last executing test programs:

4m47.642961503s ago: executing program 1 (id=2089):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000005c0)=@newtaction={0x98, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x84, 0x1, [@m_tunnel_key={0x80, 0x1, 0x0, 0x0, {{0xf}, {0x50, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @private1}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @local}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_ENC_KEY_ID={0x8}]}, {0xffffffffffffffa5}, {0xc}, {0xc}}}]}]}, 0x98}}, 0x0)

4m47.462290257s ago: executing program 1 (id=2092):
r0 = syz_open_dev$vim2m(&(0x7f0000000480), 0x800, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000080)={0x15, 0x2, 0x1, "b427ec0600000000fd000900005200ffff09400000000000000000b0d8156b00", 0x47504a4d})

4m47.246009824s ago: executing program 1 (id=2095):
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0xa04710, &(0x7f0000000280)={[{@user_xattr}, {@i_version}, {@noblock_validity}, {@abort}, {@mblk_io_submit}, {@nogrpid}, {@jqfmt_vfsv0}, {@delalloc}, {@nolazytime}]}, 0x0, 0x448, &(0x7f0000000740)="$eJzs28tvG8UfAPDvrpP29+sroZRHS4FAQUQ8kiYt0AMXEEgcQEKCQzkGJ61K3QY1QaJVBAGhckSVuCOOSPwFnOCCgBMSV7ijShXk0sIpaNe7qePGbh4OTuPPR9p2xjv2zNez453d2QTQs4ayf5KIPRHxW0QM1LPLCwzV/7uxMFf9e2GumsTi4pt/Jnm56wtz1bJo+b7dRWY4jUg/TYpKlpu5eOnsRK02daHIj86ee2905uKlZ86cmzg9dXrq/PiJE8ePjT3/3Pizqw8mSVru2pu19dCH04cPvvr2lderJ6+889M3Wek9xf7GODYibUgPZYH/tZhrLvd4JyrbQvY2pJO+25dha6hERNZd/fn4H4hK3Oy8gXjlk642DthU2blpZ+vd84vANpZEt1sAdEd5os+uf8vtP5p6bAnXXqxfAF1P5qo3FupbfU/f0rV8/yZeuw5FxMn5f77MtujgfQgAgFa+y+Y/T680/0vj3oZy+4q1ocGIuCsi9kfE3RFxICLuicjL3hcR999SQ9q2/ualoVvnP+nVdQe3Ctn874VibWv5/G+p3YOVIrc3j78/OXWmNnW0+E6Go39nlh9rU8f3L//6eat9jfO/bMvqL+eCRTuu9jXdoJucmJ3IJ6UdcO3jiEN9K8WfLK0EJBFxMCIOre2j95WJM09+fbhVodvH30aLdaa1WPwq4ol6/89HU/ylpP365Oj/ojZ1dLQ8Km718y+X32hV/4bi74Cs/3ctP/6biwwmjeu1M2uv4/Lvn7W8plnv8b8jeSvvlx3Fax9MzM5eGIvYkbyW55e9Pn7zvWW+LJ/FP3xk5fG/v3hPVs8DEZEdxA9GxEMR8XDR9kci4tGIONIm/h9feuzd9ce/ubL4J1f8/Vs6/pv6f+2Jytkfvm1V/+r6/3ieGi5eyX//bmO1DdzIdwcAAAB3ijR/Bj5JR5bSaToyUn+G/0DsSmvTM7NPnZp+//xk/Vn5wehPyztdAw33Q8eS+eIT6/nx4l5xuf9Ycd/4i8r/8/xIdbo22eXYodftbjH+M39Uut06YNN1YB0NuEM1j//2j2wA24nzP/Qu4x96l/EPvWul8f9RU95aAGxPzv/Qu4x/6F3GP/Qu4x960kb+rl+ilxORbolmSGxSotu/TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xbwAAAP//Q+vspg==")
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, 0x0)

4m46.628744324s ago: executing program 1 (id=2103):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed4040, &(0x7f0000000340)={[{@noblock_validity}, {@stripe={'stripe', 0x3d, 0x1}}, {@nouid32}, {@grpid}, {@bsdgroups}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x3}}, {@nolazytime}, {@noload}]}, 0xf5, 0x47a, &(0x7f0000000f80)="$eJzs3M9vFFUcAPDvTLel5YdFxB8gaBWMxB8tLT/kYGI0mnjQaKIHjKd1WwhSwEBNhBBFDxjjwZB4Nx5N/As86cWoJxOveDckxHABPa2ZnRnaLrulpQu7uJ9PMux7M7O89903b/fNe7sNoG+NZf8kEesj4mJEjEZEpfmEsfzh2pWztX+unK0lUa+/9XeSPS2uXjlbK/6LxpZZl++o14v8mhblnn83ojo7O3OyyE/MHftg4tTpM88eOVY9PHN45vjUgQN792wf2j+1ryNxZnFd3frxiW1bXn3nwuu1gxfe+/X7rL7ri+NlHJ00lr+6LT3R6cK6bMOCdFLpYkVYkazdBovtYozGQIxcPzYar3zW1coBt1ul1edz4Vwd+B/LBupAPyo/6LP733K7Q+OOnnD5xXzCI4v7WrHlRyqRFucMNt3fdtJwRBw89+832Ra3aR4CAGChH7PxzzOtxn9pPLDgvHuKNZSNEXFvRGyKiPsiYnNE3B/ROPfBiHhoheU3r5DcOP5JLy3K1gdWWMLSsvHf88Xa1uLxXzn6i40DRW5DI/7B5NCR2ZndxWuyKwbXZPnJRU9Z7KeX//iqed+XxTT72ILxX7Zl5S+OML3UPEE3XZ2rrj7y3OVPI7ZWWsWfXF8HTCJiS0RsvcUyjjz13bZ2x1rFX46Fb6oD60z1byOezNv/XDTFX0rark9OPrd/at/EcMzO7J4or4ob/fb7+Tfblb+q+Dsga/+1La//PP7sHjEZjjh1+szRxnrtqVso5M/Pa0mbQ5tvGv+N139tZ8RQ8nYjPVSeVTwOJa9lDyPl/o+qc3Mnp+afW+Ybj5N5/Lt2zMdfjfn+vym/PWu8Eg9HRHYRb4+IRyLi0aLtHouIxyNixxLh//LSzvfbHWvf/kvMyndQFv/0Eu2fveVlqfn2X3li4OjPP7Qrv76s9t/bSO0q9izn/W+5FVzNawcAAAB3i7TxHfgkHb+eTtPx8fw7/JtjbVqJiKcPnfjw+HT+XfmNMZiWM12jC+ZDJ4u54TI/1ZTfU8wbfz0w0siP107MTnc7eOhz69r0/8xfnV1qAXqR32tB/9L/oX/p/9C/9H/oXy90uwJAdwy13v3Jna4H0BUrH/8P35Z6AHee+3/oX/o/9C/9H/pS29/Gp6v6yf/dmqj0RjVaJkZ6oxplItKeqEbnEm98kXeJXqlPmags+49Z3GJiTctD3X5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6Iz/AgAA///NIdoS")
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)

4m46.011807513s ago: executing program 1 (id=2106):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000280)={0x60, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x9c}, @IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0xfffffff9}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x40}, 0x0)

4m45.380742323s ago: executing program 1 (id=2113):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_CAP_ACK(r0, 0x10e, 0xa, 0x0, 0x0)

4m44.91772995s ago: executing program 32 (id=2113):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_CAP_ACK(r0, 0x10e, 0xa, 0x0, 0x0)

2m54.295486946s ago: executing program 3 (id=3526):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010005000000000000000000000a20000000000a01020000000000000000030000000900010073797a300000000028000000000a01040000000000000000030000000900010073797a3000000000080002400000000130000000030a03000000000000000000030000020900030073797a30000000000900010073797a3000000000040004"], 0xa0}}, 0x0)

2m54.094785482s ago: executing program 3 (id=3530):
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f0000000000)={[{@user_xattr}, {@errors_remount}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)='./file1\x00')

2m53.674443906s ago: executing program 3 (id=3533):
r0 = socket$netlink(0x10, 0x3, 0x4)
writev(r0, &(0x7f00000006c0)=[{&(0x7f0000000180)="480000001400197f09004b0101048c59028800ffff0001000000000028213ee20600d4ff4affff00c7e5ed5e00000000000000000000eaf60d18125d4b18857a9eace35ee8b12c00", 0x48}], 0x1)

2m53.439228704s ago: executing program 3 (id=3536):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x348, 0xe0, 0x43, 0xa0, 0xe0, 0x98, 0x2b0, 0x178, 0x178, 0x2b0, 0x178, 0x49, 0x0, {[{{@ip={@empty=0x5107, @local, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00'}, 0x12a, 0xc0, 0xe0, 0x0, {0x0, 0x7a010000}, [@common=@inet=@ecn={{0x28}}, @inet=@rpfilter={{0x28}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x168, 0x1d0, 0x0, {}, [@common=@unspec=@connbytes={{0x38}, {[], 0x0, 0x3}}, @common=@unspec=@conntrack2={{0xc0}, {{@ipv4=@remote, [], @ipv4=@multicast1, [], @ipv4=@multicast1, [], @ipv4=@multicast2}}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x3a8)

2m53.297031126s ago: executing program 3 (id=3538):
syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000001180)=ANY=[], 0x1, 0x17c, &(0x7f0000000500)="$eJzskr9OAkEQxr+9O/5oFDWxooGC+KdQjkONnZbY29lI4ETiocKRKITijDEUFsbSJ+A1THwBLYwPQE1BrM2ZvZ3bLL6C+yvu2/l2ZnZ2c+d+208B+JkOajhEhIkMPhiDBSDHhDcxhD6TfpI+CcE75R2Rf0+a9Xv9JAC+nceKMC6qnud28gC+I09a/sGdgUnU6ms6qPHFKYAwDEPu1QGejgUlxwTQVnKyFrAaXSKUORYNsA6g2G1dF/1ef6vZqjbchnvpmOU9e8e2d53iWdNzbfFlyhF0FXDdBJBKQ8L3EwAeKJ7HLEwZjfbZHE5kbTJ+www9IExZayi1sTK8yrlSSsUx1sDHugmWFLcQdbEQXakCBpOCkqXMJ85KRxvbtSuvPgQDi8tGsGSP0hgJGThqUN4PsChaDallgbRCOiIdk+b+/DJWwL+PFG0EQBK31W63U+KPJFYsXjnSc5YD9cH4qS/G7OXeDGg0Go1Go9FoNBrNf+c3AAD//8PfdhM=")
open(&(0x7f0000000400)='./file2\x00', 0x40, 0x82)

2m52.208279512s ago: executing program 3 (id=3553):
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./bus\x00', 0x3010009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f0000000300), 0x8, &(0x7f0000000380)={[{@metacopy_on}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@redirect_dir_nofollow}]})

2m36.049863976s ago: executing program 33 (id=3553):
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./bus\x00', 0x3010009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f0000000300), 0x8, &(0x7f0000000380)={[{@metacopy_on}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@redirect_dir_nofollow}]})

3.166276639s ago: executing program 5 (id=5556):
ioperm(0x0, 0x6, 0x2da3b9f3)
fstatfs(0xffffffffffffffff, 0x0)

