last executing test programs:

3m13.118391073s ago: executing program 3 (id=74):
r0 = syz_open_dev$cec(&(0x7f0000000100), 0x0, 0x103000)
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f00000001c0)={"f2efe21e", 0x0, 0x6, 0x4d, 0x0, 0x1ff, "2179d46fd08e3c0ced34c7d0c7e6d7", "7ca24a13", '\x00', "a2d1d4a2", ["1af0b1ba1cb8fd54c9c9b587", "bed0f3d6ce7a5f7389827f04", "33af343c60abc64f2fdc9ddf", "9b3842fc63849f62b6eb1c3c"]})
ioctl$CEC_TRANSMIT(r0, 0xc0386105, &(0x7f0000000d40)={0x0, 0x1, 0x4, 0x0, 0x0, 0x4063, "57c1169b6664ea61326ac71ae7213059", 0x0, 0x0, 0x0, 0x0, 0x7a})
r1 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f0000000340)={"6d71f879", 0x5, 0x0, 0x0, 0x0, 0x0, "244a18d1c4e6469a005caf0c0ff58a", "ce4250d8", "bf513d1d", "136712b9", ["27e203a56a36ac4f0b8b8c4f", "5e10229555954b0f02cd1469", "cb0e83d3a15978155c384d00", "79f56ca74227234da829edb7"]})

3m12.389997545s ago: executing program 3 (id=82):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4000844)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)

3m10.898228243s ago: executing program 3 (id=93):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000080)='%ps    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000100)={r1, <r2=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x5, &(0x7f00000003c0)=@framed={{}, [@map_val={0x18, 0x4, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0x76e31834}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

3m10.652939747s ago: executing program 3 (id=96):
syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f0000000500)='./file0\x00', 0x800, &(0x7f0000000040)=ANY=[], 0x1, 0x17f, &(0x7f0000000380)="$eJzskr1OOkEUxc/sLh//f5RoYkUDBfGjUJZFjZ2W2NvZSGBF4qLCkiiEYo0xFBbG0ifgNUx8AS2MD0BNQazNmtm5OxnwEZxfsWfumTt35l4489t+CsD3dFDDASJMZPDOGCwAOSa8iSH0ifSD9FEI3ijvkPw70qzf6ycpJ49lYZxXPc/t5AF8RZ60/P1bA5Oo1Od0UOOLEwBhGIbcqwM8HQtKjgmgreRkLWAlaiKUObwRHqwBKHZbV0W/199stqoNt+FeOGZ519627R2neNr0XFt8mXIFtQKuGwBSaUj4fgLAPcX/MQtTnkb77B+O5dlkPMMMwzyGcjZWhhf5rhTi3ws4wir4s64DpriFqIqFqKUKGEwKSpbyPnFXOtrYql169SEYWHxsBEvWKI2RkIGjBuW9AIui1JBKFkgrpCPSMWlu7i9jBfz7QNF6ACRxU+12OyU+JLFi8cqRnrMUqAPjtz4bs829Gr9mq9FoNBqNRqPRaDR/jZ8AAAD//8JqdgE=")
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f0000000340)='./file0\x00')
setuid(0xee01)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='cgroup.controllers\x00', 0x275a, 0x0)

3m10.338286248s ago: executing program 3 (id=100):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x27c})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x2000007, 0x204031, 0xffffffffffffffff, 0x94c1c000)
readv(r0, &(0x7f0000001480)=[{&(0x7f0000000000)=""/119, 0x20}], 0x1)

3m9.867138599s ago: executing program 3 (id=104):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='clear_refs\x00')
write$binfmt_format(r0, &(0x7f0000000300)='1\x00', 0x2)

3m9.07678493s ago: executing program 32 (id=104):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='clear_refs\x00')
write$binfmt_format(r0, &(0x7f0000000300)='1\x00', 0x2)

2m19.555749585s ago: executing program 4 (id=362):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x39}}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendto$inet(r0, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)

2m19.027865256s ago: executing program 4 (id=365):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="06000000040000000800000007"], 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x1014}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000d000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc)

2m18.806074223s ago: executing program 4 (id=367):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1000002, 0x31, 0xffffffffffffffff, 0x0)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f00000005c0), 0x10)
recvmmsg(r0, &(0x7f00000099c0)=[{{0x0, 0x0, &(0x7f0000007040)=[{&(0x7f0000006040)=""/4086, 0xff6}], 0x1}, 0x8000}], 0x1, 0x10002, 0x0)
sendmsg$can_bcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f0000000000010000000000", @ANYRES64=0x0, @ANYRES64=0x2710], 0x48}}, 0x0)

2m18.398784427s ago: executing program 4 (id=371):
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000040)='./bus\x00', 0x100c404, &(0x7f0000000800)={[{@nodots}, {@fat=@fmask={'fmask', 0x3d, 0xdbd}}, {@fat=@nfs_stale_rw}, {@fat=@uid={'uid', 0x3d, 0xee00}}, {@nodots}, {@nodots}, {@fat=@nfs_nostale_ro}, {@nodots}, {@dots}, {@nodots}, {@nodots}, {@fat=@errors_remount}, {@nodots}, {@fat=@gid={'gid', 0x3d, 0xee00}}, {@fat=@quiet}, {@fat=@tz_utc}, {@nodots}, {@fat=@nfs}, {@dots}, {@fat=@umask={'umask', 0x3d, 0x7da5}}, {@nodots}, {@fat=@tz_utc}, {@fat=@errors_remount}, {@nodots}]}, 0x1, 0x1f5, &(0x7f0000000600)="$eJzs3cFqE1EUANCbmCYTcdGdIAgjLnRV1C+oSAUxIFSy0J2gK7NqN6mb9jP8Bf/LD5CuspEncSadmKYxBDKj7Tmb3pn7Xt+7M2SSTW5SFL7f/RpZ1or2fuzHpBW70Y6ZswAArpNJSvEjFZreCwBQjzXe/3/WvCUAYMvevnv/+vlgcHCY51nE+dl4OB4Wf4v8y1eDgyf5b7vVrPPxeHjrIv80X/zsMM3vxO0y/6yYn1+kuxEx7Mbjh0V+mnvxZpD/Ob8XH7dcOwAAAAAAAAAAAAAAAAAAAAAANOV+5DNL+/vs7S3m+2W+OJrrD7TQv6cT9zrlYdUeKJ3WURQAAAAAAAAAAAAAAAAAAAD8Z45Pvnz+MBp9OqqCXkTMn+ksGXN10Cr/8VqDmw/asdn0flnmBou2yku03QL7y2/uOkF0/pW7s2mQ17BWf+XlTWkaLH8VzNpiXDm9GxGrV390uOnmJyml0bcHR8cnkVYOrp4RvVqfSAAAAAAAAAAAAAAAAAAAcHPNfev7kqyJDQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAA6rf/58Gl8+sDE4j4k78dfBsrZ3IGq0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA6+tXAAAA//85ziI4")
chroot(&(0x7f0000000a40)='./file0\x00')
mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2901090, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
umount2(&(0x7f0000000440)='./file0/../file0/../file0/../file0\x00', 0x0)

2m17.93951278s ago: executing program 4 (id=375):
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x4001, 0x3, 0x270, 0x0, 0x37f, 0x148, 0x0, 0x148, 0x228, 0x240, 0x240, 0x228, 0x240, 0x7fffffe, 0x0, {[{{@uncond, 0x0, 0x98, 0xe0, 0x0, {}, [@common=@inet=@ecn={{0x28}, {0x21, 0x0, 0xfd}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00'}}}, {{@uncond, 0x0, 0xb8, 0xf8, 0x0, {}, [@common=@socket0={{0x20}}, @common=@icmp={{0x28}, {0x12, "d551"}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2d0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x44, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x44}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="8c0000000906010200000000000000000200ffff08000940000000390900020073797a310000000005000100070000005c0008801c0007801800018014000240"], 0x8c}, 0x1, 0x0, 0x0, 0x10000182}, 0x4000080)

2m17.374712143s ago: executing program 4 (id=378):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
writev(r0, &(0x7f0000000240)=[{&(0x7f0000000a40)="2e9b3d0007e03dd65193dfb6c575", 0xe}, {&(0x7f0000000100)='\x00\x00\x00\x00', 0x4}, {&(0x7f0000000a80)='h?\x00W', 0x4}], 0x3)

2m16.837808412s ago: executing program 33 (id=378):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
writev(r0, &(0x7f0000000240)=[{&(0x7f0000000a40)="2e9b3d0007e03dd65193dfb6c575", 0xe}, {&(0x7f0000000100)='\x00\x00\x00\x00', 0x4}, {&(0x7f0000000a80)='h?\x00W', 0x4}], 0x3)

1m42.470804947s ago: executing program 1 (id=555):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file0\x00', 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="6163746976655f6c6f67733d362c6261636b67726f756e645f67633d73796e632c70726a6a71756f74613d6e6f666c7573685f6d657267652c646973636172645f756e69743d626c6f636b2c6e6f666c7573685f6d657267652c64697361626c655f726f6c6c5f666f72776172642c696e6c696e655f646174612c6e6f61636c2c6e6f71756f74612c6e6f696e6c696e655f646174612c617467632c6772706a71756f74613d6e6f696e6c696e655f646174612c6a71666d743d7666736f6c642c64697361626c655f6578745f6964656e746966792c6e6f6c617a7974696d652c67727071756f74613d6261636b67725fa9d6e2f9680e4b3250e68867633d73796e632c6d6f64653d61646170746976652c6e6f757365725f78617474722c866973636172645f756e69743d73656374696f6e2c646973636172642c0000000000"], 0x1, 0x5508, &(0x7f0000002480)="$eJzs3EtvG1UUAODjpOmbEiEW7DpShZRItVWnD8GuQCseolVUYMEKHNux3NqeKHackBULlogF/wSBxIolv4EFa3aIBYgdEshzJ9DwkEBxYtJ8nzQ+c6+vz5xrVZXOTOQATqzF7OcfK3EpzkXEfERcjCjOK+VRuJ3CcxGRRcTcY0elnP994nREnI+IS5PkKWelfOvTq+MrN39446evvjlz6sJnX347u10Ds/Z8RPQ30vl2P8W8k+LDcr4x7haxf2NcxvRG/1E5zlPcbq8VGbYbe+saRbzeSevzja3hJK73Gs1J7HTXi/mNQbrgcNzZy1N84GFjsxi32mtF7A7zInZ2U107u+n/tt3hKOVplfk+KNLHaLQX03x7p532s/GoiM3BqJxPefNWe2cSx2UsLxfNvNcq6lg7yDf9//Zmd7C1k43bm8NuPshu1uov1Oq3qvXNvNUetW9UG/3WrRvZUqc3WVYdtRv925087/TatWbeX86WOs1mtV7Plu6017qNQVav167XrlVvLpdnV7NX77+T9VrZ0iS+3B1sjbq9Ybaeb2bpE8vZSu36i8vZlXr21r3VbPXB3bv3Vt9+786791+69/or5aK/lJUtrVxbWanWr1VX6ssnaP8flUVPcf9wIJVZFwBw/PzX/v+y/h+YgsPr/zcfRBx+/x/6/6k4Vv3vSe//D2H/cCD6fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAE+u7hc9fK04W0/hCOf9UOfVMOa5ExFxE/Po35uP0vpzzZZ6Ff1i/8Kcavq5EkWFyjTPlcT4ibpfHL08f9rcAAAAAT64vPrz8SerW08virAviKKWbNnMX359SvkpELCx+P6Vsc5OXZ6eUrPj3fSp2ppStuIF1dkrJ0i23U9PK9q/M7wtnHwuVFOaOtBwAAOBI7O8EjrYLAQAA4Ch9POsCmI1K7D3K3HsWXPzl/R8PBM/tGwEAAADHUGXWBQAAAACHruj//f4fAAAAPNnS7/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8xs793CYORHEAfjZ4Yf9p0Wrv28reoIwtYY97jCggTVBADqSFNEAN5JYSIojwOAQiDpE8tpXo+yRnMpb58QbBYWakAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEv31Xpxe/X7um3Obt9OntEAAAAAl2yr9aL+Z5b6X5v735tbP5t+ERFlRFyau4/i01nmqMmpXp6/OX2+elXDXUSdcHiPSXN9iYg/zfX4o+tPAQAAAD6uzXI1T7P19Gc2dEH0KS3alN/+ZsorIqKaPWRKKw95vzKF1d/vcfzPlFYvYE0zhaUlt3GutDepf+7HVbvpSVOkprz4smOR2cYOAAD0aHTW9DsLAQAAoE//hi6AYRTxvJV53AqcpKbZ3vt81gMAAADeoWLoAgAAAIDO1fP/ns7/2zv/DwAAAIaRzv8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgS9tqvdgsV/O2Obt9O3lGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8MT+vKNACIRBGOxd35nM/Q8rDZqamlSB8PE3BgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDmd3/5PzE1ziRzr42l55Fk7dTYOjX2zo2jP4yvXwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF/vzkgIhEARRMGf876Tvf1hJ0DOIEAENjypq0QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfNHvfvk/MTXOJHOnjaXjkWTtqrF11dh70Dh6MN7+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFzv38xpHFQcA/M3MztZWxTXKHiKi4EEvdrutrb2JByV48E8QQrqtsVt/tDnYUsRcvEnOvYgeRQQl3vo/5JxALvGWwx4ieFZmdiY7+QGuv2Y2yecDb953h2He981CyHfeSwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDS6O1JnGSHzjiOi3Obew+Xsn7rUJ95vLY9n7UsjupM+mR4sfoh6jaXCAAAAGdHUtb3IYSddH0h6+NOXv+n5TVZzf/t0+O4rOcP1/1lX9b+Wfvl593n9wfqjMfJbnpzeTi4dDSV1v83y9n2zF9e0cqffP7uJcm/kPi91edGaf48o683Nt5p5+G5OrIFAP6Ji2VfBOXvQ1nfbzIxAM6MVqXwLuv/pNNsTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1GK2GJ8s4CiHMtyZxZmvv4dJx/eO17fmyXXv0aC18Oblndos0hHBzeTi4VOtsZtu9+w9uLw6Hg7v1By+FEJoa/a1i+rc/mOLiEBp5PoL/KIiLL3tW8jkZQYM/lAAAOJXSomV1/U66vpCdi+ZC+OO7g/X/q5U4TFn/7354bbM6VrX+79c2w9nXW7nzae/e/QevL99ZvDW4Nfj4jcv9N/tXrl+9er2XvyvpeWMCAADAv9MuWrX+j+eOrv9fqMRhyvr/s2/6X1THStT/x5os+jWdCQAAwNn27Mu//xYdcz5qt8Pniysrd/vj4/7ny+NjA6n+beeKVq3/k7mmswIAAADqMFqNDqz/36jEYcr1/6e+f+HH6j2TEML5Yv3/4tInwxv1TWem1fHnxE3PEQAAgGadL1p1/T/N9//H+1se4hDCa6+M4+LfAE5V/yfvfvVDdazq/v8r9U1xJsXd8fPI+24IrW7TGQEAAHCaPVG0rNj/NV1f+OinC++37f8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqNufAQAA//9hGz6T")
r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x0, 0x80)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(r1, 0xf507, 0x0)

