last executing test programs:

1.073050788s ago: executing program 1 (id=1973):
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
ioctl$SIOCAX25GETINFOOLD(r0, 0x8917, 0x0)

968.627709ms ago: executing program 1 (id=1975):
r0 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000000), 0x4)

968.540245ms ago: executing program 1 (id=1976):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SYS_SET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="1800000007140100000032c83a110000050042"], 0x18}}, 0x0)

889.69974ms ago: executing program 1 (id=1978):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
write(0xffffffffffffffff, &(0x7f0000000180)="2000000012005f0214", 0x9)
ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f00000001c0)=0x2001)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$sndseq(r1, &(0x7f0000000180)=[{0xff, 0x0, 0x0, 0x0, @tick=0x4, {}, {}, @result={0x1, 0x2}}, {0x0, 0x0, 0xff, 0x3, @tick=0xf27, {0x1, 0x31}, {}, @addr={0x2a, 0x5}}], 0x38)
readv(r1, &(0x7f0000000000)=[{&(0x7f0000001140)=""/136, 0x88}], 0x1)

840.132553ms ago: executing program 2 (id=1980):
r0 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
ioctl$LOOP_GET_STATUS64(r0, 0x4c05, 0x0)

839.953089ms ago: executing program 2 (id=1981):
r0 = syz_usb_connect(0x3, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000bde5a44070275290f515010203010902120001000000000904"], 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f00000003c0)={0x2c, &(0x7f0000000240)={0x20, 0x12}, 0x0, 0x0, 0x0, 0x0})

509.844919ms ago: executing program 0 (id=1983):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="300000003c000701fcffffff00000000017c0000100036800c00020008000000007000000c000180060206"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)

428.18364ms ago: executing program 0 (id=1984):
r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000b40)=ANY=[@ANYBLOB='iocharset=koi8-r,umask=00000000000000000000005,namecase=1,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c666d61736b3d30303030303030303030303030303030303030303235362c646973636172642c666d61736b3d30303030303030303030303030303030303030303030362c757466382c756d61736b3d30303030303030303030303030303030303030303030362c616c6c6f775f7574696d653d30303030303030303030303030303030303134373037302c00a9be803a3d9ca5ba4db406dd0b5459a27d7abc3b60c1d4bbac4948d4f3788a00a3c80b1a12055d2eeace5828d472e71a44f7bd33fedd00041a89e7c8b566db5aa2675eb7a1960d9cafe3683a5bcd652df3c1b26964fb49ac33708e0ece227120888d8415dc28effbe7bb2c30703dc3328ec8e0014adab48920710452a0e3cc5ed20983ca8f6364b1e77f757201c7351e80c867cddd58f0d458ee6f0dd1c04610712dfed5947f2377704b03f3f89384757085de2c0dcae856c9b09e00ab778266f2fc3374d212ec41116ade69654203903d6851a4bd26b285"], 0x1, 0x1528, &(0x7f00000037c0)="$eJzs3AuYT9X6OPD3XWvtMSS+TXIZ1lrv5ptclkmSXJLkkiRJkuSWkDTJkYTEEJI0JCG5DEkMIblMTBr3+/2SkCRNkoTklqz/M+FxOnX+p/M7/XKe37yf59mP9X73ftd+9/f9XvbeZubbrkNrNaldvRERwX8EL/yTBACxADAQAPICQAAA5ePKx2Wtzykx6T/bCftzPZh6pStgVxL3P3vj/mdv3P/sjfufvXH/szfuf/bG/c/euP+MZWebphW6hpfsu/D9/+yMv///D8ksM/bLNWWu6wYQ80dTuP/ZG/f//6zgj2zE/c/euP/ZVeyVLoD9F+D3f3aQ45+u4f5nb9x/xrKzK33/+UovEPkvew6O5LzQmL/q+BljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsb/AaX+ZAoBL4ytdF2OMMcYYY4wxxv48PseVroAxxhhjjDHGGGP/+xAESFAQQAzkgFjICblAAMDVkAfyQgSugTi4FvLBdZAfCkBBKATxUBiKgAYDFghCKArFIArXQ3G4AUpASSgFpcFBGUiAG6Es3ATl4GYoD7dABbgVKkIlqAxV4DaoCrdDNbgDqsOdUANqQi2oDXdBHbgb6sI9UA/uhfpwHzSA+6EhPACN4EFoDA9BE3gYmsIj0AyaQwtoCa3+R/nPQ094AXpBb0iCPtAXXoR+0B8GwEswEF6GQfAKDIZXIRmGwFB4DYbB6zAc3oARMBJGwZswGt6CMTAWxsF4SIEJMBHehknwDkyGd2EKTIVUmAbT4T2YATNhFrwPs+EDmANzYR7MhzT4EBbAQkiHj2ARfAwZsBiWwFJYBsthBayEVbAa1sBaWAfrYQNshE2wGbbAVtgG22EHfAI74VPYBbthD3wGe+HzfzP/1D/kd0NAQIECFSqMwRiMxVjMhbkwN+bGPJgHIxjBOIzDfJgP82N+LIgFMR7jsQgWQYMGCQmLYlGMYhSLY3EsgSWwFJZChw4TMAHL4k1YDstheSyPFbACVsRKWAmrYBWsilWxGlbD6lgda2ANrIW18C68C/tgXayL9bAe1sf6l25PYSNshI2xMTbBJtgUm2IzbIYtsAW2wlbYGltjG2yD7bAdtsf22AE7YCImYkfsiJ2wE3bGztgFu2BX7IrdsDt2z3w+B+AL+AL2xhqiD/bFvtgPk3MMwJfwJXwZB+Er+Aq+isk4BIfia/gavo7D8SSOwJE4CkdhVfEWjsGxSGI8pmAKTsSJOAknYVah7+JUTMVpOB2n4wyciTPxfZyNH+AHOBfn4nxMwzRcgAsxHdNxEZ7CDFyMS3ApLsPluAxX4ipciWtwLa7B9bgeN+JG3IybcStuxe24HT9BBYCf4m7cjcm4F/fiPtyH+3E/HsADmImZeBAP4iE8hIfxMB7BI3gUj+FxPIYn8ASexFN4Gk/jWTyL5/DZ+K8bf1JydTKILEooESNiRKyIFblELpFb5BZ5RB4RERERJ+JEPpFP5Bf5RUFRUMSLeFFEFBFGGEEijAEAERVRUVwUFyVECVFKlBJOOJEgEkRZUVaUE+VEeXGLqCBuFRVFJdHWVRFVRFXRzlUTd4jqorqoIWqKWqK2qC3qiDqirqgr6ol6or6oLxqI+0VD0QcH4IMiqzNNxBBsKoZiM9FcyIufYK3FcGwj2op24nExEkdgB9HaJYqnREcxBjuJv4mx+IzoIsZjV/Gc6Ca6ix7iedFTtHG9RG8xGfuIvmIq9hP9xQDxkpiBNcX7ODtnLfGqSBZDxFDxmpiPr4vh4g0xQowUo8SbYrR4S4wRY8U4MV6kiAlionhbTBLviMniXTFFTBWpYpqYLt4TM8RMMUu8L2aLD8QcMVfME/NFmvhQLBALRbr4SCwSH4sMsVgsEUvFMrFcrBArxSqxWqwRa8U6sV5sEBvFJrFZbBFbxTaxXewQn4id4lOxS+wWe8RnYq/4XOwTX4j94ktxQHwlMsXX4qD4RhwS34rD4jtxRHwvjopj4rj4QZwQP4qT4pQ4Lc6Is+IncU78LM4LL0CiFFJKJQMZI3PIWJlT5pJXydwyuPjsXiPj5LUyn7xO5pcFZEFZSMbLwrKI1NJIK0mGsqgsJqPyellc3iBLyJKylCwtnSwjE+SNsqy8SZaTN8vy8hZZQd4qK8pKsrKsIm+TVeXtEiIX9lFD1pS1ZG15l0yCu2VdeY+sJ++V9eV9soG8XzaUD8hG8kHZWD4km8iHZVP5iGwmm8sWsqVsJR+VreVjso1sK9vJx2V7+YTsIJ+UifIp2VH6iy+RZ2QX+azsKp+T3WR32UP+LM9LL3vJ3hL6gOwrX5T9ZH85IBYA5MtykHxFDpavymQ5RA6Vr8lh8nU5XL4hR8iRcpR8U46Wb8kxcqwcJ8fLFDlBTpRvy0nyHTlZviunyKkyVU6TA+TAX2aaJeW/zH/7d/IH/7L3jXKT3Cy3yK1ym9wud8hP5E65U+6Su+QeuUfulXvlPrlP7pf75QF5QGbKTHlQHpSH5CF5WB6WR+QReVQek2fkD/KE/FGelKfkKXlGnpVn5bmLzwEoVEJJpVSgYlQOFatyqlzqKpVbXa3yqLwqoq5RcepalU9dp/KrAqqgKqTiVWFVRGlllFWkQlVUFVNRdT1efMGoUqq0cqqMSlA3/jv5qri6QZVQJX+Vf6m+pH9SXyvVSrVWrVUb1Ua1U+1Ue9VedVAdVKJKVB1VR9VJdVKdVWfVRXVRXVVX1U11Uz1UD9VT9VS9VC+VpJJUX/Wi6qf6qwHqJTVQvawGqUFqsBqsklWyGqqGqmFqmBquhqsRaoQapUap0Wq0GqPGqHFqnEpRKWqimqgmqUlqspqspqgpKlWlqulqupqhZqhZapaarWarOWqOmqfmqTSVphaoBSpdpatFapHKUIvVYrVULVXL1XK1Uq1Uq9VqtVatVevVepWhNqlNaovaorapbWqH2qF2qp1ql9ql9qg9aq/aq/apfWq/2q8OqAMqU2Wqg+qgOqQOqcPqsDqijqij6qg6ro6rE+qEOqlOqtPqtDqrzqpz6pw6r85nnfYFIhCBClQQE8QEsUFskCvIFeQOcgd5gjxBJIgEcUFckC+4LsgfFAgKBoWC+KBwUCTQgQlsIC42PRpcHxQPbghKBCWDUkHpwAVlgoTgxqBscFNQLrg5KB/cElQIbg0qBpWCykGV4LaganB7UC24I6ge3BnUCGoGtYLawV1BneDuoG5wT1AvuDeoH9wXNAjuDxoGDwSNggeDxsFDQZPg4aBp8EjQLGgetAhaBq3+1Pm9P1ngMddL99ZJuo/uq1/U/XR/PUC/pAfql/Ug/YoerF/VyXqIHqpf08P063q4fkOP0CP1KP2mHq3f0mP0WD1Oj9cpeoKeqN/Wk/Q7erJ+V0/RU3Wqnqan6/f0DD1Tz9Lv69n6Az1Hz9Xz9Hydpj/UC/RCna4/0ov0xzpDL9ZL9FK9TC/XK/RKvUqv1mv0Wr1Or9cb9Ea9SW/WW/RWvU1v1zv0J3qn/lTv0rv1Hv2Z3qs/1/v0F3q//lIf0F/pTP21Pqi/0Yf0t/qw/k4f0d/ro/qYPq5/0Cf0j/qkPqVP6zP6rP5Jn9M/6/PaZ53cZ329G2WUiTExJtbEmlwml8ltcps8Jo+JmIiJM3Emn8ln8pv8pqApaOJNvCliipgsZMgUNUVN1ERNcVPclDAlTClTyjjjTIJJMGVNWVPOlDPlTXlTwVQwFU1FU9lUNreZ28zt5nZzh7nD3GnuNDVNTVPb1DZ1TB1T19Q19Uw9U9/UNw1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1MM9PCtDCtTCvT2rQ2bUwb0860M+1Ne9PBdDCJJtF0NB1NJ9PJdDadTRfTxXQ1XU030830MD1MT9PT9DK9TJJJMn1NX9PP9DMDzAAz0Aw0g8wgM9gMNskm2Qw1Q80wM8wMN8PNCDPSjMo6UTVvmTFmrBlnxpsUk2ImmolmkplkJpvJZoqZYlJNqpluppsZZoaZZWaZ2Wa2mWPmmHlmnkkzaWaBWWDSTbpZZBaZDJNhlpglZplZZlaYFWaVWWXWmDVmHawzG8wGs8lsMlvMFrPNbDM7zA6z0+w0u8wus8fsMXvNXrPP7DP7zX5zwBwwmSbTHDQHzSFzyBw2h80Rc8QcNUfNcXPcnDAnzElz0pw2p81ZU+Di96U3sTanzWWvsrnt1TaPzWv/MS5oC9l4W9gWsdrmtwV+FRtrbQlb0paypa2zZWyCvfE3cUVbyVa2Vexttqq93Vb7TVzH3m3r2ntsPXuvrW3v+lVc395nG9iHbUNEANvcNrYtbRP7sG1qH7HNbHPbwra07e0TtoN90ibap2xH+/Rv4gV2oV1lV9s1dq3dZXfb0/aMPWS/tWftT7aX7W0H2pftIPuKHWxftcl2yG/iUfZNO9q+ZcfYsXacHf+beIqdalPtNDvdvmdn2Jm/idPsh3a2Tbdz7Fw7z87/Jc6qKd1+ZBfZj22GDWCJXWqX2eV2hV15qVaf1663G+xGu9N+arfYrXab3W53XDoRtrvtHvuZ3Ws/twftN3a//dIesIdtpv36lzjr+A7b7+wR+709ao/Z4/YHe8L+qC5lZx37D/Zne956C4QEJElRQDGUg2IpJ+Wiqyg3XU15KC9F6BqKo2spH11H+akAFaRCFE+FqQhpMmSJKKSiVIyidD1dKq8UlSZHZSiBbqSydBOVo5upPN1CFehWqkiVqDJVoduoKt1O1egOqk53Ug2qSbWoNt1Fdehuqkv3UD26l+rTfdSA7qeG9AA1ogepMT1ETehhakqPUDNqTi2oJbWiR6k1PUZtqC21o8epPT1BHehJSqSnqCM9TZ3ob9SZnqEu9Cx1peeoG3WnHvQ89aQXqBf1piTqQ33pRepH/WkAvUQD6WUaRK/QYHqVkmkIDaXXaBi9TsPpDRpBI2kUvUmj6S0aQ2NpHI2nFJpAE+ltmkTv0GR6l6bQVEqlaTSd3qMZNJNm0fs0mz6gOTSX5tF8SqMPaQEtpHT6iBbRx5RBi2kJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQJ7STPqVdtJv20Ge0lz6nffQF7acv6QB9RZn0NR2kb+gQfUuH6Tvfm76no3SMjtMPdIJ+pJN0ik7TGTpLP9E5+pnOkycIMRShDFUYhDFhjjA2zBnmCq8Kc4dXh3nCvGEkvCaMC68N84XXhfnDAmHBsFAYHxYOi4Q6NKENKQzDomGxMBpeHxYPbwhLhCXDUmHp0IVlwoTwxrBseFNYLrw5LB/eElYIbw0rhpXCh++tEt4WVg1vD6uFd4TVwzvDGmHNsFZYO7wrrBPeHdYN7wnrhfeG5cL7wgbh/WHD8IGwUfhg2Dh8KGwSPhw2DR8Jm4XNwxZhy7BV+GjYOnwsbBO2DduFj4ftwyfCDuGTYWL4VNgxfPqX9fct/Ofrk8I+Yd/wxfDF0Pt75Lzo/Gha9MPogujCaHr0o+ii6MfRjOji6JLo0uiy6PLoiujK6Kro6uia6Nrouuj66Iboxqj3tXOAQyecdMoFLsblcLEup8vlrnK53dUuj8vrIu4aF+eudfncdS6/K+AKukIu3hV2RZx2xllHLnRFXTEXdde74u4GV8KVdKVcaedcGZfgWrpWrpVr7R5zbVxb18497h53T7gn3JPuSfeU6+iedp3c31xn94zr4p51z7rnXDfX3fVwz7uebkKeC+/JJNfX9XX9XD83wA1wA91AN8gNcoPdYJfskt1QN9QNc8PccDfcjXAj3Cg3yo12o90YN8aNc+NciktxE91EN8lNcpPdZDfFTXGpLtVNd9PdDDfDVZ15YS9z3Bw3z81zaS7NLXBZ54zpbpFb5DJchlvilrhlbplb4Va4VW6VW+PWuHVundvgNrhNbpPb4ra4bW6b2+F2uJ1up9vl816Y1O11+9w+t9/tdwfcVy7Tfe0Oum/cIfetO+y+c0fc9+6oO+aOux/cCfejO+lOudPujDvrfnLn3M/uvPMuJTIhMjHydmRS5J3I5Mi7kSmRqZHUyLTI9Mh7kRmRmZFZkfcjsyMfROZE5kbmReZH0iIfRhZEFkbSIx9FFkU+jmREFkeWRJZGlkWWR7wvvCX0RX0xH/XX++L+Bl/Cl/SlfGnvfBmf4G/0Zf1Nvpy/2Zf3t/gK/lZf0Vfylf0jvplv7lv4lr6Vf9S39o/5Nr6tb+cf9+39E76Df9In+qd8R/+07+T/5jv7Z3wX/6zv6p/z3Xx338M/73v6F3wv39sn+T6+r3/R9/P9/QD/kh/oX/aD/Ct+sH/VJ/shfqh/zQ/zr/vh/g0/wo/0o2Le9KMvXSLDeJ/iJ/iJ/m0/yb/jJ/t3/RQ/1af6aX66f8/P8DP9LP++n+0/8HP8XD/Pz/dp/kO/wC/06f4jv8h/7DP84ks3lf0Kv9Kv8qv9Gr/Wr/Pr/Qa/0W/ym/0Wv9Vv89v9Dv+J3+k/9bv8br/Hf+b3+s/9Pv+F3++/9Af8Vz7Tf+0P+m/8If+tP+y/80f89/6oP+aP+x/8Cf+jP+lP+dP+jD/rf/Ln/M/+PP/OGmOMMcbYHzLh8lD8es2F2/l9fidH/N3GfQHg6q2FMv9+fdYZ5br8F8b9RXz7CAA81bvrg5eWGjWSkpIubpshISg2F+DS/wRliYHL8WJoB09AIrSFsr9bf3/R/Sz9i/mjtwDk+rucWLgcX57/CwBM+p35H3181IIK4em4/8/8cwFKFLuckxMux4uh3S/3V9pCuX9Sf4HW/6L+nF+mALT5u5zccDm+XH8CPAZPQ+KvtmSMMcYYY4wxxi7oLyp3vnT9eeknPn/v+jxeXc7JAZfjf3V9zhhjjDHGGGOMsSvvme49nnw0MbFt539/UO1/lPWHB03hf2tmHvzuwHuAS48oAPgPJwTIGsi/8ig2/yX7Sr741vnHVcvO+AD+O1r5Zwyu8AcTY4wxxhhj7E93+aT/14+rK1UQY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDGWDf0Vf07sSh8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9vwAAAP//kfb+pw==")
r1 = memfd_create(&(0x7f0000000480)='[\v\xdbX\xae[5\xa9\x90\xffc\x1f\x1a\xa9\xfd\xfa\xad\xd1md\xe7\xe2\x7f\x9b\xd5R\x10\xf3\xb6\xffT\xbf\xd1\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\x9fc\xda\xa9\x83r\xd8\x98\x00\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9', 0x0)
write$binfmt_script(r1, &(0x7f00000001c0)={'#! ', './file0'}, 0xb)
getsockopt$WPAN_SECURITY_LEVEL(0xffffffffffffffff, 0x0, 0x2, 0x0, &(0x7f0000000040))
pwrite64(r1, &(0x7f0000000040)="ab", 0x1, 0x2)
execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
execveat$binfmt(0xffffffffffffff9c, r0, 0x0, 0x0, 0x0)

360.270814ms ago: executing program 0 (id=1985):
syz_emit_ethernet(0xfdef, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xfde1, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0xfdcd, 0x0, @wg=@data}}}}}, 0x0)