2.979002534s ago: executing program 5 (id=5559):
syz_mount_image$jfs(&(0x7f0000000140), &(0x7f0000000080)='./file1\x00', 0x3210842, &(0x7f0000006500)={[{@discard_size={'discard', 0x3d, 0xf4}}, {@usrquota}, {@errors_continue}, {@iocharset={'iocharset', 0x3d, 'iso8859-15'}}, {@quota}, {@noquota}, {@noquota}, {@uid}, {@iocharset={'iocharset', 0x3d, 'macromanian'}}]}, 0x24, 0x62cf, &(0x7f0000000200)="$eJzs3cuOHFcZB/Cv+jYXE8fKIgoWQpPEXEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRLNhwUOAkFgixJIVD5AFW3Y8AJZsJFAWKIVq5pxxdaV7esb2dPW4fj9pXPX1qZo+5X9XX6aq+gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/8wY/PFRFx5VfphhMRn4t+RC9iparXImJl7UR9nRdiuzmej4jhUkS1/vY/z0a8HhEfH4+4/+DOenXz+X324/t//scffnLsR3//0/DMf/9yq//GtOVu3/7tf/5699G3FwAAALqoLMuySB/zT0bEIH22BwCefvn1v0zy7eqFqzcXrD9qtVqtPoJ1XTnZ3XoREZv1dar3DA7HA8ARsxmftN0FWiT/ThtExLG2OwEstKLtDnAo7j+4s16kfIv668HaTns+F2Qs/81i9/qOadNZmueYzOvxtRX9eG5Kf1bm1IdFkvPvNfO/stM+Sssddv5PWDGY0jAt/9HOpU+dk/PvN/NvOGL5T7UVvYn5d1XOf3Cg/PvyBwAAAACABZb//n+i5eO/S4+/Kfuy1/HftTn1AQAAAAAAAACetIOO/zdojP+3y/h/AAAAsLCqz+qV3x1/eNu072Krbr9cRDzTWB7omHSxzGrb/QAAAAAAAAAAAACALhnsnMN7uYgYRsQzq6tlWVY/dc36oB53/aOu69sPXdb2kzwAAOz4+HjjWv4iYjkiLqfv+huurq6W5fLKarlarizl97OjpeVypfa5Nk+r25ZG+3hDPBiV1S9brq1XN+vz8qz25u+r7mtU9vfRsfloMXAAiIidV6P7016R/uf16mgqy2ej5Tc5HBF77P8cUfZ/9qPtxykAAABw+MqyLIv0dd4n0zH/XtudAgDmIr/+N48LqNVqtVqtfvrqunKyu/UiIjbr61TvGQzHDwBHzGZ80nYXaJH8O20QES+03QlgoRVtd4BDcf/BnfUi5VvUXw/S+O75XJCx/DeL7fXy+pOmszTPMZnX42sr+vHclP48P6c+LJKcf6+Z/5Wd9lFa7vHzL8f+TNjWOUbT8q+280QL/Wlbzr/fzL/hsPf/edmK3sT8uyrnPzhQ/n35AwAAAADAAst//z+xUMd/R4+6OTPtdfx3beIah9cXAAAAAAAAAHhS7j+4s56ve83H/78wYTnXfz6dcv6F/Dsp599r5P/VxnL92vy9tx/m/+8Hd9b/eOtfn8/T/ea/lGeK9Mgq0iOiSPdUDNL0cbbus7aG/VF1T8Oi1x+kc37K4btxLa7HRpwdW7aX/j8etp8ba696OtxuL/s77efH2ge77Xn9C2Ptw3R2UbmS20/Hevw8rsc72+1V29KM7V+e0V7OaM/59+3/nZTzH9R+qvxXU3vRmFbufdT7zH5fn066n7euffE3Zw9/c2baiv7uttVV2/dSC/3Z/j85Nopf3ty4cfr21Vu3bpyLNBm79XykyROW8x+mn93n/5d32vPzfn1/vffR6MD5L4qtGEzN/+XafLW9r8y5b23I+Y/ST87/ndQ+ef8/yvlP3/9fbaE/AAAAAAAAAAAAAAAAsJeyLLcvEX0rIi6m63/aujYTAJifYe31v0xy27zq/pzvT60+tLoo5nF/xcJsbwv1p+Wc738wfkPb269WP4m6rpzszXoREX+rr1O9Z/j1pF8GACyyTyPin213gtbIv8Py9/1V01NtdwaYq5sffPjTq9evb9y42XZPAAAAAAAAAIBHlcf/XKuN/3yqLMu7jeXGxn99O9Yed/zPfDnNwwFGpwxU3T/4Nu1lqzfq92rDjb8Y08b/Hu7O7TX+92DG/Q1ntI9mtC/NaF+e0T7xQo+anP+LtfHOT0XEycbw610Y/7U55n0X5Pxfqj2eq/y/0liunn/5+6Ocf28s/zO33v/FmZsffPjatfevvrfx3sbPLpw7d/bCxYuXLl068+616xtnd/5tsceHK+efx752Hmi35Pxz5vLvlpz/l1It/27J+X851fLvlpx/fr8n/27J+efPPvLvlpz/K6mWf7fk/L+Wavl3S87/1VTLv1ty/l9Ptfy7Jef/Wqrl3y05/9Opln+35PzPpHqf+a8cdr+Yj5x/PsJl/++WnH8+s0H+3ZLzP59q+XdLzv9CquXfLTn/11Mt/27J+X8j1fLvlpz/xVTLv1ty/t9Mtfy7Jed/KdXy75ac/7dSLf9uyfl/O9Xy75ac/xupln+35Py/k2r5d0vO/7upln+35Py/l2r5d0vO/81Uy79bHn7/vxkzZszkmbafmQAAAAAAAAAAAACApnmcTtz2NgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2cHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdi71xi5zvp+4Gf25rUDiYGQv5O/gY1jEuNssutLfKF1MeHacCuBUOgF2/WuzYJveO0SaCSbBkokjIoq2oZKbQGhNm8q/IIXtAKUF6gVUiVoX9A3iAqVFxEKKCBVohVkqznneZ6dmZ3Lrne9njnn85Hsn/fMmTnPnHnOmf3t+jsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEZ3vm72U7Usy+p/8r82Z9kL6v/eOLE5X/bqGz1CAAAAYLV+lf/93C1pweFl3KlhnX95+Xe+urCwsJC9d/jPRz+3sJBumMiy0Q1Zlt8WXf3h+2qN6wSPZ+O1oYavh3psfrjH7SM9bh/tcftYj9s39Lh9vMftS3bAEhuLn8fkD7Y9/+fmYpdmt2aj+W3b29zr8dqGoaH4s5xcLb/PwuiJbC47lc1m003rF+vW8vW/fmd9W2/O4raGGra1tT5DfvbY8TiGWtjH25u2tfiY0U9em038/GePHf+7C8/e3q723A1Nj1eMc8e2+jg/EZYUY61lG9I+ieMcahjn1javyXDTOGv5/er/bh3nc8sc5/DiMNdV62s+ng3l//5uvp9GGn+sl/bT1rDsF3dlWXZ5cdit6yzZVjaUbWpaMrT4+owXM7L+GPWp9OJsZEXz9M5lzNN6ndnePE9bj4n4+t8Z7jfSYQyNL9NPPj7W8Lr/cuFa5mlUf9adjpXWObjWx0q/zME4L76bP+kn2s7B7eH5P3Z35znYdu60mYPpeTfMwW295uDQ2HA+5vQi1PL7LM7BXU3rD+dbquX1mbu7z8GpC6fPTc1/9GP3zZ0+dnL25OyZPbt2Te/Zt+/AgQNTJ+ZOzU4Xf1/j3u5/m7KhdAxsC/suHgP3tKzbOFUXvji25Px7rcfheJfjcHPLumt9HI60Prna+hyQS+d0cWy8u77Tx68MZR2Osfz12bn64zA974bjcKThOGz7ntLmOBxZxnFYX+fczuV9zzLS8KfdGDq/F6xuDm5umIOt34+0zsG1/n6kX+bgeJgX39/Z+b1gaxjvE5Mr/X5kONvU9KY6tPh0w7mnviR9vz9+IC/t5uUd9RtuGssuzs+ev//RYxcunN+VhbIuXtIwV1rn66aG55Qtma9DK56vh+de/sQdbZZvDvtq/L76X+MdX6v6Onvv7/5a5e9u7fdn09LdWShrbL33Z7t38/r+HMuyz3/r4w9/47HPv67j/qz3m5+YWv334qkvbTj/jnY4/8a+//lie+mhHh8eHSmO3+G0d0abzsfNL9VIfu6q5dt+bmp55+PR8Ge9z8e3djkfb2lZd63Px6OtTy6ej2u9ftqxOq2v53iYJ6emu5+P6+ts2b3SOTmyZE42HmN3hVoL+/9VoVNIp/CGudNp3qZtjYyMhuc1ErfQPE/3NK0/Gnqz+rae2h2+KUyjXN483XFXsf5ww/2i9ZqnEy3rrvU8TT/76jRPa71++nZtWl/P8TAvbt3TfZ7W13l67+rPnRvjPxvOnWO95uDo8Fh9zKNpEubn+2xhY5yD92fHs7PZqWwmv3Usn0+1fFuTDyzvXDkW/qz3uXJLlzm4o2XdtZ6D6X2s09yrjSx98mug9fUcD/PiyQe6z8H6Oq/ffw3fuzYtaT5X7ghL0joN37u2/nyt08+87mjZTddrroyEcX5rf/efzdbXOXVgpX1m9/10b1hyU5v91Hr8djqmZrL12U9bwjifPdB5P9XHU1/ncweXOZ8OZ1l26cMP5j/vDb9fuXTxe19t+r1Lu9/pXPrwgz994Yl/Xsn4ARh8zxdlU/Fe1/BDtOX8/h8AAAAYCLHvHwo10f8DAABAacS+P/6v8ET/DwAAAKUR+/6RUJMy9P9/3HuVLa9/du75S1lK5i8E8fa0Gx4q1osZ1+nw9cTCovryB788+9//dGl5wxvKsuyXD/1R2/W3PBTHVZgI47z6hublS3z1vmVt++gjl9J2G/PrXwiPH5/PcqdBuwjudJZlX7/lM/l2Jt53Ja9PP3Q0rw9ffuLx+jrPHSy+jvd/5iXF+n8dwr+HTxxruv8zYT/8KNTpt7TfH/F+X7nyqq3737O4vXi/2rab86f95PuLx42fk/PZx4v1437uNP5vfPqpr9TXf/SV7cd/aaj9+J8Kj/vlUP/nZcX6ja9B/et4v0+G8cftxfvd/6Vvth3/1U8V6597Y7He0VDj9neEr7e/8dm5xv31aO1Y0/PK3lSsF7c//b0/zW+Pjxcfv3X840euNO2P1vnx9L8XjzPVsn5cHrcT/WPL9uuP0zg/4/af+pOjTfu51/avPvzMy+qP27r9e1vWO/fhnfn2Fx+v+ROb/uaTn2m7vTiew/9wrun5HH5nOI7D9p98f5iP4fb/vVo8XuunKxx9Z/P5J67/hc2Xmp5P9OafF9u/+pqTed0wvnHTTS944c2XX1Hfd1n23Q3F4/Xa/sm/Pds0/i/eVuyPeHvM6Lduv5O4/fMfmTxzdv7i3Ezaq4/dkn92zluL8cTx3hLOra1fHzl74QOz5yemJ6azbKK8H6F3zb4U6k+Lcrn72gtLzqA7Hwmv5x1/+fVNd//bp+Py/3h3sfzKW4r3rXvCep8NyzeH129l21/qyTtvy4/v2tNhhAtLPy94NbZu//GBZa0Ynn/r9wVxvp976Qfy/VC/LX/fiMf1Ksf/g5nicb4W9utC+GTmbbctbq9x/fjZCFfeVRzvq95/4TQXX9e/D6/3235UPH4cV3y+Pwjfx3xzS/P5Ls6Pr10aan38/FM8LofzSXa5uD2uFff3leduazu8+Dkk2eXb86//LD3O7St6mp3Mf3R+6tTcmYuPTl2Ynb8wNf/Rjx05ffbimQtH8s/yPPLBLnf9q3uyLFs8P23Kz08zs/v2ZvnZ6mxRrrNVjD+32vGfe+T4zP7pu2dmTxy7eOLCI+dmz588Pj9/fHZm/u5jJ07MfqTX/edmDu3afXDP/t2TJ+dmDh04eHDPwcm5M2frwygG1cO+6Q9Nnjl/JL/L/KG9B3c98MDe6cnTZ2dmD+2fnp682Ov++XvTZP3efzh5fvbUsQtzp2cn5+c+Nnto18F9+3b3/DTA0+dOzE9Mnb94Zuri/Oz5qeK5TFzIF9ff+3rdn3Ka/8/i+9lWteKD+LJ33LsvfT5r3Zc/3vGhilVaPkD02fBZNN9+0bkDy/k69v2joSZl6P8BAACAXOz7x0JN9P8AAABQGrHv3xBqov8HAACA0oh9/3io6b8EVKT/L13+f8ulZW1f/l/+v3F/yf9XLP//rn7L/xfnC/n/tbHa/L38fyD/L/+f8vNjWZatT37++oxf/l/+nxup3/L/se/fmGV+/w8AAAAlFfv+TaEm+n8AAAAojdj33xRqov8HAACA0oh9/wtCTSrS/8v/y//L/8v/y/+33778/2CS/+9O/r+T4hOh5f/np7IbmJ9fi/GvMP9/eS3HfwPy/xsbv5D/px/1W/4/9v0vDDWpSP8PAAAAVRD7/ptDTfT/AAAAUBqx778l1ET/DwAAAKUR+/7NoSYV6f/l/1eV/0+ZK/n/5vHL/zeT/w/zQf5f/n8dyP93J//fg/z/Db1+/qCP3/X/5f9Zqt/y/7Hvf1GoSUX6fwAAACit0cV/xr7/xaEm+n8AAADoPyPXdrfY978k1GRJ/3+NGwAAAABuuNj335q1BMEr8vt/+X/X/5f/l/+X/2+//eXn/4cz+f/+If/fnfx/D/L/8v/Vzf+PZ/L/XAf9lv/P+/5sPHtpqElF+n8AAACogtj33xZqov8HAACA0oh9//8LNdH/AwAAQGnEvn9LqElF+n/5/9Lk/3/R+NLJ/8v/d9u+/L/r/5eZ/H938v89yP/L/1c3/+/6/1wX/Zb/j33/7aEmFen/AQAAoApi339HqIn+HwAAAEoj9v3/P9RE/w8AAAClEfv+raEmFen/5f/7PP8fk6Ou/y//L//fl/n/cfn/viP/3538fw/y//L/8v/y/6ypfsv/x77/ZaEmFen/AQAAoApi3//yUBP9PwAAAJRG7PtfEWqi/wcAAIDSiH3/RKhJRfr/leT/a5fl/zu5ztf/H1vG9f+byP/L/3fbvvy/6/+Xmfx/d/L/Pcj/y//L/8v/s6b6Lf8f+/47Q00q0v8DAABAFcS+f1uoif4fAAAASiP2/XeFmuj/AQAAoDRi37891KQi/b/r/w9E/j+T/5f/l/+X/5f/Xx75/+7k/3uQ/5f/l/+X/2dNrXH+f6h14Urz/7Hvf2WoSUX6fwAAAKiC2PffHWqi/wcAAIDSiH3/PaEm+n8AAAAojdj37wg1qUj/L/8v/y//L/8v/99++/L/g0n+vzv5/x7k/+X/5f/l/1lT/Xb9/9j3vyrUpCL9PwAAAFRB7Pt3hpro/wEAAKA0Yt9/b6iJ/h8AAABKI/b9k6EmFen/5f/l/+X/5f/l/9tvX/5/MMn/dyf/34P8v/y//L/8P2uq3/L/se+/L9SkIv0/AAAAVEHs++8PNdH/AwAAQGnEvn8q1ET/DwAAAKUR+/7pUJOK9P/y//L/8v/y/yvK/79i8XHl/wvy//1F/r87+f8e5P/l/294/n9U/p9S6bf8f+z7d4WaVKT/BwAAgCqIff/uUBP9PwAAAJRG7Pv3hJro/wEAAKA0Yt+/N9SkIv2//L/8v/y//L/r/7ffvvz/YJL/727t8//xKcr/y//L/7v+v/w/S/Vb/j/2/Q+EmlSk/wcAAIAqiH3/vlAT/T8AAACURuz794ea6P8BAACgNGLffyDUpCL9v/y//L/8v/y//H/77cv/Dyb5/+5c/7+Hlvz/WHhfkv+X/x+E/H99bsn/02/6Lf8f+/6DoSYV6f8BAACgCmLf/+pQE/0/AAAAlEbs+38t1ET/DwAAAKUR+/5fDzWpSP8v/y//L/8v/9/v+f8x+X/5/xWQ/+9O/r8H1/+X/x/g/L/r/9OP+i3/H/v+Q6EmFen/AQAAoApi3/8boSb6fwAAACiN2Pe/JtRE/w8AAAClEfv+w6EmFen/5f/XKf8fF8r/y//L/7v+v/z/dSX/3538fw/y//L/8v/y/6ypfsv/x77/taEmFen/AQAAoApi3/9gqIn+HwAAAEoj9v2vCzXR/wMAAEBpxL7/9aEmFen/5f9d///G5/9Hm8Yu/794P/n/gvy//P9KyP93J//fg/y//L/8v/w/a6rf8v+x739DqElF+n8AAACogtj3vzHURP8PAAAApRH7/jeFmuj/AQAAoDRi3//mUJOK9P/y//L/Nz7/7/r/8v8F+X/5/7Ug/9/dYOb/67tR/j+T/+/78cv/y/+zVL/l/2Pf/5uhJhXp/wEAAKAKYt//UKiJ/h8AAABKI/b9bwk10f8DAABAacS+/62hJhXp/+X/5f/l/+X/5f/bb1/+fzDJ/3c3YPn/X90clrv+f0H+v7/Hv9L8/0jL19cl///DTvn/hQ2t95f/53rot/x/7PvfFmpSkf4fAAAAqiD2/W8PNdH/AwAAQGnEvv8doSb6fwAAACiN2Pf/VqhJRfp/+f/6OBbTy/L/8v/5Avl/+X/5/4El/9/dgOX/w/X/5f8j+f/+Hr/r/8v/s1S/5f9j3//OUJOK9P8AAABQBbHvfzjURP8PAAAApRH7/neFmuj/AQAAoDRi3//uUJOK9P/y/67/L/8v/y//33778v+DaW3y/8Py//L/8v/y//2R//8v+X8GW7/l/2Pf/0ioSUX6fwAAAKiC2Pe/J9RE/w8AAAClEfv+3w410f8DAABAacS+/72hJhXp/+X/ByX/PyH/v8L8/1hYJv8v/y//Xy2u/9/d1u0/7pysbCT/L/8v/98f+X/X/2fA9Vv+P/b97ws1WX7/P77sNQEAAIAbIvb9vxNqUpHf/wMAAEAVxL7/d0NN9P8AAABQGrHv/71Qk9L1/59ru1T+f1Dy/67/n7n+v/x/y/OR/5f/b2f98v/xzDNw+X/X/+9G/l/+X/6/Y/5/qMf95f9pp9/y/7Hv//1Qk9L1/wAAAFBdse9/f6iJ/h8AAAAGQrv/k90q9v1HQk30/wAAAFAase8/GmpSkf5f/l/+X/6/T/P/f7HtX7//nbcf3SX/L/8v/78i63r9//rBP3jX/5f/70b+X/5f/t/1/1lT/Zb/j33/sVCTxcbvrS7wDwAAAIMt9v1/EGpSkd//AwAAQBXEvv94qIn+HwAAAEoj9v0zoSYV6f/l/+X/5f/7NP8/wNf/j/tjkPL/kxsGKP8fT7ry/22ta/7/PYs5cfn/leb/x9oubc3/1+T/m8j/r3j8386yTP5f/p8bqN/y/7Hvnw01qUj/DwAAAFUQ+v6hE0VdvEH/DwAAAKUR+/6ToSb6fwAAACiN2Pd/INSkIv2//L/8v/y//L/r/7ffft/m/13/vyv5/+76J//fnuv/y/8P8vjl/+X/Warf8v+x758LNalI/w8AAABVEPv+D4aa6P8BAACgNGLf/6FQE/0/APwfe/fRZFl93nH8Nm6KnqJMubzxwgu890tgYdb2C/CCjRd2lctlg22cE4OzEso5IAkFFFAACaGEhLJACQllIQnlLIQykmpU0/08z3Q4fW43fW/fc///z2fhh2nouRerC/jRfOcAADQjd/9fxi2d7H/9v/5f/6//1/8Pv77+fz3p/8fp/+fQ/+v/9f/6fxZqav1/7v6/ils62f8AAADQg9z9V8ct9j8AAAA0I3f/NXGL/Q8AAADNyN3/13HLWu7/jQePWwnq//X/zfb/f6D/P+z19f/6/5bp/8fp/+c4rf7/spn+fwlW/f5P0P8/NNP/06ip9f+5+/8mblnL/Q8AAAAMyd3/t3GL/Q8AAADNyN1/bdxi/wMAAEAzcvf/XdzSyf7f1/9vzPrs/zPj1f+31P9f6PU3Z/r/Pa+v/9f/t+x0+//rz/+VT/+v//f8/6D/9/x//T/7Ta3/z93/93FLJ/sfAAAAepC7/x/iFvsfAAAAmpG7/x/jFvsfAAAAmpG7/5/ilk72/wSf/7/9P4Ln/+/8WP+/kP7f8//3vb7+X//fsr6f/78194/oqf+/9r5Lr37o9t+94zivr//X/+v/9f8s1tT6/9z9/xy3dLL/AQAAoAe5+/8lbrH/AQAAoBm5+/81brH/AQAAYA2dGfxo7v5/i1s62f8T7P933pf+f5v+/xT7/y39v/5f/9+Cvvv/+Xrq/x/J63fS/w//Q/EE+vmTWtj7v2mm/9f/syBT6/9z9/973NLJ/gcAAIAe5O7/j7jF/gcAAIDpGvoPsUfk7r8ubrH/AQAAoBm5+8/GLZ3sf/3/8vv/X+n/16P/9/x//b/+vwn6/3H6/zn66P8Ppf/3/H/9P4s2tf4/d//1cUsn+x8AAAB6kLv/P+MW+x8AAACakbv/v+IW+x8AAACakbv/v+OWTva//t/z//X/+n/9//Dr6//Xk/5/nP5/Dv3/Sfv5i/X/+n/9P7sds/9/eOQv2wvp/3P3/0/c0sn+BwAAgB7k7v/fuMX+BwAAgGbk7v+/uMX+BwAAgGbk7v//uKWT/a//1//r/0/Y/1924efprv8/+KW3Tf8/TP9/OvT/4ybT/29sDn5Y/7/2/b/n/+v/9f/sMbXn/+fuf1Tc0sn+BwAAgB7k7n903DKy/4/9L/MBAACAlcrd/5i4xff/AQAAYO1ldZa7/7FxSyf7X/+v/9f/e/6/5/8Pv/5Y/3/Hrven/58W/f+4yfT/h9D/6//X+f3r//X/HDS1/j93/+Pilk72PwAAAPQgd/8NcYv9DwAAAM3I3f/4uMX+BwAAgGbk7n9C3NLJ/h/u/y/8fv3/0ej/975//f/w18ei+v/8GfX/o/3/lZ7/3yf9/zj9/xz6f/2//v+w/v/MvM/X/zNkav1/7v4nxi2d7H8AAADoQe7+J8Ut9j8AAAA0I3f/k+MW+x8AAACakbv/KXFLJ/vf8//1//r/9ev/Pf9/xyqf/z879f5/U/9/RPr/cfr/OfT/+n/9//jz/0d+FQD9P0Om1v/n7n9q3NLJ/gcAAIAe5O5/Wtxi/wMAAMB62P3fDuz/D0pD7v6nxy32PwAAADQjd/8z4pZ29v/oszr1//p//b/+X/8//PrT6v89//+o9P/j9P9z6P+X0c9vNtb/33jY50+h/79u2f3/CP0/Q/b0/3de+Piq+v/c/c+MW9rZ/wAAANC93P3PilvsfwAAAGhG7v5nxy32PwAAADQjd/9z4pZO9v/S+/+RX31A/6//1//r//X/+v9F0/+P0//Pof/3/H/P/9f/s1B7+v9dVtX/5+5/btzSyf4HAACAHuTuf17cYv8DAABAM3L33xi32P8AAADQjNz9z49bOtn/nv+v/9f/6//1/8Ovr/9fTyfq7y/S/xf9v/5f/6//1/+zAFPr/3P3vyBu6WT/AwAAQA9y978wbrH/AQAAoBm5+2+KW+x/AAAAaEbu/hfFLZ3sf/3/cvv//Lj+X/8/0//r//X/p6Lb5/9vDP2d6KBD+v97/vzsH+39iP5f/6//1//r/zmi3xr5fZPo/89d+KfL3P0vjls62f8AAADQg9z9L4lb7H8AAABoRu7+l8Yt9j8AAAA0I3f/zXHLMff/WPMw7MHLj/0pS6D/9/x//b/+X/8//Pr6//XUbf9/RJ7/P4f+X/+v/9f/s1CT6P93/Th3/8viFt//BwAAgGbk7n953GL/AwAAQDNy978ibrH/AQAAoBm5+18Zt3Sy//X/+n/9v/5f/z/8+vr/9aT/H6f/n2Od+v+bT9D/bw5/eNX9/Emt+v3r//X/HDS1/j93/y1xSyf7HwAAAHqQu/9VcYv9DwAAAM3I3f/quMX+BwAAgGbk7n9N3NLJ/tf/6//1//p//f/w6+v/15P+f5z+fzab3TryBob6/3OXTLP/9/z/yb1//b/+n4Om1v/n7n9t3NLJ/gcAAIAe5O6/NW6x/wEAAKAZuftvi1vsfwAAAGhG7v7XxS2d7H/9v/5f/6//X0D/v6ev1f8P0/+fDv3/OP3/HOv0/H/9/+Tev/5f/89BU+v/c/e/Pm7pZP8DAABAD3L33x632P8AAADQjNz9b4hb7H8AAABoRu7+O+KWTva//l//r//X/3v+//Dr6//X0/L6/5n+X/+v/59D/6//1/+z39T6/9z9b4xbOtn/AAAA0IPc/W+KW+x/AAAAaEbu/jfHLfY/AAAANCN3/1vilk72v/5f/7/dz8cb0P/r/2cr6//P/zVI/6//PznP/x+n/59D/6//1//r/1mo4f7/upX1/7n73xq3dLL/AQAAoAe5+++MW+x/AAAAaEbu/rfFLfY/AAAANCN3/9vjlk72v/5f/7/3+f+zmf5f/+/5/ztOof/fmun/F07/P07/P4f+v83+/6JZQ/3/mUM/X//PFE3t+f+5+++KWzrZ/wAAANCD3P3viFvsfwAAAGhG7v53xi32PwAAADQjd/+74pZO9r/+X/+/t//3/P/tD+j/9f+e/7+29P/j9P9z6P/b7P89/1//z8pMrf/P3f/uuKWT/Q8AAAA9yN3/nrjF/gcAAIBm5O5/b9xi/wMAAEAzcve/L27pZP/r//X/+n/9v/5/+PX1/+tJ/z9O/z+H/l//r//X/7NQU+v/c/e/P27pZP8DAABAD3L33x232P8AAADQjNz998Qt9j8AAAA0I3f/B+KWTva//l//r/9fz/5/S/+v/9f/D5pK/3/FFX94r/5f/6//1//r//X/vZta/5+7/4NxSyf7HwAAAHqQu/9DcYv9DwAAAM3I3f/huMX+BwAAgGbk7v9I3NLJ/j/Y/1882ylUdwz1/9Go6f930f/vff/6/+GvD8//1//r/5dvKv2/5/8/svev/9f/r/P7P1b//3sHP1//T4um1v/n7r83bulk/wMAAEAPcvd/NG6x/wEAAKAZufs/FrfY/wAAANCM3P33xS2d7H/P/9f/6//1//r/4dfX/68n/f84/f8c+n/9v+f/X/Onv6H/Z3Gm1v/n7v943NLJ/gcAAIAe5O7/RNxi/wMAAEAzcvd/Mm6x/wEAAKAZufs/Fbd0sv/1//p//f8S+v/N4a8P/b/+X/+/fPr/cfr/sv9PbUc//f/W0AdX3c+f1Krf/5L6/7su9fx/1tjU+v/c/Z+OWzrZ/wAAANCD3P2fiVvsfwAAAGhG7v7Pxi32PwAAADQjd//n4pZO9r/+v/H+//wPuu///8Tz//e9vv5f/98y/X/+HX2Y/n+Ofvr/Qavu59f9/Tfz/H/9Pws0tf4/d//9cUsn+x8AAAB6kLv/83GL/Q8AAADNyN3/hbjF/gcAAIBm5O7/YtzSyf7X/zfe/+97/v/GrMf+fwXP/z/k60P/r//X/y+f/n+c/n8O/b/+X/+v/2ehptb/5+5/YGOzy/0PAAAA6+qPf/8v7j/qH/vA9v/dmn0pbrlydu6I38YGAAAAJu787t/YnM2+vP0j3/8HAACAFuXu/0rc0sn+1//31f/3+fz/Jfb/519Y/6//1/9Piv5/3Ar6/63jvD/9v/5/nd+//l//z0FT6/9z9381btk1/DaP/WcJAAAATEnu/q/FLZ18/x8AAAB6kLv/63HLgf3vlwMEAACAdZW7/xtxSyff/9f/T7z/ny2p/48/Tv+/w/P/9f9Dr6//X0/6/3En7P/PbXj+v/5/hP5f/6//Z7+p9f+5+78Zt3Sy/wEAAKBRe/6NQu7+b8Ut9j8AAAA0I3f/t+MW+x8AAACakbv/O3FLJ/tf/3/q/X+m6kt8/v+Z+i3P/++8/79ha/D19f/6/5bp/8et4Pn/+v+9P7/+f4l2vf9L9P/6f6Zhav1/7v7vxi2d7H8AAADoQe7+78Ut9j8AAAA0I3f/9+MW+x8AAACakbv/wfPnN/vb/yvp/+Mn6bT/P97z/4/Y///2ZXtfe+7z//X/ffT/h7x+O/3/71x69u6r/uy2W/T/XHCa/X9+Lej/9f/6/x0T6v89/1//z0Qsvv/f3PPB4/b/27t/tjX7QdzSyf4HAACAHuTufyhusf8BAACgGbn7fxi32P8AAADQjNz9P4pbOtn/nv/fRv+/3zr2//n/6xX0/2cfcf9/ZjabraT/z6a49/7f8//1/wd5/v84/f8c+n/9v/5f/89CLb7/3/vB4/b/uft/HLd0sv8BAACgB7n7fxK35P7fOPa/ugcAAAAmJnf/T+MW3/8HAACAZuTu/1nc0sn+1//r/6fS/yfP/7/weW09//+qilP77P8vr9/S/y+X/n+c/n8O/b/+X/+v/2ehptb/5+7/edzSyf4HAACAHuTufzhusf8BAACgGbn7fxG32P8AAADQjNz9v4xbOtn/+v9W+/8s4vX/+v+p9P+e/+/5/6dD/z9O/z+H/n/N+//4gpnp//X/TMXU+v/c/b8OAAD//5W8bEE=")
mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

1.789507838s ago: executing program 4 (id=5571):
r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000440), 0x1, 0x0)
write(r0, &(0x7f0000000480)="4d4287ac770767f7429748", 0xb)

1.778076539s ago: executing program 5 (id=5572):
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x149002, 0x0)
write$P9_RSTATu(r0, &(0x7f00000004c0)={0x232, 0x7d, 0x0, {{0x500, 0xf0, 0x401, 0x5000000, {}, 0x0, 0x0, 0x0, 0x0, 0x1f, '\x04nodev{cvfox\x92\xff\xff\xff\x81\x02\x00\x00\x00\x00\x001\xff\xce\xbc\x92\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05\xf7\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00;Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x06\xb4\x94\xe1', 0x12, '\xcf\xc2\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3\x13\xf6\x00', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xd4\x89\xdad\x9a7\x00'}, 0x12c, 'odev-n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300, 0xffffffffffffffff}}, 0x232)

1.679840617s ago: executing program 4 (id=5574):
syz_mount_image$erofs(&(0x7f0000000040), &(0x7f0000000400)='./file0\x00', 0x8, &(0x7f00000000c0)=ANY=[@ANYRES8=0x0, @ANYRESDEC=0x0], 0x1, 0x1c9, &(0x7f0000000800)="$eJzslT+v0lAYxp9zii0YP4GLgyTiYGmLGhcSWJwcTPxDHEwkUghaxEAHITHGT+Du5uDHMNHVD2HQxOiCk3fuzek5bc+9AS4pkA73/Q0vDz1/+r7vaZ+CIIhzy6+fR4vof/NPGcAlVGGp63+NbA7X5v8o/3v77d7dzoenn79bC7uyas8o2v7+JQBf2wbCdO3J1VX1+xA81Y/AcV3pDhhspZ+B47HSPhieKP1C02Mx37b7w8C3n4+DnhCOCK4IngiN0/kt3zP0tPyYNj6dzV92g8CfHFCc1b9lm6Op5aeflw2ZraP1zwWHq3QDDA+UvgMr6Y1siVb/5VK2v7GxfhM7lv0bQHalf8jOmuJWuZYDbKuzT96nQ1axgzBkYsmJFp7P3gVKe9swsoCiy1kjvrTk+aWpvsvz1LXWDJm5nt7Mn6JPDNc0f5JW8jF+Nerh6HV9OpvfGI66A3/gv/K8xm3npuPc8uqxEcm4wf8qsT9dzPZf+U0SmMzEm24YTlwZ0/+ejKscl8f+x1G7igviv3BTc202cpypdSxWNWPDdIIgiMK4AhZ7cuzLiVBfk3Qgirz7BedJEARBEARBEARBEER+jgMAAP//qotbUA==")
open(&(0x7f0000000200)='./file2\x00', 0x100, 0x123)

1.444538985s ago: executing program 2 (id=5576):
r0 = gettid()
rt_sigqueueinfo(r0, 0x29, &(0x7f0000000040)={0x2c, 0x208, 0xc})

1.440538436s ago: executing program 5 (id=5577):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt(r0, 0xff, 0x2, 0x0, 0x0)

