last executing test programs:

1m11.643977301s ago: executing program 1 (id=911):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={0x38, 0x0, 0x1, 0x101, 0x0, 0x0, {0x2, 0x0, 0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x4004881}, 0x200089a0)

1m11.643691197s ago: executing program 1 (id=912):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000080)={0x5, 0x802, 0x0, {0x0, 0x2710}, {0x0, 0xea60}, {0x0, 0x0, 0x1}, 0x1, @canfd={{}, 0x24, 0x0, 0x0, 0x0, "f33d8e7b847ec8b36f1107e036dd98fc469107485e371bcf5c6b77db54f3d984795c49eca9b92241dc9fc39f976ad52e581942d9fc2178681e6866aa6ef10d06"}}, 0x80}, 0x1, 0x0, 0x0, 0x40084}, 0x20000000)
sendmsg$can_bcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)={0x5, 0xe10, 0x0, {}, {}, {0x0, 0x0, 0x1}, 0x1, @canfd={{}, 0x34, 0x0, 0x0, 0x0, "645b5d48da6811cd874f3c107bd10bc8831026d4072dd2c54bd79f35321619c67d39e5f49bae641ed1511200"}}, 0x80}, 0x1, 0x0, 0x0, 0x28000880}, 0x4)

1m11.533865181s ago: executing program 1 (id=914):
r0 = syz_open_dev$cec(&(0x7f0000000240), 0x0, 0x22581)
ioctl$CEC_RECEIVE(r0, 0xc0386106, 0x0)

1m11.533616832s ago: executing program 1 (id=915):
syz_mount_image$f2fs(&(0x7f0000000080), &(0x7f0000000000)='./bus\x00', 0x450, &(0x7f00000015c0)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5e0b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b46e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c84268030000000000000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998247856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f0b00f694c5bef739aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c425179b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd9701404c669485a2e714ec9bb31ae0f201ca2e5b9ece2b035fbe2ee8d90aa87a986a307fe4fe90b7b2a48217f79001e60692c", @ANYRES64], 0x2, 0x5587, &(0x7f0000009cc0)="$eJzs3MuLW2UUAPCTyfT9cBAX7nqhiDPQhGb6QHdVW3xgS/GxcFUzSRrSJrnDJE3HrkRdigv/E1FwJbjxb3Dh2p24UNwJI/cx1dqHDkknffx+cHPu/fLl3O9cwoSTOySAp9ZS8sdvlTgaByKiGhGHK5HvV8otd64Iz0fEsYhY+MdWKcdvD+yNiIMRcTRLHvH9qJiTPfXlicnxM7++9ft3P+5bPPTVtz/Nr2pg3l6IiMF6sX9zUMS0W8Rr5Xhz0svj4PSkjMUTg+vlcVrEm521PMPN5va8Zh5PdYv56fqNURav9putLHZ7V/Px9WFxwtGku50nf8G15kZ+3O6s5bE3SvPYvVWsa/NW8ffy1mhc5GmX+T7K08d4vB2L8c5mp6hn/XoeW8NxOV7kTdudzSxOylieLlppv52vY22aK/1oe7s3vLGZTDobo146TM7UGy/VG2drjY203Rl3Tteag/bZ08lyt59Nq714pTk4103Tbr9Tb6WDlWS522rVGo1k+XxnrdccJo1G/VT9ZO3MSrl3Inn90vtJv50sZ/HV3vDG3l5/lFxNN5LiFSvJav3UyyvJ8Uby7sXLyeV3Lly4ePm9K+c/uPTKxTdfKyfdtaxkefXk6mqtcbK22ljZxfrHnXvXn33u/s/6x9PU/1m56B3UX5nu8sCDeYMB7Nhd/X/Mtv+vhv4fuNtj2/9vbW1tlTXMrP/PWqoH9v/7p7nUj7Qd9b8L9+l/d9D/T9X/Pqr9/yzrLz/vY5fqh6no/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnlo/7/n6jXxnqTg+VI4fKYeeLY8rEbEQEVv3UI29d+Sslnn23Gf+nn+t4YdK5Bmyc+wrt4MRca7c/nzmYV8FAAAAeHJ98/GxL4puvXhYmveC2E3F1zALhz+cUb5KlnPplxllW8genptRsvz9vRibM8qWX7n9M0pWfOW2GBGf7JtVyv9S3Q6fHvl7MC+oUoSF3VoJAACwe6p3hMW5rgUAAICH6fN5L4D5qMTtm8Db/8Bf3oAsb20euOM5AAAA4DFUmfcCAAAAgIcu7//9/h8AAAA82Yrf/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAv9i5nxu1gSgOwM8GA/mnoCj3tJIblJEScswRKCBNUAJpIQ1QA7nlnksEK+wRkndBWi3jtUDfJ9lmbPSbGeDyxsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJf+VJv5r8WXn7G4Lmd/uE6u+QAAAABP7arNvH4xbdrv0vkP6dSn1C4iooyIc7X7IEatzEHKqS68v3o0ht8RdcKxj3Ha3kbE17T9/9j1pwAAAAD3a7taz5pqvdlN+x4Qr6lZtCnff8uUV0RENf2bKa087j5nCqt/38P4kSmtXsCaZAprltyG56+NcnXSNmgd0kwmy/pLrFtlN/0CAAB9alcCF6oQAAAA7sD3vgdAP4rT7nSfcdwc0g3BN60WAAAAcIOKvgcAAAAAdK6u/2/h+X///C0BAAAAXqx5/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABd2lWb+Xa1nl26vnxmzv5wnXwzAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCB/blHARAGYwD6Kf5u0vvf1EGJ6NjV6T0ohIRSCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0DO+p8QtPc1TVlDZhTt2qasmUsGZK2DIn7LnQOo+c159fAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgZn9eUiAEgiAK5oz/nfT9DysJegYRIqDhUUUtGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+5ne//J+YGmeSudPG0vFIsnbV2Lpq7D1oHD0Yb/8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYuf+edsowwCAPz773D+ACAFlCKAiMcBCE7e0dIQBFDHwEZCi1CmhLoU2A40iUBaYUOYuCEaEkEBh63fo3EhdytYhQ5CYQXe+S66tS00hdy75/aTX72Pf5d7nvXOiPHnPAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKO28Ey8lRdzOHqaGcfnard31pazfvq/P3Ni8PZu1LG49aqCv3/7vk59sL1efnJipPPmy/mQAAAA4HNplfR8Rd9KthaxPpvL6Py33yWr+754ZxmU9f3/dv727frTYNFvW/7/+cveFvYGmhuNkB11eGfTnH0ylc0BTnHjPPnKPTn7m87+9tPMLkry/8fxOmp/P1jc3b77bzcMjdWQLADyOk2WfBUf3fx/K+l7DuQFwOHQqhXdZ/7enms0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoA47G/FUGbciYrazH2e2d9eXRvU3Nm/Plu3s9eub1WNmh0gjYnll0E9rnMuku3pt7eLiYNC/MjKIeOimfx+ciIiDOfJDghix6cMxvjzi7/cp3p5RzyzWLi52xt+5Vd/pndggKa5P8Uo3qft6HWCQvfeOjfW9/E+DBn4YAQDwv5YWLavr76RbC9lrremIP7+/t/5/rRLHmPX/3Y/O3qqOVa3/e7XNcPLNrV76dO7qtbU3Vi4tXuhf6H/y5qneW73T586cOTeXnav5ueVI+vNNpwkAAMATrFu0av2fTD+4/n+8EseY9f9n3/a+qI7VVv+PtL/o13QmAAAAh1F3L3rulT9+b43Yo9XtxueLq6tXesPHveenho+1pvuYjhStWv+3p5vOCgAAAKjDzkbrnvX/85U4xlz/f/qHF3+qHrM9/Jzs5Yjon1y6PDhf33QmWh0fVM4H6jY9UwAAAJpyrGjV9f80v/8/2bvlIYmI118dxuX/WRun/m+/99WP1bGq9/+frm+KEymZGZ6PvJ+J6Mw0nREAAABPonGXeo8WLSv2f0u3Fj7++fgHXff/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANTtrwAAAP//GLYzgw==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x100)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file1\x00', 0x109042, 0x88)
fallocate(r0, 0x0, 0x63db, 0x7000000)
mount$overlay(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000140), 0x8, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

1m10.998802932s ago: executing program 1 (id=928):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000340)='./bus\x00', 0x41, &(0x7f0000000600)={[], [], 0x3d}, 0x1, 0x522, &(0x7f00000007c0)="$eJzs3UFsI1cZAOB/HHu72U2bFDhAJUqhRdkVrJ00tI16KEVCcKoElPsSEieK4sRR7LSbqIKsOHBEQgiQOJULFyROnJBQJS4cEVIlOIMAgRBs4YAEdCrb43Q3GSfZjWNn4++TJvPmeeb97zma8byZp5kARtZTEfFyRLybpun1iJjM8gvZFHudqbXeO3feWGxNSaTpq/9IIsnyumWlbY/E1WyzyxHxlS9GfD05HLexs7u2UKtVt7LlSnN9s9LY2b2xur6wUl2pbszNzT4//8L8c/MzfWnnRES89Pm/fP87P/nCS7/89Ot/vPm3a99Isvw40I77VDzqw07TS+3v4u4Nth4w2HlUbLcwM563xtihnNtnXCcAAHr7QER8IiKux2SMHX06CwAAADyE0s9OxP+S7r27Qy71yAcAAAAeIoX2GNikUM7G+05EoVAuR3sM74fiSqFWbzQ/tVzf3ljqjJWdilJhebVWncnGCk9FKWktz7bT7y8/e2B5LiIej4jvTY63l8uL9drSsC9+AAAAwIi4eqD//+/JTv8fAAAAuGCmhl0BAAAA4Mzp/wMAAMDFp/8PAAAAF9qXXnmlNaXd918vvbazvVZ/7cZStbFWXt9eLC/WtzbLK/X6SvuZfevHlVer1zc/ExvbtyrNaqNZaezs3lyvb280b67e8wpsAAAAYIAe/9hbv08iYu/F8fbUculkm55wNeC8Ku6nkmyes1v/4bHO/M8DqhQwEGPDrgAwNMVhVwAYmtKwKwAMXXLM5z0H7/wmm3+8v/UBAAD6b/oj+ff/j78uuFcYQPWAM+T+H4wu+z+MrvZ5/klH8jrjhwul5AwARt6p7/8fK03vq0IAAEDfTbSnpFDOLu9NRKFQLkc82n4tQClZXq1VZyLisYj43WTpkdbybHvL5Ng+AwAAAAAAAAAAAAAAAAAAAAAAAADQkaZJpAAAAMCFFlH4a/KrzrP8pyefmTh4feBS8p/JyF4R+vqPXv3BrYVmc2u2lf/P/fzmD7P8Z4dxBQMAAABGQvF+Vu7207v9eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADop3fuvLHYnQYZ9++fi4ipvPjFuNyeX45SRFz5VxLFu7ZLImKsD/HHW38+nBc/aVVrP2Re/PE3Tx9/7/aR8WMq+xby4l89fXgYaW+1jj8v5+1/hXiqPc/f/4oR9yw/qN7Hv9g//o312P8fPWGMJ97+WaVn/NsRTxTzjz/d+EmP+E/nFfjzbx/K+tpXd3d7xU/fjJjO/f1J7olVaa5vVho7uzdW1xdWqivVjbm52efnX5h/bn6msrxaq2Z/c2N896O/ePeo9l/pEX/qmPY/k1PepZy8/799684HO8lSXvxrT+fE//WPszUOxy9kv32fzNKtz6e76b1O+m5P/vS3Tx7V/qUe7T/u/3+tV6EHXP/yt/50wlUBgAFo7OyuLdRq1a3zkXgx+l5yq4c/9HY9fIn/pueiGmeb+GZfC0zTNG3tU6coJ4nBfQnJ0VUd9pEJAADot/dP+oddEwAAAAAAAAAAAAAAAAAAABhdg3jS2MGYe/uppB+P0AYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6Iv3AgAA//8ZWuAG")

1m10.435000527s ago: executing program 1 (id=933):
syz_mount_image$vfat(&(0x7f0000000a40), &(0x7f0000000000)='./file1\x00', 0x2010000, &(0x7f0000000940)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c756e695f786c6174653d312c696f636861727365743d63703836352c73686f72746e616d653d6d697865642c636f6465706167653d3836392c726f6469722c616c6c6f775f7574696d653d30303030303030303030303030303030303137373737372c73686f72746e616d653d77696e39352c696f636861727365743d6370313235352c636865636b3d7374726963742c6e6f6e756d7461696c3d302c73686f72746e616d653d77696e39352c004c21fbd23364597e61bd9e6c47bce24b3f93d831eaa8688deebdbf10d10f509bad0fabd2253225b10ce42f4dc8b613d3585bcb3b5892369a7a4e0325cb6510"], 0x25, 0x34c, &(0x7f0000001740)="$eJzs3T9oJGUUAPC3mU12EziTQji0Wu0EOS4RC21MOE44TKEni/8aFy7nn+wqZHEhFtlLo1gqNoJWdldoebVYiNhZ2HqCnIqN1x3c4cjuTHY3mcn9EbOn3u9XhJf3fW++byZDdhKSt6+uxua52Th/9eqVqNcrUV09tRrXKrEUM5FE5kIAAP8n19I0/kgzw8RTN5v90ULMZtHcVHYHAByF4ev/a8fGidrd3A0AMA2Fn//LPVuaffvItgUAHKHC6//D+4YP/Jq/OvqbAADgv+v5l15+Zm094myjUY/ovN9r9prx5Hh87Xy8Ee3YiJOxGDcisgeF7Glh8PHpM+unTzYGflmK5qCi14zo9HvN7ElhLRnW12I5FmMpr09H9cmgfnlY34iIC/3h+tGp9JqzsZCv/+NCbMRKLMb9hfqIM+unVxr5AZqdvfp+xG7U905isP8TsRjfzww/OReD2uxYg8zOcqNxKl3fV9+7WBvOAwAAAAAAAAAAAAAAAAAAAACAo3BiPvLuOY2lUf+btNPvvXc2n9Aojg/7+2TDeX+g3aw/UFrb687zQXKwP9D+/jy9ZjVm7uqZAwAAAAAAAAAAAAAAAAAAwL9Hd3suWu32xlZ3+93NcTDX7k9k3vr2i6/n4+CcN5NxJqrZ4fbNyXMxUZXEqDwdlafJvjl5kETkkyvRunhptOPJObXRWRTKB0GtMFTJ99Rqt4899POnZVV/jjNJjIbqpUtU8vUnhjr3Zamy/dw8qHS3V24x53KapoeV73xSrIp6RLXwhfsngm+uvP7AY93jj3cr1c3WV3nTh0ceXXzh8sef/7bZakd+adrtua3ujfRvr5VM3D+V/DpXSu6E8mB3nNnd6m63kh9+f/HBD787MDkpv3/Sycw7h6/15cHMXBYMtnk7ZzpbcvOXB69cH929d34xj3+22rq089OvexfzVlUT3yQ06gAAAAAAAAAAAAAAAAAAgKmY+F/xO/DEc0e3IwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYvvH7/08Eu4XM7QTX+1Ecqm1sdQ9dfH6qpwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD3srwAAAP//JT9zjQ==")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x14b442, 0x2)

1m10.342949328s ago: executing program 32 (id=933):
syz_mount_image$vfat(&(0x7f0000000a40), &(0x7f0000000000)='./file1\x00', 0x2010000, &(0x7f0000000940)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c756e695f786c6174653d312c696f636861727365743d63703836352c73686f72746e616d653d6d697865642c636f6465706167653d3836392c726f6469722c616c6c6f775f7574696d653d30303030303030303030303030303030303137373737372c73686f72746e616d653d77696e39352c696f636861727365743d6370313235352c636865636b3d7374726963742c6e6f6e756d7461696c3d302c73686f72746e616d653d77696e39352c004c21fbd23364597e61bd9e6c47bce24b3f93d831eaa8688deebdbf10d10f509bad0fabd2253225b10ce42f4dc8b613d3585bcb3b5892369a7a4e0325cb6510"], 0x25, 0x34c, &(0x7f0000001740)="$eJzs3T9oJGUUAPC3mU12EziTQji0Wu0EOS4RC21MOE44TKEni/8aFy7nn+wqZHEhFtlLo1gqNoJWdldoebVYiNhZ2HqCnIqN1x3c4cjuTHY3mcn9EbOn3u9XhJf3fW++byZDdhKSt6+uxua52Th/9eqVqNcrUV09tRrXKrEUM5FE5kIAAP8n19I0/kgzw8RTN5v90ULMZtHcVHYHAByF4ev/a8fGidrd3A0AMA2Fn//LPVuaffvItgUAHKHC6//D+4YP/Jq/OvqbAADgv+v5l15+Zm094myjUY/ovN9r9prx5Hh87Xy8Ee3YiJOxGDcisgeF7Glh8PHpM+unTzYGflmK5qCi14zo9HvN7ElhLRnW12I5FmMpr09H9cmgfnlY34iIC/3h+tGp9JqzsZCv/+NCbMRKLMb9hfqIM+unVxr5AZqdvfp+xG7U905isP8TsRjfzww/OReD2uxYg8zOcqNxKl3fV9+7WBvOAwAAAAAAAAAAAAAAAAAAAACAo3BiPvLuOY2lUf+btNPvvXc2n9Aojg/7+2TDeX+g3aw/UFrb687zQXKwP9D+/jy9ZjVm7uqZAwAAAAAAAAAAAAAAAAAAwL9Hd3suWu32xlZ3+93NcTDX7k9k3vr2i6/n4+CcN5NxJqrZ4fbNyXMxUZXEqDwdlafJvjl5kETkkyvRunhptOPJObXRWRTKB0GtMFTJ99Rqt4899POnZVV/jjNJjIbqpUtU8vUnhjr3Zamy/dw8qHS3V24x53KapoeV73xSrIp6RLXwhfsngm+uvP7AY93jj3cr1c3WV3nTh0ceXXzh8sef/7bZakd+adrtua3ujfRvr5VM3D+V/DpXSu6E8mB3nNnd6m63kh9+f/HBD787MDkpv3/Sycw7h6/15cHMXBYMtnk7ZzpbcvOXB69cH929d34xj3+22rq089OvexfzVlUT3yQ06gAAAAAAAAAAAAAAAAAAgKmY+F/xO/DEc0e3IwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYvvH7/08Eu4XM7QTX+1Ecqm1sdQ9dfH6qpwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD3srwAAAP//JT9zjQ==")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x14b442, 0x2)

3.10399967s ago: executing program 2 (id=1693):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r1 = gettid()
process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
madvise(&(0x7f000042f000/0x800000)=nil, 0x800000, 0x15)

3.049118982s ago: executing program 3 (id=1694):
prlimit64(0x0, 0x7, &(0x7f0000000140)={0x0, 0x4000}, 0x0)
syz_io_uring_setup(0x1e10, &(0x7f00000000c0)={0x0, 0x0, 0x10000, 0x3}, 0x0, 0x0, 0x0)
futex_waitv(&(0x7f0000004040)=[{0x0, &(0x7f00000001c0), 0x2}], 0x1, 0x0, 0x0, 0x1)

2.118695949s ago: executing program 3 (id=1698):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x1, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000f000000850000002e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$kcm(0x11, 0x2, 0x300)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000040)=r0, 0x4)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)

1.87514933s ago: executing program 3 (id=1700):
syz_mount_image$iso9660(&(0x7f0000002900), &(0x7f0000000000)='./file0\x00', 0x40, &(0x7f0000000180)=ANY=[], 0x1, 0x5b7, &(0x7f0000000780)="$eJzs3MFv29YZAPDHxK4NBwsGFGvSNEDZtIfsEFeSFwdGBywaTdtsJVEg5cI5DcXiZMHsblg2YMmly6VDgQ077bz1utOO+6d62T/ggRLlybJTpWkTpcDvB8TvUfzI9z2C4QcRIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEKJks9FoRqGT9Xb34qdLNou8e7y0EKbXj/f3nxPNCYsTf0MUQlT9C8vL4fLoo8uv/z/2R9Wfa+HSaOlSWK6a5fD4whs//OD1hXPVhotRdCqLl+3ho8e//uTgYP9332Cbo6Ojz6rZvMC0XprttJeVedZtb6dxVubxxvp64/2drTLeyjppeaccpN04KdL2IC/i68ntEMLGWpyu3sl3e9ub7U4aX09+HDc3Nm7daDUa6/GHq/20XZR57/0PV8tkJ+t0st72MKZafaP1drhVnYgfZYN4kLa7cXzvwcH+2qwkq6DmswS1ZgW1Gq1Ws9lqNddvbty81Wgs12fr8QcLjSlhepOF+Z+0vHSv1SfKcGF8jXvtO7uIw3M6Sv427xQAAACAFywa3mOPhvflLw97W1knbZyIOYrmlh4AAADwHRh+tb9U3wAI4XKITn//BwAAAL7f/jnunPmMXYiiUPaXovGjKv2996LDdtVrH54ffXR+eo+DrSvRxXonw2Z9oV5K0qvRm6OgN8fRX9XNvac/6/fvUOURFcVi9OTbJRD+Eq6MYq7cHbV3x2tGs13ZyjrpapJ3PmiGdvviuUG6N/jDpw/+GEJRHJ3/ote9GIV7Dw72V3/5m4O7VS6jpxmfHNa/kDj1Q4mTuSyFiVx+f/zcYz3j2yeP/OLwRkw16y963ZXRuI3J+Z8bbX7uG8z/8/DWKOatlVG7cnL+y9WYzdUzZj+ZRbO/995SPdgzznwqi6ujmKvXhyfWu9frNYsTWbRmZdEaHosno+P/XMfiOIt3T2QxeSzWZmWx9i2zAJiXe9NV6FT9P1V3n+Mq9zXVvRqlKuEzq/uvZo7yeXhnFPPOlYW6Ip0PYeqK3ph1RW9MXtG/prqFcHYW/wrX/vH3EHbDtXHw02psNe5fT1TV6PDLaoMvT4/7p1FT/vf+zoWqs3T42/DGw0ePbzw4/OT+/v39T1uttfXGTxqNm62wOJxG3ag9AJwhLb6KVgZ/jooi6/+iubHRbA920rjIk4/iItvcTuOsN0iLZKfd207jfpEP8iTvVJ2Ps820jMvdfj+vKklexP28zPaGb36J61e/lGm33RtkSdnvpO0yjZO8N2gng3gzK5O4v/vzTlbupEW8lRdx2U+TbCtL2oMs78Vlvlsk6Wocl2k6EZhtpkefhZBV3V7cL7Juu7gTf5x3drtpvJlW1bI/yKNQ7XA8VtbbyovucLer8z7YAPCKeBjqN9gdv8ru4c/Gqx6dWnVmJyzPiJnzFAGAKdNVemneCQEAAAAAAAAAAAAAAKdMPq730/qVPs/22N8r27l94axVb88/sclOCGHhFUhD5xk7y69GGov1f9vn3U8UQpgd/IMqZp5XJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA42/8CAAD//+AlkH0=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)