359.962971ms ago: executing program 0 (id=1986):
capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb})
r0 = socket(0x28, 0x801, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000200)={'tunl0\x00', &(0x7f00000000c0)={'tunl0\x00', 0x0, 0x8, 0x40, 0x7, 0xfffff4f3, {{0x5, 0x4, 0x3, 0x9, 0x14, 0x64, 0x0, 0xa, 0x2f, 0x0, @loopback, @dev={0xac, 0x14, 0x14, 0x28}}}}})

297.956586ms ago: executing program 0 (id=1987):
r0 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB2(r0, 0xc06864b8, &(0x7f0000000580)={0x0, 0xc1, 0x80, 0x34325241, 0x3, [0x2], [0xffff, 0x0, 0x0, 0x7], [0x9], [0x400000000000001, 0x0, 0x0, 0xe8ea]})

297.756719ms ago: executing program 2 (id=1988):
r0 = socket$inet6(0xa, 0x2, 0x3a)
sendmmsg$inet6(r0, &(0x7f0000000640)=[{{&(0x7f0000000380)={0xa, 0x0, 0x0, @remote}, 0x1c, &(0x7f00000002c0)=[{&(0x7f0000000100)="a0002883591ecc0e", 0x8}], 0x1}}], 0x1, 0x0)

295.919151ms ago: executing program 0 (id=1989):
r0 = syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./file0\x00', 0x100000a, &(0x7f0000000180)=ANY=[@ANYBLOB="6a6f75726e616c5f6173796e635f636f6d6d69742c6865617274626561743d6e6f6e652c67727071756f74612c696e6f646536342c61636c2c6c6f63616c666c6f636b732c005ea7501d3984f30800000034dd9b5f52523eb71133652077aca5d26b513822020aa04ceba373f5ce95c0d1d4d8d88b077307143bab05b944c8717fae9043000a828674b0cdb1a82528e59e857c2049a73f8389f4eb91af6e2f93e4894cc0e776da52222dc59219"], 0x0, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzJ6vZpMl2P9ImafoxSQQXLcumT9X6ENeqjabNh7bVVFlnN9vN6uzMujujBYPUIIiCoARBxQ+qQulLLYiBvtQiFPxAWoVSUbS+iBSq4INBG+jKzNybnXtntneyk7S0/f2gnb3n3nPumf3vPXfOPZNCrHZqYaW4sFIsVYrV2ftXbil+rlquL86FwqvktT4/vbkSOcn+tXPkfR/4yD23hPCHY1/70Orq6mpoGA5dHWj7+fy/T8+2vyYKmTqNdru31vLH+iMv/fwtr3REnhMhhB0d/WrYFEL42C9C2BxCGInLRuPXLSGEbSGEKITw6G/+9ePBfrrQ5uy9Lzx37MzhfWemHn/smQvzR9c9MArhu+XdN88vvrh/023Pv+MynR4AAF7RB48fufvo5IHwZBSGzg10fl7fGb8mn4/vfNun7np4YG3/Kr3Z9CqGCgAAABlr8//h6OUu63XJylqyJPjEAyfufipa229i+/p26K4jt79/8kC8/ht17L81Lvrnezc111Cz677Z9d+RTP3u679r53n4q8/+svLWjfc/6V9y3uEQFSZS24XCxEQIx6Za27uirYVydaX2zvur9crJjZ/3jSKdf3b1fm1Bv9f8RzPV89b/d3/i8z/bMtDPOxgL2b/axnax80+ZLtL5rz+W/+RLUU/5j2Xq5eV/x9Pbz/9qcz/vIHtGLkU6/9aFuK/9gGJrAGjk/82B/Px3ZNrPy//7U+cePbGB7/80xpnhqNHXwdQI8HJcvs5XmMhI598KIjV0xr/I9a7//2XyvybTfl7+d1b/8bu/9XH/X2/8H5/qp803j3T+rSCKqSPWrv+RQv71f22m/bz8f3vqz89+sq97dWf+jf6Pu//3JJ1/fCNOD57N32Sv4//OTPt5+e8au++hhQ30+8Nb4n4ORWGs7Vun5xq3sKG19ermlKaxe2kDJ3kTSOff+q2lLp2h1kvz+h/OH/93ZdrPy/+hPV9/z+m+vv/bffyfNP73JJ3/lmbZpeT/Uib/3Zn28/L/4em//+W+yzz+N7YPyr8n6fy3duxfe/5T6Gn+d12mft7zn32jTz3y1z7m/0n/kvMmz3+S5xDjUev5D92l879q3eN6vf/vydTLu/6/9Z/nn97fz/gfDXoC0Id0/ttahV0mgL3mf32m/bz8v3DPlz/+pw3M/5qf+AaT/Nvm/5tb5UeN/z1J57+9VZj6x1APNv/fvP9Hnbn/N5P/DZn28/K/cGhi4CuX+f7f6P94l0fZdErnP7TucY38f9/D/f/GTL28/L+496cv3tzX5/8QJs31Nyyd/9XrHte8/gfz878pUy8v/+9849dPPNhH/9/eR12y+bfu9anLKf5s3uv8v5hpPy//H42fP7v/Csz/bnX/70k6/9aq+aXkn53/7820n5f/9478YHngCjz/uUP+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzIavw6HqDCR2i4UJiZCGIu3d4Wt0Uzp5PRMuTr7mZUQdsTlxTAazZerM6Xy9EKlenJuulQuV2dDuCbevyMMRivlam16sbR07cW2tkSn5krLtZm5Ui2EsDMuvz5sT9qaWagtlpaaxyZ1ropKn61Xa6WJ+srccth9sXxbUj6/XK0vXXexrasL1eWlU6XK9MmF5XdPTk5Ohj0X+zwSzT1Qm6vUWr1t7W3USeoOR21vprn7hrbzfbpaX66Uys3yG9vqlKuzpXJbnZvazldbrldmS7W56XJ1Pjlfsa1u23tr7t4b7xsPI6n3l9TNOhi/3n7o+EePHz7Qsb8YpfOu1BfnJrd3/5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4I3rydve9e0QwkBrqxBCOJj8EMX/pZy994Xnjp05vO/M1OOPPXNh/mi3YwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYuZ+XKro4DsBnxve+FkgpbYRcBoaI6E7Cgn4RSeU1smWb1kGtEjIoCgwjWhYEQVC7qCBoFVT+BVELl62qTS1aGERQMTqTlzvCDS90zHkeGM4Mc++ZLwzcO3M+hwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB+nN2x2JW1l3ZtXtq6+0PozM/9H0IYTZb3P+/tCD0hhK9fZk6HVdpCT1P/bybnxstXTX7v7R9/eH00WXv9xXeL63aHJB1qON6ZpOnQ0Nr736juDD6bHkxCSGMXQhQLY0/O1EIIHbELIYqfH+cvZr/v/8UuhCj6P9ztyu5/LXYhRLF196e+Wv6MR/Wcr18YbPzvb/UI3sYjOuvQ25NX3qVuauW9zN//k3zzPlgNsyeOvH8euwiimZ2bOhq7BgAA4O861yL/D1uW9+9fTkJPdzn3/9aU//c29b96/r/i3vYbYzNthRDbSmOT2fHwvnb63PhODVy9/bpmvKeq5P/VJv+vNvl/tcn/q03+X23yfzKv5P+V9PjmnsUXsYsgGvk/AABUz6HjE1P14ZHs5X/Tj85yXt+Xt/U8T39wa3rgUcO4kfzw33b42MSBg8Mj+X0vDwiurP+QLp39ns/3aG4Lk03zLlqt/9D7dGH+Wmf5E/U/nL9R1Fdc1/oPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAvdueehkEwCsPod1sRtdGqaMLCT4IPNDAiACnMaEAHEwZgIAQUMJBzlnuTZ3kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5/tXeV18f2mM9Foj0lR22bV/jqfZz9y3w/I+e9y4FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZ24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KkAAAD//8Oayzs=")
fsetxattr$trusted_overlay_origin(r0, &(0x7f0000000000), 0x0, 0x0, 0x0)

239.070284ms ago: executing program 2 (id=1990):
r0 = syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00')
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x2000042, &(0x7f0000002240)={[{@nombcache}, {@oldalloc}, {@inlinecrypt}, {@delalloc}, {@mblk_io_submit}, {@delalloc}, {@noload}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@lazytime}]}, 0x3, 0x4ea, &(0x7f00000006c0)="$eJzs3UtvG1sdAPD/OPa9yW3AuYVFqURb+lCKoE7S9BGxKK3EY1UJUfZpSJwoihNXidM2UQXuJwChCpBYsWKDxAdAQv0ICKkS7FiwAlWQ0gUbZDR+tI1jh+TWjdvk95NO58w59fz/x4/xnJlRHMCRdSYibkbEQERciIh8sz3TLFFtlPT/vdh6NJuWJGq1O/9MImm2tW/zWPNhqe9/N+KHyc64axubSzOlUnF1e/PmpcXlmYXiQnFlcnLi2tT1qatT43scSZLdrXc4Im586+XPf/Kb79z4w9cf/G36Hxd/lKZ1t9nfaRy90Bh6LgZbDdV3EaV/0vdNtj5CAAA+BOcj4nhEnI2Ir0Y+BmLXw2gAAADgA1T75vDHrSoAAABwOGXq98YmmULzft/hyGQKhcY9vF+MTzKl8lrla/Pl9ZW5xj20I5HLzC+WiuPNe4VHIpek6xP1+uv1y23rkxHxaUQ8yQ+l6/U+AAAA4GAca5v/v8w35v8AAADAIeNiPAAAABx+5v8AAABw+Jn/AwAAwKH2vdu301J7sfWo/jsAc/c31pfK9y/NFdeWCsvrs4XZ8uq9wkK5vFAqFgb+//ZK5fK9K7Gy/nCskl2rjK1tbE4vl9dXKtP13/WeLh4/gDEBAAAA2316+ulfkoiofmOoXlIfNftyfc0MeI8k2baGu1/pUyZAT+zhlP52Z9bfTSLAgWv/TgeODnN8IGlvaDswGOx2qPDH/cdyzAEAAP0x+iXX/+GoyvQ7AaBvftrvBIC+cS4ejq7c/u8ABA6ZHdf/2wx269jz9f9abV8JAQAAPTfcWFSjeS1wODKZQuHVZcFkfrFUHI+Iz0fEn/O5j9P1iT7mCwAAAAAAAAAAAAAAAAAAAAAAAAAfolotiRoAAABwqEVk/p40f/9rNH9+uP38wEfJf/L1ZUQ8+NWdXzycqVRWJ9L2f71qr/yy2X65H2cwAAAA4CjK7drbmqe35vEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Esvth7NtspBxn1+K4ZipFP8bAzWl4ORi4hP/p1E9o3HJREx0IP41ccRcaJT/CRNK0aaWbTHz0TEUJ/jH+tBfDjKnt6KiJudPn+ZOFNfdv78ZZvlbT2/Vf+Qd4zf2v8NdNn/fW6PMU4++91Y1/iPI05mO+9/WvGTLvHP7TH+3R9sbnbrq/06YrTj90+yLdZYZfne2NrG5qXF5ZmF4kJxZXJy4trU9amrU+Nj84ulYvPfjjF+9uXfV590HX+mvnwzfmucI40Mf9xt/Of3OP7/Pnu49YVGNbczfsTFc51f/xP1ZefnP31PXGh+D6T9o616tVF/06nf/ulUt9zS+HNdnv/G65+vdRv/xb0Nf8eYAYD+WtvYXJoplYqrB1A5e6V3G0wOKGeVLpXB9yONg658+6230zocfpvt/LVn40rnDJ27+rxjAgAAeu71QX+/MwEAAAAAAAAAAAAAAAAAAICj6zP98bDT+3tUe8xqf4YKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALCr/wUAAP//GpnIcw==")
read$FUSE(r0, &(0x7f00000047c0)={0x2020}, 0x2020)

238.742372ms ago: executing program 2 (id=1991):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0xb, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c6e6f71756f74612c64697361626c655f726f6c6c5f666f72776172642c67635f6d657267652c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c646973636172645f756e69743d73656374696f6e2c636865636b706f696e743d64697361626c652c6e6f696e6c696e655f64656e7472792c00ec6da92d1c80a6c720380e3c2c55bf27596d2776ce408c4bb19b149757508e1c7e919c6c2047023baa412d14fa75c8cac6e5f103e13ea52708af0a7c5da8af4ecb6612"], 0x2, 0x550a, &(0x7f00000079c0)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfnKVBuI4gP9aqOC/SIx7r+IOjuERXLo0HMBLsNcFXsELcAbceQQDhs6I8B6Ll3Ta5r18PkkZpilfpoQufjPJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAffrVbFc/vrz/2jXncOzmXuC3puuQAAAAgGzfbFftm0Xqv8znX+dTb3O/iog6Im7V7pN4dpU5yTnN/+u/X15/t7L/GdEmnL5jlo8XEfEhH3/e9P0rAAAAwNO1W2+WqVpPL4uxB8SQ0qRN/epjobwqIprF70Jp9SnvXaGw9v89jc+F0toJrHmhsDTlNi2V9iDt436etZtfNFVq6psfOw+y2L0DAAADmlw1w1YhAAAADOnT2ANgHFX8W8o8LwXOUpOX955f9QAAAIBHqBp7AAAAAEDv2vp/oP3/jvb/AwAAgHGk/f8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADo077ZrnbrzbJrzuHYTZm7AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+Mv+vKNACIRBGOxd35nM/Q8rDZqamlSB8PE3BgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDmd3/5PzE1ziRzr42l55Fk7dTYOjX2zo2jP4yvXwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF/vzkgIhEARRMGf876Tvf1hJ0DOIEAENjypq0QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfNHvfvk/MTXOJHOnjaXjkWTtqrF11dh70Dh6MN7+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFzv37xs3FQcA/Nk+X2kBcQR0QxACiQEWer2Wlm6IARQx8CcgRem1hF750WagVYXowoYyd0EwIoQEClv/h8yJlCVsGW4IEgsLyD475/yQOH7UviSfj/T8vmdZft/nk6J8/V4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlEZvT+IkO3TGcVyc29i9v5T1mwf6zKPVrfmsZXFUZ9LHw4vVD1G3uUQAAAA4PZKyvg8hbKdrC1kfd/L6Py2vyWr+b58ex2U9f7DuL/uy9s/aLz/vPL83UGc8TnbT68vDwYXDqbQe3yxn2zN/e0Urf/L5u5ck/0Li9x48N0rz5xl9vb7+TjsPz9SRLQDwb5wv+yIofx/K+n6TiQFwarQqhXdZ/yedZnMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqMPoQXiyjKMQwnxrEmc2d+8vHdU/Wt2aL9uVhw9Xw5eTe2a3SEMI15eHgwu1zma23bl77+bicDi4XX/wUgihqdHfKqZ/84MpLg6hkecj+J+CuPiyZyWf4xE0+EMJAIATKS1aVtdvp2sL2bloLoQ/v9tf/79aicOU9f/Oh1c2qmNV6/9+bTOcfb2VW5/27ty99/ryrcUbgxuDj9+42H+zf+nq5ctXe/m7kp43JgAAAPw37aJV6/947vD6/7lKHKas/z/7pv9FdaxE/X+kyaJf05kAAACcbs++/Ptv0RHno3Y7fL64snK7Pz7ufb44PjaQ6j92pmjV+j+ZazorAAAAoA6jP6J96//XKnGYcv3/qe9f+LF6zySEcLZY/z+/9MnwWn3TmWl1/Dlx03MEAACgWWeLVl3/T/P9//Heloc4hPDaK+O4+DeAU9X/ybtf/VAdq7r//1J9U5xJcXf8PPK+G0Kr23RGAAAAnGRPFC0r9n9N1xY++unc+237/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADq9lcAAAD//yHKP74=")
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_genetlink_get_family_id$tipc(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x20000010)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
r4 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
close_range(r4, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r3, 0x4004f50d, &(0x7f0000000180)=0xfffffff9)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x9, &(0x7f0000000300)="1022a37586748907b0855b812c87f3342dc4fceb6a4a8aff66cfee8d17730b7a27d9bb8a1e34c404c0af190389b6860cce3925f126b99c7cdc3ce14865b9a05b17a087446219bfef4d4251ea05b8e3e6b3da705e081d356477db5e7720330cc80e7c09ab4e7a0789ca", 0x69)

408.438µs ago: executing program 1 (id=1992):
syz_emit_ethernet(0x4e, &(0x7f0000000200)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00\x00 ', 0x18, 0x6, 0x0, @private1, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, {[@generic={0xfe, 0x2}, @generic={0xfe, 0x2}]}}}}}}}}, 0x0)

161.953µs ago: executing program 2 (id=1993):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x5, [@struct={0x1, 0x1, 0x0, 0x4, 0x1, 0x5, [{0x0, 0x4, 0x9}]}]}, {0x0, [0x61, 0x2e, 0x61]}}, &(0x7f0000000f40)=""/4089, 0x35, 0xff9, 0x1}, 0x28)

0s ago: executing program 1 (id=1994):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000380)='dctcp', 0x5)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f00000003c0)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000d80)="5453b4b759f9d4f4f33bda880b70a0dadde062", 0x13}], 0x1}}], 0x1, 0xc0)

kernel console output (not intermixed with test programs):