1.287607658s ago: executing program 4 (id=5578):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="756d303030303030303030303030303030303030ac303030302c6465636f6d706f73832c6e6c733d63703835322c7569653d", @ANYRESHEX=0xee01, @ANYBLOB=',nobarrier,part=0x0000000000000006,\x00'], 0x20, 0x6de, &(0x7f0000000840)="$eJzs3U9sW3cdAPDvsx0n7qTMG+1WEFKjVVSwQpvEjBYJiYIQymGCSlx2DW26RnWyKslQWiHqAYMjnFAPOwyhcNgJcUAa4oAYZyQk7r1X4sCt4oDRe34vsZ3Esds4abvPR3p+v+f3+/N9X//es/3SygF8ai28FROtSGLh/Jub6faDrUbzwVZjpShHxGRElCIqnVUkqxHJJxFXorPEZ9Mn8+6S/cZ54+HHH5y7/1Gjs1XJl6x+aVC7He0BI7TyJWYiopyvR1TZr79re/R3b6Suk+2404SdLRIHx629S2uU5kOct8DT7l5EeWKP5+sRJyJiKv8cEPnVoXTE4R26ka5yAAAA8HQqH1ThxUfxKDZj+mjCAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdD0vnNwCRfSkV5JpL89/+/n1fLVKvHG+4BvnzA/vdvHFEgAAAAAAAAAHD4JnaKZx7Fo9iM6WK7nWR/838t2ziZPb4Q78Z6LMVaXIjNWIyN2Ii1mIuYmO7qs7q5uLGxNre75W8ibdlut+/lLecjor6r5fyYjxkAAAAAAAAAnm8/jYWYPu4gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgWxJR7qyy5WRRrkepEhFTEVFN67Ui/lKUn2V/Pe4AAAAAYPxq+Xo6+V+n0E6y7/yvZN/7p+LdWI2NWI6NaMZSXM/uBXS+9Zf+2Wo0H2w1VtJld8ff+vdIcWQ9RkQ53ttn5NmsxqntFgvx3fhBnI+ZuBprsRw/isXYiKWYiVp6ELEYSdRrnbsX9SLO3njLeVdXekK52h/bmb7t01kktbgRy1lsF+JateitlNVI4nTXaH+qRvRl6L00O8k3c0Pm6HrX6/Xr/L5Mrv3ikH2MRz078ontjMymuc+z8dLeuS+MOE/6R5qL0vY9qJM7o6Sb/SMVOf/hKDk/ka/TXP+iN+eHbcRbaf2ZmI9SPvsiXunN+e0v3H+5t/GX/vW3qzdLq7du3lg/P8ZDGquJotCfiUZXJl4dPPvyTDTTTLSGz8RE/xNTT3Ach6iaZ6NzYRvuavmdrLQYr3VNwXfieizFpZiNubgcs/H1mI9Gzww71ZPXSmOlNyfZuVbafX2rDQj+7Be7Kv3ygMpHK83LS1157b7S1bN9+TNXfhWzXVl6efDse5x3gcrn8kI6xs+233GeBj2ZyK/NRXTFG9Q+mfhtO31cb67eWru5eHvI8c7l6/S0fb/32vy7Jz6YJ5LOl/SKW8m2spzUivmS7vvMdrS9+armf3HptCvt2ndqe189pmM5vrfvmVrNP8Pt7qmz79U99zWyfae79vV8yol3opl9CukzczRZBWBoJ14/Ua09rP2j9mHt57WbtTenvj15efLz1Zj4e+XP5T+Ufl/6RvJ6fBg/ienjjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4H63fu3lpsNpfWxlioPuZYUTqwztYLw3UY9YjBYyV5oTrubDwFhf9MDcxGLcY0+h8jYkCd6hMPkYx/PqcT+VA6LH44LXumXR6heaVotXedSqxP7fcKTu687lG/tdj8b7unTi26ThngOXdxY+X2xfU7d7+yvLL49tLbS6vzly9dvtT42txXL95Ybi7Ndh6PO0pgHNbv3C0fdwwAAAAAAAAAAADAaPJ//b/x2P+ZoXJAnera+t4jnznqQwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeUQtvxUQrkpibvTCbbj/YajTTpSjv1KxERCkikh9HJJ9EXInOEvWu7pL9xnnj4ccfnLv/UWOnr0pRvzSo3XBa+RIzEVHO1web3KOb3f1d6+qv9VjhJdtHmCbsbJE4OG7/DwAA//9tSfWT")
mount$afs(&(0x7f0000000040)=@cell={0x23, 'syz1:', 'syz1'}, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x1, &(0x7f00000001c0)={[{@dyn}, {}]})

1.236703942s ago: executing program 2 (id=5579):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d0301000000000095000000000000006926000000000000bf67200000000000150600000fff070067070000200000006a0200000ee60000bf250000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ff3d53010000000000840400000000000073720000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded25b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa766401047d150203b0417edef332233b081df18961d6822d133bf72a4de1c2ea17f04537fc211576846ac629d1d93265ba4580047a9dc88de358ce795731891a2031de4e09740c64e5506f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfadfe6d4421c49fb6641cbf56914e76702f673b586c767562a90a3967093b000e3806f825f1d0da2a304e06543b56d35235d78b7a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664a44e22b72e843e7cf55f394cf75d1cd3ee79a25fb98cc45b3fde43e42e150d4a2fddd9a97677400ef0bd697d135324ce480c2960344de346bd511dea4ff7a07400b2d12dd1a8c4c300aee5f948777085ca142b79dfc3aca5fadaa0532ab0572169f68584ff2ee063bc7e75ecd5cc8973464629ba236e3ff97f6033d0800000000000000cef54a60aff12590a50ef147e3e640193d00263003a4ef412420a070dd0327e47c8c7abb77b4b53874788d7e2e5d554de4713db957afb56d4673f1b904c5a317d3670003000000183fb7d36e173044f4ab34"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000400)={r0}, 0xc)

1.219857793s ago: executing program 5 (id=5581):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x2, 0x5}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0}, 0x38)

1.045219927s ago: executing program 0 (id=5582):
r0 = syz_open_dev$video4linux(&(0x7f00000000c0), 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_G_FMT(r0, 0xc0585604, &(0x7f0000000100))

960.738944ms ago: executing program 2 (id=5583):
syz_mount_image$nilfs2(&(0x7f0000000480), &(0x7f0000000f00)='./file1\x00', 0x208800, &(0x7f0000003100)=ANY=[], 0x1, 0xeec, &(0x7f0000001e40)="$eJzs3U9sHNUZAPA3a6/txCZeAwUDJaTQikDBDkmkprcgoh4Rl96D8odGMWnU0ANRIKYHRCVEkSJOFQcqLpRKKVKRQJWqqKe2p1a99YR6oVKVSkE9tJESV1m/We8+e7rrsT1r7/5+0rdv37zZ+b7xRs7MePZtAIZWrfl4+PBsFsJ7n1859trJ7NM7yx5prbGv+ZjFXiOEUG/rZ8n2vogLbt24dGKtNgsHm495Pzx/vfXayRDCYtgXroVG+Hh+4auP3n9u/ydvTtz3zsWzr2/R7rek+wEAAIPo6p8W/vbEP/741MzNq3uPhvHW8pXj9WWT8bj/QFyQL6+Fzn7WFu3GkvVGYtSS9UaS9UaTPKMF+erJduoF6411yTfStmyt/QQAAICdKD+vbYSsNtfRr9Xm5pbP++/4Ynosmzt3ZuH0hT4VCgAAAJT278vNm26FEEIIIYQQQggxwLE03e8rEAAAAMCwSecLW2Vxc2fqam2t0Vv+68/W1n49bIKq//3Lv7Pyf/iG3zgAAJQ3qEeT+X7lx9H5PAbpPIIjyevWe/xfS7Yzus46i+YV7Fiebd+3qaj+9Oe6XRXVv973sV+K6k/nw9yuiupP5+ncrorqH6+4jrKK6p+ouI6yiurfVXEdZRXVv7viOsoqqn+y4jrKKqp/quI6yiqq/66K6yirqP49FddRVlH9O+W22qL6GxXXUVZR/TMV11FWUf13V1xHWUX131NxHWUV1X9vxXX0y8OxzX8Oe5Px9vPn9Jxup5zjAQAAwLD7r/n/hBBCiFXRvA9iG9QhxGBHtg1qEEKI4YnL/b4AAQAAAPRd/rmA/APoS1E+PtJlfLR9fGJlhXy83uX1Y13Gx7uMAwAAACH89q3TD7ybrXzOf6Pz4eXzRu0Kn94OJeYxSie6W2/+jc57ttH865i3zPQJAAAAVCb73rXbTx774JWZm1f3Hm07+70dz3fzeUBH4wnrZ7Gf3xcwlfSz/Bz6aGeeWsF66fWBu4q298IGdxQAAACGWH7+3ghZba7tvLsRarW5uZXz8dlQz06fWTh1IPbz72f5w3R9/M7yZyquGwAAAOjdyvn+2uf/+ff4zoaxbO7cmYXTF5b7U63l9Vr7dYHpleVZ+3WBRrL8YMHyQ7Gff3/nD6Z3NZfPnfjhwsnN3nkAAAAYEhdevXj2xYWFUz/yxBNPPGk96fdvJgAAYLN9+eWV+o8PTf1u+fP/K/Pf5Z//3xf7jTi335/jCvl9AvnnAFZ9Xv94Z57povXOd67XSNYbiTGe1D3Rtp3QnG+w83UzRfkandsZK8g3meSbSvKl8xSMJuvn+fYky9P5CfP1ppPl6eSAo0mOLMn/aAAAAIBi86+8fH7+wqsXnz7z8osvnXrp1LlDB49898iRA89855n55n398+139wMAAAA70cpNv/2uBAAAAAAAAAAAAAAAAAAAAIZXFV8n1u99BAAAgGH3r8shhEUhhCgdS+P9r0GILjG2DWoQQgghhFiO5ne7V5+31u/rDwAAAMDwuXXj0on2dpXFbFPztbbWWG5ux7x5O/X0X2fuRL7a9WdHOl6/e1OrYdhV/e9f/p2V/8M3Njf/RP6k599/ySXjo+XyPj7/y9n2/A+O9pg/3f8XyuXfn+R/PPSWf+mDJP/xcvmfSPLv7jH/qv0/Xy7/kzH/bOzvf6zX/J3v/3hs8/3Y1WP+byf7fzL0mj/Z/0aPCRNPxfwAMIwG9QaA/CghP46ejP18f+PhZhhJXrfe4/9asp3RDVfeud38OOj+2M+Pl6aSvLn11j+ZbO+uknWm0rq2q6L6N+t93GpF9dcrrqOsovrHKq6jrKL6xyuuo6yi+icqrqOsovp7PQ/tt6L6d8p15aL6Jyuuo6yi+qcqrqOsovrX+/94vxTVv6fiOsoqqn+64jrKKqq/5GW1yhXVP1NxHWUV1X93xXWUVVT/PRXXUVZR/fdWXEe/PBTbovPh/PxzOo7l/UbSH1/jZzmo1xYAAABgp/mn+f+EEEIIIUpF836ZbVBHf6Ltbrm+1yI2I/6ztKzfdQghti6Wlvp48YG+29pPMwOwXfn9P9y8/8PN+z/cvP/8P/k9/FnSz410GR/tMl7vMj6WjKf/Xse7jN+TbHcpv64Z3dtl/Gtdxvd0Gb+/y/hsl/EHuow/2GX8oS7jAAAADIf7Yuv8EAAAAAbXa7/67O3fPH78xszNq3uPhrFV884fiP3x+Lf1t2I/nfc+V49/8/9J7P8itr+P7d+T9d1/AgAAAFsv/54Yf/8HAACAwZV/T6nzfwAAABhcM7F1/g8AAACD6+7YOv8HAACAAZZNrL04tvl1gUdj2+u8fgDA9vf12D4c272xfSS234htfhzwWGy/WVF9AMDm+fn3f3rk3Wxlvv9DyfituDxvV1lcvlKQ1Tpn8t8V292x/VaP9aTfB9Br/tyeHvNsVf7pDeYHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZHrfl4+PBsFsJ7n1859rOxt/9yZ9kjrTX2NR+z2GuEEOqt1+WjK/1fxxVv3bh0or29HdssHAxZyFrLw/PXW5kmQwiLYV+4Fhrh4/mFrz56/7n9n7w5cd87F8++voU/go79AwAAgEH0vwAAAP//cFQjcg==")
unlink(&(0x7f0000000080)='./file1\x00')

960.525974ms ago: executing program 5 (id=5584):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xc931e000)
madvise(&(0x7f00004d9000/0x4000)=nil, 0x4000, 0x3)

889.22777ms ago: executing program 0 (id=5585):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'syz_tun\x00', &(0x7f0000002fc0)=@ethtool_coalesce={0x1, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x1, 0x0, 0x0, 0x3}})

822.664675ms ago: executing program 4 (id=5586):
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCSCLOCKID(r0, 0x400445a0, &(0x7f0000000000)=0x7)

636.72559ms ago: executing program 0 (id=5587):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
fcntl$lock(r0, 0x7, &(0x7f0000000300)={0x2, 0x0, 0x7fffffffffffffff, 0xf})

578.162264ms ago: executing program 4 (id=5588):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000300000a20000000000a05000000000000000000070000000900010073797a300000000044000000090a010400000000000000000700ffff08000a40000000030900020073797a31000000000900010073797a3000000000080005400000002106000d40931000005c0000000c0a01020000000000000000070000000900020073797a31000000000900010073797a3000000000300003802c0000800400018024000b80100001800c000100"], 0xe8}, 0x1, 0x0, 0x0, 0x10}, 0x0)

492.916241ms ago: executing program 2 (id=5589):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x8}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x5, r0}, 0x38)

412.521688ms ago: executing program 0 (id=5590):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)={0x20, 0x15, 0xa, 0x201, 0x0, 0x0, {0x3}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x24040808)

274.643278ms ago: executing program 2 (id=5591):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="0c0100000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400fc0000000000000000000000000000000c00028005000100000000003c0002800c00028005000100000000002c000180140003000000000000000000000000000000000114000400fe8000000000000000000000000000aa08000740000000007800068014000500fc0200000000000000000000000000010c000380060001000000000014000400fc0200000000000000000000000000002c0003"], 0x10c}}, 0x0)

242.228751ms ago: executing program 0 (id=5592):
r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0x12, 0x80801)
ioctl$USBDEVFS_CONNECTINFO(r0, 0x8004550f, 0x0)

48.735486ms ago: executing program 0 (id=5593):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=@gettaction={0x20, 0x5a, 0x1, 0x0, 0x0, {}, [@action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1}}]}, 0x20}}, 0x0)

12.402929ms ago: executing program 4 (id=5594):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
getsockopt(r0, 0x1, 0x6, &(0x7f0000001680)=""/55, &(0x7f0000000000)=0x37)

0s ago: executing program 2 (id=5595):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x10, 0x6, 0x0, 0x1}, 0x50)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)

kernel console output (not intermixed with test programs):