1.538311334s ago: executing program 2 (id=1703):
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000140)='./file2\x00', 0x1000000, &(0x7f00000000c0)=ANY=[], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==")
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40140, 0x1)
renameat2(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

1.46337416s ago: executing program 3 (id=1705):
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000000)={0x6, 0x6, 0x2, 0x0, 0xffffffff, 0x2})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x228, 0x0, &(0x7f0000000540)="e30080670000ec67838717bd86dde148f0630962bb87dd44fe42904bcee14db4241544716bd9c62231ed3373a3e2995363bb217d9c1fd05dacf5bb80b4b7c9c3abc539bfa9ce38978defbb39a1ffa8a175e8257c3c5386795f7aaa2b182cc4c3705dc9f253d21fba2eace93b558c750cfba810dc7a19dbb15a5a39c850a7541d5e2765acdedc1330ff030000b727e42ad8305aaecab5141901b2fe9df9b70001000000002e226c0d3da103584e12f876c1ceeb5cde8d693c54260d41d1037995a1cd288118dbf12115ce226253e5a18f67ce0dadaaa51388f90ba0e104cc90ab1ffb103d4875d667fab1d2ab0f37a5d7964da187d982a1b03a2871abf3c69b6302e18a7c98eddb1bff82830721a399c20000008fd5e97fcad5bdf82bd8271643b28efad5b464465a978e95a26785ae67dc11e634c7e30d853049017c970145ddfb98293210ae7dba87befd9832d5b1b6ed003bb67548aada7778d4af9ec26c99038d63137e25a91c28b165226f2cad3fd4a8761a549bfee3306273f309e7f7fe9dc3654b2e8798ccf92f98fb81cb63bac6beae374d7b07b6f388d99ea3322c53cfdc43d3506a4608e0dd275cf42382ff00fd5fc5992b852ac6e50ed4644bd6037f46c68066086485f498f6d8d7ba5081c7874d91ad30cc88d6c7ded9ab7733b038544eedcf58688cd7bf397ade9421ffe20a408aca4ea154733edf284063ea7a8fcea69cb3dce7dc3e5354ed5b6a8f35420bd7da85e4e69e4040d244cfcb9be18e663a5ae4099752", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xfa1d}, 0x50)
r0 = syz_open_dev$sg(&(0x7f00000000c0), 0x0, 0x28101)
ioctl$FIBMAP(r0, 0x1, &(0x7f0000000040)=0x85)

1.398415257s ago: executing program 2 (id=1706):
r0 = syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x100)
ioctl$FE_GET_PROPERTY(r0, 0x80106f53, &(0x7f0000000400)={0x4, &(0x7f0000000200)=[{0x34, '\x00', @st={0x4, [{0x1, @uvalue=0xfffffffffffff393}, {0x1, @svalue=0x2}, {0x2, @svalue=0x6}, {0x2, @uvalue=0x800}]}, 0x3}, {0x40, '\x00', @data=0xc6b, 0x3ff}, {0x26, '\x00', @st={0x4, [{0x2, @uvalue=0x2}, {0x3, @svalue=0x9}, {0x2, @svalue=0x1000}, {0x1, @uvalue=0x5}]}, 0x4}, {0x3d, '\x00', @st={0x4, [{0x3, @uvalue=0x7}, {0x3, @svalue=0x6}, {0x0, @svalue=0x9}, {0x2, @svalue=0x1a01}]}, 0x4}]})

1.337349903s ago: executing program 3 (id=1707):
syz_usb_connect$uac2(0x2, 0xcb, &(0x7f0000000100)=ANY=[@ANYBLOB="1201000000000010440621804000010203010902b90003010080c0080b0001010520070904000000010120000924010800082100590c24030203040803070400020c240304010706053b06"], 0x0)

1.335328089s ago: executing program 2 (id=1708):
syz_usb_connect$midi(0x1, 0x31, &(0x7f0000000280)=ANY=[@ANYBLOB="12011003000000083512100040000102030109021f00010118100409040001010103200609058e"], &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})

326.08589ms ago: executing program 0 (id=1720):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000440)=[{0x30, 0x1, 0x81, 0xfffff024}, {0x6}]}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6f}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x26}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0xfffffffffffffd2e, &(0x7f0000000000)='e', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4}, 0x48)

207.713749ms ago: executing program 0 (id=1721):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f00000001c0))
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000040)=0x10000)
read$dsp(r0, &(0x7f00000000c0)=""/108, 0x6c)

207.534392ms ago: executing program 0 (id=1722):
r0 = fsopen(&(0x7f0000000140)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x9)
fchdir(r1)
r2 = open(&(0x7f0000000140)='.\x00', 0x8000, 0x112)
getdents(r2, &(0x7f0000001fc0)=""/184, 0xb8)
mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x33ed0000)
getdents(r2, &(0x7f0000001fc0)=""/184, 0xb8)

158.635147ms ago: executing program 3 (id=1723):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000005d40)='./file0\x00', 0x14040, &(0x7f0000001e40)=ANY=[], 0xff, 0x5e92, &(0x7f0000018400)="$eJzs3U1vHVf9B/DfffD1Q/9No+qvKkQs3BRKS2nzHChPTVl0AQuQUNckct0qkAJKAqJVRFxlgdgALwE23bDoW+AF9DUgXgCRbFZdUAaNfU4yHl/nOiS+c6/P5yM5M785d3zP5Ovx3OuZuScAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPj+Wz8+24uIK79OC45H/F8MIvoRy3W9GvXM5fz4YUSciO3meC4iBosR9frb/zwTcSEiPj0Wsbl1e61efO6A/bh45taNz3/wvb//7o93T/z0nZ983G7/0f+f/+T3dyKO//D1Tz6/82S2HQAAAEpRVVXVS2/zT6b39/2uOwUATEU+/ldJXq5Wq9XqJ1r/oT9b/VEXWjdV491pFhGx0Vynfs3gdDwAzJmN+KzrLtAh+RdtGBFPdd0JYKb1uu4Ah2Jz6/ZaL+Xbax4PVnfa898pd+W/0bt/f8d+00na15hM6+frbgzi2X36szylPsySnH+/nf+VnfZRetxh5z8t++U/2rn1qTg5/0E7/5Zd+f8pIuY2//7Y/EuV8x8+Sv4bgzne/+UPAAAAAMDRl//+f7zj87+Lj78pB/Kw87+rU+oDAAAAAAAAADxpjzv+333G/wMAAICZVb9Xr/352INl+30WW7387V7E063HA4VZbXw4IAAAAAAAAAAAAAAwHcOIlXRd/0JEPL2yUlVV/dXUrh/V464/70rffihZ17/kAQBgx6fHWvfy9yKWIuLt9Fl/CysrK1W1tLxSrVTLi/n17GhxqVpuvK/N03rZ4ugAL4iHo6r+ZkuN9ZomvV+e1N7+fvVzjarBATo2HR0GDgARsXM02nREOmKq6pno+lUO88H+f/TY/zmIrn9OAQAAgMNXVVXVSx/nfTKd8+933SkAYCry8b99XkCtVqvVavXRq5uq8e40i4jYaK5Tv2YwHD8AzJmN+KzrLtAh+RdtGBEnuu4EMNN6XXeAQ7G5dXutl/LtNY8Hqzvt+VqQXflv9LbXy+uPm07SvsZkWj9fd2MQz+7Tn+em1IdZkvPvt/O/stOeh/g/7PynZb/86+083kF/upbzH7Tzbzk6+ffH5l+qnP/wkfIfyB8AAAAAAGZY/vv/ced/8yYDAAAAAAAAwNzZ3Lq9lu97zef/vzjmcb3mnPs/j4ycf+/A+bv/9yjJ+ffb+bcuyBk05u+9+SD/f23dXvv41j+/kKczn//CYFQ/90KvPxima36qhXfjWlyP9Tiz5/HDXe1n97Qv7Go/N6H9/J72Ud2+vN3+Vl2vxS/ierxzv31xwoVRSxPaqwntOf+B/b9IOf9h46vOfyW191rT2r2P+nv2++Z03PNc/uu/X9y7d03f3Rjc37amevtOddCf7f+Tp0bxq5vrN177zdVbt26cjTTZtfRcpMkTlvNfSF85/5de2GnPv/eb++u9j0aPnP+suBvDffN/oTFfb+/LU+5bF3L+o/SV889HoPH7/zznv//+/0oH/QEAAAAAAAAAAAAAAICHqapq+xbRyxFxKd3/09W9mQDAdOXjf5Xk5erp1Usz1h+1Wq1WH926qRrvjWYREX9rrlO/ZvjtuG8GAMyy/0TEP7ruBJ2Rf8Hy5/3V0y913Rlgqm5+8OHPrl6/vn7jZtc9AQAAAAAAAAD+V3n8z9XG+M/b1wG1xo3eNf7rm7E6t+N/9keD7bHO0wY9Hw8f//tUPHz87+GE51uY0D6a0L44oX1pQvvYGz0acv7Pp4xz/ifThpU0/utLHfSnazn/U2ms55z/V1qPa+Zf/WWe8+/vyv/0rfd/efrmBx++eu39q++tv7f+87NnLl04f/HC+YsXT7977fr6mZ1/O+zx4cr557GvXQdalpx/zlz+Zcn5fznV8i9Lzv/FVMu/LDn//HpP/mXJ+ef3PvIvS87/5VTLvyw5/6+mWv5lyfm/kmr5lyXn/7VUy78sOf9XUy3/suT8X0u1/MuS8z+davmXJeefz3DJvyw5/3xlg/zLkvM/l2r5lyXnfz7V8i9Lzv9CquVflpz/xVTLvyw5/0upln9Zcv5fT7X8y5Lz/0aq5V+WnP/rqZZ/WXL+30y1/MuS8/9WquVflpz/t1Mt/7Lk/L+TavmXJef/3VTLvyw5/zdSLf+yPPj8fzNmzJjJM13/ZgIAAAAAAAAAAAAA2qZxOXHX2wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/JcdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWHvXmPkKu/7gZ+92WtDgv+BcIsDtrkZWNhd38AhBpOE/CnphZKQNi2pcbxrs4lv9e5yEyqbQluiIBWpVUVfNE2iNIrUVqAqaqlEIqRGat81rxrxJmqlvPALqByUVEoV2OrMPM+zM7Ozc9aXsWfO+XyQ/fPunJl55syZ2fku+s4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Gjzx6f/ZCDLsvxP7a8NWXZx/u912d78y4VdF3qFAAAAwNl6t/b3312SvrF3FWdq2OZfr/n37y4uLi5mX3jn5Ht/triYTtiUZUNrs6x2WvRvv/j5YuM2wXPZ6MBgw9eDBVc/VHD6cMHpIwWnryk4fW3B6aMFpy/bAcusq/8+pnZh19f+uaG+S7PLspHaade3OddzA2sHB+PvcmoGaudZHDmYzWSHs+lsYtl5Bmr/Zdnrm/Pruj+L1zXYcF0bsyw79dNnDsQ1DIR9fH3WdGU1jffd2/dmm9756TMHvj331lXtZuFuWLbSLNu6JV/n81m29OuqbCBbm/ZJXOdgwzo3tlnnUNM6B2rny//dus5Tq1xnvN2jYZ0/7LDOjeF7T16XZdlCtuI2rZ7LBrP1Ldea9vdo/YjILyO/Kz+QDZ/WcbJ5FcdJfp6fXNd8nLQek3H/bw77ZHiFNTTeHW9/ec2y/X6mx0l+q3vhWM0v+8H8SkdHG3+12nSs5ts8c8PKx0Db+67NMZCO5YZjYEvRMTC4Zqh2DAwurXlL0zEwuew8g9lA7bpO3tD5GBifO3J8fPapp2+bObL/0PSh6aOTE7t2bN+5Y/vOneMHZw5PT9T/Pr1d2kfWZ4PpGNwSnmviMXhTy7aNh+TiN87d42C0Rx4H+W3/zI35gi4ezFY4xvNtnt969o+D9HO/4XEw3PA4aPuc2uZxMLyKx0G+zamtq/uZOdzwp90auvVcuKHhGLiQPw/z63zk5pWfCzeGdb1wy+n+PBxadgzEmzUQHnv5d9LrvdE7w35ZflxcnZ9w0Zpsfnb6xO1P7p+bOzGZhXFeXNpwX7UeL+sbblO27HgZPO3jZe/f/vLGq9t8f0PYV6O3dr6v8m12jHW+r2rP7u33Z9N3t2VhnGPne3+2+2mW78+UJTrsz3yb5287+9eCKZc0PP+NFD3/DY0M15//htLeGGl6/lt+1wzVVpZlp25b3fPfSPhzvp//LuuR5798Xz1ye+djIN/mhfHTPQaGOz7/XRfmQFjPzSExjDbk/vdqpy/UD9OG+7LwuBkeHgnHzXC8xubjZvuy8+SXll/31okzO262Xtd8XzW9binhcZPvqz+f6Hzc5Nu8MXn2zx3r4j8bnjvWFB0DI0Nr8vWOpIOg/ny3uC4eA7dnB7Jj2eFsKp0nv5fz6xrbtrpjYE34c76fO67skWMg31cvb+t8DOTb/GD7uX3ttDV8J23T8Nqp9fcLK2X+q4eXLq91t53rzJ+v8xM7Ov9uKN/mrR2nmzM676dbw3cuarOfWh8/Kx3TU9n52U9XhnUe3tn5d1P5NpftWuXxtDfLsjcn36z9viv8fvcf5v/ju02/9233O+U3J998YPyhH53O+gEAOHPv1f5eWFN/rdnwf6xX8///AQAAgL4Qc/9gmIn8DwAAAKURc/9QmIn8DwAAAKURc/9wmElF8v9jd+5+5d1ns/RugItBPD3uhgfvrm8XO94L4etNi0vy73/sWyOvfOXZ1V33YJZlv3zgQ223f+zuuK6643GdH2n+/jJXXruq63/04aXtGt8/4dTu+uXH27PawyB2lV8f31a73E1PTdbmGw9ktfnQwgvP1S+//nXc/uT2+vZ/Fd60ZO/Bgabzbw3ruT7MTeE9ZR7cu7Qf8hnP98rGa/7l0s8uXV8838CW99du5st/UL/c+B5RL11a3z7e7pXW/72vfueVfPsnb2i//mcH26//ZLjcn4T5iz317Rv3+Vca1v9HYf3x+uL5bv/m99uu/9Ur6tu/Go6Lr4fZuv57//TD77a7v+L17L2rfr54/RP/s6N2vnh58fJb1z/67GTT/mi9/DfeqV/Onsd/NtS4ffx+vJ7o0buaj++BcP829cizLPvOH2dN+zn7aP18/9yy/nh5x+9qv/5bW9Z5fODa2vmXbs+Gptv1tb/Z1vb2xvXs/fsNTbfnpfvC/ntn/Af55Z58KByP4fT//WH98lrfy/TV+5qfb+L2X99Qf9zGyxtvWf9LLetfuDbfd8Xrv/+d+vpfvWdt0/r3fjIcT/fXZ9H6D/31JU3n/8a36/fHiSfGjh6bnZ+ZatirjY/jtaPr1l908fvef0l4Lm39et+xucemT2ya2DSRZZv68C0Du73+b4b53/WxcO6voe5HP6sfdy9+qv5z66af179+KXz/0XB/xp+PX/vLkabjtfV+X7inPs92/beEdazWFV/9r2tXteHJz78+/09/+Fbr64J4e45/cLR2+17efHnttIE36qe3Pl8V+c8PNj+ufzw8UZuvhf26GN6Zecvl9etrvfz43iQvfrr++I2v5OL5s5b3E9kw1Hw7znb9Pw6vY75/ZfPzXzw+Xnu25d2cN2QD+RIWwvNDtlA/PW4V9/eLpy5ve33xfXiyhatOZ5krmn1qdvzwzNH5J8fnpmfnxmefenrfkWPzR+f21d67dN8Xi86/9PheX3t8T03v2pHVHu3H6qPLLvT6jz98YOqOiRunpg/unz849/Dx6ROHDszOHpiemr1x/8GD008UnX9mas/ktt3b79g2dmhmas+du3dv3z02c/RYvoz6ogrsmvjS2NET+2pnmd2zY/fkzp07JsaOHJua3nPHxMTYfNH5az+bxvJzPz52Yvrw/rmZI9NjszNPT++Z3L1r17bCd388cvzg7KbxE/NHx+dnp0+M12/Lprnat/OffUXnpxpmj4XnuxYD4dX5527dld4fN/etL694UfVNml+eZm+H94KKP9+Kvo65fyTMpCL5HwAAAKog5v7wxv9LJ8j/AAAAUBox968NM5H/AQAAoDRi7h8NM6lI/tf/1//X/1+h//+P39P/1//X/z8H9P/1/zvR/9f/7+f16//r/1Os1/r/Mfevy7JK5n8AAACogpj714eZyP8AAABQGjH3XxRmIv8DAABAacTcf3GYSTXy/0jrP/X/9f/1/xs//z9uq/+f6f/r/58h/X/9/070/0vc/39v8Jys8YKtvz/7/+v0/+k1vdb/j7n/fWEm1cj/AAAAUAkx978/zET+BwAAgNKIuf+SMBP5HwAAAEoj5v4NYSYVyf8+/1//X/+/U//f5/830v/X/z8T+v/6/53o/5e4/+/z/33+P/Rg/z/m/v8XZlKR/A8AAABVEHP/B8JM5H8AAAAojZj7Lw0zkf8BAACgNGLuvyzMpCL5X/9f/1//X/9f/1//v5v0//X/O9H/1//v5/Xr/+v/U6zX+v8x938wzKQi+R8AAACqIOb+y8NM5H8AAAAojZj7rwgzkf8BAACgNGLuvzLMpCL5X/9f/1//X/9f/1//v5v0//X/O9H/1//v5/Xr/+v/U6zX+v8x918VZlKR/A8AAABVEHP/1WEm8j8AAACURsz9Hwozkf8BAACgNGLu3xhmUpH8r/+v/6//r/+v/6//30391f8fXPEU/f86/f9m+v/6/+es/5+/FNf/p4R6rf8fc/+Hw0wqkv8BAACgCmLuvybMRP4HAACA0oi5/9owE/kfAAAASiPm/k1hJhXJ//r/+v/6/73c/6/f0mr2/1/7i9b9qf+v/9+Oz//X/8/0/8/Yhe7P9/v6ff6//j/Feq3/H3P/5jCTiuR/AAAAqIKY+7eEmcj/AAAAUBox918XZiL/AwAAQGnE3H99mElF8r/+v/6//n8v9/99/n+m/6//X0D/X/8/0/8/Yxe6P9/v69f/X13/f03RBVFq57H/P5ytov8fc/8NYSYVyf8AAABQBTH33xhmIv8DAABAacTcf1OYifwPAAAApRFz/9Ywk4rkf/1//X/9f/1//X/9/27S/9f/70T/X/+/n9ev/+/z/ynWa5//H3P/zWEmFcn/AAAAUAUx998SZiL/AwAAQGnE3H9rmIn8DwAAAKURc/9YmElF8r/+v/6//r/+v/6//n83lbX/n55H9f/1//X/9f/1//X/WVGv9f9j7r8tzKQi+R8AAACqIOb+28NM5H8AAAAojZj7x8NM5H8AAAAojZj7J8JMKpL/9f/1//X/9f/1//X/u6ms/X+f/6//n+n/6//r/+v/U6jX+v8x90+GmVQk/wMAAEAVxNy/LcxE/gcAAIDSiLl/e5iJ/A8AAAClEXP/jjCTiuR//X/9f/1//X/9f/3/btL/1//vRP9f/7+f16//r/9Ps8E23+u1/n/M/TvDTCqS/wEAAKAKYu7fFWYi/wMAAEBpxNx/R5iJ/A8AAAClEXP/nWEmFcn/+v/6//r/+v/6//r/3aT/r//fif6//n8/r1//X/+fYr3W/4+5f3eYSUXyPwAAAFRBzP0fCTOR/wEAAKA0Yu6/K8xE/gcAAIC+0u5zCKOY+z8aZlKR/K//X/b+/+Ja/X/9f/3/zuvX/+8u/X/9/070//X/+3n9+v/6/xTrtf5/zP17wkwqkv8BAACgCmLuvzvMRP4HAACA0oi5/54wE/kfAAAASiPm/r1hJhXJ//r/Ze//+/x//X/9/6L16/93l/6//n8n+v/92f8PL1v0/3uo/58fQ/r/9KJe6//H3H9vmElF8j8AAABUQcz9Hwszkf8BAACgNGLu/3iYifwPAAAApRFz/yfCTCqS//X/9f/1//X/9f/1/7tJ/1//vxP9//7s/0f6/73T//f5//SqXuv/x9x/X5hJRfI/AAAAVEHM/Z8MM5H/AQAAoDRi7v//YSbyPwAAAJRGzP33h5lUJP/r/+v/6//r/+v/6/93k/6//n8n+v/6//28fv1//X+K9Vr/P+b+XwkzqUj+BwAAgCqIuf+BMBP5HwAAAEoj5v5PhZnI/wAAAFAaMff/aphJRfK//v/56f8PpsvX/9f/1//X/9f/P5f0//X/M/3/M3ah+/P9vn79f/1/ivVa/z/m/l8LM6lI/gcAAIAqiLn/18NM5H8AAAAojZj7fyPMRP4HAACA0oi5/8Ewk4rkf/1/n/+v/6//r/+v/99N+v/6/53o/+v/9/P69f/1/ynWa/3/mPt/M8ykIvkfAAAAqiDm/ofCTOR/AAAAKI2Y+z8dZiL/AwAAQGnE3P+ZMJOK5H/9f/1//X/9f/1//f9u0v/X/+9E/1//v5/Xr/+v/0+xXuv/x9z/cJhJRfI/AAAAVEHM/Z8NM5H/AQAAoDRi7v+tMBP5HwAAAEoj5v7fDjOpSP7X/9f/1//X/9f/1//vJv3/5f3//DnsQvb/16xmQ/3/VdH/1//X/9f/p7Ne6//H3P+5MJOK5H8AAACogpj7fyfMRP4HAACA0oi5/3fDTOR/AAAAKI2Y+x8JM6lI/tf/1//X/9f/1//vdv//Df1//X+f/78C/X/9/35ev/6//j/Feq3/H3P/58NMKpL/AQAAoApi7v+9MBP5HwAAAEoj5v59YSbyPwAAAJRGzP2PhplUJP/r/+v/X7D+fziP/v/S+fT/w/1auv6/z//X/9f/X4n+v/5/P69f/1//n2K91v+PuX9/mElF8j8AAABUQcz9Xwgzkf8BAACgNGLuPxBmIv8DAABAacTcPxVmUpH8r/+v/+/z//X/9f/1/7tJ/1//vxP9f/3/fl6//r/+P8V6rf8fc/90mElF8j8AAABUQcz9B8NM5H8AAAAojZj7D4WZyP8AAABQGjH3PxZmUpH8r/+v/6//r/+v/6//3036//r/nej/6//38/r1//X/KdZr/f+Y+2fCTCqS/wEAAKAKYu7/YpiJ/A8AAAClEXP/l8JM5H8AAAAojZj7D4eZVCT/6//r/+v/6/+36//XD0n9f/3/s6f/r//fif6//n8/r1//X/+fYr3W/4+5/0iYSUXyPwAAAFRBzP1Hw0zkfwAAACiNmPuPhZnI/wAAAFAaMfcfDzOpSP7X/9f/1//X//f5//r/3aT/r//fif6//n8/r1//X/+fYr3W/4+5//fDTCqS/wEAAKAKYu4/EWYi/wMAAEBpxNw/G2Yi/wMAAEBpxNw/F2ZSmP/XdXFV54/+v/6//r/+v/6//n836f/r/3ei/6//38/r1//X/6dYr/X/Y+6fDzPx//8BAACgNGLufzzMRP4HAACA0oi5/4kwE/kfAID/Y++udwW7qjiO35a0JSGEZ+EJeASegbfA3Yq7u7u7u7u7OxSKa1ICd601ZTrdZ+xw99nr8/lnBTrt7Mz965fJNweAZeTuv2fc0mT/6//1//r/afr/085P/6//1/9fEv2//v9E/3/ZzrqfP/r79f/6f7bN1v/n7r9X3NJk/wMAAEAHufvvHbfY/wAAALCM3P33iVvsfwAAAFhG7v77xi1N9r/+X/+v/5+m//f9//y56v/1/5dA/6//P9H/X7az7ueP/n79v/6fbbP1/7n77xe3NNn/AAAA0EHu/vvHLfY/AAAALCN3/wPiFvsfAAAAlpG7/4FxS5P9r//X/+v/9f/6f/3/nvT/+v8R/b/+/8jv1//r/9k2W/+fu/9BcUuT/Q8AAAAd5O5/cNxi/wMAAMAycvc/JG6x/wEAAGAZufsfGrc02f/6f/2//l//r//X/+9J/6//H9H/6/+P/H79v/6fbbP1/7n7Hxa3NNn/AAAA0EHu/ofHLfY/AAAALCN3/yPiFvsfAAAAlpG7/5FxS5P9r//X/+v/9f/6f/3/nvT/+v8R/b/+/8jv1//r/9m2e/9/9xv/ey+2/8/df2Pc0mT/AwAAQAe5+x8Vt9j/AAAAsIzc/Y+OW+x/AAAAWEbu/sfELU32v/5f/3+u/7/lGv2//l//f+7/1/9fHfp//f+I/n/W/v/i/iT0//p//T9bdu//N3r/8/937v7Hxi1N9j8AAAB0kLv/cXGL/Q8AAADLyN3/+LjF/gcAAIBl5O5/QtzSZP/r//X/vv+v/9f/6//3pP/X/4/o/2ft/33//0r7/7tdxPv1/3QwW/+fu/+JcUuT/Q8AAAAd5O5/Utxi/wMAAMAycvc/OW6x/wEAAGAZufufErc02f/6f/2//l//r//X/+9J/6//H9H/6/+P/H7f/9f/s222/j93/1Pjlib7HwAAADrI3f+0uMX+BwAAgGXk7n963GL/AwAAwDJy9z8jbmmy//X/+n/9v/7/ivr/O+j/9f9j+n/9/4j+X/9/5PdfYv9/w/n/vv6fDmbr/3P3PzNuabL/AQAAoIPc/c+KW+x/AAAAWEbu/mfHLfY/AAAALCN3/3Pilib7X/+v/9f/6/99/1//vyf9/3L9/zX6/3P0//p/3//X/zM2W/+fu/+5cUuT/Q8AAAAd5O5/Xtxi/wMAAMAycvc/P26x/wEAAGAZuftfELc02f/6f/2//l//r//X/+9J/79c/+/7/7ei/9f/6//1/4zN1v/n7n9h3NJk/wMAAEAHuftfFLfY/wAAALCM3P0vjlvsfwAAAFhG7v6XxC1N9v+U/f91+v9j9P/Xn5yc6P/1//p//f+Y/l//P6L/v3D/f8fb+f30/3O9X/+v/2fbbP1/7v6Xxi1N9j8AAAB0kLv/ZXGL/Q8AAADLyN3/8rjF/gcAAIBl5O5/RdzSZP/fXv9/851O/7nv/1+cnv2/7//r///3Pfp//f+F6P/1/yP6f9//P/L79f/6f7bN1v/n7n9l3NJk/wMAAEAHuftfFbfY/wAAALCM3P2vjlvsfwAAAFhG7v7XxC1N9v+U3//X/+v/9f/139H/6//1/2P6f/3/if7/sp11P3/09+v/9f9sm63/z93/2rilyf4HAACADnL3vy5usf8BAABgGbn7Xx+32P8AAACwjNz9b4hbmux//b/+/8z7/2v1/0n/Hz9X/b/+/xLo//X/J/r/y3bW/fzR36//1/+zbbb+P3f/G+OWJvsfAAAAOsjd/6a4xf4HAACAZeTuf3PcYv8DAADAMnL3vyVuabL/9f/6/zPv/33/v+j/4+e6Q///nz9D/f/Z0P/r/0f0//r/I79f/6//Z9ts/X/u/rfGLU32PwAAAHSQu/9tcYv9DwAAAMvI3f/2uMX+BwAAgGXk7n9H3NJk/+v/9f/6f/1/h/5/9H79/770//r/Ef2//v/I79f/6//ZNlv/n7v/nXFLk/0PAAAAHeTuf1fcYv8DAADAMnL3vztusf8BAABgGbn73xO3NNn/+v+j9//3uCleoP/X/+v/9f9T0v/r/0f0//r/I79f/6//Z9ts/X/u/vfGLU32PwAAAHSQu/99cYv9DwAAAMvI3f/+uMX+BwAAgGXk7v9A3NJk//fo/6+7zS9bp//3/X/9v/5f/z83/b/+f0T/r/8/8vv1//p/ts3W/+fu/2Dc0mT/AwAAQAe5+z8Ut9j/AAAAsIzc/R+OW+x/AAAAWEbu/o/ELU32f4/+/7b0/6euev9/y130//r/ov/X/5/o//X/G/T/+v8jv1//r/9n22z9f+7+j8YtTfY/AAAAdJC7/2Nxi/0PAAAAy8jd//G4xf4HAACAZeTu/0TccNc7n92T/q/0//p/3//X/+v/9f970v/r/0f0//r/I79f/6//Z9ts/X/u/k/GLf7+HwAAAJaRu/9TcYv9DwAAAMvI3f/puMX+BwAAgGXk7v9M3NJk/+v/9f/6/2P3/9fq//X/k9P/6/9H9P/6/yO/X/+v/2fbbP1/7v7Pxi1N9j8AAAB0kLv/c3GL/Q8AAADLyN3/+bjF/gcAAIBl5O7/QtzSZP/r//X/+v9j9/++/6//n53+X/8/ov/X/x/5/fp//T/bZuv/c/d/MW5psv8BAACgg9z9X4pb7H8AAABYRu7+L8ct9j8AAAAsI3f/V+KWJvtf/6//1//r//X/+v896f/1/yP6f/3/kd+v/9f/s222/j93/1fjlib7HwAAADrI3f+1uMX+BwAAgGXk7v963GL/AwAAwDJy938jbmmy/1fu/0e/TP9/Sv+v/z/R/+v/d6b/1/+P6P/1/0d+v/5f/8+22fr/3P3fjFua7H8AAADoIHf/t+IW+x8AAACWkbv/23GL/Q8AAADLyN3/nbilyf5fuf8f0f+f0v/r/0/0//r/nen/9f8j+n/9/5Hfr//X/7Nttv4/d/9345Ym+x8AAAA6yN3/vbjF/gcAAIBl5O7/ftxi/wMAAMAycvf/IG5psv/1//p//b/+X/+v/9+T/l//P6L/1/8f+f36f/0/22br/3P3/zBuabL/AQAAoIPc/T+KW+x/AAAAWEbu/h/HLfY/AAAALCN3/0/ilib7X/+v/9f/6//1//r/Pen/9f8j+n/9/5Hfr//X/7Nttv4/d/9P45Ym+x8AAAA6yN3/s7jF/gcAAIBl5O7/edxi/wMAAMAycvf/Im5psv/1//p//b/+X/+v/9+T/l//P6L/1/8f+f36f/0/22br/3P3/zJuabL/AQAAoIPc/b+KW+x/AAAAWEbu/l/HLfY/AAAALCN3/2/ilib7X/+v/9f/6/8b9v/X3/r30//vS/+v/x/R/+v/j/x+/b/+n21Xrf/PX3CF/X/u/pvilib7HwAAADrI3f/buMX+BwAAgGXk7v9d3GL/AwAAwDJy998ctzTZ//p//f+S/f8N+n/9v+//z0L/r/8f0f/r/4/8fv2//p9ts33/P3f/7+OWJvsfAAAAOsjd/4e4xf4HAACAZeTu/2PcYv8DAADAMnL3/yluabL/9f/6/yX7f9//1//r/6eh/9f/j+j/9f9Hfr/+X//Pttn6/9z9f45bmux/AAAA6CB3/1/iFvsfAAAAlpG7/69xi/0PAAAAy8jd/7e45cL7//xs9PD0//p//b/+X/+v/9+T/l//P6L/1/8f+f36f/0/22br/3P3/z1u8ff/AAAAsIzc/f+IW+x/AAAAWEbu/n/GLfY/AAAALCN3/7/ilib7X/+v/9f/6//1//r/Pen/9f8j+n/9/5Hfr//X/7Nttv4/d/+/AwAA//+foDTn")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0xbd)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x181d011, 0x0, 0x40, 0x0, &(0x7f0000000140))
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000018c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000340)='fd/4\x00')
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
sendfile(r0, r1, 0x0, 0xfffe82)
open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0)