  98.259885][ T2321] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[   98.415629][ T2321] usb 1-1: Using ep0 maxpacket: 32
[   98.420237][ T2321] usb 1-1: unable to get BOS descriptor or descriptor too short
[   98.426745][ T2321] usb 1-1: config 9 has an invalid interface number: 55 but max is 0
[   98.430300][ T2321] usb 1-1: config 9 has no interface number 0
[   98.433056][ T2321] usb 1-1: config 9 interface 55 has no altsetting 0
[   98.442061][ T2321] usb 1-1: New USB device found, idVendor=2fc1, idProduct=f4e0, bcdDevice=5a.b5
[   98.446155][ T2321] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   98.453249][ T2321] usb 1-1: Product: syz
[   98.455039][ T2321] usb 1-1: Manufacturer: syz
[   98.456989][ T2321] usb 1-1: SerialNumber: syz
[   98.725959][ T2321] usb 1-1: USB disconnect, device number 11
[   99.493695][ T7246] loop0: detected capacity change from 0 to 32768
[   99.818458][ T7250] loop1: detected capacity change from 0 to 40427
[   99.828530][ T7250] F2FS-fs (loop1): invalid crc value
[   99.880653][ T7250] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   99.885080][ T7250] F2FS-fs (loop1): Start checkpoint disabled!
[   99.894828][ T7250] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[   99.901469][   T33] audit: type=1800 audit(1758639470.543:12): pid=7250 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.550" name="file1" dev="loop1" ino=10 res=0 errno=0
[  100.525025][ T1090] kworker/u10:4: attempt to access beyond end of device
[  100.525025][ T1090] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  100.532385][ T1090] CPU: 0 UID: 0 PID: 1090 Comm: kworker/u10:4 Not tainted syzkaller #0 PREEMPT(full) 
[  100.532402][ T1090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  100.532409][ T1090] Workqueue: writeback wb_workfn (flush-7:1)
[  100.532429][ T1090] Call Trace:
[  100.532434][ T1090]  <TASK>
[  100.532440][ T1090]  dump_stack_lvl+0x189/0x250
[  100.532458][ T1090]  ? __pfx_dump_stack_lvl+0x10/0x10
[  100.532496][ T1090]  ? __pfx_queue_work_on+0x10/0x10
[  100.532508][ T1090]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  100.532526][ T1090]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  100.532551][ T1090]  f2fs_handle_critical_error+0x37c/0x540
[  100.532574][ T1090]  f2fs_write_end_io+0x886/0xb60
[  100.532602][ T1090]  __submit_merged_bio+0x27a/0x6a0
[  100.532624][ T1090]  __submit_merged_write_cond+0x255/0x530
[  100.532647][ T1090]  f2fs_write_data_pages+0x261d/0x3000
[  100.532685][ T1090]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  100.532708][ T1090]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  100.532754][ T1090]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  100.532781][ T1090]  ? trace_f2fs_writepages+0x7f/0x200
[  100.532799][ T1090]  ? f2fs_write_node_pages+0x478/0x6e0
[  100.532833][ T1090]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  100.532845][ T1090]  do_writepages+0x32e/0x550
[  100.532866][ T1090]  ? reacquire_held_locks+0x127/0x1d0
[  100.532877][ T1090]  ? writeback_sb_inodes+0x384/0x1010
[  100.532900][ T1090]  __writeback_single_inode+0x145/0xff0
[  100.532914][ T1090]  ? do_raw_spin_unlock+0x4d/0x240
[  100.532931][ T1090]  writeback_sb_inodes+0x6c7/0x1010
[  100.532944][ T1090]  ? lockdep_hardirqs_on+0x9c/0x150
[  100.532978][ T1090]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  100.533028][ T1090]  ? rcu_is_watching+0x15/0xb0
[  100.533048][ T1090]  wb_writeback+0x43b/0xaf0
[  100.533067][ T1090]  ? queue_io+0x341/0x590
[  100.533083][ T1090]  ? __pfx_wb_writeback+0x10/0x10
[  100.533104][ T1090]  ? _raw_spin_unlock_irq+0x23/0x50
[  100.533126][ T1090]  wb_workfn+0x409/0xef0
[  100.533153][ T1090]  ? __pfx_wb_workfn+0x10/0x10
[  100.533171][ T1090]  ? __lock_acquire+0xab9/0xd20
[  100.533198][ T1090]  ? process_scheduled_works+0x9ef/0x17b0
[  100.533217][ T1090]  ? process_scheduled_works+0x9ef/0x17b0
[  100.533227][ T1090]  ? process_scheduled_works+0x9ef/0x17b0
[  100.533241][ T1090]  process_scheduled_works+0xae1/0x17b0
[  100.533278][ T1090]  ? __pfx_process_scheduled_works+0x10/0x10
[  100.533307][ T1090]  worker_thread+0x8a0/0xda0
[  100.533332][ T1090]  ? __kthread_parkme+0x7b/0x200
[  100.533355][ T1090]  kthread+0x711/0x8a0
[  100.533393][ T1090]  ? __pfx_worker_thread+0x10/0x10
[  100.533407][ T1090]  ? __pfx_kthread+0x10/0x10
[  100.533423][ T1090]  ? _raw_spin_unlock_irq+0x23/0x50
[  100.533440][ T1090]  ? lockdep_hardirqs_on+0x9c/0x150
[  100.533451][ T1090]  ? __pfx_kthread+0x10/0x10
[  100.533466][ T1090]  ret_from_fork+0x439/0x7d0
[  100.533507][ T1090]  ? __pfx_ret_from_fork+0x10/0x10
[  100.533525][ T1090]  ? __switch_to_asm+0x39/0x70
[  100.533538][ T1090]  ? __switch_to_asm+0x33/0x70
[  100.533551][ T1090]  ? __pfx_kthread+0x10/0x10
[  100.533567][ T1090]  ret_from_fork_asm+0x1a/0x30
[  100.533596][ T1090]  </TASK>
[  100.536310][ T1090] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  100.730685][ T7263] loop0: detected capacity change from 0 to 32768
[  100.743096][ T7263] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.554 (7263)
[  100.751007][ T7263] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  100.756019][ T7263] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  100.903654][ T7263] BTRFS info (device loop0): rebuilding free space tree
[  100.921964][ T7263] BTRFS info (device loop0): disabling free space tree
[  100.924893][ T7263] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  100.928865][ T7263] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  100.939630][ T7263] BTRFS info (device loop0): enabling ssd optimizations
[  100.942849][ T7263] BTRFS info (device loop0): force clearing of disk cache
[  100.945810][ T7263] BTRFS info (device loop0): enabling auto defrag
[  100.948499][ T7263] BTRFS info (device loop0): doing ref verification
[  100.993001][   T33] audit: type=1800 audit(1758639471.633:13): pid=7263 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.554" name="file1" dev="loop0" ino=260 res=0 errno=0
[  101.634275][ T7294] RDS: rds_bind could not find a transport for fe80::aa, load rds_tcp or rds_rdma?
[  101.733547][ T5849] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  102.135297][ T7311] loop0: detected capacity change from 0 to 512
[  102.144569][ T7311] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  102.157374][ T7311] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.566: casefold flag without casefold feature
[  102.164275][ T7311] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.566: couldn't read orphan inode 15 (err -117)
[  102.176117][ T7311] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.258389][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.712300][ T2321] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  102.889055][ T2321] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF4, changing to 0x84
[  102.902044][ T2321] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x84 has invalid maxpacket 1023
[  102.910374][ T2321] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  102.920492][ T2321] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  102.937348][ T2321] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  102.976052][ T2321] usb 1-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  102.984973][ T2321] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  102.995894][ T2321] usb 1-1: Product: syz
[  103.001107][ T2321] usb 1-1: Manufacturer: syz
[  103.003477][ T2321] usb 1-1: SerialNumber: syz
[  103.040380][ T2321] usb 1-1: config 0 descriptor??
[  103.048423][ T7327] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  103.053037][ T2321] usb 1-1: ucan: probing device on interface #0
[  103.055654][ T2321] usb 1-1: ucan: invalid endpoint configuration
[  103.058307][ T2321] usb 1-1: ucan: probe failed; try to update the device firmware
[  103.260939][ T5895] usb 1-1: USB disconnect, device number 12
[  103.588726][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880392ac800: rx timeout, send abort
[  103.592614][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff8880392ac800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  103.597256][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880392ad800: rx timeout, send abort
[  103.600029][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff8880392ad800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  103.705320][ T7347] loop1: detected capacity change from 0 to 1024
[  104.124941][ T7378] loop0: detected capacity change from 0 to 256
[  104.178846][ T7378] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x311d6643, utbl_chksum : 0xe619d30d)
[  104.204442][ T7378] exFAT-fs (loop0): valid_size(150994954) is greater than size(10)
[  104.208233][   T33] audit: type=1800 audit(1758639474.853:14): pid=7378 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.597" name="file1" dev="loop0" ino=1048594 res=0 errno=0
[  104.324509][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.360365][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.362976][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.365492][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.367962][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.370924][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.373842][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.376597][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.380273][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.385995][ T7376] loop1: detected capacity change from 0 to 32768
[  104.399361][ T7376] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[  104.402355][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.405454][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.408131][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.410545][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.414643][ T7376] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  104.418777][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.421478][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.424776][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.427218][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.429856][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.434439][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.437299][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.440040][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.445747][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.448777][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.453830][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.465660][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.466879][ T7376] XFS (loop1): Ending clean mount
[  104.468632][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.472609][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.475663][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.478552][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.480887][ T7376] XFS (loop1): Quotacheck needed: Please wait.
[  104.482431][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.489358][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.498516][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.500770][ T7376] XFS (loop1): Quotacheck: Done.
[  104.509549][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.512639][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.515636][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.518594][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.521688][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.525463][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.529126][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.532000][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.542744][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.545777][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.547813][ T5845] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  104.549275][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.555623][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.559374][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.568930][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.571788][    C1] vcan0: j1939_tp_rxtimer: 0xffff888039490c00: rx timeout, send abort
[  104.578514][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.580840][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.583272][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.586030][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.593768][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.596703][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.599539][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.607070][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.611045][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.616470][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.619433][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.622639][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.625587][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.628802][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.631209][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.634192][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.647898][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.661555][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.687689][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.690782][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.708995][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.721538][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.730282][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.742459][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.745529][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.748509][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.776726][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.779770][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.792691][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.795692][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.798720][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.801867][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.812430][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.821968][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.832738][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.835958][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.838870][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.846458][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.908384][ T7410] netlink: 'syz.1.609': attribute type 15 has an invalid length.
[  104.952504][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.964083][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  104.977495][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  105.007806][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  105.012823][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  105.016194][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  105.019584][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  105.026336][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  105.029458][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  105.033779][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  105.036955][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  105.039966][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  105.043134][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  105.046244][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  105.053194][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  105.060742][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  105.069586][    C1] vcan0: j1939_tp_rxtimer: 0xffff888039490800: rx timeout, send abort
[  105.073249][    C1] vcan0: j1939_tp_rxtimer: 0xffff888039490c00: abort rx timeout. Force session deactivation
[  105.093569][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  105.143048][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  105.182421][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  105.242901][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  105.304937][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  105.364886][ T7386] vcan0: tx drop: invalid da for name 0x0000000200000004
[  105.406609][ T7417] raw_sendmsg: syz.1.611 forgot to set AF_INET. Fix it!
[  105.573137][    C1] vcan0: j1939_tp_rxtimer: 0xffff888039490800: abort rx timeout. Force session deactivation
[  105.785502][ T7429] loop0: detected capacity change from 0 to 16
[  105.801002][ T7429] erofs (device loop0): mounted with root inode @ nid 36.
[  106.027208][ T7439] loop0: detected capacity change from 0 to 128
[  106.038568][ T7439] zonefs (loop0) ERROR: Not a zoned block device
[  106.205538][ T7443] netlink: 8 bytes leftover after parsing attributes in process `syz.2.623'.
[  107.855169][ T7461] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  108.864963][ T6853] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  109.062495][ T6853] usb 2-1: Using ep0 maxpacket: 8
[  109.083073][ T6853] usb 2-1: config 0 interface 0 has no altsetting 0
[  109.090722][ T6853] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  109.099444][ T6853] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.158735][ T6853] usb 2-1: config 0 descriptor??
[  109.441824][ T6853] usbhid 2-1:0.0: can't add hid device: -71
[  109.444642][ T6853] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  109.449767][ T6853] usb 2-1: USB disconnect, device number 9
[  109.578235][ T7492] loop0: detected capacity change from 0 to 512
[  109.584561][ T7492] EXT4-fs (loop0): orphan cleanup on readonly fs
[  109.588848][ T7492] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #11: block 1728053262: comm syz.0.642: lblock 0 mapped to illegal pblock 1728053262 (length 1)
[  109.597731][ T7492] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  109.603287][ T7492] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #15: comm syz.0.642: corrupted inode contents
[  109.608950][ T7492] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #15: comm syz.0.642: mark_inode_dirty error
[  109.613441][ T7492] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #15: comm syz.0.642: corrupted inode contents
[  109.617424][ T7492] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2991: inode #15: comm syz.0.642: mark_inode_dirty error
[  109.621614][ T7492] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2994: inode #15: comm syz.0.642: mark inode dirty (error -117)
[  109.627395][ T7492] EXT4-fs warning (device loop0): ext4_evict_inode:274: xattr delete (err -117)
[  109.630653][ T7492] EXT4-fs (loop0): 1 orphan inode deleted
[  109.634598][ T7492] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  109.661880][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.716305][ T7497] netlink: 13 bytes leftover after parsing attributes in process `syz.0.644'.
[  109.916569][ T7513] netlink: 8 bytes leftover after parsing attributes in process `syz.1.652'.
[  109.980735][ T7517] Bluetooth: hci0: too big key_count value 38325
[  110.137934][ T7529] loop0: detected capacity change from 0 to 256
[  110.148397][ T7529] FAT-fs (loop0): Directory bread(block 64) failed
[  110.150785][ T7529] FAT-fs (loop0): Directory bread(block 65) failed
[  110.154032][ T7529] FAT-fs (loop0): Directory bread(block 66) failed
[  110.156354][ T7529] FAT-fs (loop0): Directory bread(block 67) failed
[  110.158786][ T7529] FAT-fs (loop0): Directory bread(block 68) failed
[  110.161389][ T7529] FAT-fs (loop0): Directory bread(block 69) failed
[  110.164152][ T7529] FAT-fs (loop0): Directory bread(block 70) failed
[  110.166702][ T7529] FAT-fs (loop0): Directory bread(block 71) failed
[  110.169436][ T7529] FAT-fs (loop0): Directory bread(block 72) failed
[  110.171714][ T7529] FAT-fs (loop0): Directory bread(block 73) failed
[  110.341761][ T7543] loop1: detected capacity change from 0 to 8
[  110.351392][ T7543] unable to read id index table
[  110.477111][ T7553] netlink: 8 bytes leftover after parsing attributes in process `syz.1.671'.
[  110.554707][ T7559] loop1: detected capacity change from 0 to 1024
[  110.595651][ T7561] overlayfs: failed to clone upperpath
[  110.659688][ T7537] loop0: detected capacity change from 0 to 32768
[  110.688785][ T7537] I/O error, dev loop14, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  110.695390][ T7537] lbmIODone: I/O error in JFS log
[  110.701399][ T7537] *** Log Format Error ! ***
[  110.703606][ T7537] lmLogInit: exit(-22)
[  110.705092][ T7537] lmLogOpen: exit(-22)
[  110.865005][ T7605] nbd: socks must be embedded in a SOCK_ITEM attr
[  110.872014][ T7605] block nbd0: shutting down sockets
[  110.920565][ T7627] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  111.026048][ T7650] netlink: 8 bytes leftover after parsing attributes in process `syz.0.685'.
[  111.207974][ T7688] ref_ctr going negative. vaddr: 0x200000ffd000, curr val: -19135, delta: 1
[  111.211764][ T7688] ref_ctr increment failed for inode: 0x42f offset: 0x5 ref_ctr_offset: 0x1000 of mm: 0xffff88803ded4080
[  111.270273][ T7694] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  111.292992][ T7696] netlink: 24 bytes leftover after parsing attributes in process `syz.1.692'.
[  111.296422][ T7696] netlink: 12 bytes leftover after parsing attributes in process `syz.1.692'.
[  111.300139][ T7696] netlink: 24 bytes leftover after parsing attributes in process `syz.1.692'.
[  111.374618][ T7700] netlink: 256 bytes leftover after parsing attributes in process `syz.1.694'.
[  111.378668][ T7700] ksmbd: Unknown IPC event: 0, ignore.
[  111.682720][ T6853] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  111.833964][ T6853] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  111.838289][ T6853] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  111.841780][ T6853] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  111.846385][ T6853] usb 2-1: config 0 descriptor??
[  112.260041][ T6853] pyra 0003:1E7D:2CF6.0003: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.1-1/input0
[  112.497938][   T24] usb 2-1: USB disconnect, device number 10
[  113.120590][ T7748] loop1: detected capacity change from 0 to 512
[  113.123334][ T7748] EXT4-fs: Ignoring removed i_version option
[  113.133061][ T7748] EXT4-fs: inline encryption not supported
[  113.142971][ T7712] loop0: detected capacity change from 0 to 262144
[  113.146586][ T7712] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.700 (7712)
[  113.155094][ T7712] BTRFS info (device loop0): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  113.158185][ T7748] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.716: bg 0: block 131: padding at end of block bitmap is not set
[  113.158421][ T7712] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[  113.181520][ T7748] EXT4-fs (loop1): Remounting filesystem read-only
[  113.185681][ T7748] EXT4-fs (loop1): 1 truncate cleaned up
[  113.191190][ T7748] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.243910][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.248630][ T7712] BTRFS info (device loop0): enabling ssd optimizations
[  113.252381][ T7712] BTRFS info (device loop0): enabling free space tree
[  113.316595][ T7770] loop1: detected capacity change from 0 to 64
[  113.316997][ T5849] BTRFS info (device loop0): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  113.329620][ T7770] MINIX-fs: mounting file system with errors, running fsck is recommended
[  113.400693][ T7774] netlink: 'syz.0.719': attribute type 30 has an invalid length.
[  114.132859][   T24] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  114.284019][ T7798] loop1: detected capacity change from 0 to 1024
[  114.303961][   T24] usb 1-1: Using ep0 maxpacket: 8
[  114.309609][   T24] usb 1-1: unable to get BOS descriptor or descriptor too short
[  114.314987][   T24] usb 1-1: config 57 has an invalid interface number: 229 but max is 0
[  114.318389][   T24] usb 1-1: config 57 has no interface number 0
[  114.320771][   T24] usb 1-1: config 57 interface 229 has no altsetting 0
[  114.330868][   T24] usb 1-1: New USB device found, idVendor=0979, idProduct=0270, bcdDevice=dd.eb
[  114.334768][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  114.337977][   T24] usb 1-1: Product: syz
[  114.343354][   T24] usb 1-1: Manufacturer: syz
[  114.352463][   T24] usb 1-1: SerialNumber: syz
[  114.581966][   T24] gspca_main: jeilinj-2.14.0 probing 0979:0270
[  114.597964][   T24] usb 1-1: USB disconnect, device number 13
[  114.644174][ T7812] netlink: 'syz.1.736': attribute type 2 has an invalid length.
[  114.839744][ T7824] overlayfs: failed to clone upperpath
[  115.075710][ T7836] loop1: detected capacity change from 0 to 32768
[  115.090469][ T7836] find_entry called with index >= next_index
[  115.094909][ T7836] find_entry called with index >= next_index
[  115.111807][ T7836] find_entry called with index >= next_index
[  115.114857][ T7836] find_entry called with index >= next_index
[  115.116925][ T7836] find_entry called with index >= next_index
[  115.168989][ T7842] loop0: detected capacity change from 0 to 4096
[  115.171982][ T7842] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512).
[  115.186295][ T7842] ntfs3(loop0): Failed to load $Extend (-22).
[  115.188291][ T7842] ntfs3(loop0): Failed to initialize $Extend.
[  115.258740][ T7846] loop0: detected capacity change from 0 to 2048
[  115.269410][ T7846] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  115.468175][ T7848] loop0: detected capacity change from 0 to 32768
[  115.472643][ T7848] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.754 (7848)