1m40.251457138s ago: executing program 1 (id=563):
r0 = socket(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'dummy0\x00', <r1=>0x0})
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x3af2, 0x4)
bind$packet(r0, &(0x7f0000000080)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local}, 0x14)
sendto$packet(r0, &(0x7f00000000c0)="fb575e395d37bac8000800000000", 0xe, 0x0, 0x0, 0x0)

1m39.211273492s ago: executing program 1 (id=570):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'\x00', 0x5})
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0xfffffffffffffffd)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r1, 0xffffffffffffffff, 0x0)

1m38.863961866s ago: executing program 1 (id=573):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000180)={[{@min_batch_time={'min_batch_time', 0x3d, 0x83}}, {@init_itable}, {@mblk_io_submit}]}, 0x3, 0x476, &(0x7f0000000d40)="$eJzs3MtvVFUYAPDv3naKtWAr4gt8VNFIfLQUUFm4UKOJC0xMdKHLSVsIUsDQmghpYnGBK2NM3BOX/guudGOMKxO3ujckxLARXI25M/e284bSmQ44v18y8J376DnfnHvac+/pNIChNZ39k0TsjIg/ImKyVmw8YLr23/Vrq/M3rq3OJ1GpvP93Uj3un2ur88WhxXkT9YVIYl+bepfPXzhVXlpaPJeXZ1dOfzK7fP7CSydPl08snlg8c+jo0SOH51595dDLPclzItI8euejb9499lVD/k159Mh0t53PVio9rm6wdtXFowNsB5szkvdXqTr+J2Okrvcm4+0v1gufD6iBQN9UKpXKROfdaxXgfyyJxrIhD8Oi+EFf3P+2uw9+vW+zj8G7+kbtBijL+3r+qu0ZXX9iUGq6v+2l6Yj4cO3fy9kr+vMcAgCgwY/Z/OfFbLazOp/NPTbmH2k8VHfcffna0FRE3B8RuyPigTgTeyLiwYjqsQ9HxCObrL95kaR1/pNeua3EblE2/3stX9tqnP8Vs7+YGslLu6r5l5LjJ5cWD+bvyYEo7cjKc13q+Omt37/utK9u/pe9t5ez+ou5YN6OK6M7Gs9ZKK+Ut5JzvasXI/aOtss/WV8JSCLi0YjY2+4LpDev4+Tz3z/WaV/9/Dd7tebfRQ8WmirfRTxX6/+1aMq/kHRfn5y9J5YWD84WV0WrX3+79F6n+reUfw9k/X9v2+t/Pf+ppH69dnnzdVz688uO9zTTpTzomH/r9b9WXimPJR9U47F822fllZVzcxFjybFao+u3H9o4tygXx2f5H9jffvzvjo13Yl9EZBfx4xHxREQ8mffdUxHxdETs75L/L28+83HztvEi/zug/xc21f8bwVg0b2kfjJz6+YeGSqc2wjz/G53zz/r/SDU6kG+5le9/t9Ku27uaAQAA4O6TRsTOSNKZ9ThNZ2Zqv8O/JyJdOru88sLxs5+eWah9RmAqSmnxpGuy7nnoXH5bXytfjIjarxYU+w9HWn1u/O3IeLU8M392aWHQycOQm+gw/jN/jQy6dUDf+cAWDC/jH4ZX1/Ff2r52ANuvZfx3HfM7+toWYHu1+fk/Poh2ANuv3fzf3/uB4dA0/i37wRDx/B+Gl/EPw8v4h6G0PB43/5B816D4Srd5+s2CyYittnAwQZTuiGb0LYi071WM9ffS6luQ3IVtbgkG9z0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgl/4LAAD//9yCzmA=")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2081413, 0x0, 0x1, 0x0, &(0x7f0000000080))
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x10000, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0xe0880, 0x4b)
getdents(r0, 0x0, 0x0)

1m38.19576324s ago: executing program 1 (id=578):
syz_io_uring_submit(0x0, 0x0, 0x0)
r0 = socket(0xa, 0x3, 0x3a)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000340)={'pim6reg\x00', 0x2})
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000000)={0x4, 0x1, 0x4}, 0xc)

1m35.354339434s ago: executing program 1 (id=584):
io_setup(0x5, &(0x7f0000000000)=<r0=>0x0)
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000100)={0x3, "421ae375378525920300000000000000080000006bb4478a3ab4c98100", <r2=>0xffffffffffffffff})
io_submit(r0, 0x1, &(0x7f00000003c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}])
ioctl$SW_SYNC_IOC_INC(r1, 0x40045701, &(0x7f0000000040)=0xc)

1m34.487547661s ago: executing program 34 (id=584):
io_setup(0x5, &(0x7f0000000000)=<r0=>0x0)
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000100)={0x3, "421ae375378525920300000000000000080000006bb4478a3ab4c98100", <r2=>0xffffffffffffffff})
io_submit(r0, 0x1, &(0x7f00000003c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}])
ioctl$SW_SYNC_IOC_INC(r1, 0x40045701, &(0x7f0000000040)=0xc)

4.156217404s ago: executing program 2 (id=1032):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
mount(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000080)='proc\x00', 0x189, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000010c0)='attr\x00')
openat$incfs(r1, &(0x7f0000000040)='.log\x00', 0x40, 0x23)

3.97280168s ago: executing program 2 (id=1033):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0x1, "fa02c800"})
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz1\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x15, [0x8000, 0xc95a, 0xf, 0x8, 0x83, 0x2, 0x3, 0x7f, 0xa9, 0x4d, 0x2, 0x5f, 0x9, 0x15, 0xfc, 0xff7fff01, 0x6, 0x5, 0x3, 0x5, 0x6, 0x0, 0x7, 0x3c5b, 0x1, 0x24, 0x10, 0x5, 0x0, 0xffffffff, 0xe661, 0x4, 0x7, 0x20003, 0x8, 0x4c74, 0x10000, 0x242, 0x3, 0xe, 0x4, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x6, 0x3e, 0x18e, 0x200006, 0x40000009, 0x454f, 0x6, 0x80004, 0x8, 0x3ff, 0x80, 0x0, 0x5, 0x0, 0xc, 0x8000, 0x3, 0x40], [0x10000007, 0x0, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432f6, 0xc8, 0xf1, 0xe, 0x2bf, 0x6c7, 0x0, 0xfffffffc, 0x5, 0x0, 0x0, 0x5, 0x2f, 0x9, 0xfffffffd, 0x66abcbd2, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x10400, 0x401, 0x6, 0x6, 0xff, 0x2, 0xfffff575, 0x5f31, 0xd, 0x4e0, 0x381, 0x4, 0xb, 0x4, 0x9, 0x8, 0x5, 0x6, 0x47, 0x6, 0x1, 0xfe000000, 0x8, 0x2, 0x4, 0x9, 0x3, 0x3, 0x4000009, 0x6, 0x0, 0x3, 0xbc45, 0x48c93690, 0x9, 0x3], [0x7, 0x408, 0x4, 0x5, 0xfffffffd, 0x100, 0x5, 0x409, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x1, 0x5, 0x0, 0x1ef, 0x5, 0x5, 0x86, 0x10000005, 0x3039, 0xfffffffa, 0xb, 0x5, 0x2, 0x82, 0x400003, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa6, 0x4, 0x1000, 0xae, 0xb1, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0xffffffff, 0x8, 0x1c, 0x1, 0x200807ff, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x4, 0x6, 0x6, 0x0, 0xb8, 0xce4, 0x1ff, 0x2, 0x4184, 0x5, 0x3, 0x2, 0x10000, 0x4, 0x7fff, 0x10003, 0xa620, 0x1, 0x6, 0x1, 0x2000002, 0x0, 0x60a7, 0x6, 0xa, 0xffffffff, 0x80000000, 0x3, 0x5, 0xc8, 0x18, 0xfffff000, 0xffff, 0x0, 0x7e, 0x100, 0x9622, 0x7, 0xaf, 0x20000008, 0x5, 0x3, 0x2, 0x5, 0x10, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x530e, 0x6c1b, 0x0, 0x4, 0x5, 0x803, 0xd7, 0x200, 0xb, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
ioctl$SW_SYNC_IOC_INC(r0, 0x40045701, &(0x7f0000000140)=0x5)

3.746706097s ago: executing program 2 (id=1034):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900038073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x25}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

3.527903326s ago: executing program 2 (id=1035):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_DEAUTHENTICATE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)={0x30, r1, 0x1, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x1}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}]}, 0x30}, 0x1, 0x0, 0x0, 0x40}, 0xc0)

3.393860571s ago: executing program 2 (id=1037):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x7a, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000020000402505a1a44000010203010902680002010040000904000001020e0000052406000105240000000d370f0100000000000000000006241a0000000c241b4800f3ff00050080050905810300020000000904010000020d00000904010102020d0000090582020004000000090503020002"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000380)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000240)={0x20, 0x80, 0x1c, {0x2, 0xd, 0x30c952a7, 0xbce, 0xc, 0x0, 0x7, 0x6, 0x3, 0x2, 0x6, 0xff}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)

3.171290379s ago: executing program 6 (id=1038):
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000a00)=ANY=[@ANYBLOB="0a000000c0000000b30000007f"], 0x50)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000a10000000000000000000010851000000600000018180000", @ANYRES32=r0, @ANYBLOB="0000000000000000660000007fffffff18000000f8ffffff00000000100000009500000000000000360a00000000000018010000202078250000000000202020db1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0xa, 0xff5c, &(0x7f0000000340)=""/222}, 0x78)

2.987881514s ago: executing program 0 (id=1039):
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x7a, 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
ioctl$SIOCX25SFACILITIES(0xffffffffffffffff, 0x89e3, &(0x7f0000000080)={0x3d, 0x800000, 0x8, 0x7, 0x2, 0x81})
write$bt_hci(r0, &(0x7f0000000080)=ANY=[], 0x6)

2.908010269s ago: executing program 6 (id=1040):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x111, &(0x7f0000000380)={0x0, 0x5887, 0x1000, 0x0, 0x36f}, &(0x7f0000001140)=<r2=>0x0, &(0x7f0000001080)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x40, 0x0, r0, 0x22, &(0x7f00000000c0)=@un=@file={0x1, './file0\x00'}, 0x0, 0x0, 0x1})
io_uring_enter(r1, 0x3516, 0x8000067f, 0x4, 0x0, 0x0)

2.529183478s ago: executing program 6 (id=1041):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)={0x38, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_PREV_BSSID={0xa, 0x4f, @from_mac}, @NL80211_ATTR_DISABLE_HT={0x4}]}, 0x38}}, 0x0)

2.348363163s ago: executing program 6 (id=1042):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f00000004c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x8e, &(0x7f0000000000)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3f}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "560400", 0x58, 0x6, 0xff, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x16, 0xc2, 0x0, 0x0, 0x4, {[@fastopen={0x22, 0x2}, @timestamp={0x8, 0xa, 0x800, 0x2}, @mptcp=@syn={0x1e, 0xc, 0x2, 0x1, 0x0, 0x6a1d1f7d, 0x21b}, @exp_smc={0xfe, 0x6}, @nop, @md5sig={0x13, 0x12, "a6de7bb435e7760368f450d390f62d9d"}, @mptcp=@synack={0x1e, 0x10, 0x2, 0x2, 0x1, 0xff, 0x8}]}}}}}}}}, 0x0)

2.283908951s ago: executing program 0 (id=1043):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r2 = creat(&(0x7f00000001c0)='./file0\x00', 0x80)
close_range(r1, 0xffffffffffffffff, 0x2)
write$RDMA_USER_CM_CMD_MIGRATE_ID(r0, &(0x7f0000000540)={0x12, 0x10, 0xfa00, {0x0, 0xffffffffffffffff, r2}}, 0x18)

2.199812255s ago: executing program 0 (id=1044):
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x100000a, 0x4082172, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil)
mremap(&(0x7f0000007000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000006000/0x1000)=nil)
syz_clone(0x20042400, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480))

2.099865586s ago: executing program 6 (id=1046):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40ffffff"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800e80010000d0428bd7000fcdbff2500008000", @ANYRES32=r0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002"], 0x48}}, 0x4084)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)

2.002997628s ago: executing program 5 (id=1047):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-generic\x00'}, 0x58)
r1 = accept(r0, 0x0, 0x0)
sendmsg$IPVS_CMD_GET_SERVICE(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000003c0)={0x14, 0x0, 0x400, 0x70bd2a, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x14}, 0x8000)
sendmmsg$sock(r1, &(0x7f0000001040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4040)

1.816166943s ago: executing program 5 (id=1048):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
pipe2(&(0x7f0000000140), 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x4048aec9, &(0x7f0000000140)={0x2, 0x0, @ioapic={0xe6eff000, 0x9fc, 0x0, 0x20008000, 0x0, [{0x4, 0x8, 0xc7, '\x00', 0x80}, {0x0, 0x3, 0x4, '\x00', 0xc}, {0x0, 0x8, 0xf0, '\x00', 0xd}, {0x2, 0x8f, 0x6, '\x00', 0x1f}, {0xf, 0xff, 0x2, '\x00', 0x3}, {0x0, 0x3, 0x9, '\x00', 0x78}, {0xb, 0x6, 0x7, '\x00', 0x2}, {0x6, 0x2, 0x9, '\x00', 0x1}, {0x9, 0xa, 0x40, '\x00', 0x6}, {0x9, 0x1, 0x5, '\x00', 0x1}, {0x7f, 0x9, 0xff, '\x00', 0x2c}, {0x3, 0x1, 0x4, '\x00', 0x7f}, {0x9, 0x5, 0x7, '\x00', 0x2}, {0x1e, 0xf, 0x5, '\x00', 0x9}, {0x2, 0x8, 0x4c, '\x00', 0x7}, {0xa, 0x5, 0x4}, {0x4, 0x2, 0x4f, '\x00', 0xc}, {0x5, 0x4, 0x2, '\x00', 0x40}, {0x6, 0x6, 0x8b, '\x00', 0x81}, {0x81, 0x0, 0x12, '\x00', 0x88}, {0x2, 0x2, 0x99, '\x00', 0x85}, {0x6, 0x8, 0x9c, '\x00', 0x4}, {0x7f, 0x3, 0x80, '\x00', 0xd3}, {0x0, 0x4, 0x3a, '\x00', 0x5}]}})

1.812417682s ago: executing program 0 (id=1049):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(aes)\x00'}, 0x58)
r1 = accept4$alg(r0, 0x0, 0x0, 0x80000)
io_setup(0x42, &(0x7f0000000100)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000580)=[&(0x7f0000000200)={0x1000000, 0x0, 0x700000000000000, 0x0, 0x0, r1, 0x0, 0x0, 0x8dffffffffffffff, 0x0, 0x2}])

1.343948204s ago: executing program 5 (id=1050):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x58, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x40004}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x20, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}, @IFLA_MACVLAN_MACADDR_MODE={0x8}, @IFLA_MACVLAN_MACADDR={0xa, 0x4, @remote}]}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x58}}, 0x0)

1.171487791s ago: executing program 6 (id=1051):
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x82, 0x3, 0x0, 0x717e387b, 0x40, "1ae34e0626788a22b2fb12dab240794233a5bd", 0x4, 0x2})
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r0, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000001c0)=0xd)