124.822944ms ago: executing program 0 (id=1724):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f00000002c0)={[{@noauto_da_alloc}, {@jqfmt_vfsold}, {@noquota}, {@norecovery}, {}]}, 0x1, 0x4be, &(0x7f0000000540)="$eJzs3ctrW1caAPBPUvyMZ/KYYUgyMAlkIPMglh8MsWdmM6uZWQSGCXTTQuraiutatowlp7EJ1Gl3WXRRWlooXXRZ6D/QbppVQ6F03e5LFiWlTV1oCwUVXUmO/JArGjsC398PbnTuOTf6zrH4jq+OrnUDSK1ztX8yEUMR8UlEHKvvbj3gXP1h48HN6dqWiWr1yleZ5LjafvPQ5v87GhHrEdEfEf//d8QzmZ1xy6tr81PFYmG5sZ+vLCzly6trF+cWpmYLs4XF0YlLk5MTI+Njk/s21tsvP3f78vv/7X33u5fu333lww9q3RpqtLWOYz/Vh94TJ1rqjkTEPw8iWBfkGuMZ6HZH+EVqr99vIuJ8kv/HIpe8mkAaVKvV6o/VvnbN61Xg0Mom58CZ7HBE1MvZ7PBw/Rz+tzGYLZbKlb9eK60sztTPlY9HT/baXLEw0nivcDx6MrX90aT8cH9s2/54RHIO/GpuINkfni4VZx7vVAdsc3Rb/n+bq+c/kBLe8kN6yX9IL/kP6SX/Ib3kP6SX/If0kv+QXvIf0kv+Q3rJf0gv+Q+p9L/Ll2tbtfn37zPXV1fmS9cvzhTK88MLK9PD06XlGJ4t9b3X2fMVS6Wl0b/Fyo18pVCu5Mura1cXSiuLlatzC1OzvVHoOeDxAJ07cfbOZ5mIWP/7QLLV9Dba5CocbtUX6t8BAKRPrtsTENA1lv4gvbzHB3b5it4t+ts1LD1S1J8LCxygbLc7AHTNhdM+/4O0sv4P6WX9H9Jr6zm+swFIo+6s/wPdZP0f0muo5f4/mZb7f/2q5d5dIxHx64j4NNfT17zXF3AYZL/INHL/wrE/Dm1v7c18nywK9EbE829eef3GVKWyPFqr/3qzvvJGvb63G90HOpbk71jj0S9yAEi1jQc3p5vbZuXxg4/75b/qFyHsjH+ksTbZn3xGObiR2XKtQmafrl1YvxURp3aLn2nc77z+ycfgRm5H/JONx0z9KZL+Hknum/4o8e+902n80y3x/9AS/8wj/1QgHe7U5p+R3fI/m+R0bObf1vlnaJ+uj24//2U3579cm/nvbIcxnn3rxXtt49+KOLNr/Ga8/iTW9vi1vl3oMP79p574Xbu26tv159ktflOtlK8sLOXLq2sX5xamZguzhcXRiUuTkxMj42OT+WSNOt9cqd7pH6c+vrvX+AfbxN9r/LW6P3c4/h9+/9GT5/aI/6fzu7/+J/eIPxARf+kw/jdjnz/drq0Wf6bN+LPb47cs8NXqxjuMX37tP30dHgoAPAbl1bX5qWKxsKygoKCwWej2zAQctIdJ3+2eAAAAAAAAAAAAAJ16HJcTd3uMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACHwU8BAAD//zAx0oQ=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='.\x00', 0x0, 0x0)
r1 = openat(r0, &(0x7f0000000040)='.\x00', 0x0, 0x0)
openat(r1, &(0x7f00000000c0)='.\x00', 0x515401, 0x408)
rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='./file2\x00')

114.39006ms ago: executing program 2 (id=1725):
syz_mount_image$squashfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00'], 0x1, 0x1a1, &(0x7f0000000440)="$eJzs0L9rE2Ecx/H393me/FCpEhWHChqweJ5U86Pq4GJwipADBxfBoCGNTTFR08tgS8UuUpBqZzed6iiCjqLgXBwEBz2XbtIMncRBIpd7Iv4PfV5w97nvc3fPj2877IUZ4M/OcpMKI5r9fEYwwCVJxpRK8p2tf9pcT4LLtl6z+crmZLi4dKfR6bQW8hfz5OKB4aPkVX68Hv++CRVHFAOhgnzdWW425FbAsEJXzQbkapx+iq7T858xaSY4fBPN0FvjiqInXg0OFPrd+4VwcenMfLcx15pr3S2XZy4UzxWL58uF2/OdVvEt4j8RxYt4fwGZgD3+Q1J1Hm+avWpaEL+tIh08h3Sd9U196sT0AOVvM0T44A3IfDftvLrGSbI34gNVOSS8RO+zhzGMFqpmuKreSMl8Mb9SiuyK1meb9zqzq9eV/E5vVGQ7K6UtUl4KKDETt4aDfGQ1YiqiGrERsfWD42L+76tZie+vbXWUY5DmQaPfXyil4ZN4AeX4ysHEaDoVMFWL9/ne/mODb+MHx3Ecx3Ecx3EcZxf4GwAA//8kH13Y")

5.865266ms ago: executing program 0 (id=1726):
r0 = syz_open_dev$vbi(&(0x7f0000000140), 0x0, 0x2)
ioctl$VIDIOC_G_FREQUENCY(r0, 0xc02c5638, &(0x7f00000002c0)={0x0, 0x5, 0x9c})

5.62665ms ago: executing program 0 (id=1727):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f00000000c0)=[@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x22}}], 0x10)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000180)=[{&(0x7f00000004c0)="99", 0x1}], 0x1}, 0x4048043)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='macvlan1\x00', 0x10)
r2 = socket(0xa, 0x5, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000200)=[@in={0x2, 0x4e24, @local}], 0x10)
sendto$inet6(r2, &(0x7f0000000040)='\x00', 0x1, 0x44004, &(0x7f0000000100)={0xa, 0x4e24, 0xb, @loopback, 0xc5f}, 0x1c)

0s ago: executing program 2 (id=1728):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r5=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000280)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010028bd7040010000000f00000005002e000000000008000300", @ANYRES32=r5, @ANYBLOB="05002f"], 0x2c}}, 0x18)

kernel console output (not intermixed with test programs):