[  115.482391][ T7848] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  115.485780][ T7848] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  115.529795][ T7848] BTRFS info (device loop0): rebuilding free space tree
[  115.549483][ T7848] BTRFS info (device loop0): allowing degraded mounts
[  115.554428][ T7848] BTRFS info (device loop0): enabling ssd optimizations
[  115.556959][ T7848] BTRFS info (device loop0): enabling free space tree
[  115.559358][ T7848] BTRFS info (device loop0): force clearing of disk cache
[  115.561596][ T7848] BTRFS info (device loop0): use zstd compression, level 3
[  115.578609][ T7848] BTRFS info (device loop0): max_inline set to 0
[  115.624732][ T5849] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  116.124608][ T7885] loop0: detected capacity change from 0 to 32768
[  116.204028][ T7885] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  116.261556][ T5849] ocfs2: Unmounting device (7,0) on (node local)
[  116.799842][ T7909] loop0: detected capacity change from 0 to 40427
[  116.816993][ T7909] F2FS-fs (loop0): invalid crc value
[  116.885255][ T7909] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  116.903157][ T7909] F2FS-fs (loop0): Start checkpoint disabled!
[  116.930411][ T7909] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  116.995975][  T175] kworker/u9:3: attempt to access beyond end of device
[  116.995975][  T175] loop0: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  117.004552][ T6042] kworker/u9:5: attempt to access beyond end of device
[  117.004552][ T6042] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  117.010066][ T6042] CPU: 0 UID: 0 PID: 6042 Comm: kworker/u9:5 Not tainted syzkaller #0 PREEMPT(full) 
[  117.010083][ T6042] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  117.010091][ T6042] Workqueue: writeback wb_workfn (flush-7:0)
[  117.010112][ T6042] Call Trace:
[  117.010117][ T6042]  <TASK>
[  117.010122][ T6042]  dump_stack_lvl+0x189/0x250
[  117.010142][ T6042]  ? __pfx_dump_stack_lvl+0x10/0x10
[  117.010156][ T6042]  ? __pfx_queue_work_on+0x10/0x10
[  117.010168][ T6042]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  117.010187][ T6042]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  117.010240][ T6042]  f2fs_handle_critical_error+0x37c/0x540
[  117.010265][ T6042]  f2fs_write_end_io+0x886/0xb60
[  117.010293][ T6042]  __submit_merged_bio+0x27a/0x6a0
[  117.010314][ T6042]  __submit_merged_write_cond+0x255/0x530
[  117.010337][ T6042]  f2fs_write_data_pages+0x261d/0x3000
[  117.010376][ T6042]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  117.010386][ T6042]  ? __local_bh_enable_ip+0x12d/0x1c0
[  117.010409][ T6042]  ? rcu_is_watching+0x15/0xb0
[  117.010491][ T6042]  ? unwind_next_frame+0xa5/0x2390
[  117.010503][ T6042]  ? unwind_next_frame+0x19ae/0x2390
[  117.010517][ T6042]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  117.010530][ T6042]  do_writepages+0x32e/0x550
[  117.010551][ T6042]  ? reacquire_held_locks+0x127/0x1d0
[  117.010562][ T6042]  ? writeback_sb_inodes+0x384/0x1010
[  117.010584][ T6042]  __writeback_single_inode+0x145/0xff0
[  117.010599][ T6042]  ? do_raw_spin_unlock+0x4d/0x240
[  117.010618][ T6042]  writeback_sb_inodes+0x6c7/0x1010
[  117.010668][ T6042]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  117.010720][ T6042]  ? rcu_is_watching+0x15/0xb0
[  117.010740][ T6042]  wb_writeback+0x43b/0xaf0
[  117.010761][ T6042]  ? queue_io+0x341/0x590
[  117.010778][ T6042]  ? __pfx_wb_writeback+0x10/0x10
[  117.010800][ T6042]  ? _raw_spin_unlock_irq+0x23/0x50
[  117.010822][ T6042]  wb_workfn+0x409/0xef0
[  117.010848][ T6042]  ? __pfx_wb_workfn+0x10/0x10
[  117.010872][ T6042]  ? __lock_acquire+0xab9/0xd20
[  117.010899][ T6042]  ? process_scheduled_works+0x9ef/0x17b0
[  117.010917][ T6042]  ? _raw_spin_unlock_irq+0x23/0x50
[  117.010933][ T6042]  ? process_scheduled_works+0x9ef/0x17b0
[  117.010943][ T6042]  ? process_scheduled_works+0x9ef/0x17b0
[  117.010956][ T6042]  process_scheduled_works+0xae1/0x17b0
[  117.010994][ T6042]  ? __pfx_process_scheduled_works+0x10/0x10
[  117.011022][ T6042]  worker_thread+0x8a0/0xda0
[  117.011036][ T6042]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  117.011060][ T6042]  ? __kthread_parkme+0x7b/0x200
[  117.011082][ T6042]  kthread+0x711/0x8a0
[  117.011100][ T6042]  ? __pfx_worker_thread+0x10/0x10
[  117.011112][ T6042]  ? __pfx_kthread+0x10/0x10
[  117.011133][ T6042]  ? _raw_spin_unlock_irq+0x23/0x50
[  117.011149][ T6042]  ? lockdep_hardirqs_on+0x9c/0x150
[  117.011160][ T6042]  ? __pfx_kthread+0x10/0x10
[  117.011176][ T6042]  ret_from_fork+0x439/0x7d0
[  117.011191][ T6042]  ? __pfx_ret_from_fork+0x10/0x10
[  117.011234][ T6042]  ? __switch_to_asm+0x39/0x70
[  117.011249][ T6042]  ? __switch_to_asm+0x33/0x70
[  117.011262][ T6042]  ? __pfx_kthread+0x10/0x10
[  117.011278][ T6042]  ret_from_fork_asm+0x1a/0x30
[  117.011312][ T6042]  </TASK>
[  117.011318][ T6042] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  117.235511][ T7925] loop1: detected capacity change from 0 to 32768
[  117.276371][ T5854] Dev loop1 SGI disklabel: csum bad, label corrupted
[  117.287274][ T7925] Dev loop1 SGI disklabel: csum bad, label corrupted
[  117.434430][ T7930] loop0: detected capacity change from 0 to 512
[  117.446620][ T7930] EXT4-fs: Ignoring removed oldalloc option
[  117.463031][ T7930] EXT4-fs: old and new quota format mixing
[  117.790064][ T7934] loop1: detected capacity change from 0 to 32768
[  117.794501][ T7934] XFS: attr2 mount option is deprecated.
[  117.835384][ T7934] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  117.862698][ T7934] XFS (loop1): Ending clean mount
[  117.867971][ T7934] XFS (loop1): Quotacheck needed: Please wait.
[  117.903654][ T7934] XFS (loop1): Quotacheck: Done.
[  117.949485][ T5845] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  117.991970][ T7936] loop0: detected capacity change from 0 to 40427
[  118.025566][ T7936] F2FS-fs (loop0): invalid crc value
[  118.095847][ T7936] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  118.111946][ T7936] F2FS-fs (loop0): Start checkpoint disabled!
[  118.148047][ T7936] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  118.283104][   T27] kworker/u10:0: attempt to access beyond end of device
[  118.283104][   T27] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  118.290591][   T27] CPU: 1 UID: 0 PID: 27 Comm: kworker/u10:0 Not tainted syzkaller #0 PREEMPT(full) 
[  118.290603][   T27] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  118.290608][   T27] Workqueue: writeback wb_workfn (flush-7:0)
[  118.290622][   T27] Call Trace:
[  118.290625][   T27]  <TASK>
[  118.290628][   T27]  dump_stack_lvl+0x189/0x250
[  118.290641][   T27]  ? __pfx_dump_stack_lvl+0x10/0x10
[  118.290649][   T27]  ? __pfx_queue_work_on+0x10/0x10
[  118.290656][   T27]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  118.290667][   T27]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  118.290682][   T27]  f2fs_handle_critical_error+0x37c/0x540
[  118.290696][   T27]  f2fs_write_end_io+0x886/0xb60
[  118.290712][   T27]  __submit_merged_bio+0x27a/0x6a0
[  118.290724][   T27]  __submit_merged_write_cond+0x255/0x530
[  118.290737][   T27]  f2fs_write_data_pages+0x261d/0x3000
[  118.290759][   T27]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  118.290765][   T27]  ? __switch_to+0xdae/0x1670
[  118.290793][   T27]  ? rcu_is_watching+0x15/0xb0
[  118.290800][   T27]  ? trace_sched_exit_tp+0x36/0x110
[  118.290809][   T27]  ? __schedule+0x17ae/0x4cc0
[  118.290827][   T27]  ? __pfx___schedule+0x10/0x10
[  118.290833][   T27]  ? f2fs_write_meta_pages+0x357/0x450
[  118.290845][   T27]  ? lockdep_hardirqs_on+0x9c/0x150
[  118.290853][   T27]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  118.290860][   T27]  do_writepages+0x32e/0x550
[  118.290871][   T27]  ? preempt_schedule+0xae/0xc0
[  118.290877][   T27]  ? __pfx_preempt_schedule+0x10/0x10
[  118.290882][   T27]  ? reacquire_held_locks+0x127/0x1d0
[  118.290889][   T27]  ? writeback_sb_inodes+0x384/0x1010
[  118.290902][   T27]  __writeback_single_inode+0x145/0xff0
[  118.290914][   T27]  writeback_sb_inodes+0x6c7/0x1010
[  118.290934][   T27]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  118.290962][   T27]  ? rcu_is_watching+0x15/0xb0
[  118.290973][   T27]  wb_writeback+0x43b/0xaf0
[  118.290985][   T27]  ? queue_io+0x341/0x590
[  118.290995][   T27]  ? __pfx_wb_writeback+0x10/0x10
[  118.291007][   T27]  ? _raw_spin_unlock_irq+0x23/0x50
[  118.291020][   T27]  wb_workfn+0x409/0xef0
[  118.291034][   T27]  ? __pfx_wb_workfn+0x10/0x10
[  118.291043][   T27]  ? __lock_acquire+0xab9/0xd20
[  118.291058][   T27]  ? process_scheduled_works+0x9ef/0x17b0
[  118.291067][   T27]  ? _raw_spin_unlock_irq+0x23/0x50
[  118.291077][   T27]  ? process_scheduled_works+0x9ef/0x17b0
[  118.291083][   T27]  ? process_scheduled_works+0x9ef/0x17b0
[  118.291090][   T27]  process_scheduled_works+0xae1/0x17b0
[  118.291110][   T27]  ? __pfx_process_scheduled_works+0x10/0x10
[  118.291124][   T27]  worker_thread+0x8a0/0xda0
[  118.291143][   T27]  kthread+0x711/0x8a0
[  118.291153][   T27]  ? __pfx_worker_thread+0x10/0x10
[  118.291160][   T27]  ? __pfx_kthread+0x10/0x10
[  118.291169][   T27]  ? _raw_spin_unlock_irq+0x23/0x50
[  118.291179][   T27]  ? lockdep_hardirqs_on+0x9c/0x150
[  118.291185][   T27]  ? __pfx_kthread+0x10/0x10
[  118.291232][   T27]  ret_from_fork+0x439/0x7d0
[  118.291247][   T27]  ? __pfx_ret_from_fork+0x10/0x10
[  118.291262][   T27]  ? __switch_to_asm+0x39/0x70
[  118.291269][   T27]  ? __switch_to_asm+0x33/0x70
[  118.291277][   T27]  ? __pfx_kthread+0x10/0x10
[  118.291286][   T27]  ret_from_fork_asm+0x1a/0x30
[  118.291302][   T27]  </TASK>
[  118.291305][   T27] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  118.674591][ T7979] loop1: detected capacity change from 0 to 1024
[  118.699156][   T36] hfsplus: b-tree write err: -5, ino 4
[  118.821562][ T7987] loop0: detected capacity change from 0 to 128
[  118.830682][ T7989] 9pnet_fd: Insufficient options for proto=fd
[  118.851888][ T7987] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  118.860713][ T7987] UDF-fs: warning (device loop0): udf_fill_super: No fileset found
[  119.042716][ T8006] netlink: 64691 bytes leftover after parsing attributes in process `syz.1.814'.
[  119.067562][ T8009] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  119.098530][ T8010] netlink: 'syz.2.815': attribute type 29 has an invalid length.
[  119.101798][ T8010] netlink: 24 bytes leftover after parsing attributes in process `syz.2.815'.
[  119.122773][ T6853] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  119.280474][ T6853] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  119.285880][ T6853] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  119.289255][ T6853] usb 1-1: Product: syz
[  119.291458][ T6853] usb 1-1: Manufacturer: syz
[  119.295289][ T6853] usb 1-1: SerialNumber: syz
[  119.305133][ T6853] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  119.328057][   T10] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  119.937375][   T33] audit: type=1326 audit(1758639490.583:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8033 comm="syz.1.827" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe64f58ec29 code=0x0
[  120.077137][ T2321] usb 1-1: USB disconnect, device number 14
[  120.262302][ T5882] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  120.479031][ T5882] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  120.482466][ T5882] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  120.486280][ T5882] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  120.489393][ T5882] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  120.492083][ T5882] usb 2-1: SerialNumber: syz
[  120.783908][ T5882] usb 2-1: 0:2 : does not exist
[  120.842766][   T10] usb 1-1: Service connection timeout for: 256
[  120.845327][   T10] ath9k_htc 1-1:1.0: ath9k_htc: Unable to initialize HTC services
[  120.849397][   T10] ath9k_htc: Failed to initialize the device
[  120.852972][ T2321] usb 1-1: ath9k_htc: USB layer deinitialized
[  120.870002][ T5882] usb 2-1: USB disconnect, device number 11
[  120.897257][ T5854] udevd[5854]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  121.032006][ T8056] netlink: 'syz.0.836': attribute type 1 has an invalid length.
[  121.327171][ T8068] netlink: 'syz.2.841': attribute type 34 has an invalid length.
[  121.391619][ T8074] loop1: detected capacity change from 0 to 256
[  121.408655][ T8074] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x467a0815, utbl_chksum : 0xe619d30d)
[  121.416098][ T8074] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  121.492306][   T10] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  121.851881][   T10] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  121.856231][   T10] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  121.860379][   T10] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  121.864212][   T10] usb 1-1: config 1 has no interface number 1
[  121.866718][   T10] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  121.871711][   T10] usb 1-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  121.879431][   T10] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  121.884809][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  121.888028][   T10] usb 1-1: Product: syz
[  121.889754][   T10] usb 1-1: Manufacturer: syz
[  121.891608][   T10] usb 1-1: SerialNumber: syz
[  122.112439][   T10] usb 1-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0
[  122.115491][   T10] usb 1-1: MIDIStreaming interface descriptor not found
[  122.140552][   T10] usb 1-1: USB disconnect, device number 15
[  122.184195][ T6098] udevd[6098]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  122.481651][ T8095] loop1: detected capacity change from 0 to 4096
[  122.487733][ T8095] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  122.503386][ T8095] ntfs3(loop1): volume is dirty and "force" flag is not set!
[  122.909506][ T8108] loop1: detected capacity change from 0 to 1024
[  122.986968][   T36] hfsplus: b-tree write err: -5, ino 4
[  123.863812][ T8142] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  123.888401][ T8142] batman_adv: batadv0: Removing interface: batadv_slave_0
[  123.968023][ T8144] netlink: 12 bytes leftover after parsing attributes in process `syz.0.873'.
[  124.225411][ T8158] loop0: detected capacity change from 0 to 32768
[  124.228832][ T8158] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.880 (8158)
[  124.240144][ T8158] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  124.244056][ T8158] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  124.273802][ T8158] BTRFS info (device loop0): enabling ssd optimizations
[  124.282351][ T8158] BTRFS info (device loop0): enabling free space tree
[  124.302508][ T5849] BTRFS info (device loop0): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  125.192109][ T8195] Zero length message leads to an empty skb
[  125.251469][ T8199] atomic_op ffff88811ac32998 conn xmit_atomic 0000000000000000
[  125.552352][   T24] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  125.672307][ T5238] Bluetooth: hci0: command tx timeout
[  125.723280][   T24] usb 2-1: Using ep0 maxpacket: 32
[  125.730952][   T24] usb 2-1: config 0 has an invalid interface number: 190 but max is 0
[  125.734798][   T24] usb 2-1: config 0 has no interface number 0
[  125.737617][   T24] usb 2-1: config 0 interface 190 has no altsetting 0
[  125.745603][   T24] usb 2-1: New USB device found, idVendor=1234, idProduct=0002, bcdDevice=2f.ac
[  125.749355][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  125.752529][   T24] usb 2-1: Product: syz
[  125.754014][   T24] usb 2-1: Manufacturer: syz
[  125.755936][   T24] usb 2-1: SerialNumber: syz
[  125.762366][   T24] usb 2-1: config 0 descriptor??
[  125.980779][   T24] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.190/input/input4
[  126.187823][   T24] usb 2-1: USB disconnect, device number 12
[  126.198772][ T8220] netlink: 128 bytes leftover after parsing attributes in process `syz.0.901'.
[  126.204516][ T8220] netlink: 'syz.0.901': attribute type 6 has an invalid length.
[  126.454091][ T8242] syz.2.912 uses obsolete (PF_INET,SOCK_PACKET)
[  126.586386][ T8251] loop0: detected capacity change from 0 to 512
[  126.603200][ T8251] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  126.626518][ T8251] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  126.634680][ T8251] ext4 filesystem being mounted at /257/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  126.664026][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.757213][   T33] audit: type=1326 audit(1758639497.393:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8263 comm="syz.2.921" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fef7ef8ec29 code=0x0
[  127.018181][ T8280] netlink: 8 bytes leftover after parsing attributes in process `syz.1.928'.
[  127.085345][ T8285] loop1: detected capacity change from 0 to 256
[  127.104097][ T8285] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  127.203597][ T8289] netlink: 32 bytes leftover after parsing attributes in process `syz.1.932'.
[  127.207159][ T8289] netlink: 32 bytes leftover after parsing attributes in process `syz.1.932'.
[  127.382847][ T5238] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  127.388471][ T5238] Bluetooth: hci2: Injecting HCI hardware error event
[  127.392502][ T5238] Bluetooth: hci2: hardware error 0x00
[  127.608819][ T8300] 9pnet_virtio: no channels available for device syz
[  127.930396][ T8308] loop0: detected capacity change from 0 to 8
[  127.939923][ T8308] Filesystem uses "unknown" compression. This is not supported
[  128.010429][ T8310] netlink: 8 bytes leftover after parsing attributes in process `syz.2.941'.
[  128.019602][ T8310] veth0_to_bond: entered allmulticast mode
[  128.028726][ T8310] netlink: 8 bytes leftover after parsing attributes in process `syz.2.941'.
[  128.382460][   T24] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  128.562376][   T24] usb 1-1: Using ep0 maxpacket: 16
[  128.568934][   T24] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  128.573155][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  128.576507][   T24] usb 1-1: Product: syz
[  128.578449][   T24] usb 1-1: Manufacturer: syz
[  128.580559][   T24] usb 1-1: SerialNumber: syz
[  128.586263][   T24] usb 1-1: config 0 descriptor??
[  128.594187][   T24] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected
[  128.598538][   T24] usb 1-1: Detected FT232H
[  129.003825][   T24] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  129.006896][   T24] ftdi_sio 1-1:0.0: GPIO initialisation failed: -71
[  129.010565][   T24] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  129.014769][   T24] usb 1-1: USB disconnect, device number 16
[  129.021556][   T24] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  129.025968][   T24] ftdi_sio 1-1:0.0: device disconnected
[  129.195343][ T8356] netlink: 8 bytes leftover after parsing attributes in process `syz.2.960'.
[  129.512575][ T5238] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  130.689730][ T8381] netlink: 104 bytes leftover after parsing attributes in process `syz.2.971'.
[  130.811926][ T8384] gtp0: entered promiscuous mode
[  131.021302][ T8398] netlink: 'syz.2.979': attribute type 3 has an invalid length.
[  131.026175][ T8398] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  131.078419][ T8400] netlink: 12 bytes leftover after parsing attributes in process `syz.0.980'.
[  131.146745][ T8407] netlink: 8 bytes leftover after parsing attributes in process `syz.0.983'.
[  131.297522][ T8417] loop0: detected capacity change from 0 to 512
[  131.318062][ T8417] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.324268][ T8417] ext4 filesystem being mounted at /271/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  131.340904][ T8417] EXT4-fs (loop0): shut down requested (0)
[  131.421841][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.494072][ T8432] netlink: 'syz.1.994': attribute type 1 has an invalid length.
[  131.497438][ T8432] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  131.525775][ T8436] veth3: entered promiscuous mode
[  131.574598][ T8438] sp0: Synchronizing with TNC
[  131.578896][ T8440] 9pnet_fd: Insufficient options for proto=fd
[  131.819804][ T8434] loop0: detected capacity change from 0 to 40427
[  131.836661][ T8434] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  131.839589][ T8434] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  131.849711][ T8434] F2FS-fs (loop0): invalid crc value
[  132.029418][ T8434] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  132.045762][ T8434] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  132.049083][ T8434] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  132.478753][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  132.608382][ T8477] loop1: detected capacity change from 0 to 32768
[  132.614089][ T8477] (syz.1.1012,8477,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  132.620061][ T8477] (syz.1.1012,8477,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  132.631431][ T8477] JBD2: Ignoring recovery information on journal
[  132.666236][ T8477] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  132.750110][ T5845] ocfs2: Unmounting device (7,1) on (node local)
[  132.856672][ T8489] netlink: 'syz.1.1015': attribute type 12 has an invalid length.
[  132.860366][ T8489] netlink: 'syz.1.1015': attribute type 29 has an invalid length.
[  132.864662][ T8489] __nla_validate_parse: 1 callbacks suppressed
[  132.864672][ T8489] netlink: 148 bytes leftover after parsing attributes in process `syz.1.1015'.
[  132.871198][ T8489] netlink: 'syz.1.1015': attribute type 2 has an invalid length.
[  132.874546][ T8489] netlink: 'syz.1.1015': attribute type 3 has an invalid length.
[  132.988170][ T8499] loop1: detected capacity change from 0 to 2048
[  132.994879][ T8499] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  133.001473][ T6098] udevd[6098]: incorrect nilfs2 checksum on /dev/loop1
[  133.004716][ T8499] NILFS (loop1): mounting unchecked fs
[  133.008242][ T8499] NILFS (loop1): recovery required for readonly filesystem
[  133.010621][ T8499] NILFS (loop1): write access will be enabled during recovery
[  133.021917][ T8499] NILFS (loop1): norecovery option specified, skipping roll-forward recovery
[  133.028339][ T6098] udevd[6098]: incorrect nilfs2 checksum on /dev/loop1
[  133.040421][ T8499] NILFS (loop1): couldn't remount because the filesystem is in an incomplete recovery state
[  133.046795][ T8499] netlink: 1608 bytes leftover after parsing attributes in process `syz.1.1021'.
[  133.347102][ T8508] loop0: detected capacity change from 0 to 128
[  133.364162][    T9] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  133.527395][    T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  133.531462][    T9] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  133.551504][    T9] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  133.555990][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  133.559551][    T9] usb 2-1: SerialNumber: syz
[  133.860022][ T8522] loop0: detected capacity change from 0 to 32768
[  133.896005][ T8522] bcachefs (dev-0): cannot online: device too small
[  133.898557][ T8522] bcachefs (loop0): shutting down
[  133.914671][ T8522] bcachefs (loop0): shutdown complete
[  133.928475][    T9] usb 2-1: 0:2 : does not exist
[  133.951682][    T9] usb 2-1: USB disconnect, device number 13
[  133.983758][ T6098] udevd[6098]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  134.021617][ T8551] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1044'.
[  134.032684][ T8551] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1044'.
[  134.603794][ T8522] bcachefs: bch2_fs_get_tree() error: device_size_too_small
[  135.176482][ T8590] loop0: detected capacity change from 0 to 256
[  135.194384][ T8590] FAT-fs (loop0): Directory bread(block 64) failed
[  135.197172][ T8590] FAT-fs (loop0): Directory bread(block 65) failed
[  135.200114][ T8590] FAT-fs (loop0): Directory bread(block 66) failed
[  135.203763][ T8590] FAT-fs (loop0): Directory bread(block 67) failed
[  135.206504][ T8590] FAT-fs (loop0): Directory bread(block 68) failed
[  135.211121][ T8590] FAT-fs (loop0): Directory bread(block 69) failed
[  135.215701][ T8590] FAT-fs (loop0): Directory bread(block 70) failed
[  135.218478][ T8590] FAT-fs (loop0): Directory bread(block 71) failed
[  135.221416][ T8590] FAT-fs (loop0): Directory bread(block 72) failed
[  135.224957][ T8590] FAT-fs (loop0): Directory bread(block 73) failed
[  135.400644][   T33] audit: type=1804 audit(1758639506.043:17): pid=8599 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1065" name="bus" dev="ramfs" ino=14733 res=1 errno=0
[  135.412318][   T33] audit: type=1804 audit(1758639506.053:18): pid=8599 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.1065" name="bus" dev="ramfs" ino=14733 res=1 errno=0
[  136.170484][ T8642] Bluetooth: hci0: invalid length 3, exp 2 for type 23
[  136.484697][ T5882] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  136.732445][ T5882] usb 1-1: Using ep0 maxpacket: 32
[  136.738198][ T5882] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  136.744056][ T5882] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  136.747518][ T5882] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  136.750948][ T5882] usb 1-1: Product: syz
[  137.123186][ T5882] usb 1-1: Manufacturer: syz
[  137.128656][ T5882] usb 1-1: SerialNumber: syz
[  137.134683][ T5882] usb 1-1: config 0 descriptor??