1.170211361s ago: executing program 5 (id=1052):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x10, &(0x7f00000014c0), 0x1, 0x79c, &(0x7f0000001500)="$eJzs3c9rHFUcAPDvbJKmptVEEGw9LQgaKN2YGlsFDxUPIlgo6Nk2bLahZpMt2U1pQqAWEbwIWjwIeunZH/Xm1R9X/Rf0IiItVdNixYNEZrPTbJpNummzSWs+H5j2vZm3efOdH++93XnsBrBj5dN/chH7I+KDJKK/sT6JiJ56qjvi6FK5mwvzxXRJYnHx9T+SepkbC/PFaHpNak8jsy8ivns34kBudb3V2bmJ0XK5NN3ID9UmzwxVZ+cOnp4cHS+Nl6YOD4+MHDry3JHezYv1rx/n9l798JWnvzz6zzuPX37/+ySOxt7GtuY4Nks+8o1j0pMewhVe3uzKtlmy3TvAXUlvza6luzz2R3901VPtab8kAHA/OR8RiwDADpNsrP+PgY7tCQCwNbLPAW4szBfTZfH89n4esdWuvRQRu5fiz55vLm3pbjyz211/Dtp3I1nxvCOJiIFNqD8fEZ9+/ebn6RIdeg4J0MrbFyLi5EA+a/+X259k1ZyFJe1PyHimjTL52/LaP9g636Tjn+eXx3/L91/u1vgnWox/elvcu3cjH7GrOb/6/s9d2YRq1pSO/17sWZ7bdrMp/oaBrkbu4fqYryc5dbpcStu2RyJiMHp60/zwOnUMXv/3+ooVXcvJbPyXHuU/L771WVp/+v9yidyV7tua3LHR2ui9xp25diHiie5W8Se3zn+yxvj3eJt1vPrCe5+stS3fiDtbVsbf+Vlli5cinorW8WeS9eYnHh6qXw5D2UXRwle/fNy3Vv3N4/90SevP3gs02cRZkCul579v/fgHkub5mtWN1/HDpf5v19p25/hbX/+nkjfq6azxODdaq00PR+xKXlu9/tDya7N8Vj6Nf/DJ1vf/etd/+p7wZJvxd1/9/Yu7j7+z0vjHNnT+N564fHOia6362zv/I/XUYGNNO+1fuzt4L8cOAAAAAAAAAAAAAAAAAAAAAAAAANqVi4i9keQKt9K5XKGw9Bvej0Vfrlyp1g6cqsxMjUX9t7IHoieXfdVlf9P3oQ43vg8/yx+6Lf9sRDwaER/1PlTPF4qV8th2Bw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADXvW+P3/1G+92713AEDH7L5jieulLdkRAGDL3Ln/BwD+b/T/ALDz6P8BYOfR/wPAzqP/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMOOHzuWLot/L8wX0/zY2dmZicrZg2Ol6kRhcqZYKFamzxTGK5XxcqlQrEw2vfSnVn+vXKmcGYmpmXNDtVK1NlSdnTsxWZmZqp04PTk6XjpR6tmyyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgfdXZuYnRcrk0LfGgJBb7l07d/bI/nU/8evDnfeuVuegy3vzEdrdMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+G/wIAAP//jfAk6A==")
chdir(&(0x7f0000000240)='./file0\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0xe9)
getdents(r0, &(0x7f0000000000)=""/56, 0x38)
getdents(r0, 0xfffffffffffffffd, 0xbb)

1.160093599s ago: executing program 0 (id=1053):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
unshare(0x22020400)
r0 = open$dir(&(0x7f0000001240)='.\x00', 0x0, 0x0)
setuid(0xee01)
fchdir(r0)

895.599009ms ago: executing program 0 (id=1054):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000400)=ANY=[@ANYBLOB="1201000009b768405e0483020b9901e40201090227000100000000090400fb015cc7aa00090509"], 0x0)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x3, 0x101000)
syz_usb_disconnect(r0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x20, 0x46d, 0x49, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x5, 0x90}}]}}, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x3, [{0x0, 0x0}, {0x0, 0x0}, {0x8, &(0x7f0000000180)=@string={0x8, 0x3, "e982c1d082ba"}}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)

