 0 is deprecated and will be removed in the future,
[  151.370532][ T8045] use the actual size instead.
[  151.854038][ T8055] loop3: detected capacity change from 0 to 32768
[  151.894989][ T8055] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.825 (8055)
[  151.907470][ T8055] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  151.912281][ T8055] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  151.996642][ T8055] BTRFS info (device loop3): enabling ssd optimizations
[  151.998833][ T8055] BTRFS info (device loop3): enabling free space tree
[  152.059999][ T6129] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  152.178623][ T8086] (unnamed net_device) (uninitialized): ARP target 9.0.0.0 is already present
[  152.187133][ T8086] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (9)
[  152.304631][ T8092] netlink: 288 bytes leftover after parsing attributes in process `syz.1.835'.
[  152.325280][ T8072] loop0: detected capacity change from 0 to 40427
[  152.350441][ T8072] F2FS-fs (loop0): build fault injection rate: 14
[  152.352432][ T8072] F2FS-fs (loop0): build fault injection type: 0x3bfe8c
[  152.362471][ T8072] F2FS-fs (loop0): invalid crc value
[  152.379685][    C0] F2FS-fs (loop0): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  152.392998][    C0] F2FS-fs (loop0): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  152.462198][ T8100] netlink: 12 bytes leftover after parsing attributes in process `syz.1.838'.
[  152.467219][ T8072] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  152.476003][ T8072] F2FS-fs (loop0): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[  152.486698][ T8072] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  152.508700][ T8072] F2FS-fs (loop0): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  152.530480][ T8072] F2FS-fs (loop0): inject inconsistent footer in sanity_check_node_footer of f2fs_get_dnode_of_data+0xab4/0x1cf0
[  152.537910][ T8106] loop3: detected capacity change from 0 to 2048
[  152.538638][ T8072] F2FS-fs (loop0): inconsistent node block, node_type:3, nid:11, node_footer[nid:11,ino:3,ofs:2041,cpver:0,blkaddr:0]
[  152.552033][ T8106] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  152.556991][ T8106] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  152.560742][ T8106] UDF-fs: Scanning with blocksize 512 failed
[  152.567427][ T8106] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  152.600145][    C1] F2FS-fs (loop0): inject write IO error in f2fs_write_end_io of blk_update_request+0x57e/0xe60
[  152.604330][    C1] CPU: 1 UID: 0 PID: 6346 Comm: udevd Not tainted syzkaller #0 PREEMPT(full) 
[  152.604343][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  152.604348][    C1] Call Trace:
[  152.604352][    C1]  <IRQ>
[  152.604355][    C1]  dump_stack_lvl+0x189/0x250
[  152.604371][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  152.604380][    C1]  ? __pfx_queue_work_on+0x10/0x10
[  152.604388][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  152.604398][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  152.604406][    C1]  ? f2fs_hw_is_readonly+0x39b/0x470
[  152.604417][    C1]  f2fs_handle_critical_error+0x37c/0x540
[  152.604427][    C1]  f2fs_write_end_io+0x886/0xb60
[  152.604443][    C1]  blk_update_request+0x57e/0xe60
[  152.604457][    C1]  blk_mq_end_request+0x3e/0x70
[  152.604464][    C1]  blk_flush_complete_seq+0x678/0xcc0
[  152.604476][    C1]  flush_end_io+0xbaf/0xe60
[  152.604489][    C1]  __blk_mq_end_request+0x46a/0x630
[  152.604499][    C1]  blk_done_softirq+0x10a/0x160
[  152.604507][    C1]  handle_softirqs+0x286/0x870
[  152.604519][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  152.604532][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  152.604541][    C1]  ? sched_clock_cpu+0x74/0x430
[  152.604554][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  152.604563][    C1]  __irq_exit_rcu+0xca/0x1f0
[  152.604573][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  152.604583][    C1]  ? rcu_is_watching+0x15/0xb0
[  152.604591][    C1]  ? rcu_is_watching+0x15/0xb0
[  152.604599][    C1]  irq_exit_rcu+0x9/0x30
[  152.604608][    C1]  sysvec_call_function_single+0xa3/0xc0
[  152.604616][    C1]  </IRQ>
[  152.604619][    C1]  <TASK>
[  152.604622][    C1]  asm_sysvec_call_function_single+0x1a/0x20
[  152.604629][    C1] RIP: 0010:_raw_spin_unlock_irq+0x29/0x50
[  152.604638][    C1] Code: 90 f3 0f 1e fa 53 48 89 fb 48 83 c7 18 48 8b 74 24 08 e8 7a d5 1b f6 48 89 df e8 d2 6c 1c f6 e8 4d da 45 f6 fb bf 01 00 00 00 <e8> a2 64 0e f6 65 8b 05 3b 08 40 07 85 c0 74 07 5b c3 cc cc cc cc
[  152.604644][    C1] RSP: 0018:ffffc900042270a0 EFLAGS: 00000286
[  152.604652][    C1] RAX: 87bb1229cfb4f500 RBX: ffff8881078b20c8 RCX: 87bb1229cfb4f500
[  152.604658][    C1] RDX: 0000000000000007 RSI: ffffffff8db9fb03 RDI: 0000000000000001
[  152.604662][    C1] RBP: ffff888022138e08 R08: ffffffff8fc35777 R09: 1ffffffff1f86aee
[  152.604667][    C1] R10: dffffc0000000000 R11: fffffbfff1f86aef R12: ffff8881078b20c8
[  152.604673][    C1] R13: ffff8881078b2110 R14: dffffc0000000000 R15: ffff8881078b2158
[  152.604685][    C1]  loop_queue_rq+0x9f8/0xb00
[  152.604700][    C1]  blk_mq_request_issue_directly+0x3c1/0x710
[  152.604712][    C1]  ? __pfx_blk_mq_request_issue_directly+0x10/0x10
[  152.604725][    C1]  blk_mq_issue_direct+0x2a0/0x660
[  152.604738][    C1]  ? blk_mq_dispatch_queue_requests+0x552/0x800
[  152.604748][    C1]  ? blk_mq_dispatch_queue_requests+0x552/0x800
[  152.604757][    C1]  blk_mq_dispatch_queue_requests+0x6fe/0x800
[  152.604768][    C1]  blk_mq_flush_plug_list+0x432/0x550
[  152.604782][    C1]  ? __pfx_blk_mq_flush_plug_list+0x10/0x10
[  152.604795][    C1]  __blk_flush_plug+0x3d3/0x4b0
[  152.604807][    C1]  ? __pfx___blk_flush_plug+0x10/0x10
[  152.604820][    C1]  blk_finish_plug+0x5e/0x90
[  152.604830][    C1]  read_pages+0x3b2/0x580
[  152.604842][    C1]  ? __pfx_read_pages+0x10/0x10
[  152.604853][    C1]  ? filemap_add_folio+0x35f/0x540
[  152.604865][    C1]  page_cache_ra_unbounded+0x75e/0x9a0
[  152.604881][    C1]  page_cache_sync_ra+0x443/0xc60
[  152.604894][    C1]  filemap_get_pages+0x468/0x1de0
[  152.604915][    C1]  ? __pfx_filemap_get_pages+0x10/0x10
[  152.604927][    C1]  ? __pfx___might_resched+0x10/0x10
[  152.604945][    C1]  filemap_read+0x3f6/0x11a0
[  152.604954][    C1]  ? aa_file_perm+0x13a/0x1550
[  152.604972][    C1]  ? __pfx_filemap_read+0x10/0x10
[  152.604993][    C1]  ? down_read+0x1ad/0x2e0
[  152.605004][    C1]  blkdev_read_iter+0x30a/0x440
[  152.605018][    C1]  vfs_read+0x55a/0xa30
[  152.605025][    C1]  ? __lock_acquire+0xab9/0xd20
[  152.605038][    C1]  ? __pfx_vfs_read+0x10/0x10
[  152.605047][    C1]  ? rcu_is_watching+0x15/0xb0
[  152.605060][    C1]  ksys_read+0x145/0x250
[  152.605069][    C1]  ? __pfx_ksys_read+0x10/0x10
[  152.605078][    C1]  ? do_syscall_64+0xbe/0xfa0
[  152.605089][    C1]  do_syscall_64+0xfa/0xfa0
[  152.605097][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.605104][    C1]  ? asm_sysvec_call_function_single+0x1a/0x20
[  152.605113][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.605130][    C1] RIP: 0033:0x7efe5c716b6a
[  152.605137][    C1] Code: 00 3d 00 00 41 00 75 0d 50 48 8d 3d 2d 08 0a 00 e8 ea 7d 01 00 31 c0 e9 07 ff ff ff 64 8b 04 25 18 00 00 00 85 c0 75 1b 0f 05 <48> 3d 00 f0 ff ff 76 6c 48 8b 15 8f a2 0d 00 f7 d8 64 89 02 48 83
[  152.605143][    C1] RSP: 002b:00007fffa187c378 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  152.605150][    C1] RAX: ffffffffffffffda RBX: 000000000000fc00 RCX: 00007efe5c716b6a
[  152.605155][    C1] RDX: 0000000000000400 RSI: 000055d975693098 RDI: 0000000000000009
[  152.605159][    C1] RBP: 0000000000000400 R08: 000055d975693070 R09: 0000000000000020
[  152.605164][    C1] R10: 0000000000000051 R11: 0000000000000246 R12: 000055d975693070
[  152.605169][    C1] R13: 000055d975693088 R14: 000055d975628ff8 R15: 000055d975628fa0
[  152.605181][    C1]  </TASK>
[  152.605184][    C1] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  152.792285][ T5843] F2FS-fs (loop0): do_checkpoint failed err:-5, stop checkpoint
[  153.121649][ T8119] loop3: detected capacity change from 0 to 32768
[  153.125328][ T8119] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.848 (8119)
[  153.153485][ T8119] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  153.157504][ T8119] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  153.222735][ T8119] BTRFS info (device loop3): enabling ssd optimizations
[  153.225401][ T8119] BTRFS info (device loop3): enabling free space tree
[  153.251096][ T8119] BTRFS info (device loop3): device stats zeroed by syz.3.848 (8119)
[  153.365407][ T6129] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  153.644544][ T8146] loop3: detected capacity change from 0 to 8
[  153.658032][ T8146] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  153.738721][ T8146] cramfs: bad data blocksize 4294934200
[  153.752671][ T8148] netlink: 16 bytes leftover after parsing attributes in process `syz.1.853'.
[  153.755190][ T8146] cramfs: bad data blocksize 4294934200
[  153.765621][   T33] audit: type=1800 audit(1759223797.092:15): pid=8146 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.852" name="file1" dev="loop3" ino=33092 res=0 errno=0
[  154.459081][ T6321] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  154.491061][   T33] audit: type=1326 audit(1759223797.822:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8157 comm="syz.1.856" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340a58ec29 code=0x7ffc0000
[  154.495686][  T245] I/O error, dev loop3, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 2
[  154.506330][   T33] audit: type=1326 audit(1759223797.822:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8157 comm="syz.1.856" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340a58ec29 code=0x7ffc0000
[  154.528475][   T33] audit: type=1326 audit(1759223797.822:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8157 comm="syz.1.856" exe="/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f340a58ec29 code=0x7ffc0000
[  154.548257][   T33] audit: type=1326 audit(1759223797.822:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8157 comm="syz.1.856" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340a58ec29 code=0x7ffc0000
[  154.567311][   T33] audit: type=1326 audit(1759223797.822:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8157 comm="syz.1.856" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f340a58ec29 code=0x7ffc0000
[  154.611732][ T6321] usb 4-1: config 0 has no interfaces?
[  154.616115][ T6321] usb 4-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  154.620848][ T6321] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  154.623858][ T6321] usb 4-1: Product: syz
[  154.625600][ T6321] usb 4-1: Manufacturer: syz
[  154.636134][ T6321] usb 4-1: SerialNumber: syz
[  154.637748][   T33] audit: type=1326 audit(1759223797.822:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8157 comm="syz.1.856" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340a58ec29 code=0x7ffc0000
[  154.640801][ T6321] usb 4-1: config 0 descriptor??