[  137.139768][ T8646] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  137.149151][ T5882] hub 1-1:0.0: bad descriptor, ignoring hub
[  137.153375][ T5882] hub 1-1:0.0: probe with driver hub failed with error -5
[  137.472587][    T9] usb 1-1: USB disconnect, device number 17
[  137.567431][ T8676] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1099'.
[  137.571645][ T8676] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1099'.
[  137.812286][    T9] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  137.962304][    T9] usb 1-1: Using ep0 maxpacket: 32
[  137.965965][    T9] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  137.973089][    T9] usb 1-1: string descriptor 0 read error: -22
[  137.975283][    T9] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  137.978445][    T9] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  137.982841][    T9] usb 1-1: config 0 descriptor??
[  137.986327][ T8646] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  137.989915][    T9] hub 1-1:0.0: bad descriptor, ignoring hub
[  137.992553][ T5895] usb 2-1: new full-speed USB device number 14 using dummy_hcd
[  137.995792][    T9] hub 1-1:0.0: probe with driver hub failed with error -5
[  138.155519][ T5895] usb 2-1: too many endpoints for config 253 interface 0 altsetting 0: 255, using maximum allowed: 30
[  138.160030][ T5895] usb 2-1: config 253 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 255
[  138.166927][ T5895] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  138.170725][ T5895] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  138.174039][ T5895] usb 2-1: SerialNumber: syz
[  138.266344][ T8688] openvswitch: netlink: IP tunnel dst address not specified
[  138.302566][    T9] usb 1-1: USB disconnect, device number 18
[  138.411302][ T5895] usb 2-1: USB disconnect, device number 14
[  138.449943][ T8696] netlink: 'syz.2.1109': attribute type 1 has an invalid length.
[  139.109589][ T8720] loop1: detected capacity change from 0 to 256
[  139.139538][ T8720] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  139.149267][ T8720] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  139.169555][ T8720] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  139.222433][   T33] audit: type=1800 audit(1758639509.833:19): pid=8720 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1121" name="file1" dev="loop1" ino=1048602 res=0 errno=0
[  139.239843][ T8720] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  139.266218][ T8720] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  139.284607][ T8720] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  139.499524][ T8730] loop1: detected capacity change from 0 to 4096
[  139.520910][ T8730] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[  139.574033][ T8730] ntfs3(loop1): ino=0, attr_set_size
[  139.583957][ T8730] ntfs3(loop1): ino=0, attr_set_size
[  139.591024][ T8730] ntfs3(loop1): ino=0, attr_set_size
[  139.602115][ T8730] ntfs3(loop1): no free space to extend mft
[  139.870488][ T8740] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1130'.
[  140.177659][ T8742] loop1: detected capacity change from 0 to 32768
[  140.183389][ T8742] bcachefs (/dev/loop1): error validating superblock: Invalid superblock section journal_v2: journal bucket at sector 0
[  140.183389][ T8742] journal_v2 (size 40):
[  140.183389][ T8742] Buckets:  9-432345564227567632 0-1
[  140.183389][ T8742] 
[  140.192797][ T8742] bcachefs: bch2_fs_get_tree() error: invalid_sb_journal
[  140.345993][ T8732] syz.0.1126 (8732): drop_caches: 2
[  140.956137][    T9] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  141.113263][    T9] usb 1-1: Using ep0 maxpacket: 8
[  141.121062][    T9] usb 1-1: unable to get BOS descriptor or descriptor too short
[  141.127854][    T9] usb 1-1: config 12 interface 0 altsetting 7 endpoint 0x3 has invalid wMaxPacketSize 0
[  141.131971][    T9] usb 1-1: config 12 interface 0 has no altsetting 0
[  141.146209][    T9] usb 1-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=6a.e5
[  141.149865][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.153287][    T9] usb 1-1: Product: syz
[  141.155070][    T9] usb 1-1: Manufacturer: syz
[  141.157036][    T9] usb 1-1: SerialNumber: syz
[  141.702100][    T9] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  141.705592][    T9] usb 1-1: selecting invalid altsetting 0
[  141.742509][    T9] usb 1-1: USB disconnect, device number 19
[  141.785897][ T8456] udevd[8456]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:12.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  142.009034][ T8768] No control pipe specified
[  142.011591][ T8768] netlink: 'syz.1.1142': attribute type 11 has an invalid length.
[  142.625960][ T8779] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.787770][ T8779] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.905170][ T8779] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.001737][ T8779] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.091226][ T8782] loop0: detected capacity change from 0 to 32768
[  143.158564][ T5909] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  143.172518][ T5909] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  143.186396][ T5909] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  143.208352][ T5875] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  143.310231][ T8788] loop1: detected capacity change from 0 to 32768
[  143.318720][ T8788] jfs_mount: Mount Failure: superblock is corrupt!
[  143.321427][ T8788] Mount JFS Failure: -22
[  143.332556][ T8788] jfs_mount failed w/return code = -22
[  143.485329][ T8798] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1154'.
[  143.935611][ T8818] loop1: detected capacity change from 0 to 512
[  143.957568][ T8816] loop0: detected capacity change from 0 to 4096
[  143.979666][ T8816] NILFS (loop0): invalid segment: Checksum error in segment payload
[  143.984321][ T8818] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.984777][ T8816] NILFS (loop0): trying rollback from an earlier position
[  143.988587][ T8818] ext4 filesystem being mounted at /395/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  143.999000][ T8816] NILFS (loop0): recovery complete
[  144.003915][ T8822] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  144.025657][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.198315][ T8830] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  144.245534][ T8836] loop1: detected capacity change from 0 to 128
[  144.251565][ T8836] FAT-fs (loop1): bogus number of FAT structure
[  144.258338][ T8836] FAT-fs (loop1): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  144.264101][ T8836] FAT-fs (loop1): Can't find a valid FAT filesystem
[  144.435750][ T8834] loop0: detected capacity change from 0 to 32768
[  144.457214][ T8834] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  144.522118][ T8834] XFS (loop0): Ending clean mount
[  144.576590][ T5849] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  144.924914][ T8854] loop1: detected capacity change from 0 to 40427
[  144.938482][ T8854] F2FS-fs: heap/no_heap options were deprecated
[  144.940601][ T8854] F2FS-fs: inline encryption not supported
[  144.949001][ T8854] F2FS-fs (loop1): journaled quota format not specified
[  145.148506][ T8860] loop0: detected capacity change from 0 to 32768
[  145.224028][ T8860] ea_get: invalid extended attribute
[  145.226533][ T8860] ffff88802a21d628: 04 00 00 00                                      ....
[  145.934295][ T6853] usb 2-1: new full-speed USB device number 15 using dummy_hcd
[  146.029037][ T8912] loop0: detected capacity change from 0 to 16
[  146.033902][ T8912] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  146.085658][ T6853] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  146.090187][ T6853] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xC6, changing to 0x86
[  146.099211][ T6853] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[  146.105041][ T6853] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  146.139351][ T6853] usb 2-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87
[  146.143618][ T6853] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.146974][ T6853] usb 2-1: Product: syz
[  146.148847][ T6853] usb 2-1: Manufacturer: syz
[  146.150734][ T6853] usb 2-1: SerialNumber: syz
[  146.161499][ T6853] usb 2-1: config 0 descriptor??
[  146.174875][ T6853] port100 2-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[  146.420090][ T6853] usb 2-1: USB disconnect, device number 15
[  147.433918][   T33] audit: type=1326 audit(1758639518.083:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8941 comm="syz.0.1215" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9ee58ec29 code=0x7ffc0000
[  147.455788][   T33] audit: type=1326 audit(1758639518.083:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8941 comm="syz.0.1215" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9ee58ec29 code=0x7ffc0000
[  147.475051][   T33] audit: type=1326 audit(1758639518.093:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8941 comm="syz.0.1215" exe="/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7ff9ee58ec29 code=0x7ffc0000
[  147.486797][   T33] audit: type=1326 audit(1758639518.093:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8941 comm="syz.0.1215" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9ee58ec29 code=0x7ffc0000
[  147.507420][   T33] audit: type=1326 audit(1758639518.093:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8941 comm="syz.0.1215" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9ee58ec29 code=0x7ffc0000
[  147.527994][   T33] audit: type=1326 audit(1758639518.103:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8941 comm="syz.0.1215" exe="/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7ff9ee58ec29 code=0x7ffc0000
[  147.539814][   T33] audit: type=1326 audit(1758639518.123:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8941 comm="syz.0.1215" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9ee58ec29 code=0x7ffc0000
[  147.555190][   T33] audit: type=1326 audit(1758639518.123:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8941 comm="syz.0.1215" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9ee58ec29 code=0x7ffc0000
[  147.566056][   T33] audit: type=1326 audit(1758639518.123:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8945 comm="syz.0.1215" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff9ee5c14e5 code=0x7ffc0000
[  147.575255][   T33] audit: type=1326 audit(1758639518.153:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8941 comm="syz.0.1215" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff9ee58ec29 code=0x7ffc0000
[  147.866402][ T8956] loop1: detected capacity change from 0 to 32768
[  147.889462][ T8956] (syz.1.1222,8956,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  147.895517][ T8956] (syz.1.1222,8956,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  147.910680][ T8956] JBD2: Ignoring recovery information on journal
[  147.953597][ T8956] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  148.015317][ T5845] ocfs2: Unmounting device (7,1) on (node local)
[  148.171189][ T8974] ieee802154 phy1 wpan1: encryption failed: -90
[  148.216503][ T8976] loop1: detected capacity change from 0 to 512
[  148.238832][ T8976] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  148.247890][ T8976] ext4 filesystem being mounted at /421/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.276488][ T8976] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  148.286157][ T8976] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 2 with error 28
[  148.293636][ T8976] EXT4-fs (loop1): This should not happen!! Data will be lost
[  148.293636][ T8976] 
[  148.297447][ T8976] EXT4-fs (loop1): Total free blocks count 0
[  148.300868][ T8976] EXT4-fs (loop1): Free/Dirty block details
[  148.303707][ T8976] EXT4-fs (loop1): free_blocks=65280
[  148.305895][ T8976] EXT4-fs (loop1): dirty_blocks=2
[  148.307985][ T8976] EXT4-fs (loop1): Block reservation details
[  148.310435][ T8976] EXT4-fs (loop1): i_reserved_data_blocks=2
[  148.327339][ T8976] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 2 with max blocks 3 with error 28
[  148.497791][ T8984] loop1: detected capacity change from 0 to 1024
[  148.531913][ T8984] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only.
[  148.982624][ T5882] usb 2-1: new full-speed USB device number 16 using dummy_hcd
[  149.144818][ T5882] usb 2-1: unable to get BOS descriptor or descriptor too short
[  149.148039][ T5882] usb 2-1: not running at top speed; connect to a high speed hub
[  149.151747][ T5882] usb 2-1: config 2 has an invalid interface number: 226 but max is 1
[  149.154651][ T5882] usb 2-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  149.158327][ T5882] usb 2-1: config 2 has 1 interface, different from the descriptor's value: 2
[  149.161843][ T5882] usb 2-1: config 2 has no interface number 0
[  149.164013][ T5882] usb 2-1: config 2 interface 226 altsetting 0 endpoint 0x1 has invalid maxpacket 512, setting to 64
[  149.168392][ T5882] usb 2-1: config 2 interface 226 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 10
[  149.172537][ T5882] usb 2-1: config 2 interface 226 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  149.178247][ T5882] usb 2-1: New USB device found, idVendor=0738, idProduct=4540, bcdDevice=c6.ce
[  149.181835][ T5882] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  149.185236][ T5882] usb 2-1: Product: syz
[  149.187262][ T5882] usb 2-1: Manufacturer: syz
[  149.188981][ T5882] usb 2-1: SerialNumber: syz
[  149.410414][ T5882] usb 2-1: USB disconnect, device number 16
[  150.068031][ T9023] loop0: detected capacity change from 0 to 32768
[  150.084497][ T9023] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  150.100343][ T9023] XFS (loop0): Ending clean mount
[  150.106145][ T9023] XFS (loop0): Quotacheck needed: Please wait.
[  150.129875][ T9023] XFS (loop0): Quotacheck: Done.
[  150.175418][ T6853] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  150.199675][ T5849] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  150.337620][ T6853] usb 2-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.17
[  150.344127][ T6853] usb 2-1: New USB device strings: Mfr=129, Product=2, SerialNumber=3
[  150.348050][ T6853] usb 2-1: Product: syz
[  150.349796][ T6853] usb 2-1: Manufacturer: syz
[  150.351831][ T6853] usb 2-1: SerialNumber: syz
[  150.362668][ T6853] usb 2-1: config 0 descriptor??
[  150.371324][ T6853] ch341 2-1:0.0: ch341-uart converter detected
[  150.545991][ T9045] loop0: detected capacity change from 0 to 32768
[  150.609924][ T9045] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=crc64,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,recovery_pass_last=set_may_go_rw,reconstruct_alloc,no_data_io
[  150.609945][ T9045]   allowing incompatible features above 0.0: (unknown version)
[  150.609952][ T9045]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  150.629930][ T9045] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  150.633517][ T9045] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[  150.637019][ T9045] bcachefs (loop0): Version upgrade required:
[  150.637019][ T9045] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  150.637019][ T9045] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  150.637019][ T9045]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  150.669661][ T9045] bcachefs (loop0): dropping and reconstructing all alloc info
[  150.690057][ T9045] bcachefs (loop0): accounting_read... done
[  150.695397][ T9045] bcachefs (loop0): alloc_read... done
[  150.698513][ T9045] bcachefs (loop0): snapshots_read... done
[  150.702936][ T9045] bcachefs (loop0): check_allocations... done
[  150.733655][ T9045] bcachefs (loop0): going read-write
[  150.742724][ T9045] bcachefs (loop0): done starting filesystem
[  150.780867][ T5849] bcachefs (loop0): shutting down
[  150.784958][ T5849] bcachefs (loop0): going read-only
[  150.787253][ T5849] bcachefs (loop0): finished waiting for writes to stop
[  150.792058][ T5849] bcachefs (loop0): flushing journal and stopping allocators, journal seq 10
[  150.796009][ T5849] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 10
[  150.802720][ T5849] bcachefs (loop0): unclean shutdown complete, journal seq 11
[  150.806208][ T5849] bcachefs (loop0): done going read-only, filesystem not clean
[  150.819962][ T5849] bcachefs (loop0): shutdown complete
[  150.980424][ T6853] usb 2-1: failed to send control message: -71
[  150.983964][ T6853] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[  150.991522][ T6853] usb 2-1: USB disconnect, device number 17
[  150.995525][ T6853] ch341 2-1:0.0: device disconnected
[  152.419174][ T9101] loop1: detected capacity change from 0 to 512
[  152.785009][ T9111] loop0: detected capacity change from 0 to 32768
[  152.789932][ T9111] bcachefs (/dev/loop0): error validating superblock: Invalid superblock: member info area missing
[  152.802450][ T9111] bcachefs: bch2_fs_get_tree() error: invalid_sb_members_missing
[  152.882741][ T6853] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  153.042602][ T6853] usb 2-1: Using ep0 maxpacket: 8
[  153.087377][ T6853] usb 2-1: New USB device found, idVendor=07ca, idProduct=b800, bcdDevice=31.1f
[  153.091117][ T6853] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  153.099366][ T6853] usb 2-1: Product: syz
[  153.101299][ T6853] usb 2-1: Manufacturer: syz
[  153.103830][ T6853] usb 2-1: SerialNumber: syz
[  153.111907][ T6853] usb 2-1: config 0 descriptor??
[  153.127282][ T6853]  (null): radio-mr800 - initialization failed
[  153.496387][ T6853] radio-mr800 2-1:0.0: probe with driver radio-mr800 failed with error -22
[  153.500092][ T6853] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  153.510250][ T6853] usb 2-1: USB disconnect, device number 18
[  153.649823][ T9135] loop0: detected capacity change from 0 to 32768
[  153.657552][ T9135] 
[  153.657552][ T9135]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  153.657552][ T9135] 
[  153.665792][ T9135] JFS: metapage_get_blocks failed
[  153.668428][ T9135] ERROR: (device loop0): release_metapage: metapage_write_one() failed
[  153.668428][ T9135] 
[  153.674378][ T9135] ERROR: (device loop0): diWrite: ixpxd invalid
[  153.674378][ T9135] 
[  153.677420][ T9135] ERROR: (device loop0): txCommit: 
[  153.677420][ T9135] 
[  153.681725][ T9135] jfs_create: dtSearch returned -17
[  153.697487][ T5849] 
[  153.697487][ T5849]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  153.697487][ T5849] 
[  153.704282][ T5849] 
[  153.704282][ T5849]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  153.704282][ T5849] 
[  154.033512][ T9147] loop0: detected capacity change from 0 to 4096
[  154.069209][ T9147] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.135108][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.952520][ T5882] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  155.172274][ T5882] usb 1-1: Using ep0 maxpacket: 16
[  155.177151][ T5882] usb 1-1: config 0 has no interfaces?
[  155.180719][ T5882] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  155.183954][ T5882] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  155.186876][ T5882] usb 1-1: SerialNumber: syz
[  155.195214][ T5882] usb 1-1: config 0 descriptor??
[  155.427226][   T24] usb 1-1: USB disconnect, device number 20
[  155.541544][ T9193] netlink: 'syz.1.1317': attribute type 2 has an invalid length.
[  155.546561][ T9193] netlink: 'syz.1.1317': attribute type 1 has an invalid length.
[  155.865492][ T9201] loop1: detected capacity change from 0 to 32768
[  156.058520][ T9209] netlink: 424 bytes leftover after parsing attributes in process `syz.2.1326'.
[  156.063827][ T9209] netlink: 'syz.2.1326': attribute type 1 has an invalid length.
[  156.372250][   T24] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  156.545690][   T24] usb 1-1: config 0 has too many interfaces: 204, using maximum allowed: 32
[  156.550207][   T24] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 204
[  156.558766][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  156.562851][ T9227] loop1: detected capacity change from 0 to 1024
[  156.575841][ T9227] hfsplus: invalid catalog entry type in lookup
[  156.582322][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  156.587523][   T24] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  156.591606][   T24] usb 1-1: New USB device found, idVendor=28bd, idProduct=0909, bcdDevice= 0.00
[  156.599141][  T175] hfsplus: b-tree write err: -5, ino 4
[  156.600228][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.606960][   T24] usb 1-1: config 0 descriptor??
[  156.656929][ T9233] loop1: detected capacity change from 0 to 8
[  156.854296][ T9245] sctp: [Deprecated]: syz.1.1342 (pid 9245) Use of struct sctp_assoc_value in delayed_ack socket option.
[  156.854296][ T9245] Use struct sctp_sack_info instead
[  156.925731][ T9249] loop1: detected capacity change from 0 to 1024
[  156.942913][ T9251] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.1345'.
[  157.048074][   T24] input: HID 28bd:0909 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:28BD:0909.0004/input/input5
[  157.076400][   T24] uclogic 0003:28BD:0909.0004: input,hidraw0: USB HID v0.00 Mouse [HID 28bd:0909] on usb-dummy_hcd.0-1/input0
[  157.100462][   T10] IPVS: starting estimator thread 0...
[  157.202418][ T9265] IPVS: using max 47 ests per chain, 112800 per kthread
[  157.419935][ T9274] loop1: detected capacity change from 0 to 32768
[  157.424500][ T9274] Mount JFS Failure: -5
[  157.759859][   T10] usb 1-1: USB disconnect, device number 21
[  157.901920][ T9287] loop0: detected capacity change from 0 to 256
[  157.908453][ T9287] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  157.911986][ T9287] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  157.925840][ T9287] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x2d0d25cc, utbl_chksum : 0xe619d30d)
[  158.027528][ T9291] loop0: detected capacity change from 0 to 736
[  158.114055][ T9296] loop1: detected capacity change from 0 to 16
[  158.118205][ T9296] erofs (device loop1): mounted with root inode @ nid 36.
[  158.351235][ T9318] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1375'.
[  158.369985][ T9318] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1375'.
[  158.451133][ T9328] loop0: detected capacity change from 0 to 128
[  158.460748][ T9328] FAT-fs (loop0): error, invalid access to FAT (entry 0x0fff0000)
[  158.463848][   T33] kauditd_printk_skb: 4 callbacks suppressed
[  158.463861][   T33] audit: type=1800 audit(1758639529.103:34): pid=9328 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1380" name="file1" dev="loop0" ino=1048604 res=0 errno=0
[  158.467276][ T9328] FAT-fs (loop0): Filesystem has been set read-only
[  158.485440][ T9328] FAT-fs (loop0): error, invalid access to FAT (entry 0x0fff0000)
[  158.644416][ T9338] loop1: detected capacity change from 0 to 4096
[  158.648190][ T9338] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  158.668125][ T9338] ntfs3(loop1): Failed to initialize $Extend/$Reparse.
[  158.755706][ T9342] loop1: detected capacity change from 0 to 256
[  159.480352][ T9357] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1393'.
[  159.484488][ T9357] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1393'.
[  159.659614][ T9367] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1398'.
[  160.990849][ T9410] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1416'.
[  160.997138][ T9410] netlink: 120 bytes leftover after parsing attributes in process `syz.0.1416'.
[  161.001085][ T9410] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1416'.
[  161.050001][ T9412] loop0: detected capacity change from 0 to 2048
[  161.069999][ T9412] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  161.081241][ T9412] ext4 filesystem being mounted at /386/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  161.094690][ T9412] EXT4-fs error (device loop0): __ext4_new_inode:1279: comm syz.0.1417: failed to insert inode 13: doubly allocated?
[  161.115430][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.271726][   T33] audit: type=1800 audit(1758639531.913:35): pid=9427 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.2.1423" name="/newroot/557/bus" dev="tmpfs" ino=2908 res=0 errno=0
[  161.506992][ T9447] loop1: detected capacity change from 0 to 2048
[  161.511620][ T9447] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  161.515119][ T9447] UDF-fs: Scanning with blocksize 512 failed
[  161.519725][ T9447] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  161.531200][ T9447] overlayfs: conflicting options: userxattr,redirect_dir=on
[  161.595201][ T9452] netlink: 'syz.1.1433': attribute type 1 has an invalid length.
[  161.597791][ T9452] netlink: 244 bytes leftover after parsing attributes in process `syz.1.1433'.
[  162.568339][ T9472] pim6reg: entered allmulticast mode
[  162.767370][ T9496] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[  162.771190][    T9] kernel write not supported for file /1051/clear_refs (pid: 9 comm: kworker/0:0)
[  162.872314][   T10] usb 1-1: new full-speed USB device number 22 using dummy_hcd
[  163.294239][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  163.298885][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  163.302962][   T10] usb 1-1: New USB device found, idVendor=2179, idProduct=0053, bcdDevice= 0.00
[  163.306623][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.311897][   T10] usb 1-1: config 0 descriptor??
[  163.725442][   T10] uclogic 0003:2179:0053.0005: interface is invalid, ignoring
[  163.929746][   T10] usb 1-1: USB disconnect, device number 22