yz
[  112.873003][    T9] usb 2-1: SerialNumber: syz
[  112.880846][    T9] usb 2-1: config 0 descriptor??
[  112.917960][ T6999] loop0: detected capacity change from 0 to 8192
[  113.104740][    T9] usb 2-1: USB disconnect, device number 10
[  114.036967][ T7008] netlink: 'syz.1.471': attribute type 29 has an invalid length.
[  114.044586][ T7008] netlink: 'syz.1.471': attribute type 29 has an invalid length.
[  114.169166][ T5724] f81534 3-1:0.12: f81534_get_register: reg: 1003 failed: -71
[  114.176034][ T7010] loop1: detected capacity change from 0 to 1024
[  114.179407][ T5724] f81534 3-1:0.12: f81534_find_config_idx: read failed: -71
[  114.191124][ T5724] f81534 3-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  114.193363][ T7010] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=1
[  114.199934][ T5724] f81534 3-1:0.12: probe with driver f81534 failed with error -71
[  114.210063][ T7010] EXT4-fs warning (device loop1): ext4_enable_quotas:7269: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix.
[  114.221737][ T7010] EXT4-fs (loop1): mount failed
[  114.231695][ T5724] usb 3-1: USB disconnect, device number 9
[  114.754923][ T7025] loop1: detected capacity change from 0 to 4096
[  114.761034][ T7025] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  114.777540][ T7025] ntfs3(loop1): ino=19, mi_enum_attr
[  114.779853][ T7025] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  114.801383][ T5724] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  114.974119][ T5724] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  114.977698][ T5724] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  114.980907][ T5724] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[  114.989566][ T5724] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  114.996778][ T5724] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  114.999918][ T5724] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  115.003387][ T5724] usb 1-1: Product: syz
[  115.005213][ T5724] usb 1-1: Manufacturer: syz
[  115.012767][ T5724] cdc_wdm 1-1:1.0: skipping garbage
[  115.014732][ T5724] cdc_wdm 1-1:1.0: invalid descriptor buffer length
[  115.017437][ T5724] cdc_wdm 1-1:1.0: probe with driver cdc_wdm failed with error -22
[  115.059174][ T7036] loop2: detected capacity change from 0 to 32768
[  115.112913][ T7036] ERROR: (device loop2): diWrite: ixpxd invalid
[  115.112913][ T7036] 
[  115.134189][ T7036] ERROR: (device loop2): remounting filesystem as read-only
[  115.136644][ T7036] ERROR: (device loop2): txCommit: 
[  115.136644][ T7036] 
[  115.218721][ T5724] usb 1-1: USB disconnect, device number 13
[  115.447511][ T7055] loop2: detected capacity change from 0 to 128
[  115.491343][ T7055] vxfs: unable to read olt
[  115.710706][ T5692] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  115.862508][ T5692] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  115.865759][ T5692] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  115.868561][ T5692] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.873199][ T5692] usb 2-1: config 0 descriptor??
[  115.881905][ T5692] pwc: Askey VC010 type 2 USB webcam detected.
[  115.900560][ T5724] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  116.050537][ T5724] usb 3-1: Using ep0 maxpacket: 32
[  116.057229][ T5724] usb 3-1: unable to get BOS descriptor or descriptor too short
[  116.062105][ T5724] usb 3-1: config 1 interface 0 altsetting 58 endpoint 0x81 has an invalid bInterval 127, changing to 10
[  116.066329][ T5724] usb 3-1: config 1 interface 0 has no altsetting 0
[  116.071480][ T5724] usb 3-1: New USB device found, idVendor=056e, idProduct=010c, bcdDevice= 0.40
[  116.074964][ T5724] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  116.078000][ T5724] usb 3-1: Product: syz
[  116.079619][ T5724] usb 3-1: Manufacturer: syz
[  116.081790][ T5724] usb 3-1: SerialNumber: syz
[  116.085250][ T5692] pwc: send_video_command error -71
[  116.087190][ T5692] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  116.091212][ T5692] Philips webcam 2-1:0.0: probe with driver Philips webcam failed with error -71
[  116.103776][ T5692] usb 2-1: USB disconnect, device number 11
[  117.121237][ T5669] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  117.127836][ T5724] elecom 0003:056E:010C.0001: invalid report_size -1306074948
[  117.130203][ T5724] elecom 0003:056E:010C.0001: item 0 4 1 7 parsing failed
[  117.133923][ T5724] elecom 0003:056E:010C.0001: probe with driver elecom failed with error -22
[  117.283036][ T5669] usb 1-1: config 160 has an invalid interface number: 200 but max is 0
[  117.286434][ T5669] usb 1-1: config 160 has an invalid descriptor of length 0, skipping remainder of the config
[  117.290215][ T5669] usb 1-1: config 160 has no interface number 0
[  117.292712][ T5669] usb 1-1: config 160 interface 200 altsetting 30 endpoint 0x8 has an invalid bInterval 0, changing to 7
[  117.296873][ T5669] usb 1-1: config 160 interface 200 altsetting 30 endpoint 0x8 has invalid wMaxPacketSize 0
[  117.300851][ T5669] usb 1-1: config 160 interface 200 has no altsetting 0
[  117.305721][ T5669] usb 1-1: New USB device found, idVendor=21bb, idProduct=2070, bcdDevice=87.0b
[  117.309102][ T5669] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.312145][ T5669] usb 1-1: Product: syz
[  117.314978][ T5669] usb 1-1: Manufacturer: syz
[  117.316776][ T5669] usb 1-1: SerialNumber: syz
[  117.327991][ T5692] usb 3-1: USB disconnect, device number 10
[  117.532727][ T5669] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  117.535047][ T5669] usb 1-1: MIDIStreaming interface descriptor not found
[  117.569167][ T5669] usb 1-1: USB disconnect, device number 14
[  117.609287][ T5615] udevd[5615]: setting mode of /dev/snd/controlC3 to 020660 failed: No such file or directory
[  117.616174][ T5615] udevd[5615]: setting owner of /dev/snd/controlC3 to uid=0, gid=29 failed: No such file or directory
[  117.898078][ T7087] loop1: detected capacity change from 0 to 32768
[  117.914147][ T7087] JBD2: Ignoring recovery information on journal
[  117.963322][ T7087] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  118.061887][ T5616] ocfs2: Unmounting device (7,1) on (node local)
[  118.123891][ T5669] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  118.166314][ T7095] netlink: 'syz.0.510': attribute type 11 has an invalid length.
[  118.282123][ T5669] usb 3-1: Using ep0 maxpacket: 32
[  118.290193][ T5669] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  118.295328][ T5669] usb 3-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  118.303889][ T5669] usb 3-1: config 0 interface 0 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  118.314350][ T5669] usb 3-1: config 0 interface 0 has no altsetting 0
[  118.318080][ T5669] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1c09, bcdDevice= 0.00
[  118.324768][ T5669] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.335564][ T5669] usb 3-1: config 0 descriptor??
[  118.398453][ T7107] loop1: detected capacity change from 0 to 8192
[  118.448509][ T7107]  loop1: p1 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 p216 p217 p218 p219 p220 p221 p222 p223 p224 p225 p22
[  118.464268][ T7107] loop1: p2 start 2919235584 is beyond EOD, truncated
[  118.652131][ T7111] loop0: detected capacity change from 0 to 32768
[  118.656122][ T7111] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.517 (7111)
[  118.663604][ T7111] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  118.667099][ T7111] BTRFS info (device loop0): using sha256 checksum algorithm
[  118.772184][ T7111] BTRFS info (device loop0): rebuilding free space tree
[  118.784841][ T5669] hid (null): unknown global tag 0xc
[  118.787363][ T7111] BTRFS info (device loop0): enabling ssd optimizations
[  118.789598][ T7111] BTRFS info (device loop0): using spread ssd allocation scheme
[  118.790040][ T5669] corsair-psu 0003:1B1C:1C09.0002: unknown global tag 0xc
[  118.793928][ T7111] BTRFS info (device loop0): enabling free space tree
[  118.797126][ T7111] BTRFS info (device loop0): force clearing of disk cache
[  118.799199][ T7111] BTRFS info (device loop0): enabling auto defrag
[  118.800181][ T5669] corsair-psu 0003:1B1C:1C09.0002: item 0 1 1 12 parsing failed
[  118.801407][ T7111] BTRFS info (device loop0): max_inline set to 0
[  118.805843][ T5669] corsair-psu 0003:1B1C:1C09.0002: probe with driver corsair-psu failed with error -22
[  118.901099][ T5611] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  118.998854][ T5669] usb 3-1: USB disconnect, device number 11
[  119.576985][ T7140] netlink: 12 bytes leftover after parsing attributes in process `syz.2.525'.
[  121.238606][ T7161] loop2: detected capacity change from 0 to 8
[  121.276720][ T7163] netlink: 'syz.0.534': attribute type 1 has an invalid length.
[  121.280332][ T7163] netlink: 244 bytes leftover after parsing attributes in process `syz.0.534'.
[  121.282144][ T7161] unable to read xattr id index table
[  121.283681][ T7163] NCSI netlink: No device for ifindex 0
[  121.417513][ T7167] loop2: detected capacity change from 0 to 4096
[  121.485330][ T5808] udevd[5808]: inotify_add_watch(7, /dev/loop1p5, 10) failed: No such file or directory
[  121.494177][ T5614] udevd[5614]: inotify_add_watch(7, /dev/loop1p6, 10) failed: No such file or directory
[  121.497041][ T7085] udevd[7085]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  121.502974][ T6114] udevd[6114]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  121.512468][ T5615] udevd[5615]: inotify_add_watch(7, /dev/loop1p7, 10) failed: No such file or directory
[  121.513903][ T5625] udevd[5625]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  121.533811][ T7170] loop0: detected capacity change from 0 to 2048
[  121.543181][ T7170] EXT4-fs: Ignoring removed mblk_io_submit option
[  121.612574][ T7170] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.653032][ T7175] udevd[7175]: inotify_add_watch(7, /dev/loop1p10, 10) failed: No such file or directory
[  121.669407][ T5625] udevd[5625]: inotify_add_watch(7, /dev/loop1p14, 10) failed: No such file or directory
[  121.790913][ T7170] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.537: bg 0: block 234: padding at end of block bitmap is not set
[  121.800775][ T7170] EXT4-fs (loop0): Remounting filesystem read-only
[  121.804031][ T7170] EXT4-fs warning (device loop0): ext4_xattr_inode_lookup_create:1609: inode #18: comm syz.0.537: cleanup dec ref error -117
[  121.835264][ T7186] netlink: 'syz.1.540': attribute type 10 has an invalid length.
[  122.002563][ T7188] netlink: 3 bytes leftover after parsing attributes in process `syz.2.539'.
[  122.040313][ T5611] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.204817][ T7197] loop1: detected capacity change from 0 to 8
[  122.242688][ T7197] SQUASHFS error: xz decompression failed, data probably corrupt
[  122.260031][ T7197] SQUASHFS error: Failed to read block 0x108: -5
[  122.265914][ T7197] SQUASHFS error: Unable to read metadata cache entry [106]
[  122.268279][ T7197] SQUASHFS error: Unable to read inode 0x11f
[  122.411670][ T7201] binder: 7200:7201 ioctl c0306201 0 returned -14
[  122.902811][ T7085] udevd[7085]: inotify_add_watch(7, /dev/loop1p153, 10) failed: No such file or directory
[  122.950168][ T7177] udevd[7177]: inotify_add_watch(7, /dev/loop1p160, 10) failed: No such file or directory
[  122.955673][ T5808] udevd[5808]: inotify_add_watch(7, /dev/loop1p162, 10) failed: No such file or directory
[  122.955957][ T7173] udevd[7173]: inotify_add_watch(7, /dev/loop1p156, 10) failed: No such file or directory
[  122.960060][ T7176] udevd[7176]: inotify_add_watch(7, /dev/loop1p159, 10) failed: No such file or directory
[  122.968257][ T7178] udevd[7178]: inotify_add_watch(7, /dev/loop1p163, 10) failed: No such file or directory
[  122.978031][ T5625] udevd[5625]: inotify_add_watch(7, /dev/loop1p157, 10) failed: No such file or directory
[  122.982836][ T7175] udevd[7175]: inotify_add_watch(7, /dev/loop1p161, 10) failed: No such file or directory
[  122.987860][ T7172] udevd[7172]: inotify_add_watch(7, /dev/loop1p164, 10) failed: No such file or directory
[  122.990105][ T6114] udevd[6114]: inotify_add_watch(7, /dev/loop1p158, 10) failed: No such file or directory
[  123.418424][ T7221] loop2: detected capacity change from 0 to 128
[  123.641299][ T7226] loop1: detected capacity change from 0 to 512
[  123.647015][ T7226] EXT4-fs: Ignoring removed mblk_io_submit option
[  123.649620][ T7226] ext3: Unknown parameter 'context'
[  124.109010][ T7223] loop0: detected capacity change from 0 to 16384
[  124.270623][    T9] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  124.406381][ T7231] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  124.479389][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  124.494653][    T9] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  124.497944][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.504569][    T9] usb 3-1: config 0 descriptor??
[  125.024416][ T7235] loop1: detected capacity change from 0 to 2048
[  125.033543][ T7235] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  125.066024][    T9] keytouch 0003:0926:3333.0003: fixing up Keytouch IEC report descriptor
[  125.158562][    T9] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0003/input/input6
[  125.314530][    T9] keytouch 0003:0926:3333.0003: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0
[  125.380683][   T24] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  125.436154][ T5724] usb 3-1: USB disconnect, device number 12
[  125.582492][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  125.599090][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  125.613442][   T24] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  125.618790][   T24] usb 1-1: New USB device found, idVendor=054c, idProduct=09cc, bcdDevice= 0.00
[  125.630889][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.673072][   T24] usb 1-1: config 0 descriptor??
[  126.125495][ T7244] loop2: detected capacity change from 0 to 512
[  126.136151][   T24] playstation 0003:054C:09CC.0004: hidraw0: USB HID vff.fd Device [HID 054c:09cc] on usb-dummy_hcd.0-1/input0
[  126.176054][ T7244] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  126.210561][ T7244] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #15: comm syz.2.562: iget: bad i_size value: 38620345925642
[  126.214512][ T7244] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  126.215339][ T7244] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.562: couldn't read orphan inode 15 (err -117)
[  126.221796][    C1] EXT4-fs (loop2): error count since last fsck: 1
[  126.221808][    C1] EXT4-fs (loop2): initial error at time 1778444983: ext4_orphan_get:1397: inode 15
[  126.221823][    C1] EXT4-fs (loop2): last error at time 1778444983: ext4_orphan_get:1397: inode 15
[  126.235841][ T7244] loop2: lost filesystem error report for type 5 error -117
[  126.241447][ T7244] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  126.281495][ T7244] Invalid argument reading file caps for ./file0
[  126.303382][   T24] playstation 0003:054C:09CC.0004: Failed to retrieve feature with reportID 18: -71
[  126.306387][   T24] playstation 0003:054C:09CC.0004: Failed to retrieve DualShock4 pairing info: -71
[  126.311837][   T24] playstation 0003:054C:09CC.0004: Failed to get MAC address from DualShock4
[  126.314523][   T24] playstation 0003:054C:09CC.0004: Failed to create dualshock4.
[  126.336945][   T24] playstation 0003:054C:09CC.0004: probe with driver playstation failed with error -71
[  126.345136][ T1116] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm kworker/u9:7: bg 0: block 5: invalid block bitmap
[  126.346343][   T24] usb 1-1: USB disconnect, device number 15
[  126.388741][ T1116] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  126.393482][ T1116] EXT4-fs (loop2): This should not happen!! Data will be lost
[  126.393482][ T1116] 
[  126.396715][ T1116] EXT4-fs (loop2): Total free blocks count 0
[  126.398535][ T1116] EXT4-fs (loop2): Free/Dirty block details
[  126.404241][ T1116] EXT4-fs (loop2): free_blocks=0
[  126.406317][ T1116] EXT4-fs (loop2): dirty_blocks=1
[  126.408271][ T1116] EXT4-fs (loop2): Block reservation details
[  126.411404][ T1116] EXT4-fs (loop2): i_reserved_data_blocks=1
[  126.427835][ T5619] EXT4-fs warning (device loop2): ext4_evict_inode:195: inode #18: comm syz-executor: data will be lost
[  126.444182][ T5619] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.906150][   T33] audit: type=1326 audit(1778444984.282:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7253 comm="syz.2.566" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb90b9cdd9 code=0x7ffc0000
[  126.923262][   T33] audit: type=1326 audit(1778444984.282:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7253 comm="syz.2.566" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb90b9cdd9 code=0x7ffc0000
[  126.929832][   T33] audit: type=1326 audit(1778444984.282:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7253 comm="syz.2.566" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb90b9cdd9 code=0x7ffc0000
[  126.937736][   T33] audit: type=1326 audit(1778444984.282:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7253 comm="syz.2.566" exe="/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7fbb90b9cdd9 code=0x7ffc0000
[  126.955866][   T33] audit: type=1326 audit(1778444984.282:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7253 comm="syz.2.566" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb90b9cdd9 code=0x7ffc0000
[  126.976941][   T33] audit: type=1326 audit(1778444984.282:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7253 comm="syz.2.566" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb90b9cdd9 code=0x7ffc0000
[  126.993802][   T33] audit: type=1326 audit(1778444984.282:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7253 comm="syz.2.566" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb90b9cdd9 code=0x7ffc0000
[  127.003553][   T33] audit: type=1326 audit(1778444984.282:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7253 comm="syz.2.566" exe="/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fbb90b9cdd9 code=0x7ffc0000
[  127.021251][   T33] audit: type=1326 audit(1778444984.282:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7253 comm="syz.2.566" exe="/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fbb90b9cdd9 code=0x7ffc0000
[  127.406192][ T7265] loop1: detected capacity change from 0 to 32768
[  127.416940][ T7265] (syz.1.570,7265,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  127.442990][ T7265] (syz.1.570,7265,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  127.467444][ T7265] JBD2: Ignoring recovery information on journal
[  127.523795][ T7265] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  127.657072][ T5616] ocfs2: Unmounting device (7,1) on (node local)
[  127.864423][ T7290] loop1: detected capacity change from 0 to 1024
[  127.903115][ T7290] hfsplus: failed to load extents file
[  128.032288][    T9] usb 3-1: new low-speed USB device number 13 using dummy_hcd
[  128.203635][    T9] usb 3-1: config 0 has an invalid interface number: 210 but max is 0
[  128.210826][    T9] usb 3-1: config 0 has no interface number 0
[  128.213464][    T9] usb 3-1: config 0 interface 210 altsetting 227 endpoint 0xD is Bulk; changing to Interrupt
[  128.220333][    T9] usb 3-1: config 0 interface 210 altsetting 227 endpoint 0xF is Bulk; changing to Interrupt
[  128.225076][    T9] usb 3-1: config 0 interface 210 has no altsetting 0
[  128.240296][    T9] usb 3-1: string descriptor 0 read error: -22
[  128.243285][    T9] usb 3-1: New USB device found, idVendor=05ac, idProduct=921c, bcdDevice=99.e1
[  128.256122][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  128.266504][    T9] usb 3-1: config 0 descriptor??
[  128.268661][ T7286] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  128.271385][ T7286] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  128.276552][ T7304] loop0: detected capacity change from 0 to 256
[  128.277617][    T9] appledisplay 3-1:0.210: Could not find int-in endpoint
[  128.282218][    T9] usbhid 3-1:0.210: couldn't find an input interrupt endpoint
[  128.305214][ T7306] loop1: detected capacity change from 0 to 256
[  128.323017][ T7304] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d)
[  128.324450][ T7306] FAT-fs (loop1): Directory bread(block 64) failed
[  128.328485][ T7306] FAT-fs (loop1): Directory bread(block 65) failed
[  128.330571][ T7306] FAT-fs (loop1): Directory bread(block 66) failed
[  128.332753][ T7306] FAT-fs (loop1): Directory bread(block 67) failed
[  128.334757][ T7306] FAT-fs (loop1): Directory bread(block 68) failed
[  128.336784][ T7306] FAT-fs (loop1): Directory bread(block 69) failed
[  128.338821][ T7306] FAT-fs (loop1): Directory bread(block 70) failed
[  128.342284][ T7306] FAT-fs (loop1): Directory bread(block 71) failed
[  128.344488][ T7306] FAT-fs (loop1): Directory bread(block 72) failed
[  128.348763][ T7306] FAT-fs (loop1): Directory bread(block 73) failed
[  128.446888][ T7310] netlink: 24 bytes leftover after parsing attributes in process `syz.1.592'.
[  128.449635][ T7310] netlink: 24 bytes leftover after parsing attributes in process `syz.1.592'.
[  128.486386][    T9] usb 3-1: USB disconnect, device number 13
[  128.776685][ T7325] loop0: detected capacity change from 0 to 64
[  128.829702][ T7327] loop1: detected capacity change from 0 to 256
[  129.249019][ T7332] vivid-003: disconnect
[  129.254236][ T7329] vivid-003: reconnect
[  129.486837][ T7344] program syz.2.607 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  129.708741][ T7340] loop1: detected capacity change from 0 to 32768
[  129.723135][ T7340] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.605 (7340)
[  129.766091][ T7340] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  129.784984][ T7340] BTRFS info (device loop1): using sha256 checksum algorithm
[  129.893378][ T7340] BTRFS info (device loop1): enabling ssd optimizations
[  129.904375][ T7340] BTRFS info (device loop1): turning on async discard
[  129.927851][ T7340] BTRFS info (device loop1): enabling free space tree
[  129.977193][ T5616] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  130.006349][ T7372] loop2: detected capacity change from 0 to 512
[  130.012756][ T7372] EXT4-fs: Ignoring removed nobh option
[  130.021274][ T7372] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  130.143428][ T7372] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2860: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  130.199885][ T7372] EXT4-fs (loop2): 1 truncate cleaned up
[  130.208486][ T7372] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.224085][ T7378] overlayfs: failed to resolve './file0': -2
[  130.294778][   T33] audit: type=1800 audit(1778444987.662:16): pid=7372 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.613" name="file2" dev="loop2" ino=16 res=0 errno=0
[  130.412700][ T5619] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.523915][ T7388] loop1: detected capacity change from 0 to 4096
[  130.559152][ T7388] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  130.564606][ T7388] NILFS (loop1): mounting unchecked fs
[  130.572579][ T7388] NILFS (loop1): recovery required for readonly filesystem
[  130.575277][ T7388] NILFS (loop1): write access will be enabled during recovery
[  130.624123][ T7388] NILFS (loop1): norecovery option specified, skipping roll-forward recovery
[  131.279815][ T7430] loop2: detected capacity change from 0 to 512
[  131.285678][ T7430] EXT4-fs: Ignoring removed orlov option
[  131.293723][ T7430] EXT4-fs (loop2): Test dummy encryption mode enabled
[  131.315852][ T7430] EXT4-fs (loop2): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.387562][ T7430] EXT4-fs (loop2): re-mounted 00000005-0000-0000-0000-000000000000.
[  131.456056][ T5619] EXT4-fs (loop2): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  131.514311][    T9] libceph: connect (1)[c::]:6789 error -101
[  131.532881][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  131.586322][    T9] libceph: connect (1)[c::]:6789 error -101
[  131.597548][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  131.618337][ T7443] overlayfs: failed to clone upperpath
[  131.864385][    T9] libceph: connect (1)[c::]:6789 error -101
[  131.866977][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  131.897767][ T7431] ceph: No mds server is up or the cluster is laggy
[  132.152641][ T7441] loop2: detected capacity change from 0 to 131072
[  132.157183][ T7441] F2FS-fs (loop2): Invalid log sectorsize (67108873)
[  132.159839][ T7441] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  132.176536][ T7441] F2FS-fs (loop2): invalid crc value
[  132.235258][ T7441] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  132.248471][ T7441] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  132.251289][ T7441] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  132.274171][ T7462] bond1: option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[  132.305744][ T7462] bond1 (unregistering): Released all slaves
[  133.462836][ T7485] capability: warning: `syz.2.646' uses 32-bit capabilities (legacy support in use)
[  133.581023][ T5724] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  133.760540][ T5724] usb 2-1: Using ep0 maxpacket: 8
[  133.764720][ T5724] usb 2-1: unable to get BOS descriptor or descriptor too short
[  133.768804][ T5724] usb 2-1: config 2 has an invalid interface number: 76 but max is 0
[  133.771704][ T5724] usb 2-1: config 2 has no interface number 0
[  133.774481][ T5724] usb 2-1: config 2 interface 76 has no altsetting 0
[  133.779485][ T5724] usb 2-1: New USB device found, idVendor=1943, idProduct=2250, bcdDevice= 0.01
[  133.782339][ T5724] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  133.784894][ T5724] usb 2-1: Product: syz
[  133.786158][ T5724] usb 2-1: Manufacturer: syz
[  133.787681][ T5724] usb 2-1: SerialNumber: syz
[  134.012066][ T5724] go7007 2-1:2.76: Sensoray 2250 found
[  134.015615][ T5724] go7007 2-1:2.76: probe with driver go7007 failed with error -12
[  134.022830][ T5724] usb 2-1: USB disconnect, device number 12
[  134.467346][ T7498] loop2: detected capacity change from 0 to 32768
[  134.678679][ T7505] Bluetooth: MGMT ver 1.23
[  135.284612][ T7515] loop2: detected capacity change from 0 to 131072
[  135.290231][ T7515] F2FS-fs (loop2): Wrong CP boundary, start(512) end(1536) blocks(0)
[  135.293256][ T7515] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  135.297255][ T7515] F2FS-fs (loop2): invalid crc value
[  135.343200][ T7515] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  135.353846][ T7515] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  135.356479][ T7515] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  135.381042][ T7531] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  136.005280][ T7545] loop1: detected capacity change from 0 to 32768
[  136.245558][ T7571] loop2: detected capacity change from 0 to 1764
[  136.273837][ T7571] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  136.444404][ T7580] netlink: 88 bytes leftover after parsing attributes in process `syz.0.696'.
[  136.450608][ T5669] usb 2-1: new full-speed USB device number 13 using dummy_hcd
[  136.602469][ T5669] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  136.611986][ T5669] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 1023, setting to 64
[  136.620025][ T5669] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1023, setting to 64
[  136.633577][ T5669] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 2015, setting to 64
[  136.637947][ T5669] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0xC has invalid maxpacket 512, setting to 64
[  136.648104][ T5669] usb 2-1: config 1 interface 0 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 6
[  136.657119][ T5669] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice= 0.40
[  136.661112][ T5669] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.664205][ T5669] usb 2-1: Product: syz
[  136.666956][ T5669] usb 2-1: Manufacturer: syz
[  136.668812][ T5669] usb 2-1: SerialNumber: syz
[  136.675903][ T7567] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  136.886589][ T5669] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  136.889205][ T5669] usb 2-1: MIDIStreaming interface descriptor not found
[  137.277795][ T5669] usb 2-1: USB disconnect, device number 13
[  137.375498][ T7085] udevd[7085]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  137.622598][ T7609] overlayfs: failed to clone upperpath
[  137.816217][ T7611] loop1: detected capacity change from 0 to 32768
[  137.846450][ T7611] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  137.863256][ T7611] XFS (loop1): Ending clean mount
[  137.870152][ T7611] XFS (loop1): Quotacheck needed: Please wait.
[  137.930183][ T7611] XFS (loop1): Quotacheck: Done.
[  137.970579][ T5678] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  138.202666][   T33] audit: type=1800 audit(1778444995.542:17): pid=7633 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.711" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop1" ino=4429 res=0 errno=0
[  138.253649][ T1379] ieee802154 phy0 wpan0: encryption failed: -22
[  138.256372][ T1379] ieee802154 phy1 wpan1: encryption failed: -22
[  138.272748][ T5678] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  138.282564][ T5678] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  138.287827][ T5678] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  138.296784][ T5678] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  138.300671][ T5678] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.314760][ T5678] usb 3-1: config 0 descriptor??
[  138.604663][ T5616] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  138.819887][ T5678] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  138.869661][ T7653] loop1: detected capacity change from 0 to 1024