[  154.740169][   T33] audit: type=1326 audit(1759223797.822:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8157 comm="syz.1.856" exe="/syz-executor" sig=0 arch=c000003e syscall=74 compat=0 ip=0x7f340a58ec29 code=0x7ffc0000
[  154.747828][   T33] audit: type=1326 audit(1759223797.832:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8157 comm="syz.1.856" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340a58ec29 code=0x7ffc0000
[  154.757208][   T33] audit: type=1326 audit(1759223797.832:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8157 comm="syz.1.856" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340a58ec29 code=0x7ffc0000
[  154.884900][ T5883] usb 4-1: USB disconnect, device number 13
[  154.989144][    T9] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  155.149142][    T9] usb 1-1: Using ep0 maxpacket: 32
[  155.153493][    T9] usb 1-1: config 0 has an invalid interface number: 132 but max is 0
[  155.156915][    T9] usb 1-1: config 0 has no interface number 0
[  155.160541][    T9] usb 1-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  155.167682][    T9] usb 1-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  155.171586][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  155.174771][    T9] usb 1-1: Product: syz
[  155.176535][    T9] usb 1-1: Manufacturer: syz
[  155.178548][    T9] usb 1-1: SerialNumber: syz
[  155.186807][    T9] usb 1-1: config 0 descriptor??
[  155.193354][    T9] em28xx 1-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[  155.197059][    T9] em28xx 1-1:0.132: Video interface 132 found:
[  155.482813][ T8175] loop3: detected capacity change from 0 to 128
[  155.661034][    T9] em28xx 1-1:0.132: unknown em28xx chip ID (0)
[  156.067125][    T9] em28xx 1-1:0.132: reading from i2c device at 0xa0 failed: couldn't get the received message from the bridge (error=-5)
[  156.075533][    T9] em28xx 1-1:0.132: board has no eeprom
[  156.169904][    T9] em28xx 1-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[  156.175105][    T9] em28xx 1-1:0.132: analog set to bulk mode.
[  156.182094][ T6321] em28xx 1-1:0.132: Registering V4L2 extension
[  156.333806][ T6321] em28xx 1-1:0.132: failed to trigger read from i2c address 0x4a (error=-5)
[  156.337842][    T9] usb 1-1: USB disconnect, device number 13
[  156.351015][    T9] em28xx 1-1:0.132: Disconnecting em28xx
[  156.355412][ T6321] em28xx 1-1:0.132: failed to trigger read from i2c address 0x48 (error=-5)
[  156.422690][ T8196] veth0_to_bridge: entered promiscuous mode
[  156.425831][ T8196] A link change request failed with some changes committed already. Interface veth0_to_bridge may have been left with an inconsistent configuration, please check.
[  156.454795][   T81] bio_check_eod: 11 callbacks suppressed
[  156.454823][   T81] kworker/u9:3: attempt to access beyond end of device
[  156.454823][   T81] loop3: rw=1, sector=145, nr_sectors = 8 limit=128
[  156.466535][ T6321] em28xx 1-1:0.132: Config register raw data: 0xffffffed
[  156.467206][   T81] kworker/u9:3: attempt to access beyond end of device
[  156.467206][   T81] loop3: rw=1, sector=161, nr_sectors = 8 limit=128
[  156.472267][ T6321] em28xx 1-1:0.132: AC97 chip type couldn't be determined
[  156.477150][   T81] kworker/u9:3: attempt to access beyond end of device
[  156.477150][   T81] loop3: rw=1, sector=177, nr_sectors = 8 limit=128
[  156.484597][   T81] kworker/u9:3: attempt to access beyond end of device
[  156.484597][   T81] loop3: rw=1, sector=193, nr_sectors = 8 limit=128
[  156.491615][ T6321] em28xx 1-1:0.132: No AC97 audio processor
[  156.492196][   T81] kworker/u9:3: attempt to access beyond end of device
[  156.492196][   T81] loop3: rw=1, sector=209, nr_sectors = 8 limit=128
[  156.499134][   T81] kworker/u9:3: attempt to access beyond end of device
[  156.499134][   T81] loop3: rw=1, sector=225, nr_sectors = 8 limit=128
[  156.504211][   T81] kworker/u9:3: attempt to access beyond end of device
[  156.504211][   T81] loop3: rw=1, sector=241, nr_sectors = 8 limit=128
[  156.512026][   T81] kworker/u9:3: attempt to access beyond end of device
[  156.512026][   T81] loop3: rw=1, sector=257, nr_sectors = 8 limit=128
[  156.514107][ T6321] usb 1-1: Decoder not found
[  156.517823][   T81] kworker/u9:3: attempt to access beyond end of device
[  156.517823][   T81] loop3: rw=1, sector=273, nr_sectors = 8 limit=128
[  156.525004][   T81] kworker/u9:3: attempt to access beyond end of device
[  156.525004][   T81] loop3: rw=1, sector=289, nr_sectors = 8 limit=128
[  156.537803][ T6321] em28xx 1-1:0.132: failed to create media graph
[  156.541556][ T6321] em28xx 1-1:0.132: V4L2 device video103 deregistered
[  156.557748][ T6321] em28xx 1-1:0.132: Remote control support is not available for this card.
[  156.582808][    T9] em28xx 1-1:0.132: Closing input extension
[  156.621188][    T9] em28xx 1-1:0.132: Freeing device
[  157.403238][ T8227] loop0: detected capacity change from 0 to 512
[  157.406639][ T8227] EXT4-fs: Ignoring removed oldalloc option
[  157.417139][ T8227] EXT4-fs (loop0): 1 truncate cleaned up
[  157.429721][ T8227] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.512355][ T5843] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.666843][ T8240] autofs: Unknown parameter 'no9 PG!8E	'
[  157.977351][ T8266] netdevsim netdevsim1: Direct firmware load for  failed with error -2
[  157.983536][ T8266] netdevsim netdevsim1: Falling back to sysfs fallback for: 
[  158.374131][ T8277] loop0: detected capacity change from 0 to 32768
[  158.384952][ T8277] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  158.424674][ T8277] XFS (loop0): Ending clean mount
[  158.480685][ T5843] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  159.297854][ T8303] overlayfs: failed to clone upperpath
[  160.632210][ T8339] loop0: detected capacity change from 0 to 1024
[  160.634869][ T8339] EXT4-fs: Ignoring removed orlov option
[  160.660231][ T8339] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  160.666103][ T8344] fuse: Bad value for 'fd'
[  160.681217][   T33] kauditd_printk_skb: 5 callbacks suppressed
[  160.681233][   T33] audit: type=1804 audit(1759223804.012:30): pid=8339 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.929" name="/newroot/308/bus/bus" dev="loop0" ino=18 res=1 errno=0
[  160.692737][   T33] audit: type=1804 audit(1759223804.012:31): pid=8339 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.929" name="/newroot/308/bus/bus" dev="loop0" ino=18 res=1 errno=0
[  161.034201][ T8358] netlink: 14 bytes leftover after parsing attributes in process `syz.1.936'.
[  161.574614][ T8372] netlink: 28 bytes leftover after parsing attributes in process `syz.3.942'.
[  161.579183][ T8372] netlink: 28 bytes leftover after parsing attributes in process `syz.3.942'.
[  161.588545][ T5843] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.787657][ T8382] loop0: detected capacity change from 0 to 1024
[  161.795683][ T8382] EXT4-fs: Ignoring removed oldalloc option
[  161.801089][ T8382] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  161.810913][ T8382] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869)
[  161.815662][ T8382] EXT4-fs (loop0): stripe (254) is not aligned with cluster size (16), stripe is disabled
[  161.820232][ T8382] EXT4-fs (loop0): invalid journal inode
[  162.972821][ T8400] overlayfs: missing 'workdir'
[  163.002114][ T8402] netlink: 4 bytes leftover after parsing attributes in process `syz.0.956'.
[  163.847443][ T8413] loop0: detected capacity change from 0 to 16
[  163.852794][ T8413] erofs (device loop0): mounted with root inode @ nid 36.
[  163.871813][ T8417] can: request_module (can-proto-0) failed.
[  164.091770][ T8425] loop0: detected capacity change from 0 to 164
[  164.321646][ T8434] loop3: detected capacity change from 0 to 8192
[  164.763267][ T8459] netlink: 8 bytes leftover after parsing attributes in process `syz.3.975'.
[  164.767570][ T8459] sch_tbf: burst 6 is lower than device team_slave_0 mtu (1514) !
[  164.962444][ T8464] netlink: 6032 bytes leftover after parsing attributes in process `syz.1.977'.
[  165.067590][ T8469] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  165.168275][ T8474] netlink: 128 bytes leftover after parsing attributes in process `syz.1.982'.
[  165.706347][ T8497] IPv6: addrconf: prefix option has invalid lifetime
[  166.043135][   T10] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  166.240561][   T10] usb 4-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64
[  166.243531][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.246110][   T10] usb 4-1: Product: syz
[  166.247421][   T10] usb 4-1: Manufacturer: syz
[  166.248873][   T10] usb 4-1: SerialNumber: syz
[  166.270014][   T10] usb 4-1: config 0 descriptor??
[  166.286240][   T10] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state.
[  166.296065][   T10] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  166.304726][   T10] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0))
[  166.307718][   T10] usb 4-1: media controller created
[  166.342951][   T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  166.386916][   T10] DVB: Unable to find symbol mt352_attach()
[  166.438292][   T10] DVB: Unable to find symbol nxt6000_attach()
[  166.453315][   T10] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)'
[  166.468323][   T10] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input13
[  166.495604][   T10] dvb-usb: schedule remote query interval to 1000 msecs.
[  166.498389][   T10] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected.
[  166.507913][   T10] dvb-usb: bulk message failed: -22 (7/0)
[  166.516055][   T10] dvb-usb: bulk message failed: -22 (7/0)
[  166.529412][   T10] usb 4-1: USB disconnect, device number 14
[  166.703426][   T10] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected.
[  167.197208][ T8536] loop3: detected capacity change from 0 to 4096
[  167.213287][ T8536] NILFS (loop3): invalid segment: Checksum error in segment payload
[  167.217668][ T8536] NILFS (loop3): trying rollback from an earlier position
[  167.249303][ T8536] NILFS (loop3): recovery complete
[  167.253487][ T8541] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  167.431986][ T8549] netlink: 'syz.3.1016': attribute type 9 has an invalid length.
[  167.497108][ T8551] loop3: detected capacity change from 0 to 256
[  167.510673][ T8551] FAT-fs (loop3): Directory bread(block 64) failed
[  167.512829][ T8551] FAT-fs (loop3): Directory bread(block 65) failed
[  167.515011][ T8551] FAT-fs (loop3): Directory bread(block 66) failed
[  167.517059][ T8551] FAT-fs (loop3): Directory bread(block 67) failed
[  167.520183][ T8551] FAT-fs (loop3): Directory bread(block 68) failed
[  167.522828][ T8551] FAT-fs (loop3): Directory bread(block 69) failed
[  167.525837][ T8551] FAT-fs (loop3): Directory bread(block 70) failed
[  167.528135][ T8551] FAT-fs (loop3): Directory bread(block 71) failed
[  167.531146][ T8551] FAT-fs (loop3): Directory bread(block 72) failed
[  167.533712][ T8551] FAT-fs (loop3): Directory bread(block 73) failed
[  167.609748][   T24] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  167.676101][ T8538] ICMPv6: NA: 01:80:c2:00:00:03 advertised our address fe80::aa on syz_tun!
[  167.760350][   T24] usb 1-1: Using ep0 maxpacket: 16
[  167.771212][   T24] usb 1-1: unable to get BOS descriptor or descriptor too short
[  167.775595][   T24] usb 1-1: config 4 has an invalid interface number: 117 but max is 0
[  167.779062][   T24] usb 1-1: config 4 has no interface number 0
[  167.790117][   T24] usb 1-1: New USB device found, idVendor=0506, idProduct=00df, bcdDevice=e2.02
[  167.793741][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.796871][   T24] usb 1-1: Product: syz
[  167.798500][   T24] usb 1-1: Manufacturer: syz
[  167.809403][   T24] usb 1-1: SerialNumber: syz
[  168.035159][   T24] gspca_main: spca501-2.14.0 probing 0506:00df
[  168.039633][   T24] gspca_spca501: reg write: error -71
[  168.042165][   T24] spca501 1-1:4.117: Reg write failed for 0x00,0xaa,0x00
[  168.044557][   T24] spca501 1-1:4.117: probe with driver spca501 failed with error -22
[  168.047472][   T24] usbhid 1-1:4.117: couldn't find an input interrupt endpoint
[  168.054209][   T24] usb 1-1: USB disconnect, device number 14
[  168.616954][ T8570] loop0: detected capacity change from 0 to 1024
[  168.673183][ T8570] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.677795][ T8570] ext4 filesystem being mounted at /331/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  168.701258][ T8570] EXT4-fs (loop0): shut down requested (1)
[  168.750180][ T5843] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.895788][ T8575] bridge_slave_0: left allmulticast mode
[  168.898126][ T8575] bridge_slave_0: left promiscuous mode
[  168.906370][ T8575] bridge0: port 1(bridge_slave_0) entered disabled state
[  168.914890][ T8581] netlink: 168 bytes leftover after parsing attributes in process `syz.1.1027'.