816.170704ms ago: executing program 2 (id=1055):
syz_mount_image$jfs(&(0x7f0000000080), &(0x7f0000000140)='./file0\x00', 0x20108c0, &(0x7f00000008c0)=ANY=[@ANYBLOB="646973636172642c696f636861727365743d63703835352c6572726f72733d72656d6f756e742d726f2c696e746567726974792c6e6f646973636172642c646973636172643d3078303030303030303030303030303030382c6572726f72733d636f6e74696e7565006969736f383835392d342c756d61736b3d3078303030303030303030303030303038312c696f6368617257fd743d6d6163677265656b2c71756f74612c6572726f1729def7e35bcb756e742d726f2c726573697a653d3078303030303030303030181829303030303030312c756d61736b3d3078303030303030303030303032303034352c66736d616769633d307830dcb1c47cb87a74ac1a3030303030303030303030303030392c646566636f6e746578743d726f6f742c66736e616d653d757d407d587d5b2d292b2c000d1c13f7c892c8615d265c6376539175380511bac765713e83a65e4fdf011c705fc6838005120385ac61b970f45d1492a0612eb8000000000000808fc76f91b7b9a5ce77887858ea333961d1ef1e4eabd4c87181dbf575c47e9b8eea9d6806fa159e0525146f6312b4931cffed0000", @ANYRES8, @ANYRES32, @ANYBLOB="a783c89422e31c30d6bf831c4426922089e2b8944eda733c7bed9440aee9df8636110f251ff75794e847bbad8f5979c9d55434d5344bc268e61948fc8a8ffe2d27c14972f79c1c977c01b4a8a4e35f14d116c59482add0c31e922b29fb4c24948818edc636cced878ca31c24c6a3a31bcdca27864f7611d3163d21939c3c5afb70", @ANYBLOB="013ced044bdd1d80c6a59bca5c1f9d57c0bf983de420f461a7414616093c243234af9243259143a1df24ac0219d7c378a65b310c8b4a0a5be52831340548247ed220c3c9fbc83337fa0b63b0a54e73ff5f9b6625b0faa1fb755e1af638d96ec92d0802aa01c49d12703c6452c7b0edad1ecfdc926cf6ee88d55c25510952b43a773f9cd35d70e03d69b2af2ead1c39ef1c55be4e5afc92674e57e227951a9706cec7b734dec89e0ed0de44f23a3de29cee4de42e117c71af53f785eb2feb89"], 0xfa, 0x61ee, &(0x7f0000012cc0)="$eJzs3c1vHGcdB/DfvvolNLV6qEqEkJuWl1KaxEkJgQJtD3Dg0gPKFSVy3SoiBZQElFYWceULB078BSAkjghxRBz6B/TAlRsnTkSykUA9MWi8zxPPbna7No531p7PR3JmfvPMeJ/xd2dfsjP7BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQ3//eD9ZaEXHj52nBSsRnohPRjlgq69WIWFpdyet3I+K52GuOZyOitxBRbr/3z9MRr0bEx2cjdnY318vFlw/Yj+/+8W+/++GZt/76h97F//zpXue1Sevdv/+rf//5wdH2GQAAAJqmKIqild7mn0vv79t1dwoAmIn8/F8kefmpr3/9j7f+Mk/9UavVarV6BnVVMd6DahERW9VtytcMPo4HgBNmKz6puwvUSP6N1o2IM3V3Aphrrbo7wLHY2d1cb6V8W9Xng9VBez4XZCj/rdaj6zsmTacZPcdkVvev7ejEMxP6szSjPsyTnH97NP8bg/Z+Wu+485+VSfn3B5c+NU7OvzOa/4jTk397bP5NlfPvHir/jvwBAAAAAGCO5f//X6n589+Fo+/KgXza57+rM+oDAAAAAAAAADxpRx3/7xHj/wEAAMDcKt+rl35zdn/ZpO9iK5dfb0U8NbI+0DAfDSbLdfcDAAAAAAAAAAAAAJqkOziH93orohcRTy0vF0VR/lSN1od11O1PuqbvPzRZ3Q/yAAAw8PHZkWv5WxGLEXE92nvf9ddbXl4uisWl5WK5WFrIr2f7C4vFUuV9bZ6Wyxb6B3hB3O0X5S9brGxXNe398rT20d9X3la/6BygY09IL/01JzTXFDYAJINnox3PSKdMUTw96cUHDHH8n0IrsVL3/Yr5V/fdFAAAADh+RVEUrTTM37k0vl+77k4BADORn/9HPxc4UB0xvr19yPXVarVarVbPpK4qxntQLSJiq7pN+ZrBcPwAcMJsxSd1d4Eayb/RuhHxXN2dAOZaq+4OcCx2djfXWynfVvX5YHXQns8FGcp/q7W3Xd5+3HSa0XNMZnX/2o5OPDOhP8/OqA/zJOffHs3/xqC9n9Y77vxnZVL+/b1L5pon598ZzX/E6cm/PTb/psr5dw+Vf0f+AAAAAAAwx/L//6/4/DfvMgAAAAAAAACcODu7m+v5utf8+f/nxqzn+s/TKeffOmz+S2le/idazr89kv+XR9brVOYfvrl//P9rd3P99/f++dk8PWj+C3mmle5ZrXSPaKVbanXT9Ch797jtXqdf3lKv1e500zk/Re+duBW3YyMuDa3bTn+P/fa1ofayp72h9stD7d3H2q8MtffS9w4US7n9QqzHT+J2vL3XXrYtTNn/xSntxZT2nH/H438j5fy7lZ8y/+XU3hqZlh5+2H7suK9Ox93OG7c+/8tLx787U21H59G+VZX7d76G/uz9Tc7042d3N+5cuH/z3r07a5EmQ0svR5o8YTn/3t7Pwv7j/wuD9vy4Xz1eH37YP3T+82I7uhPzf6EyX+7vSzPuWx1y/v30k/N/O7WPP/5Pcv6Tj/+Xa+gPAAAAAAAAAAAAAAAAfJqiKPYuEX0jIq6m63/qujYTAJit/PxfJHm5Wq1Wq9Xq01dXFeO9Xi0i4qPqNuVrhl+M+2UAwDz7b0T8ve5OUBv5N1j+vr9y+mLdnQFm6u77H/zo5u3bG3fu1t0TAAAAAAAAAOD/lcf/XK2M//xiRKyMrDc0/uubsXrU8T+7eebRAKNPeKDvCbbb/U67Mtz487E3PveFSeN/n4/Hx//OY+J2qvsxQW9Ke39K+8KU9sWxS/fTGnuhR0XO//nKeOdl/udGhl9vwvivo2PeN0HO/3zl/lzm/6WR9ar5F7+du/y3DrridrSH8r94772fXrz7/gev3Hrv5rsb7278+Mra2qUrV69eu3bt4ju3bm9cGvx7PL2eAzn/PPa180CbJeefM5d/s+T8v5Bq+TdLzv+LqZZ/s+T88+s9+TdLzj+/95F/s+T8X0q1/Jsl5/+VVMu/WXZ2NxfK/F9OtfybJR//X021/Jsl5/9KquXfLDn/C6mWf7Pk/C+m+gD5+3r4UyTnnz/hcvw3S85/LdXyb5ac/+VUy79Zcv5XUi3/Zsn5v5pq+TdLzv9rqZZ/s+T8r6Za/s2S8/96quXfLDn/a6mWf7Pk/L+Ravk3S87/m6mWf7Pk/F9LtfybJef/rVTLv1ly/t9OtfybJef/nVTLv1ly/q+nWv7Nsv/9/2bMmDGTZ+p+ZAIAAAAAAAAAAAAARs3idOK69xEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7EDBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzdXYxcZ30G8DPrXXvtEGIgBCc1sElMCMmSXduJP2hTTCBAA5QCCYV+4LjetVnwF167BIpk00CJhFFRRdX0oi2gqI1UVUQVF7SiNBdVP65Ke0FvKqpKSI0qgwIqUlvRbDVz3vf1zOzszNg7Xp897+8n2f/dmTNzzpw5M7vP2s8eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDdrW+e/1yjKIrmn9ZfW4viRc2PN09tbV32hmu9hQAAAMBq/V/r7+dvSBccGOJGbcv83av+8etLS0tLxQc2/O7El5aW0hVTRTGxqSha10XP/PsHG+3LBI8Xk42xts/HBqx+w4DrxwdcPzHg+o0Drt804PrJAdcv2wHLbC5/HtO6sx2tD7eWu7S4sZhoXbejx60eb2waG4s/y2lptG6zNHGkWCiOFfPFbMfy5bKN1vLfvLW5rrcXcV1jbeva3jxCfvipw3EbGmEf7+hY16X7jL7/pmLqRz/81OE/PnPx5l5z4G7ouL9yO++8rbmdnwmXlNvaKDalfRK3c6xtO7f3eE42dGxno3W75sfd2/n8kNu54dJmrqnu53yyGGt9/O3Wfhpv/7Fe2k/bw2X/fXtRFOcvbXb3MsvWVYwVWzouGbv0/EyWR2TzPpqH0kuL8cs6Tm8d4jhtzrkdncdp92siPv+3htuNr7AN7U/T9z+9cdnzfrnHadR81Cu9VrqPwVG/VqpyDMbj4tutB/1Ez2NwR3j8n7pj5WOw57HT4xhMj7vtGLxt0DE4tnFDa5vTk9Bo3ebSMbizY/kNrTU1WvO5O/ofgzNnjp+aWfzEJ1+/cPzQ0fmj8yd279w5u3vPnn379s0cWTg2P1v+fYV7u/q2FGPpNXBb2HfxNfDarmXbD9Wlr4zudTjZ53W4tWvZUb8Ox7sfXGNtXpDLj+nytfFwc6dPXhgrVniNtZ6fu1b/OkyPu+11ON72Ouz5NaXH63B8iNdhc5lTdw33Pct4259e23C1vhZsbTsGu78f6T4GR/39SFWOwclwXPzrXSt/LdgetveJ6cv9fmTDsmMwPdzw3tO8JH2/P7mvNXodl7c0r7huY3F2cf70PY8dOnPm9M4ijDXxsrZjpft43dL2mIplx+vYZR+vBxZe9cQtPS7fGvbV5Oubf02u+Fw1l7n3nv7PVeurW+/92XHpriKMEVvr/dnrq3lzf6Ys2Wd/Npf5zMzqvxdPubTt/XdihfffmPtfKNeX7urxDRPj5et3Q9o7Ex3vx51P1XjrvavRWvfzM8O9H0+EP2v9fnxjn/fjbV3Ljvr9eKL7wcX348agn3asTvfzORmOk2Oz/d+Pm8ts23W5x+R43/fj28NshP3/upAUUi5qO3ZWOm7TusbHJ8LjGo9r6DxOd3csPxGyWXNdT++6suP0ztvL+9qQHt0la3WcTnUtO+rjNL1frXScNgb99O3KdD+fk+G4uHF3/+O0ucyz967+vXNz/LDtvXPjoGNwYsPG5jZPpIOwfL9f2hyPwXuKw8XJ4lgx17p2Y+t4arTWNX3fcMfgxvBnrd8rt/U5Bu/sWnbUx2D6OrbSsdcYX/7gR6D7+ZwMx8WT9/U/BpvLvGXvaL93vTNckpZp+961++drK/3M65au3XQ1f+bV3M6/2dv/Z7PNZY7tu9yc2X8/3R0uua7Hfup+/a70mpor1mY/bQvbeXHfyvupuT3NZb60f8jj6UBRFOc+9kDr573h31f+/Ox3vt7x7y69/k3n3Mce+MH1R/72crYfgPXvhXJsKb/Wtf3L1DD//g8AAACsCzH3j4WZyP8AAABQGzH3x/8Vnsj/AAAAUBsx94+HmWSS/7e95eLCC+eK1MxfCuL1aTc8VC4XO66z4fOppUualz/w1PyP//LccOseK4riJw/9Rs/ltz0Ut6s0FbbzmQc7L19+w3NDrf/RRy4t195f/3K4//h4hj0MelVwZ4ui+OYNX2itZ+qDF1rz2Ycebc33nn/i8eYyz+8vP4+3f+5l5fJ/EMq/B44c6rj9c2E/fC/M2Xf03h/xdl+78Lrte99/aX3xdo3bXtx62E9+qLzf+Htyvvh4uXzczytt/199/umvNZd/7DW9t//cWO/tfzrc71MPXlxoHnH/88py+fbnoPl5vN1nw/bH9T0Vbn/PV7/Vc/uf+Vy5/Km3lss9GmZc/53h8x1vvbjQvr8eaxzqeFzF28rl4vpnv/Pbrevj/cX7797+yYMXOvZH9/Hx7D+X9zPTtXy8PK4n+ouu9Tfvp/34jOt/+rce7djPg9b/zHufe2XzfrvXf3fXchu6bt/9G5v+8LNf6Lm+uD0H/uxUx+M58J7wOg7rf/JD4XgM1//vM1/oWG/06Hs633/i8l/eeq7j8URv/1G5/mfeeLQ1/2Pqx79/3Yuuf/H5Vzf3XVF8+33l/Q1a/9E/Otmx/V+56a7W8xGvjx397vWvJK7/9MenT5xcPLsw17ZXW787553l9mya3Lylub03hPfW7s8Pnjzz4fnTU7NTs0UxVd9foXfFvhrmD8px/nJvf9cj4fm85fe+ueWOf/p8vPxfHi4vv/CO8uvWa8NyXwyXby2fv6XGKtf/5K03tV7fjWfLzzt67COwfcd/7htqwfD4u78viMf7qZd/uLUfmte1vm7E1/Uqt/+7c+X9fCPs16Xwm5lvu+nS+tqXj78b4cL7ytf7qvdfeJuLz+ufhOf7Xd8r7z9uV3y83w3fx3xrW+f7XTw+vnFurPv+W7/F43x4PynOl9fHpeL+vvD8TT03L/4ekuL8za3Pfyfdz82X9TBXsviJxZljCyfOPjZzZn7xzMziJz558PjJsyfOHGz9Ls+DHxl0+0vvT1ta709z83vuLWY3F0Vxsphdgzesq7P9zY+G2/5Tjxye2zt7x9z8kUNnj5x55NT86aOHFxcPz88t3nHoyJH5jw+6/cLc/Tt37d+9d9f00YW5+/ft3797//TCiZPNzSg3aoA9sx+dPnH6YOsmi/ffu3/nfffdOzt9/OTc/P17Z2enzw66fetr03Tz1r8+fXr+2KEzC8fnpxcXPjl//879e/bsGvjbAI+fOrI4NXP67ImZs4vzp2fKxzJ1pnVx82vfoNtTT4v/Vn4/261R/iK+4t1370m/n7XpqU+veFflIl2/QPRi+F00//CSU/uG+Tzm/okwk0zyPwAAAOQg5v6NYSbyPwAAANRGzP2bwkzkfwAAAKiNmPsnw0wyyf/6//r/w/X/y+tH2f/v1Z8v9P8r1f8/9bGyV7re+/+xP6//n4dr3P9f9fr1//X/69f/H74/v963X/9f/5/lqtb/j7l/c1Fkmf8BAAAgBzH3bwkzkf8BAACgNmLuvy7MRP4HAACA2oi5/0VhJpnkf/3/ofr/uwYVrurf/x/9+f/1//X/16T/H58c/f9sXHb//v0Pd3yq/x/o/+v/6//r/+v/s2oTK15zrfr/MfdfH2aSSf4HAACAHMTc/+IwE/kfAAAAaiPm/hvCTOR/AAAAqI2Y+7eGmWSS//X/nf9f/1//v9b9/9We/79tY/T/1wfn/+9P/3+AK+7/T+r/r8f+/8Rot7/a/f+Bm6//z1VRtfP/x9z/kjCTTPI/AAAA5CDm/peGmcj/AAAAUBsx978szET+BwAAgNqIuf/GMJNM8v9q+v+xc63/r/+v/1/S/y/Vqv/f9/z/5Uf6/9Wi/9+f/v8Azv+fV/9/xNtf7f7/qM//P/Fg9+31/+mlav3/mPtfHmaSSf4HAACAHMTcf1OYifwPAAAAtRFz/yvCTOR/AAAAqI2Y+7eFmWSS/53/X/9f/1//X/+/9/oH9/9L+v/Vov/fn/7/APr/+v/6/8P1/3t886v/Ty9V6//H3H9zmEkm+R8AAAByEHP/LWEm8j8AAADURsz9PxVmIv8DAABAbcTcvz3MJJP8r/+v/6//n1f//+6N+v/6//Wm/9+f/v8A+v/6//r/Q57/f7nL6f9vGnRn1EbV+v8x978yzCST/A8AAAA5iLn/VWEm8j8AAADURsz9rw4zkf8BAACgNmLunwozyST/6//Xq///p3/95KsL/X/9/wHrr2n/Px4G+v+Z0//vT/9/AP1//X/9/zXp/5OPqvX/Y+6/Ncwkk/wPAAAAOYi5/7YwE/kfAAAAaiPm/tvDTOR/AAAAqI2Y+3eEmWSS//X/69X/j/T/9f/7rb+m/f9E/z9v+v89tL1I9f8H0P/X/8++/x+/+9X/ZzSq1v+Puf81YSaZ5H8AAADIQcz9d4SZyP8AAABQGzH3vzbMRP4HAACA2oi5/84wk0zyv/6//r/+v/6//n/v9ev/r0/rq/+/adklVTv//0b9f/1//f/M+v/O/89oVa3/H3P/68JMMsn/AAAAkIOY++8KM5H/AQAAoDbi/7wr/9+r/A8AAAB1FHP/dJhJJvlf/1//P6f+f0P/X/9f/7/21lf/f7mq9f+d/1//X/9f/1//n9WoWv8/5v7Xh5lkkv8BAAAgBzH33xNmIv8DAABAbcTcPxNmIv8DAABAbcTcPxtmkkn+1//X/8+p/+/8//r/+v/1p//fn/7/APr/+v916/8Xhf4/11TV+v8x9+8MM8kk/wMAAEAOYu7fFWYi/wMAAEBtxNy/O8xE/gcAAIDaiLn/3jCTTPK//r/+v/5/Jfr/8S70//X/9f9XSf+/P/3/AfT/16Y/3+sbp/W0/SuoZP/f+f+5xqrW/4+5/74wk0zyPwAAAOQg5v49YSbyPwAAANRGzP17w0xC/r9K/z0JAAAAWEMx9+8LM8nk3//1/2vS///Nv+9Yt/7/uuv/r8Pz/2/W/w9T/79aatr/735ZXDH9/wH0/69af74YG8kmXrPt1//X/+fKVK3/H3P//jCTTPI/AAAA5CDm/jeEmcj/AAAAUBsx9/90mIn8DwAAALURc//PhJlkkv/1/2vS/++i/6//32/9zv+v/19nNe3/j0yt+v9j+v/rqf8/TH9+vW+//r/+P8td/f5//Gi4/n/M/feHmWSS/wEAACAHMff/bJiJ/A8AAAC1EXP/G8NM5H8AAACojZj7D4SZZJL/9f/1//X/9f+vTv//jUW3Kvb/mweP/n+9VLj/PzHM+vX/nf9f/39Ntr/7S81Itl//X/+f5ap2/v+Y+98UZpJJ/gcAAIAcxNz/QJiJ/A8AAAC1EXP/m8NM5H8AAACojZj73xJmkkn+1//X/9f/1/93/v/e69f/X58q3P8fiv6//r/+//rdfv1//X+Wq1r/P+b+B8NMMsn/AAAAkIOY+98aZiL/AwAAQG3E3P+2MBP5HwAAAGoj5v63h5lkkv/1//X/9f/1//X/e69f/3990v/vT/9/AP1//X/9f/1/Rqpq/f+Y+38uzCST/A8AAAA5iLn/oTAT+R8AAABqI+b+d4SZyP8AAABQGzH3vzPMJJP8r/+v/6//r/+v/997/fr/65P+f3/6/wPo/+v/6//r/zNSVev/x9z/rjCTTPI/AAAA5CDm/p8PM5H/AQAAoDZi7n93mIn8DwAAALURc/8vhJlkkv/1//X/q9X/XzrXfjv9f/3/YlT9/+aN9P+zoP/fn/7/AD36/5v0//X/9f/1/7liVev/x9z/njCTTPI/AAAA5CDm/veGmcj/AAAAUBsx978vzET+BwAAgNqIuf/hMJNM8r/+f5b9//SQq9f/d/5//X/n/9f/Xx39//70/wdw/n/9f/1//X9Gqmr9/5j7HwkzyST/AwAAQA5i7n9/mIn8DwAAALURc/8vhpnI/wAAAFAbMfd/IMwkk/yv/59l/7/C5/+vW/9/vOP4yKn/P9n2fKbjUv9f/38N6P/3p/8/gP6//n+V+//haN68wu31/6miqvX/Y+7/YJhJJvkfAAAAchBz/y+Fmcj/AAAAUBsx9/9ymIn8DwAAALURc/+vhJlkkv9r2P8/X+j/6/9Xpv/feXzk1P93/v/l9P/Xhv5/f/r/A+j/6/9Xuf8/gP4/VVS1/n/M/b8aZrJi8PvBfw3xMAEAAIAKibn/Q2Emmfz7PwAAAOQg5v6DYSbyPwAAANRGzP2Phplkkv9r2P9f5fn/4xlV9f/1/0fd/x/T/9f/1/9fA6Pr/7/i+qLQ/9f/1//X/9f/1/9nNarW/4+5/1CYSSb5HwAAAHIQc/+vhZnI/wAAAFAbMfcfDjOR/wEAAKDyxlMjuL+Y++fCTDLJ/9ew/z9Rzf5/3c7/3wj3ffX7/z/R/3f+/0D/vzf9/7Xh/P/96f8PoP+v/6//r//PSFWt/x9z/3yYSSb5HwAAAGos/Tg45v4jYSbyPwAAANRGzP1Hw0zkfwAAAKiNmPs/HGaSSf53/v+69/+d/7+a/f/xjuX1/0v6//r/o6D/35/+/wD6//r/+v/6/4xU1fr/MfcvhJlkkv8BAAAgBzH3fyTMRP4HAACA2oi5/6NhJvI/AAAA1EbM/cfCTDLJ//r/+v+59/8bRXHe+f/1/3utX/9/fdL/70//fwD9f/1//X/9f0aqav3/mPuPh5lkkv8BAPh/9u6jSa6ziuPwtVFcwUdgzYolrMxHYMuOKtZkk4MscgaTczAZkzMm2OScczY5R2OCoUqUpXOONNOtezWanul73/d5NsdSedQ91kjUn6lfXQB6kLv/fnGL/Q8AAADNyN1//7jF/gcAAIBm5O5/QNzSyf7X/+v/e+//h608/3/nv6//P0f/r//fhJX+/sj6f+9iUfhF+/+73u3qe+v/9f/6/1H6f/2//p/d5tb/5+5/YNzSyf4HAACAHuTuf1DcYv8DAABAM3L3Pzhusf8BAACgGbn7r45bOtn/+n/9v/5/Ef3/FflrHHj/f5P+X/+/bJ7/P07/P0H/r//X/+v/2ai59f+5+x8St3Sy/wEAAKAHufsfGrfY/wAAANCM3P0Pi1vsfwAAAGhG7v6Hxy2d7H/9v/5f/7+I/v/WG04d8/z/XZ+P/l//v47+f5z+f4L+X/+v/9f/s1Fz6/9z9z8ibulk/wMAAEAPcvc/Mm6x/wEAAKAZufsfFbfY/wAAANCM3P2Pjls62f/6f/2//n+D/f/pYRgOrP8f9P+7Ph/9v/5/neuG838n6P9X6f8nTPT/w6D/H3PJ/fz6T2857/8i9P/6f1bNrf/P3f+YuOUew3Dscj9JAAAAYFZy9z82bunk+/8AAADQg9z9p+IW+x8AAACakbv/mrilk/2v/9f/6/+X8vx//b/+X/9/KTz/f9z++/+73Om+9+m3//f8/3Ge/7/p/v/2rwz9P8s2t/4/d//puKWT/Q8AAAA9yN3/uLjF/gcAAIBm5O5/fNxi/wMAAEAzcvc/IW7pZP/r/1vr/++w4+Mu6P/P1i76f/3/5fT/R+tX0v/Pr/8/Mv3CndH/j/P8/wln/5o7WT/U/+v/Pf9f/8/+zK3/z93/xLilk/0PAAAAPcjd/6S4xf4HAACAZuTuf3LcYv8DAABAM3L3PyVu6WT/6/9b6/93fpzn/+v/172+5/+31P9Pv25v9P/j9P8TWnn+/2V+1Wy7n9+vbb9//b/+n1Vz6/9z9z81bulk/wMAAEAPcvc/LW6x/wEAAKAZufufHrfY/wAAANCM3P3PiFs62f/6f/3/Mvr/fAX9v/7/4Pv/pP9fJv3/OP3/hFb6/8u07X5+6e9f/6//Z9Xc+v/c/c+MWzrZ/wAAANCD3P3PilvsfwAAAGhG7v5nxy32PwAAADQjd/9z4pZO9r/+X/+/jP7f8//1/57/r/+/NPr/cfr/Cfp//b/+X//PRs2t/8/df23c0sn+BwAAgB7k7n9u3GL/AwAAQDNy9z8vbtnL/j+66XcFAAAAbFLu/ufHLZ18/1//r//X/+v/9f/rX1//v0z6/3H6/wmd9//DNfp//b/+n82aUf9/wUedGF4Qt3Sy/wEAAKAHuftfGLfY/wAAANCM3P0vilvsfwAAAGhG7v4Xxy2d7P/2+v/jS+3/z+Z8bfX/J4dh6Lv/P7rr66On/v/kBb+f9XWp/9f/HwL9/zj9/4TO+/9t9/NLf//6f/0/q2bU/5/9ce7+l8Qtnex/AAAA6EHu/pfGLfY/AAAANCN3/8viFvsfAAAAmpG7/+VxSyf7v73+3/P/h9n0/57/v/vro6f+3/P/V+n/D4f+f5z+f4L+X/+v/9f/s1Fz6/9z978ibjp29LI/RQAAAGBmcve/Mm7p5Pv/AAAA0IPc/a+KW+x/AAAAWKhrV34md/+r45ZO9r/+f7P9/7ELfk7/r//f/fWh/9f/6/8Pnv5/nP5/gv5f/6//1/+zUXPr/3P3vyZu6WT/AwAAQA9y918Xt9j/AAAA0Izc/a+NW+x/AAAAaEbu/tfFLZ3sf/2/5//r//X/U/3/+ceh6v/1//On/x+n/5+g/9f/b7f/P37+H/X/tGEP/f+ZM2dOHXj/n7v/9XFLJ/sfAAAAepC7/w1xi/0PAAAAzcjd/8a4xf4HAACAZuTuf1Pc0sn+1/932v/nl/qy+v9rhkH/7/n/+n/9/zj9/zj9/wT9v/7f8//1/2zU3J7/n7v/zXFLJ/sfAAAAepC7/y1xi/0PAAAAzcjdf33cYv8DAABAM3L3vzVu6WT/6/877f89/1//r/8/7P7/tkH/fygW0f+fvPjrz73/P63/1/+P6K7/v+fdd/xQ/6//Z9Xc+v/c/W+LWzrZ/wAAANCD3P1vj1vsfwAAAGhG7v53xC32PwAAADQjd/8746Yjnex//b/+X/+v/9f/r3/9Q37+/7FhGPT/G7CI/n/E3Pv/zTz/f/ef8vP0//r/Jb9//b/+n1Vz6/9z978rbulk/wMAAEAPcve/O26x/wEAAKAZufvfE7fY/wAAANCM3P3vjVs62f/6f/2//l//33z/f3oR/b/n/2+I/n/cPPr/i2uj/z8yDPp//b/+X//PqG31/7n73xe3dLL/AQAAoAe5+98ft9j/AAAA0Izc/R+IW+x/AAAAaEbu/g/GLZ3sf/2//n8v/X++T/1/W/3/8dn1/yd2/HqdPP9f/78h+v9x+v8Jnv+v/9f/X6v/Z5Pm9vz/3P0fils62f8AAADQg9z9N8St/+vW/gcAAIBm5O7/cNxi/wMAAEAzcvd/JG7pZP/r//X/nv+v/2/++f/6/67o/8fp/yfo//X/+n/P/2ej5tb/5+7/aNzSyf4HAACAHuTu/1jcYv8DAABAM3L33xi32P8AAADQjNz9N8Utnex//b/+X/+v/9f/n/s91P+3Qf8/7nD6/5P6f/1/9fNXxJ8C/b/+f+rjadPc+v/c/R+PWzrZ/wAAANCD3P2fiFvsfwAAAGhG7v5Pxi32PwAAACzSkTU/l7v/U3FLJ/tf/6//1//r//X/619f/79MW+n/84tiVv3/uv9l8vz/Sfr/Pfbzd97xo6U9/3/3nxL9v/6fzZtb/5+7/9NxSyf7HwAAAHqQu/8zcYv9DwAAAM3I3f/ZuMX+BwAAgGbk7v9c3NLJ/tf/6//1//p//f/619f/L5Pn/4/T/0/Q/2/1+flLf//6f/0/q+bW/+fu/3zc0sn+BwAAgB7k7v9C3GL/AwAAQDNy938xbrH/AQAAoBlnd3/GZR3uf/2//l//r//X/69/ff3/Mun/x+n/J+j/9f/6f/0/GzW3/v9LZz/qxPDluKWT/Q8AAAA9yN3/lbjF/gcAAIBm5O7/atxi/wMAAEAzcvd/LW7pZP/r//X/y+j/z5w5c0r/r//f+fmc7/9v1v9T9P/j9P8T9P/6f/2//p+Nmlv/n7v/63FLJ/sfAAAAepC7/xtxi/0PAAAAzcjd/824xf4HAACAZuTu/1bc0sn+1//PoP8/of/3/H/9/+D5/6v9/5Xn/lLW/++N/n+c/n9Ci/3/iUv/9Lfdz+/Xtt+//l//z6q59f+5+78dt3Sy/wEAAKAHufu/E7fY/wAAANCM3P3fjVvsfwAAAGhG7v7vxS2d7H/9/+H1/7f/t+vl+f8nh/XvX/+v/9f/e/7/QdP/j9P/T2ix/9+DbffzS3//+n/9P6vm1v/n7v9+3LJz+B3d22cJAAAAzEnu/h/ELZ18/x8AAAB6kLv/h3GL/Q8AAADNyN3/o7ilk/2v/5/B8/8b7P89/3/914f+f9b9/5X6/zbo/8fp/yfo//X/+v8N9f/51az/793c+v/c/T+OWzrZ/wAAANCD3P0/iVvsfwAAAGhG7v6fxi32PwAAADQjd//NccsF+39d290K/b/+X/+v/9f/r399/f8y6f/HXWr/f3zYX/+f9P/6f/1/r/2/5/9zztz6/9z9P4tbfP8fAAAAFufoRX4+d//P4xb7HwAAAJqRu/8XcYv9DwAAAM3I3f/LuOWWK7f1lg6V/l//r//X/+v/17++/n+Z9P/jZvn8/+tvrH/U/zfR/1+l/2+j/x8G/T/7N7f+P3f/r+IW3/8HAACAZuTu/3XcYv8DAABAM3L3/yZusf8BAACgGbn7fxu3dLL/9f/6/332/2fTTP3/Ofr/c/T/6+n/D4f+f9ws+/8L6P+b6P89/7+R/t/z/9mEufX/uft/F7d0sv8BAACgB7n7fx+32P8AAADQjNz9f4hb7H8AAABoRu7+P8Ytnez/rfX/8Z9a/7/4/t/z//X/+n/9/6zo/8fp/yfo//X/+n/9Pxs1t/4/d/+f4pZO9j8AAAD0IHf/n+MW+x8AAACakbv/L3GL/Q8AAADNyN3/17ilk/3v+f/6f/2//l//v/719f/LpP8fp/9fr36j9P/6f/2//p+Nmlv/n7v/b3FLJ/sfAAAAepC7/+9xi/0PAAAAzcjdf0vcYv8DAABAM3L3/yNu6WT/6//1//p//b/+f/3r6/+XSf8/bpv9/73uOP2ynv+/9f4/34L+X/+v/2cj5tb/5+6/NW7pZP8DAABAD3L3/zNusf8BAACgGbn7/xW32P8AAADQjNz9/45bOtn/E/3/8foX9f+j9P8737/+f/3Xh/5f/6//P3j6/3HLef5/fLz+fwfP/5/3+9f/6/9ZNbf+P3f/f+KWTvY/AAAA9CB3/21xi/0PAAAAzcjd/9+4xf4HAACAZuTu/1/c0sn+9/z/JfX/V+n/9f/6f/2//n+C/n/ccvp/z/9fR/8/7/ev/9f/s2pu/X/u/v8HAAD//8r1Pfg=")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000021c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000080)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x80000, 0x0)
getdents64(r0, 0x0, 0x0)