1-5
[  483.879808][  T142] EXT4-fs error (device loop0): ext4_release_dquot:6974: comm kworker/u4:5: Failed to release dquot type 1
[  484.172368][T15346] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3943'.
[  484.230695][T15349] Timeout policy `syz1' can only be used by L3 protocol number 34824
[  485.562253][T15395] loop4: detected capacity change from 0 to 1764
[  485.622880][T15395] iso9660: Corrupted directory entry in block 2 of inode 1920
[  485.885884][T15406] loop2: detected capacity change from 0 to 256
[  485.931409][T15406] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  486.400838][T15424] loop4: detected capacity change from 0 to 512
[  486.418142][T15424] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  486.482056][T15427] loop2: detected capacity change from 0 to 1764
[  486.489135][T15424] EXT4-fs (loop4): 1 truncate cleaned up
[  486.498117][T15424] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  486.587700][T15427] iso9660: Corrupted directory entry in block 2 of inode 1920
[  486.637342][T15424] EXT4-fs error (device loop4): ext4_get_verity_descriptor_location:298: inode #15: comm syz.4.3991: verity file has no extents
[  486.681599][T15424] EXT4-fs (loop4): Remounting filesystem read-only
[  486.726938][T15424] fs-verity (loop4, inode 15): Error -117 getting verity descriptor size
[  486.836285][T11118] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  487.087007][T15430] loop5: detected capacity change from 0 to 32768
[  487.181791][T15430] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  487.245863][T15451] overlayfs: disabling nfs_export due to verity=require
[  487.252987][T15451] overlayfs: conflicting options: userxattr,verity=require
[  487.454915][T15430] XFS (loop5): Ending clean mount
[  487.650008][T15460] loop2: detected capacity change from 0 to 512
[  487.659154][T14490] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  487.690809][T15460] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  487.745982][T15460] ext4 filesystem being mounted at /1036/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  487.869870][ T5783] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  488.267338][T15447] loop4: detected capacity change from 0 to 32768
[  488.307927][T15447] JBD2: Ignoring recovery information on journal
[  488.489702][T15473] xt_hashlimit: max too large, truncated to 1048576
[  488.506178][T15447] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  488.725669][   T28] audit: type=1326 audit(1755613364.455:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15483 comm="syz.5.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a78d8ebe9 code=0x7ffc0000
[  488.761895][   T28] audit: type=1326 audit(1755613364.483:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15483 comm="syz.5.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a78d8ebe9 code=0x7ffc0000
[  488.826447][   T28] audit: type=1326 audit(1755613364.511:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15483 comm="syz.5.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=438 compat=0 ip=0x7f1a78d8ebe9 code=0x7ffc0000
[  488.927784][   T28] audit: type=1326 audit(1755613364.511:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15483 comm="syz.5.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a78d8ebe9 code=0x7ffc0000
[  488.961950][   T28] audit: type=1326 audit(1755613364.511:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15483 comm="syz.5.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a78d8ebe9 code=0x7ffc0000
[  489.018991][T11118] ocfs2: Unmounting device (7,4) on (node local)
[  489.398199][T15498] loop5: detected capacity change from 0 to 256
[  489.874531][T15510] netlink: 'syz.4.4016': attribute type 1 has an invalid length.
[  489.882332][T15510] netlink: 220 bytes leftover after parsing attributes in process `syz.4.4016'.
[  490.408240][   T28] audit: type=1326 audit(1755613366.017:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15528 comm="syz.4.4025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ad058ebe9 code=0x7ffc0000
[  490.467473][   T28] audit: type=1326 audit(1755613366.017:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15528 comm="syz.4.4025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ad058ebe9 code=0x7ffc0000
[  490.503414][   T28] audit: type=1326 audit(1755613366.026:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15528 comm="syz.4.4025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f4ad058ebe9 code=0x7ffc0000
[  490.581099][   T28] audit: type=1326 audit(1755613366.026:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15528 comm="syz.4.4025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ad058ebe9 code=0x7ffc0000
[  490.616253][T15531] loop4: detected capacity change from 0 to 764
[  490.622112][T15533] netlink: 'syz.2.4028': attribute type 10 has an invalid length.
[  490.622699][   T28] audit: type=1326 audit(1755613366.026:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15528 comm="syz.4.4025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ad058ebe9 code=0x7ffc0000
[  490.659079][T15533] bond0: left promiscuous mode
[  490.686190][T15533] bond_slave_0: left promiscuous mode
[  490.692000][T15533] bond_slave_1: left promiscuous mode
[  490.713726][T15533] batadv0: left promiscuous mode
[  490.724427][T15533] bond0: left allmulticast mode
[  490.735100][T15533] bond_slave_0: left allmulticast mode
[  490.756715][T15533] bond_slave_1: left allmulticast mode
[  490.787493][T15533] batadv0: left allmulticast mode
[  490.842258][T15533] 8021q: adding VLAN 0 to HW filter on device bond0
[  490.871273][T15533] bond0: entered promiscuous mode
[  490.878493][T15533] bond_slave_0: entered promiscuous mode
[  490.898321][T15533] bond_slave_1: entered promiscuous mode
[  490.912230][T15533] batadv0: entered promiscuous mode
[  490.942012][T15533] bond0: entered allmulticast mode
[  490.947564][T15533] bond_slave_0: entered allmulticast mode
[  490.964096][T15533] bond_slave_1: entered allmulticast mode
[  490.974751][T15533] batadv0: entered allmulticast mode
[  490.994812][T15533] team0: Port device bond0 added
[  491.356143][T15548] bridge1: entered promiscuous mode
[  491.649357][T15556] loop2: detected capacity change from 0 to 1024
[  491.780625][T11248] hfsplus: b-tree write err: -5, ino 4
[  492.129282][T15570] netlink: 'syz.0.4044': attribute type 1 has an invalid length.
[  492.861775][T15595] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  492.887964][T15595] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[  492.933439][T15594] loop5: detected capacity change from 0 to 1024
[  493.096218][T15602] loop0: detected capacity change from 0 to 256
[  493.221544][T15602] FAT-fs (loop0): Directory bread(block 64) failed
[  493.267324][T15602] FAT-fs (loop0): Directory bread(block 65) failed
[  493.285823][T15602] FAT-fs (loop0): Directory bread(block 66) failed
[  493.293786][T15602] FAT-fs (loop0): Directory bread(block 67) failed
[  493.315730][T15602] FAT-fs (loop0): Directory bread(block 68) failed
[  493.322345][T15602] FAT-fs (loop0): Directory bread(block 69) failed
[  493.361178][T15602] FAT-fs (loop0): Directory bread(block 70) failed
[  493.367832][T15602] FAT-fs (loop0): Directory bread(block 71) failed
[  493.400695][T11248] hfsplus: b-tree write err: -5, ino 4
[  493.433371][T15602] FAT-fs (loop0): Directory bread(block 72) failed
[  493.439981][T15602] FAT-fs (loop0): Directory bread(block 73) failed
[  493.918296][T15618] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4069'.
[  493.978518][T15620] x_tables: duplicate underflow at hook 1
[  494.716390][T15616] loop2: detected capacity change from 0 to 32768
[  494.787499][T15616] (syz.2.4067,15616,1):ocfs2_find_slot:468 ERROR: no free slots available!
[  494.873950][T15616] (syz.2.4067,15616,1):ocfs2_mount_volume:1809 ERROR: status = -22
[  494.931443][T15616] (syz.2.4067,15616,0):ocfs2_fill_super:1178 ERROR: status = -22
[  495.060209][T15616] NILFS (loop2): couldn't find nilfs on the device
[  495.198102][T15656] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  495.624609][T15668] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long
[  495.771535][T15674] qrtr: Invalid version 0
[  496.727017][T15710] loop2: detected capacity change from 0 to 16
[  496.755152][T15710] erofs: DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  496.792167][T15710] erofs: (device loop2): mounted with root inode @ nid 36.
[  496.847994][T15715] loop5: detected capacity change from 0 to 256
[  497.086872][T15720] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4119'.
[  497.570193][T15741] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  497.584436][T15741] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[  497.587246][T15737] loop5: detected capacity change from 0 to 1764
[  498.003420][T15755] vivid-000: =================  START STATUS  =================
[  498.013325][T15755] vivid-000: Test Pattern: 75% Colorbar
[  498.027126][T15755] vivid-000: Fill Percentage of Frame: 100
[  498.033539][   T27] usb 5-1: new full-speed USB device number 9 using dummy_hcd
[  498.053482][T15755] vivid-000: Horizontal Movement: No Movement
[  498.071272][T15755] vivid-000: Vertical Movement: No Movement
[  498.080319][T15755] vivid-000: OSD Text Mode: All
[  498.089586][T15755] vivid-000: Show Border: false
[  498.100404][T15755] vivid-000: Show Square: false
[  498.109915][T15755] vivid-000: Sensor Flipped Horizontally: false
[  498.120739][T15755] vivid-000: Sensor Flipped Vertically: false
[  498.131548][T15755] vivid-000: Insert SAV Code in Image: false
[  498.139298][T15755] vivid-000: Insert EAV Code in Image: false
[  498.153767][T15755] vivid-000: Insert Video Guard Band: false
[  498.163051][T15755] vivid-000: Reduced Framerate: false
[  498.169000][T15755] vivid-000: Enable Capture Cropping: true
[  498.174999][T15755] vivid-000: Enable Capture Composing: true
[  498.197210][T15755] vivid-000: Enable Capture Scaler: true
[  498.207672][T15755] vivid-000: Timestamp Source: End of Frame
[  498.220841][T15755] vivid-000: Colorspace: sRGB
[  498.226672][T15755] vivid-000: Transfer Function: Default
[  498.232957][T15755] vivid-000: Y'CbCr Encoding: Default
[  498.238478][T15755] vivid-000: HSV Encoding: Hue 0-179
[  498.244962][T15755] vivid-000: Quantization: Default
[  498.250201][T15755] vivid-000: Apply Alpha To Red Only: false
[  498.258482][   T27] usb 5-1: config index 0 descriptor too short (expected 69, got 36)
[  498.266937][   T27] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  498.277610][T15762] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4139'.
[  498.289384][T15755] vivid-000: Standard Aspect Ratio: 4x3
[  498.295075][T15755] vivid-000: DV Timings Signal Mode: Current DV Timings inactive
[  498.306994][   T27] usb 5-1: New USB device found, idVendor=093a, idProduct=2622, bcdDevice=b7.89
[  498.316666][   T27] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  498.318137][T15755] vivid-000: DV Timings: 640x480p59 inactive
[  498.348895][   T27] usb 5-1: Product: syz
[  498.350529][T15755] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[  498.358400][   T27] usb 5-1: Manufacturer: syz
[  498.371359][T15755] vivid-000: Maximum EDID Blocks: 2
[  498.376186][   T27] usb 5-1: SerialNumber: syz
[  498.383776][T15755] vivid-000: Limited RGB Range (16-235): false
[  498.402013][T15755] vivid-000: Rx RGB Quantization Range: Automatic
[  498.402624][   T27] usb 5-1: config 0 descriptor??
[  498.413207][T15755] vivid-000: Power Present: 0x00000001
[  498.445243][   T27] gspca_main: gspca_pac7302-2.14.0 probing 093a:2622
[  498.446166][T15755] tpg source WxH: 320x180 (Y'CbCr)
[  498.477175][T15755] tpg field: 1
[  498.497694][T15755] tpg crop: 320x180@0x0
[  498.507002][T15755] tpg compose: 320x180@0x0
[  498.513383][T15755] tpg colorspace: 8
[  498.517306][T15755] tpg transfer function: 0/0
[  498.540618][T15755] tpg Y'CbCr encoding: 0/0
[  498.556923][T15755] tpg quantization: 0/0
[  498.564253][T15755] tpg RGB range: 0/2
[  498.571858][T15755] vivid-000: ==================  END STATUS  ==================
[  498.917522][   T27] gspca_pac7302: reg_w() failed i: 78 v: 00 error -71
[  498.925430][   T27] gspca_pac7302: probe of 5-1:0.0 failed with error -71
[  498.942546][T15760] loop2: detected capacity change from 0 to 40427
[  498.949911][   T27] usb 5-1: USB disconnect, device number 9
[  498.970346][T15760] F2FS-fs (loop2): Corrupted extension count (64 + 1 > 64)
[  498.981274][T15760] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  499.108906][T15760] F2FS-fs (loop2): Found nat_bits in checkpoint
[  499.260508][T15760] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  499.290825][T15760] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  499.697492][T15789] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4150'.
[  499.735796][T15789] netlink: 92 bytes leftover after parsing attributes in process `syz.5.4150'.
[  499.766219][T15791] nvme_fabrics: unknown parameter or missing value 'V' in ctrl creation request
[  499.944385][   T28] kauditd_printk_skb: 1 callbacks suppressed
[  499.944401][   T28] audit: type=1326 audit(1755613374.952:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15794 comm="syz.5.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a78d8ebe9 code=0x7ffc0000
[  500.032469][   T28] audit: type=1326 audit(1755613374.980:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15794 comm="syz.5.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a78d8ebe9 code=0x7ffc0000
[  500.062123][   T28] audit: type=1326 audit(1755613374.998:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15794 comm="syz.5.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f1a78d8ebe9 code=0x7ffc0000
[  500.124384][   T28] audit: type=1326 audit(1755613374.998:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15794 comm="syz.5.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a78d8ebe9 code=0x7ffc0000
[  500.196351][   T28] audit: type=1326 audit(1755613374.998:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15794 comm="syz.5.4154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a78d8ebe9 code=0x7ffc0000
[  500.316913][ T5863] usb 5-1: new low-speed USB device number 10 using dummy_hcd
[  500.542907][ T5863] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  500.582751][ T5863] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  500.611692][ T5863] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8
[  500.634370][ T5863] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  500.649043][ T5863] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  500.673487][T15797] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  500.693448][ T5863] hub 5-1:1.0: bad descriptor, ignoring hub
[  500.699463][ T5863] hub: probe of 5-1:1.0 failed with error -5
[  500.745560][ T5863] cdc_wdm 5-1:1.0: skipping garbage
[  500.761809][ T5863] cdc_wdm 5-1:1.0: skipping garbage
[  500.779075][ T5863] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  500.808376][ T5863] cdc_wdm 5-1:1.0: Unknown control protocol
[  501.114511][ T5863] usb 5-1: USB disconnect, device number 10
[  501.554739][T15845] sock: sock_timestamping_bind_phc: sock not bind to device
[  502.147216][T15861] loop5: detected capacity change from 0 to 4096
[  502.337118][   T27] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  502.574056][   T27] usb 3-1: config index 0 descriptor too short (expected 3133, got 61)
[  502.582438][   T27] usb 3-1: config 0 has an invalid interface number: 156 but max is 1
[  502.613684][T15852] loop4: detected capacity change from 0 to 32768
[  502.620383][   T27] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  502.641456][   T27] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2
[  502.656739][T15852] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 scanned by syz.4.4176 (15852)
[  502.678848][   T27] usb 3-1: config 0 has no interface number 0
[  502.685044][   T27] usb 3-1: config 0 interface 156 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  502.696211][   T27] usb 3-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  502.709200][T15852] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  502.730920][   T27] usb 3-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  502.753886][   T27] usb 3-1: config 0 interface 156 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  502.767385][T15852] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm
[  502.785964][   T27] usb 3-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  502.795660][   T27] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  502.804073][T15852] BTRFS info (device loop4): force zlib compression, level 3
[  502.812555][T15852] BTRFS info (device loop4): force clearing of disk cache
[  502.827096][   T27] usb 3-1: config 0 descriptor??
[  502.839250][T15852] BTRFS info (device loop4): setting nodatasum
[  502.845522][T15852] BTRFS info (device loop4): allowing degraded mounts
[  502.860592][T15852] BTRFS info (device loop4): enabling disk space caching
[  502.867886][T15852] BTRFS info (device loop4): disk space caching is enabled
[  502.871649][    T9] usb 6-1: new low-speed USB device number 2 using dummy_hcd
[  502.885629][   T27] gspca_main: spca561-2.14.0 probing abcd:cdee
[  503.001800][T15852] BTRFS info (device loop4): auto enabling async discard
[  503.017672][T15852] BTRFS info (device loop4): rebuilding free space tree
[  503.112392][   T27] spca561: probe of 3-1:0.156 failed with error -22
[  503.122974][T15852] BTRFS info (device loop4): disabling free space tree
[  503.123129][    T9] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  503.131458][   T27] usb 3-1: Quirk or no altest; falling back to MIDI 1.0
[  503.165032][T15852] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  503.174161][    T9] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  503.182646][   T27] usb 3-1: MIDIStreaming interface descriptor not found
[  503.195917][    T9] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8
[  503.199948][T15852] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  503.221366][    T9] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  503.293796][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  503.304338][   T27] usb 3-1: USB disconnect, device number 20
[  503.427405][T15868] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  503.439570][    T9] hub 6-1:1.0: bad descriptor, ignoring hub
[  503.467515][    T9] hub: probe of 6-1:1.0 failed with error -5
[  503.489747][    T9] cdc_wdm 6-1:1.0: skipping garbage
[  503.496327][T15852] BTRFS error (device loop4): balance: invalid convert metadata profile raid0
[  503.526780][    T9] cdc_wdm 6-1:1.0: skipping garbage
[  503.572659][    T9] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  503.595230][    T9] cdc_wdm 6-1:1.0: Unknown control protocol
[  503.683741][T11118] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  503.965292][ T5863] usb 6-1: USB disconnect, device number 2
[  504.592867][T15920] loop0: detected capacity change from 0 to 512
[  504.600245][T15920] ext4: Unknown parameter '.'
[  504.694588][T15901] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  504.910307][T15931] netlink: 'syz.4.4204': attribute type 32 has an invalid length.
[  505.285595][T15944] loop5: detected capacity change from 0 to 512
[  505.318107][T15944] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  505.378724][T15944] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  505.430584][T15944] ext4 filesystem being mounted at /159/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  505.587278][T15944] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  505.633280][T15944] Quota error (device loop5): write_blk: dquota write failed
[  505.643036][T15944] Quota error (device loop5): qtree_write_dquot: Error -28 occurred while creating quota
[  505.693567][T15944] EXT4-fs error (device loop5): ext4_acquire_dquot:6938: comm syz.5.4210: Failed to acquire dquot type 0
[  505.901220][T14490] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  506.076066][T15970] loop4: detected capacity change from 0 to 64
[  506.197137][T15966] loop0: detected capacity change from 0 to 4096
[  506.255631][T15966] ntfs: (device loop0): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match.  Run ntfsfix or chkdsk.
[  506.305921][T15966] ntfs: (device loop0): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  506.378615][T15966] ntfs: (device loop0): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn.
[  506.430611][T15966] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  506.453218][T15980] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4227'.
[  506.481596][T15966] ntfs: (device loop0): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  506.546609][T15966] ntfs: volume version 3.1.
[  506.575863][T15966] ntfs: (device loop0): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty.
[  506.603478][T15966] ntfs: (device loop0): load_system_files(): Failed to load $LogFile.  Will not be able to remount read-write.  Mount in Windows.
[  506.678510][T15966] ntfs: (device loop0): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5.
[  507.139230][T16001] binder: 16000:16001 unknown command 0
[  507.155772][T16001] binder: 16000:16001 ioctl c0306201 200000000480 returned -22
[  507.476051][T16011] netdevsim netdevsim4: Firmware load for '..' refused, path contains '..' component
[  507.617259][T16013] netlink: 216 bytes leftover after parsing attributes in process `syz.5.4243'.
[  507.902452][T15999] loop0: detected capacity change from 0 to 32768
[  507.920266][T15999] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz.0.4233 (15999)
[  507.953146][T15999] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  507.972684][T15999] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[  508.002175][T15999] BTRFS info (device loop0): force zlib compression, level 3
[  508.022410][T15999] BTRFS info (device loop0): force clearing of disk cache
[  508.030249][    T9] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  508.045797][T15999] BTRFS info (device loop0): setting nodatasum
[  508.056454][T15999] BTRFS info (device loop0): allowing degraded mounts
[  508.074469][T15999] BTRFS info (device loop0): enabling disk space caching
[  508.084963][T15999] BTRFS info (device loop0): disk space caching is enabled
[  508.225239][T15999] BTRFS info (device loop0): auto enabling async discard
[  508.239571][T15999] BTRFS info (device loop0): rebuilding free space tree
[  508.268381][    T9] usb 5-1: config index 0 descriptor too short (expected 3133, got 61)
[  508.292857][    T9] usb 5-1: config 0 has an invalid interface number: 156 but max is 1
[  508.343826][    T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  508.366864][    T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[  508.386671][    T9] usb 5-1: config 0 has no interface number 0
[  508.388807][T15999] BTRFS info (device loop0): disabling free space tree
[  508.406514][    T9] usb 5-1: config 0 interface 156 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  508.408909][T15999] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  508.426509][T15999] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  508.436946][    T9] usb 5-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  508.472120][    T9] usb 5-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  508.483186][  T786] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[  508.524330][T15999] BTRFS error (device loop0): balance: invalid convert metadata profile raid0
[  508.525395][    T9] usb 5-1: config 0 interface 156 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  508.568883][    T9] usb 5-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  508.578072][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  508.590048][    T9] usb 5-1: config 0 descriptor??
[  508.598987][    T9] gspca_main: spca561-2.14.0 probing abcd:cdee
[  508.609160][ T5780] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  508.751477][  T786] usb 6-1: config 0 has an invalid interface number: 176 but max is 2
[  508.760075][  T786] usb 6-1: config 0 has no interface number 1
[  508.770834][  T786] usb 6-1: New USB device found, idVendor=05c6, idProduct=9205, bcdDevice=29.ac
[  508.789092][T15901] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 11 /dev/loop0 scanned by udevd (15901)
[  508.834389][  T786] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  508.842773][    T9] spca561: probe of 5-1:0.156 failed with error -22
[  508.858111][    T9] usb 5-1: Quirk or no altest; falling back to MIDI 1.0
[  508.865151][    T9] usb 5-1: MIDIStreaming interface descriptor not found
[  508.881448][  T786] usb 6-1: config 0 descriptor??
[  509.034248][    T9] usb 5-1: USB disconnect, device number 11
[  509.156549][  T786] qcserial 6-1:0.2: Qualcomm USB modem converter detected
[  509.441735][ T5868] usb 6-1: USB disconnect, device number 3
[  509.451551][ T5868] qcserial 6-1:0.2: device disconnected
[  509.516439][T16065] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4259'.
[  510.073168][T16077] loop0: detected capacity change from 0 to 4096
[  510.173130][T16077] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  510.254411][T16077] ntfs3: loop0: Failed to load $Extend (-22).
[  510.259407][T16085] loop2: detected capacity change from 0 to 256
[  510.290521][T16077] ntfs3: loop0: Failed to initialize $Extend.
[  510.691615][T16095] mmap: syz.4.4272 (16095) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  510.889301][T16100] trusted_key: encrypted_key: master key parameter 'user:' is invalid