[  168.925505][ T8575] bridge_slave_1: left allmulticast mode
[  168.933572][ T8575] bridge_slave_1: left promiscuous mode
[  168.936177][ T8575] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.947285][ T8575] bond0: (slave bond_slave_0): Releasing backup interface
[  168.956850][ T8575] bond0: (slave bond_slave_1): Releasing backup interface
[  168.988314][ T8575] team0: Port device team_slave_0 removed
[  169.005655][ T8575] team0: Port device team_slave_1 removed
[  169.014873][ T8575] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  169.018042][ T8575] batman_adv: batadv0: Removing interface: batadv_slave_0
[  169.023798][ T8575] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  169.030760][ T8575] batman_adv: batadv0: Removing interface: batadv_slave_1
[  169.041672][ T8575] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  169.556674][ T8618] loop3: detected capacity change from 0 to 128
[  169.729110][    T9] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  169.882955][    T9] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  169.887713][    T9] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  169.891016][    T9] usb 1-1: config 1 has no interface number 1
[  169.893243][    T9] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  169.897245][    T9] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x6 has an invalid bInterval 0, changing to 7
[  169.907943][    T9] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  169.910829][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.913255][    T9] usb 1-1: Product: syz
[  169.914583][    T9] usb 1-1: Manufacturer: syz
[  169.916137][    T9] usb 1-1: SerialNumber: syz
[  169.919712][ T8607] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  170.130384][    T9] usb 1-1: 2:1 : no or invalid class specific endpoint descriptor
[  170.133144][    T9] usb 1-1: 2:1 : no or invalid class specific endpoint descriptor
[  170.174921][    T9] usb 1-1: USB disconnect, device number 15
[  170.242435][ T7201] udevd[7201]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  170.418732][ T8638] loop3: detected capacity change from 0 to 32768
[  170.780828][ T8644] xt_time: invalid argument - start or stop time greater than 23:59:59
[  172.001588][ T8661] loop3: detected capacity change from 0 to 4096
[  172.014609][ T8661] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512).
[  172.224995][   T33] audit: type=1800 audit(1759223815.552:32): pid=8661 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1055" name="file1" dev="loop3" ino=30 res=0 errno=0
[  172.561993][ T8676] veth0_to_bond: entered allmulticast mode
[  172.786538][ T8682] loop3: detected capacity change from 0 to 4096
[  174.043313][ T8710] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1085'.
[  174.514385][ T8724] loop0: detected capacity change from 0 to 1024
[  174.596277][   T29] hfsplus: bad catalog file entry
[  174.599429][   T29] hfsplus: b-tree write err: -5, ino 3
[  174.823690][   T33] audit: type=1326 audit(1759223818.152:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8744 comm="syz.1.1101" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340a58ec29 code=0x7ffc0000
[  174.831478][ T8745] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1101'.
[  174.832107][   T33] audit: type=1326 audit(1759223818.152:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8744 comm="syz.1.1101" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340a58ec29 code=0x7ffc0000
[  174.841027][ T8745] 9pnet_fd: Insufficient options for proto=fd
[  174.844345][   T33] audit: type=1326 audit(1759223818.152:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8744 comm="syz.1.1101" exe="/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f340a58ec29 code=0x7ffc0000
[  174.857232][   T33] audit: type=1326 audit(1759223818.152:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8744 comm="syz.1.1101" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340a58ec29 code=0x7ffc0000
[  174.866505][   T33] audit: type=1326 audit(1759223818.152:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8744 comm="syz.1.1101" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340a58ec29 code=0x7ffc0000
[  174.876267][   T33] audit: type=1326 audit(1759223818.152:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8744 comm="syz.1.1101" exe="/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f340a58ec29 code=0x7ffc0000
[  174.887717][   T33] audit: type=1326 audit(1759223818.152:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8744 comm="syz.1.1101" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340a58ec29 code=0x7ffc0000
[  174.897181][   T33] audit: type=1326 audit(1759223818.152:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8744 comm="syz.1.1101" exe="/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f340a58ec29 code=0x7ffc0000
[  174.909113][   T33] audit: type=1326 audit(1759223818.152:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8744 comm="syz.1.1101" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340a58ec29 code=0x7ffc0000
[  174.982881][ T8742] loop0: detected capacity change from 0 to 512
[  174.987253][ T8742] EXT4-fs (loop0): can't mount with data=, fs mounted w/o journal
[  175.934621][ T8782] loop3: detected capacity change from 0 to 512
[  175.937085][ T8782] EXT4-fs: Ignoring removed nomblk_io_submit option
[  176.210770][ T8782] EXT4-fs error (device loop3): ext4_iget_extra_inode:5075: inode #15: comm syz.3.1117: corrupted in-inode xattr: invalid ea_ino
[  176.216422][ T8782] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1117: couldn't read orphan inode 15 (err -117)
[  176.227962][ T8782] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.238919][ T8784] loop0: detected capacity change from 0 to 32768
[  176.282309][ T6129] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.295089][ T8784] jfs_lookup: iget failed on inum 32
[  176.297524][ T8784] jfs_lookup: iget failed on inum 32
[  176.452466][ T8790] loop3: detected capacity change from 0 to 128
[  176.480309][ T8790] FAT-fs (loop3): bogus sectors per cluster 0
[  176.482258][ T8790] FAT-fs (loop3): Can't find a valid FAT filesystem
[  177.072050][ T8754] kexec: Could not allocate control_code_buffer
[  177.108093][ T8820] loop3: detected capacity change from 0 to 1024
[  177.137444][ T8820] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  177.489489][ T8821] loop0: detected capacity change from 0 to 40427
[  177.493044][ T8821] F2FS-fs: heap/no_heap options were deprecated
[  177.496419][ T8821] F2FS-fs (loop0): Image doesn't support compression
[  177.504489][ T8821] F2FS-fs (loop0): invalid crc value
[  177.611469][ T8821] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  177.624767][ T8821] F2FS-fs (loop0): Start checkpoint disabled!
[  177.633754][ T8821] F2FS-fs (loop0): f2fs_disable_checkpoint() finish, err:0
[  177.634858][ T8845] netlink: 'syz.1.1147': attribute type 1 has an invalid length.
[  177.640985][ T8821] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  177.682150][ T8821] bio_check_eod: 102 callbacks suppressed
[  177.682167][ T8821] syz.0.1135: attempt to access beyond end of device
[  177.682167][ T8821] loop0: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  177.695548][ T8821] syz.0.1135: attempt to access beyond end of device
[  177.695548][ T8821] loop0: rw=2049, sector=53264, nr_sectors = 32 limit=40427
[  177.705851][ T8821] syz.0.1135: attempt to access beyond end of device
[  177.705851][ T8821] loop0: rw=2049, sector=53328, nr_sectors = 32 limit=40427
[  177.714037][ T8821] syz.0.1135: attempt to access beyond end of device
[  177.714037][ T8821] loop0: rw=2049, sector=53368, nr_sectors = 8 limit=40427
[  177.722714][ T8821] syz.0.1135: attempt to access beyond end of device
[  177.722714][ T8821] loop0: rw=2049, sector=53400, nr_sectors = 32 limit=40427
[  177.728781][ T8821] syz.0.1135: attempt to access beyond end of device
[  177.728781][ T8821] loop0: rw=2049, sector=53440, nr_sectors = 24 limit=40427
[  177.780609][ T5920] kworker/u10:4: attempt to access beyond end of device
[  177.780609][ T5920] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  177.785971][ T5920] CPU: 1 UID: 0 PID: 5920 Comm: kworker/u10:4 Not tainted syzkaller #0 PREEMPT(full) 
[  177.785988][ T5920] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  177.786004][ T5920] Workqueue: writeback wb_workfn (flush-7:0)
[  177.786031][ T5920] Call Trace:
[  177.786037][ T5920]  <TASK>
[  177.786044][ T5920]  dump_stack_lvl+0x189/0x250
[  177.786064][ T5920]  ? __pfx_dump_stack_lvl+0x10/0x10
[  177.786079][ T5920]  ? __pfx_queue_work_on+0x10/0x10
[  177.786091][ T5920]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  177.786107][ T5920]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  177.786131][ T5920]  f2fs_handle_critical_error+0x37c/0x540
[  177.786152][ T5920]  f2fs_write_end_io+0x886/0xb60
[  177.786185][ T5920]  __submit_merged_bio+0x27a/0x6a0
[  177.786205][ T5920]  __submit_merged_write_cond+0x255/0x530
[  177.786232][ T5920]  f2fs_write_data_pages+0x261d/0x3000
[  177.786277][ T5920]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  177.786305][ T5920]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  177.786352][ T5920]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  177.786377][ T5920]  ? trace_f2fs_writepages+0x7f/0x200
[  177.786392][ T5920]  ? f2fs_write_node_pages+0x478/0x6e0
[  177.786417][ T5920]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  177.786440][ T5920]  ? __lock_acquire+0xab9/0xd20
[  177.786465][ T5920]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  177.786481][ T5920]  do_writepages+0x32e/0x550
[  177.786500][ T5920]  ? reacquire_held_locks+0x127/0x1d0
[  177.786512][ T5920]  ? writeback_sb_inodes+0x384/0x1010
[  177.786535][ T5920]  __writeback_single_inode+0x145/0xff0
[  177.786549][ T5920]  ? do_raw_spin_unlock+0x4d/0x240
[  177.786568][ T5920]  writeback_sb_inodes+0x6c7/0x1010
[  177.786605][ T5920]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  177.786657][ T5920]  ? rcu_is_watching+0x15/0xb0
[  177.786678][ T5920]  wb_writeback+0x43b/0xaf0
[  177.786699][ T5920]  ? queue_io+0x301/0x590
[  177.786716][ T5920]  ? __pfx_wb_writeback+0x10/0x10
[  177.786739][ T5920]  ? _raw_spin_unlock_irq+0x23/0x50
[  177.786757][ T5920]  wb_workfn+0x409/0xef0
[  177.786790][ T5920]  ? __pfx_wb_workfn+0x10/0x10
[  177.786813][ T5920]  ? __lock_acquire+0xab9/0xd20
[  177.786841][ T5920]  ? process_scheduled_works+0x9ef/0x17b0
[  177.786866][ T5920]  ? _raw_spin_unlock_irq+0x23/0x50
[  177.786879][ T5920]  ? process_scheduled_works+0x9ef/0x17b0
[  177.786896][ T5920]  ? process_scheduled_works+0x9ef/0x17b0
[  177.786916][ T5920]  process_scheduled_works+0xae1/0x17b0
[  177.786986][ T5920]  ? __pfx_process_scheduled_works+0x10/0x10
[  177.787028][ T5920]  worker_thread+0x8a0/0xda0
[  177.787050][ T5920]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  177.787072][ T5920]  ? __kthread_parkme+0x7b/0x200
[  177.787094][ T5920]  kthread+0x711/0x8a0
[  177.787112][ T5920]  ? __pfx_worker_thread+0x10/0x10
[  177.787130][ T5920]  ? __pfx_kthread+0x10/0x10
[  177.787147][ T5920]  ? _raw_spin_unlock_irq+0x23/0x50
[  177.787160][ T5920]  ? lockdep_hardirqs_on+0x9c/0x150
[  177.787173][ T5920]  ? __pfx_kthread+0x10/0x10
[  177.787189][ T5920]  ret_from_fork+0x4bc/0x870
[  177.787210][ T5920]  ? __pfx_ret_from_fork+0x10/0x10
[  177.787235][ T5920]  ? __switch_to_asm+0x39/0x70
[  177.787249][ T5920]  ? __switch_to_asm+0x33/0x70
[  177.787263][ T5920]  ? __pfx_kthread+0x10/0x10
[  177.787278][ T5920]  ret_from_fork_asm+0x1a/0x30
[  177.787311][ T5920]  </TASK>
[  177.787317][ T5920] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  178.190701][ T8879] netlink: 'syz.3.1162': attribute type 1 has an invalid length.
[  178.355994][ T8883] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  178.366034][ T8883] qnx6: wrong signature (magic) in superblock #1.
[  178.368489][ T8883] qnx6: unable to read the first superblock
[  179.441967][ T8915] loop0: detected capacity change from 0 to 64
[  179.445810][ T8915] BFS-fs: bfs_fill_super(): loop0 is unclean, continuing
[  179.492181][ T8919] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1180'.