[  138.948641][ T7653] hfsplus: xattr search failed
[  139.166729][ T7668] loop1: detected capacity change from 0 to 128
[  139.460584][ T5678] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  139.610546][ T5678] usb 2-1: Using ep0 maxpacket: 32
[  139.614972][ T5678] usb 2-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  139.618474][ T5678] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.625008][ T5678] usb 2-1: config 0 descriptor??
[  139.834207][ T5678] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  139.845357][ T5678] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  139.850654][ T5678] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  139.856246][ T5678] usb 2-1: media controller created
[  139.868256][ T5678] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  140.048254][ T5678] az6027: usb out operation failed. (-71)
[  140.052921][ T5678] az6027: usb out operation failed. (-71)
[  140.054941][ T5678] stb0899_attach: Driver disabled by Kconfig
[  140.057066][ T5678] az6027: no front-end attached
[  140.057066][ T5678] 
[  140.059450][ T5678] az6027: usb out operation failed. (-71)
[  140.061988][ T5678] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  140.065370][ T5678] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input7
[  140.094975][ T5678] dvb-usb: schedule remote query interval to 400 msecs.
[  140.098642][ T5678] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  140.106887][ T5678] usb 2-1: USB disconnect, device number 14
[  140.486856][ T5678] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  140.678831][ T7684] loop2: detected capacity change from 0 to 8192
[  140.950976][    T9] usb 3-1: USB disconnect, device number 14
[  141.083221][ T5678] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  141.098358][ T7700] netlink: 24 bytes leftover after parsing attributes in process `syz.2.746'.
[  141.181888][ T7707] loop2: detected capacity change from 0 to 128
[  141.198893][ T7707] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x61417272 (sector = 1)
[  141.253537][ T5678] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  141.257850][ T5678] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  141.263317][ T5678] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  141.269847][ T5678] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  141.273421][ T5678] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.278262][ T5678] usb 2-1: Product: syz
[  141.279858][ T5678] usb 2-1: Manufacturer: syz
[  141.283123][ T5678] usb 2-1: SerialNumber: syz
[  141.293380][ T5678] cdc_ncm 2-1:1.0: CDC Union missing and no IAD found
[  141.296115][ T5678] cdc_ncm 2-1:1.0: bind() failure
[  141.325937][ T7710] loop2: detected capacity change from 0 to 4096
[  141.339665][ T7710] ntfs3(loop2): Primary boot: invalid bytes per index 31744(31).
[  141.357564][ T7710] ntfs3(loop2): try to read out of volume at offset 0x1ffe00
[  141.508445][ T5678] usb 2-1: USB disconnect, device number 15
[  141.756789][ T7716] loop2: detected capacity change from 0 to 32768
[  141.766985][ T7716] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.754 (7716)
[  141.815748][ T7722] netlink: 12 bytes leftover after parsing attributes in process `syz.0.757'.
[  141.827324][ T7716] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  141.837957][ T7716] BTRFS info (device loop2): using sha256 checksum algorithm
[  141.955544][ T7716] BTRFS info (device loop2): enabling ssd optimizations
[  141.958280][ T7716] BTRFS info (device loop2): turning on async discard
[  141.961159][ T7716] BTRFS info (device loop2): enabling free space tree
[  141.989012][ T5619] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  142.984353][ T7772] fuse: Bad value for 'fd'
[  143.096342][ T7775] fuse: Bad value for 'fd'
[  143.440682][   T10] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  143.593625][   T10] usb 3-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x6C, changing to 0xC
[  143.598341][   T10] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0xC has an invalid bInterval 0, changing to 7
[  143.603889][   T10] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0xC has invalid maxpacket 8306, setting to 1024
[  143.608158][   T10] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  143.615642][   T10] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  143.619318][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  143.623048][   T10] usb 3-1: SerialNumber: syz
[  143.846682][   T10] usbtest 3-1:1.0: Linux user mode ISO test driver
[  143.852461][   T10] usbtest 3-1:1.0: high-speed {control bulk-in iso-out} tests (+alt)
[  143.890289][   T10] usb 3-1: USB disconnect, device number 15
[  144.174150][ T7799] loop1: detected capacity change from 0 to 32768
[  144.179532][ T7799] jfs_mount: Failed to read FILESYSTEM_I
[  144.182709][ T7799] Mount JFS Failure: -5
[  144.184485][ T7799] jfs_mount failed w/return code = -5
[  144.466394][ T7812] loop1: detected capacity change from 0 to 40427
[  144.475042][ T7812] F2FS-fs (loop1): Wrong segment_count / block_count (64 > 16384)
[  144.478017][ T7812] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  144.543026][ T7812] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  144.563208][ T7812] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  144.565814][ T7812] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  144.606948][ T5616] syz-executor: attempt to access beyond end of device
[  144.606948][ T5616] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  144.618095][ T5616] CPU: 1 UID: 0 PID: 5616 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  144.618125][ T5616] Tainted: [L]=SOFTLOCKUP
[  144.618129][ T5616] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  144.618136][ T5616] Call Trace:
[  144.618141][ T5616]  <TASK>
[  144.618146][ T5616]  dump_stack_lvl+0xe8/0x150
[  144.618164][ T5616]  f2fs_stop_checkpoint+0x3c7/0x590
[  144.618180][ T5616]  f2fs_write_end_io+0x1274/0x1740
[  144.618203][ T5616]  __submit_merged_bio+0x256/0x6a0
[  144.618217][ T5616]  __submit_merged_write_cond+0x3c9/0x4e0
[  144.618230][ T5616]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  144.618275][ T5616]  f2fs_write_data_pages+0x287e/0x34f0
[  144.618288][ T5616]  ? unwind_next_frame+0xa6/0x2550
[  144.618316][ T5616]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  144.618326][ T5616]  ? is_bpf_text_address+0x26/0x2b0
[  144.618342][ T5616]  ? arch_stack_walk+0xfb/0x150
[  144.618366][ T5616]  ? add_lock_to_list+0xc7/0x100
[  144.618379][ T5616]  ? lockdep_unlock+0x5d/0xd0
[  144.618386][ T5616]  ? __lock_acquire+0x146e/0x2cf0
[  144.618408][ T5616]  ? do_raw_spin_lock+0x12b/0x2f0
[  144.618457][ T5616]  ? do_raw_spin_unlock+0x4d/0x210
[  144.618473][ T5616]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  144.618484][ T5616]  do_writepages+0x32e/0x550
[  144.618499][ T5616]  ? do_raw_spin_unlock+0x4d/0x210
[  144.618513][ T5616]  filemap_fdatawrite+0x1e9/0x2f0
[  144.618525][ T5616]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  144.618554][ T5616]  ? do_raw_spin_unlock+0x4d/0x210
[  144.618568][ T5616]  f2fs_sync_dirty_inodes+0x30e/0x830
[  144.618587][ T5616]  f2fs_write_checkpoint+0x9df/0x26a0
[  144.618598][ T5616]  ? __lock_acquire+0x6b5/0x2cf0
[  144.618621][ T5616]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  144.618669][ T5616]  kill_f2fs_super+0x314/0x730
[  144.618698][ T5616]  ? __pfx_kill_f2fs_super+0x10/0x10
[  144.618715][ T5616]  ? lockdep_hardirqs_on+0x7a/0x110
[  144.618733][ T5616]  deactivate_locked_super+0xbc/0x130
[  144.618748][ T5616]  cleanup_mnt+0x437/0x4d0
[  144.618762][ T5616]  ? _raw_spin_unlock_irq+0x23/0x50
[  144.618774][ T5616]  task_work_run+0x1d9/0x270
[  144.618789][ T5616]  ? __pfx_task_work_run+0x10/0x10
[  144.618804][ T5616]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.618814][ T5616]  exit_to_user_mode_loop+0xed/0x480
[  144.618823][ T5616]  ? rcu_is_watching+0x15/0xb0
[  144.618835][ T5616]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.618844][ T5616]  do_syscall_64+0x33e/0xf80
[  144.618856][ T5616]  ? trace_irq_disable+0x3b/0x140
[  144.618873][ T5616]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.618881][ T5616] RIP: 0033:0x7f8af9f9e017
[  144.618893][ T5616] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  144.618901][ T5616] RSP: 002b:00007fff433ecc28 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  144.618912][ T5616] RAX: 0000000000000000 RBX: 00007f8afa032120 RCX: 00007f8af9f9e017
[  144.618918][ T5616] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff433ecce0
[  144.618924][ T5616] RBP: 00007fff433ecce0 R08: 00007fff433edce0 R09: 00000000ffffffff
[  144.618930][ T5616] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff433edd70
[  144.618935][ T5616] R13: 00007f8afa032120 R14: 000000000002345e R15: 00007fff433eddb0
[  144.618949][ T5616]  </TASK>
[  144.619047][ T5616] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  146.227453][ T7847] loop1: detected capacity change from 0 to 128
[  146.247573][ T7847] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  146.259569][ T7847] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  146.983160][  T796] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  147.143758][  T796] usb 2-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  147.146611][  T796] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.166464][  T796] usb 2-1: config 0 descriptor??
[  147.176608][  T796] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  147.264388][ T7825] Set syz1 is full, maxelem 65536 reached
[  148.012524][  T796] usb 2-1: USB disconnect, device number 16
[  149.670698][   T10] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  149.810750][ T5724] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  149.820867][   T10] usb 2-1: Using ep0 maxpacket: 32
[  149.827278][   T10] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[  149.830856][   T10] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  149.834239][   T10] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81
[  149.837806][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  149.842197][   T10] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  149.845847][   T10] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  149.855182][   T10] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  149.858610][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.864614][   T10] usb 2-1: config 0 descriptor??
[  149.967360][ T5724] usb 3-1: config 0 has an invalid interface number: 7 but max is 0
[  149.970318][ T5724] usb 3-1: config 0 has no interface number 0
[  149.973678][ T5724] usb 3-1: config 0 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  149.977315][ T5724] usb 3-1: config 0 interface 7 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  149.990315][ T5724] usb 3-1: New USB device found, idVendor=0458, idProduct=0138, bcdDevice=73.73
[  149.999035][ T5724] usb 3-1: New USB device strings: Mfr=59, Product=239, SerialNumber=0
[  150.003326][ T5724] usb 3-1: Product: syz
[  150.006676][ T5724] usb 3-1: Manufacturer: syz
[  150.013894][ T5724] usb 3-1: config 0 descriptor??
[  150.074713][   T10] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 17 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  150.295503][ T5678] usb 2-1: USB disconnect, device number 17
[  150.312056][ T5678] usblp0: removed
[  150.429533][ T5724] kye 0003:0458:0138.0006: unknown main item tag 0x0
[  150.432316][ T5724] kye 0003:0458:0138.0006: unknown main item tag 0x0
[  150.434966][ T5724] kye 0003:0458:0138.0006: unknown main item tag 0x0
[  150.437507][ T5724] kye 0003:0458:0138.0006: unknown main item tag 0x0
[  150.440006][ T5724] kye 0003:0458:0138.0006: unknown main item tag 0x0
[  150.442979][ T5724] kye 0003:0458:0138.0006: unknown main item tag 0x0
[  150.445608][ T5724] kye 0003:0458:0138.0006: unknown main item tag 0x0
[  150.448097][ T5724] kye 0003:0458:0138.0006: unknown main item tag 0x0
[  150.450636][ T5724] kye 0003:0458:0138.0006: unknown main item tag 0x0
[  150.453241][ T5724] kye 0003:0458:0138.0006: unknown main item tag 0x0
[  150.468069][ T5724] kye 0003:0458:0138.0006: hidraw0: USB HID v7f.fd Device [syz syz] on usb-dummy_hcd.2-1/input7
[  150.635986][ T5678] usb 3-1: USB disconnect, device number 16
[  150.865170][ T7907] vlan2: entered promiscuous mode
[  150.867257][ T7907] syz_tun: entered promiscuous mode
[  150.873874][ T7907] vlan2: entered allmulticast mode
[  150.876144][ T7907] syz_tun: entered allmulticast mode
[  150.881543][   T53] Bluetooth: hci2: command 0x0405 tx timeout
[  151.399843][ T7920] netlink: 8 bytes leftover after parsing attributes in process `syz.1.831'.
[  151.660771][ T5724] usb 3-1: new full-speed USB device number 17 using dummy_hcd
[  151.824410][ T5724] usb 3-1: unable to get BOS descriptor or descriptor too short
[  151.828150][ T5724] usb 3-1: not running at top speed; connect to a high speed hub
[  151.832708][ T5724] usb 3-1: config 2 has an invalid interface number: 7 but max is 0
[  151.836035][ T5724] usb 3-1: config 2 has no interface number 0
[  151.838426][ T5724] usb 3-1: config 2 interface 7 altsetting 4 endpoint 0x8D has invalid maxpacket 1023, setting to 64
[  151.842959][ T5724] usb 3-1: config 2 interface 7 has no altsetting 0
[  151.847606][ T5724] usb 3-1: New USB device found, idVendor=044f, idProduct=8b11, bcdDevice=92.b5
[  151.852630][ T5724] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.855473][ T5724] usb 3-1: Product: syz
[  151.856799][ T5724] usb 3-1: Manufacturer: syz
[  151.858157][ T5724] usb 3-1: SerialNumber: syz
[  151.873032][ T7918] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  152.049265][ T7934] loop1: detected capacity change from 0 to 256
[  152.075699][ T7934] FAT-fs (loop1): Directory bread(block 64) failed
[  152.078722][ T7934] FAT-fs (loop1): Directory bread(block 65) failed
[  152.082629][ T7934] FAT-fs (loop1): Directory bread(block 66) failed
[  152.088673][ T7934] FAT-fs (loop1): Directory bread(block 67) failed
[  152.095477][ T7934] FAT-fs (loop1): Directory bread(block 68) failed
[  152.105814][ T7934] FAT-fs (loop1): Directory bread(block 69) failed
[  152.111127][ T7934] FAT-fs (loop1): Directory bread(block 70) failed
[  152.115820][ T5724] usb 3-1: USB disconnect, device number 17
[  152.119465][ T7934] FAT-fs (loop1): Directory bread(block 71) failed
[  152.124914][ T7934] FAT-fs (loop1): Directory bread(block 72) failed
[  152.127758][ T7934] FAT-fs (loop1): Directory bread(block 73) failed
[  152.229117][ T7940] loop1: detected capacity change from 0 to 1764
[  152.234166][ T7940] ISOFS: Unable to identify CD-ROM format.
[  152.311161][ T7946] ADFS-fs (nbd1): error: unable to read block 3, try 0
[  152.835172][ T7972] input: syz1 as /devices/virtual/input/input8
[  153.003741][ T7982] loop2: detected capacity change from 0 to 256
[  153.016011][ T7982] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x9059ffb0, utbl_chksum : 0xe619d30d)
[  153.074695][ T7978] loop1: detected capacity change from 0 to 32768
[  153.088269][ T7978] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  153.101430][ T7978] XFS (loop1): Ending clean mount
[  153.114887][ T7992] sg_write: data in/out 424924/122 bytes for SCSI command 0x0-- guessing data in;
[  153.114887][ T7992]    program syz.2.865 not setting count and/or reply_len properly
[  153.171742][ T5616] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  153.361456][ T7996] loop2: detected capacity change from 0 to 512
[  153.398090][ T7996] EXT4-fs (loop2): Invalid log cluster size: 458753
[  153.474992][ T7998] netlink: 8 bytes leftover after parsing attributes in process `syz.1.866'.
[  153.797134][ T8013] loop2: detected capacity change from 0 to 2048
[  153.850744][ T8013]  loop2: p1 p2 p3
[  153.850744][ T8013]  p1: <netbsd: (ignored 752 more) >
[  153.856255][ T8013] loop2: p2 size 458752 extends beyond EOD, truncated
[  153.861386][ T8013] loop2: p3 start 65280 is beyond EOD, truncated
[  153.939410][ T7178] udevd[7178]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  153.945119][ T7173] udevd[7173]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  154.011131][ T5678] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  154.086663][ T8026] loop2: detected capacity change from 0 to 128
[  154.115044][ T8026] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  154.119431][ T8026] ext4 filesystem being mounted at /265/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  154.142503][ T5619] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  154.164126][ T5678] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  154.167824][ T5678] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.194529][ T5678] usb 2-1: config 0 descriptor??
[  154.206136][ T5678] cp210x 2-1:0.0: cp210x converter detected
[  154.327809][ T8040] netlink: 7064 bytes leftover after parsing attributes in process `syz.0.888'.
[  154.330886][ T8040] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  154.394405][ T8044] netlink: 'syz.0.890': attribute type 49 has an invalid length.
[  154.449243][ T8048] comedi comedi3: comedi_test: 10 microvolt, 2046 microsecond waveform attached
[  154.567852][ T8054] netlink: 16 bytes leftover after parsing attributes in process `syz.2.895'.
[  154.617928][ T5678] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32
[  154.835685][ T5678] usb 2-1: cp210x converter now attached to ttyUSB0
[  154.840772][    T9] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  154.990616][    T9] usb 3-1: Using ep0 maxpacket: 16
[  154.998320][    T9] usb 3-1: unable to get BOS descriptor or descriptor too short
[  155.003284][    T9] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 127, changing to 7
[  155.008804][    T9] usb 3-1: New USB device found, idVendor=103d, idProduct=0100, bcdDevice= 0.40
[  155.011551][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  155.014012][    T9] usb 3-1: Product: syz
[  155.015186][    T9] usb 3-1: Manufacturer: syz
[  155.016634][    T9] usb 3-1: SerialNumber: syz
[  155.034777][ T5077] usb 2-1: USB disconnect, device number 18
[  155.052051][ T5077] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  155.059948][ T5077] cp210x 2-1:0.0: device disconnected
[  155.228374][    T9] usb 3-1: Audio class v2/v3 interfaces need an interface association
[  155.231970][    T9] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -22
[  155.628991][    T9] usb 3-1: 2:1 : bogus bTerminalLink 6
[  155.932788][    T9] usb 3-1: USB disconnect, device number 18
[  156.000984][ T7173] udevd[7173]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.1/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  156.316855][ T8095] loop1: detected capacity change from 0 to 40427
[  156.320205][ T8095] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  156.324611][ T8095] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  156.328734][ T8095] F2FS-fs (loop1): invalid crc value
[  156.372766][ T8095] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  156.383439][ T8095] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  156.385610][ T8095] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  156.469219][ T8095] overlayfs: failed to create directory ./bus/work (errno: 28); mounting read-only
[  156.485056][ T8124] netlink: 'syz.0.927': attribute type 1 has an invalid length.
[  156.519932][ T5616] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  156.528973][ T5616] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  156.533083][ T5616] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  156.538224][ T5616] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  156.542269][ T5616] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  156.544698][ T5616] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  156.547131][ T5616] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  156.566991][ T5616] syz-executor: attempt to access beyond end of device
[  156.566991][ T5616] loop1: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  156.576908][ T5616] CPU: 1 UID: 0 PID: 5616 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  156.576927][ T5616] Tainted: [L]=SOFTLOCKUP
[  156.576930][ T5616] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  156.576936][ T5616] Call Trace:
[  156.576940][ T5616]  <TASK>
[  156.576945][ T5616]  dump_stack_lvl+0xe8/0x150
[  156.576962][ T5616]  f2fs_stop_checkpoint+0x3c7/0x590
[  156.576978][ T5616]  f2fs_write_end_io+0x1274/0x1740
[  156.577002][ T5616]  __submit_merged_bio+0x256/0x6a0
[  156.577016][ T5616]  f2fs_submit_merged_write+0x284/0x390
[  156.577028][ T5616]  ? __pfx_f2fs_submit_merged_write+0x10/0x10
[  156.577047][ T5616]  f2fs_sync_node_pages+0x11fe/0x13c0
[  156.577067][ T5616]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  156.577098][ T5616]  f2fs_write_checkpoint+0xeb8/0x26a0
[  156.577126][ T5616]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  156.577156][ T5616]  ? down_write+0x16d/0x200
[  156.577169][ T5616]  ? __pfx_down_write+0x10/0x10
[  156.577178][ T5616]  ? uplift_priority+0xdb/0x700
[  156.577187][ T5616]  ? __pfx_folio_mark_accessed+0x10/0x10
[  156.577204][ T5616]  f2fs_issue_checkpoint+0x456/0x790
[  156.577221][ T5616]  ? __pfx_f2fs_issue_checkpoint+0x10/0x10
[  156.577232][ T5616]  ? from_kgid+0x1ca/0x660
[  156.577263][ T5616]  ? f2fs_sync_fs+0x1f0/0x3c0
[  156.577274][ T5616]  f2fs_unlink+0x653/0xad0
[  156.577287][ T5616]  ? __pfx_f2fs_unlink+0x10/0x10
[  156.577297][ T5616]  ? __pfx_f2fs_empty_dir+0x10/0x10
[  156.577307][ T5616]  ? down_write+0x16d/0x200
[  156.577325][ T5616]  vfs_rmdir+0x3fd/0x6e0
[  156.577375][ T5616]  filename_rmdir+0x292/0x520
[  156.577387][ T5616]  ? __pfx_filename_rmdir+0x10/0x10
[  156.577400][ T5616]  ? do_getname+0x151/0x250
[  156.577427][ T5616]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.577437][ T5616]  __se_sys_unlinkat+0x71/0x1a0
[  156.577447][ T5616]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.577456][ T5616]  do_syscall_64+0x15f/0xf80
[  156.577467][ T5616]  ? trace_irq_disable+0x3b/0x140
[  156.577484][ T5616]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.577492][ T5616] RIP: 0033:0x7f8af9f9bef7
[  156.577502][ T5616] Code: 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  156.577510][ T5616] RSP: 002b:00007fff433eaa48 EFLAGS: 00000207 ORIG_RAX: 0000000000000107
[  156.577520][ T5616] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007f8af9f9bef7
[  156.577526][ T5616] RDX: 0000000000000200 RSI: 00007fff433ebbf0 RDI: 00000000ffffff9c
[  156.577532][ T5616] RBP: 00007f8afa032120 R08: 0000000000008560 R09: 0000000000000001
[  156.577537][ T5616] R10: 0000000000000000 R11: 0000000000000207 R12: 00007fff433ebbf0
[  156.577543][ T5616] R13: 00007f8afa032120 R14: 00000000000262d5 R15: 00007fff433eddb0
[  156.577558][ T5616]  </TASK>
[  156.577579][ T5616] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  157.357421][   T53] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  157.373170][   T53] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  157.376565][   T53] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  157.381735][   T53] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  157.386423][   T53] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  157.424620][ T8145] netlink: 'syz.2.937': attribute type 8 has an invalid length.
[  157.516560][ T8152] loop2: detected capacity change from 0 to 4096
[  157.563840][ T8158] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  157.686576][ T8165] loop2: detected capacity change from 0 to 4096
[  157.717069][ T8166] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  157.872984][ T8171] 9p: Unknown access argument c: -22
[  158.380696][ T8139] bridge0: port 1(bridge_slave_0) entered blocking state
[  158.382974][ T8139] bridge0: port 1(bridge_slave_0) entered disabled state
[  158.385153][ T8139] bridge_slave_0: entered allmulticast mode
[  158.388116][ T8139] bridge_slave_0: entered promiscuous mode
[  158.392074][ T8139] bridge0: port 2(bridge_slave_1) entered blocking state
[  158.394287][ T8139] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.396619][ T8139] bridge_slave_1: entered allmulticast mode
[  158.402321][ T8139] bridge_slave_1: entered promiscuous mode
[  158.496537][ T8139] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  158.504181][ T8139] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  158.527513][ T8139] team0: Port device team_slave_0 added
[  158.531351][ T8139] team0: Port device team_slave_1 added
[  158.556483][ T8139] batman_adv: batadv0: Adding interface: batadv_slave_0
[  158.561732][ T8139] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  158.569139][ T8139] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  158.574378][ T8139] batman_adv: batadv0: Adding interface: batadv_slave_1
[  158.576469][ T8139] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  158.584980][ T8139] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  158.625468][ T8139] hsr_slave_0: entered promiscuous mode
[  158.628629][ T8139] hsr_slave_1: entered promiscuous mode
[  158.635383][ T8139] debugfs: 'hsr0' already exists in 'hsr'
[  158.643987][ T8139] Cannot create hsr debugfs directory
[  158.730561][   T10] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  158.877063][ T8217] bond1: entered promiscuous mode
[  158.880531][   T10] usb 3-1: Using ep0 maxpacket: 8
[  158.883310][ T8217] 8021q: adding VLAN 0 to HW filter on device bond1
[  158.884523][   T10] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  158.889911][   T10] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  158.894451][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  158.899458][   T10] usb 3-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1
[  158.902426][   T10] usb 3-1: New USB device strings: Mfr=1, Product=34, SerialNumber=3
[  158.904843][   T10] usb 3-1: Product: syz
[  158.906097][   T10] usb 3-1: Manufacturer: syz
[  158.907677][   T10] usb 3-1: SerialNumber: syz
[  158.915140][   T10] usb 3-1: config 0 descriptor??
[  158.980522][   T10] rc_core: IR keymap rc-imon-rsc not found
[  158.982945][   T10] Registered IR keymap rc-empty
[  158.987846][   T10] rc rc0: iMON Station as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  159.005293][   T10] input: iMON Station as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input9
[  159.097860][ T8139] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  159.141507][ T8139] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  159.186516][ T8139] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  159.197339][ T8139] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  159.211031][ T8139] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  159.219313][ T8139] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  159.226632][ T8139] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  159.232456][ T8139] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  159.258519][ T8229] netlink: 'syz.0.962': attribute type 12 has an invalid length.
[  159.403885][ T8139] 8021q: adding VLAN 0 to HW filter on device bond0
[  159.423297][ T8139] 8021q: adding VLAN 0 to HW filter on device team0
[  159.431254][ T5000] Bluetooth: hci1: command tx timeout
[  159.438785][ T5882] bridge0: port 1(bridge_slave_0) entered blocking state
[  159.441138][ T5882] bridge0: port 1(bridge_slave_0) entered forwarding state
[  159.467282][ T5882] bridge0: port 2(bridge_slave_1) entered blocking state
[  159.470133][ T5882] bridge0: port 2(bridge_slave_1) entered forwarding state
[  159.863852][ T8139] 8021q: adding VLAN 0 to HW filter on device batadv0
[  159.941333][ T8139] veth0_vlan: entered promiscuous mode
[  159.960161][ T8139] veth1_vlan: entered promiscuous mode
[  160.003394][ T8139] veth0_macvtap: entered promiscuous mode
[  160.012759][ T8139] veth1_macvtap: entered promiscuous mode
[  160.036316][ T8139] batman_adv: batadv0: Interface activated: batadv_slave_0
[  160.053934][ T8139] batman_adv: batadv0: Interface activated: batadv_slave_1
[  160.065471][ T5649] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  160.073385][ T5649] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  160.082736][ T5649] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  160.096688][ T5649] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  160.219622][ T5882] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  160.225454][ T5882] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  160.305753][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  160.308698][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  160.929624][ T8270] loop3: detected capacity change from 0 to 2048
[  160.968428][ T8270] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  161.007463][ T8139] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.511407][ T5000] Bluetooth: hci1: command tx timeout
[  161.532223][  T796] usb 3-1: USB disconnect, device number 19
[  163.264510][ T8323] loop2: detected capacity change from 0 to 512
[  163.325995][ T8323] fscrypt (loop2, inode 2): Error -61 getting encryption context
[  163.332551][ T8323] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -61
[  163.338012][ T8323] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #13: comm syz.2.995: iget: bad i_size value: 12154757448730
[  163.343313][ T8323] loop2: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[  163.343826][ T8323] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.995: couldn't read orphan inode 13 (err -117)
[  163.351920][    C0] EXT4-fs (loop2): error count since last fsck: 1
[  163.351939][    C0] EXT4-fs (loop2): initial error at time 1778445020: ext4_orphan_get:1397: inode 13
[  163.351971][    C0] EXT4-fs (loop2): last error at time 1778445020: ext4_orphan_get:1397: inode 13
[  163.364111][ T8323] loop2: lost filesystem error report for type 5 error -117
[  163.366014][ T8323] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.437763][ T5619] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.590615][ T5000] Bluetooth: hci1: command tx timeout