[  163.991440][ T9528] netlink: 'syz.1.1466': attribute type 6 has an invalid length.
[  164.162408][ T9533] block nbd1: Device being setup by another task
[  164.165532][ T9532] block nbd1: NBD_DISCONNECT
[  164.167843][ T9532] block nbd1: Send disconnect failed -22
[  164.171215][ T9531] block nbd1: Disconnected due to user request.
[  164.174782][ T9531] block nbd1: shutting down sockets
[  164.226665][ T9535] loop1: detected capacity change from 0 to 2048
[  164.248638][ T9535] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  164.267267][   T33] audit: type=1800 audit(1758639534.913:36): pid=9535 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1469" name="file1" dev="loop1" ino=1367 res=0 errno=0
[  164.485313][ T9551] loop0: detected capacity change from 0 to 8
[  164.497780][ T9551] SQUASHFS error: zlib decompression failed, data probably corrupt
[  164.500894][ T9551] SQUASHFS error: Failed to read block 0x9b: -5
[  164.507958][ T9551] SQUASHFS error: Unable to read metadata cache entry [99]
[  164.511021][ T9551] SQUASHFS error: Unable to read inode 0x127
[  165.003018][   T10] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  165.158094][   T10] usb 2-1: config index 0 descriptor too short (expected 23569, got 27)
[  165.163170][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  165.176078][   T10] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  165.179474][   T10] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  165.182681][   T10] usb 2-1: Manufacturer: syz
[  165.188047][   T10] usb 2-1: config 0 descriptor??
[  165.233904][   T10] rc_core: IR keymap rc-hauppauge not found
[  165.236503][   T10] Registered IR keymap rc-empty
[  165.240600][   T10] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[  165.246947][   T10] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input6
[  165.392340][   T24] usb 1-1: new full-speed USB device number 23 using dummy_hcd
[  165.553933][   T24] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  165.557648][   T24] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  165.564397][   T24] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  165.567910][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.793865][   T24] usb 1-1: usb_control_msg returned -32
[  165.796190][   T24] usbtmc 1-1:16.0: can't read capabilities
[  165.821126][ T5882] usb 2-1: USB disconnect, device number 19
[  166.436585][ T9598] loop1: detected capacity change from 0 to 2048
[  166.445502][ T9598] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  166.467601][   T33] audit: type=1800 audit(1758639537.113:37): pid=9598 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1499" name="file1" dev="loop1" ino=1346 res=0 errno=0
[  167.459230][ T9634] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  167.528978][ T9637] loop1: detected capacity change from 0 to 4096
[  167.543219][ T9637] EXT4-fs (loop1): Test dummy encryption mode enabled
[  167.557839][ T9637] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a856c018, mo2=0003]
[  167.561150][ T9637] System zones: 0-5
[  167.574643][ T9637] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.646172][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.161790][ T5882] usb 1-1: USB disconnect, device number 23
[  168.203180][ T9658] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1524'.
[  168.207454][ T9658] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1524'.
[  168.217081][ T9658] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.244608][ T9658] bridge_slave_1 (unregistering): left allmulticast mode
[  168.248059][ T9658] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.769150][ T9667] rtc_cmos 00:04: Alarms can be up to one day in the future
[  169.102612][ T9685] loop0: detected capacity change from 0 to 8
[  169.109346][ T6853] rtc_cmos 00:04: Alarms can be up to one day in the future
[  169.120468][ T9685] SQUASHFS error: xz decompression failed, data probably corrupt
[  169.122779][ T6853] rtc_cmos 00:04: Alarms can be up to one day in the future
[  169.127637][ T9685] SQUASHFS error: Failed to read block 0x108: -5
[  169.129232][ T6853] rtc_cmos 00:04: Alarms can be up to one day in the future
[  169.133555][ T9685] SQUASHFS error: Unable to read metadata cache entry [106]
[  169.133582][ T9685] SQUASHFS error: Unable to read inode 0x11f
[  169.151341][ T6853] rtc_cmos 00:04: Alarms can be up to one day in the future
[  169.155182][ T6853] rtc rtc0: __rtc_set_alarm: err=-22
[  169.280835][ T9689] loop0: detected capacity change from 0 to 4096
[  169.285688][ T9689] ntfs3(loop0): ino=3, Correct links count -> 2.
[  169.310784][ T9689] ntfs3(loop0): ino=1a, mi_enum_attr
[  169.314068][ T9689] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  169.320184][ T9689] ntfs3(loop0): Failed to load root (-22).
[  169.391766][ T9691] loop0: detected capacity change from 0 to 2048
[  169.410105][ T9691] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  169.732322][ T5882] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  169.876603][ T9703] vlan2: entered promiscuous mode
[  169.879150][ T9703] bond0: entered promiscuous mode
[  169.881258][ T9703] bond_slave_0: entered promiscuous mode
[  169.883608][ T9703] bond_slave_1: entered promiscuous mode
[  169.905599][ T5882] usb 1-1: unable to get BOS descriptor or descriptor too short
[  169.910790][ T5882] usb 1-1: config 1 has an invalid interface number: 255 but max is 1
[  169.918402][ T5882] usb 1-1: config 1 has no interface number 1
[  169.927077][ T5882] usb 1-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  169.941063][ T5882] usb 1-1: too many endpoints for config 1 interface 255 altsetting 255: 255, using maximum allowed: 30
[  169.952291][ T5882] usb 1-1: config 1 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  169.965152][ T5882] usb 1-1: config 1 interface 0 has no altsetting 0
[  169.968010][ T5882] usb 1-1: config 1 interface 255 has no altsetting 0
[  169.982131][ T5882] usb 1-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[  169.995961][ T5882] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  170.003309][ T5882] usb 1-1: Product: syz
[  170.005118][ T5882] usb 1-1: Manufacturer: syz
[  170.007166][ T5882] usb 1-1: SerialNumber: syz
[  170.350953][ T5882] smsusb:smsusb_probe: board id=8, interface number 0
[  170.355905][ T5882] smsusb:smsusb_probe: board id=8, interface number 255
[  170.363304][ T5882] usb 1-1: USB disconnect, device number 24
[  171.634052][ T9739] loop0: detected capacity change from 0 to 32768
[  171.670803][ T9739] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  171.691719][ T9739] XFS (loop0): Ending clean mount
[  171.699450][ T9739] XFS (loop0): Quotacheck needed: Please wait.
[  171.718714][ T9739] XFS (loop0): Quotacheck: Done.
[  171.753003][ T5849] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  171.843965][ T2321] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  172.005444][ T2321] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  172.014873][ T2321] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  172.029923][ T2321] usb 2-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  172.034190][ T2321] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  172.037301][ T2321] usb 2-1: Product: syz
[  172.040401][ T2321] usb 2-1: Manufacturer: syz
[  172.043848][ T2321] usb 2-1: SerialNumber: syz
[  172.048024][ T2321] usb 2-1: config 0 descriptor??
[  172.052036][ T9747] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  172.062447][ T9747] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  172.296569][ T9747] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  172.299639][ T9747] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  172.467425][ T9796] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1584'.
[  172.539048][ T9793] loop0: detected capacity change from 0 to 16
[  172.550524][ T9793] erofs (device loop0): mounted with root inode @ nid 36.
[  172.572749][ T9793] erofs (device loop0): invalid tail-packing pclustersize 32768
[  172.576458][ T9793] erofs (device loop0): invalid tail-packing pclustersize 32768
[  172.581313][ T9793] erofs (device loop0): read error -117 @ 32811 of nid 36
[  172.606590][ T9803] netlink: 'syz.2.1587': attribute type 2 has an invalid length.
[  172.727666][ T2321] dm9601: No valid MAC address in EEPROM, using 00:00:00:00:00:00
[  172.929929][ T2321] dm9601 2-1:0.0 (unnamed net_device) (uninitialized): Error reading chip ID
[  172.942612][ T2321] usb 2-1: USB disconnect, device number 20
[  173.009882][ T9824] loop0: detected capacity change from 0 to 4096
[  173.403306][ T9833] loop0: detected capacity change from 0 to 32768
[  173.441129][ T9833] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  173.483366][ T9833] XFS (loop0): Ending clean mount
[  173.490707][ T9833] XFS (loop0): Quotacheck needed: Please wait.
[  173.524002][ T9833] XFS (loop0): Quotacheck: Done.
[  173.573019][ T5849] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  174.523180][ T9880] loop0: detected capacity change from 0 to 32768
[  174.528684][ T9880] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1619 (9880)
[  174.542006][ T9880] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  174.559825][ T9880] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  174.611440][ T9880] BTRFS info (device loop0): enabling ssd optimizations
[  174.619499][ T9880] BTRFS info (device loop0): enabling free space tree
[  174.679090][ T5849] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  175.050955][ T9917] loop0: detected capacity change from 0 to 128
[  175.092003][ T9917] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  175.115224][ T9917] hpfs: filesystem error: improperly stopped
[  175.117272][ T9917] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  175.119870][ T9917] hpfs: You really don't want any checks? You are crazy...
[  175.146376][ T9917] hpfs: hpfs_map_sector(): read error
[  175.149561][ T9917] hpfs: code page support is disabled
[  175.165942][ T9917] hpfs: hpfs_map_4sectors(): unaligned read
[  175.168012][ T9917] hpfs: hpfs_map_4sectors(): unaligned read
[  175.169808][ T9917] hpfs: filesystem error: unable to find root dir
[  175.251843][ T9917] hpfs: hpfs_map_4sectors(): unaligned read
[  175.736750][ T9957] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1648'.
[  176.233588][ T9974] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1656'.
[  176.386583][ T9978] loop0: detected capacity change from 0 to 32768
[  176.473062][    T9] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  176.622227][    T9] usb 2-1: Using ep0 maxpacket: 8
[  176.625755][    T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  176.629175][    T9] usb 2-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  176.632070][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.641658][    T9] usb 2-1: config 0 descriptor??
[  176.658031][    T9] gspca_main: vc032x-2.14.0 probing 046d:0892
[  177.842327][   T24] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  178.044234][   T24] usb 1-1: Using ep0 maxpacket: 8
[  178.051266][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  178.055628][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  178.059714][   T24] usb 1-1: New USB device found, idVendor=046a, idProduct=0027, bcdDevice= 0.00
[  178.063470][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.068407][   T24] usb 1-1: config 0 descriptor??
[  178.147494][ T5882] usb 2-1: USB disconnect, device number 21
[  178.484745][   T24] cherry 0003:046A:0027.0006: unknown main item tag 0x0
[  178.487462][   T24] cherry 0003:046A:0027.0006: item fetching failed at offset 16/69
[  178.490737][   T24] cherry 0003:046A:0027.0006: probe with driver cherry failed with error -22
[  178.695910][   T10] usb 1-1: USB disconnect, device number 25
[  178.736303][T10037] loop1: detected capacity change from 0 to 64
[  178.741959][T10037] BFS-fs: bfs_fill_super(): loop1 is unclean, continuing
[  178.747975][T10037] BFS-fs: bfs_fill_super(): Last block not available on loop1: 4139327
[  178.879089][T10044] loop1: detected capacity change from 0 to 2048
[  178.965900][T10044] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  178.971793][T10044] ext4 filesystem being mounted at /546/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  179.019649][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.355323][T10057] qrtr: Invalid version 0
[  179.420552][T10058] loop0: detected capacity change from 0 to 8
[  179.611794][T10052] loop1: detected capacity change from 0 to 32768
[  179.673283][T10052] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  179.682393][ T5722] (kworker/u8:2,5722,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=312, inode=13845347915746889, rec_len=25793, name_len=214
[  179.847822][ T5845] (syz-executor,5845,1):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 70
[  179.859990][ T5845] (syz-executor,5845,1):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 72
[  179.875522][ T5845] ocfs2: Unmounting device (7,1) on (node local)
[  180.632519][ T5848] Bluetooth: hci0: command 0x0406 tx timeout
[  180.634808][   T55] Bluetooth: hci1: command 0x0406 tx timeout
[  180.806317][T10077] loop0: detected capacity change from 0 to 32768
[  180.814147][T10077] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  180.821338][   T33] audit: type=1800 audit(1758639551.463:38): pid=10077 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1699" name="bus" dev="loop0" ino=17058 res=0 errno=0
[  180.844485][ T5849] (syz-executor,5849,1):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 72
[  180.851447][ T5849] ocfs2: Unmounting device (7,0) on (node local)
[  180.963436][T10087] loop0: detected capacity change from 0 to 1024
[  181.328089][T10089] loop0: detected capacity change from 0 to 40427
[  181.337011][T10089] F2FS-fs (loop0): build fault injection rate: 18
[  181.339659][T10089] F2FS-fs (loop0): build fault injection type: 0x3bf
[  181.348083][T10089] F2FS-fs (loop0): invalid crc value
[  181.355636][T10089] F2FS-fs (loop0): inject kvmalloc in f2fs_kvmalloc of f2fs_fill_super+0x4429/0x6ff0
[  181.359578][T10089] F2FS-fs (loop0): Failed to initialize F2FS segment manager (-12)
[  181.416187][T10112] loop1: detected capacity change from 0 to 512
[  181.420469][T10112] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  181.435434][T10112] EXT4-fs (loop1): blocks per group (42) and clusters per group (32768) inconsistent
[  181.651811][T10124] sp0: Synchronizing with TNC
[  181.741055][T10136] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  181.912582][   T10] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  181.992871][T10150] loop1: detected capacity change from 0 to 1024
[  182.008695][T10150] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  182.063039][   T10] usb 1-1: Using ep0 maxpacket: 16
[  182.068626][   T10] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  182.074390][   T10] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  182.080028][   T10] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  182.083809][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  182.086770][   T10] usb 1-1: Product: syz
[  182.088464][   T10] usb 1-1: Manufacturer: syz
[  182.090409][   T10] usb 1-1: SerialNumber: syz
[  182.160294][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.336476][   T10] usb 1-1: 0:2 : does not exist
[  182.338503][   T10] usb 1-1: unit 9 not found!
[  182.341893][T10159] bond0: entered promiscuous mode
[  182.343993][T10159] bond_slave_0: entered promiscuous mode
[  182.347783][T10159] bond_slave_1: entered promiscuous mode
[  182.353062][   T10] usb 1-1: 4:0: cannot get min/max values for control 1 (id 4)
[  182.359271][T10159] bond0: left promiscuous mode
[  182.361321][T10159] bond_slave_0: left promiscuous mode
[  182.366728][T10159] bond_slave_1: left promiscuous mode
[  182.372828][   T10] usb 1-1: 4:0: cannot get min/max values for control 2 (id 4)
[  182.379724][   T10] usb 1-1: 4:0: cannot get min/max values for control 3 (id 4)
[  182.396571][   T10] usb 1-1: USB disconnect, device number 26
[  182.536994][T10166] xt_nfacct: accounting object `\$9ZM#mU|^c\F9YⳈ' does not exist
[  182.948519][T10176] binder: 10175:10176 ioctl c0306201 2000000003c0 returned -14
[  183.154247][T10181] loop0: detected capacity change from 0 to 32768
[  183.205777][T10181] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[  183.209795][T10181] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  183.242975][T10181] XFS (loop0): Ending clean mount
[  183.246090][T10181] XFS (loop0): Quotacheck needed: Please wait.
[  183.272134][T10181] XFS (loop0): Quotacheck: Done.
[  183.276707][T10181] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  183.308033][T10185] loop1: detected capacity change from 0 to 32768
[  183.366324][T10185] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  183.391411][T10185] XFS (loop1): Ending clean mount
[  183.399306][T10185] XFS (loop1): Quotacheck needed: Please wait.
[  183.446821][T10185] XFS (loop1): Quotacheck: Done.
[  183.492100][ T5845] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  184.580878][T10261] loop0: detected capacity change from 0 to 16
[  184.586389][T10261] erofs (device loop0): mounted with root inode @ nid 36.
[  185.428194][    C1] vcan0: j1939_tp_rxtimer: 0xffff88810be73000: rx timeout, send abort
[  185.742344][   T24] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  185.904526][   T24] usb 1-1: unable to get BOS descriptor or descriptor too short
[  185.909054][   T24] usb 1-1: config 1 interface 1 has no altsetting 0
[  185.913970][   T24] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  185.917561][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  185.920858][   T24] usb 1-1: Product: syz
[  185.922765][   T24] usb 1-1: Manufacturer: syz
[  185.924641][   T24] usb 1-1: SerialNumber: syz
[  185.931514][    C1] vcan0: j1939_tp_rxtimer: 0xffff88810be73000: abort rx timeout. Force session deactivation
[  186.142064][   T24] usb 1-1: found format II with max.bitrate = 2418, frame size=7
[  186.145715][   T24] usb 1-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  186.166228][   T24] usb 1-1: USB disconnect, device number 27
[  187.537916][T10311] loop0: detected capacity change from 0 to 16
[  187.543290][T10311] erofs (device loop0): mounted with root inode @ nid 36.
[  187.912615][   T24] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  188.062279][   T24] usb 1-1: Using ep0 maxpacket: 32
[  188.066238][   T24] usb 1-1: config 0 has an invalid interface number: 96 but max is 0
[  188.069645][   T24] usb 1-1: config 0 has no interface number 0
[  188.075550][   T24] usb 1-1: config 0 interface 96 has no altsetting 0
[  188.081295][   T24] usb 1-1: New USB device found, idVendor=0694, idProduct=0001, bcdDevice=b2.44
[  188.088042][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  188.091588][   T24] usb 1-1: Product: syz
[  188.093684][   T24] usb 1-1: Manufacturer: syz
[  188.095815][   T24] usb 1-1: SerialNumber: syz
[  188.104545][   T24] usb 1-1: config 0 descriptor??
[  188.119081][   T24] legousbtower 1-1:0.96: interrupt endpoints not found
[  188.198387][T10339] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[  188.256926][T10346] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1805'.
[  188.260068][T10346] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1805'.
[  188.363180][   T24] usb 1-1: USB disconnect, device number 28
[  189.144352][T10375] loop0: detected capacity change from 0 to 512
[  189.148407][T10375] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  189.169830][T10375] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  189.180794][T10375] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1816: bg 0: block 248: padding at end of block bitmap is not set
[  189.188620][T10375] Quota error (device loop0): write_blk: dquota write failed
[  189.191720][T10375] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  189.195862][T10375] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.1816: Failed to acquire dquot type 1
[  189.206857][T10375] EXT4-fs (loop0): 1 truncate cleaned up
[  189.210493][T10375] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  189.227574][T10375] Quota error (device loop0): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  189.232792][T10375] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  189.236770][T10375] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.1816: Failed to acquire dquot type 1
[  189.281526][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  189.749831][T10388] loop0: detected capacity change from 0 to 40427
[  189.754678][T10388] F2FS-fs (loop0): build fault injection rate: 14
[  189.757381][T10388] F2FS-fs (loop0): build fault injection type: 0x3bfe8c
[  189.761840][T10388] F2FS-fs (loop0): invalid crc value
[  189.777212][    C1] F2FS-fs (loop0): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  189.799737][    C1] F2FS-fs (loop0): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  189.812595][ T6853] usb 2-1: new full-speed USB device number 22 using dummy_hcd
[  189.862888][T10388] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  189.866540][T10388] F2FS-fs (loop0): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[  189.874484][T10388] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  189.909670][T10388] F2FS-fs (loop0): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  189.921101][T10388] F2FS-fs (loop0): inject checkpoint error in f2fs_balance_fs of f2fs_convert_inline_inode+0x81b/0x880
[  189.929133][T10388] CPU: 1 UID: 0 PID: 10388 Comm: syz.0.1818 Not tainted syzkaller #0 PREEMPT(full) 
[  189.929153][T10388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  189.929161][T10388] Call Trace:
[  189.929167][T10388]  <TASK>
[  189.929173][T10388]  dump_stack_lvl+0x189/0x250
[  189.929196][T10388]  ? __pfx_dump_stack_lvl+0x10/0x10
[  189.929212][T10388]  ? __pfx_queue_work_on+0x10/0x10
[  189.929225][T10388]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  189.929245][T10388]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  189.929268][T10388]  ? f2fs_hw_is_readonly+0x39b/0x470
[  189.929291][T10388]  f2fs_handle_critical_error+0x37c/0x540
[  189.929314][T10388]  f2fs_balance_fs+0x32d/0x7f0
[  189.929332][T10388]  ? __pfx_f2fs_convert_inline_folio+0x10/0x10
[  189.929358][T10388]  ? f2fs_convert_inline_inode+0x81b/0x880
[  189.929375][T10388]  ? __pfx_f2fs_balance_fs+0x10/0x10
[  189.929394][T10388]  ? __up_read+0x280/0x680
[  189.929413][T10388]  ? folio_unlock+0x101/0x160
[  189.929439][T10388]  f2fs_convert_inline_inode+0x81b/0x880
[  189.929464][T10388]  ? __pfx_f2fs_convert_inline_inode+0x10/0x10
[  189.929487][T10388]  ? fault_in_readable+0xdd/0x130
[  189.929505][T10388]  ? fault_in_iov_iter_readable+0x1b4/0x2f0
[  189.929522][T10388]  f2fs_file_write_iter+0x12ce/0x2410
[  189.929558][T10388]  ? __pfx_f2fs_file_write_iter+0x10/0x10
[  189.929583][T10388]  ? aio_write+0x4c4/0x7a0
[  189.929600][T10388]  aio_write+0x535/0x7a0
[  189.929618][T10388]  ? __pfx_aio_write+0x10/0x10
[  189.929643][T10388]  ? __might_fault+0xb0/0x130
[  189.929677][T10388]  io_submit_one+0x78b/0x1310
[  189.929703][T10388]  ? __pfx_io_submit_one+0x10/0x10
[  189.929717][T10388]  ? __might_fault+0xb0/0x130
[  189.929743][T10388]  ? __might_fault+0xb0/0x130
[  189.929764][T10388]  __se_sys_io_submit+0x185/0x2f0
[  189.929784][T10388]  ? __pfx___se_sys_io_submit+0x10/0x10
[  189.929813][T10388]  ? do_syscall_64+0xbe/0x3b0
[  189.929831][T10388]  do_syscall_64+0xfa/0x3b0
[  189.929843][T10388]  ? lockdep_hardirqs_on+0x9c/0x150
[  189.929855][T10388]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.929866][T10388]  ? exc_page_fault+0x9f/0xf0
[  189.929880][T10388]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.929891][T10388] RIP: 0033:0x7ff9ee58ec29
[  189.929903][T10388] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  189.929913][T10388] RSP: 002b:00007ff9ef4d2038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  189.929927][T10388] RAX: ffffffffffffffda RBX: 00007ff9ee7d5fa0 RCX: 00007ff9ee58ec29
[  189.929936][T10388] RDX: 0000200000000540 RSI: 000000000000003b RDI: 00007ff9ef4a9000
[  189.929944][T10388] RBP: 00007ff9ee611e41 R08: 0000000000000000 R09: 0000000000000000
[  189.929951][T10388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  189.929958][T10388] R13: 00007ff9ee7d6038 R14: 00007ff9ee7d5fa0 R15: 00007ffd3afebfa8
[  189.929981][T10388]  </TASK>
[  189.929986][T10388] F2FS-fs (loop0): Stopped filesystem due to reason: 1
[  189.974471][ T6853] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  190.054119][ T6853] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  190.057698][ T6853] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  190.075609][ T6853] usb 2-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  190.079035][ T6853] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  190.082857][ T6853] usb 2-1: Product: syz
[  190.084434][ T6853] usb 2-1: Manufacturer: syz
[  190.086203][ T6853] usb 2-1: SerialNumber: syz
[  190.089154][ T6853] usb 2-1: config 0 descriptor??
[  190.091599][T10395] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  190.096037][ T6853] usb 2-1: ucan: probing device on interface #0
[  190.098314][ T6853] usb 2-1: ucan: invalid in_ep MaxPacketSize
[  190.100394][ T6853] usb 2-1: ucan: probe failed; try to update the device firmware
[  190.313190][ T6853] usb 2-1: USB disconnect, device number 22
[  190.352145][T10413] loop0: detected capacity change from 0 to 256
[  190.359138][T10413] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x2eabf3fa, utbl_chksum : 0xe619d30d)
[  191.668736][T10457] loop1: detected capacity change from 0 to 32768