[  179.503261][ T8919] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1180'.
[  179.506472][ T8919] tc_dump_action: action bad kind
[  179.697467][ T8936] netlink: 'syz.0.1188': attribute type 4 has an invalid length.
[  179.712450][ T8936] netlink: 'syz.0.1188': attribute type 17 has an invalid length.
[  179.767408][ T8939] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1189'.
[  179.771553][ T8939] netlink: 'syz.3.1189': attribute type 7 has an invalid length.
[  179.774589][ T8939] netlink: 'syz.3.1189': attribute type 8 has an invalid length.
[  179.777610][ T8939] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1189'.
[  180.076246][ T8957] loop3: detected capacity change from 0 to 1024
[  180.095284][   T33] kauditd_printk_skb: 37 callbacks suppressed
[  180.095301][   T33] audit: type=1800 audit(1759223823.422:79): pid=8957 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1198" name="file1" dev="loop3" ino=26 res=0 errno=0
[  180.149125][ T5910] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  180.311529][ T5910] usb 1-1: Using ep0 maxpacket: 8
[  180.315429][ T5910] usb 1-1: config 0 has no interfaces?
[  180.320762][ T5910] usb 1-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  180.323822][ T5910] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  180.326525][ T5910] usb 1-1: Product: syz
[  180.328074][ T5910] usb 1-1: Manufacturer: syz
[  180.330383][ T5910] usb 1-1: SerialNumber: syz
[  180.336064][ T5910] usb 1-1: config 0 descriptor??
[  181.641868][   T10] usb 1-1: USB disconnect, device number 16
[  181.658977][ T6321] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  181.881448][ T8984] pim6reg: entered allmulticast mode
[  181.888971][ T6321] usb 4-1: Using ep0 maxpacket: 8
[  181.894163][ T8984] pim6reg: left allmulticast mode
[  181.911443][ T6321] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  181.914259][ T6321] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.916941][ T6321] usb 4-1: Product: syz
[  181.918249][ T6321] usb 4-1: Manufacturer: syz
[  181.920444][ T6321] usb 4-1: SerialNumber: syz
[  181.923377][ T6321] usb 4-1: config 0 descriptor??
[  182.032670][ T8986] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1209'.
[  182.227738][ T6321] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  182.304802][   T33] audit: type=1326 audit(1759226403.633:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8981 comm="syz.0.1209" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f228698ec29 code=0x7ffc0000
[  182.324827][   T33] audit: type=1326 audit(1759226403.633:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8981 comm="syz.0.1209" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f228698ec29 code=0x7ffc0000
[  182.342964][   T33] audit: type=1326 audit(1759226403.633:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8981 comm="syz.0.1209" exe="/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f228698ec29 code=0x7ffc0000
[  182.354847][   T33] audit: type=1326 audit(1759226403.633:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8981 comm="syz.0.1209" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f228698ec29 code=0x7ffc0000
[  182.363953][   T33] audit: type=1326 audit(1759226403.633:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8981 comm="syz.0.1209" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f228698ec29 code=0x7ffc0000
[  182.372836][   T33] audit: type=1326 audit(1759226403.653:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8981 comm="syz.0.1209" exe="/syz-executor" sig=0 arch=c000003e syscall=323 compat=0 ip=0x7f228698ec29 code=0x7ffc0000
[  182.383040][   T33] audit: type=1326 audit(1759226403.653:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8981 comm="syz.0.1209" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f228698ec29 code=0x7ffc0000
[  182.391746][   T33] audit: type=1326 audit(1759226403.653:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8981 comm="syz.0.1209" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f228698ec29 code=0x7ffc0000
[  182.400680][   T33] audit: type=1326 audit(1759226403.663:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8981 comm="syz.0.1209" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f228698ec29 code=0x7ffc0000
[  182.873530][ T9006] loop0: detected capacity change from 0 to 32768
[  182.881647][ T9006] JBD2: Ignoring recovery information on journal
[  182.907550][ T9006] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  182.924167][ T9006] (syz.0.1219,9006,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry too close to end - offset=32, inode=17057, rec_len=280, name_len=10
[  182.932832][ T9006] (syz.0.1219,9006,1):ocfs2_prepare_dir_for_insert:4302 ERROR: status = -2
[  182.935662][ T9006] (syz.0.1219,9006,1):ocfs2_mknod:301 ERROR: status = -2
[  182.937888][ T9006] (syz.0.1219,9006,1):ocfs2_mknod:505 ERROR: status = -2
[  182.941427][ T9006] (syz.0.1219,9006,1):ocfs2_create:678 ERROR: status = -2
[  182.973603][ T5843] ocfs2: Unmounting device (7,0) on (node local)
[  183.084079][ T6321] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  183.095948][ T6321] usb 4-1: USB disconnect, device number 15
[  183.149507][ T9010] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1220'.
[  183.153384][ T9010] (unnamed net_device) (uninitialized): option mode: invalid value (7)
[  183.694791][ T9026] tmpfs: Bad value for 'usrquota_inode_hardlimit'
[  184.087102][ T9038] loop0: detected capacity change from 0 to 4096
[  184.101279][ T6321] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  184.112747][ T9041] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  184.261629][ T6321] usb 4-1: unable to get BOS descriptor or descriptor too short
[  184.270014][ T6321] usb 4-1: config 63 has an invalid interface number: 66 but max is 0
[  184.273211][ T6321] usb 4-1: config 63 has an invalid descriptor of length 0, skipping remainder of the config
[  184.277196][ T6321] usb 4-1: config 63 has no interface number 0
[  184.317115][ T6321] usb 4-1: config 63 interface 66 has no altsetting 0
[  184.324785][ T6321] usb 4-1: New USB device found, idVendor=174f, idProduct=8a31, bcdDevice=39.f4
[  184.330174][ T6321] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.338658][ T6321] usb 4-1: Product: syz
[  184.340452][ T6321] usb 4-1: Manufacturer: syz
[  184.342228][ T6321] usb 4-1: SerialNumber: syz
[  184.747819][ T6321] uvcvideo 4-1:63.66: Found UVC 0.07 device syz (174f:8a31)
[  184.754468][ T6321] uvcvideo 4-1:63.66: No valid video chain found.
[  184.761625][ T6321] usb 4-1: USB disconnect, device number 16
[  184.786511][ T9047] loop0: detected capacity change from 0 to 32768
[  184.805531][ T9047] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  184.818260][ T9047] XFS (loop0): Ending clean mount
[  184.844683][ T5843] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  185.175930][   T33] kauditd_printk_skb: 15 callbacks suppressed
[  185.175941][   T33] audit: type=1326 audit(1759226406.504:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9066 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340a58ec29 code=0x7ffc0000
[  185.192288][   T33] audit: type=1326 audit(1759226406.504:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9066 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340a58ec29 code=0x7ffc0000
[  185.203380][   T33] audit: type=1326 audit(1759226406.504:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9066 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=c000003e syscall=453 compat=0 ip=0x7f340a58ec29 code=0x7ffc0000
[  185.212438][   T33] audit: type=1326 audit(1759226406.504:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9066 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340a58ec29 code=0x7ffc0000
[  185.222956][   T33] audit: type=1326 audit(1759226406.504:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9066 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340a58ec29 code=0x7ffc0000
[  185.243477][   T33] audit: type=1326 audit(1759226406.504:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9066 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f340a58ec29 code=0x7ffc0000
[  185.253809][   T33] audit: type=1326 audit(1759226406.504:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9066 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340a58ec29 code=0x7ffc0000
[  185.256594][ T9073] sp0: Synchronizing with TNC
[  185.267648][   T33] audit: type=1326 audit(1759226406.504:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9066 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340a58ec29 code=0x7ffc0000
[  185.278346][   T33] audit: type=1326 audit(1759226406.534:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9066 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f340a58ec29 code=0x7ffc0000
[  185.286419][   T33] audit: type=1326 audit(1759226406.534:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9066 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340a58ec29 code=0x7ffc0000
[  185.308503][ T5910] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  185.390024][ T9075] netlink: 120 bytes leftover after parsing attributes in process `syz.3.1247'.
[  185.461866][ T5910] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  185.465633][ T5910] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  185.476753][ T5910] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  185.480425][ T5910] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  185.483508][ T5910] usb 1-1: SerialNumber: syz
[  185.613761][ T9093] loop3: detected capacity change from 0 to 8
[  185.628712][ T9093] unable to read inode lookup table
[  185.705007][ T5910] usb 1-1: 0:2 : does not exist
[  185.706968][ T5910] usb 1-1: unit 255 not found!
[  185.726940][ T5910] usb 1-1: 5:0: cannot get min/max values for control 2 (id 5)
[  185.817692][ T5910] usb 1-1: USB disconnect, device number 17
[  185.996877][ T5233] Bluetooth: hci0: command 0x0406 tx timeout
[  186.000325][ T5233] Bluetooth: hci2: command 0x0406 tx timeout
[  186.181170][ T6346] udevd[6346]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  186.368889][ T9097] loop3: detected capacity change from 0 to 32768
[  187.598578][ T5910] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  187.602353][ T9139] loop0: detected capacity change from 0 to 32768
[  187.605868][ T9139] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1276 (9139)
[  187.616085][ T9139] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  187.622547][ T9139] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  187.657726][ T9139] BTRFS info (device loop0): enabling ssd optimizations
[  187.660911][ T9139] BTRFS info (device loop0): enabling free space tree
[  187.663489][ T9139] BTRFS info (device loop0): use lzo compression, level 1
[  187.696947][ T5843] BTRFS info (device loop0): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  187.756076][ T5910] usb 4-1: Using ep0 maxpacket: 8
[  187.765650][ T5910] usb 4-1: config 0 interface 0 has no altsetting 0
[  187.767765][ T5910] usb 4-1: New USB device found, idVendor=17ef, idProduct=61ae, bcdDevice= 0.00
[  187.788174][ T5910] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.797458][ T5910] usb 4-1: config 0 descriptor??
[  187.991308][ T9167] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  188.385867][ T5910] lenovo 0003:17EF:61AE.0006: hidraw0: USB HID vff.ff Device [HID 17ef:61ae] on usb-dummy_hcd.3-1/input0
[  188.513776][    T9] usb 4-1: USB disconnect, device number 17
[  188.648395][ T6321] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  188.828439][ T6321] usb 1-1: Using ep0 maxpacket: 16
[  188.833741][ T6321] usb 1-1: unable to get BOS descriptor or descriptor too short
[  188.837055][ T6321] usb 1-1: config 1 has an invalid interface number: 231 but max is 0
[  188.839759][ T6321] usb 1-1: config 1 has no interface number 0
[  188.841798][ T6321] usb 1-1: config 1 interface 231 has no altsetting 0
[  188.846055][ T6321] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=5c.f5
[  188.851260][ T6321] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  188.854250][ T6321] usb 1-1: Product: syz
[  188.855673][ T6321] usb 1-1: Manufacturer: syz
[  188.857120][ T6321] usb 1-1: SerialNumber: syz
[  188.877073][ T9177] futex_wake_op: syz.1.1284 tries to shift op by 32; fix this program
[  189.069608][ T6321] usbtest 1-1:1.231: couldn't get endpoints, -71
[  189.071544][ T6321] usbtest 1-1:1.231: probe with driver usbtest failed with error -71
[  189.075866][ T6321] usb 1-1: USB disconnect, device number 18
[  189.119392][ T9184] loop3: detected capacity change from 0 to 1024
[  189.122153][ T9184] EXT4-fs: inline encryption not supported
[  189.124371][ T9184] EXT4-fs: Ignoring removed bh option
[  189.140679][ T9184] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.994952][ T6129] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.801130][ T9212] loop3: detected capacity change from 0 to 512
[  190.833944][ T9212] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  190.940220][ T6129] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.478449][ T6321] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  191.654946][ T6321] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  191.662048][ T6321] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  191.673831][ T6321] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  191.677394][ T6321] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  191.690714][ T6321] usb 4-1: SerialNumber: syz
[  192.040664][ T6321] usb 4-1: 0:2 : does not exist
[  192.042897][ T6321] usb 4-1: unit 5: unexpected type 0x03
[  192.108132][ T6321] usb 4-1: USB disconnect, device number 18
[  192.420834][ T6346] udevd[6346]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  193.143629][ T9278] loop3: detected capacity change from 0 to 4096
[  193.148585][ T9278] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  193.153177][ T9278] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  193.158320][ T9278] ntfs3(loop3): Failed to load $MFTMirr (-22).