[  165.081235][ T8368] binder: 8367:8368 ioctl c0306201 200000000680 returned -14
[  165.161925][ T5669] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  165.315612][ T5669] usb 4-1: config 0 has an invalid interface number: 64 but max is 0
[  165.331488][ T5669] usb 4-1: config 0 has no interface number 0
[  165.340670][ T5669] usb 4-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice= 0.07
[  165.349467][ T5669] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.362855][ T5669] usb 4-1: Product: syz
[  165.369856][ T5669] usb 4-1: Manufacturer: syz
[  165.372336][ T5669] usb 4-1: SerialNumber: syz
[  165.377863][ T5669] usb 4-1: config 0 descriptor??
[  165.395653][ T8384] loop2: detected capacity change from 0 to 128
[  165.559619][ T8392] loop2: detected capacity change from 0 to 512
[  165.593048][ T8392] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.604231][ T8392] EXT4-fs warning (device loop2): verify_group_input:137: Cannot add at group 45 (only 1 groups)
[  165.608453][ T5669] uvcvideo 4-1:0.64: Found UVC 0.08 device syz (046d:0823)
[  165.615786][ T5669] uvcvideo 4-1:0.64: No valid video chain found.
[  165.624042][ T5669] usb 4-1: USB disconnect, device number 2
[  165.655544][ T5619] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.715380][ T8401] loop2: detected capacity change from 0 to 8
[  165.811735][ T8406] loop2: detected capacity change from 0 to 128
[  165.815877][ T8406] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; going on - but anything won't be destroyed because it's read-only
[  165.824288][ T8406] hpfs: filesystem error: improperly stopped
[  165.826731][ T8406] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  165.829611][ T8406] hpfs: Proceeding, but your filesystem could be corrupted if you delete files or directories
[  165.834436][ T8406] hpfs: You really don't want any checks? You are crazy...
[  165.837523][ T8406] hpfs: hpfs_map_sector(): read error
[  165.839552][ T8406] hpfs: code page support is disabled
[  165.843036][ T8406] hpfs: hpfs_map_4sectors(): unaligned read
[  165.845428][ T8406] hpfs: hpfs_map_4sectors(): unaligned read
[  165.847841][ T8406] hpfs: filesystem error: unable to find root dir
[  166.341295][    T9] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  166.500781][    T9] usb 3-1: New USB device found, idVendor=05d1, idProduct=2021, bcdDevice= 9.00
[  166.503631][    T9] usb 3-1: New USB device strings: Mfr=0, Product=16, SerialNumber=0
[  166.509270][    T9] usb 3-1: Product: syz
[  166.517605][    T9] usb 3-1: config 0 descriptor??
[  166.523610][    T9] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[  166.531599][    T9] usb 3-1: Detected FT232H
[  166.736637][    T9] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  167.165318][    T9] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  167.364388][ T5724] usb 3-1: USB disconnect, device number 20
[  167.395610][ T8461] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1056'.
[  167.510292][ T5724] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  167.516960][ T5724] ftdi_sio 3-1:0.0: device disconnected
[  167.539003][ T8465] overlayfs: failed to clone upperpath
[  168.051496][ T8483] loop3: detected capacity change from 0 to 1024
[  168.065749][ T8483] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  168.079482][ T8483] EXT4-fs (loop3): stripe (4) is not aligned with cluster size (4096), stripe is disabled
[  168.121179][ T8483] EXT4-fs error (device loop3): ext4_ext_check_inode:521: inode #11: comm syz.3.1067: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  168.137580][ T8483] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  168.138005][ T8483] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.1067: couldn't read orphan inode 11 (err -117)
[  168.141656][    C0] EXT4-fs (loop3): error count since last fsck: 1
[  168.141677][    C0] EXT4-fs (loop3): initial error at time 1778445025: ext4_ext_check_inode:521: inode 11
[  168.141704][    C0] EXT4-fs (loop3): last error at time 1778445025: ext4_ext_check_inode:521: inode 11
[  168.172396][ T8483] loop3: lost filesystem error report for type 5 error -117
[  168.174247][ T8483] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.176100][ T8495] loop2: detected capacity change from 0 to 4096
[  168.192907][ T8495] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512).
[  168.199876][ T8496] sctp: [Deprecated]: syz.0.1071 (pid 8496) Use of int in max_burst socket option.
[  168.199876][ T8496] Use struct sctp_assoc_value instead
[  168.234374][ T8139] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.293114][ T8498] overlayfs: maximum fs stacking depth exceeded
[  168.409662][ T8502] loop3: detected capacity change from 0 to 8192
[  168.529834][ T8506] trusted_key: encrypted_key: key user:syz not found
[  168.546715][ T8508] netlink: 'syz.3.1077': attribute type 29 has an invalid length.
[  168.563838][ T8508] netlink: 'syz.3.1077': attribute type 29 has an invalid length.
[  168.653075][ T8512] fuse: Bad value for 'fd'
[  169.270572][ T5077] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  169.513975][ T5077] usb 4-1: Using ep0 maxpacket: 16
[  169.519814][ T5077] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  169.526243][ T5077] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  169.533968][ T5077] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  169.541840][ T5077] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.545084][ T5077] usb 4-1: Product: syz
[  169.546857][ T5077] usb 4-1: Manufacturer: syz
[  169.548639][ T5077] usb 4-1: SerialNumber: syz
[  169.554566][ T5077] usb 4-1: config 0 descriptor??
[  169.561367][ T5077] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  169.564919][ T5077] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class)
[  169.673329][ T8542] kAFS: unparsable volume name
[  169.876758][ T8549] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1096'.
[  169.885474][ T8549] bridge0: port 2(bridge_slave_1) entered disabled state
[  169.896340][ T8549] bridge_slave_1 (unregistering): left allmulticast mode
[  169.898956][ T8549] bridge_slave_1 (unregistering): left promiscuous mode
[  169.906899][ T8549] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.170002][ T5077] em28xx 4-1:0.0: unknown em28xx chip ID (0)
[  170.172917][ T5077] em28xx 4-1:0.0: Config register raw data: 0x56
[  170.374666][ T5077] em28xx 4-1:0.0: AC97 chip type couldn't be determined
[  170.379170][ T5077] em28xx 4-1:0.0: No AC97 audio processor
[  170.390573][ T5077] usb 4-1: USB disconnect, device number 3
[  170.394556][ T5077] em28xx 4-1:0.0: Disconnecting em28xx
[  170.431544][ T8563] block nbd0: Unsupported socket: should be TCP or UNIX.
[  170.478359][ T5077] em28xx 4-1:0.0: Freeing device
[  170.542837][ T8569] loop2: detected capacity change from 0 to 128
[  170.547956][ T8569] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  170.565824][ T8569] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  170.634882][   T62] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  171.145609][ T8593] comedi comedi3: pcl724: I/O base address or length out of range
[  171.312082][ T8605] loop3: detected capacity change from 0 to 64
[  171.319256][ T8605] MINIX-fs: mounting file system with errors, running fsck is recommended
[  171.542579][ T8609] loop2: detected capacity change from 0 to 32768
[  171.559534][ T8609] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1124 (8609)
[  171.631603][ T8609] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  171.640823][ T8609] BTRFS info (device loop2): using sha256 checksum algorithm
[  171.648524][ T8609] BTRFS error (device loop2): ignoresuperflags must be used with ro mount option
[  171.661551][ T8609] BTRFS error (device loop2): open_ctree failed: -22
[  171.815254][ T8627] loop2: detected capacity change from 0 to 1024
[  171.819911][   T33] audit: type=1800 audit(1778445029.182:18): pid=8625 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1131" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  171.820249][ T8627] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  171.835896][ T8627] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (30349!=20869)
[  171.841985][ T8627] EXT4-fs (loop2): invalid journal inode
[  171.843789][ T8627] EXT4-fs (loop2): can't get journal size
[  171.854439][ T8627] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  171.876485][ T5619] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.250618][ T5692] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  172.413402][ T5692] usb 3-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  172.423832][ T5692] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.435930][ T8652] [U] k43{}_hM|ڙT6ݬeS +,s/ʑq%{q
[  172.439996][ T5692] usb 3-1: config 0 descriptor??
[  172.539339][ T8658] loop3: detected capacity change from 0 to 2048
[  172.587548][ T8658] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  172.628066][ T8139] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.967812][ T8667] loop3: detected capacity change from 0 to 32768
[  173.019975][ T8667] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  173.067904][ T8667] XFS (loop3): Ending clean mount
[  173.193157][ T1008] XFS (loop3): Metadata CRC error detected at xfs_rmapbt_read_verify+0x42/0xe0, xfs_rmapbt block 0x14 
[  173.200174][ T1008] XFS (loop3): Unmount and run xfs_repair
[  173.205745][ T1008] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  173.208776][ T1008] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff  RMB3............
[  173.212764][ T1008] 00000010: 00 00 00 00 00 00 00 14 00 00 00 01 00 00 00 10  ................
[  173.216347][ T1008] 00000020: d7 dc 42 4e 79 90 42 cb 9f 91 9c b7 20 0a 10 1d  ..BNy.B..... ...
[  173.219844][ T1008] 00000030: 00 00 00 00 6c 4b dc c9 00 00 00 00 00 00 00 01  ....lK..........
[  173.228638][ T1008] 00000040: ff ff ff ff ff ff 00 00 00 00 00 00 00 00 00 00  ................
[  173.232571][ T1008] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb  ................
[  173.236215][ T1008] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02  ................
[  173.239753][ T1008] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00  ................
[  173.249617][ T1008] XFS (loop3): metadata I/O error in "xfs_btree_read_buf_block+0x2b0/0x490" at daddr 0x14 len 4 error 74
[  173.272659][ T1008] XFS (loop3): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x518/0x8f0 (fs/xfs/xfs_trans_buf.c:311).  Shutting down filesystem.
[  173.278388][ T1008] XFS (loop3): Please unmount the filesystem and rectify the problem(s)
[  173.281961][ T5692] usb 3-1: Cannot set autoneg
[  173.286764][ T5692] MOSCHIP usb-ethernet driver 3-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  173.299567][ T5692] usb 3-1: USB disconnect, device number 21
[  173.324311][ T8139] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  174.065468][ T8698] loop3: detected capacity change from 0 to 32768
[  174.093575][ T8698] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  174.116913][ T8698] XFS (loop3): Ending clean mount
[  174.137018][ T8139] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  174.170603][ T5724] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  174.324128][ T5724] usb 3-1: config index 0 descriptor too short (expected 45, got 36)
[  174.327376][ T5724] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  174.335145][ T5724] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  174.343503][ T5724] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  174.355195][ T5724] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  174.362119][ T5724] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.372228][ T5724] usb 3-1: config 0 descriptor??
[  174.525489][ T8716] loop3: detected capacity change from 0 to 2048
[  174.537379][ T8716] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  174.785890][ T5724] plantronics 0003:047F:FFFF.0007: reserved main item tag 0xd
[  174.817468][ T5724] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  174.979470][ T8732] loop3: detected capacity change from 0 to 1024
[  174.984148][ T8732] EXT4-fs: Ignoring removed i_version option
[  174.986207][ T8732] EXT4-fs: inline encryption not supported
[  174.988589][ T8732] EXT4-fs (loop3): Test dummy encryption mode enabled
[  175.019592][ T8732] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.038864][ T8732] EXT4-fs error (device loop3): __ext4_remount:6837: comm syz.3.1174: Abort forced by user
[  175.044023][ T8732] EXT4-fs (loop3): Remounting filesystem read-only
[  175.046564][ T8732] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  175.069484][ T8139] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.098184][  T796] usb 3-1: USB disconnect, device number 22
[  175.207602][ T8740] gtp0: entered allmulticast mode
[  175.678673][ T8746] loop2: detected capacity change from 0 to 2048
[  175.704239][ T8749] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  175.803158][ T8751] loop2: detected capacity change from 0 to 512
[  175.814490][ T8751] EXT4-fs (loop2): orphan cleanup on readonly fs
[  175.828674][ T8751] EXT4-fs warning (device loop2): ext4_xattr_inode_get:560: inode #11: comm syz.2.1182: EA inode hash validation failed
[  175.833025][ T8751] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2860: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  175.838336][ T8751] EXT4-fs error (device loop2): ext4_xattr_inode_update_ref:1037: inode #11: comm syz.2.1182: EA inode 11 ref wraparound: ref_count=0 ref_change=-1
[  175.844526][ T8751] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  175.849017][ T8751] EXT4-fs warning (device loop2): ext4_xattr_inode_dec_ref_all:1231: inode #11: comm syz.2.1182: ea_inode dec ref err=-117
[  175.852255][    C0] EXT4-fs (loop2): error count since last fsck: 1
[  175.852266][    C0] EXT4-fs (loop2): initial error at time 1778445033: ext4_xattr_inode_update_ref:1037: inode 11
[  175.852281][    C0] EXT4-fs (loop2): last error at time 1778445033: ext4_xattr_inode_update_ref:1037: inode 11
[  175.867223][ T8751] EXT4-fs (loop2): 1 orphan inode deleted
[  175.869857][ T8751] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  175.901382][ T5619] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.180296][ T8760] netlink: 'syz.2.1186': attribute type 1 has an invalid length.
[  176.186080][ T8760] netlink: 980 bytes leftover after parsing attributes in process `syz.2.1186'.
[  176.336842][ T8768] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1190'.
[  176.902165][   T33] audit: type=1326 audit(1778445034.212:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.2.1192" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb90b9cdd9 code=0x7ffc0000
[  176.909933][   T33] audit: type=1326 audit(1778445034.212:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.2.1192" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb90b9cdd9 code=0x7ffc0000
[  176.916631][   T33] audit: type=1326 audit(1778445034.212:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.2.1192" exe="/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fbb90b9cdd9 code=0x7ffc0000
[  176.923280][   T33] audit: type=1326 audit(1778445034.222:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.2.1192" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb90b9cdd9 code=0x7ffc0000
[  176.930297][   T33] audit: type=1326 audit(1778445034.222:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.2.1192" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb90b9cdd9 code=0x7ffc0000
[  176.938744][   T33] audit: type=1326 audit(1778445034.222:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.2.1192" exe="/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7fbb90b9cdd9 code=0x7ffc0000
[  176.947048][   T33] audit: type=1326 audit(1778445034.222:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.2.1192" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb90b9cdd9 code=0x7ffc0000
[  176.955433][   T33] audit: type=1326 audit(1778445034.222:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.2.1192" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb90b9cdd9 code=0x7ffc0000
[  176.965263][   T33] audit: type=1326 audit(1778445034.232:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.2.1192" exe="/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7fbb90b9cdd9 code=0x7ffc0000
[  176.974837][   T33] audit: type=1326 audit(1778445034.232:28): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.2.1192" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb90b9cdd9 code=0x7ffc0000
[  177.874365][ T8840] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1197'.
[  177.946166][ T8845] loop3: detected capacity change from 0 to 512
[  177.948739][ T8845] EXT4-fs: Ignoring removed i_version option
[  177.953314][ T8845] EXT4-fs: Ignoring removed nomblk_io_submit option
[  177.958059][ T8845] EXT4-fs: Ignoring removed mblk_io_submit option
[  177.970329][ T8845] EXT4-fs error (device loop3): ext4_orphan_get:1423: comm syz.3.1198: bad orphan inode 1
[  177.975336][ T8845] loop3: lost filesystem error report for type 5 error -117
[  177.986548][ T8845] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  178.041280][ T8139] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.140539][ T5678] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  179.321071][ T5678] usb 4-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  179.325110][ T5678] usb 4-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  179.328546][ T5678] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  179.364622][ T5678] gspca_main: stv0680-2.14.0 probing 041e:4007
[  180.401490][ T5678] gspca_stv0680: usb_control_msg error 0, request = 0x88, error = -32
[  180.411987][ T5678] stv0680 4-1:4.0: STV(e): camera ping failed!!
[  180.420255][ T5678] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[  180.425135][ T5678] stv0680 4-1:4.0: last error: 0,  command = 0x0
[  180.434102][ T5678] usb 4-1: USB disconnect, device number 4
[  181.049559][ T8926] loop2: detected capacity change from 0 to 1024
[  182.591701][ T8957] loop5: detected capacity change from 0 to 7
[  182.605121][ T8957] Dev loop5: unable to read RDB block 7
[  182.609502][ T8957]  loop5: unable to read partition table
[  182.613464][ T8957] loop5: partition table beyond EOD, truncated
[  182.623496][ T8957] loop_reread_partitions: partition scan of loop5 (被x ) failed (rc=-5)
[  182.806415][ T8966] loop3: detected capacity change from 0 to 1024
[  182.919071][ T8966] __quota_error: 13 callbacks suppressed
[  182.919116][ T8966] Quota error (device loop3): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  182.927706][ T8966] EXT4-fs warning (device loop3): ext4_enable_quotas:7269: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  182.935493][ T8966] EXT4-fs (loop3): mount failed
[  183.173224][ T8971] loop3: detected capacity change from 0 to 128
[  183.752888][ T8975] loop3: detected capacity change from 0 to 32768
[  183.769230][ T8975] XFS (loop3): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  183.787029][ T8975] XFS (loop3): Ending clean mount
[  183.798106][ T8975] XFS (loop3): Quotacheck needed: Please wait.
[  183.826164][   T62] XFS (loop3): Metadata corruption detected at xfs_dinode_verify+0x1a9/0x1590, inode 0x1807 dinode
[  183.829777][   T62] XFS (loop3): Unmount and run xfs_repair
[  183.831800][   T62] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  183.834316][   T62] 00000000: 49 4e 81 ed 03 02 00 00 00 00 00 00 00 00 00 00  IN..............
[  183.837600][   T62] 00000010: 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  183.846221][   T62] 00000020: 34 f7 58 68 a5 a5 b6 11 34 f7 58 68 a5 a5 b6 11  4.Xh....4.Xh....
[  183.851058][   T62] 00000030: 34 f7 58 68 a5 a5 b6 11 7c 0b 00 00 00 00 00 00  4.Xh....|.......
[  183.854366][   T62] 00000040: 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 01  ................
[  183.857633][   T62] 00000050: 00 00 18 02 00 00 00 00 00 00 00 00 bb 36 00 a5  .............6..
[  183.861245][   T62] 00000060: ff ff ff ff 8c da 54 79 00 00 00 00 00 00 00 06  ......Ty........
[  183.863871][   T62] 00000070: 00 00 00 01 00 00 00 10 00 00 00 00 00 00 00 08  ................
[  183.866689][   T62] loop3: lost filesystem error report for type 5 error -117
[  183.911309][ T8975] XFS (loop3): Quotacheck: Unsuccessful (Error -117): Disabling quotas.
[  183.916318][ T8975] loop3: lost filesystem error report for type 5 error -117
[  183.996447][ T8139] XFS (loop3): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  184.011610][ T8139] XFS (loop3): Uncorrected metadata errors detected; please run xfs_repair.
[  184.158368][ T5000] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  184.165843][ T5000] Bluetooth: hci2: Injecting HCI hardware error event
[  184.173114][ T5000] Bluetooth: hci2: hardware error 0x00
[  184.251193][ T8997] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1257'.
[  184.513288][ T9001] loop3: detected capacity change from 0 to 32768
[  184.516087][ T9001] btrfs: Deprecated parameter 'usebackuproot'
[  184.518253][ T9001] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  184.522684][ T9001] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1255 (9001)
[  184.556175][ T9001] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  184.578596][ T9001] BTRFS info (device loop3): using crc32c checksum algorithm
[  184.738742][   T81] BTRFS warning (device loop3): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  184.780956][ T9001] BTRFS error (device loop3): failed to load root extent
[  184.786238][ T9001] BTRFS warning (device loop3): try to load backup roots slot 1
[  184.801279][   T62] BTRFS warning (device loop3): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  184.829199][ T9001] BTRFS warning (device loop3): couldn't read tree root
[  184.844043][ T9001] BTRFS warning (device loop3): try to load backup roots slot 2
[  184.858506][   T62] BTRFS error (device loop3): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  184.873303][ T9001] BTRFS warning (device loop3): couldn't read tree root
[  184.882554][ T9001] BTRFS warning (device loop3): try to load backup roots slot 3
[  184.935466][ T9001] BTRFS info (device loop3): rebuilding free space tree
[  185.055502][ T9001] BTRFS info (device loop3): checking UUID tree
[  185.069198][ T9001] BTRFS info (device loop3): turning on async discard
[  185.078592][ T9001] BTRFS info (device loop3): enabling free space tree
[  185.090231][ T9001] BTRFS info (device loop3): force clearing of disk cache
[  185.098171][ T9001] BTRFS info (device loop3): enabling auto defrag
[  185.106494][ T9001] BTRFS info (device loop3): trying to use backup root at mount time
[  185.120898][ T9001] BTRFS info (device loop3): use zstd compression, level 3
[  185.454291][ T9035] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1265'.
[  185.476029][ T9035] IPVS: Unknown mcast interface: vetN1_macvtap
[  185.517979][ T9037] loop2: detected capacity change from 0 to 2048
[  185.537287][ T9037] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  185.548076][ T9037] ext4 filesystem being mounted at /364/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  185.601208][ T9037] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1266: bg 0: block 345: padding at end of block bitmap is not set
[  185.619921][ T9037] EXT4-fs (loop2): Remounting filesystem read-only
[  185.626306][ T8139] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  185.641060][ T5619] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.731321][ T9047] loop2: detected capacity change from 0 to 2048
[  185.797245][ T9047] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  185.808381][ T9047] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  185.873607][   T33] audit: type=1800 audit(1778445043.252:42): pid=9047 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1271" name=".log" dev="loop2" ino=1368 res=0 errno=0
[  185.886884][ T9049] loop3: detected capacity change from 0 to 4096
[  185.906055][ T9049] ntfs3(loop3): ino=3, Correct links count -> 2.
[  185.943326][ T9049] ntfs3(loop3): ino=1a, mi_enum_attr
[  185.945197][ T9049] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  186.231173][ T5000] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  187.454589][ T9102] fuse: Bad value for 'fd'
[  189.131879][ T9159] loop2: detected capacity change from 0 to 16
[  189.149937][ T9159] erofs (device loop2): mounted with root inode @ nid 36.
[  189.162407][   T33] audit: type=1800 audit(1778445046.532:43): pid=9159 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1318" name="file1" dev="loop2" ino=86 res=0 errno=0
[  189.560679][ T5678] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  189.706780][ T9179] overlayfs: failed to clone upperpath
[  189.714037][ T5678] usb 3-1: Using ep0 maxpacket: 16
[  189.718453][ T5678] usb 3-1: unable to get BOS descriptor or descriptor too short
[  189.722566][ T5678] usb 3-1: config 1 has an invalid interface number: 195 but max is 0
[  189.725260][ T5678] usb 3-1: config 1 has no interface number 0
[  189.728157][ T5678] usb 3-1: config 1 interface 195 altsetting 93 bulk endpoint 0x83 has invalid maxpacket 16
[  189.735222][ T5678] usb 3-1: config 1 interface 195 has no altsetting 0
[  189.742057][ T5678] usb 3-1: New USB device found, idVendor=0411, idProduct=0197, bcdDevice=e7.05
[  189.746476][ T5678] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  189.760120][ T5678] usb 3-1: Product: syz
[  189.763117][ T9181] loop3: detected capacity change from 0 to 1024
[  189.765698][ T5678] usb 3-1: Manufacturer: syz
[  189.767569][ T5678] usb 3-1: SerialNumber: syz
[  189.776576][ T9166] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  189.793137][ T9183] fuse: Bad value for 'fd'
[  189.996007][ T5678] usb 3-1: ath9k_htc: Device endpoint numbers are not the expected ones
[  190.023386][ T5678] usb 3-1: USB disconnect, device number 23
[  190.250975][  T796] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  190.380641][  T796] usb 4-1: device descriptor read/64, error -71
[  190.628584][ T9208] loop2: detected capacity change from 0 to 2048
[  190.634330][  T796] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  190.666863][ T9209] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  190.855432][ T9215] netlink: 200 bytes leftover after parsing attributes in process `syz.2.1341'.
[  191.055824][ T9217] loop2: detected capacity change from 0 to 32768
[  191.061686][ T9217] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1342 (9217)
[  191.076531][ T9217] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  191.080543][ T9217] BTRFS info (device loop2): using sha256 checksum algorithm
[  191.185717][ T9217] BTRFS info (device loop2): enabling ssd optimizations
[  191.188585][ T9217] BTRFS info (device loop2): turning on async discard
[  191.193006][ T9217] BTRFS info (device loop2): enabling free space tree
[  191.278368][ T5619] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  191.818248][ T9251] netlink: 'syz.0.1351': attribute type 29 has an invalid length.
[  191.825502][ T9251] netlink: 'syz.0.1351': attribute type 29 has an invalid length.
[  192.356900][ T9278] loop2: detected capacity change from 0 to 8
[  192.361512][ T9278] unable to read xattr id index table
[  192.604242][ T9278] loop2: detected capacity change from 0 to 32768
[  192.634478][ T9278] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1362 (9278)
[  192.666053][ T9278] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  192.672271][ T9278] BTRFS info (device loop2): using crc32c checksum algorithm
[  192.811047][ T9278] BTRFS info (device loop2): enabling ssd optimizations
[  192.824240][ T9278] BTRFS info (device loop2): turning on flush-on-commit
[  192.831402][ T9278] BTRFS info (device loop2): enabling free space tree
[  192.841244][ T9278] BTRFS info (device loop2): enabling auto defrag
[  192.851100][ T9278] BTRFS info (device loop2): use lzo compression, level 1
[  192.859539][ T9278] BTRFS info (device loop2): max_inline set to 4096
[  192.910691][ T5619] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  193.528921][ T9317] Invalid argument reading file caps for ./file0
[  193.792895][ T9333] loop2: detected capacity change from 0 to 256
[  194.055039][ T9339] fuse: fd is not a fuse device
[  194.546944][ T9347] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  195.144989][ T5724] usb 4-1: new low-speed USB device number 7 using dummy_hcd
[  195.329169][ T5724] usb 4-1: config 0 has an invalid interface number: 55 but max is 0
[  195.335987][ T5724] usb 4-1: config 0 has no interface number 0
[  195.347837][ T5724] usb 4-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  195.359765][ T5724] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  195.370168][ T5724] usb 4-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  195.384002][ T5724] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  195.394300][ T5724] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  195.404662][ T5724] usb 4-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  195.423266][ T5724] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  195.426600][ T5724] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.437524][ T5724] usb 4-1: config 0 descriptor??
[  195.440859][ T9364] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  195.445087][ T9364] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  195.460926][ T5724] ldusb 4-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  195.664598][ T5724] usb 4-1: USB disconnect, device number 7
[  195.674390][ T5724] ldusb 4-1:0.55: LD USB Device #0 now disconnected
[  195.835153][ T9393] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1408'.
[  195.913090][ T9397] loop2: detected capacity change from 0 to 512
[  195.916918][ T9397] EXT4-fs: Ignoring removed orlov option