[  511.289850][T16115] loop2: detected capacity change from 0 to 64
[  511.305736][T16113] loop0: detected capacity change from 0 to 2048
[  511.312234][T16115] MINIX-fs: mounting unchecked file system, running fsck is recommended
[  511.352415][T16117] sctp: [Deprecated]: syz.4.4285 (pid 16117) Use of int in maxseg socket option.
[  511.352415][T16117] Use struct sctp_assoc_value instead
[  511.454283][T16113] NILFS error (device loop0): nilfs_check_page: bad entry in directory #2: unaligned directory entry - offset=0, inode=2, rec_len=59, name_len=1
[  511.970509][T16135] netlink: 228 bytes leftover after parsing attributes in process `syz.0.4294'.
[  512.265216][T16147] xt_hashlimit: overflow, try lower: 6/0
[  512.710406][T16155] loop2: detected capacity change from 0 to 4096
[  512.796587][T16155] ntfs: volume version 3.1.
[  512.818919][T16167] loop5: detected capacity change from 0 to 64
[  512.826356][T16155] __ntfs_error: 8 callbacks suppressed
[  512.826372][T16155] ntfs: (device loop2): ntfs_lookup_inode_by_name(): Corrupt directory.  Aborting lookup.
[  512.847270][T16155] ntfs: (device loop2): load_and_init_quota(): Failed to find inode number for $Quota.
[  512.876098][T16155] ntfs: (device loop2): load_system_files(): Failed to load $Quota.  Mounting read-only.  Run chkdsk.
[  512.950027][T16155] ntfs: (device loop2): ntfs_lookup_inode_by_name(): Corrupt directory.  Aborting lookup.
[  512.978776][T16155] ntfs: (device loop2): load_and_init_usnjrnl(): Failed to find inode number for $UsnJrnl.
[  513.003334][T16155] ntfs: (device loop2): load_system_files(): Failed to load $UsnJrnl.  Will not be able to remount read-write.  Run chkdsk.
[  513.184854][T16175] kAFS: unparsable volume name
[  513.393692][T16179] loop5: detected capacity change from 0 to 256
[  513.437796][T16179] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  513.943909][T16198] loop0: detected capacity change from 0 to 512
[  514.075861][T16198] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  514.105408][T16198] ext4 filesystem being mounted at /1071/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  514.295253][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  515.077930][T16205] loop5: detected capacity change from 0 to 32768
[  515.101075][T16205] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.4327 (16205)
[  515.143755][T16205] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  515.174487][T16205] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  515.200657][T16205] BTRFS info (device loop5): force clearing of disk cache
[  515.224817][T16205] BTRFS info (device loop5): force zlib compression, level 3
[  515.261432][T16205] BTRFS info (device loop5): enabling auto defrag
[  515.281384][T16205] BTRFS info (device loop5): max_inline at 0
[  515.287476][T16205] BTRFS info (device loop5): using free space tree
[  515.483621][T16205] BTRFS info (device loop5): enabling ssd optimizations
[  515.504219][T16222] loop2: detected capacity change from 0 to 32768
[  515.527642][T16205] BTRFS info (device loop5): auto enabling async discard
[  515.579739][T16205] BTRFS info (device loop5): rebuilding free space tree
[  515.587317][T16222] JBD2: Ignoring recovery information on journal
[  515.809759][T16222] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  516.027298][T14490] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  516.125317][T16266] wg1 speed is unknown, defaulting to 1000
[  516.160650][T16266] wg1 speed is unknown, defaulting to 1000
[  516.202218][ T5783] ocfs2: Unmounting device (7,2) on (node local)
[  516.219212][T16266] wg1 speed is unknown, defaulting to 1000
[  516.340819][T16266] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  516.424119][T16266] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  516.600623][T16275] netlink: 1088 bytes leftover after parsing attributes in process `syz.5.4354'.
[  516.702579][T16266] wg1 speed is unknown, defaulting to 1000
[  516.737605][T16266] wg1 speed is unknown, defaulting to 1000
[  516.782176][T16266] wg1 speed is unknown, defaulting to 1000
[  516.844817][T16266] wg1 speed is unknown, defaulting to 1000
[  516.888553][T16266] wg1 speed is unknown, defaulting to 1000
[  518.186166][T16330] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[  518.267004][T16333] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4381'.
[  518.461469][T16336] loop4: detected capacity change from 0 to 4096
[  518.535623][T16336] ntfs: volume version 3.1.
[  518.548364][T16336] ntfs: (device loop4): ntfs_lookup_inode_by_name(): Corrupt directory.  Aborting lookup.
[  518.581572][T16336] ntfs: (device loop4): load_and_init_quota(): Failed to find inode number for $Quota.
[  518.619814][T16336] ntfs: (device loop4): load_system_files(): Failed to load $Quota.  Mounting read-only.  Run chkdsk.
[  518.647444][T16336] ntfs: (device loop4): ntfs_lookup_inode_by_name(): Corrupt directory.  Aborting lookup.
[  518.676254][T16336] ntfs: (device loop4): load_and_init_usnjrnl(): Failed to find inode number for $UsnJrnl.
[  518.755507][T16336] ntfs: (device loop4): load_system_files(): Failed to load $UsnJrnl.  Will not be able to remount read-write.  Run chkdsk.
[  518.835907][T16346] mac80211_hwsim hwsim6 wlan0: entered promiscuous mode
[  518.869067][T16346] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  519.379386][T16367] loop5: detected capacity change from 0 to 256
[  519.573618][T16371] siw: device registration error -23
[  519.674061][  T786] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  519.890108][  T786] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  519.936915][  T786] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  519.952781][  T786] usb 3-1: config 1 has no interface number 0
[  519.959045][  T786] usb 3-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  519.993891][  T786] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  520.018031][  T786] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  520.023920][T16362] loop4: detected capacity change from 0 to 32768
[  520.026074][  T786] usb 3-1: Product: syz
[  520.059690][T16362] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.4394 (16362)
[  520.063241][  T786] usb 3-1: Manufacturer: syz
[  520.106545][T16362] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  520.115650][  T786] usb 3-1: SerialNumber: syz
[  520.137759][  T786] usb 3-1: selecting invalid altsetting 1
[  520.144428][T16362] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  520.160740][T16362] BTRFS info (device loop4): force clearing of disk cache
[  520.172307][T16362] BTRFS info (device loop4): force zlib compression, level 3
[  520.181496][T16362] BTRFS info (device loop4): enabling auto defrag
[  520.189580][T16362] BTRFS info (device loop4): max_inline at 0
[  520.196545][T16362] BTRFS info (device loop4): using free space tree
[  520.341256][T16362] BTRFS info (device loop4): enabling ssd optimizations
[  520.365760][T16362] BTRFS info (device loop4): auto enabling async discard
[  520.386993][T16362] BTRFS info (device loop4): rebuilding free space tree
[  520.615870][  T786] cdc_ncm 3-1:1.1: failed GET_NTB_PARAMETERS
[  520.621979][  T786] cdc_ncm 3-1:1.1: bind() failure
[  520.662367][  T786] usb 3-1: USB disconnect, device number 21
[  520.728607][T16410] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4410'.
[  520.753671][T11118] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  520.939586][T15901] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 10 /dev/loop4 scanned by udevd (15901)
[  521.378910][T16425] loop0: detected capacity change from 0 to 512
[  521.470502][T16425] EXT4-fs (loop0): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  521.576638][  T786] usb 5-1: new full-speed USB device number 12 using dummy_hcd
[  521.610830][T16434] overlayfs: conflicting options: nfs_export=on,index=off
[  521.760252][ T5780] EXT4-fs (loop0): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  521.796323][  T786] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  521.834087][  T786] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[  521.865712][T16438] netlink: 'syz.5.4423': attribute type 1 has an invalid length.
[  521.886011][  T786] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  521.909026][  T786] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  521.973330][  T786] usb 5-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  522.014148][  T786] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  522.056486][  T786] usb 5-1: config 0 descriptor??
[  522.081147][  T786] gspca_main: spca561-2.14.0 probing abcd:cdee
[  522.308521][  T786] spca561: probe of 5-1:0.0 failed with error -22
[  522.323479][  T786] usb 5-1: Quirk or no altest; falling back to MIDI 1.0
[  522.341558][  T786] usb 5-1: MIDIStreaming interface descriptor not found
[  522.350507][T16452] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4430'.
[  522.520529][  T786] snd-usb-audio: probe of 5-1:0.0 failed with error -12
[  522.554315][  T786] usb 5-1: USB disconnect, device number 12
[  522.661110][   T27] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  522.860607][T16448] loop0: detected capacity change from 0 to 32768
[  522.880536][   T27] usb 6-1: Using ep0 maxpacket: 32
[  522.900179][   T27] usb 6-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  522.920262][   T27] usb 6-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  522.936408][   T27] usb 6-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  522.955942][   T27] usb 6-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  522.968188][   T27] usb 6-1: Product: syz
[  522.972398][   T27] usb 6-1: Manufacturer: syz
[  522.978386][T16448] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  523.004201][   T27] hub 6-1:4.0: USB hub found
[  523.210759][T16448] OCFS2: ERROR (device loop0): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #2304 has bad signature 
[  523.257368][T16448] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  523.265399][   T27] hub 6-1:4.0: 1 port detected
[  523.294587][T16448] OCFS2: File system is now read-only.
[  523.305112][T16448] (syz.0.4427,16448,0):ocfs2_search_chain:1785 ERROR: status = -30
[  523.337472][T16448] (syz.0.4427,16448,0):ocfs2_search_chain:1871 ERROR: status = -30
[  523.389779][T16448] (syz.0.4427,16448,0):ocfs2_claim_suballoc_bits:1940 ERROR: status = -30
[  523.421991][T16448] (syz.0.4427,16448,0):ocfs2_claim_suballoc_bits:1983 ERROR: status = -30
[  523.444811][T16448] (syz.0.4427,16448,0):__ocfs2_claim_clusters:2355 ERROR: status = -30
[  523.476079][T16448] (syz.0.4427,16448,0):__ocfs2_claim_clusters:2363 ERROR: status = -30
[  523.483038][   T27] hub 6-1:4.0: hub_hub_status failed (err = -71)
[  523.496082][T16448] (syz.0.4427,16448,0):ocfs2_local_alloc_new_window:1203 ERROR: status = -30
[  523.497292][   T27] hub 6-1:4.0: config failed, can't get hub status (err -71)
[  523.510904][T16448] (syz.0.4427,16448,0):ocfs2_local_alloc_new_window:1228 ERROR: status = -30
[  523.528557][T16448] (syz.0.4427,16448,0):ocfs2_local_alloc_slide_window:1302 ERROR: status = -30
[  523.565323][T16448] (syz.0.4427,16448,0):ocfs2_local_alloc_slide_window:1321 ERROR: status = -30
[  523.575000][T16448] (syz.0.4427,16448,0):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -30
[  523.577319][   T27] usb 6-1: USB disconnect, device number 4
[  523.607191][T16448] (syz.0.4427,16448,0):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -30
[  523.643769][T16448] (syz.0.4427,16448,0):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -30
[  523.669532][T16448] (syz.0.4427,16448,0):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -30
[  523.700726][T16448] (syz.0.4427,16448,0):ocfs2_expand_inline_dir:2858 ERROR: status = -30
[  523.712542][T16475] netlink: 72 bytes leftover after parsing attributes in process `syz.2.4440'.
[  523.728860][T16448] (syz.0.4427,16448,0):ocfs2_extend_dir:3205 ERROR: status = -30
[  523.738303][T16475] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4440'.
[  523.747761][T16448] (syz.0.4427,16448,0):ocfs2_prepare_dir_for_insert:4326 ERROR: status = -30
[  523.763296][T16448] (syz.0.4427,16448,0):ocfs2_mknod:298 ERROR: status = -30
[  523.770940][T16475] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4440'.
[  523.794800][T16448] (syz.0.4427,16448,0):ocfs2_mknod:502 ERROR: status = -30
[  523.802597][T16448] (syz.0.4427,16448,0):ocfs2_mkdir:659 ERROR: status = -30
[  523.997141][ T5780] (syz-executor,5780,1):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 72
[  524.054905][ T5780] ocfs2: Unmounting device (7,0) on (node local)
[  524.180435][T16489] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4447'.
[  524.211852][T16489] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4447'.
[  524.237134][T16489] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4447'.
[  524.318181][T16491] loop4: detected capacity change from 0 to 64
[  525.327465][T16497] loop0: detected capacity change from 0 to 32768
[  525.394720][T16497] JBD2: Ignoring recovery information on journal
[  525.447772][T16497] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  525.665562][ T5780] ocfs2: Unmounting device (7,0) on (node local)
[  526.057074][T16511] loop2: detected capacity change from 0 to 32768
[  526.071961][T16509] mac80211_hwsim hwsim10 wlan0: entered promiscuous mode
[  526.085598][T16511] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  526.097627][T16509] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  526.119463][T16511] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  526.138399][T16511] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[  526.213188][ T5845] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  526.227229][ T5845] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  526.430112][ T5845] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 189ms
[  526.475693][ T5845] gfs2: fsid=syz:syz.0: jid=0: Done
[  526.491873][T16511] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  526.630748][T16511] gfs2: fsid=syz:syz.0: gfs2_check_dirent: gfs2_dirent too small (not first in block)
[  526.657462][T16511] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[  526.657462][T16511]   inode = 12 2341
[  526.657462][T16511]   function = gfs2_dirent_scan, file = fs/gfs2/dir.c, line = 602
[  526.731562][T16511] gfs2: fsid=syz:syz.0: G:  s:SH n:2/925 f:qob t:SH d:EX/0 a:0 v:0 r:3 m:20 p:1
[  526.751828][T16511] gfs2: fsid=syz:syz.0:  H: s:SH f:H e:0 p:16511 [syz.2.4458] __gfs2_lookup+0x90/0x270
[  526.776424][T16511] gfs2: fsid=syz:syz.0:  I: n:12/2341 t:4 f:0x00 d:0x00000001 s:3864 p:0
[  526.827340][T16511] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  526.890161][T16511] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  526.915800][T16511] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  526.938681][T16511] gfs2: fsid=syz:syz.0: File system withdrawn
[  526.961370][T16511] CPU: 0 PID: 16511 Comm: syz.2.4458 Not tainted 6.6.102-syzkaller #0
[  526.969597][T16511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  526.979779][T16511] Call Trace:
[  526.983084][T16511]  <TASK>
[  526.986042][T16511]  dump_stack_lvl+0x16c/0x230
[  526.990761][T16511]  ? kobject_uevent_env+0x363/0x8c0
[  526.996006][T16511]  ? show_regs_print_info+0x20/0x20
[  527.001248][T16511]  ? load_image+0x3b0/0x3b0
[  527.005810][T16511]  ? kobject_uevent_env+0x363/0x8c0
[  527.011064][T16511]  gfs2_withdraw+0xe50/0x13b0
[  527.015790][T16511]  ? gfs2_lm+0x220/0x220
[  527.020072][T16511]  ? load_image+0x3b0/0x3b0
[  527.024615][T16511]  ? gfs2_consist_inode_i+0xf5/0x110
[  527.029916][T16511]  gfs2_dirent_scan+0x525/0x650
[  527.034776][T16511]  ? gfs2_dirent_search+0x7e0/0x7e0
[  527.039985][T16511]  ? gfs2_dirent_search+0x7e0/0x7e0
[  527.045189][T16511]  gfs2_dirent_search+0x2e1/0x7e0
[  527.050220][T16511]  ? gfs2_permission+0x370/0x430
[  527.055168][T16511]  ? __might_sleep+0xe0/0xe0
[  527.059769][T16511]  ? gfs2_dir_search+0x220/0x220
[  527.064711][T16511]  ? gfs2_lookupi+0x5a0/0x5a0
[  527.069398][T16511]  ? do_raw_spin_lock+0x121/0x2c0
[  527.074443][T16511]  gfs2_dir_search+0x4d/0x220
[  527.079134][T16511]  gfs2_lookupi+0x3d9/0x5a0
[  527.083653][T16511]  ? gfs2_lookup_meta+0x170/0x170
[  527.088693][T16511]  ? __gfs2_lookup+0x90/0x270
[  527.093401][T16511]  __gfs2_lookup+0x90/0x270
[  527.097915][T16511]  ? __lock_acquire+0x7c80/0x7c80
[  527.102947][T16511]  ? gfs2_atomic_open+0x220/0x220
[  527.107985][T16511]  ? do_raw_spin_unlock+0x121/0x230
[  527.113200][T16511]  ? _raw_spin_unlock+0x28/0x40
[  527.118067][T16511]  ? d_alloc+0x173/0x1b0
[  527.122330][T16511]  lookup_one_qstr_excl+0x112/0x250
[  527.127635][T16511]  filename_create+0x222/0x460
[  527.132418][T16511]  ? kern_path_create+0x50/0x50
[  527.137314][T16511]  ? __virt_addr_valid+0x469/0x540
[  527.142445][T16511]  do_mkdirat+0xa1/0x440
[  527.146696][T16511]  ? vfs_mkdir+0x440/0x440
[  527.151114][T16511]  ? getname_flags+0x20a/0x500
[  527.155892][T16511]  __x64_sys_mkdir+0x6e/0x80
[  527.160498][T16511]  do_syscall_64+0x55/0xb0
[  527.164925][T16511]  ? clear_bhb_loop+0x40/0x90
[  527.169608][T16511]  ? clear_bhb_loop+0x40/0x90
[  527.174293][T16511]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  527.180203][T16511] RIP: 0033:0x7f07ee78ebe9
[  527.184627][T16511] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  527.204258][T16511] RSP: 002b:00007f07ef515038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  527.212696][T16511] RAX: ffffffffffffffda RBX: 00007f07ee9b5fa0 RCX: 00007f07ee78ebe9
[  527.220683][T16511] RDX: 0000000000000000 RSI: 00000000000001ad RDI: 0000200000000180
[  527.228664][T16511] RBP: 00007f07ee811e19 R08: 0000000000000000 R09: 0000000000000000
[  527.236642][T16511] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  527.244621][T16511] R13: 00007f07ee9b6038 R14: 00007f07ee9b5fa0 R15: 00007ffecb6c1628
[  527.252614][T16511]  </TASK>
[  527.374584][T16540] kernel read not supported for file / 
œÏüÔ¢W)ëS“§Ç-ë (pid: 16540 comm: syz.4.4470)
[  527.423328][   T28] audit: type=1800 audit(1755613400.652:124): pid=16540 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.4470" name=20019CCFFCD4A25729EB5393A7C72DEB dev="mqueue" ino=38958 res=0 errno=0
[  527.445530][    C1] vkms_vblank_simulate: vblank timer overrun
[  527.770307][T16554] netlink: 'syz.5.4478': attribute type 1 has an invalid length.
[  528.173155][T16562] loop2: detected capacity change from 0 to 2048
[  528.198338][T16562] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  528.310503][T16569] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  528.384959][T16575] netlink: 'syz.0.4487': attribute type 32 has an invalid length.
[  528.643313][T16583] loop2: detected capacity change from 0 to 64
[  528.781715][T16583] Trying to free block not in datazone
[  528.787774][T16583] Trying to free block not in datazone
[  529.225035][T16597] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4498'.
[  529.232858][T16599] loop4: detected capacity change from 0 to 256
[  529.317774][T16599] FAT-fs (loop4): Directory bread(block 64) failed
[  529.336796][T16599] FAT-fs (loop4): Directory bread(block 65) failed
[  529.373037][T16599] FAT-fs (loop4): Directory bread(block 66) failed
[  529.384207][T16599] FAT-fs (loop4): Directory bread(block 67) failed
[  529.404677][T16599] FAT-fs (loop4): Directory bread(block 68) failed
[  529.428815][T16599] FAT-fs (loop4): Directory bread(block 69) failed
[  529.445583][T16599] FAT-fs (loop4): Directory bread(block 70) failed
[  529.460681][T16599] FAT-fs (loop4): Directory bread(block 71) failed
[  529.473968][T16599] FAT-fs (loop4): Directory bread(block 72) failed
[  529.490576][T16599] FAT-fs (loop4): Directory bread(block 73) failed
[  529.758076][T16587] loop5: detected capacity change from 0 to 32768
[  529.784869][T16587] 
[  529.784869][T16587]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  529.784869][T16587] 
[  529.873245][T16587] JFS: metapage_get_blocks failed
[  529.905951][T16587] ERROR: (device loop5): release_metapage: metapage_write_one() failed
[  529.905951][T16587] 
[  529.951103][T16587] ERROR: (device loop5): diWrite: ixpxd invalid
[  529.951103][T16587] 
[  529.999465][T16587] ERROR: (device loop5): txCommit: 
[  529.999465][T16587] 
[  530.040921][T16609] loop4: detected capacity change from 0 to 64
[  530.084124][T14490] 
[  530.084124][T14490]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  530.084124][T14490] 
[  530.130127][T14490] 
[  530.130127][T14490]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  530.130127][T14490] 
[  530.134248][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  530.147113][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  530.784629][T16627] loop2: detected capacity change from 0 to 512
[  530.895261][T16627] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  530.934745][T16627] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[  530.943313][T16627] System zones: 0-1, 15-15, 18-18, 34-34
[  530.949398][T16627] EXT4-fs (loop2): orphan cleanup on readonly fs
[  530.956551][T16627] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0
[  530.966089][T16627] EXT4-fs warning (device loop2): ext4_enable_quotas:7173: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  530.982536][T16627] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  530.991286][T16627] EXT4-fs (loop2): 1 truncate cleaned up
[  530.998446][T16627] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  531.059124][T16627] fscrypt (loop2, inode 16): Error -61 getting encryption context
[  531.166216][ T5783] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  531.746865][T16653] comedi comedi4: comedi_config --init_data is deprecated
[  531.780556][T16630] loop5: detected capacity change from 0 to 32768
[  531.794107][T16655] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4526'.
[  531.827590][T16655] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4526'.
[  531.859104][T16655] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4526'.
[  531.864170][T16657] loop0: detected capacity change from 0 to 16
[  531.937324][T16657] erofs: (device loop0): mounted with root inode @ nid 36.
[  532.313938][T16667] loop0: detected capacity change from 0 to 256
[  532.456659][T16667] FAT-fs (loop0): Directory bread(block 64) failed
[  532.464853][T16667] FAT-fs (loop0): Directory bread(block 65) failed
[  532.473997][T16667] FAT-fs (loop0): Directory bread(block 66) failed
[  532.496264][T16667] FAT-fs (loop0): Directory bread(block 67) failed
[  532.503824][T16667] FAT-fs (loop0): Directory bread(block 68) failed
[  532.510401][T16667] FAT-fs (loop0): Directory bread(block 69) failed
[  532.527587][T16673] loop4: detected capacity change from 0 to 1024
[  532.536064][T16667] FAT-fs (loop0): Directory bread(block 70) failed
[  532.542683][T16667] FAT-fs (loop0): Directory bread(block 71) failed
[  532.559825][T16667] FAT-fs (loop0): Directory bread(block 72) failed
[  532.570211][T16667] FAT-fs (loop0): Directory bread(block 73) failed
[  532.659667][T16673] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  532.748049][T16673] ext4 filesystem being mounted at /552/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  532.864694][T16673] cifs: Unknown parameter 'no'‘a�£Nð[G¶zob,erèèµ;%j¸¼
[  532.864694][T16673] ‡üzæ,€@q¬Ú÷ôÐåéJ#³"ŽÚh/.�W1ȱ¨nNCº"†CÙ׈¡E)Ð8+€î¶á÷™¿1®ðÚ<“™+`# ÷Ž¢k²–'
[  532.962251][T11118] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  533.033922][T16684] netlink: 'syz.2.4541': attribute type 1 has an invalid length.
[  533.427082][T16699] loop5: detected capacity change from 0 to 256
[  533.440359][T16699] exfat: Deprecated parameter 'utf8'
[  533.487737][T16699] exfat: Deprecated parameter 'namecase'
[  533.493816][T16699] exfat: Deprecated parameter 'utf8'
[  533.563005][T16699] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  534.206469][T16688] loop0: detected capacity change from 0 to 32768
[  534.233667][T16688] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  534.295273][T16688] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  534.348601][T16688] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[  534.383308][ T5845] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  534.390148][ T5845] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  534.519204][T16731] netlink: 'syz.5.4562': attribute type 16 has an invalid length.
[  534.555509][ T5845] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 154ms
[  534.572809][ T5845] gfs2: fsid=syz:syz.0: jid=0: Done
[  534.581584][T16731] netlink: 'syz.5.4562': attribute type 17 has an invalid length.
[  534.593399][T16688] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  534.671916][T16688] gfs2: fsid=syz:syz.0: gfs2_check_dirent: gfs2_dirent too small (not first in block)
[  534.702210][T16688] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[  534.702210][T16688]   inode = 12 2341
[  534.702210][T16688]   function = gfs2_dirent_scan, file = fs/gfs2/dir.c, line = 602
[  534.750403][T16688] gfs2: fsid=syz:syz.0: G:  s:SH n:2/925 f:qob t:SH d:EX/0 a:0 v:0 r:3 m:20 p:1
[  534.780930][T16688] gfs2: fsid=syz:syz.0:  H: s:SH f:H e:0 p:16688 [syz.0.4540] __gfs2_lookup+0x90/0x270
[  534.780990][T16737] loop4: detected capacity change from 0 to 16
[  534.805323][T16737] erofs: (device loop4): mounted with root inode @ nid 36.
[  534.808448][T16688] gfs2: fsid=syz:syz.0:  I: n:12/2341 t:4 f:0x00 d:0x00000001 s:3864 p:0