[  193.261991][ T9284] cgroup: noprefix used incorrectly
[  193.689387][ T9293] loop3: detected capacity change from 0 to 256
[  193.692564][ T9293] msdos: Bad value for 'gid'
[  193.701852][ T9293] msdos: Bad value for 'gid'
[  194.674525][ T1361] ieee802154 phy0 wpan0: encryption failed: -22
[  194.677179][ T1361] ieee802154 phy1 wpan1: encryption failed: -22
[  195.211774][    T9] IPVS: starting estimator thread 0...
[  195.297421][ T9309] IPVS: using max 64 ests per chain, 153600 per kthread
[  195.300254][ T9315] loop3: detected capacity change from 0 to 2048
[  195.324637][ T9315] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.350976][ T6129] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.473881][ T9324] syz.0.1344 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  195.535425][ T9326] loop3: detected capacity change from 0 to 2048
[  195.574784][ T9326] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  195.922134][ T9337] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1350'.
[  196.094934][ T9341] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1353'.
[  196.500110][ T9351] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1356'.
[  196.510874][ T9351] tipc: Invalid UDP bearer configuration
[  196.510995][ T9351] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  196.900822][ T9362] lo speed is unknown, defaulting to 1000
[  196.904376][ T9362] lo speed is unknown, defaulting to 1000
[  196.920429][ T9362] lo speed is unknown, defaulting to 1000
[  196.980595][ T9362] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  197.051803][ T9362] lo speed is unknown, defaulting to 1000
[  197.054485][ T9362] lo speed is unknown, defaulting to 1000
[  197.057217][ T9362] lo speed is unknown, defaulting to 1000
[  197.171222][ T9372] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1366'.
[  197.872954][ T9394] netlink: 'syz.3.1376': attribute type 1 has an invalid length.
[  197.991100][ T9402] loop0: detected capacity change from 0 to 4096
[  197.995845][ T9402] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  198.124865][ T9402] ntfs3(loop0): ino=19, mi_enum_attr
[  198.127121][ T9402] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  198.313003][ T9402] ntfs3(loop0): failed to convert "c46c" to ascii
[  198.335583][ T9402] ntfs3(loop0): ino=20, mi_enum_attr
[  198.380791][ T9408] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  198.383947][ T9408] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  198.432674][ T9410] dvmrp0: entered allmulticast mode
[  198.870327][ T9435] loop3: detected capacity change from 0 to 512
[  198.902035][ T9435] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  198.907062][ T9435] ext4 filesystem being mounted at /432/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  198.951363][ T6129] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  199.027186][    T9] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  199.040689][ T9444] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1397'.
[  199.047045][ T9444] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1397'.
[  199.211988][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  199.215487][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  199.220049][    T9] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  199.224308][    T9] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  199.231829][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  199.245253][    T9] usb 1-1: config 0 descriptor??
[  199.702254][    T9] plantronics 0003:047F:FFFF.0007: unbalanced delimiter at end of report description
[  199.707592][    T9] plantronics 0003:047F:FFFF.0007: parse failed
[  199.710292][    T9] plantronics 0003:047F:FFFF.0007: probe with driver plantronics failed with error -22
[  199.918700][    T9] usb 1-1: USB disconnect, device number 19
[  200.531193][ T9464] loop3: detected capacity change from 0 to 32768
[  200.571637][ T9464] XFS (loop3): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  200.607074][ T9464] XFS (loop3): Ending clean mount
[  200.665401][ T6129] XFS (loop3): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  200.877218][ T9466] loop0: detected capacity change from 0 to 32768
[  200.884420][ T9466] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1405 (9466)
[  200.906759][ T9466] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  200.920672][ T9466] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  200.982518][ T9466] BTRFS info (device loop0): rebuilding free space tree
[  201.018266][ T9466] BTRFS info (device loop0): checking UUID tree
[  201.024964][ T9466] BTRFS info (device loop0): enabling ssd optimizations
[  201.030729][ T9466] BTRFS info (device loop0): turning on async discard
[  201.033847][ T9466] BTRFS info (device loop0): enabling free space tree
[  201.037019][ T9466] BTRFS info (device loop0): force clearing of disk cache
[  201.039726][ T9466] BTRFS info (device loop0): force zstd compression, level 3
[  201.158487][ T5843] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  201.352460][ T9505] loop0: detected capacity change from 0 to 1024
[  201.411366][   T29] hfsplus: b-tree write err: -5, ino 4
[  201.462524][    T9] kernel read not supported for file /dsp (pid: 9 comm: kworker/0:0)
[  201.529402][ T9509] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  201.532439][ T9509] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  202.840004][ T9536] loop0: detected capacity change from 0 to 2048
[  202.854915][ T9536] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  202.903061][ T9536] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  203.397864][ T9539] loop3: detected capacity change from 0 to 32768
[  203.411095][ T9539] ERROR: (device loop3): dbAlloc: the hint is outside the map
[  203.411095][ T9539] 
[  203.417176][ T9539] ERROR: (device loop3): remounting filesystem as read-only
[  203.507063][ T9543] overlayfs: failed to clone upperpath
[  203.645550][ T9545] netlink: 'syz.1.1421': attribute type 8 has an invalid length.
[  204.214005][ T9549] loop0: detected capacity change from 0 to 40427
[  204.218946][ T9549] F2FS-fs: heap/no_heap options were deprecated
[  204.221869][ T9549] F2FS-fs (loop0): Invalid segment/section count (24 != 24 * 3)
[  204.224808][ T9549] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  204.236759][ T9549] F2FS-fs (loop0): invalid crc value
[  204.242973][ T9561] netlink: 300 bytes leftover after parsing attributes in process `syz.1.1429'.
[  204.369641][ T9549] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  204.415177][ T9549] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  204.419367][ T9549] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  205.453955][ T5859] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  205.472173][ T5859] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.544293][ T5859] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  205.548682][ T5859] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.705634][ T5859] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  205.716738][ T5859] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.751596][ T9585] netlink: 212892 bytes leftover after parsing attributes in process `syz.0.1441'.
[  205.874472][ T5859] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  205.886506][ T5859] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.973483][ T5852] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  205.979363][ T5852] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  205.984349][ T5852] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  205.989638][ T5852] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  205.995267][ T5852] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  206.095389][ T9603] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1449'.
[  206.132284][ T9603] ..0: renamed from hsr0 (while UP)
[  206.140265][ T9603] ..0: entered allmulticast mode
[  206.142343][ T9603] hsr_slave_0: entered allmulticast mode
[  206.144481][ T9603] hsr_slave_1: entered allmulticast mode
[  206.148730][ T9603] A link change request failed with some changes committed already. Interface ..0 may have been left with an inconsistent configuration, please check.
[  206.719357][ T5859] bond0 (unregistering): Released all slaves
[  206.740777][ T9598] hsr0 speed is unknown, defaulting to 1000
[  206.749259][ T9616] pim6reg: entered allmulticast mode
[  206.752517][ T9620] pim6reg: left allmulticast mode
[  206.798590][ T9598] lo speed is unknown, defaulting to 1000
[  207.190022][ T9632] loop0: detected capacity change from 0 to 4096
[  207.215844][ T9632] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  207.223870][ T5859] hsr_slave_0: left promiscuous mode
[  207.228744][ T5859] hsr_slave_1: left promiscuous mode
[  207.235289][ T9632] ntfs3(loop0): ino=19, mi_enum_attr
[  207.252399][ T5859] veth1_macvtap: left promiscuous mode
[  207.254031][ T5859] veth0_macvtap: left promiscuous mode
[  207.257582][ T5859] veth1_vlan: left promiscuous mode
[  207.259305][ T5859] veth0_vlan: left promiscuous mode
[  207.259635][ T9637] loop3: detected capacity change from 0 to 128
[  207.292905][ T9637] FAT-fs (loop3): bogus number of reserved sectors
[  207.295244][ T9637] FAT-fs (loop3): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  207.307499][ T9637] FAT-fs (loop3): Can't find a valid FAT filesystem
[  208.096004][ T5856] Bluetooth: hci2: command tx timeout
[  208.302049][   T24] hsr0 speed is unknown, defaulting to 1000
[  208.306339][   T24] infiniband syz1: ib_query_port failed (-19)
[  208.692781][ T9598] chnl_net:caif_netlink_parms(): no params data found
[  208.949229][ T9598] bridge0: port 1(bridge_slave_0) entered blocking state
[  208.951654][ T9598] bridge0: port 1(bridge_slave_0) entered disabled state
[  208.956390][ T9598] bridge_slave_0: entered allmulticast mode
[  208.964538][ T9598] bridge_slave_0: entered promiscuous mode
[  208.984815][ T9598] bridge0: port 2(bridge_slave_1) entered blocking state
[  209.003470][ T9598] bridge0: port 2(bridge_slave_1) entered disabled state
[  209.011647][ T9598] bridge_slave_1: entered allmulticast mode
[  209.037203][ T9598] bridge_slave_1: entered promiscuous mode
[  209.120201][ T9598] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  209.136433][ T9598] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  209.263410][ T5859] IPVS: stop unused estimator thread 0...
[  209.268219][ T9598] team0: Port device team_slave_0 added
[  209.271886][ T9598] team0: Port device team_slave_1 added
[  209.435767][ T9598] batman_adv: batadv0: Adding interface: batadv_slave_0
[  209.436053][ T9683] loop0: detected capacity change from 0 to 128
[  209.438447][ T9598] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  209.463842][ T9683] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  209.476494][ T9683] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  209.497308][ T9598] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  209.515737][ T9598] batman_adv: batadv0: Adding interface: batadv_slave_1
[  209.518615][ T9598] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  209.539518][ T9598] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  209.645010][ T9598] hsr_slave_0: entered promiscuous mode
[  209.648670][ T9598] hsr_slave_1: entered promiscuous mode
[  210.149871][ T9598] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  210.169738][ T9598] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  210.177093][ T5852] Bluetooth: hci2: command tx timeout
[  210.181630][ T9598] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  210.189769][ T9598] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  210.230525][   T33] kauditd_printk_skb: 45 callbacks suppressed
[  210.230539][   T33] audit: type=1326 audit(1759226431.567:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9706 comm="syz.0.1482" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f228698ec29 code=0x7fc00000
[  210.257418][   T33] audit: type=1326 audit(1759226431.587:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9706 comm="syz.0.1482" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f228698ec29 code=0x7fc00000
[  210.275999][   T33] audit: type=1326 audit(1759226431.587:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9706 comm="syz.0.1482" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f228698ec29 code=0x7fc00000
[  210.286478][    T9] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  210.306726][   T33] audit: type=1326 audit(1759226431.587:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9706 comm="syz.0.1482" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f228698ec29 code=0x7fc00000
[  210.319078][   T33] audit: type=1326 audit(1759226431.587:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9706 comm="syz.0.1482" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f228698ec29 code=0x7fc00000
[  210.330289][ T9598] 8021q: adding VLAN 0 to HW filter on device bond0
[  210.350360][   T33] audit: type=1326 audit(1759226431.587:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9706 comm="syz.0.1482" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f228698ec29 code=0x7fc00000
[  210.354848][ T9598] 8021q: adding VLAN 0 to HW filter on device team0
[  210.359945][   T33] audit: type=1326 audit(1759226431.587:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9706 comm="syz.0.1482" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f228698ec29 code=0x7fc00000
[  210.369568][   T33] audit: type=1326 audit(1759226431.587:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9706 comm="syz.0.1482" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f228698ec29 code=0x7fc00000
[  210.380026][   T33] audit: type=1326 audit(1759226431.587:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9706 comm="syz.0.1482" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f228698ec29 code=0x7fc00000
[  210.388364][   T29] bridge0: port 1(bridge_slave_0) entered blocking state
[  210.391365][   T29] bridge0: port 1(bridge_slave_0) entered forwarding state
[  210.393451][   T33] audit: type=1326 audit(1759226431.587:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9706 comm="syz.0.1482" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f228698ec29 code=0x7fc00000
[  210.429479][   T29] bridge0: port 2(bridge_slave_1) entered blocking state
[  210.432005][   T29] bridge0: port 2(bridge_slave_1) entered forwarding state
[  210.480677][    T9] usb 4-1: New USB device found, idVendor=07d0, idProduct=4101, bcdDevice=3f.fc
[  210.484268][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  210.490598][    T9] usb 4-1: Product: syz
[  210.492298][    T9] usb 4-1: Manufacturer: syz
[  210.494162][    T9] usb 4-1: SerialNumber: syz
[  210.509096][    T9] usb 4-1: config 0 descriptor??