[  191.687058][T10457] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  191.769763][ T5845] (syz-executor,5845,0):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 76
[  191.783675][ T5845] ocfs2: Unmounting device (7,1) on (node local)
[  191.879389][T10470] loop0: detected capacity change from 0 to 512
[  191.887982][T10470] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  191.900733][T10470] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  191.909084][T10470] EXT4-fs (loop0): 1 truncate cleaned up
[  191.911450][T10472] _Z`Ԁ@: entered promiscuous mode
[  191.913137][T10470] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.967054][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.027100][T10484] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  192.115823][T10495] loop0: detected capacity change from 0 to 256
[  192.309504][T10509] 9pnet_fd: Insufficient options for proto=fd
[  192.345133][ T5882] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  192.392443][ T2321] usb 1-1: new low-speed USB device number 29 using dummy_hcd
[  192.502280][ T5882] usb 2-1: Using ep0 maxpacket: 16
[  192.506562][ T5882] usb 2-1: too many endpoints for config 0 interface 0 altsetting 48: 48, using maximum allowed: 30
[  192.511891][ T5882] usb 2-1: config 0 interface 0 altsetting 48 has 0 endpoint descriptors, different from the interface descriptor's value: 48
[  192.517472][ T5882] usb 2-1: config 0 interface 0 has no altsetting 0
[  192.522785][ T5882] usb 2-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=29.82
[  192.526491][ T5882] usb 2-1: New USB device strings: Mfr=83, Product=5, SerialNumber=10
[  192.529817][ T5882] usb 2-1: Product: syz
[  192.531613][ T5882] usb 2-1: Manufacturer: syz
[  192.533903][ T5882] usb 2-1: SerialNumber: syz
[  192.537929][ T5882] usb 2-1: config 0 descriptor??
[  192.554750][ T2321] usb 1-1: unable to get BOS descriptor or descriptor too short
[  192.559232][ T2321] usb 1-1: config 7 has an invalid interface number: 199 but max is 0
[  192.562703][ T2321] usb 1-1: config 7 has no interface number 0
[  192.567502][ T2321] usb 1-1: config 7 interface 199 has no altsetting 0
[  192.574180][ T2321] usb 1-1: string descriptor 0 read error: -22
[  192.576946][ T2321] usb 1-1: New USB device found, idVendor=0c45, idProduct=6282, bcdDevice=cb.15
[  192.580660][ T2321] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.591571][ T2321] gspca_main: gspca_sn9c20x-2.14.0 probing 0c45:6282
[  192.747503][ T5882] usb 2-1: selecting invalid altsetting 1
[  192.774895][ T5882] snd-usb-audio 2-1:0.0: probe with driver snd-usb-audio failed with error -22
[  192.780758][ T5882] usb 2-1: USB disconnect, device number 23
[  192.791522][ T2321] gspca_sn9c20x: Write register 1000 failed -71
[  192.794602][ T2321] gspca_sn9c20x: Device initialization failed
[  192.797078][ T2321] gspca_sn9c20x 1-1:7.199: probe with driver gspca_sn9c20x failed with error -71
[  192.801827][ T2321] usb 1-1: USB disconnect, device number 29
[  193.191070][ T6853] Process accounting resumed
[  193.469616][T10551] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1894'.
[  193.473555][T10551] 8021q: VLANs not supported on gre0
[  193.542091][T10539] loop1: detected capacity change from 0 to 40427
[  193.546266][T10539] F2FS-fs (loop1): invalid crc value
[  193.629780][T10539] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  193.645279][T10539] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  193.691249][ T5845] syz-executor: attempt to access beyond end of device
[  193.691249][ T5845] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  193.700713][ T5845] CPU: 0 UID: 0 PID: 5845 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  193.700726][ T5845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  193.700730][ T5845] Call Trace:
[  193.700734][ T5845]  <TASK>
[  193.700738][ T5845]  dump_stack_lvl+0x189/0x250
[  193.700753][ T5845]  ? __pfx_dump_stack_lvl+0x10/0x10
[  193.700761][ T5845]  ? __pfx_queue_work_on+0x10/0x10
[  193.700768][ T5845]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  193.700780][ T5845]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  193.700795][ T5845]  f2fs_handle_critical_error+0x37c/0x540
[  193.700810][ T5845]  f2fs_write_end_io+0x886/0xb60
[  193.700825][ T5845]  __submit_merged_bio+0x27a/0x6a0
[  193.700838][ T5845]  __submit_merged_write_cond+0x255/0x530
[  193.700851][ T5845]  f2fs_write_data_pages+0x261d/0x3000
[  193.700873][ T5845]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  193.700911][ T5845]  ? __lock_acquire+0xab9/0xd20
[  193.700926][ T5845]  ? do_raw_spin_lock+0x121/0x290
[  193.700939][ T5845]  ? do_raw_spin_unlock+0x4d/0x240
[  193.700948][ T5845]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  193.700955][ T5845]  do_writepages+0x32e/0x550
[  193.700970][ T5845]  ? do_raw_spin_unlock+0x4d/0x240
[  193.700980][ T5845]  filemap_fdatawrite+0x199/0x240
[  193.700991][ T5845]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  193.701059][ T5845]  ? do_raw_spin_unlock+0x4d/0x240
[  193.701071][ T5845]  f2fs_sync_dirty_inodes+0x31f/0x830
[  193.701085][ T5845]  f2fs_write_checkpoint+0x95a/0x1df0
[  193.701103][ T5845]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  193.701131][ T5845]  ? kill_f2fs_super+0x298/0x6c0
[  193.701141][ T5845]  kill_f2fs_super+0x2c3/0x6c0
[  193.701151][ T5845]  ? __pfx_kill_f2fs_super+0x10/0x10
[  193.701158][ T5845]  ? radix_tree_delete_item+0x2b6/0x400
[  193.701168][ T5845]  ? shrinker_free+0x2ce/0x3e0
[  193.701177][ T5845]  deactivate_locked_super+0xbc/0x130
[  193.701187][ T5845]  cleanup_mnt+0x425/0x4c0
[  193.701195][ T5845]  ? lockdep_hardirqs_on+0x9c/0x150
[  193.701204][ T5845]  task_work_run+0x1d4/0x260
[  193.701215][ T5845]  ? __pfx_task_work_run+0x10/0x10
[  193.701223][ T5845]  ? __x64_sys_umount+0x122/0x160
[  193.701234][ T5845]  ? exit_to_user_mode_loop+0x40/0x110
[  193.701246][ T5845]  exit_to_user_mode_loop+0xec/0x110
[  193.701256][ T5845]  do_syscall_64+0x2bd/0x3b0
[  193.701264][ T5845]  ? lockdep_hardirqs_on+0x9c/0x150
[  193.701271][ T5845]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.701277][ T5845]  ? exc_page_fault+0x9f/0xf0
[  193.701285][ T5845]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.701293][ T5845] RIP: 0033:0x7fe64f58ff57
[  193.701301][ T5845] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  193.701307][ T5845] RSP: 002b:00007ffdd232c4f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  193.701316][ T5845] RAX: 0000000000000000 RBX: 00007fe64f611c2d RCX: 00007fe64f58ff57
[  193.701320][ T5845] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdd232c5b0
[  193.701324][ T5845] RBP: 00007ffdd232c5b0 R08: 0000000000000000 R09: 0000000000000000
[  193.701329][ T5845] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdd232d640
[  193.701333][ T5845] R13: 00007fe64f611c2d R14: 000000000002f415 R15: 00007ffdd232d680
[  193.701346][ T5845]  </TASK>
[  193.701349][ T5845] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  193.917312][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  194.054230][T10568] netlink: 'syz.0.1900': attribute type 1 has an invalid length.
[  194.061303][T10568] netlink: 'syz.0.1900': attribute type 4 has an invalid length.
[  194.065295][T10568] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.1900'.
[  194.101470][T10570] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  194.472470][ T6853] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  194.623728][ T6853] usb 2-1: Using ep0 maxpacket: 32
[  194.628045][ T6853] usb 2-1: config 0 has no interfaces?
[  194.630267][ T6853] usb 2-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  194.634072][ T6853] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.639289][ T6853] usb 2-1: config 0 descriptor??
[  194.846427][ T2321] usb 2-1: USB disconnect, device number 24
[  195.218907][T10605] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1915'.
[  195.627814][T10612] loop1: detected capacity change from 0 to 4096
[  195.631085][T10612] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  195.651490][T10612] ntfs3(loop1): ino=19, mi_enum_attr
[  195.654408][T10612] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  195.667295][T10612] ntfs3(loop1): failed to convert "c46c" to cp862
[  195.673893][T10612] ntfs3(loop1): ino=20, mi_enum_attr
[  195.719900][T10614] netlink: 5 bytes leftover after parsing attributes in process `syz.1.1919'.
[  195.903479][T10624] @: renamed from vlan0 (while UP)
[  196.169571][T10642] loop0: detected capacity change from 0 to 128
[  196.176887][T10642] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  196.182135][T10642] ext4 filesystem being mounted at /509/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  196.200587][T10642] fscrypt (loop0, inode 12): Direct key flag not allowed with different contents and filenames modes
[  196.235714][ T5849] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  196.301588][T10648] tipc: Started in network mode
[  196.304303][T10648] tipc: Node identity ac1414aa, cluster identity 4711
[  196.307192][T10648] tipc: Enabled bearer <udp:s>, priority 10
[  196.392078][T10653] netlink: 'syz.0.1936': attribute type 12 has an invalid length.
[  196.398986][T10653] netlink: 9472 bytes leftover after parsing attributes in process `syz.0.1936'.
[  196.402664][ T6853] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  196.562710][ T6853] usb 2-1: Using ep0 maxpacket: 32
[  196.567295][ T6853] usb 2-1: unable to get BOS descriptor or descriptor too short
[  196.571505][ T6853] usb 2-1: config 40 has an invalid interface number: 233 but max is 0
[  196.575080][ T6853] usb 2-1: config 40 has an invalid descriptor of length 0, skipping remainder of the config
[  196.578504][ T6853] usb 2-1: config 40 has no interface number 0
[  196.580468][ T6853] usb 2-1: config 40 interface 233 altsetting 224 endpoint 0xD has an invalid bInterval 0, changing to 7
[  196.585660][ T6853] usb 2-1: config 40 interface 233 altsetting 224 endpoint 0xD has invalid wMaxPacketSize 0
[  196.589728][ T6853] usb 2-1: config 40 interface 233 altsetting 224 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  196.595834][ T6853] usb 2-1: config 40 interface 233 has no altsetting 0
[  196.601323][ T6853] usb 2-1: New USB device found, idVendor=05ac, idProduct=0218, bcdDevice=f5.f5
[  196.606097][ T6853] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  196.609250][ T6853] usb 2-1: Product: syz
[  196.611031][ T6853] usb 2-1: Manufacturer: syz
[  196.613044][ T6853] usb 2-1: SerialNumber: syz
[  196.690133][T10669] sp0: Synchronizing with TNC
[  196.835564][ T6853] appletouch 2-1:40.233: Could not find int-in endpoint
[  196.838384][ T6853] appletouch 2-1:40.233: probe with driver appletouch failed with error -5
[  196.844516][ T6853] usbhid 2-1:40.233: couldn't find an input interrupt endpoint
[  196.849424][ T6853] usb 2-1: USB disconnect, device number 25
[  196.889237][T10675] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1947'.
[  197.304614][ T2321] tipc: Node number set to 2886997162
[  197.365499][ T6853] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  197.516108][ T6853] usb 1-1: New USB device found, idVendor=0b05, idProduct=19b6, bcdDevice= 0.00
[  197.519735][ T6853] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  197.535725][ T6853] usb 1-1: config 0 descriptor??
[  197.559870][T10696] netlink: 164 bytes leftover after parsing attributes in process `syz.1.1956'.
[  197.953628][ T6853] asus 0003:0B05:19B6.0007: hidraw0: USB HID v0.04 Device [HID 0b05:19b6] on usb-dummy_hcd.0-1/input0
[  197.958740][ T6853] asus 0003:0B05:19B6.0007: Asus input not registered
[  197.965426][ T6853] asus 0003:0B05:19B6.0007: probe with driver asus failed with error -12
[  198.090602][T10732] loop1: detected capacity change from 0 to 256
[  198.093251][T10732] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  198.154621][ T6853] usb 1-1: USB disconnect, device number 30
[  198.274654][T10743] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 5, id = 0
[  198.282445][T10742] IPVS: stopping backup sync thread 10743 ...
[  198.719962][T10755] netlink: 'syz.0.1983': attribute type 2 has an invalid length.
[  198.731677][T10755] : entered promiscuous mode
[  198.766774][T10757] loop0: detected capacity change from 0 to 256
[  198.769853][T10757] exfat: Deprecated parameter 'namecase'
[  198.772255][T10757] exfat: Deprecated parameter 'utf8'
[  198.779637][T10757] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  199.191785][T10767] loop0: detected capacity change from 0 to 32768
[  199.202614][T10767] (syz.0.1989,10767,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  199.210480][T10767] (syz.0.1989,10767,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  199.234131][T10767] JBD2: Ignoring recovery information on journal
[  199.262010][T10767] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  199.280095][T10767] 
[  199.280934][T10767] ======================================================
[  199.283552][T10767] WARNING: possible circular locking dependency detected
[  199.285750][T10767] syzkaller #0 Not tainted
[  199.287536][T10767] ------------------------------------------------------
[  199.290425][T10767] syz.0.1989/10767 is trying to acquire lock:
[  199.292286][T10767] ffff888113e2ef40 (&ocfs2_sysfile_lock_key[EXTENT_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  199.296304][T10767] 
[  199.296304][T10767] but task is already holding lock:
[  199.298774][T10767] ffff88802a3d1578 (&oi->ip_xattr_sem){++++}-{4:4}, at: ocfs2_xattr_set+0x40f/0x11f0
[  199.302333][T10767] 
[  199.302333][T10767] which lock already depends on the new lock.
[  199.302333][T10767] 
[  199.305835][T10767] 
[  199.305835][T10767] the existing dependency chain (in reverse order) is:
[  199.308785][T10767] 
[  199.308785][T10767] -> #5 (&oi->ip_xattr_sem){++++}-{4:4}:
[  199.311203][T10767]        lock_acquire+0x120/0x360
[  199.313049][T10767]        down_read+0x46/0x2e0
[  199.314657][T10767]        ocfs2_init_acl+0x2f9/0x720
[  199.316501][T10767]        ocfs2_mknod+0x1321/0x2050
[  199.318311][T10767]        ocfs2_create+0x1a5/0x440
[  199.319960][T10767]        path_openat+0x14f4/0x3830
[  199.321728][T10767]        do_filp_open+0x1fa/0x410
[  199.323332][T10767]        do_sys_openat2+0x121/0x1c0
[  199.325093][T10767]        __x64_sys_open+0x11e/0x150
[  199.326722][T10767]        do_syscall_64+0xfa/0x3b0
[  199.328582][T10767]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.330829][T10767] 
[  199.330829][T10767] -> #4 (jbd2_handle){++++}-{0:0}:
[  199.333280][T10767]        lock_acquire+0x120/0x360
[  199.334932][T10767]        start_this_handle+0x1fa7/0x21c0
[  199.336718][T10767]        jbd2__journal_start+0x2c1/0x5b0
[  199.338557][T10767]        jbd2_journal_start+0x2a/0x40
[  199.340301][T10767]        ocfs2_start_trans+0x376/0x6d0
[  199.342269][T10767]        ocfs2_mknod+0xe93/0x2050
[  199.344168][T10767]        ocfs2_create+0x1a5/0x440
[  199.346153][T10767]        path_openat+0x14f4/0x3830
[  199.347888][T10767]        do_filp_open+0x1fa/0x410
[  199.349462][T10767]        do_sys_openat2+0x121/0x1c0
[  199.351230][T10767]        __x64_sys_open+0x11e/0x150
[  199.352865][T10767]        do_syscall_64+0xfa/0x3b0
[  199.354532][T10767]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.356785][T10767] 
[  199.356785][T10767] -> #3 (&journal->j_trans_barrier){.+.+}-{4:4}:
[  199.359510][T10767]        lock_acquire+0x120/0x360
[  199.361356][T10767]        down_read+0x46/0x2e0
[  199.362869][T10767]        ocfs2_start_trans+0x36a/0x6d0
[  199.364738][T10767]        ocfs2_mknod+0xe93/0x2050
[  199.366559][T10767]        ocfs2_create+0x1a5/0x440
[  199.368377][T10767]        path_openat+0x14f4/0x3830
[  199.370055][T10767]        do_filp_open+0x1fa/0x410
[  199.371932][T10767]        do_sys_openat2+0x121/0x1c0
[  199.373614][T10767]        __x64_sys_open+0x11e/0x150
[  199.375580][T10767]        do_syscall_64+0xfa/0x3b0
[  199.377493][T10767]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.379854][T10767] 
[  199.379854][T10767] -> #2 (sb_internal#3){.+.+}-{0:0}:
[  199.382607][T10767]        lock_acquire+0x120/0x360
[  199.384470][T10767]        ocfs2_start_trans+0x26b/0x6d0
[  199.386499][T10767]        ocfs2_mknod+0xe93/0x2050
[  199.388321][T10767]        ocfs2_create+0x1a5/0x440
[  199.390185][T10767]        path_openat+0x14f4/0x3830
[  199.392061][T10767]        do_filp_open+0x1fa/0x410
[  199.393595][T10767]        do_sys_openat2+0x121/0x1c0
[  199.395207][T10767]        __x64_sys_open+0x11e/0x150
[  199.396961][T10767]        do_syscall_64+0xfa/0x3b0
[  199.398670][T10767]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.400623][T10767] 
[  199.400623][T10767] -> #1 (&ocfs2_sysfile_lock_key[LOCAL_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}:
[  199.403904][T10767]        lock_acquire+0x120/0x360
[  199.405604][T10767]        down_write+0x96/0x1f0
[  199.407245][T10767]        ocfs2_reserve_local_alloc_bits+0x125/0x24e0
[  199.409593][T10767]        ocfs2_reserve_clusters_with_limit+0x1be/0xba0
[  199.411873][T10767]        ocfs2_mknod+0xe32/0x2050
[  199.413439][T10767]        ocfs2_create+0x1a5/0x440
[  199.414995][T10767]        path_openat+0x14f4/0x3830
[  199.416839][T10767]        do_filp_open+0x1fa/0x410
[  199.418667][T10767]        do_sys_openat2+0x121/0x1c0
[  199.420614][T10767]        __x64_sys_open+0x11e/0x150
[  199.422587][T10767]        do_syscall_64+0xfa/0x3b0
[  199.424368][T10767]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.426537][T10767] 
[  199.426537][T10767] -> #0 (&ocfs2_sysfile_lock_key[EXTENT_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}:
[  199.430145][T10767]        validate_chain+0xb9b/0x2140
[  199.432095][T10767]        __lock_acquire+0xab9/0xd20
[  199.433993][T10767]        lock_acquire+0x120/0x360
[  199.435848][T10767]        down_write+0x96/0x1f0
[  199.437379][T10767]        ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  199.439416][T10767]        ocfs2_reserve_new_metadata_blocks+0x403/0x940
[  199.441608][T10767]        ocfs2_init_xattr_set_ctxt+0x307/0x700
[  199.443651][T10767]        ocfs2_xattr_set+0xb70/0x11f0
[  199.445409][T10767]        __vfs_setxattr+0x43c/0x480
[  199.447000][T10767]        __vfs_setxattr_noperm+0x12d/0x660
[  199.449010][T10767]        vfs_setxattr+0x16b/0x2f0
[  199.450776][T10767]        file_setxattr+0x1da/0x2b0
[  199.452743][T10767]        path_setxattrat+0x327/0x3a0
[  199.454795][T10767]        __x64_sys_fsetxattr+0xbc/0xe0
[  199.456930][T10767]        do_syscall_64+0xfa/0x3b0
[  199.458935][T10767]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.461421][T10767] 
[  199.461421][T10767] other info that might help us debug this:
[  199.461421][T10767] 
[  199.465408][T10767] Chain exists of:
[  199.465408][T10767]   &ocfs2_sysfile_lock_key[EXTENT_ALLOC_SYSTEM_INODE] --> jbd2_handle --> &oi->ip_xattr_sem
[  199.465408][T10767] 
[  199.471496][T10767]  Possible unsafe locking scenario:
[  199.471496][T10767] 
[  199.474396][T10767]        CPU0                    CPU1
[  199.476397][T10767]        ----                    ----
[  199.478303][T10767]   lock(&oi->ip_xattr_sem);
[  199.479883][T10767]                                lock(jbd2_handle);
[  199.482329][T10767]                                lock(&oi->ip_xattr_sem);
[  199.484473][T10767]   lock(&ocfs2_sysfile_lock_key[EXTENT_ALLOC_SYSTEM_INODE]);
[  199.487163][T10767] 
[  199.487163][T10767]  *** DEADLOCK ***
[  199.487163][T10767] 
[  199.490012][T10767] 3 locks held by syz.0.1989/10767:
[  199.491958][T10767]  #0: ffff88811e08a428 (sb_writers#14){.+.+}-{0:0}, at: mnt_want_write_file+0x60/0x200
[  199.494976][T10767]  #1: ffff88802a3d1840 (&type->i_mutex_dir_key#9){+.+.}-{4:4}, at: vfs_setxattr+0x144/0x2f0
[  199.498142][T10767]  #2: ffff88802a3d1578 (&oi->ip_xattr_sem){++++}-{4:4}, at: ocfs2_xattr_set+0x40f/0x11f0
[  199.501126][T10767] 
[  199.501126][T10767] stack backtrace:
[  199.503102][T10767] CPU: 1 UID: 0 PID: 10767 Comm: syz.0.1989 Not tainted syzkaller #0 PREEMPT(full) 
[  199.503113][T10767] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  199.503118][T10767] Call Trace:
[  199.503123][T10767]  <TASK>
[  199.503127][T10767]  dump_stack_lvl+0x189/0x250
[  199.503138][T10767]  ? __pfx_dump_stack_lvl+0x10/0x10
[  199.503147][T10767]  ? __pfx__printk+0x10/0x10
[  199.503157][T10767]  ? print_lock_name+0xde/0x100
[  199.503167][T10767]  print_circular_bug+0x2ee/0x310
[  199.503176][T10767]  check_noncircular+0x134/0x160
[  199.503185][T10767]  validate_chain+0xb9b/0x2140
[  199.503193][T10767]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  199.503209][T10767]  ? look_up_lock_class+0x74/0x170
[  199.503217][T10767]  ? register_lock_class+0x51/0x320
[  199.503228][T10767]  __lock_acquire+0xab9/0xd20
[  199.503239][T10767]  ? ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  199.503248][T10767]  lock_acquire+0x120/0x360
[  199.503257][T10767]  ? ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  199.503267][T10767]  down_write+0x96/0x1f0
[  199.503275][T10767]  ? ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  199.503282][T10767]  ? __pfx_down_write+0x10/0x10
[  199.503291][T10767]  ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  199.503301][T10767]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  199.503311][T10767]  ? lockdep_hardirqs_on+0x9c/0x150
[  199.503317][T10767]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  199.503326][T10767]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  199.503337][T10767]  ? __pfx_ocfs2_reserve_suballoc_bits+0x10/0x10
[  199.503345][T10767]  ? stack_depot_save_flags+0x41b/0x860
[  199.503357][T10767]  ? kasan_save_track+0x4f/0x80
[  199.503365][T10767]  ? kasan_save_track+0x3e/0x80
[  199.503372][T10767]  ? __kasan_kmalloc+0x93/0xb0
[  199.503380][T10767]  ? __kmalloc_cache_noprof+0x230/0x3d0
[  199.503389][T10767]  ? ocfs2_reserve_new_metadata_blocks+0x113/0x940
[  199.503396][T10767]  ? ocfs2_init_xattr_set_ctxt+0x307/0x700
[  199.503405][T10767]  ? ocfs2_xattr_set+0xb70/0x11f0
[  199.503412][T10767]  ? __vfs_setxattr+0x43c/0x480
[  199.503421][T10767]  ? __vfs_setxattr_noperm+0x12d/0x660
[  199.503429][T10767]  ? vfs_setxattr+0x16b/0x2f0
[  199.503438][T10767]  ? file_setxattr+0x1da/0x2b0
[  199.503443][T10767]  ? path_setxattrat+0x327/0x3a0
[  199.503449][T10767]  ? __x64_sys_fsetxattr+0xbc/0xe0
[  199.503454][T10767]  ? do_syscall_64+0xfa/0x3b0
[  199.503461][T10767]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.503474][T10767]  ? __kasan_kmalloc+0x93/0xb0
[  199.503482][T10767]  ? ocfs2_reserve_new_metadata_blocks+0x113/0x940
[  199.503490][T10767]  ocfs2_reserve_new_metadata_blocks+0x403/0x940
[  199.503498][T10767]  ? __pfx_ocfs2_reserve_new_metadata_blocks+0x10/0x10
[  199.503506][T10767]  ? __pfx_ocfs2_calc_xattr_set_need+0x10/0x10
[  199.503516][T10767]  ? __lock_acquire+0xab9/0xd20
[  199.503526][T10767]  ocfs2_init_xattr_set_ctxt+0x307/0x700
[  199.503536][T10767]  ? __pfx_ocfs2_init_xattr_set_ctxt+0x10/0x10
[  199.503545][T10767]  ? ocfs2_xattr_set+0xb36/0x11f0
[  199.503553][T10767]  ? up_write+0x1c4/0x420
[  199.503559][T10767]  ? ocfs2_xattr_set+0x334/0x11f0
[  199.503567][T10767]  ocfs2_xattr_set+0xb70/0x11f0
[  199.503578][T10767]  ? __pfx_ocfs2_xattr_set+0x10/0x10
[  199.503589][T10767]  ? __lock_acquire+0xab9/0xd20
[  199.503598][T10767]  ? look_up_lock_class+0x74/0x170
[  199.503605][T10767]  ? register_lock_class+0x51/0x320
[  199.503614][T10767]  ? posix_xattr_acl+0x93/0xc0
[  199.503623][T10767]  ? evm_protect_xattr+0x4d4/0xa90
[  199.503632][T10767]  ? __pfx_evm_protect_xattr+0x10/0x10
[  199.503639][T10767]  ? __pfx_ocfs2_xattr_trusted_set+0x10/0x10
[  199.503648][T10767]  __vfs_setxattr+0x43c/0x480
[  199.503659][T10767]  __vfs_setxattr_noperm+0x12d/0x660
[  199.503669][T10767]  vfs_setxattr+0x16b/0x2f0
[  199.503678][T10767]  ? mnt_get_write_access+0x68/0x2a0
[  199.503685][T10767]  ? __pfx_vfs_setxattr+0x10/0x10
[  199.503694][T10767]  ? mnt_want_write_file+0x172/0x200
[  199.503702][T10767]  file_setxattr+0x1da/0x2b0
[  199.503708][T10767]  path_setxattrat+0x327/0x3a0
[  199.503716][T10767]  ? __pfx_path_setxattrat+0x10/0x10
[  199.503722][T10767]  ? do_futex+0x333/0x420
[  199.503734][T10767]  ? rcu_is_watching+0x15/0xb0
[  199.503741][T10767]  __x64_sys_fsetxattr+0xbc/0xe0
[  199.503748][T10767]  do_syscall_64+0xfa/0x3b0
[  199.503754][T10767]  ? lockdep_hardirqs_on+0x9c/0x150
[  199.503760][T10767]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.503766][T10767]  ? exc_page_fault+0x9f/0xf0
[  199.503773][T10767]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.503779][T10767] RIP: 0033:0x7ff9ee58ec29
[  199.503788][T10767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.503794][T10767] RSP: 002b:00007ff9ef4d2038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[  199.503801][T10767] RAX: ffffffffffffffda RBX: 00007ff9ee7d5fa0 RCX: 00007ff9ee58ec29
[  199.503806][T10767] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  199.503810][T10767] RBP: 00007ff9ee611e41 R08: 0000000000000000 R09: 0000000000000000
[  199.503814][T10767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  199.503818][T10767] R13: 00007ff9ee7d6038 R14: 00007ff9ee7d5fa0 R15: 00007ffd3afebfa8
[  199.503825][T10767]  </TASK>
[  199.605464][T10784] loop1: detected capacity change from 0 to 512
[  199.606991][    C1] vkms_vblank_simulate: vblank timer overrun
[  199.696013][ T5849] ocfs2: Unmounting device (7,0) on (node local)
[  199.707723][T10784] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.714504][T10784] ext4 filesystem being mounted at /624/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  199.790153][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.