[  195.942155][ T9397] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  195.959544][ T9397] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  195.975410][ T9397] EXT4-fs error (device loop2): ext4_iget_extra_inode:5128: inode #15: comm syz.2.1410: corrupted in-inode xattr: e_value size too large
[  195.981241][ T9397] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  195.983017][ T9397] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.1410: couldn't read orphan inode 15 (err -117)
[  195.993355][    C1] EXT4-fs (loop2): error count since last fsck: 1
[  195.993375][    C1] EXT4-fs (loop2): initial error at time 1778445053: ext4_iget_extra_inode:5128: inode 15
[  195.993397][    C1] EXT4-fs (loop2): last error at time 1778445053: ext4_iget_extra_inode:5128: inode 15
[  196.005545][ T9397] loop2: lost filesystem error report for type 5 error -117
[  196.026422][ T9397] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  196.149031][ T9397] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  196.518610][ T9417] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1417'.
[  196.760347][ T5619] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.320627][    T9] usb 4-1: new full-speed USB device number 8 using dummy_hcd
[  197.394431][ T9437] loop2: detected capacity change from 0 to 4096
[  197.485002][    T9] usb 4-1: config 0 has an invalid interface number: 146 but max is 0
[  197.491113][ T9441] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  197.501972][    T9] usb 4-1: config 0 has no interface number 0
[  197.513463][    T9] usb 4-1: config 0 interface 146 altsetting 2 has an endpoint descriptor with address 0x14, changing to 0x4
[  197.943096][    T9] usb 4-1: config 0 interface 146 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  197.946040][    T9] usb 4-1: config 0 interface 146 has no altsetting 0
[  197.950511][    T9] usb 4-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[  197.953269][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  197.955572][    T9] usb 4-1: Product: syz
[  197.956781][    T9] usb 4-1: Manufacturer: syz
[  197.958376][    T9] usb 4-1: SerialNumber: syz
[  197.977636][    T9] usb 4-1: config 0 descriptor??
[  197.982378][    T9] pn533_usb 4-1:0.146: NFC: Could not find bulk-in or bulk-out endpoint
[  198.288937][    T9] usb 4-1: USB disconnect, device number 8
[  198.833411][ T9463] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  199.016331][ T9468] loop3: detected capacity change from 0 to 512
[  199.034221][ T9468] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  199.131257][ T9468] EXT4-fs (loop3): 1 truncate cleaned up
[  199.156136][ T9468] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  199.242322][ T8139] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.248508][ T9463] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  199.264293][ T9463] overlayfs: failed to look up (tracing) for ino (-66)
[  199.672569][ T1379] ieee802154 phy0 wpan0: encryption failed: -22
[  199.676610][ T1379] ieee802154 phy1 wpan1: encryption failed: -22
[  199.786629][ T9480] loop2: detected capacity change from 0 to 2048
[  199.791647][ T9480] NILFS (loop2): invalid segment: Inconsistency found
[  199.793681][ T9480] NILFS (loop2): trying rollback from an earlier position
[  199.802661][ T9480] NILFS (loop2): write access unavailable, cannot proceed
[  199.895451][ T9486] fuse: fd is not a fuse device
[  200.017393][ T5649] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.073818][ T9498] binder: 9497:9498 ioctl 40046210 0 returned -14
[  200.135892][ T9504] xt_hashlimit: max too large, truncated to 1048576
[  200.193970][ T5649] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.310738][ T9502] loop3: detected capacity change from 0 to 32768
[  200.315958][ T9502] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1455 (9502)
[  200.333962][ T9502] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  200.342487][ T9502] BTRFS info (device loop3): using crc32c checksum algorithm
[  200.346299][ T5649] bond0: (slave netdevsim1): Releasing backup interface
[  200.377905][ T5649] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.401605][ T9512] loop2: detected capacity change from 0 to 2048
[  200.495849][ T9502] BTRFS info (device loop3): setting nodatasum
[  200.504208][ T9502] BTRFS info (device loop3): setting nodatacow
[  200.515961][ T9502] BTRFS info (device loop3): enabling ssd optimizations
[  200.534698][ T9502] BTRFS info (device loop3): using spread ssd allocation scheme
[  200.547748][ T9502] BTRFS info (device loop3): turning on async discard
[  200.575733][ T9502] BTRFS info (device loop3): enabling free space tree
[  200.600761][ T9502] BTRFS info (device loop3): enabling auto defrag
[  200.625361][ T5649] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.923604][ T8139] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  200.992924][ T9535] loop2: detected capacity change from 0 to 1024
[  201.013517][ T9535] EXT4-fs: inline encryption not supported
[  201.016070][ T9535] EXT4-fs: Ignoring removed bh option
[  201.019245][ T9535] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  201.210804][ T9535] EXT4-fs (loop2): write access unavailable, skipping orphan cleanup
[  201.318010][ T9535] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  201.458075][ T5619] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.645859][ T9544] loop3: detected capacity change from 0 to 4096
[  201.673375][ T9544] EXT4-fs: inline encryption not supported
[  201.688512][ T9544] EXT4-fs (loop3): Test dummy encryption mode enabled
[  201.712650][ T9544] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  201.716772][ T9544] System zones: 0-5
[  201.744475][ T9544] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.880078][ T8139] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.121222][ T9552] loop3: detected capacity change from 0 to 32768
[  202.130110][ T9552] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1466 (9552)
[  202.140387][ T9552] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  202.143876][ T9552] BTRFS info (device loop3): using crc32c checksum algorithm
[  202.181089][ T9552] BTRFS info (device loop3): setting nodatasum
[  202.183766][ T9552] BTRFS info (device loop3): enabling ssd optimizations
[  202.186509][ T9552] BTRFS info (device loop3): disabling tree log
[  202.188875][ T9552] BTRFS info (device loop3): turning on async discard
[  202.192204][ T9552] BTRFS info (device loop3): enabling free space tree
[  202.194909][ T9552] BTRFS info (device loop3): enabling auto defrag
[  202.331429][ T8139] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  202.405709][ T5649] bond0 (unregistering): Released all slaves
[  202.733299][ T9576] program syz.2.1469 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  202.922780][ T9585] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1473'.
[  203.023484][ T5356] 8021q: adding VLAN 0 to HW filter on device eth1
[  203.476076][ T5356] 8021q: adding VLAN 0 to HW filter on device eth2
[  203.590348][ T9597] loop3: detected capacity change from 0 to 32768
[  203.635324][ T9597] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  203.660408][ T9597] XFS (loop3): Ending clean mount
[  203.674012][ T9597] XFS (loop3): Quotacheck needed: Please wait.
[  203.759087][ T9597] XFS (loop3): Quotacheck: Done.
[  203.802670][ T8139] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  204.156572][ T5649] hsr_slave_0: left promiscuous mode
[  204.159321][ T5649] hsr_slave_1: left promiscuous mode
[  204.286145][ T5649] veth1_macvtap: left promiscuous mode
[  204.289778][ T5649] veth0_macvtap: left promiscuous mode
[  204.295546][ T5649] veth1_vlan: left promiscuous mode
[  204.299394][ T5649] veth0_vlan: left promiscuous mode
[  204.394787][ T9635] loop3: detected capacity change from 0 to 40427
[  204.401850][ T9635] F2FS-fs (loop3): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288)
[  204.425207][ T9635] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  204.438102][ T9635] F2FS-fs (loop3): Image doesn't support compression
[  204.443686][ T9635] F2FS-fs (loop3): build fault injection rate: 690
[  204.450288][ T9635] F2FS-fs (loop3): build fault injection type: 0x35f7
[  204.453854][ T9635] F2FS-fs (loop3): invalid crc value
[  204.699691][ T9635] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  204.737961][ T9635] F2FS-fs (loop3): Start checkpoint disabled!
[  204.773093][ T9642] loop2: detected capacity change from 0 to 4096
[  204.850806][ T9635] F2FS-fs (loop3): f2fs_disable_checkpoint() finish, err:0
[  204.861941][ T9635] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  204.873142][ T9635] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  205.190047][ T9635] syz.3.1482: attempt to access beyond end of device
[  205.190047][ T9635] loop3: rw=2049, sector=53248, nr_sectors = 280 limit=40427
[  205.295852][ T5356] 8021q: adding VLAN 0 to HW filter on device eth4
[  205.329391][   T82] kworker/u10:5: attempt to access beyond end of device
[  205.329391][   T82] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  205.377689][   T82] CPU: 1 UID: 0 PID: 82 Comm: kworker/u10:5 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  205.377708][   T82] Tainted: [L]=SOFTLOCKUP
[  205.377711][   T82] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  205.377718][   T82] Workqueue: writeback wb_workfn (flush-7:3)
[  205.377737][   T82] Call Trace:
[  205.377742][   T82]  <TASK>
[  205.377747][   T82]  dump_stack_lvl+0xe8/0x150
[  205.377760][   T82]  f2fs_stop_checkpoint+0x3c7/0x590
[  205.377776][   T82]  f2fs_write_end_io+0x1274/0x1740
[  205.377814][   T82]  __submit_merged_bio+0x256/0x6a0
[  205.377832][   T82]  __submit_merged_write_cond+0x3c9/0x4e0
[  205.377853][   T82]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  205.377919][   T82]  f2fs_write_data_pages+0x287e/0x34f0
[  205.377937][   T82]  ? f2fs_build_free_nids+0xdc/0x1810
[  205.377976][   T82]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  205.378003][   T82]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  205.378041][   T82]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  205.378070][   T82]  ? __lock_acquire+0x6b5/0x2cf0
[  205.378098][   T82]  ? f2fs_update_inode+0x13d9/0x2620
[  205.378114][   T82]  ? __pfx_f2fs_inode_chksum_set+0x10/0x10
[  205.378129][   T82]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  205.378148][   T82]  do_writepages+0x32e/0x550
[  205.378171][   T82]  ? reacquire_held_locks+0x104/0x190
[  205.378188][   T82]  ? writeback_sb_inodes+0x463/0x19d0
[  205.378211][   T82]  __writeback_single_inode+0x133/0x10e0
[  205.378230][   T82]  ? do_raw_spin_unlock+0x4d/0x210
[  205.378253][   T82]  writeback_sb_inodes+0x979/0x19d0
[  205.378270][   T82]  ? __lock_acquire+0x6b5/0x2cf0
[  205.378307][   T82]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  205.378324][   T82]  ? do_raw_spin_lock+0x12b/0x2f0
[  205.378375][   T82]  ? rcu_is_watching+0x15/0xb0
[  205.378401][   T82]  wb_writeback+0x445/0xb00
[  205.378421][   T82]  ? queue_io+0x201/0x470
[  205.378444][   T82]  ? __pfx_wb_writeback+0x10/0x10
[  205.378459][   T82]  ? do_raw_spin_lock+0x12b/0x2f0
[  205.378484][   T82]  wb_workfn+0x3f8/0xf10
[  205.378495][   T82]  ? __lock_acquire+0x6b5/0x2cf0
[  205.378506][   T82]  ? look_up_lock_class+0x57/0x110
[  205.378533][   T82]  ? __pfx_wb_workfn+0x10/0x10
[  205.378548][   T82]  ? do_raw_spin_lock+0x12b/0x2f0
[  205.378563][   T82]  ? lock_acquire+0x106/0x350
[  205.378577][   T82]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  205.378595][   T82]  ? process_scheduled_works+0xa70/0x1860
[  205.378611][   T82]  ? process_scheduled_works+0xa70/0x1860
[  205.378630][   T82]  ? process_scheduled_works+0xa70/0x1860
[  205.378641][   T82]  ? process_scheduled_works+0xa70/0x1860
[  205.378656][   T82]  process_scheduled_works+0xb5d/0x1860
[  205.378691][   T82]  ? __pfx_process_scheduled_works+0x10/0x10
[  205.378707][   T82]  ? assign_work+0x3d5/0x5e0
[  205.378718][   T82]  worker_thread+0xa53/0xfc0
[  205.378740][   T82]  kthread+0x388/0x470
[  205.378752][   T82]  ? __pfx_worker_thread+0x10/0x10
[  205.378760][   T82]  ? __pfx_kthread+0x10/0x10
[  205.378771][   T82]  ret_from_fork+0x514/0xb70
[  205.378783][   T82]  ? __pfx_ret_from_fork+0x10/0x10
[  205.378791][   T82]  ? __switch_to+0xc79/0x1410
[  205.378806][   T82]  ? __pfx_kthread+0x10/0x10
[  205.378817][   T82]  ret_from_fork_asm+0x1a/0x30
[  205.378837][   T82]  </TASK>
[  205.491432][   T82] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  205.730142][ T5356] 8021q: adding VLAN 0 to HW filter on device eth3
[  205.944937][ T9662] loop3: detected capacity change from 0 to 128
[  205.990065][ T9662] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  206.001846][ T9662] ext4 filesystem being mounted at /137/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  206.057642][ T9669] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1491'.
[  206.078371][ T8139] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  206.259694][ T9670] loop2: detected capacity change from 0 to 8192
[  206.546808][ T9684] loop3: detected capacity change from 0 to 2048
[  206.557259][ T9684] EXT4-fs: Ignoring removed i_version option
[  206.589322][ T9684] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  206.991709][ T9691] block device autoloading is deprecated and will be removed.
[  207.425437][ T8139] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.587131][ T9703] loop3: detected capacity change from 0 to 256
[  207.759989][ T5678] kernel write not supported for file /sg0 (pid: 5678 comm: kworker/0:3)
[  207.764448][ T9710] loop2: detected capacity change from 0 to 2048
[  208.085951][ T9735] loop2: detected capacity change from 0 to 512
[  208.687424][ T9768] devtmpfs: Too few inodes for current use
[  209.194004][ T9784] loop2: detected capacity change from 0 to 64
[  209.294080][ T9786] loop2: detected capacity change from 0 to 7
[  209.298463][ T9786] Dev loop2: unable to read RDB block 7
[  209.303261][ T9786]  loop2: unable to read partition table
[  209.305972][ T9786] loop2: partition table beyond EOD, truncated
[  209.311848][ T9786] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5)
[  209.511903][ T9794] overlayfs: failed to clone upperpath
[  209.767000][ T9804] xt_hashlimit: size too large, truncated to 1048576
[  210.790651][ T5724] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  210.850316][ T9828] (syz.3.1555,9828,1):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  210.853965][ T9828] (syz.3.1555,9828,1):ocfs2_fill_super:1177 ERROR: status = -22
[  210.966817][ T5724] usb 3-1: config index 0 descriptor too short (expected 1572, got 36)
[  210.970833][ T5724] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  210.994535][ T5724] usb 3-1: New USB device found, idVendor=05ac, idProduct=0238, bcdDevice= 0.40
[  210.998722][ T5724] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  211.002107][ T5724] usb 3-1: Product: syz
[  211.004025][ T5724] usb 3-1: Manufacturer: syz
[  211.006000][ T5724] usb 3-1: SerialNumber: syz
[  211.071762][ T5724] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input13
[  211.245596][ T5044] bcm5974 3-1:1.0: could not read from device
[  211.284033][ T5724] bcm5974 3-1:1.0: could not read from device
[  211.293195][ T5044] bcm5974 3-1:1.0: could not read from device
[  211.337712][ T5724] input: failed to attach handler mousedev to device input13, error: -5
[  211.355795][ T5724] usb 3-1: USB disconnect, device number 24
[  211.379035][ T5044] bcm5974 3-1:1.0: could not read from device
[  211.388005][ T5044] bcm5974 3-1:1.0: could not read from device
[  212.029066][    T9] kernel read not supported for file /vcs (pid: 9 comm: kworker/0:0)
[  212.219513][ T9860] loop3: detected capacity change from 0 to 2048
[  212.227410][ T9860] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  212.630702][ T5724] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  212.733727][ T9872] loop3: detected capacity change from 0 to 32768
[  212.738011][ T9872] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1574 (9872)
[  212.749564][ T9872] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  212.752761][ T9872] BTRFS info (device loop3): using sha256 checksum algorithm
[  212.772987][ T9872] BTRFS info (device loop3): enabling ssd optimizations
[  212.774995][ T9872] BTRFS info (device loop3): turning on async discard
[  212.776863][ T9872] BTRFS info (device loop3): enabling free space tree
[  212.781699][ T5724] usb 3-1: Using ep0 maxpacket: 8
[  212.786751][ T5724] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  212.792729][ T5724] usb 3-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  212.796953][ T5724] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.803933][ T5724] usb 3-1: config 0 descriptor??
[  212.828045][ T5724] gspca_main: vc032x-2.14.0 probing 046d:0892
[  212.831033][ T8139] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  213.284013][ T9908] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1584'.
[  213.287461][ T9908] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1584'.
[  213.397471][ T9916] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  213.610683][   T33] audit: type=1326 audit(1778445070.972:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9927 comm="syz.0.1593" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff521b9cdd9 code=0x7ffc0000
[  213.621627][   T33] audit: type=1326 audit(1778445070.992:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9927 comm="syz.0.1593" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff521b9cdd9 code=0x7ffc0000
[  213.632939][ T5724] gspca_vc032x: reg_w err -71
[  213.638376][ T5724] vc032x 3-1:0.0: probe with driver vc032x failed with error -71
[  213.638910][   T33] audit: type=1326 audit(1778445071.002:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9927 comm="syz.0.1593" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff521b9cdd9 code=0x7ffc0000
[  213.660261][   T33] audit: type=1326 audit(1778445071.002:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9927 comm="syz.0.1593" exe="/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7ff521b9cdd9 code=0x7ffc0000
[  213.684670][ T5724] usb 3-1: USB disconnect, device number 25
[  213.694740][   T33] audit: type=1326 audit(1778445071.002:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9927 comm="syz.0.1593" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff521b9cdd9 code=0x7ffc0000
[  213.706905][   T33] audit: type=1326 audit(1778445071.002:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9927 comm="syz.0.1593" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff521b9cdd9 code=0x7ffc0000
[  213.719230][   T33] audit: type=1326 audit(1778445071.002:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9927 comm="syz.0.1593" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff521b9cdd9 code=0x7ffc0000
[  213.728568][   T33] audit: type=1326 audit(1778445071.002:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9927 comm="syz.0.1593" exe="/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7ff521b9cdd9 code=0x7ffc0000
[  213.744809][   T33] audit: type=1326 audit(1778445071.002:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9927 comm="syz.0.1593" exe="/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7ff521b9cdd9 code=0x7ffc0000
[  214.060613][   T24] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  214.220617][   T24] usb 4-1: Using ep0 maxpacket: 32
[  214.229693][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  214.237605][ T9942] loop2: detected capacity change from 0 to 128
[  214.242427][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  214.242655][ T9942] hpfs: Unknown parameter 'chc'
[  214.246157][   T24] usb 4-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  214.256651][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  214.272488][   T24] usb 4-1: config 0 descriptor??
[  214.564331][ T9942] loop2: detected capacity change from 0 to 32768
[  214.731196][   T24] hid_parser_main: 184 callbacks suppressed
[  214.731217][   T24] ft260 0003:0403:6030.0008: unknown main item tag 0x0
[  214.739473][   T24] ft260 0003:0403:6030.0008: unknown main item tag 0x0
[  214.897230][   T24] ft260 0003:0403:6030.0008: chip code: 0000 0000
[  215.031068][  T796] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  215.102054][   T24] ft260 0003:0403:6030.0008: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.3-1/input0
[  215.183278][  T796] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE8, changing to 0x88
[  215.186928][  T796] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7
[  215.190869][  T796] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xA has an invalid bInterval 0, changing to 7
[  215.196789][  T796] usb 3-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49
[  215.199586][  T796] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  215.202301][  T796] usb 3-1: Product: syz
[  215.203605][  T796] usb 3-1: Manufacturer: syz
[  215.205461][  T796] usb 3-1: SerialNumber: syz
[  215.211490][  T796] usb 3-1: config 0 descriptor??
[  215.302843][   T24] ft260 0003:0403:6030.0008: failed to retrieve status: -32, no wakeup
[  215.516792][    T9] usb 4-1: USB disconnect, device number 9
[  215.950313][   T33] audit: type=1326 audit(1778445073.312:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9977 comm="syz.0.1619" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff521b9cdd9 code=0x7ffc0000
[  216.311071][ T5000] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  216.321368][ T5000] Bluetooth: hci1: Injecting HCI hardware error event
[  216.333523][ T5000] Bluetooth: hci1: hardware error 0x00
[  216.836182][ T9998] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1624'.
[  217.084090][T10012] comedi comedi4: bad chanlist[0]=0x00200007 chan=7 range length=2
[  217.678760][T10029] loop2: detected capacity change from 0 to 256
[  217.681689][T10029] vfat: Unknown parameter 'iocharsEt'
[  217.687434][T10029] loop2: detected capacity change from 0 to 16
[  217.690052][T10029] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  218.562377][ T5000] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  218.941969][T10040] overlayfs: failed to clone upperpath
[  219.199849][T10048] loop2: detected capacity change from 0 to 1024
[  219.208630][T10048] EXT4-fs: Ignoring removed bh option
[  221.256090][T10148] loop3: detected capacity change from 0 to 512
[  222.374495][T10152] netdevsim netdevsim3: Firmware load for './file0/../file0/file0' refused, path contains '..' component
[  225.811047][T10192] loop3: detected capacity change from 0 to 736
[  225.921589][  T796] iguanair 3-1:0.0: failed to get version
[  225.944593][  T796] iguanair 3-1:0.0: probe with driver iguanair failed with error -110
[  225.964635][  T796] usb 3-1: USB disconnect, device number 26
[  225.985433][T10192] rock: directory entry would overflow storage
[  225.992399][T10192] rock: sig=0x3b10, size=4, remaining=3
[  226.027540][T10198] loop2: detected capacity change from 0 to 128
[  226.089923][T10202] program syz.3.1705 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  226.420667][  T796] usb 4-1: new full-speed USB device number 10 using dummy_hcd
[  226.470754][ T5692] usb 3-1: new low-speed USB device number 27 using dummy_hcd
[  226.572773][  T796] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  226.577621][  T796] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  226.583838][  T796] usb 4-1: New USB device found, idVendor=0644, idProduct=8021, bcdDevice= 0.40
[  226.587278][  T796] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  226.590147][  T796] usb 4-1: Product: syz
[  226.592201][  T796] usb 4-1: Manufacturer: syz
[  226.594443][  T796] usb 4-1: SerialNumber: syz
[  226.606207][  T796] usb 4-1: unit 3 not found!
[  226.608092][  T796] usb 4-1: unit 7 not found!
[  226.623634][ T5692] usb 3-1: unable to get BOS descriptor or descriptor too short
[  226.627854][ T5692] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  226.631885][ T5692] usb 3-1: config 1 interface 0 altsetting 1 endpoint 0x8E has invalid wMaxPacketSize 0
[  226.635666][ T5692] usb 3-1: config 1 interface 0 has no altsetting 0
[  226.643875][ T5692] usb 3-1: string descriptor 0 read error: -22
[  226.646443][ T5692] usb 3-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice= 0.40
[  226.649769][ T5692] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  226.811707][  T796] usb 4-1: unit 5 not found!
[  226.814870][  T796] usb 4-1: unit 59 not found!
[  226.835834][  T796] usb 4-1: USB disconnect, device number 10
[  226.939631][ T5692] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -22
[  226.951329][ T5692] usb 3-1: USB disconnect, device number 27
[  227.459386][T10242] loop2: detected capacity change from 0 to 8
[  227.674192][T10238] loop3: detected capacity change from 0 to 32768
[  227.688979][   T33] kauditd_printk_skb: 7 callbacks suppressed
[  227.688989][   T33] audit: type=1800 audit(1778445085.052:61): pid=10238 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1723" name="file1" dev="loop3" ino=4 res=0 errno=0
[  228.205178][T10238] ERROR: (device loop3): dbAdjCtl: the maximum free buddy is not the old root
[  228.205178][T10238] 
[  228.213200][T10238] ERROR: (device loop3): remounting filesystem as read-only
[  228.249426][ T8139] ------------[ cut here ]------------
[  228.251875][ T8139] kernel BUG at fs/jfs/inode.c:175!
[  228.260065][ T8139] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[  228.262240][ T8139] CPU: 1 UID: 0 PID: 8139 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  228.265574][ T8139] Tainted: [L]=SOFTLOCKUP
[  228.266908][ T8139] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  228.270023][ T8139] RIP: 0010:jfs_evict_inode+0x438/0x440
[  228.271730][ T8139] Code: fe e9 e0 fd ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 23 fe ff ff 4c 89 f7 e8 53 c5 d5 fe e9 16 fe ff ff e8 69 6a 6a fe 90 <0f> 0b 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  228.277415][ T8139] RSP: 0018:ffffc90007cc7aa0 EFLAGS: 00010293
[  228.279296][ T8139] RAX: ffffffff835b39d7 RBX: ffff888119428418 RCX: ffff88816db6d880
[  228.281839][ T8139] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888119428418
[  228.284094][ T8139] RBP: 0000000000000001 R08: ffffffff9030b2f7 R09: 1ffffffff206165e
[  228.286689][ T8139] R10: dffffc0000000000 R11: ffffffff835b1600 R12: dffffc0000000000
[  228.289160][ T8139] R13: dffffc0000000000 R14: ffff8881194280b8 R15: ffff888119428418
[  228.291587][ T8139] FS:  0000555557852500(0000) GS:ffff8882a9290000(0000) knlGS:0000000000000000
[  228.294376][ T8139] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  228.296446][ T8139] CR2: 00007efd3b3e7f9c CR3: 000000016a274000 CR4: 00000000000006f0
[  228.298756][ T8139] Call Trace:
[  228.300033][ T8139]  <TASK>
[  228.301039][ T8139]  ? evict+0x612/0xb10
[  228.302288][ T8139]  ? __pfx_jfs_evict_inode+0x10/0x10
[  228.303875][ T8139]  evict+0x61e/0xb10
[  228.305060][ T8139]  ? __pfx_evict+0x10/0x10
[  228.306369][ T8139]  ? do_raw_spin_lock+0x12b/0x2f0
[  228.307894][ T8139]  evict_inodes+0x75a/0x7f0
[  228.309309][ T8139]  ? __pfx_evict_inodes+0x10/0x10
[  228.310890][ T8139]  generic_shutdown_super+0xaa/0x2d0
[  228.312530][ T8139]  kill_block_super+0x44/0x90
[  228.313973][ T8139]  deactivate_locked_super+0xbc/0x130
[  228.315653][ T8139]  cleanup_mnt+0x437/0x4d0
[  228.317017][ T8139]  ? _raw_spin_unlock_irq+0x23/0x50
[  228.318588][ T8139]  task_work_run+0x1d9/0x270
[  228.320175][ T8139]  ? __pfx_task_work_run+0x10/0x10
[  228.321842][ T8139]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.324106][ T8139]  exit_to_user_mode_loop+0xed/0x480
[  228.326084][ T8139]  ? rcu_is_watching+0x15/0xb0
[  228.327915][ T8139]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.330196][ T8139]  do_syscall_64+0x33e/0xf80
[  228.331969][ T8139]  ? trace_irq_disable+0x3b/0x140
[  228.333882][ T8139]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.336079][ T8139] RIP: 0033:0x7f50c499e017
[  228.337735][ T8139] Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  228.343372][ T8139] RSP: 002b:00007ffd84670948 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  228.345888][ T8139] RAX: 0000000000000000 RBX: 00007f50c4a32120 RCX: 00007f50c499e017
[  228.348782][ T8139] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd84670a00
[  228.351678][ T8139] RBP: 00007ffd84670a00 R08: 00007ffd84671a00 R09: 00000000ffffffff
[  228.354639][ T8139] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd84671a90
[  228.357586][ T8139] R13: 00007f50c4a32120 R14: 0000000000037b1b R15: 00007ffd84671ad0
[  228.360555][ T8139]  </TASK>
[  228.361749][ T8139] Modules linked in:
[  228.363861][ T8139] ---[ end trace 0000000000000000 ]---
[  228.367078][ T8139] RIP: 0010:jfs_evict_inode+0x438/0x440
[  228.369336][ T8139] Code: fe e9 e0 fd ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 23 fe ff ff 4c 89 f7 e8 53 c5 d5 fe e9 16 fe ff ff e8 69 6a 6a fe 90 <0f> 0b 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  228.377632][ T8139] RSP: 0018:ffffc90007cc7aa0 EFLAGS: 00010293
[  228.380081][ T8139] RAX: ffffffff835b39d7 RBX: ffff888119428418 RCX: ffff88816db6d880
[  228.384407][ T8139] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888119428418
[  228.390503][ T8139] RBP: 0000000000000001 R08: ffffffff9030b2f7 R09: 1ffffffff206165e
[  228.396298][ T8139] R10: dffffc0000000000 R11: ffffffff835b1600 R12: dffffc0000000000
[  228.401972][ T8139] R13: dffffc0000000000 R14: ffff8881194280b8 R15: ffff888119428418
[  228.405137][ T8139] FS:  0000555557852500(0000) GS:ffff8882a9290000(0000) knlGS:0000000000000000
[  228.408598][ T8139] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  228.411303][ T8139] CR2: 00007efd3b3e7f9c CR3: 000000016a274000 CR4: 00000000000006f0
[  228.414421][ T8139] Kernel panic - not syncing: Fatal exception
[  228.417465][ T8139] Kernel Offset: disabled
[  228.418776][ T8139] Rebooting in 86400 seconds..