[  210.518022][    T9] cypress_m8 4-1:0.0: Nokia CA-42 V2 Adapter converter detected
[  210.525237][    T9] nokiaca42v2 ttyUSB0: required endpoint is missing
[  210.569744][ T9728] lo speed is unknown, defaulting to 1000
[  210.653251][ T9598] 8021q: adding VLAN 0 to HW filter on device batadv0
[  210.736247][    T9] usb 4-1: USB disconnect, device number 19
[  210.746227][    T9] cypress_m8 4-1:0.0: device disconnected
[  210.929156][ T9598] veth0_vlan: entered promiscuous mode
[  210.941029][ T9598] veth1_vlan: entered promiscuous mode
[  210.973178][ T9598] veth0_macvtap: entered promiscuous mode
[  210.978325][ T9598] veth1_macvtap: entered promiscuous mode
[  210.996788][ T9598] batman_adv: batadv0: Interface activated: batadv_slave_0
[  211.007320][ T9598] batman_adv: batadv0: Interface activated: batadv_slave_1
[  211.017602][ T5859] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  211.021549][ T5859] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  211.033234][ T5859] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  211.037877][ T5859] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  211.112375][   T29] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  211.115639][   T29] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  211.143002][ T5920] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  211.147444][ T5920] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  211.456111][ T5852] Bluetooth: hci1: command 0x0406 tx timeout
[  211.806313][   T24] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  211.911009][ T9775] ucma_write: process 1099 (syz.0.1500) changed security contexts after opening file descriptor, this is not allowed.
[  211.967773][   T24] usb 4-1: Using ep0 maxpacket: 16
[  211.971960][   T24] usb 4-1: config 8 has an invalid interface number: 206 but max is 0
[  211.985605][   T24] usb 4-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[  211.989453][   T24] usb 4-1: config 8 has no interface number 0
[  211.991909][   T24] usb 4-1: config 8 interface 206 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[  211.999039][   T24] usb 4-1: config 8 interface 206 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  212.004158][   T24] usb 4-1: config 8 interface 206 has no altsetting 0
[  212.010905][   T24] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=35.bb
[  212.014450][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  212.019643][   T24] usb 4-1: Product: syz
[  212.021351][   T24] usb 4-1: Manufacturer: syz
[  212.023226][   T24] usb 4-1: SerialNumber: syz
[  212.179884][ T9777] loop0: detected capacity change from 0 to 32768
[  212.187053][ T9777] ERROR: (device loop0): xtSearch: xt_getpage: xtree page corrupt
[  212.187053][ T9777] 
[  212.191694][ T9777] xtLookup: xtSearch returned -5
[  212.194659][ T9777] read_mapping_page failed!
[  212.197767][ T9777] jfs_mount: diMount failed w/rc = -5
[  212.200373][ T9777] Mount JFS Failure: -5
[  212.202354][ T9777] jfs_mount failed w/return code = -5
[  212.255701][ T5856] Bluetooth: hci2: command tx timeout
[  212.268131][   T24] garmin_gps 4-1:8.206: Garmin GPS usb/tty converter detected
[  212.271992][   T24] garmin_gps ttyUSB0: failed to submit interrupt urb: -22
[  212.285769][   T24] garmin_gps ttyUSB0: probe with driver garmin_gps failed with error -22
[  212.295019][   T24] usb 4-1: USB disconnect, device number 20
[  212.317563][   T24] garmin_gps 4-1:8.206: device disconnected
[  212.371928][ T9782] loop4: detected capacity change from 0 to 4096
[  212.382979][ T9782] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512).
[  212.410938][ T9782] ntfs3(loop4): $AttrDef is corrupted.
[  212.685436][ T9793] loop4: detected capacity change from 0 to 4096
[  212.700064][ T9793] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  212.734796][ T9793] ntfs3(loop4): ino=19, mi_enum_attr
[  212.739114][ T9793] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  212.784134][ T9799] loop0: detected capacity change from 0 to 256
[  212.796766][ T9799] exfat: Deprecated parameter 'namecase'
[  212.799216][ T9799] exfat: Deprecated parameter 'namecase'
[  212.801585][ T9799] exfat: Deprecated parameter 'namecase'
[  212.812786][ T9799] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  212.822351][ T9799] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d)
[  212.952787][ T9805] loop0: detected capacity change from 0 to 512
[  212.959626][ T9805] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  212.985834][ T9805] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #17: comm syz.0.1514: iget: bad i_size value: -6917529027641081756
[  213.005416][ T9805] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.1514: couldn't read orphan inode 17 (err -117)
[  213.022111][ T9805] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  213.080815][ T5843] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.636643][ T9818] loop3: detected capacity change from 0 to 32768
[  213.673953][ T9818] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  213.686532][ T9818] (syz.3.1519,9818,1):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 72
[  213.697544][ T9818] ocfs2: Unmounting device (7,3) on (node local)
[  214.191060][ T9828] loop3: detected capacity change from 0 to 32768
[  214.203493][ T9828] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1523 (9828)
[  214.231417][ T9828] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  214.241483][ T9828] BTRFS info (device loop3): using crc32c (crc32c-lib) checksum algorithm
[  214.299396][ T9828] BTRFS info (device loop3): setting nodatasum
[  214.301920][ T9828] BTRFS info (device loop3): setting nodatacow
[  214.311787][ T9828] BTRFS info (device loop3): enabling free space tree
[  214.318801][ T9828] BTRFS info (device loop3): max_inline set to 0
[  214.325403][ T5856] Bluetooth: hci2: command tx timeout
[  214.562021][ T9846] loop0: detected capacity change from 0 to 1024
[  214.672815][ T9814] loop4: detected capacity change from 0 to 262144
[  214.677308][ T9814] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1517 (9814)
[  214.688789][ T9828] BTRFS info (device loop3 state M): max_inline set to 0
[  214.712118][ T9814] BTRFS info (device loop4): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  214.716107][ T9814] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm
[  214.756812][ T6129] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  214.876053][ T9814] BTRFS info (device loop4): enabling ssd optimizations
[  214.878703][ T9814] BTRFS info (device loop4): enabling free space tree
[  215.100318][ T9598] BTRFS info (device loop4): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  215.537187][ T9880] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1533'.
[  215.779273][ T9869] loop3: detected capacity change from 0 to 131072
[  215.784781][ T9869] F2FS-fs (loop3): invalid crc value
[  215.818817][ T9869] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  215.825119][ T9869] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  215.968982][ T9885] loop0: detected capacity change from 0 to 32768
[  216.314911][ T9893] binder: 9892:9893 ioctl c0306201 200000000240 returned -14
[  216.553077][ T9907] loop0: detected capacity change from 0 to 4096
[  216.591886][ T9907] ntfs3(loop0): ino=1a, mi_enum_attr
[  216.593632][ T9907] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  216.755983][ T5883] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  216.846688][ T9925] netlink: 'syz.0.1551': attribute type 1 has an invalid length.
[  216.886115][ T9925] 8021q: adding VLAN 0 to HW filter on device bond1
[  216.911437][ T9925] bond1: (slave gretap2): making interface the new active one
[  216.917802][ T5883] usb 5-1: Using ep0 maxpacket: 32
[  216.926031][ T9925] bond1: (slave gretap2): Enslaving as an active interface with an up link
[  216.926550][ T5883] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  216.933944][ T5883] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  216.944205][ T5883] usb 5-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  216.954053][ T5883] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  216.969853][ T5883] usb 5-1: config 0 descriptor??
[  217.160865][ T9939] loop0: detected capacity change from 0 to 128
[  217.166073][ T9939] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  217.173952][ T9939] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  217.272775][ T9943] loop0: detected capacity change from 0 to 1024
[  217.332381][ T9943] RDS: rds_bind could not find a transport for ::ffff:0.0.0.224, load rds_tcp or rds_rdma?
[  217.401665][ T5883] ft260 0003:0403:6030.0008: unknown main item tag 0x7
[  217.599320][ T5883] ft260 0003:0403:6030.0008: chip code: 6424 8183
[  217.800432][ T5883] ft260 0003:0403:6030.0008: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.4-1/input0
[  217.837627][ T9968] loop0: detected capacity change from 0 to 2048
[  217.857094][ T9968] NILFS (loop0): invalid segment: Inconsistency found
[  217.863662][ T9968] NILFS (loop0): trying rollback from an earlier position
[  217.873232][ T9968] NILFS (loop0): recovery complete
[  217.877868][ T9969] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  218.001381][ T5883] ft260 0003:0403:6030.0008: failed to retrieve status: -32, no wakeup
[  218.010578][ T5883] ft260 0003:0403:6030.0008: failed to retrieve status: -32
[  218.984545][   T33] kauditd_printk_skb: 9 callbacks suppressed
[  218.984560][   T33] audit: type=1326 audit(1759226440.268:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9982 comm="syz.0.1575" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f228698ec29 code=0x7ffc0000
[  219.022363][   T33] audit: type=1326 audit(1759226440.268:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9982 comm="syz.0.1575" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f228698ec29 code=0x7ffc0000
[  219.041414][   T33] audit: type=1326 audit(1759226440.268:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9982 comm="syz.0.1575" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f228698ec29 code=0x7ffc0000
[  219.058634][   T33] audit: type=1326 audit(1759226440.268:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9982 comm="syz.0.1575" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f228698ec29 code=0x7ffc0000
[  219.100798][   T33] audit: type=1326 audit(1759226440.268:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9982 comm="syz.0.1575" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f228698ec29 code=0x7ffc0000
[  219.159488][   T33] audit: type=1326 audit(1759226440.268:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9982 comm="syz.0.1575" exe="/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7f228698ec29 code=0x7ffc0000
[  219.192031][   T33] audit: type=1326 audit(1759226440.268:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9982 comm="syz.0.1575" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f228698ec29 code=0x7ffc0000
[  219.212220][   T33] audit: type=1326 audit(1759226440.268:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9982 comm="syz.0.1575" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f228698ec29 code=0x7ffc0000
[  220.195508][T10012] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1586'.
[  220.271547][ T9999] loop3: detected capacity change from 0 to 32768
[  220.436883][    T9] usb 5-1: USB disconnect, device number 2
[  220.977938][T10026] netlink: 'syz.3.1588': attribute type 9 has an invalid length.
[  220.982261][T10026] netlink: 'syz.3.1588': attribute type 7 has an invalid length.
[  220.985541][T10026] netlink: 'syz.3.1588': attribute type 8 has an invalid length.
[  221.543440][T10036] delete_channel: no stack
[  221.547664][T10035] delete_channel: no stack
[  222.148726][T10039] loop4: detected capacity change from 0 to 32768
[  222.172205][T10039] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1593 (10039)
[  222.197864][T10039] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  222.206821][T10039] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  222.296873][T10039] BTRFS info (device loop4): enabling ssd optimizations
[  222.304084][T10039] BTRFS info (device loop4): enabling free space tree
[  222.361888][ T9598] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  222.811411][T10073] loop0: detected capacity change from 0 to 40427
[  222.817049][T10088] netlink: 'syz.3.1607': attribute type 10 has an invalid length.
[  222.825675][T10088] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1607'.
[  222.829110][T10088] team0: entered promiscuous mode
[  222.831111][T10088] team_slave_0: entered promiscuous mode
[  222.833377][T10088] team_slave_1: entered promiscuous mode
[  222.837335][T10088] bridge0: port 3(team0) entered blocking state
[  222.839311][T10073] F2FS-fs (loop0): invalid crc value
[  222.839825][T10088] bridge0: port 3(team0) entered disabled state
[  222.846684][T10088] team0: entered allmulticast mode
[  222.848870][T10088] team_slave_0: entered allmulticast mode
[  222.851109][T10088] team_slave_1: entered allmulticast mode
[  222.856321][T10088] bridge0: port 3(team0) entered blocking state
[  222.858284][T10088] bridge0: port 3(team0) entered forwarding state
[  222.894601][  T794] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  222.929118][T10091] loop3: detected capacity change from 0 to 1024
[  222.958590][T10073] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  222.962771][T10073] F2FS-fs (loop0): Start checkpoint disabled!