739.57735ms ago: executing program 5 (id=1056):
syz_mount_image$hfs(&(0x7f0000000140), &(0x7f0000000000)='./bus\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYRES8=0x0, @ANYRESOCT, @ANYRES32=0x0, @ANYRES8, @ANYRESOCT], 0x1, 0x273, &(0x7f0000001200)="$eJzs3U9rE0EYx/HfbNIabalrWxHEg1QLnsTWi3gRpO/AiydRmwjFUEErqBerZ/EFePctePAleBLPQm6e9J5bZP7EbNJsNo2Jk8TvBxI2yTw7z2RnOzO7lAjAf+v2TuPj9R/2YaSSSpJuSomkilSWdFbnKs/3D/YO6rXqoB2VXIR9GPlIc6TM7n6tX6iNcxFBal+VtZx9D5NR+R47A0wDd/Z7v7LvJ9KJcHa6zytRshu/w9gJRGaaauqFVmLnAQCIK4z/SRjnl8P8PUmkzTDsd4//Mz6ANmMnEFlm/HerrJaxx/e0+6iz3jN+9meFVeIodS3K96xSVwJFq0qXS3Ly0V69dnX3Sb2a6K1uBZli6+656rtuWyOT7Zuju97oszYdoDFy25dcGxZsG7Zz8l8bb43FzBfz1dwzqT6o+mf+V24Ze5jckUp7jpTP/1r+Hl0rU18qp5VnXCXnQw3BwFaW1JNG1mLYZ9cFgrQoTxe12hPlW7dVELXWN2q7IGq9N6rTm/MjJ828N3fNhn7qk3Yy8//EftubGubMtGVcydAzBran7EqmbjwxF91bhxf6lkxGbhKO750e6oZWnr189fhBvV57ysYIG6/Dlzkt+Qy70e4E05LP3G7YLzlK7eW/7plR/irhH+sc9GMGcm9mXth5l/Hrv/Z65fNCuH1nn9IB8/RW0c4zK6CtnLXBqns+lb+C62LcpYclmbxbEcOuuS5dkS4PU6OXhjznhNnRN93n+j8AAAAAAAAAAAAAAAAAAMCsGd+/HFSU91HsNgIAAAAAAAAAAAAAAAAAAAAAMOum7vd/78i/4vd/gYn7HQAA//8NSnOZ")
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r1, &(0x7f0000000140)='2', 0x1, 0x8000c61)
ftruncate(r0, 0x2007ffc)

0s ago: executing program 5 (id=1057):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r1, &(0x7f0000000300)={{0x6, @rose, 0x8}, [@default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default]}, 0x48)

kernel console output (not intermixed with test programs):