VM DIAGNOSIS:
20:31:25  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffff888106b9a780 RCX=ffffffff86a3d84f RDX=00000000ffffffff
RSI=ffff888114db5a80 RDI=ffff888109137c00 RBP=0000000000000040 RSP=ffffc900000079b8
R8 =e1001600f4ed0f02 R9 =1050cfa137a0ea93 R10=00000000e6d2ffff R11=0000000000000000
R12=0000000000000040 R13=dffffc0000000000 R14=0000000000000040 R15=ffffc9000014e760
RIP=ffffffff86a3d86f RFL=00000a03 [-O----C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000555557852500 ffffffff 00c00000
GS =0000 ffff88818dc90000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055555786da28 CR3=000000016a274000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffff81f7b609 ffffffff816c6bce
XMM02=00007ff521ded5e8 00007ff521ded618 XMM03=00007ff521ded600 00007ff521ded5e0
XMM04=00007ff52294d020 00007ff521ded5c0 XMM05=00007ff521ded5d0 00007ff521ded610
XMM06=00007ff521ded5f8 00007ff521ded5c8 XMM07=00007ff521ded600 00007ff521ded5e0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000023fb4f RBX=ffffffff819a815a RCX=0000000080000001 RDX=0000000000000001
RSI=ffffffff8dfa87ce RDI=ffffffff8c28b4e0 RBP=ffffc90000197f10 RSP=ffffc90000197e20
R8 =ffff88823c6339db R9 =1ffff110478c673b R10=dffffc0000000000 R11=ffffed10478c673c
R12=0000000000000001 R13=1ffff1102c09e000 R14=0000000000000001 R15=1ffff1102c09e000
RIP=ffffffff8ba8212f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8882a9290000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007efd3b3e7f9c CR3=0000000115c12000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000001 XMM01=0000000000000000 0000555565c1fad8
XMM02=7665642f01ffffff ffffffffffed0805 XMM03=0360208080808200 059203706f6f6c2f
XMM04=0fffffe3ff100008 0153da0002000594 XMM05=0141800400080005 80040fffffe3ff10
XMM06=00080153da000200 0594036020808080 XMM07=8200059203706f6f 6c2f7665642f01ff
XMM08=ffffffffffffffed 080580031dc7bb80 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