[  222.967078][T10073] F2FS-fs (loop0): f2fs_disable_checkpoint() finish, err:0
[  222.970830][T10073] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  223.016472][   T27] kworker/u10:0: attempt to access beyond end of device
[  223.016472][   T27] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  223.022066][   T27] CPU: 1 UID: 0 PID: 27 Comm: kworker/u10:0 Not tainted syzkaller #0 PREEMPT(full) 
[  223.022084][   T27] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  223.022094][   T27] Workqueue: writeback wb_workfn (flush-7:0)
[  223.022121][   T27] Call Trace:
[  223.022126][   T27]  <TASK>
[  223.022134][   T27]  dump_stack_lvl+0x189/0x250
[  223.022154][   T27]  ? __pfx_dump_stack_lvl+0x10/0x10
[  223.022170][   T27]  ? __pfx_queue_work_on+0x10/0x10
[  223.022181][   T27]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  223.022195][   T27]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  223.022216][   T27]  f2fs_handle_critical_error+0x37c/0x540
[  223.022235][   T27]  f2fs_write_end_io+0x886/0xb60
[  223.022261][   T27]  __submit_merged_bio+0x27a/0x6a0
[  223.022277][   T27]  __submit_merged_write_cond+0x255/0x530
[  223.022303][   T27]  f2fs_write_data_pages+0x261d/0x3000
[  223.022343][   T27]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  223.022368][   T27]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  223.022410][   T27]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  223.022434][   T27]  ? trace_f2fs_writepages+0x7f/0x200
[  223.022448][   T27]  ? f2fs_write_node_pages+0x478/0x6e0
[  223.022469][   T27]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  223.022491][   T27]  ? __lock_acquire+0xab9/0xd20
[  223.022513][   T27]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  223.022529][   T27]  do_writepages+0x32e/0x550
[  223.022546][   T27]  ? reacquire_held_locks+0x127/0x1d0
[  223.022556][   T27]  ? writeback_sb_inodes+0x384/0x1010
[  223.022588][   T27]  __writeback_single_inode+0x145/0xff0
[  223.022601][   T27]  ? do_raw_spin_unlock+0x4d/0x240
[  223.022618][   T27]  writeback_sb_inodes+0x6c7/0x1010
[  223.022655][   T27]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  223.022705][   T27]  ? rcu_is_watching+0x15/0xb0
[  223.022756][   T27]  wb_writeback+0x43b/0xaf0
[  223.022777][   T27]  ? queue_io+0x301/0x590
[  223.022792][   T27]  ? __pfx_wb_writeback+0x10/0x10
[  223.022812][   T27]  ? _raw_spin_unlock_irq+0x23/0x50
[  223.022829][   T27]  wb_workfn+0x409/0xef0
[  223.022862][   T27]  ? __pfx_wb_workfn+0x10/0x10
[  223.022884][   T27]  ? __lock_acquire+0xab9/0xd20
[  223.022909][   T27]  ? process_scheduled_works+0x9ef/0x17b0
[  223.022933][   T27]  ? _raw_spin_unlock_irq+0x23/0x50
[  223.022945][   T27]  ? process_scheduled_works+0x9ef/0x17b0
[  223.022960][   T27]  ? process_scheduled_works+0x9ef/0x17b0
[  223.022978][   T27]  process_scheduled_works+0xae1/0x17b0
[  223.023023][   T27]  ? __pfx_process_scheduled_works+0x10/0x10
[  223.023059][   T27]  worker_thread+0x8a0/0xda0
[  223.023104][   T27]  kthread+0x711/0x8a0
[  223.023123][   T27]  ? __pfx_worker_thread+0x10/0x10
[  223.023141][   T27]  ? __pfx_kthread+0x10/0x10
[  223.023157][   T27]  ? _raw_spin_unlock_irq+0x23/0x50
[  223.023171][   T27]  ? lockdep_hardirqs_on+0x9c/0x150
[  223.023185][   T27]  ? __pfx_kthread+0x10/0x10
[  223.023201][   T27]  ret_from_fork+0x4bc/0x870
[  223.023222][   T27]  ? __pfx_ret_from_fork+0x10/0x10
[  223.023249][   T27]  ? __switch_to_asm+0x39/0x70
[  223.023263][   T27]  ? __switch_to_asm+0x33/0x70
[  223.023277][   T27]  ? __pfx_kthread+0x10/0x10
[  223.023293][   T27]  ret_from_fork_asm+0x1a/0x30
[  223.023326][   T27]  </TASK>
[  223.023332][   T27] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  223.130779][T10098] loop3: detected capacity change from 0 to 256
[  223.159395][  T794] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  223.164801][  T794] usb 5-1: New USB device found, idVendor=0079, idProduct=1846, bcdDevice= 0.00
[  223.168327][  T794] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  223.170014][T10098] exfat: Deprecated parameter 'namecase'
[  223.175452][T10098] exfat: Deprecated parameter 'utf8'
[  223.190835][  T794] usb 5-1: config 0 descriptor??
[  223.201180][T10098] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  223.630804][  T794] hid_mf 0003:0079:1846.0009: hidraw0: USB HID v0.00 Device [HID 0079:1846] on usb-dummy_hcd.4-1/input0
[  223.647789][  T794] hid_mf 0003:0079:1846.0009: Force feedback for HJZ Mayflash game controller adapters by Marcel Hasler <mahasler@gmail.com>
[  223.820288][  T794] usb 5-1: USB disconnect, device number 3
[  223.852761][T10105] loop3: detected capacity change from 0 to 32768
[  224.032211][T10105] ERROR: (device loop3): dbAlloc: the hint is outside the map
[  224.032211][T10105] 
[  224.045288][T10105] ERROR: (device loop3): remounting filesystem as read-only
[  224.048311][T10105] ialloc: diAlloc returned -5!
[  224.057388][T10109] loop0: detected capacity change from 0 to 32768
[  224.086440][T10109] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  224.157417][ T5843] ocfs2: Unmounting device (7,0) on (node local)
[  224.385075][T10122] loop0: detected capacity change from 0 to 2048
[  224.398092][T10122] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  224.409393][T10122] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  224.436381][T10124] netlink: 'syz.4.1618': attribute type 3 has an invalid length.
[  226.729075][T10181] loop0: detected capacity change from 0 to 4096
[  226.742773][T10181] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  226.747513][T10183] loop4: detected capacity change from 0 to 512
[  226.750899][T10183] EXT4-fs: inline encryption not supported
[  226.753292][T10183] EXT4-fs: Ignoring removed mblk_io_submit option
[  226.758164][T10183] EXT4-fs (loop4): Test dummy encryption mode enabled
[  226.762716][T10183] EXT4-fs (loop4): orphan cleanup on readonly fs
[  226.768421][T10183] EXT4-fs error (device loop4): ext4_orphan_get:1392: comm syz.4.1641: inode #13: comm syz.4.1641: iget: illegal inode #
[  226.775862][T10183] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1641: couldn't read orphan inode 13 (err -117)
[  226.785336][T10183] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  226.793640][T10183] EXT4-fs: inline encryption not supported
[  226.796753][T10183] EXT4-fs: Ignoring removed mblk_io_submit option
[  226.800177][T10183] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  226.800310][T10181] ntfs3(loop0): ino=19, mi_enum_attr
[  226.806959][T10183] EXT4-fs error (device loop4): __ext4_remount:6748: comm syz.4.1641: Abort forced by user
[  226.807290][T10183] EXT4-fs (loop4): Remounting filesystem read-only
[  226.811746][T10181] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  226.813484][T10183] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  226.841902][ T9598] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.967270][T10189] netlink: 'syz.3.1644': attribute type 8 has an invalid length.
[  227.022500][T10195] loop3: detected capacity change from 0 to 512
[  227.028814][T10195] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  227.037472][T10195] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.1646: bad orphan inode 131083
[  227.051781][T10195] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  227.067284][T10195] overlayfs: upper fs needs to support d_type.
[  227.090443][T10195] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 13: comm syz.3.1646: path /: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  227.159300][ T6129] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 13: comm syz-executor: path /512/bus: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  227.519502][T10210] loop4: detected capacity change from 0 to 128
[  227.522923][T10210] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  227.550492][T10210] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  227.596437][   T36] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  227.961202][T10201] loop0: detected capacity change from 0 to 131072
[  227.976715][ T5856] Bluetooth: hci2: connection err: -111
[  228.003162][T10201] F2FS-fs (loop0): Wrong CP boundary, start(512) end(1536) blocks(0)
[  228.006507][T10201] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  228.054836][T10201] F2FS-fs (loop0): invalid crc value
[  228.328438][T10201] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  228.359671][T10201] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  228.361825][T10201] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  228.429763][ T7707] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.593753][ T5859] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.666407][T10223] loop4: detected capacity change from 0 to 256
[  228.685671][T10223] exFAT-fs (loop4): bogus number of FAT structure
[  228.688420][T10223] exFAT-fs (loop4): failed to read boot sector
[  228.694906][T10223] exFAT-fs (loop4): failed to recognize exfat type
[  228.750560][ T5859] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.854109][ T5859] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.997516][ T5859] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.031639][ T5852] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  229.038245][ T5852] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  229.041930][ T5852] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  229.050041][ T5852] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  229.053314][ T5852] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  229.092409][T10230] lo speed is unknown, defaulting to 1000
[  229.238806][T10235] loop0: detected capacity change from 0 to 2048
[  229.271071][T10235] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 1344: 0x15 != 0x00
[  229.279828][T10235] UDF-fs: warning (device loop0): udf_fill_super: No fileset found
[  229.337048][ T5859] team0: left allmulticast mode
[  229.339060][ T5859] team_slave_0: left allmulticast mode
[  229.341247][ T5859] team_slave_1: left allmulticast mode
[  229.343669][ T5859] bridge0: port 3(team0) entered disabled state
[  229.397520][ T5859] bridge_slave_1: left allmulticast mode
[  229.399822][ T5859] bridge_slave_1: left promiscuous mode
[  229.402235][ T5859] bridge0: port 2(bridge_slave_1) entered disabled state
[  229.408282][ T5859] bridge_slave_0: left allmulticast mode
[  229.410756][ T5859] bridge_slave_0: left promiscuous mode
[  229.413269][T10242] netlink: 'syz.0.1667': attribute type 1 has an invalid length.
[  229.417115][ T5859] bridge0: port 1(bridge_slave_0) entered disabled state
[  229.958879][ T5859] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  229.965018][ T5859] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  229.969935][ T5859] bond0 (unregistering): Released all slaves
[  230.008469][T10242] 8021q: adding VLAN 0 to HW filter on device bond2
[  230.067137][T10243] bond2: (slave veth3): Enslaving as an active interface with a down link
[  230.115890][T10244] bond2: (slave syz_tun): making interface the new active one
[  230.122799][T10244] syz_tun: entered promiscuous mode
[  230.129388][T10244] bond2: (slave syz_tun): Enslaving as an active interface with an up link
[  230.348805][T10230] chnl_net:caif_netlink_parms(): no params data found
[  230.519969][T10259] Bluetooth: hci0: invalid length 3, exp 2 for type 23
[  230.780440][ T5859] hsr_slave_0: left promiscuous mode
[  230.791165][ T5859] hsr_slave_1: left promiscuous mode
[  230.795245][ T5859] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  230.798134][ T5859] batman_adv: batadv0: Removing interface: batadv_slave_0
[  230.815089][ T5859] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  230.817984][ T5859] batman_adv: batadv0: Removing interface: batadv_slave_1
[  230.863037][ T5859] veth1_macvtap: left promiscuous mode
[  230.872783][ T5859] veth0_macvtap: left promiscuous mode
[  230.877181][ T5859] veth1_vlan: left promiscuous mode
[  230.879959][ T5859] veth0_vlan: left promiscuous mode
[  230.979138][T10273] block device autoloading is deprecated and will be removed.