VM DIAGNOSIS:
14:59:30  Registers:
info registers vcpu 0

CPU#0
RAX=1ffff920006a9ff2 RBX=ffffc9000354ff58 RCX=dffffc0000000000 RDX=0000000000000000
RSI=0000000000000000 RDI=0000000000000000 RBP=ffffc9000354fd70 RSP=ffffc9000354fc00
R8 =ffffc9000354f9ef R9 =1ffff920006a9f3d R10=dffffc0000000000 R11=fffff520006a9f3e
R12=dffffc0000000000 R13=00007ffd402d3f78 R14=ffffc9000354ff90 R15=00007ffd402d3f78
RIP=ffffffff8164e0ec RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000555578a2e500 ffffffff 00c00000
GS =0000 ffff8880b8612000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffd402d3f80 CR3=00000001087d4000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=6161616161616161 6161616161616161
XMM06=6161616161616161 6161616161616161 XMM07=6161616161616161 6161616161616161
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007fef7f012fed
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000000002d RBX=000000000000002d RCX=0000000000000000 RDX=00000000000003f8
RSI=000000000000151b RDI=000000000000151c RBP=00000000000003f8 RSP=ffffc900046be570
R8 =ffff88801f080237 R9 =1ffff11003e10046 R10=dffffc0000000000 R11=ffffffff854fbd20
R12=dffffc0000000000 R13=ffffffff99b038e5 R14=ffffffff99df8460 R15=0000000000000000
RIP=ffffffff854fbd9c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007ff9ef4d26c0 ffffffff 00c00000
GS =0000 ffff8881a3c12000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fe6503056c0 CR3=000000001b3d6000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=6161616161616161 6161616161616161
XMM06=6161616161616161 6161616161616161 XMM07=6161616161616161 6161616161616161
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007ff9ee612fed
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