857][ T7618] hpfs: hpfs_map_4sectors(): unaligned read
[  186.928481][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.272100][ T7610] loop5: detected capacity change from 0 to 40427
[  187.342409][ T7610] F2FS-fs (loop5): build fault injection attr: rate: 690, type: 0x7ffff
[  187.376640][ T7610] F2FS-fs (loop5): heap/no_heap options were deprecated
[  187.399278][ T5770] syz-executor: attempt to access beyond end of device
[  187.399278][ T5770] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  187.406474][ T7610] F2FS-fs (loop5): LFS is not compatible with ATGC
[  187.461251][ T5770] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  187.500335][ T2131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  188.071739][ T7628] loop2: detected capacity change from 0 to 40427
[  188.090496][ T7628] F2FS-fs (loop2): invalid crc value
[  188.134716][ T7628] F2FS-fs (loop2): Found nat_bits in checkpoint
[  188.218702][    T9] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  188.234216][ T7628] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  188.329042][ T7628] syz.2.495: attempt to access beyond end of device
[  188.329042][ T7628] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  188.356515][   T28] kauditd_printk_skb: 128 callbacks suppressed
[  188.356531][   T28] audit: type=1800 audit(1772646947.433:148): pid=7650 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.495" name="file1" dev="loop2" ino=10 res=0 errno=0
[  188.434375][ T5769] syz-executor: attempt to access beyond end of device
[  188.434375][ T5769] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  188.438420][    T9] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  188.462441][ T5769] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  188.471431][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.520447][    T9] usb 1-1: config 0 descriptor??
[  188.528553][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  188.543979][    T9] cp210x 1-1:0.0: cp210x converter detected
[  188.689788][ T7652] loop1: detected capacity change from 0 to 4096
[  188.935132][    T9] cp210x 1-1:0.0: failed to get vendor val 0x0010 size 3: -32
[  188.991505][    T9] usb 1-1: cp210x converter now attached to ttyUSB0
[  189.174491][ T2131] usb 1-1: USB disconnect, device number 5
[  189.196787][ T2131] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  189.249940][ T2131] cp210x 1-1:0.0: device disconnected
[  189.335425][ T7662] loop2: detected capacity change from 0 to 128
[  189.366080][ T7662] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  189.379417][ T7662] ext4 filesystem being mounted at /129/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  189.409415][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  189.453084][ T5769] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  189.560491][ T7666] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  189.588905][ T2131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  189.654258][ T7666] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  189.818042][ T7666] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  189.875769][ T7666] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  189.901943][ T7666] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  189.971479][ T5813] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  190.002214][ T7665] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  190.383307][ T7688] loop2: detected capacity change from 0 to 1024
[  190.509888][   T28] audit: type=1800 audit(1772646949.583:149): pid=7688 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.512" name="bus" dev="loop2" ino=26 res=0 errno=0
[  190.811825][ T7697] Bluetooth: MGMT ver 1.22
[  190.813610][   T70] hfsplus: b-tree write err: -5, ino 25
[  190.825958][   T70] hfsplus: b-tree write err: -5, ino 4
[  190.835051][   T70] hfsplus: b-tree write err: -5, ino 2
[  190.841419][   T70] hfsplus: b-tree write err: -5, ino 26
[  191.757539][ T7715] loop5: detected capacity change from 0 to 2048
[  191.766304][ T7701] loop0: detected capacity change from 0 to 32768
[  191.825750][ T7720] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  191.886922][ T7701] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  191.932812][   T28] audit: type=1800 audit(1772646951.013:150): pid=7715 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.522" name="file2" dev="loop5" ino=16 res=0 errno=0
[  192.011586][ T7701] XFS (loop0): Ending clean mount
[  192.069529][ T7701] XFS (loop0): Quotacheck needed: Please wait.
[  192.210438][ T7728] input: syz0 as /devices/virtual/input/input16
[  192.255201][ T7701] XFS (loop0): Quotacheck: Done.
[  192.514679][ T5771] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  192.586542][ T7709] loop1: detected capacity change from 0 to 32768
[  192.628291][ T7709] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.520 (7709)
[  192.664703][ T7709] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  192.676397][ T7709] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  192.711577][ T7709] BTRFS info (device loop1): allowing degraded mounts
[  192.729543][ T7709] BTRFS info (device loop1): enabling auto defrag
[  192.736362][ T7709] BTRFS info (device loop1): using free space tree
[  192.826396][ T7743] loop0: detected capacity change from 0 to 136
[  193.170103][ T7709] BTRFS info (device loop1): enabling ssd optimizations
[  193.177147][ T7709] BTRFS info (device loop1): auto enabling async discard
[  193.247020][ T7763] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[  193.333591][ T7763] netdevsim netdevsim5 netdevsim0: left promiscuous mode
[  193.735883][ T2131] net_ratelimit: 11 callbacks suppressed
[  193.735900][ T2131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  193.759394][ T5770] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  194.256217][ T7785] 9pnet: p9_errstr2errno: server reported unknown error È
[  194.608592][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[  194.615253][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[  194.764947][ T7791] loop0: detected capacity change from 0 to 128
[  194.771846][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  195.161318][ T7781] loop5: detected capacity change from 0 to 131072
[  195.186616][ T7781] F2FS-fs (loop5): invalid crc value
[  195.241920][ T7781] F2FS-fs (loop5): Found nat_bits in checkpoint
[  195.293637][ T7781] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  195.362027][ T7797] pimreg: entered allmulticast mode
[  195.458192][   T28] audit: type=1800 audit(1772646954.533:151): pid=7781 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.541" name="file1" dev="loop5" ino=7 res=0 errno=0
[  195.808732][ T2131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  195.952019][ T7809] loop0: detected capacity change from 0 to 128
[  195.967310][ T7811] loop1: detected capacity change from 0 to 256
[  195.983531][ T7809] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  196.017539][ T7809] ext4 filesystem being mounted at /152/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  196.036941][ T7811] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  196.054796][ T5813] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  196.133929][ T7789] loop2: detected capacity change from 0 to 40427
[  196.164116][ T7789] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x35f7
[  196.186251][ T7789] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x7ffff
[  196.238260][ T7789] F2FS-fs (loop2): inline encryption not supported
[  196.258830][ T7789] F2FS-fs (loop2): Image doesn't support compression
[  196.316431][ T7789] F2FS-fs (loop2): invalid crc value
[  196.369607][ T7789] F2FS-fs (loop2): Found nat_bits in checkpoint
[  196.430363][ T5771] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  196.673599][ T7789] F2FS-fs (loop2): Start checkpoint disabled!
[  196.704856][ T7789] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  196.855610][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  196.921402][ T7789] syz.2.542: attempt to access beyond end of device
[  196.921402][ T7789] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  196.983866][ T7789] F2FS-fs (loop2): inject write IO error in f2fs_write_end_io of __submit_merged_bio+0x256/0x630
[  197.269992][ T1304] kworker/u4:7: attempt to access beyond end of device
[  197.269992][ T1304] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  197.313025][ T1304] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  197.358248][ T1304] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  197.888628][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.161663][ T7830] loop0: detected capacity change from 0 to 32768
[  198.263748][ T7830] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  198.411669][ T7830] XFS (loop0): Ending clean mount
[  198.453174][ T7830] XFS (loop0): Quotacheck needed: Please wait.
[  198.573362][ T7830] XFS (loop0): Quotacheck: Done.
[  198.728579][   T28] audit: type=1800 audit(1772646957.813:152): pid=7830 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.562" name="bus" dev="loop0" ino=4426 res=0 errno=0
[  198.779426][ T7830] XFS (loop0): User initiated shutdown received.
[  198.821378][ T7836] loop1: detected capacity change from 0 to 40427
[  198.840142][ T7836] F2FS-fs (loop1): Fix alignment : internally, start(4096) end(16896) block(12288)
[  198.862387][ T7830] XFS (loop0): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:497).  Shutting down filesystem.
[  198.901702][ T7836] F2FS-fs (loop1): invalid crc value
[  198.932542][ T5774] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.941450][ T7836] F2FS-fs (loop1): Found nat_bits in checkpoint
[  198.959326][ T7830] XFS (loop0): Please unmount the filesystem and rectify the problem(s)
[  199.009599][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  199.102868][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  199.163910][ T5771] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  199.191601][ T7836] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  199.546198][ T7836] F2FS-fs (loop1): Try to recover all the superblocks, ret: 0
[  199.557476][ T7876] netlink: 'syz.5.560': attribute type 12 has an invalid length.
[  199.891570][ T7883] Invalid argument reading file caps for ./file0
[  199.972767][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  201.008658][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  201.204245][ T7922] loop1: detected capacity change from 0 to 512
[  201.269134][ T7922] EXT4-fs: Ignoring removed mblk_io_submit option
[  201.325819][ T7922] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  201.398717][ T7922] EXT4-fs error (device loop1): ext4_orphan_get:1424: comm syz.1.573: bad orphan inode 131083
[  201.435522][ T7922] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  201.532134][ T7922] overlayfs: upper fs needs to support d_type.
[  201.662872][ T7937] loop0: detected capacity change from 0 to 256
[  201.719227][ T7937] exfat: Deprecated parameter 'utf8'
[  201.753284][ T5770] EXT4-fs error (device loop1): ext4_readdir:263: inode #2: block 13: comm syz-executor: path /147/bus: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  201.813954][ T7941] loop5: detected capacity change from 0 to 256
[  201.824047][ T7910] loop2: detected capacity change from 0 to 32768
[  201.851369][ T7937] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d)
[  201.919538][ T7910] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  202.058140][ T5774] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  202.073191][ T7910] XFS (loop2): Ending clean mount
[  202.085415][ T7910] XFS (loop2): Quotacheck needed: Please wait.
[  202.131145][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  202.386570][ T7910] XFS (loop2): Quotacheck: Done.
[  202.648312][   T28] audit: type=1804 audit(1772646961.683:153): pid=7910 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.568" name="/newroot/145/file1/file1" dev="loop2" ino=6150 res=1 errno=0
[  203.199106][ T2131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  204.208752][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  204.234078][ T5769] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  204.294951][ T7952] loop0: detected capacity change from 0 to 262144
[  204.318759][ T7952] F2FS-fs (loop0): invalid crc value
[  204.363189][ T7952] F2FS-fs (loop0): Found nat_bits in checkpoint
[  204.414155][ T7952] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  204.560850][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.649808][ T7967] loop5: detected capacity change from 0 to 512
[  204.728291][ T7967] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  204.767457][ T7967] EXT4-fs (loop5): invalid journal inode
[  204.783529][   T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.798370][ T7967] EXT4-fs (loop5): can't get journal size
[  204.857608][ T7967] EXT4-fs (loop5): 1 truncate cleaned up
[  204.919657][ T7967] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  205.036189][   T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.170517][ T5813] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  205.191492][ T7208] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.248490][ T5774] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  205.336890][   T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.670855][   T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.238682][ T5774] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  206.288940][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  206.439114][ T5774] usb 3-1: Using ep0 maxpacket: 8
[  206.456880][ T5774] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  206.478352][ T5774] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  206.508174][ T5774] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  206.529328][ T5774] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  206.571343][ T5774] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  206.606095][ T5774] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  206.636769][ T5774] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  206.717573][ T5777] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  206.740451][ T5777] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  206.750024][ T5777] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  206.804101][ T5777] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  206.845571][ T5777] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  206.855069][ T5777] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  206.937372][ T5774] usb 3-1: GET_CAPABILITIES returned 0
[  206.943207][ T5774] usbtmc 3-1:16.0: can't read capabilities
[  207.329393][ T5774] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  207.565891][ T8009] usbtmc 3-1:16.0: control status returned 0
[  207.626476][ T8011] netlink: 4 bytes leftover after parsing attributes in process `syz.0.583'.
[  207.670255][ T8011] netlink: 4 bytes leftover after parsing attributes in process `syz.0.583'.
[  207.706724][ T8014] loop5: detected capacity change from 0 to 64
[  207.749219][ T8011] netlink: 4 bytes leftover after parsing attributes in process `syz.0.583'.
[  207.778853][ T8011] netlink: 4 bytes leftover after parsing attributes in process `syz.0.583'.
[  207.802143][    T8] usb 3-1: USB disconnect, device number 8
[  208.215202][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  208.368762][ T2131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  208.591993][ T7997] chnl_net:caif_netlink_parms(): no params data found
[  208.609456][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  208.696549][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  208.719085][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  208.740003][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  208.747619][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  208.749564][    T8] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  208.769468][   T12] bridge_slave_1: left allmulticast mode
[  208.775220][   T12] bridge_slave_1: left promiscuous mode
[  208.798496][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.829572][   T12] bridge_slave_0: left allmulticast mode
[  208.835668][   T12] bridge_slave_0: left promiscuous mode
[  208.861381][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  208.939705][ T5782] Bluetooth: hci3: command tx timeout
[  208.970585][    T8] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  208.995549][   T12] veth1_macvtap: left promiscuous mode
[  209.004008][   T12] veth0_macvtap: left promiscuous mode
[  209.010391][   T12] veth1_vlan: left promiscuous mode
[  209.016783][   T12] veth0_vlan: left promiscuous mode
[  209.030797][    T8] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  209.061531][ T8040] netlink: 4 bytes leftover after parsing attributes in process `syz.2.594'.
[  209.083862][    T8] usb 6-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  209.108260][    T8] usb 6-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  209.144009][    T8] usb 6-1: Manufacturer: syz
[  209.170713][    T8] usb 6-1: config 0 descriptor??
[  209.419402][ T5774] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  209.447452][   T12] pimreg (unregistering): left allmulticast mode
[  210.040650][    T8] input: syz as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:256C:006D.0009/input/input17
[  210.146220][    T8] input: syz as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:256C:006D.0009/input/input18
[  210.214450][    T8] input: syz Touch Strip as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:256C:006D.0009/input/input19
[  210.283242][    T8] input: syz Dial as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:256C:006D.0009/input/input20
[  210.347507][    T8] uclogic 0003:256C:006D.0009: input,hidraw0: USB HID v0.00 Keypad [syz] on usb-dummy_hcd.5-1/input0
[  210.394717][    T8] usb 6-1: USB disconnect, device number 3
[  210.466257][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  210.683930][ T8048] fido_id[8048]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/6-1/report_descriptor': No such file or directory
[  210.915029][ T8050] loop0: detected capacity change from 0 to 4096
[  210.979712][ T8050] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  211.027408][ T5777] Bluetooth: hci3: command tx timeout
[  211.072749][ T8050] ntfs3: loop0: Failed to initialize $Extend/$Reparse.
[  211.249056][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  211.274258][ T8053] ntfs3: loop0: ino=1e, "file1" attr_set_size
[  211.489902][ T5774] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  211.605060][ T8059] loop0: detected capacity change from 0 to 764
[  211.621868][ T8059] rock: directory entry would overflow storage
[  211.630057][ T8059] rock: sig=0x4654, size=5, remaining=4
[  211.973363][ T5777] Bluetooth: hci2: command 0x0406 tx timeout
[  211.973374][ T5782] Bluetooth: hci1: command 0x0406 tx timeout
[  212.249924][ T8065] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input21
[  212.405784][   T12] team0 (unregistering): Port device team_slave_1 removed
[  212.502666][   T12] team0 (unregistering): Port device team_slave_0 removed
[  212.539278][ T5774] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  212.683447][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  212.865466][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  213.088371][ T5780] Bluetooth: hci3: command tx timeout
[  213.095385][ T5814] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  213.314228][ T5814] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  213.332916][ T5814] usb 1-1: New USB device found, idVendor=056a, idProduct=0045, bcdDevice= 0.00
[  213.358274][ T5814] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  213.386627][ T5814] usb 1-1: config 0 descriptor??
[  213.399854][ T5814] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  213.537118][   T12] bond0 (unregistering): Released all slaves
[  213.574252][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  213.631515][ T8079] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  213.641589][ T8079] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  213.681820][ T8079] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  213.691105][ T8079] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  213.704065][    T8] usb 1-1: USB disconnect, device number 6
[  214.035540][ T7997] bridge0: port 1(bridge_slave_0) entered blocking state
[  214.060130][ T7997] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.086859][ T7997] bridge_slave_0: entered allmulticast mode
[  214.105207][ T7997] bridge_slave_0: entered promiscuous mode
[  214.130219][ T7997] bridge0: port 2(bridge_slave_1) entered blocking state
[  214.149430][ T7997] bridge0: port 2(bridge_slave_1) entered disabled state
[  214.175052][ T7997] bridge_slave_1: entered allmulticast mode
[  214.183888][ T7997] bridge_slave_1: entered promiscuous mode
[  214.228353][    T8] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  214.290053][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  214.362437][ T7997] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  214.395300][ T7997] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  214.428340][    T8] usb 1-1: Using ep0 maxpacket: 8
[  214.442304][    T8] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  214.486615][    T8] usb 1-1: config 0 has no interface number 0
[  214.493622][    T8] usb 1-1: config 0 interface 1 altsetting 1 endpoint 0xA has invalid wMaxPacketSize 0
[  214.508943][    T8] usb 1-1: config 0 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  214.522918][    T8] usb 1-1: config 0 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  214.547863][    T8] usb 1-1: config 0 interface 1 has no altsetting 0