[  231.124663][ T5856] Bluetooth: hci1: command tx timeout
[  231.616550][ T5859] team_slave_1 (unregistering): left promiscuous mode
[  231.621563][ T5859] team0 (unregistering): Port device team_slave_1 removed
[  231.657274][ T5859] team_slave_0 (unregistering): left promiscuous mode
[  231.661120][ T5859] team0 (unregistering): Port device team_slave_0 removed
[  232.157796][T10230] bridge0: port 1(bridge_slave_0) entered blocking state
[  232.162321][T10230] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.171067][T10230] bridge_slave_0: entered allmulticast mode
[  232.174502][T10230] bridge_slave_0: entered promiscuous mode
[  232.181585][    T9] lo speed is unknown, defaulting to 1000
[  232.183818][    T9] infiniband syz0: ib_query_port failed (-19)
[  232.185840][T10280] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  232.208538][T10283] pim6reg: entered allmulticast mode
[  232.225369][T10230] bridge0: port 2(bridge_slave_1) entered blocking state
[  232.228048][T10230] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.230759][T10230] bridge_slave_1: entered allmulticast mode
[  232.234406][T10230] bridge_slave_1: entered promiscuous mode
[  232.299467][T10281] pim6reg: left allmulticast mode
[  232.362826][T10230] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  232.384324][T10230] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  232.408905][T10230] team0: Port device team_slave_0 added
[  232.424246][T10230] team0: Port device team_slave_1 added
[  232.497791][T10230] batman_adv: batadv0: Adding interface: batadv_slave_0
[  232.508575][T10230] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  232.539532][T10230] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  232.553886][T10230] batman_adv: batadv0: Adding interface: batadv_slave_1
[  232.557742][T10230] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  232.567537][T10230] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  232.648742][T10230] hsr_slave_0: entered promiscuous mode
[  232.651331][T10230] hsr_slave_1: entered promiscuous mode
[  232.653941][T10230] debugfs: 'hsr0' already exists in 'hsr'
[  232.664977][T10230] Cannot create hsr debugfs directory
[  232.715001][ T5910] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  232.738719][ T5859] IPVS: stop unused estimator thread 0...
[  232.833085][ T5859] ------------[ cut here ]------------
[  232.835179][ T5859] WARNING: net/xfrm/xfrm_state.c:3306 at xfrm_state_fini+0x26d/0x2f0, CPU#0: kworker/u8:2/5859
[  232.839114][ T5859] Modules linked in:
[  232.840760][ T5859] CPU: 0 UID: 0 PID: 5859 Comm: kworker/u8:2 Not tainted syzkaller #0 PREEMPT(full) 
[  232.845308][ T5859] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  232.848759][ T5859] Workqueue: netns cleanup_net
[  232.850631][ T5859] RIP: 0010:xfrm_state_fini+0x26d/0x2f0
[  232.852796][ T5859] Code: c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 4b cd f6 f7 48 8b 3b 5b 41 5c 41 5d 41 5e 41 5f 5d e9 39 be d6 f7 e8 94 2b 91 f7 90 <0f> 0b 90 e9 fd fd ff ff e8 86 2b 91 f7 90 0f 0b 90 e9 60 fe ff ff
[  232.860402][ T5859] RSP: 0018:ffffc90003de7878 EFLAGS: 00010293
[  232.862300][ T5859] RAX: ffffffff8a2f2f8c RBX: ffff888023e1a3c0 RCX: ffff888024039d00
[  232.865155][ T5859] RDX: 0000000000000000 RSI: ffffffff8dd8dcaa RDI: ffff888024039d00
[  232.867741][ T5859] RBP: ffffc90003de7990 R08: ffffffff8fc35777 R09: 1ffffffff1f86aee
[  232.870593][ T5859] R10: dffffc0000000000 R11: fffffbfff1f86aef R12: ffffffff8f838600
[  232.872910][ T5859] R13: 1ffff920007bcf3c R14: ffff888023e1b880 R15: dffffc0000000000
[  232.875547][ T5859] FS:  0000000000000000(0000) GS:ffff8880b83fc000(0000) knlGS:0000000000000000
[  232.878356][ T5859] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  232.880966][ T5859] CR2: 00007f228770d680 CR3: 0000000120036000 CR4: 00000000000006f0
[  232.884462][ T5859] Call Trace:
[  232.886033][ T5859]  <TASK>
[  232.887239][ T5859]  xfrm_net_exit+0x2d/0x70
[  232.888995][ T5859]  ops_undo_list+0x49a/0x990
[  232.890850][ T5859]  ? __pfx_ops_undo_list+0x10/0x10
[  232.893016][ T5859]  ? do_raw_spin_unlock+0x4d/0x240
[  232.894922][ T5859]  cleanup_net+0x4d8/0x820
[  232.896321][ T5859]  ? __pfx_cleanup_net+0x10/0x10
[  232.897880][ T5859]  ? _raw_spin_unlock_irq+0x23/0x50
[  232.899506][ T5859]  ? process_scheduled_works+0x9ef/0x17b0
[  232.901721][ T5859]  ? process_scheduled_works+0x9ef/0x17b0
[  232.903738][ T5859]  process_scheduled_works+0xae1/0x17b0
[  232.905671][ T5859]  ? __pfx_process_scheduled_works+0x10/0x10
[  232.908024][ T5859]  worker_thread+0x8a0/0xda0
[  232.909661][ T5859]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  232.911754][ T5859]  ? __kthread_parkme+0x7b/0x200
[  232.913629][ T5859]  kthread+0x711/0x8a0
[  232.915040][ T5859]  ? __pfx_worker_thread+0x10/0x10
[  232.916734][ T5859]  ? __pfx_kthread+0x10/0x10
[  232.918197][ T5859]  ? _raw_spin_unlock_irq+0x23/0x50
[  232.919826][ T5859]  ? lockdep_hardirqs_on+0x9c/0x150
[  232.921435][ T5859]  ? __pfx_kthread+0x10/0x10
[  232.922884][ T5859]  ret_from_fork+0x4bc/0x870
[  232.924328][ T5859]  ? __pfx_ret_from_fork+0x10/0x10
[  232.926056][ T5859]  ? __switch_to_asm+0x39/0x70
[  232.927560][ T5859]  ? __switch_to_asm+0x33/0x70
[  232.929099][ T5859]  ? __pfx_kthread+0x10/0x10
[  232.930957][ T5859]  ret_from_fork_asm+0x1a/0x30
[  232.932641][ T5859]  </TASK>
[  232.933619][ T5859] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  232.935907][ T5859] CPU: 0 UID: 0 PID: 5859 Comm: kworker/u8:2 Not tainted syzkaller #0 PREEMPT(full) 
[  232.939021][ T5859] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  232.942958][ T5859] Workqueue: netns cleanup_net
[  232.944854][ T5859] Call Trace:
[  232.946175][ T5859]  <TASK>
[  232.947352][ T5859]  dump_stack_lvl+0x99/0x250
[  232.949173][ T5859]  ? __asan_memcpy+0x40/0x70
[  232.951017][ T5859]  ? __pfx_dump_stack_lvl+0x10/0x10
[  232.953055][ T5859]  ? __pfx__printk+0x10/0x10
[  232.954934][ T5859]  vpanic+0x237/0x6d0
[  232.956511][ T5859]  ? __pfx_vpanic+0x10/0x10
[  232.958317][ T5859]  ? is_bpf_text_address+0x26/0x2b0
[  232.960039][ T5859]  panic+0xb9/0xc0
[  232.961228][ T5859]  ? __pfx_panic+0x10/0x10
[  232.962633][ T5859]  __warn+0x334/0x4c0
[  232.963917][ T5859]  ? xfrm_state_fini+0x26d/0x2f0
[  232.965447][ T5859]  ? xfrm_state_fini+0x26d/0x2f0
[  232.967016][ T5859]  report_bug+0x2be/0x4f0
[  232.968365][ T5859]  ? xfrm_state_fini+0x26d/0x2f0
[  232.969940][ T5859]  ? xfrm_state_fini+0x26d/0x2f0
[  232.971463][ T5859]  ? xfrm_state_fini+0x26f/0x2f0
[  232.973036][ T5859]  handle_bug+0x84/0x160
[  232.974358][ T5859]  exc_invalid_op+0x1a/0x50
[  232.975772][ T5859]  asm_exc_invalid_op+0x1a/0x20
[  232.977291][ T5859] RIP: 0010:xfrm_state_fini+0x26d/0x2f0
[  232.979019][ T5859] Code: c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 4b cd f6 f7 48 8b 3b 5b 41 5c 41 5d 41 5e 41 5f 5d e9 39 be d6 f7 e8 94 2b 91 f7 90 <0f> 0b 90 e9 fd fd ff ff e8 86 2b 91 f7 90 0f 0b 90 e9 60 fe ff ff
[  232.985141][ T5859] RSP: 0018:ffffc90003de7878 EFLAGS: 00010293
[  232.987013][ T5859] RAX: ffffffff8a2f2f8c RBX: ffff888023e1a3c0 RCX: ffff888024039d00
[  232.989407][ T5859] RDX: 0000000000000000 RSI: ffffffff8dd8dcaa RDI: ffff888024039d00
[  232.991859][ T5859] RBP: ffffc90003de7990 R08: ffffffff8fc35777 R09: 1ffffffff1f86aee
[  232.994280][ T5859] R10: dffffc0000000000 R11: fffffbfff1f86aef R12: ffffffff8f838600
[  232.996708][ T5859] R13: 1ffff920007bcf3c R14: ffff888023e1b880 R15: dffffc0000000000
[  232.999305][ T5859]  ? xfrm_state_fini+0x26c/0x2f0
[  233.000863][ T5859]  ? xfrm_state_fini+0x26c/0x2f0
[  233.002384][ T5859]  xfrm_net_exit+0x2d/0x70
[  233.003865][ T5859]  ops_undo_list+0x49a/0x990
[  233.005331][ T5859]  ? __pfx_ops_undo_list+0x10/0x10
[  233.006919][ T5859]  ? do_raw_spin_unlock+0x4d/0x240
[  233.008495][ T5859]  cleanup_net+0x4d8/0x820
[  233.009904][ T5859]  ? __pfx_cleanup_net+0x10/0x10
[  233.011415][ T5859]  ? _raw_spin_unlock_irq+0x23/0x50
[  233.013018][ T5859]  ? process_scheduled_works+0x9ef/0x17b0
[  233.014761][ T5859]  ? process_scheduled_works+0x9ef/0x17b0
[  233.016505][ T5859]  process_scheduled_works+0xae1/0x17b0
[  233.018291][ T5859]  ? __pfx_process_scheduled_works+0x10/0x10
[  233.020760][ T5859]  worker_thread+0x8a0/0xda0
[  233.022362][ T5859]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  233.024244][ T5859]  ? __kthread_parkme+0x7b/0x200
[  233.025829][ T5859]  kthread+0x711/0x8a0
[  233.027173][ T5859]  ? __pfx_worker_thread+0x10/0x10
[  233.029108][ T5859]  ? __pfx_kthread+0x10/0x10
[  233.030956][ T5859]  ? _raw_spin_unlock_irq+0x23/0x50
[  233.033009][ T5859]  ? lockdep_hardirqs_on+0x9c/0x150
[  233.034756][ T5859]  ? __pfx_kthread+0x10/0x10
[  233.036196][ T5859]  ret_from_fork+0x4bc/0x870
[  233.037619][ T5859]  ? __pfx_ret_from_fork+0x10/0x10
[  233.039359][ T5859]  ? __switch_to_asm+0x39/0x70
[  233.041210][ T5859]  ? __switch_to_asm+0x33/0x70
[  233.042853][ T5859]  ? __pfx_kthread+0x10/0x10
[  233.044281][ T5859]  ret_from_fork_asm+0x1a/0x30
[  233.045962][ T5859]  </TASK>
[  233.047675][ T5859] Kernel Offset: disabled
[  233.049055][ T5859] Rebooting in 86400 seconds..

VM DIAGNOSIS:
09:17:56  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000065 RBX=0000000000000065 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc90003de7010
R8 =ffff8880218a0237 R9 =1ffff11004314046 R10=dffffc0000000000 R11=ffffffff8556cf10
R12=dffffc0000000000 R13=ffffffff99d1992c R14=ffffffff9a00f5a0 R15=0000000000000000
RIP=ffffffff8556cf8c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b83fc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f228770d680 CR3=0000000120036000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=0000000000000000 00007fcc8d812e7b
XMM06=0000000000000000 00007fcc8d812e75 XMM07=0000000000000000 00007fcc8d812e89
XMM08=0000000000000000 00007fcc8d812f0f XMM09=0000000000000000 00007fcc8d812fed
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=1ffffffff1c684d6 RBX=ffffffff8e3426b0 RCX=4398d130a9355400 RDX=0000000000000000
RSI=ffffffff8c03da40 RDI=ffff88813663afe8 RBP=1ffffffff1bb8bbb RSP=ffffc900001e0bc0
R8 =0000000000000000 R9 =ffffffff8194e709 R10=dffffc0000000000 R11=ffffffff8194e400
R12=dffffc0000000000 R13=0000000000000001 R14=dffffc0000000000 R15=0000000000000002
RIP=ffffffff81a73fef RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f22878f96c0 ffffffff 00c00000
GS =0000 ffff8881a39fc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000560728d5a7b8 CR3=000000010f334000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=6161616161616161 6161616161616161
XMM06=6161616161616161 6161616161616161 XMM07=6161616161616161 6161616161616161
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f2286a12fed
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