[  534.822895][T16688] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  534.830300][T16688] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  534.839619][T16688] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  534.856958][T16688] gfs2: fsid=syz:syz.0: File system withdrawn
[  534.867455][T16688] CPU: 0 PID: 16688 Comm: syz.0.4540 Not tainted 6.6.102-syzkaller #0
[  534.875683][T16688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  534.885786][T16688] Call Trace:
[  534.889104][T16688]  <TASK>
[  534.892077][T16688]  dump_stack_lvl+0x16c/0x230
[  534.896802][T16688]  ? kobject_uevent_env+0x363/0x8c0
[  534.902054][T16688]  ? show_regs_print_info+0x20/0x20
[  534.907297][T16688]  ? load_image+0x3b0/0x3b0
[  534.911851][T16688]  ? kobject_uevent_env+0x363/0x8c0
[  534.917103][T16688]  gfs2_withdraw+0xe50/0x13b0
[  534.921852][T16688]  ? gfs2_lm+0x220/0x220
[  534.926145][T16688]  ? load_image+0x3b0/0x3b0
[  534.930719][T16688]  ? gfs2_consist_inode_i+0xf5/0x110
[  534.936052][T16688]  gfs2_dirent_scan+0x525/0x650
[  534.940941][T16688]  ? gfs2_dirent_search+0x7e0/0x7e0
[  534.946186][T16688]  ? gfs2_dirent_search+0x7e0/0x7e0
[  534.951441][T16688]  gfs2_dirent_search+0x2e1/0x7e0
[  534.956791][T16688]  ? gfs2_permission+0x370/0x430
[  534.961784][T16688]  ? __might_sleep+0xe0/0xe0
[  534.966429][T16688]  ? gfs2_dir_search+0x220/0x220
[  534.971415][T16688]  ? gfs2_lookupi+0x5a0/0x5a0
[  534.976229][T16688]  ? do_raw_spin_lock+0x121/0x2c0
[  534.981312][T16688]  gfs2_dir_search+0x4d/0x220
[  534.986031][T16688]  gfs2_lookupi+0x3d9/0x5a0
[  534.990588][T16688]  ? gfs2_lookup_meta+0x170/0x170
[  534.995660][T16688]  ? __gfs2_lookup+0x90/0x270
[  535.000399][T16688]  __gfs2_lookup+0x90/0x270
[  535.004957][T16688]  ? __lock_acquire+0x7c80/0x7c80
[  535.010029][T16688]  ? gfs2_atomic_open+0x220/0x220
[  535.015114][T16688]  ? do_raw_spin_unlock+0x121/0x230
[  535.020356][T16688]  ? _raw_spin_unlock+0x28/0x40
[  535.025249][T16688]  ? d_alloc+0x173/0x1b0
[  535.029631][T16688]  lookup_one_qstr_excl+0x112/0x250
[  535.034879][T16688]  filename_create+0x222/0x460
[  535.039700][T16688]  ? kern_path_create+0x50/0x50
[  535.044603][T16688]  ? __virt_addr_valid+0x469/0x540
[  535.049772][T16688]  do_mkdirat+0xa1/0x440
[  535.054056][T16688]  ? vfs_mkdir+0x440/0x440
[  535.058523][T16688]  ? getname_flags+0x20a/0x500
[  535.063345][T16688]  __x64_sys_mkdir+0x6e/0x80
[  535.067981][T16688]  do_syscall_64+0x55/0xb0
[  535.072439][T16688]  ? clear_bhb_loop+0x40/0x90
[  535.077156][T16688]  ? clear_bhb_loop+0x40/0x90
[  535.081875][T16688]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  535.087815][T16688] RIP: 0033:0x7fa093d8ebe9
[  535.092446][T16688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  535.112193][T16688] RSP: 002b:00007fa094c67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  535.120677][T16688] RAX: ffffffffffffffda RBX: 00007fa093fb5fa0 RCX: 00007fa093d8ebe9
[  535.128692][T16688] RDX: 0000000000000000 RSI: 00000000000001ad RDI: 0000200000000180
[  535.136713][T16688] RBP: 00007fa093e11e19 R08: 0000000000000000 R09: 0000000000000000
[  535.144727][T16688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  535.152743][T16688] R13: 00007fa093fb6038 R14: 00007fa093fb5fa0 R15: 00007ffc7a12fc48
[  535.154178][T16745] loop5: detected capacity change from 0 to 16
[  535.160749][T16688]  </TASK>
[  535.249959][T16745] erofs: (device loop5): mounted with root inode @ nid 36.
[  535.370574][T16751] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4572'.
[  535.403406][T16751] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4572'.
[  535.557786][ T5845] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  535.716461][T16755] loop2: detected capacity change from 0 to 8192
[  535.766499][T16755] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  535.784300][ T5845] usb 6-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  535.795538][ T5845] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  535.831847][T16755] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001)
[  535.845727][T16755] FAT-fs (loop2): Filesystem has been set read-only
[  535.854055][ T5845] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  535.921899][ T5845] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  535.931022][ T5845] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  535.969428][ T5845] usb 6-1: Product: syz
[  535.973673][ T5845] usb 6-1: Manufacturer: syz
[  535.997211][ T5783] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001)
[  536.009565][ T5845] usb 6-1: SerialNumber: syz
[  536.260974][ T5845] cdc_ncm 6-1:1.0: skipping garbage
[  536.277847][ T5845] cdc_ncm 6-1:1.0: CDC Union missing and no IAD found
[  536.307511][ T5845] cdc_ncm 6-1:1.0: bind() failure
[  536.328989][ T5845] usb 6-1: USB disconnect, device number 5
[  536.565468][T16773] loop2: detected capacity change from 0 to 512
[  536.574483][T16773] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  536.616726][T16773] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  536.616844][T16773] System zones: 0-2, 18-18, 34-34
[  536.619602][T16773] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  536.619722][T16773] ext4 filesystem being mounted at /1194/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  536.858127][ T5783] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  537.673908][T16794] binder: 16792:16794 ioctl c018620c 0 returned -14
[  537.683275][T16797] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app
[  537.981206][T16772] loop4: detected capacity change from 0 to 32768
[  538.031634][T16772] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  538.070365][T16772] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  538.117812][T16772] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[  538.183537][T16812] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4600'.
[  538.187153][ T5868] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  538.194678][T16812] netlink: 312 bytes leftover after parsing attributes in process `syz.0.4600'.
[  538.234494][ T5868] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  538.419728][ T5868] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 173ms
[  538.452097][ T5868] gfs2: fsid=syz:syz.0: jid=0: Done
[  538.465577][T16772] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  538.589560][T16772] gfs2: fsid=syz:syz.0: gfs2_check_dirent: gfs2_dirent too small (not first in block)
[  538.621902][T16772] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[  538.621902][T16772]   inode = 12 2341
[  538.621902][T16772]   function = gfs2_dirent_scan, file = fs/gfs2/dir.c, line = 602
[  538.668747][T16772] gfs2: fsid=syz:syz.0: G:  s:SH n:2/925 f:qob t:SH d:EX/0 a:0 v:0 r:3 m:20 p:1
[  538.699896][T16772] gfs2: fsid=syz:syz.0:  H: s:SH f:H e:0 p:16772 [syz.4.4580] __gfs2_lookup+0x90/0x270
[  538.721640][T16772] gfs2: fsid=syz:syz.0:  I: n:12/2341 t:4 f:0x00 d:0x00000001 s:3864 p:0
[  538.730402][T16772] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  538.762831][T16772] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  538.859311][T16772] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  538.878462][T16772] gfs2: fsid=syz:syz.0: File system withdrawn
[  538.897412][T16772] CPU: 1 PID: 16772 Comm: syz.4.4580 Not tainted 6.6.102-syzkaller #0
[  538.905722][T16772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  538.915811][T16772] Call Trace:
[  538.919121][T16772]  <TASK>
[  538.922085][T16772]  dump_stack_lvl+0x16c/0x230
[  538.926808][T16772]  ? kobject_uevent_env+0x363/0x8c0
[  538.932062][T16772]  ? show_regs_print_info+0x20/0x20
[  538.937303][T16772]  ? load_image+0x3b0/0x3b0
[  538.941837][T16772]  ? kobject_uevent_env+0x363/0x8c0
[  538.947540][T16772]  gfs2_withdraw+0xe50/0x13b0
[  538.952285][T16772]  ? gfs2_lm+0x220/0x220
[  538.956571][T16772]  ? load_image+0x3b0/0x3b0
[  538.961123][T16772]  ? gfs2_consist_inode_i+0xf5/0x110
[  538.966459][T16772]  gfs2_dirent_scan+0x525/0x650
[  538.971358][T16772]  ? gfs2_dirent_search+0x7e0/0x7e0
[  538.976593][T16772]  ? gfs2_dirent_search+0x7e0/0x7e0
[  538.981847][T16772]  gfs2_dirent_search+0x2e1/0x7e0
[  538.986918][T16772]  ? gfs2_permission+0x370/0x430
[  538.991902][T16772]  ? __might_sleep+0xe0/0xe0
[  538.996546][T16772]  ? gfs2_dir_search+0x220/0x220
[  539.001545][T16772]  ? gfs2_lookupi+0x5a0/0x5a0
[  539.006258][T16772]  ? do_raw_spin_lock+0x121/0x2c0
[  539.011334][T16772]  gfs2_dir_search+0x4d/0x220
[  539.016041][T16772]  gfs2_lookupi+0x3d9/0x5a0
[  539.020566][T16772]  ? gfs2_lookup_meta+0x170/0x170
[  539.025609][T16772]  ? __gfs2_lookup+0x90/0x270
[  539.030312][T16772]  __gfs2_lookup+0x90/0x270
[  539.034922][T16772]  ? __lock_acquire+0x7c80/0x7c80
[  539.039956][T16772]  ? gfs2_atomic_open+0x220/0x220
[  539.044997][T16772]  ? do_raw_spin_unlock+0x121/0x230
[  539.050209][T16772]  ? _raw_spin_unlock+0x28/0x40
[  539.055074][T16772]  ? d_alloc+0x173/0x1b0
[  539.059334][T16772]  lookup_one_qstr_excl+0x112/0x250
[  539.064576][T16772]  filename_create+0x222/0x460
[  539.069362][T16772]  ? kern_path_create+0x50/0x50
[  539.074227][T16772]  ? __virt_addr_valid+0x469/0x540
[  539.079360][T16772]  do_mkdirat+0xa1/0x440
[  539.083620][T16772]  ? vfs_mkdir+0x440/0x440
[  539.088144][T16772]  ? getname_flags+0x20a/0x500
[  539.093009][T16772]  __x64_sys_mkdir+0x6e/0x80
[  539.097632][T16772]  do_syscall_64+0x55/0xb0
[  539.102063][T16772]  ? clear_bhb_loop+0x40/0x90
[  539.106746][T16772]  ? clear_bhb_loop+0x40/0x90
[  539.111428][T16772]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  539.117337][T16772] RIP: 0033:0x7f4ad058ebe9
[  539.121759][T16772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  539.141370][T16772] RSP: 002b:00007f4ad1371038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  539.149795][T16772] RAX: ffffffffffffffda RBX: 00007f4ad07b5fa0 RCX: 00007f4ad058ebe9
[  539.157774][T16772] RDX: 0000000000000000 RSI: 00000000000001ad RDI: 0000200000000180
[  539.165771][T16772] RBP: 00007f4ad0611e19 R08: 0000000000000000 R09: 0000000000000000
[  539.173774][T16772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  539.181762][T16772] R13: 00007f4ad07b6038 R14: 00007f4ad07b5fa0 R15: 00007ffea60e85a8
[  539.189771][T16772]  </TASK>
[  539.192815][    C1] vkms_vblank_simulate: vblank timer overrun
[  539.620240][T16845] SET target dimension over the limit!
[  539.932660][T16851] program syz.5.4620 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  540.729039][T16873] loop5: detected capacity change from 0 to 1024
[  540.866864][   T28] audit: type=1326 audit(1755613413.235:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16878 comm="syz.4.4633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ad058ebe9 code=0x7ffc0000
[  540.909548][  T786] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  540.925343][   T48] hfsplus: b-tree write err: -5, ino 4
[  540.950117][   T28] audit: type=1326 audit(1755613413.235:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16878 comm="syz.4.4633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ad058ebe9 code=0x7ffc0000
[  541.023528][   T28] audit: type=1326 audit(1755613413.263:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16878 comm="syz.4.4633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=61 compat=0 ip=0x7f4ad058ebe9 code=0x7ffc0000
[  541.115224][   T28] audit: type=1326 audit(1755613413.263:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16878 comm="syz.4.4633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ad058ebe9 code=0x7ffc0000
[  541.148433][  T786] usb 3-1: Using ep0 maxpacket: 16
[  541.169927][  T786] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  541.179242][  T786] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  541.204649][  T786] usb 3-1: Product: syz
[  541.209995][  T786] usb 3-1: Manufacturer: syz
[  541.216872][  T786] usb 3-1: SerialNumber: syz
[  541.254794][  T786] r8152-cfgselector 3-1: config 0 descriptor??
[  541.377444][T16895] netlink: 'syz.5.4639': attribute type 7 has an invalid length.
[  541.661289][   T28] audit: type=1326 audit(1755613413.974:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16902 comm="syz.4.4645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ad058ebe9 code=0x7ffc0000
[  541.719044][   T28] audit: type=1326 audit(1755613413.974:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16902 comm="syz.4.4645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ad058ebe9 code=0x7ffc0000
[  541.735385][  T786] r8152-cfgselector 3-1: Unknown version 0x0000
[  541.772610][   T28] audit: type=1326 audit(1755613413.983:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16902 comm="syz.4.4645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7f4ad058ebe9 code=0x7ffc0000
[  541.796805][  T786] r8152-cfgselector 3-1: USB disconnect, device number 22
[  541.840903][   T28] audit: type=1326 audit(1755613413.983:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16902 comm="syz.4.4645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ad058ebe9 code=0x7ffc0000
[  541.892145][   T28] audit: type=1326 audit(1755613413.983:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16902 comm="syz.4.4645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ad058ebe9 code=0x7ffc0000
[  541.985938][T16911] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4649'.
[  542.000946][T16911] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4649'.
[  542.013005][T16911] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  542.296350][T16921] ip6t_srh: unknown srh match flags  4001
[  542.553746][T16929] x_tables: ip_tables: ah match: only valid for protocol 51
[  542.780989][T16937] cgroup: release_agent respecified
[  542.973639][T16939] loop4: detected capacity change from 0 to 4096
[  543.001316][T16939] ntfs: (device loop4): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk.
[  543.092735][T16939] ntfs: volume version 3.1.
[  543.309884][T16951] netlink: 76 bytes leftover after parsing attributes in process `syz.5.4670'.
[  543.547461][T16961] Invalid ELF header magic: != ELF
[  543.931420][T16977] wg1 speed is unknown, defaulting to 1000
[  544.140771][ T5871] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  544.332807][ T5871] usb 5-1: Using ep0 maxpacket: 16
[  544.348434][ T5871] usb 5-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  544.363776][ T5871] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  544.374177][ T5871] usb 5-1: Product: syz
[  544.386247][ T5871] usb 5-1: Manufacturer: syz
[  544.390901][ T5871] usb 5-1: SerialNumber: syz
[  544.409463][ T5871] usb 5-1: config 0 descriptor??
[  544.420214][ T5871] visor 5-1:0.0: Sony Clie 3.5 converter detected
[  544.504215][  T786] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  544.643224][ T5871] usb 5-1: clie_3_5_startup: get config number bad return length: 0
[  544.643384][ T5871] visor: probe of 5-1:0.0 failed with error -5
[  544.720184][  T786] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  544.720217][  T786] usb 6-1: config 0 interface 0 has no altsetting 0
[  544.723593][  T786] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  544.723612][  T786] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  544.723624][  T786] usb 6-1: Product: syz
[  544.723633][  T786] usb 6-1: Manufacturer: syz
[  544.723642][  T786] usb 6-1: SerialNumber: syz
[  544.725318][  T786] usb 6-1: config 0 descriptor??
[  544.733060][  T786] usb 6-1: selecting invalid altsetting 0
[  544.901479][ T5871] usb 5-1: USB disconnect, device number 13
[  545.011613][ T5868] usb 6-1: USB disconnect, device number 6
[  545.086251][T17005] netlink: 'syz.2.4696': attribute type 9 has an invalid length.
[  545.095684][T17005] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.4696'.
[  545.413288][T17015] netlink: 'syz.2.4701': attribute type 16 has an invalid length.
[  545.421186][T17015] netlink: 'syz.2.4701': attribute type 17 has an invalid length.
[  545.954660][T17031] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4709'.
[  545.970246][T17031] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4709'.
[  546.103522][T17036] loop4: detected capacity change from 0 to 256
[  546.107910][ T5871] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  546.125650][T17037] loop5: detected capacity change from 0 to 1024
[  546.178584][T17036] FAT-fs (loop4): Directory bread(block 64) failed
[  546.179765][T17037] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  546.199704][T17036] FAT-fs (loop4): Directory bread(block 65) failed
[  546.210731][T17037] ext4 filesystem being mounted at /289/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  546.233318][T17036] FAT-fs (loop4): Directory bread(block 66) failed
[  546.243117][T17036] FAT-fs (loop4): Directory bread(block 67) failed
[  546.249861][T17036] FAT-fs (loop4): Directory bread(block 68) failed
[  546.256441][T17036] FAT-fs (loop4): Directory bread(block 69) failed
[  546.264758][T17036] FAT-fs (loop4): Directory bread(block 70) failed
[  546.271720][T17036] FAT-fs (loop4): Directory bread(block 71) failed
[  546.278997][T17036] FAT-fs (loop4): Directory bread(block 72) failed
[  546.285556][T17036] FAT-fs (loop4): Directory bread(block 73) failed
[  546.316238][T17037] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  546.344344][ T5871] usb 3-1: Using ep0 maxpacket: 16
[  546.352033][ T5871] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  546.367821][ T5871] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 34, changing to 9
[  546.387910][ T5871] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  546.412668][ T5871] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  546.423969][ T5871] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  546.439554][T14490] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  546.453553][ T5871] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  546.463168][ T5871] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  546.471955][ T5871] usb 3-1: Manufacturer: syz
[  546.483793][ T5871] usb 3-1: config 0 descriptor??
[  546.763975][ T5772] usb 3-1: USB disconnect, device number 23
[  546.844143][T17052] loop4: detected capacity change from 0 to 256
[  546.894907][T17052] FAT-fs (loop4): Directory bread(block 64) failed
[  546.908978][T17052] FAT-fs (loop4): Directory bread(block 65) failed
[  546.915655][T17052] FAT-fs (loop4): Directory bread(block 66) failed
[  546.918226][T17051] loop5: detected capacity change from 0 to 4096
[  546.935718][T17052] FAT-fs (loop4): Directory bread(block 67) failed
[  546.946532][T17051] __ntfs_error: 5 callbacks suppressed
[  546.946548][T17051] ntfs: (device loop5): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk.
[  546.956933][T17052] FAT-fs (loop4): Directory bread(block 68) failed
[  546.971606][T17051] ntfs: (device loop5): ntfs_read_locked_inode(): $DATA attribute is missing.
[  546.982005][T17051] ntfs: (device loop5): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0x1 as bad.  Run chkdsk.
[  546.992379][T17052] FAT-fs (loop4): Directory bread(block 69) failed
[  547.001796][T17051] ntfs: (device loop5): load_system_files(): Failed to load $MFTMirr.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  547.002502][T17052] FAT-fs (loop4): Directory bread(block 70) failed
[  547.027594][T17052] FAT-fs (loop4): Directory bread(block 71) failed
[  547.038656][T17051] ntfs: volume version 3.1.
[  547.067666][T17052] FAT-fs (loop4): Directory bread(block 72) failed
[  547.091830][T17052] FAT-fs (loop4): Directory bread(block 73) failed
[  547.121875][T17051] ntfs: (device loop5): ntfs_attr_find(): Inode is corrupt.  Run chkdsk.
[  547.137972][T17051] ntfs: (device loop5): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0x40 as bad.  Run chkdsk.
[  547.608557][T17062] loop4: detected capacity change from 0 to 2048
[  547.620461][T17064] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4723'.
[  547.645371][T17062] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  548.489959][T17084] loop0: detected capacity change from 0 to 4096
[  548.548491][T17084] ntfs: (device loop0): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match.  Run ntfsfix or chkdsk.
[  548.568281][T17093] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4738'.
[  548.588314][T17084] ntfs: (device loop0): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  548.642250][T17084] ntfs: (device loop0): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn.
[  548.685754][T17084] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  548.756111][T17084] ntfs: volume version 3.1.
[  548.778650][T17098] tmpfs: Bad value for 'mpol'
[  548.961079][T17104] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4744'.
[  549.475108][T17122] netlink: 'syz.4.4754': attribute type 9 has an invalid length.
[  549.516049][T17122] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.4754'.
[  550.379200][T17156] netlink: 260 bytes leftover after parsing attributes in process `syz.4.4770'.
[  550.476324][T17158] dlm: no locking on control device
[  550.547391][T17160] ieee802154 phy0 wpan0: encryption failed: -90
[  550.550969][T17164] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4774'.
[  550.659956][T17166] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4775'.
[  550.870622][T17174] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4779'.
[  551.020151][T17180] loop0: detected capacity change from 0 to 256
[  551.076251][T17180] FAT-fs (loop0): Directory bread(block 64) failed
[  551.085166][ T5868] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  551.093676][T17180] FAT-fs (loop0): Directory bread(block 65) failed
[  551.101539][T17180] FAT-fs (loop0): Directory bread(block 66) failed
[  551.108220][T17180] FAT-fs (loop0): Directory bread(block 67) failed
[  551.118458][T17182] netlink: 'syz.2.4783': attribute type 32 has an invalid length.
[  551.130986][T17180] FAT-fs (loop0): Directory bread(block 68) failed
[  551.137573][T17180] FAT-fs (loop0): Directory bread(block 69) failed
[  551.173763][T17180] FAT-fs (loop0): Directory bread(block 70) failed
[  551.193121][T17180] FAT-fs (loop0): Directory bread(block 71) failed
[  551.215648][T17180] FAT-fs (loop0): Directory bread(block 72) failed
[  551.232557][T17180] FAT-fs (loop0): Directory bread(block 73) failed
[  551.298705][ T5868] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  551.333932][ T5868] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x4 has an invalid bInterval 0, changing to 7
[  551.358898][ T5868] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.de
[  551.392212][ T5868] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  551.433856][ T5868] usb 6-1: config 0 descriptor??
[  551.667006][ T5868] ath6kl: Failed to submit usb control message: -71
[  551.673925][ T5868] ath6kl: unable to send the bmi data to the device: -71
[  551.694545][ T5868] ath6kl: Unable to send get target info: -71
[  551.712451][ T5868] ath6kl: Failed to init ath6kl core: -71
[  551.737537][ T5868] ath6kl_usb: probe of 6-1:0.0 failed with error -71
[  551.794071][ T5868] usb 6-1: USB disconnect, device number 7
[  551.987934][T17206] loop2: detected capacity change from 0 to 16
[  552.011888][T17207] loop4: detected capacity change from 0 to 256
[  552.027302][T17206] erofs: (device loop2): mounted with root inode @ nid 36.
[  552.037743][T17207] exfat: Deprecated parameter 'namecase'
[  552.057942][T17207] exfat: Deprecated parameter 'utf8'
[  552.092879][T17203] loop0: detected capacity change from 0 to 4096
[  552.109658][T17207] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  552.124266][T17206] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36
[  552.154124][T17203] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  552.167865][T17206] erofs: (device loop2): z_erofs_read_folio: read error -117 @ 43 of nid 36
[  552.259447][T17203] ntfs3: loop0: Failed to initialize $Extend/$Reparse.
[  552.497385][T17212] loop5: detected capacity change from 0 to 256
[  552.646777][T17212] FAT-fs (loop5): Directory bread(block 64) failed
[  552.681508][T17212] FAT-fs (loop5): Directory bread(block 65) failed
[  552.688207][T17212] FAT-fs (loop5): Directory bread(block 66) failed
[  552.733619][T17212] FAT-fs (loop5): Directory bread(block 67) failed
[  552.755887][T17212] FAT-fs (loop5): Directory bread(block 68) failed
[  552.791193][T17212] FAT-fs (loop5): Directory bread(block 69) failed
[  552.797919][T17212] FAT-fs (loop5): Directory bread(block 70) failed
[  552.851688][T17212] FAT-fs (loop5): Directory bread(block 71) failed
[  552.858400][T17212] FAT-fs (loop5): Directory bread(block 72) failed
[  552.905133][T17212] FAT-fs (loop5): Directory bread(block 73) failed
[  553.172239][T17231] loop4: detected capacity change from 0 to 128
[  553.236832][T17231] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  553.274855][T17231] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  553.600388][T17237] loop5: detected capacity change from 0 to 4096
[  553.615315][T17242] loop4: detected capacity change from 0 to 1024
[  553.761616][   T48] hfsplus: b-tree write err: -5, ino 4
[  554.525498][T17261] loop2: detected capacity change from 0 to 1024
[  554.750850][ T3453] hfsplus: b-tree write err: -5, ino 4
[  554.928992][T17239] loop0: detected capacity change from 0 to 40427
[  554.969490][T17239] F2FS-fs (loop0): build fault injection attr: rate: 25, type: 0x7ffff
[  554.978053][T17239] F2FS-fs (loop0): build fault injection attr: rate: 0, type: 0x7698c
[  555.009344][T17239] F2FS-fs (loop0): invalid crc value