[  214.555120][ T7997] team0: Port device team_slave_0 added
[  214.565198][    T8] usb 1-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b
[  214.581507][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  214.585371][ T7997] team0: Port device team_slave_1 added
[  214.610122][    T8] usb 1-1: config 0 descriptor??
[  214.618667][ T2131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  214.642317][    T8] hso 1-1:0.1: Failed to find BULK OUT ep
[  214.741900][ T7997] batman_adv: batadv0: Adding interface: batadv_slave_0
[  214.758607][ T7997] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  214.846955][ T7997] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  214.873794][ T8107] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  214.874063][ T2131] usb 1-1: USB disconnect, device number 7
[  214.884508][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  214.901994][ T7997] batman_adv: batadv0: Adding interface: batadv_slave_1
[  214.914957][ T7997] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  214.950666][ T7997] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  215.017901][   T12] IPVS: stop unused estimator thread 0...
[  215.101962][ T7997] hsr_slave_0: entered promiscuous mode
[  215.111165][ T7997] hsr_slave_1: entered promiscuous mode
[  215.124385][ T7997] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  215.140651][ T7997] Cannot create hsr debugfs directory
[  215.168607][ T5780] Bluetooth: hci3: command tx timeout
[  215.301660][ T8111] loop2: detected capacity change from 0 to 1764
[  215.384387][ T8057] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  215.651883][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  215.750536][ T8126] loop2: detected capacity change from 0 to 64
[  215.766946][ T8123] loop5: detected capacity change from 0 to 2048
[  215.837702][ T8123] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  215.895997][ T8123] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  216.101558][ T7997] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  216.145188][ T7997] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  216.181744][ T7997] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  216.211072][ T7997] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  216.566034][ T7997] 8021q: adding VLAN 0 to HW filter on device bond0
[  216.602313][ T8139] loop2: detected capacity change from 0 to 1024
[  216.685523][ T7997] 8021q: adding VLAN 0 to HW filter on device team0
[  216.699089][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  216.742024][ T2933] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.750324][ T2933] bridge0: port 1(bridge_slave_0) entered forwarding state
[  216.822504][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.831150][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  217.092604][ T2933] hfsplus: bad catalog file entry
[  217.116327][ T2933] hfsplus: b-tree write err: -5, ino 3
[  217.303629][ T8157] loop2: detected capacity change from 0 to 164
[  217.329330][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  217.436760][ T8157] iso9660: Corrupted directory entry in block 2 of inode 1920
[  217.729809][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  217.827276][ T8166] input: syz0 as /devices/virtual/input/input22
[  217.841235][ T7997] 8021q: adding VLAN 0 to HW filter on device batadv0
[  217.855121][ T8168] loop5: detected capacity change from 0 to 256
[  217.948308][ T8168] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  218.211307][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  218.780945][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  218.835652][ T8199] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  218.926206][ T7997] veth0_vlan: entered promiscuous mode
[  218.975837][ T7997] veth1_vlan: entered promiscuous mode
[  219.114636][ T7997] veth0_macvtap: entered promiscuous mode
[  219.144494][ T8206] input: syz0 as /devices/virtual/input/input23
[  219.157328][ T7997] veth1_macvtap: entered promiscuous mode
[  219.231083][ T7997] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  219.257416][ T7997] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.288342][ T7997] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  219.323421][ T7997] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.364154][ T7997] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  219.403742][ T7997] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.440614][ T7997] batman_adv: batadv0: Interface activated: batadv_slave_0
[  219.506748][ T7997] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  219.542549][ T7997] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.566127][ T7997] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  219.598525][ T7997] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.616333][ T7997] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  219.628679][ T7997] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  219.646311][ T7997] batman_adv: batadv0: Interface activated: batadv_slave_1
[  219.681048][ T8223] netlink: 24 bytes leftover after parsing attributes in process `syz.5.641'.
[  219.713027][ T8223] bond0: ARP target 8.4.0.0 is already present
[  219.720188][ T8223] bond0: option arp_ip_target: invalid value (1032)
[  219.731255][ T7997] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  219.744971][ T7997] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  219.768244][ T7997] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  219.815524][ T7997] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  219.839330][   T23] net_ratelimit: 1 callbacks suppressed
[  219.839349][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  220.027944][ T8230] loop2: detected capacity change from 0 to 1024
[  220.051532][ T8230] EXT4-fs: Ignoring removed orlov option
[  220.149661][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  220.160593][ T8230] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.276883][ T1265] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  220.335639][ T1265] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  220.345776][ T8238] loop5: detected capacity change from 0 to 128
[  220.399391][ T8238] EXT4-fs: Ignoring removed nobh option
[  220.424986][ T5769] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.443199][   T70] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  220.462607][   T70] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  220.476452][ T8238] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  220.524317][ T8238] ext4 filesystem being mounted at /71/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  220.831226][ T7208] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  220.858987][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  221.287519][ T8261] loop0: detected capacity change from 0 to 4096
[  221.380369][ T8264] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  221.502734][ T8266] NILFS error (device loop0): nilfs_readdir: zero-length directory entry
[  221.617123][ T8266] Remounting filesystem read-only
[  221.898430][ T5774] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  222.274789][ T8256] loop6: detected capacity change from 0 to 32768
[  222.358349][ T8256] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  222.441010][ T8256] XFS (loop6): Ending clean mount
[  222.449665][ T5814] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  222.493469][ T8256] XFS (loop6): Quotacheck needed: Please wait.
[  222.586507][ T8256] XFS (loop6): Quotacheck: Done.
[  222.663202][ T5814] usb 6-1: unable to get BOS descriptor or descriptor too short
[  222.672360][ T5814] usb 6-1: not running at top speed; connect to a high speed hub
[  222.684777][ T5814] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0xD has invalid maxpacket 1024, setting to 64
[  222.712844][ T5814] usb 6-1: New USB device found, idVendor=15ca, idProduct=1806, bcdDevice= 0.40
[  222.754694][ T5814] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  222.776418][ T5814] usb 6-1: Product: syz
[  222.788545][ T5814] usb 6-1: Manufacturer: syz
[  222.797824][ T5814] usb 6-1: SerialNumber: syz
[  222.817268][ T8279] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  222.838410][ T7997] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  222.928660][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  222.958949][ T5780] block nbd0: Receive control failed (result -32)
[  222.981596][ T8281] block nbd0: shutting down sockets
[  223.070818][ T5814] usb 6-1: Quirk or no altest; falling back to MIDI 1.0
[  223.078858][ T5814] usb 6-1: MIDIStreaming interface descriptor not found
[  223.170408][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  223.227297][ T5814] usb 6-1: USB disconnect, device number 4
[  223.272717][ T8304] netlink: 60 bytes leftover after parsing attributes in process `syz.0.659'.
[  223.876428][ T8301] loop2: detected capacity change from 0 to 32768
[  223.979054][ T5814] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  224.637228][ T8328] netlink: 64 bytes leftover after parsing attributes in process `syz.6.657'.
[  224.658263][ T5814] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  224.898903][ T5814] usb 6-1: Using ep0 maxpacket: 32
[  224.907341][ T5814] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  224.950073][ T5814] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  224.968153][ T5814] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  224.976409][ T5814] usb 6-1: Product: syz
[  225.009932][ T5774] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  225.028211][ T5814] usb 6-1: Manufacturer: syz
[  225.032890][ T5814] usb 6-1: SerialNumber: syz
[  225.059739][ T5814] usb 6-1: config 0 descriptor??
[  225.065726][ T8323] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  225.109218][ T5814] hub 6-1:0.0: bad descriptor, ignoring hub
[  225.136864][ T5814] hub: probe of 6-1:0.0 failed with error -5
[  225.257927][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  225.302343][ T1304] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  225.329885][ T5774] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  225.339488][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  225.399008][ T8346] loop6: detected capacity change from 0 to 4096
[  225.529563][ T8349] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  225.672671][   T28] audit: type=1800 audit(1772646984.743:154): pid=8346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.670" name="file1" dev="loop6" ino=15 res=0 errno=0
[  225.848272][ T8323] usb 6-1: reset high-speed USB device number 5 using dummy_hcd
[  226.048648][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  226.081835][ T8323] usb 6-1: device firmware changed
[  226.108979][ T5814] usb 6-1: USB disconnect, device number 5
[  226.218722][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  226.298408][ T5814] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  226.333616][ T8342] loop2: detected capacity change from 0 to 32768
[  226.410619][ T8342] ocfs2: Slot 0 on device (7,2) was already allocated to this node!
[  226.491903][ T8342] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  226.530310][ T8343] loop0: detected capacity change from 0 to 32768
[  226.538831][ T5814] usb 6-1: Using ep0 maxpacket: 32
[  226.558646][ T5814] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  226.582585][ T5814] usb 6-1: string descriptor 0 read error: -22
[  226.591077][ T5814] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  226.634877][ T5814] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  226.666885][ T8343] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  226.700511][ T5814] usb 6-1: config 0 descriptor??
[  226.707030][ T8348] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  226.831091][ T5814] hub 6-1:0.0: bad descriptor, ignoring hub
[  226.857410][ T5814] hub: probe of 6-1:0.0 failed with error -5
[  226.886431][ T8343] XFS (loop0): Ending clean mount
[  226.959381][ T8343] XFS (loop0): Quotacheck needed: Please wait.
[  227.095818][ T5814] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  227.115325][ T8343] XFS (loop0): Quotacheck: Done.
[  227.238684][ T5769] ocfs2: Unmounting device (7,2) on (node local)
[  227.257638][ T5771] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  227.324896][ T5813] usb 6-1: USB disconnect, device number 6
[  227.637979][ T8377] loop6: detected capacity change from 0 to 32768
[  227.685555][ T8377] (syz.6.672,8377,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  227.718249][ T8377] (syz.6.672,8377,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  227.834227][ T8377] JBD2: Ignoring recovery information on journal
[  228.010486][ T8377] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  228.058410][ T5814] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  228.137784][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  228.189087][ T8377] (syz.6.672,8377,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x7dc2e7ff, computed 0xf156e878. Applying ECC.
[  228.258303][ T5814] usb 3-1: Using ep0 maxpacket: 32
[  228.269334][ T8377] (syz.6.672,8377,1):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x7dc2e7ff, computed 0x24c0fe6f
[  228.293654][ T5814] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  228.317070][ T8406] loop5: detected capacity change from 0 to 256
[  228.320361][ T8377] (syz.6.672,8377,1):ocfs2_read_quota_phys_block:160 ERROR: status = -5
[  228.340424][ T5814] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  228.373522][ T5814] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  228.383225][ T8377] (syz.6.672,8377,1):ocfs2_quota_read:201 ERROR: status = -5
[  228.399561][ T8377] Quota error (device loop6): find_tree_dqentry: Can't read quota tree block 2
[  228.410193][ T5814] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  228.426102][ T8377] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 0
[  228.440509][ T5814] usb 3-1: config 0 descriptor??
[  228.488710][ T8377] (syz.6.672,8377,1):ocfs2_acquire_dquot:878 ERROR: status = -5
[  228.599251][ T8377] (syz.6.672,8377,0):ocfs2_mknod:314 ERROR: status = -5
[  228.606511][ T8377] (syz.6.672,8377,0):ocfs2_mknod:502 ERROR: status = -5
[  228.651796][ T8403] (syz.6.672,8403,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x7dc2e7ff, computed 0xf156e878. Applying ECC.
[  228.704479][ T8403] (syz.6.672,8403,0):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x7dc2e7ff, computed 0x24c0fe6f
[  228.751906][ T8410] loop5: detected capacity change from 0 to 256
[  228.780548][ T8410] exfat: Deprecated parameter 'namecase'
[  228.795035][ T8403] (syz.6.672,8403,0):ocfs2_read_quota_phys_block:160 ERROR: status = -5
[  228.840678][ T8403] (syz.6.672,8403,0):ocfs2_quota_read:201 ERROR: status = -5
[  228.878880][ T8403] Quota error (device loop6): find_tree_dqentry: Can't read quota tree block 2
[  228.899890][ T8403] Quota error (device loop6): qtree_read_dquot: Can't read quota structure for id 0
[  228.913185][ T8410] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xee17df4f, utbl_chksum : 0xe619d30d)
[  228.938775][ T8403] (syz.6.672,8403,0):ocfs2_acquire_dquot:878 ERROR: status = -5
[  228.947576][ T8403] (syz.6.672,8403,0):ocfs2_mknod:314 ERROR: status = -5
[  229.012577][ T8403] (syz.6.672,8403,0):ocfs2_mknod:502 ERROR: status = -5
[  229.017586][ T5814] savu 0003:1E7D:2D5A.000A: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0
[  229.058825][ T8403] (syz.6.672,8403,0):ocfs2_mkdir:659 ERROR: status = -5
[  229.168783][ T2131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  229.330812][ T5814] usb 3-1: USB disconnect, device number 9
[  229.399246][ T7997] ocfs2: Unmounting device (7,6) on (node local)
[  230.208400][   T23] net_ratelimit: 1 callbacks suppressed
[  230.208417][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  230.370081][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  230.384336][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  230.388848][    T9] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  230.402276][ T2933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  230.413828][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  230.429009][ T5814] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  230.554708][ T8442] loop0: detected capacity change from 0 to 1024
[  230.600565][ T8442] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  230.629778][ T8442] ext4 filesystem being mounted at /189/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  230.670410][    T9] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  230.689676][    T9] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  230.707169][    T9] usb 3-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  230.718463][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.726646][    T9] usb 3-1: Product: syz
[  230.731545][    T9] usb 3-1: Manufacturer: syz
[  230.736382][    T9] usb 3-1: SerialNumber: syz
[  230.744970][    T9] usb 3-1: config 0 descriptor??
[  230.751480][ T8432] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  230.759105][ T8432] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  230.884635][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  231.007007][ T8432] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  231.020216][ T2933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  231.031090][ T5813] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  231.041597][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  231.051362][ T8426] loop6: detected capacity change from 0 to 32768
[  231.078453][ T8432] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  231.196545][ T8426] XFS (loop6): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  231.248719][ T5814] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  231.323590][ T8426] XFS (loop6): Ending clean mount
[  231.381893][ T8426] XFS (loop6): Quotacheck needed: Please wait.
[  231.571174][ T8426] XFS (loop6): Quotacheck: Done.
[  231.780544][ T7997] XFS (loop6): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  231.987189][    T9] dm9601 3-1:0.0 (unnamed net_device) (uninitialized): Error reading MODE_CTRL
[  232.039193][    T9] usb 3-1: USB disconnect, device number 10
[  233.088373][ T5814] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  233.157906][ T8507] netlink: 'syz.0.703': attribute type 1 has an invalid length.
[  233.288854][ T5814] usb 3-1: Using ep0 maxpacket: 16
[  233.320742][ T5814] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  233.342261][ T8510] netlink: 'syz.0.704': attribute type 5 has an invalid length.
[  233.350595][ T5814] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  233.379993][ T5814] usb 3-1: New USB device found, idVendor=0dba, idProduct=5000, bcdDevice= 0.40
[  233.397593][ T8510] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  233.409506][ T8510] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  233.411216][ T5814] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  233.421837][ T8510] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  233.442171][ T8510] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  233.478017][ T5814] usb 3-1: Product: syz
[  233.487792][ T8510] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  233.498786][ T8510] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  233.510151][ T8510] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  233.519857][ T8510] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  233.536867][ T5814] usb 3-1: Manufacturer: syz
[  233.545040][ T5814] usb 3-1: SerialNumber: syz
[  233.744609][ T8515] netlink: 'syz.0.704': attribute type 5 has an invalid length.
[  233.824832][ T5814] usb 3-1: Invalid descriptor size=96.
[  233.849646][ T5814] usb 3-1: Invalid descriptor size=96.
[  233.861508][ T8515] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  233.871500][ T8515] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  233.883159][ T5814] usb 3-1: Invalid descriptor size=96.
[  233.890841][ T8515] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  233.900815][ T8515] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  233.909175][ T5814] usb 3-1: USB disconnect, device number 11
[  234.048028][ T8515] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  234.060242][ T8515] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  234.071106][ T8515] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  234.080448][ T8515] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  234.498307][    T8] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  234.698524][    T8] usb 6-1: Using ep0 maxpacket: 16
[  234.725217][    T8] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  234.746047][    T8] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  234.764345][    T8] usb 6-1: config 0 interface 0 has no altsetting 0
[  234.771685][    T8] usb 6-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  234.787633][    T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.801238][    T8] usb 6-1: config 0 descriptor??
[  234.989672][ T8524] loop6: detected capacity change from 0 to 32768
[  235.088373][ T8524] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  235.168247][   T28] audit: type=1800 audit(1772646994.243:155): pid=8524 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.708" name="file1" dev="loop6" ino=17058 res=0 errno=0
[  235.235519][ T8524] (syz.6.708,8524,1):ocfs2_file_write_iter:2445 ERROR: status = -27
[  235.261361][    T8] hid (null): report_id 32841 is invalid
[  235.424229][ T5774] net_ratelimit: 4 callbacks suppressed
[  235.424249][ T5774] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  235.455991][    T9] usb 6-1: USB disconnect, device number 7