[  555.035485][T17239] F2FS-fs (loop0): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x1d6/0x920
[  555.065264][T17239] F2FS-fs (loop0): Found nat_bits in checkpoint
[  555.196457][T17239] F2FS-fs (loop0): inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x644/0x920
[  555.231120][T17239] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  555.361995][T17239] F2FS-fs (loop0): inject too big dir depth in f2fs_add_regular_entry of f2fs_add_dentry+0xda/0x1d0
[  555.498669][    C0] F2FS-fs (loop0): inject write IO error in f2fs_write_end_io of blk_update_request+0x597/0xe40
[  555.510483][    C0] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  555.539385][ T5780] F2FS-fs (loop0): do_checkpoint failed err:-5, stop checkpoint
[  555.669429][T17295] loop4: detected capacity change from 0 to 512
[  555.783441][T17295] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  555.898286][T17295] ext4 filesystem being mounted at /632/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  555.958087][T17308] netlink: 'syz.2.4844': attribute type 1 has an invalid length.
[  555.966093][T17308] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4844'.
[  556.035806][T17295] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #12: comm syz.4.4836: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  556.088933][T17310] netlink: 'syz.5.4843': attribute type 21 has an invalid length.
[  556.133546][T17310] netlink: 132 bytes leftover after parsing attributes in process `syz.5.4843'.
[  556.171193][T11118] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  556.186632][T17314] netlink: 'syz.0.4837': attribute type 21 has an invalid length.
[  556.567472][T17321] loop2: detected capacity change from 0 to 4096
[  556.580993][T17321] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  556.661768][T17321] ntfs3: loop2: Failed to initialize $Extend/$Reparse.
[  556.804303][T17327] loop0: detected capacity change from 0 to 4096
[  556.935286][T17333] tmpfs: Bad value for 'usrquota_inode_hardlimit'
[  557.362032][T17344] loop5: detected capacity change from 0 to 128
[  557.452435][T17344] FAT-fs (loop5): Directory bread(block 32) failed
[  557.469277][T17344] FAT-fs (loop5): Directory bread(block 33) failed
[  557.485641][T17340] loop0: detected capacity change from 0 to 4096
[  557.497778][T17344] FAT-fs (loop5): Directory bread(block 34) failed
[  557.512138][T17340] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512).
[  557.533242][T17344] FAT-fs (loop5): Directory bread(block 35) failed
[  557.542022][T17344] FAT-fs (loop5): Directory bread(block 36) failed
[  557.586927][T17344] FAT-fs (loop5): Directory bread(block 37) failed
[  557.596093][T17344] FAT-fs (loop5): Directory bread(block 38) failed
[  557.631300][T17344] FAT-fs (loop5): Directory bread(block 39) failed
[  557.638004][T17344] FAT-fs (loop5): Directory bread(block 40) failed
[  557.659975][T17340] ntfs3: loop0: Failed to initialize $Extend/$ObjId.
[  557.665189][T17344] FAT-fs (loop5): Directory bread(block 41) failed
[  557.899582][T17344] syz.5.4859: attempt to access beyond end of device
[  557.899582][T17344] loop5: rw=0, sector=4108, nr_sectors = 4 limit=128
[  557.968002][T17344] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 196)
[  558.006248][T17356] xt_TCPMSS: Only works on TCP SYN packets
[  558.015358][T17344] FAT-fs (loop5): Filesystem has been set read-only
[  558.030457][T17358] netlink: 'syz.2.4866': attribute type 21 has an invalid length.
[  558.038771][T17358] netlink: 128 bytes leftover after parsing attributes in process `syz.2.4866'.
[  558.048419][T17358] netlink: 'syz.2.4866': attribute type 5 has an invalid length.
[  558.078091][T17358] netlink: 'syz.2.4866': attribute type 6 has an invalid length.
[  558.097038][T17358] netlink: 3 bytes leftover after parsing attributes in process `syz.2.4866'.
[  558.130235][T17360] misc userio: The device must be registered before sending interrupts
[  558.561392][T17374] loop0: detected capacity change from 0 to 16
[  558.587490][T17374] erofs: (device loop0): mounted with root inode @ nid 36.
[  558.648381][T17374] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36
[  558.704032][T17374] erofs: (device loop0): z_erofs_read_folio: read error -117 @ 43 of nid 36
[  559.155039][T17389] loop5: detected capacity change from 0 to 8192
[  559.203648][T17389] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  559.279664][T17389] FAT-fs (loop5): error, fat_free_clusters: deleting FAT entry beyond EOF
[  559.295983][T17389] FAT-fs (loop5): Filesystem has been set read-only
[  560.085236][T17383] loop4: detected capacity change from 0 to 40427
[  560.121582][T17383] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  560.129403][T17383] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  560.173785][T17383] F2FS-fs (loop4): invalid crc_offset: 33558524
[  560.240286][T17383] F2FS-fs (loop4): Found nat_bits in checkpoint
[  560.505579][T17383] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  560.512683][T17383] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  560.621228][T17433] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4900'.
[  560.753662][T17435] loop5: detected capacity change from 0 to 4096
[  561.243875][T17447] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.4908'.
[  561.401815][T17453] netlink: 44 bytes leftover after parsing attributes in process `syz.4.4903'.
[  561.653880][T17460] loop2: detected capacity change from 0 to 256
[  561.703383][T17460] FAT-fs (loop2): Directory bread(block 64) failed
[  561.753570][T17460] FAT-fs (loop2): Directory bread(block 65) failed
[  561.783886][T17460] FAT-fs (loop2): Directory bread(block 66) failed
[  561.819647][T17460] FAT-fs (loop2): Directory bread(block 67) failed
[  561.826387][T17460] FAT-fs (loop2): Directory bread(block 68) failed
[  561.869402][T17460] FAT-fs (loop2): Directory bread(block 69) failed
[  561.884989][T17460] FAT-fs (loop2): Directory bread(block 70) failed
[  561.905455][T17468] (unnamed net_device) (uninitialized): Unable to set down delay as MII monitoring is disabled
[  561.931841][T17460] FAT-fs (loop2): Directory bread(block 71) failed
[  561.952894][T17460] FAT-fs (loop2): Directory bread(block 72) failed
[  561.988777][T17460] FAT-fs (loop2): Directory bread(block 73) failed
[  562.265365][T17479] netlink: 164 bytes leftover after parsing attributes in process `syz.5.4923'.
[  562.535250][T17489] netlink: 'syz.0.4928': attribute type 21 has an invalid length.
[  562.544202][T17489] netlink: 128 bytes leftover after parsing attributes in process `syz.0.4928'.
[  562.555333][T17489] netlink: 'syz.0.4928': attribute type 5 has an invalid length.
[  562.563453][T17489] netlink: 'syz.0.4928': attribute type 6 has an invalid length.
[  562.571907][T17489] netlink: 3 bytes leftover after parsing attributes in process `syz.0.4928'.
[  563.046039][T17504] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  563.062362][T17504] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  563.171922][T17511] loop0: detected capacity change from 0 to 16
[  563.200723][T17511] erofs: (device loop0): mounted with root inode @ nid 36.
[  563.229877][T17511] erofs: (device loop0): z_erofs_fill_inode_lazy: unknown HEAD1 format 13 for nid 36, please upgrade kernel
[  563.302000][T17511] erofs: (device loop0): z_erofs_fill_inode_lazy: unknown HEAD1 format 13 for nid 36, please upgrade kernel
[  563.366634][T17511] erofs: (device loop0): z_erofs_read_folio: read error -95 @ 43 of nid 36
[  563.627351][   T28] kauditd_printk_skb: 12 callbacks suppressed
[  563.627370][   T28] audit: type=1326 audit(1755613434.519:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17523 comm="syz.0.4942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa093d8ebe9 code=0x7ffc0000
[  563.740429][   T28] audit: type=1326 audit(1755613434.519:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17523 comm="syz.0.4942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa093d8ebe9 code=0x7ffc0000
[  563.774996][   T28] audit: type=1326 audit(1755613434.538:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17523 comm="syz.0.4942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fa093d8ebe9 code=0x7ffc0000
[  563.843457][   T28] audit: type=1326 audit(1755613434.538:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17523 comm="syz.0.4942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa093d8ebe9 code=0x7ffc0000
[  563.924751][   T28] audit: type=1326 audit(1755613434.538:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17523 comm="syz.0.4942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa093d8ebe9 code=0x7ffc0000
[  563.980504][T17539] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4948'.
[  564.010729][T17539] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4948'.
[  564.019792][   T28] audit: type=1326 audit(1755613434.650:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17528 comm="syz.4.4943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ad058ebe9 code=0x7ffc0000
[  564.074396][   T28] audit: type=1326 audit(1755613434.650:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17528 comm="syz.4.4943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ad058ebe9 code=0x7ffc0000
[  564.104662][T17537] loop5: detected capacity change from 0 to 4096
[  564.154955][   T28] audit: type=1326 audit(1755613434.650:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17528 comm="syz.4.4943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7f4ad058ebe9 code=0x7ffc0000
[  564.192521][T17537] ntfs: (device loop5): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match.  Run ntfsfix or chkdsk.
[  564.235753][T17537] ntfs: (device loop5): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  564.269416][T17537] ntfs: volume version 3.1.
[  564.970335][T17563] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  565.020547][T17563] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  565.212860][T17571] netlink: 64 bytes leftover after parsing attributes in process `syz.4.4958'.
[  565.892073][  T786] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  566.130138][  T786] usb 6-1: config 0 has an invalid interface number: 199 but max is 1
[  566.147703][  T786] usb 6-1: config 0 has no interface number 1
[  566.148492][T17604] dlm: non-version read from control device 0
[  566.165018][  T786] usb 6-1: config 0 interface 199 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  566.186795][  T786] usb 6-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  566.210390][  T786] usb 6-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00
[  566.220390][  T786] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  566.244656][  T786] usb 6-1: SerialNumber: syz
[  566.265742][  T786] usb 6-1: config 0 descriptor??
[  566.286055][  T786] usb 6-1: Found UVC 0.00 device <unnamed> (0002:0000)
[  566.307915][  T786] usb 6-1: No valid video chain found.
[  566.564835][  T786] usb 6-1: USB disconnect, device number 8
[  566.966014][T17626] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4980'.
[  567.501141][T17645] vxcan3: entered promiscuous mode
[  567.527307][T17645] vxcan3: entered allmulticast mode
[  567.543143][T17647] batadv1: entered allmulticast mode
[  567.592111][T17647] 8021q: adding VLAN 0 to HW filter on device batadv1
[  567.821989][T17657] netlink: 14 bytes leftover after parsing attributes in process `syz.4.4995'.
[  567.886637][T17653] loop2: detected capacity change from 0 to 4096
[  569.307304][T17703] loop2: detected capacity change from 0 to 1024
[  569.459032][T17709] xt_CT: You must specify a L4 protocol and not use inversions on it
[  569.651326][T17713] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5022'.
[  570.597073][T17751] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5042'.
[  570.733086][T17753] loop2: detected capacity change from 0 to 2048
[  570.751519][T17753] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  570.800134][T17753] syz.2.5044: attempt to access beyond end of device
[  570.800134][T17753] loop2: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  570.819841][T17756] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  570.959847][T17753] syz.2.5044: attempt to access beyond end of device
[  570.959847][T17753] loop2: rw=0, sector=9437254, nr_sectors = 2 limit=2048
[  571.001843][T17753] NILFS (loop2): I/O error reading meta-data file (ino=6, block-offset=0)
[  571.064934][T17763] netlink: 209852 bytes leftover after parsing attributes in process `syz.5.5047'.
[  571.086359][T17763] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  571.096595][T17763] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  571.464822][T17776] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5055'.
[  571.479035][T17778] netlink: 32 bytes leftover after parsing attributes in process `syz.5.5053'.
[  572.182046][T17801] loop5: detected capacity change from 0 to 4096
[  572.451335][   T28] kauditd_printk_skb: 22 callbacks suppressed
[  572.451352][   T28] audit: type=1800 audit(1755613442.780:151): pid=17801 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.5066" name="file1" dev="loop5" ino=33 res=0 errno=0
[  572.657955][   T28] audit: type=1326 audit(1755613442.967:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17812 comm="syz.2.5080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07ee78ebe9 code=0x7ffc0000
[  572.740220][   T28] audit: type=1326 audit(1755613442.967:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17812 comm="syz.2.5080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07ee78ebe9 code=0x7ffc0000
[  572.841290][   T28] audit: type=1326 audit(1755613443.014:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17812 comm="syz.2.5080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f07ee78ebe9 code=0x7ffc0000
[  572.958259][   T28] audit: type=1326 audit(1755613443.014:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17812 comm="syz.2.5080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07ee78ebe9 code=0x7ffc0000
[  573.026095][   T28] audit: type=1326 audit(1755613443.014:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17812 comm="syz.2.5080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07ee78ebe9 code=0x7ffc0000
[  573.296105][T17836] netlink: 14 bytes leftover after parsing attributes in process `syz.0.5082'.
[  573.376026][T17834] loop4: detected capacity change from 0 to 4096
[  573.384279][T17834] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[  573.456367][T17834] ntfs3: loop4: failed to convert "c46c" to iso8859-15
[  573.553190][T17842] ieee802154 phy0 wpan0: encryption failed: -22
[  573.980838][T17854] netlink: 'syz.2.5092': attribute type 10 has an invalid length.
[  573.990206][T17854] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5092'.
[  574.031100][T17860] damon-dbgfs: DAMON debugfs interface is deprecated, so users should move to DAMON_SYSFS. If you cannot, please report your usecase to damon@lists.linux.dev and linux-mm@kvack.org.
[  574.113963][T17854] geneve0: entered promiscuous mode
[  574.119527][T17854] geneve0: entered allmulticast mode
[  574.189021][T17854] team0: Port device geneve0 added
[  574.222531][T17864] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5097'.
[  574.438515][T17873] loop0: detected capacity change from 0 to 256
[  574.461316][T17873] exfat: Deprecated parameter 'namecase'
[  574.481678][T17873] exfat: Deprecated parameter 'namecase'
[  574.560133][T17873] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d)
[  574.659813][T17873] exFAT-fs (loop0): invalid start cluster (4278190088)
[  574.790567][T17881] loop4: detected capacity change from 0 to 16
[  574.824200][T17881] erofs: (device loop4): mounted with root inode @ nid 36.
[  575.069725][T17889] netlink: 14 bytes leftover after parsing attributes in process `syz.2.5108'.
[  575.110090][T17891] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5111'.
[  575.129259][T17889] veth1_vlan: left allmulticast mode
[  575.149414][T17891] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5111'.
[  575.227586][T17889] bond0: (slave macvlan0): Releasing backup interface
[  575.657906][T17909] loop5: detected capacity change from 0 to 256
[  575.676478][T17909] exfat: Deprecated parameter 'utf8'
[  575.682166][T17909] exfat: Deprecated parameter 'namecase'
[  575.743927][T17909] exFAT-fs (loop5): failed to load upcase table (idx : 0x0001016b, chksum : 0xc5c53e17, utbl_chksum : 0xe619d30d)
[  575.836368][T17915] loop4: detected capacity change from 0 to 128
[  575.875880][  T786] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  576.121253][  T786] usb 3-1: Using ep0 maxpacket: 8
[  576.149077][  T786] usb 3-1: config 0 has an invalid interface number: 31 but max is 0
[  576.163852][  T786] usb 3-1: config 0 has no interface number 0
[  576.197106][  T786] usb 3-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  576.222245][  T786] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  576.249861][  T786] usb 3-1: Product: syz
[  576.256208][  T786] usb 3-1: Manufacturer: syz
[  576.262156][  T786] usb 3-1: SerialNumber: syz
[  576.278608][  T786] usb 3-1: config 0 descriptor??
[  576.418808][T17923] ip6gre1: entered promiscuous mode
[  576.528636][  T786] usb 3-1: Found UVC 0.04 device syz (046d:08c3)
[  576.538131][  T786] usb 3-1: No valid video chain found.
[  576.554219][T17913] loop0: detected capacity change from 0 to 32768
[  576.573433][  T786] usb 3-1: USB disconnect, device number 24
[  576.590108][T17913] (syz.0.5121,17913,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  576.620113][T17913] (syz.0.5121,17913,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  576.682132][T17913] JBD2: Ignoring recovery information on journal
[  576.809795][T17913] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  577.021986][ T5780] ocfs2: Unmounting device (7,0) on (node local)
[  577.247135][T17941] binfmt_misc: register: failed to install interpreter file ./file0
[  578.315883][T17981] netlink: 60 bytes leftover after parsing attributes in process `syz.0.5152'.
[  578.756148][T18003] loop4: detected capacity change from 0 to 256
[  578.794209][T18003] exfat: Deprecated parameter 'utf8'
[  578.803444][T18003] exfat: Deprecated parameter 'namecase'
[  578.814794][ T5824] usb 3-1: new full-speed USB device number 25 using dummy_hcd
[  578.828398][T18006] netlink: 'syz.5.5161': attribute type 27 has an invalid length.
[  578.837872][T18003] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001016b, chksum : 0xc5c53e17, utbl_chksum : 0xe619d30d)
[  578.847105][T18006] netlink: 'syz.5.5161': attribute type 3 has an invalid length.
[  578.875317][T18006] netlink: 132 bytes leftover after parsing attributes in process `syz.5.5161'.
[  579.031451][ T5824] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0
[  579.065541][ T5824] usb 3-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[  579.086565][ T5824] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  579.118602][ T5824] usb 3-1: Product: syz
[  579.133727][ T5824] usb 3-1: Manufacturer: syz
[  579.154480][ T5824] usb 3-1: SerialNumber: syz
[  579.236722][ T5824] usb 3-1: config 0 descriptor??
[  579.244471][ T5824] hub 3-1:0.0: bad descriptor, ignoring hub
[  579.257906][ T5824] hub: probe of 3-1:0.0 failed with error -5
[  579.307802][ T5824] usb 3-1: Quirk or no altest; falling back to MIDI 1.0
[  579.389649][ T5824] snd-usb-audio: probe of 3-1:0.0 failed with error -2
[  579.636888][T15901] udevd[15901]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  579.798295][ T5824] usb 3-1: USB disconnect, device number 25
[  579.852673][T18030] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5171'.
[  580.143357][T18042] netlink: 'syz.0.5177': attribute type 1 has an invalid length.
[  580.175465][T18042] netlink: 224 bytes leftover after parsing attributes in process `syz.0.5177'.
[  580.579818][T18058] cgroup: Bad value for 'name'
[  580.700093][T18060] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  580.780562][T18064] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5187'.
[  580.931474][T18068] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null.
[  580.952508][T18068] overlayfs: conflicting options: metacopy=off,verity=on
[  582.133956][T18074] loop5: detected capacity change from 0 to 32768
[  582.303351][T18074] ERROR: (device loop5): dbAllocNext: Corrupt dmap page
[  582.303351][T18074] 
[  582.346611][T18074] ERROR: (device loop5): remounting filesystem as read-only
[  582.374237][T18074] ialloc: diAlloc returned -5!
[  582.736195][T18120] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5217'.
[  582.960510][   T28] audit: type=1326 audit(1755613452.613:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18127 comm="syz.0.5220" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa093d8ebe9 code=0x0
[  583.112435][T18130] ieee802154 phy0 wpan0: encryption failed: -22
[  583.340318][T18141] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5224'.
[  583.771525][T18156] netlink: 'syz.4.5233': attribute type 3 has an invalid length.
[  584.144947][T18170] loop4: detected capacity change from 0 to 512
[  584.173366][T18170] EXT4-fs (loop4): Test dummy encryption mode enabled
[  584.220172][T18170] EXT4-fs (loop4): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  584.223804][T18168] loop2: detected capacity change from 0 to 4096
[  584.243964][T18166] loop0: detected capacity change from 0 to 4096
[  584.253238][T18166] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  584.264825][T18168] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512).
[  584.383494][T18177] x_tables: duplicate underflow at hook 3
[  584.425860][T18168] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  584.541657][T18166] ntfs3: loop0: failed to convert "c46c" to ascii
[  584.700698][T18170] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  584.780498][T18170] EXT4-fs error (device loop4): ext4_add_entry:2486: inode #2: comm syz.4.5240: Directory hole found for htree leaf block 0
[  584.843043][T18170] EXT4-fs (loop4): Remounting filesystem read-only
[  584.986759][T18190] dlm: non-version read from control device 59
[  585.124337][T11118] EXT4-fs (loop4): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  585.559244][ T5845] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  585.785508][ T5845] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  585.804390][ T5845] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  585.824333][ T5845] usb 3-1: config 0 descriptor??
[  585.834521][T18220] loop4: detected capacity change from 0 to 128
[  585.862297][T18220] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  585.892750][T18220] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  586.179670][T18228] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5265'.
[  586.275686][ T5845] [drm:udl_init] *ERROR* Selecting channel failed
[  586.328227][ T5845] [drm] Initialized udl 0.0.1 20120220 for 3-1:0.0 on minor 2
[  586.359045][ T5845] [drm] Initialized udl on minor 2
[  586.368385][ T5845] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  586.396753][ T5845] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  586.407381][    T9] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  586.440157][    T9] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  586.449504][ T5845] usb 3-1: USB disconnect, device number 26
[  586.467494][    T9] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  586.739164][T18243] loop4: detected capacity change from 0 to 256
[  587.068620][T18188] Bluetooth: hci4: command 0x0406 tx timeout
[  588.064554][T18292] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5295'.
[  588.249659][T18302] netlink: 'syz.2.5300': attribute type 4 has an invalid length.
[  588.404571][T18305] loop2: detected capacity change from 0 to 128
[  588.879582][T18318] batadv1: entered allmulticast mode
[  588.903965][T18318] 8021q: adding VLAN 0 to HW filter on device batadv1
[  589.421004][T18340] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.5318'.
[  589.767861][T18353] netlink: 'syz.2.5325': attribute type 21 has an invalid length.
[  589.775974][T18353] netlink: 'syz.2.5325': attribute type 6 has an invalid length.
[  589.777274][T18355] xt_TCPMSS: Only works on TCP SYN packets
[  589.800001][T18353] netlink: 132 bytes leftover after parsing attributes in process `syz.2.5325'.
[  589.950847][T18362] batadv1: entered allmulticast mode
[  589.961756][T18363] netlink: 340 bytes leftover after parsing attributes in process `syz.5.5329'.
[  589.972354][T18362] 8021q: adding VLAN 0 to HW filter on device batadv1
[  589.979736][T18361] netlink: 'syz.2.5330': attribute type 1 has an invalid length.
[  589.997212][T18363] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5329'.
[  590.174928][T18367] loop2: detected capacity change from 0 to 128
[  590.228577][T18367] FAT-fs (loop2): Directory bread(block 11554) failed
[  590.266823][T18367] FAT-fs (loop2): Directory bread(block 11555) failed
[  590.290571][T18367] FAT-fs (loop2): Directory bread(block 11556) failed
[  590.299471][T18367] FAT-fs (loop2): Directory bread(block 11557) failed
[  590.311758][T18367] FAT-fs (loop2): Directory bread(block 11558) failed
[  590.343907][T18367] FAT-fs (loop2): Directory bread(block 11559) failed
[  590.357545][T18367] FAT-fs (loop2): Directory bread(block 11560) failed
[  590.376011][T18367] FAT-fs (loop2): Directory bread(block 11561) failed
[  590.398174][T18367] FAT-fs (loop2): Directory bread(block 11562) failed
[  590.422658][T18367] FAT-fs (loop2): Directory bread(block 11563) failed
[  591.008164][T18391] loop5: detected capacity change from 0 to 1024
[  591.161753][   T11] hfsplus: b-tree write err: -5, ino 4
[  591.869399][T18410] bond0: Error: Cannot enslave bond to itself.
[  591.891999][T18377] loop0: detected capacity change from 0 to 32768
[  591.942903][T18377] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  592.015694][T18377] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  592.098098][T18377] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[  592.131366][ T5845] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  592.163928][ T5845] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  592.347142][ T5845] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 171ms
[  592.376247][ T5845] gfs2: fsid=syz:syz.0: jid=0: Done
[  592.385949][T18377] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  592.458334][T18399] loop5: detected capacity change from 0 to 32768
[  592.564361][T18399] ialloc: diAlloc returned -5!
[  593.437806][ T5871] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  593.643887][ T5871] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  593.684228][ T5871] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  593.715349][ T5871] usb 5-1: config 0 descriptor??
[  594.166534][T18448] loop2: detected capacity change from 0 to 32768
[  594.188942][ T5871] [drm:udl_init] *ERROR* Selecting channel failed
[  594.222618][ T5871] [drm] Initialized udl 0.0.1 20120220 for 5-1:0.0 on minor 2
[  594.242962][ T5871] [drm] Initialized udl on minor 2
[  594.251541][ T5871] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  594.258750][T18448] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  594.261182][ T5871] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  594.288168][   T27] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  594.309866][ T5871] usb 5-1: USB disconnect, device number 14
[  594.321437][   T27] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  594.410804][T18448] XFS (loop2): Ending clean mount
[  594.461265][T18448] XFS (loop2): Quotacheck needed: Please wait.
[  594.558637][T18448] XFS (loop2): Quotacheck: Done.
[  594.722539][ T5783] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  595.070529][T18478] loop5: detected capacity change from 0 to 32768
[  595.105733][T18478] XFS: noikeep mount option is deprecated.
[  595.166748][T18478] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  595.300182][T18494] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  595.465575][T18500] netlink: 188 bytes leftover after parsing attributes in process `syz.4.5389'.
[  595.567840][T18502] loop2: detected capacity change from 0 to 512
[  595.601162][T18478] XFS (loop5): Ending clean mount
[  595.607887][T18502] EXT4-fs: Ignoring removed mblk_io_submit option
[  595.619114][T18478] XFS (loop5): Quotacheck needed: Please wait.
[  595.703402][T18502] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  595.728845][T18478] XFS (loop5): Quotacheck: Done.
[  595.734365][T18502] EXT4-fs (loop2): orphan cleanup on readonly fs
[  595.770105][T18502] Quota error (device loop2): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  595.799411][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  595.805786][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  595.842923][T18502] EXT4-fs warning (device loop2): ext4_enable_quotas:7173: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  595.871515][T18502] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  595.892986][T18502] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.5388: bg 0: block 40: padding at end of block bitmap is not set
[  595.913309][T18502] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6642: Corrupt filesystem
[  595.924010][T18502] EXT4-fs (loop2): 1 truncate cleaned up
[  595.931886][T18502] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  596.001388][T18502] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  596.007704][T14490] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  596.132020][ T5783] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  596.402939][   T28] audit: type=1326 audit(1755613465.187:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18514 comm="syz.2.5394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07ee78ebe9 code=0x7ffc0000
[  596.425628][   T28] audit: type=1326 audit(1755613465.187:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18514 comm="syz.2.5394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07ee78ebe9 code=0x7ffc0000
[  596.449538][   T28] audit: type=1326 audit(1755613465.215:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18514 comm="syz.2.5394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=100 compat=0 ip=0x7f07ee78ebe9 code=0x7ffc0000
[  596.451414][ T5845] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  596.478437][   T28] audit: type=1326 audit(1755613465.215:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18514 comm="syz.2.5394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07ee78ebe9 code=0x7ffc0000
[  596.513460][   T28] audit: type=1326 audit(1755613465.215:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18514 comm="syz.2.5394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07ee78ebe9 code=0x7ffc0000
[  596.697008][ T5845] usb 5-1: Using ep0 maxpacket: 8
[  596.704562][ T5845] usb 5-1: config 2 has an invalid interface number: 31 but max is 0
[  596.718286][ T5845] usb 5-1: config 2 has no interface number 0
[  596.739639][ T5845] usb 5-1: config 2 interface 31 has no altsetting 0
[  596.759017][ T5845] usb 5-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f
[  596.768415][ T5845] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  596.790049][ T5845] usb 5-1: Product: syz
[  596.799860][ T5845] usb 5-1: Manufacturer: syz
[  596.809735][ T5845] usb 5-1: SerialNumber: syz
[  596.847151][T18529] loop5: detected capacity change from 0 to 47
[  596.917687][T18527] loop2: detected capacity change from 0 to 4096
[  596.977176][T18530] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  597.166357][T18534] program syz.5.5402 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  597.309846][ T5845] ch9200: probe of 5-1:2.31 failed with error -22
[  597.357003][ T5845] usb 5-1: USB disconnect, device number 15
[  597.651576][T18546] loop0: detected capacity change from 0 to 64
[  597.857789][T18552] loop0: detected capacity change from 0 to 256
[  597.923099][T18552] FAT-fs (loop0): Directory bread(block 64) failed
[  597.938110][T18552] FAT-fs (loop0): Directory bread(block 65) failed
[  597.946166][T18552] FAT-fs (loop0): Directory bread(block 66) failed
[  597.954299][T18552] FAT-fs (loop0): Directory bread(block 67) failed
[  597.961367][T18552] FAT-fs (loop0): Directory bread(block 68) failed
[  597.968126][T18552] FAT-fs (loop0): Directory bread(block 69) failed
[  597.975337][T18552] FAT-fs (loop0): Directory bread(block 70) failed
[  598.000944][T18552] FAT-fs (loop0): Directory bread(block 71) failed
[  598.018204][T18552] FAT-fs (loop0): Directory bread(block 72) failed
[  598.038660][T18552] FAT-fs (loop0): Directory bread(block 73) failed
[  598.531327][   T28] audit: type=1326 audit(1755613467.170:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18569 comm="syz.2.5421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07ee78ebe9 code=0x7ffc0000
[  598.620040][   T28] audit: type=1326 audit(1755613467.170:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18569 comm="syz.2.5421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07ee78ebe9 code=0x7ffc0000
[  598.647984][T18575] loop0: detected capacity change from 0 to 1024
[  598.682630][   T28] audit: type=1326 audit(1755613467.208:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18569 comm="syz.2.5421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=138 compat=0 ip=0x7f07ee78ebe9 code=0x7ffc0000
[  598.772674][   T28] audit: type=1326 audit(1755613467.208:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18569 comm="syz.2.5421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07ee78ebe9 code=0x7ffc0000
[  598.808458][T18575] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  599.028822][ T5780] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  599.162132][T18586] loop5: detected capacity change from 0 to 4096
[  599.311220][T18586] ntfs3: loop5: Failed to initialize $Extend/$Reparse.
[  599.329507][T18586] ntfs3: loop5: ino=9, ntfs_sync_fs failed, -22.
[  599.337085][T18586] ntfs3: loop5: Mark volume as dirty due to NTFS errors
[  599.420958][T18600] ksmbd: Unknown IPC event: 3, ignore.
[  599.596602][T18606] loop2: detected capacity change from 0 to 64
[  599.632303][T18608] netlink: 'syz.0.5435': attribute type 21 has an invalid length.
[  599.701531][T18608] netlink: 156 bytes leftover after parsing attributes in process `syz.0.5435'.
[  600.794983][T18650] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  601.288518][T18663] loop0: detected capacity change from 0 to 4096
[  601.596850][T18663] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  601.801640][T18663] ntfs3: loop0: ino=9, ntfs_sync_fs failed, -22.
[  601.977657][ T5780] ntfs3: loop0: ino=9, ntfs_sync_fs failed, -22.
[  601.988707][T18680] libceph: resolve '0' (ret=-3): failed
[  602.989102][T18711] loop0: detected capacity change from 0 to 1024
[  603.004535][T18705] loop5: detected capacity change from 0 to 4096
[  603.032751][T18705] __ntfs_warning: 1 callbacks suppressed
[  603.032768][T18705] ntfs: (device loop5): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  603.035357][T18713] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5488'.
[  603.153852][T18705] ntfs: volume version 3.1.
[  603.217566][   T48] hfsplus: b-tree write err: -5, ino 4
[  603.667239][T18723] AppArmor: change_hat: Invalid input '0'
[  603.693501][T18725] loop4: detected capacity change from 0 to 2048
[  603.724726][T18725] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found!
[  603.787693][T18725] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  604.065727][T18735] vim2m vim2m.0: Fourcc format (0x47425247) invalid.
[  604.619793][T18753] sp0: Synchronizing with TNC
[  605.121311][T18773] loop5: detected capacity change from 0 to 8
[  605.184229][T18773] SQUASHFS error: zlib decompression failed, data probably corrupt
[  605.232851][T18773] SQUASHFS error: Failed to read block 0x9b: -5
[  605.254415][T18773] SQUASHFS error: Unable to read metadata cache entry [99]
[  605.286530][T18771] loop4: detected capacity change from 0 to 8192
[  605.297621][T18773] SQUASHFS error: Unable to read inode 0x127
[  605.297983][T18771] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  605.409471][T18771] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000001)
[  605.417373][T18771] FAT-fs (loop4): Filesystem has been set read-only
[  605.443080][ T5103] Bluetooth: hci4: unexpected event for opcode 0x203c
[  605.513207][T18783] binder: 18782:18783 ioctl c0306201 200000000080 returned -14
[  606.076843][   T28] audit: type=1326 audit(1755613474.243:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18800 comm="syz.0.5532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa093d8ebe9 code=0x7ffc0000
[  606.141485][   T28] audit: type=1326 audit(1755613474.243:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18800 comm="syz.0.5532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa093d8ebe9 code=0x7ffc0000
[  606.146250][T18799] loop4: detected capacity change from 0 to 4096
[  606.214449][   T28] audit: type=1326 audit(1755613474.271:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18800 comm="syz.0.5532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=306 compat=0 ip=0x7fa093d8ebe9 code=0x7ffc0000
[  606.298749][   T28] audit: type=1326 audit(1755613474.271:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18800 comm="syz.0.5532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa093d8ebe9 code=0x7ffc0000
[  606.356610][   T28] audit: type=1326 audit(1755613474.271:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18800 comm="syz.0.5532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa093d8ebe9 code=0x7ffc0000
[  606.478073][T18799] ntfs: volume version 3.1.
[  607.186177][T18825] netlink: 'syz.4.5544': attribute type 5 has an invalid length.
[  607.378962][T18829] netlink: 'syz.4.5546': attribute type 39 has an invalid length.
[  607.417348][T18829] veth0_macvtap: left promiscuous mode
[  607.545235][T18819] loop0: detected capacity change from 0 to 32768
[  607.614555][T18813] loop2: detected capacity change from 0 to 32768
[  607.934143][T18837] netlink: 'syz.4.5550': attribute type 10 has an invalid length.
[  608.013127][T18837] bridge0: port 2(bridge_slave_1) entered disabled state
[  608.022577][T18837] bridge0: port 1(bridge_slave_0) entered disabled state
[  608.081534][T18837] bridge0: left promiscuous mode
[  608.099710][T18837] bridge0: left allmulticast mode
[  608.126678][T18837] bridge0: port 2(bridge_slave_1) entered blocking state
[  608.133942][T18837] bridge0: port 2(bridge_slave_1) entered forwarding state
[  608.143860][T18837] bridge0: port 1(bridge_slave_0) entered blocking state
[  608.151156][T18837] bridge0: port 1(bridge_slave_0) entered forwarding state
[  608.201318][T18837] bridge0: entered promiscuous mode
[  608.206794][T18837] bridge0: entered allmulticast mode
[  608.250696][T18837] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  608.333850][T18841] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5553'.
[  608.661252][T18851] loop0: detected capacity change from 0 to 2048
[  608.694721][T18851] NILFS (loop0): invalid segment: Magic number mismatch
[  608.721683][T18851] NILFS (loop0): trying rollback from an earlier position
[  608.810811][T18851] NILFS (loop0): recovery complete
[  608.850105][T18860] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  609.259993][   T28] audit: type=1326 audit(1755613477.218:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18868 comm="syz.0.5565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa093d8ebe9 code=0x7ffc0000
[  609.301020][   T28] audit: type=1326 audit(1755613477.237:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18868 comm="syz.0.5565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa093d8ebe9 code=0x7ffc0000
[  609.509021][T18855] loop5: detected capacity change from 0 to 32768
[  609.564530][T18855] ERROR: (device loop5): diAllocAG: error reading iag
[  609.564530][T18855] 
[  609.608626][T18855] ialloc: diAlloc returned -5!
[  609.917249][T18888] loop4: detected capacity change from 0 to 16
[  609.951376][T18888] erofs: (device loop4): mounted with root inode @ nid 36.
[  610.027519][T18888] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192]
[  610.083131][T18888] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192]
[  610.145411][   T28] audit: type=1800 audit(1755613478.042:175): pid=18888 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.5574" name="file2" dev="loop4" ino=89 res=0 errno=0
[  610.382157][T18900] loop4: detected capacity change from 0 to 1024
[  610.430296][T18900] hfsplus: unable to parse mount options
[  610.740262][T18908] loop2: detected capacity change from 0 to 4096
[  610.870429][T18914] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  610.890391][T18908] NILFS (loop2): nilfs_palloc_commit_free_entry (ino=6): entry number 15 already freed
[  611.382940][T18928] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5591'.
[  611.411276][T18928] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5591'.
[  611.522440][   T29] INFO: task syz-executor:5788 blocked for more than 143 seconds.
[  611.530319][   T29]       Not tainted 6.6.102-syzkaller #0
[  611.549912][T18931] netlink: 'syz.0.5593': attribute type 2 has an invalid length.
[  611.567273][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  611.607886][   T29] task:syz-executor    state:D stack:21704 pid:5788  ppid:1      flags:0x00004004
[  611.639693][   T29] Call Trace:
[  611.643043][   T29]  <TASK>
[  611.658988][   T29]  __schedule+0x14d2/0x44d0
[  611.672281][   T29]  ? asan.module_dtor+0x20/0x20
[  611.695663][   T29]  ? mark_lock+0x94/0x320
[  611.700096][   T29]  ? lock_chain_count+0x20/0x20
[  611.714521][   T29]  ? _raw_spin_lock_irq+0xaf/0xe0
[  611.719893][   T29]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  611.742034][   T29]  schedule+0xbd/0x170
[  611.746217][   T29]  io_schedule+0x80/0xd0
[  611.765193][   T29]  folio_wait_bit_common+0x6eb/0xf70
[  611.771004][   T29]  ? folio_wait_bit+0x30/0x30
[  611.775877][   T29]  ? filemap_get_entry+0x35c/0x3c0
[  611.781419][   T29]  ? _compound_head+0x120/0x120
[  611.786400][   T29]  ? find_lock_entries+0xc38/0xfe0
[  611.791871][   T29]  __filemap_get_folio+0xbc/0xbc0
[  611.797024][   T29]  truncate_inode_pages_range+0x40a/0xf00
[  611.803118][   T29]  ? mapping_evict_folio+0x510/0x510
[  611.813320][   T29]  ? _raw_spin_lock_irq+0xaf/0xe0
[  611.818511][   T29]  ? _raw_spin_unlock_irq+0x23/0x50
[  611.823980][   T29]  ? lockdep_hardirqs_on+0x98/0x150
[  611.829340][   T29]  evict+0x499/0x870
[  611.834481][   T29]  ? proc_nr_inodes+0x230/0x230
[  611.839368][   T29]  ? do_raw_spin_unlock+0x121/0x230
[  611.846364][   T29]  ? do_raw_spin_unlock+0x121/0x230
[  611.851637][   T29]  evict_inodes+0x5fe/0x690
[  611.856210][   T29]  ? clear_inode+0x150/0x150
[  611.860836][   T29]  generic_shutdown_super+0x97/0x2b0
[  611.866388][   T29]  kill_block_super+0x44/0x90
[  611.871227][   T29]  deactivate_locked_super+0x97/0x100
[  611.876746][   T29]  cleanup_mnt+0x429/0x4c0
[  611.881183][   T29]  task_work_run+0x1ce/0x250
[  611.885871][   T29]  ? task_work_cancel+0x240/0x240
[  611.890928][   T29]  ? exit_to_user_mode_loop+0x3b/0x110
[  611.896441][   T29]  exit_to_user_mode_loop+0xe6/0x110
[  611.901723][   T29]  exit_to_user_mode_prepare+0xb1/0x140
[  611.907466][   T29]  syscall_exit_to_user_mode+0x1a/0x50
[  611.913101][   T29]  do_syscall_64+0x61/0xb0
[  611.917581][   T29]  ? clear_bhb_loop+0x40/0x90
[  611.922268][   T29]  ? clear_bhb_loop+0x40/0x90
[  611.926945][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  611.932939][   T29] RIP: 0033:0x7f86fd38ff17
[  611.937515][   T29] RSP: 002b:00007ffe116ae618 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  611.946104][   T29] RAX: 0000000000000000 RBX: 00007f86fd411c05 RCX: 00007f86fd38ff17
[  611.954265][   T29] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe116ae6d0
[  611.962380][   T29] RBP: 00007ffe116ae6d0 R08: 0000000000000000 R09: 0000000000000000
[  611.970380][   T29] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe116af760
[  611.978478][   T29] R13: 00007f86fd411c05 R14: 0000000000065a07 R15: 00007ffe116af7a0
[  611.986528][   T29]  </TASK>
[  611.989625][   T29] 
[  611.989625][   T29] Showing all locks held in the system:
[  611.997717][   T29] 1 lock held by khungtaskd/29:
[  612.002593][   T29]  #0: ffffffff8cd2fbe0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x290
[  612.012798][   T29] 2 locks held by getty/5539:
[  612.017616][   T29]  #0: ffff88802dc3d0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  612.027707][   T29]  #1: ffffc9000326e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x425/0x1380
[  612.037976][   T29] 1 lock held by syz-executor/5788:
[  612.043186][   T29]  #0: ffff888025c020e0 (&type->s_umount_key#59){+.+.}-{3:3}, at: deactivate_super+0xa4/0xe0
[  612.053784][   T29] 
[  612.056121][   T29] =============================================
[  612.056121][   T29] 
[  612.065767][   T29] NMI backtrace for cpu 1
[  612.070120][   T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.6.102-syzkaller #0
[  612.077992][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  612.088122][   T29] Call Trace:
[  612.091398][   T29]  <TASK>
[  612.094319][   T29]  dump_stack_lvl+0x16c/0x230
[  612.098988][   T29]  ? show_regs_print_info+0x20/0x20
[  612.104170][   T29]  ? load_image+0x3b0/0x3b0
[  612.108662][   T29]  nmi_cpu_backtrace+0x39b/0x3d0
[  612.113599][   T29]  ? nmi_trigger_cpumask_backtrace+0x2f0/0x2f0
[  612.119761][   T29]  ? _printk+0xd0/0x110
[  612.123979][   T29]  ? load_image+0x3b0/0x3b0
[  612.128530][   T29]  ? load_image+0x3b0/0x3b0
[  612.133069][   T29]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  612.139161][   T29]  nmi_trigger_cpumask_backtrace+0x17a/0x2f0
[  612.145167][   T29]  watchdog+0xf41/0xf80
[  612.149419][   T29]  ? watchdog+0x1e1/0xf80
[  612.153768][   T29]  kthread+0x2fa/0x390
[  612.157845][   T29]  ? hungtask_pm_notify+0x90/0x90
[  612.162878][   T29]  ? kthread_blkcg+0xd0/0xd0
[  612.167477][   T29]  ret_from_fork+0x48/0x80
[  612.171905][   T29]  ? kthread_blkcg+0xd0/0xd0
[  612.176501][   T29]  ret_from_fork_asm+0x11/0x20
[  612.181292][   T29]  </TASK>
[  612.185172][   T29] Sending NMI from CPU 1 to CPUs 0:
[  612.190430][    C0] NMI backtrace for cpu 0
[  612.190444][    C0] CPU: 0 PID: 11 Comm: kworker/u4:0 Not tainted 6.6.102-syzkaller #0
[  612.190461][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  612.190472][    C0] Workqueue: events_unbound nsim_dev_trap_report_work
[  612.190494][    C0] RIP: 0010:mark_lock+0x9c/0x320
[  612.190516][    C0] Code: 89 c7 41 81 e7 ff 1f 00 00 c1 e8 03 25 f8 03 00 00 48 8d b8 00 35 da 90 be 08 00 00 00 e8 dc 18 75 00 4c 0f a3 3d c4 79 72 0f <73> 10 49 69 c7 d0 00 00 00 4c 8d b8 c0 b3 70 90 eb 24 48 c7 c0 60
[  612.190529][    C0] RSP: 0018:ffffc900001074a0 EFLAGS: 00000057
[  612.190542][    C0] RAX: 0000000000000001 RBX: ffff888019e7bc00 RCX: ffffffff8167bb34
[  612.190553][    C0] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff90da3500
[  612.190564][    C0] RBP: 0000000000000008 R08: ffffffff90da3507 R09: 1ffffffff21b46a0
[  612.190574][    C0] R10: dffffc0000000000 R11: fffffbfff21b46a1 R12: 0000000000000100
[  612.190585][    C0] R13: dffffc0000000000 R14: ffff888019e7c780 R15: 000000000000002f
[  612.190596][    C0] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  612.190610][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  612.190621][    C0] CR2: 00007f1a78f86358 CR3: 000000000cb30000 CR4: 00000000003506f0
[  612.190637][    C0] Call Trace:
[  612.190644][    C0]  <TASK>
[  612.190653][    C0]  __lock_acquire+0xd49/0x7c80
[  612.190671][    C0]  ? deref_stack_reg+0x1bd/0x240
[  612.190699][    C0]  ? ret_from_fork_asm+0x11/0x20
[  612.190719][    C0]  ? verify_lock_unused+0x140/0x140
[  612.190734][    C0]  ? ret_from_fork_asm+0x11/0x20
[  612.190752][    C0]  ? stack_trace_save+0xe0/0xe0
[  612.190769][    C0]  ? arch_stack_walk+0x16e/0x190
[  612.190786][    C0]  ? ret_from_fork_asm+0x11/0x20
[  612.190807][    C0]  ? stack_trace_save+0x9c/0xe0
[  612.190823][    C0]  ? stack_trace_snprint+0xf0/0xf0
[  612.190841][    C0]  lock_acquire+0x197/0x410
[  612.190856][    C0]  ? crng_make_state+0x13b/0x700
[  612.190877][    C0]  ? __kasan_kmalloc+0x8f/0xa0
[  612.190893][    C0]  ? __kmalloc_node_track_caller+0xb2/0x230
[  612.190912][    C0]  ? kmalloc_reserve+0x117/0x260
[  612.190930][    C0]  ? __alloc_skb+0x138/0x2c0
[  612.190955][    C0]  ? nsim_dev_trap_report_work+0x293/0xb00
[  612.190971][    C0]  ? read_lock_is_recursive+0x20/0x20
[  612.190986][    C0]  ? ret_from_fork+0x48/0x80
[  612.191001][    C0]  ? ret_from_fork_asm+0x11/0x20
[  612.191073][    C0]  crng_make_state+0x158/0x700
[  612.191091][    C0]  ? crng_make_state+0x13b/0x700
[  612.191111][    C0]  ? crng_make_state+0x13b/0x700
[  612.191130][    C0]  ? urandom_read_iter+0x150/0x150
[  612.191154][    C0]  _get_random_bytes+0xd6/0x210
[  612.191172][    C0]  ? get_random_bytes+0x20/0x20
[  612.191198][    C0]  ? skb_put+0x11b/0x210
[  612.191218][    C0]  nsim_dev_trap_report_work+0x338/0xb00
[  612.191240][    C0]  ? process_scheduled_works+0x957/0x15b0
[  612.191258][    C0]  process_scheduled_works+0xa45/0x15b0
[  612.191286][    C0]  ? assign_work+0x400/0x400
[  612.191304][    C0]  ? assign_work+0x39e/0x400
[  612.191323][    C0]  worker_thread+0xa55/0xfc0
[  612.191349][    C0]  kthread+0x2fa/0x390
[  612.191362][    C0]  ? pr_cont_work+0x560/0x560
[  612.191379][    C0]  ? kthread_blkcg+0xd0/0xd0
[  612.191393][    C0]  ret_from_fork+0x48/0x80
[  612.191409][    C0]  ? kthread_blkcg+0xd0/0xd0
[  612.191423][    C0]  ret_from_fork_asm+0x11/0x20
[  612.191447][    C0]  </TASK>
[  612.194491][   T29] Kernel panic - not syncing: hung_task: blocked tasks
[  612.524745][   T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.6.102-syzkaller #0
[  612.532646][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  612.542705][   T29] Call Trace:
[  612.545991][   T29]  <TASK>
[  612.548925][   T29]  dump_stack_lvl+0x16c/0x230
[  612.553617][   T29]  ? show_regs_print_info+0x20/0x20
[  612.558821][   T29]  ? load_image+0x3b0/0x3b0
[  612.563346][   T29]  panic+0x2c0/0x710
[  612.567252][   T29]  ? schedule_preempt_disabled+0x20/0x20
[  612.572895][   T29]  ? bpf_jit_dump+0xd0/0xd0
[  612.577410][   T29]  ? __irq_work_queue_local+0x13a/0x3b0
[  612.582966][   T29]  ? nmi_trigger_cpumask_backtrace+0x2a4/0x2f0
[  612.589142][   T29]  watchdog+0xf80/0xf80
[  612.593308][   T29]  ? watchdog+0x1e1/0xf80
[  612.597649][   T29]  kthread+0x2fa/0x390
[  612.601720][   T29]  ? hungtask_pm_notify+0x90/0x90
[  612.606749][   T29]  ? kthread_blkcg+0xd0/0xd0
[  612.611341][   T29]  ret_from_fork+0x48/0x80
[  612.615762][   T29]  ? kthread_blkcg+0xd0/0xd0
[  612.620356][   T29]  ret_from_fork_asm+0x11/0x20
[  612.625228][   T29]  </TASK>
[  612.628540][   T29] Kernel Offset: disabled
[  612.632865][   T29] Rebooting in 86400 seconds..