[  235.491081][ T5813] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  235.580394][ T7997] ocfs2: Unmounting device (7,6) on (node local)
[  235.683678][    T8] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  235.872527][ T8538] loop2: detected capacity change from 0 to 4096
[  235.878778][    T8] usb 1-1: Using ep0 maxpacket: 8
[  235.887207][    T8] usb 1-1: config index 0 descriptor too short (expected 74, got 45)
[  235.898339][    T8] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  235.932335][    T8] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  235.947494][    T8] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024
[  235.961773][    T8] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  235.988365][    T8] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  236.032612][    T8] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  236.051691][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  236.129218][   T70] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  236.141648][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  236.159413][ T5814] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  236.219147][    T9] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  236.331530][ T8533] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  236.348242][    T8] usb 1-1: usb_control_msg returned -32
[  236.354316][    T8] usbtmc 1-1:16.0: can't read capabilities
[  236.378925][ T8533] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  236.423702][    T9] usb 7-1: config index 0 descriptor too short (expected 39, got 27)
[  236.437391][    C1] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  236.449166][    T9] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  236.458668][ T8533] usbtmc 1-1:16.0: Unable to send data, error -71
[  236.469135][ T5774] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  236.492341][ T8545] loop5: detected capacity change from 0 to 128
[  236.494994][    T9] usb 7-1: config 0 interface 0 has no altsetting 0
[  236.510933][ T5774] usb 1-1: USB disconnect, device number 8
[  236.545238][ T8545] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535)
[  236.555953][    T9] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  236.600774][    T9] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  236.627732][ T8545] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[  236.638647][    T9] usb 7-1: Product: syz
[  236.668255][    T9] usb 7-1: Manufacturer: syz
[  236.693975][    T9] usb 7-1: SerialNumber: syz
[  236.700034][ T8545] EXT4-fs error (device loop5): htree_dirblock_to_tree:1083: inode #2: comm syz.5.717: Directory block failed checksum
[  236.734568][    T9] usb 7-1: config 0 descriptor??
[  236.765744][    T9] hub 7-1:0.0: bad descriptor, ignoring hub
[  236.775825][ T1304] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  236.785229][ T5814] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  236.798530][ T5813] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  236.813840][    T9] hub: probe of 7-1:0.0 failed with error -5
[  236.830463][ T7208] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  236.844003][    T9] usb 7-1: selecting invalid altsetting 0
[  236.880051][ T8550] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  237.501739][ T8563] loop0: detected capacity change from 0 to 4096
[  237.526227][ T8563] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512).
[  237.561705][ T8540] usb 7-1: reset high-speed USB device number 2 using dummy_hcd
[  237.637527][ T8563] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  237.826404][ T8540] usb 7-1: device firmware changed
[  237.843354][ T5774] usb 7-1: USB disconnect, device number 2
[  238.078220][ T5774] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  238.117556][ T8581] loop2: detected capacity change from 0 to 1024
[  238.135756][ T8581] EXT4-fs: inline encryption not supported
[  238.164174][ T8581] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  238.197947][ T8581] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  238.287011][ T5774] usb 7-1: config index 0 descriptor too short (expected 39, got 27)
[  238.335206][ T5774] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  238.386149][ T5774] usb 7-1: config 0 interface 0 has no altsetting 0
[  238.405049][ T8578] loop0: detected capacity change from 0 to 32768
[  238.423583][ T5774] usb 7-1: string descriptor 0 read error: -22
[  238.459199][ T5774] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  238.493577][ T5774] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  238.513393][ T5769] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.537132][ T5774] usb 7-1: config 0 descriptor??
[  238.568363][ T5774] hub 7-1:0.0: bad descriptor, ignoring hub
[  238.574370][ T5774] hub: probe of 7-1:0.0 failed with error -5
[  238.649078][ T5774] usb 7-1: selecting invalid altsetting 0
[  238.907056][ T5774] usb 7-1: USB disconnect, device number 3
[  239.379013][    T9] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  239.588532][    T9] usb 6-1: Using ep0 maxpacket: 8
[  239.601583][    T9] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  239.626227][    T9] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  239.656828][    T9] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  239.685922][    T9] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  239.708450][    T9] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  239.717970][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  239.956136][    T9] usb 6-1: GET_CAPABILITIES returned 0
[  239.965688][    T9] usbtmc 6-1:16.0: can't read capabilities
[  240.088264][ T5813] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  240.169156][    T9] usb 6-1: USB disconnect, device number 8
[  240.281705][ T5813] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  240.299708][ T5813] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  240.315015][ T5813] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  240.332474][ T5813] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  240.358361][ T5813] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  240.393909][ T5813] usb 7-1: config 0 descriptor??
[  240.644392][ T5814] net_ratelimit: 11 callbacks suppressed
[  240.644411][ T5814] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  240.751738][ T8635] loop2: detected capacity change from 0 to 256
[  240.830715][ T5813] plantronics 0003:047F:FFFF.000C: unknown main item tag 0xd
[  240.873684][ T5813] plantronics 0003:047F:FFFF.000C: No inputs registered, leaving
[  240.930563][ T5813] plantronics 0003:047F:FFFF.000C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0
[  241.122687][ T5813] usb 7-1: USB disconnect, device number 4
[  241.188615][ T8638] fido_id[8638]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory
[  241.310433][ T8643] loop0: detected capacity change from 0 to 4096
[  241.332039][ T8643] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  241.402474][ T8643] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  241.410904][ T8643] ntfs3: loop0: Failed to initialize $Extend/$ObjId.
[  241.442640][   T28] audit: type=1800 audit(1772647000.523:156): pid=8643 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.751" name="file1" dev="loop0" ino=24 res=0 errno=0
[  241.628540][ T5774] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  241.650307][ T5814] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  241.852296][ T5774] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  241.875305][ T5774] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  241.885839][ T2131] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  241.908715][ T1304] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  241.919179][ T5814] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  241.929470][ T5774] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  241.950507][ T5774] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  241.963940][ T5774] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  241.981527][ T5774] usb 3-1: config 0 descriptor??
[  242.023702][ T5816] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  242.149727][ T2131] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  242.210274][ T2131] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  242.239327][ T2131] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  242.270464][ T2131] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  242.312002][ T2131] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  242.324811][ T8662] syzkaller1: entered promiscuous mode
[  242.338288][ T8662] syzkaller1: entered allmulticast mode
[  242.369107][ T2131] usb 1-1: config 0 descriptor??
[  242.442654][ T5774] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  242.461758][ T5774] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  242.480149][ T5774] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  242.487880][ T5774] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  242.497559][ T5774] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  242.506973][ T5774] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  242.522415][ T5774] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  242.531588][   T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  242.532606][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  242.554329][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  242.564536][ T5774] plantronics 0003:047F:FFFF.000D: No inputs registered, leaving
[  242.591715][ T5774] plantronics 0003:047F:FFFF.000D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  242.699404][ T5814] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  242.718381][ T5774] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  242.814081][  T788] usb 3-1: USB disconnect, device number 12
[  242.840407][ T2131] plantronics 0003:047F:FFFF.000E: No inputs registered, leaving
[  242.890094][ T2131] plantronics 0003:047F:FFFF.000E: hiddev1,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  242.913890][ T5814] usb 6-1: Using ep0 maxpacket: 16
[  242.940549][ T5814] usb 6-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  242.968327][ T5814] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  242.986502][ T5814] usb 6-1: Product: syz
[  242.999363][ T5814] usb 6-1: Manufacturer: syz
[  243.021032][ T5814] usb 6-1: SerialNumber: syz
[  243.044308][ T5813] usb 1-1: USB disconnect, device number 9
[  243.081885][ T5814] usb 6-1: config 0 descriptor??
[  243.193228][ T8673] fido_id[8673]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  243.341517][ T8672] loop6: detected capacity change from 0 to 8192
[  243.509606][ T5814] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[  243.556143][ T5814] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  243.591350][ T5814] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[  243.628647][ T5814] usb 6-1: media controller created
[  243.666413][ T8684] netlink: 8 bytes leftover after parsing attributes in process `syz.6.763'.
[  243.729920][ T5774] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  243.751979][ T5814] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  244.281613][ T5814] zl10353_read_register: readreg error (reg=127, ret==0)
[  244.299124][ T5814] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[  244.307477][ T5814] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[  244.343210][ T5814] usb 6-1: USB disconnect, device number 9
[  244.396760][ T8699] netlink: 8 bytes leftover after parsing attributes in process `syz.6.768'.
[  244.420406][ T8699] netlink: 'syz.6.768': attribute type 29 has an invalid length.
[  244.443255][ T8699] netlink: 4 bytes leftover after parsing attributes in process `syz.6.768'.
[  244.483942][ T5814] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[  244.959362][ T8705] loop0: detected capacity change from 0 to 8192
[  245.002279][ T8705] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  245.028346][ T8705] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[  245.048687][ T8705] REISERFS (device loop0): using ordered data mode
[  245.055371][ T8705] reiserfs: using flush barriers
[  245.110551][ T8705] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  245.196367][ T8705] REISERFS (device loop0): checking transaction log (loop0)
[  245.653063][ T8705] REISERFS (device loop0): Using tea hash to sort names
[  245.669131][ T8724] loop6: detected capacity change from 0 to 2048
[  245.686493][ T8705] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  245.717181][ T8724] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024)
[  245.761618][ T8724] NILFS (loop6): mounting unchecked fs
[  245.808763][ T5814] net_ratelimit: 2 callbacks suppressed
[  245.808782][ T5814] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  245.894712][ T8724] NILFS (loop6): recovery complete
[  245.926303][ T8731] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  246.048811][   T28] audit: type=1800 audit(1772647005.123:157): pid=8724 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.774" name="file1" dev="loop6" ino=15 res=0 errno=0
[  246.179947][ T8735] loop5: detected capacity change from 0 to 1024
[  246.292794][ T8735] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  246.316228][ T8737] loop2: detected capacity change from 0 to 4096
[  246.382241][ T8735] ext4 filesystem being mounted at /106/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  246.408591][ T8737] EXT4-fs (loop2): Test dummy encryption mode enabled
[  246.587608][ T8737] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  246.639628][ T8735] EXT4-fs error (device loop5): ext4_map_blocks:718: inode #15: block 2: comm syz.5.778: lblock 2 mapped to illegal pblock 2 (length 4)
[  246.745828][ T8735] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 2 with max blocks 4 with error 117
[  246.808375][ T8735] EXT4-fs (loop5): This should not happen!! Data will be lost
[  246.808375][ T8735] 
[  246.840778][   T28] audit: type=1800 audit(1772647005.913:158): pid=8751 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.779" name="file1" dev="loop2" ino=15 res=0 errno=0
[  246.878386][ T5814] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  246.908235][   T28] audit: type=1800 audit(1772647005.983:159): pid=8737 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.779" name="file1" dev="loop2" ino=15 res=0 errno=0
[  247.021784][ T1304] EXT4-fs error (device loop5): ext4_map_blocks:718: inode #15: block 8: comm kworker/u4:7: lblock 8 mapped to illegal pblock 8 (length 8)
[  247.075494][ T1304] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  247.105980][ T1304] EXT4-fs (loop5): This should not happen!! Data will be lost
[  247.105980][ T1304] 
[  247.180711][ T5769] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.192721][ T7208] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  247.510390][ T8766] loop0: detected capacity change from 0 to 64
[  247.568514][ T5780] Bluetooth: hci3: command tx timeout
[  247.652331][ T2933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  247.663604][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  247.674583][ T5814] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  247.757057][ T8771] Trying to free block not in datazone
[  247.772387][ T8771] Trying to free block not in datazone
[  247.783631][ T8771] Trying to free block not in datazone
[  247.805904][ T8771] Trying to free block not in datazone
[  247.823856][ T8771] Trying to free block not in datazone
[  247.843545][ T8771] minix_free_block (loop0:6): bit already cleared
[  247.872602][ T8771] Trying to free block not in datazone
[  247.889386][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  247.908167][ T8771] Trying to free block not in datazone
[  247.956048][ T8750] loop6: detected capacity change from 0 to 40427
[  247.998350][ T8750] F2FS-fs (loop6): invalid crc value
[  248.029789][ T8750] F2FS-fs (loop6): Found nat_bits in checkpoint
[  248.245661][ T8750] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  248.289605][ T2933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  248.299182][ T5814] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  248.328475][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  248.401354][ T8750] syz.6.781: attempt to access beyond end of device
[  248.401354][ T8750] loop6: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  248.617893][ T8750] syz.6.781: attempt to access beyond end of device
[  248.617893][ T8750] loop6: rw=2049, sector=77824, nr_sectors = 1464 limit=40427
[  248.677171][ T8750] syz.6.781: attempt to access beyond end of device
[  248.677171][ T8750] loop6: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  248.849110][ T7997] syz-executor: attempt to access beyond end of device
[  248.849110][ T7997] loop6: rw=2049, sector=45112, nr_sectors = 8 limit=40427
[  248.916095][ T7997] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  248.931671][ T5814] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  249.202831][ T8811] netlink: 'syz.0.795': attribute type 4 has an invalid length.
[  249.492121][ T8814] loop5: detected capacity change from 0 to 256
[  249.559039][ T8817] loop2: detected capacity change from 0 to 64
[  249.602848][ T8814] FAT-fs (loop5): Directory bread(block 64) failed
[  249.642810][ T8814] FAT-fs (loop5): Directory bread(block 65) failed
[  249.659353][   T28] audit: type=1800 audit(1772647008.743:160): pid=8817 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.798" name="file1" dev="loop2" ino=21 res=0 errno=0
[  249.689039][ T8814] FAT-fs (loop5): Directory bread(block 66) failed
[  249.695678][ T8814] FAT-fs (loop5): Directory bread(block 67) failed
[  249.725721][ T8814] FAT-fs (loop5): Directory bread(block 68) failed
[  249.766396][ T8814] FAT-fs (loop5): Directory bread(block 69) failed
[  249.785513][ T8814] FAT-fs (loop5): Directory bread(block 70) failed
[  249.821694][ T8814] FAT-fs (loop5): Directory bread(block 71) failed
[  249.859308][ T8814] FAT-fs (loop5): Directory bread(block 72) failed
[  249.865940][ T8814] FAT-fs (loop5): Directory bread(block 73) failed
[  250.754835][ T8848] loop6: detected capacity change from 0 to 256
[  251.010920][ T2131] net_ratelimit: 4 callbacks suppressed
[  251.010937][ T2131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  251.600124][ T8833] loop2: detected capacity change from 0 to 32768
[  251.698857][ T8833] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  251.954976][ T8859] loop6: detected capacity change from 0 to 32768
[  252.049600][ T2131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  252.151217][ T8833] XFS (loop2): Ending clean mount
[  252.173632][ T8833] XFS (loop2): Quotacheck needed: Please wait.
[  252.187722][ T8885] loop0: detected capacity change from 0 to 64
[  252.346782][ T8833] XFS (loop2): Quotacheck: Done.
[  252.728849][ T5814] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  252.755485][ T5769] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  252.773229][   T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  252.783781][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  252.793827][ T2131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  253.029667][ T5814] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  253.075051][ T5814] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  253.097924][ T2131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  253.114386][ T5814] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  253.148516][ T5814] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  253.199813][ T5814] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  253.238391][ T5814] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  253.276936][ T5814] usb 6-1: Manufacturer: syz
[  253.298808][ T5814] usb 6-1: config 0 descriptor??
[  253.738956][ T5814] appleir 0003:05AC:8243.000F: item fetching failed at offset 0/1
[  253.747511][ T8916] loop0: detected capacity change from 0 to 256
[  253.768922][ T5814] appleir 0003:05AC:8243.000F: parse failed
[  253.775495][ T5814] appleir: probe of 0003:05AC:8243.000F failed with error -22
[  254.053060][ T2933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  254.068852][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  254.088118][ T5813] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  254.136599][ T2131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  254.463142][ T5814] usb 6-1: USB disconnect, device number 10
[  255.636655][ T8932] loop2: detected capacity change from 0 to 32768
[  255.694846][ T8934] loop0: detected capacity change from 0 to 32768
[  255.738524][ T8932] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  255.766145][ T8934] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop0 scanned by syz.0.827 (8934)
[  255.888150][ T8934] BTRFS info (device loop0): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  255.955377][ T8932] XFS (loop2): Ending clean mount
[  255.980081][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[  255.986673][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[  256.018489][ T8934] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  256.027550][ T8934] BTRFS info (device loop0): using free space tree
[  256.074180][ T8932] XFS (loop2): Quotacheck needed: Please wait.
[  256.142335][ T8973] loop6: detected capacity change from 0 to 1024
[  256.151000][ T8973] EXT4-fs: inline encryption not supported
[  256.168901][ T8973] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  256.227188][ T5814] net_ratelimit: 2 callbacks suppressed
[  256.227207][ T5814] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  256.371929][ T8973] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  256.405943][ T8932] XFS (loop2): Quotacheck: Done.
[  256.494117][ T8934] BTRFS info (device loop0): enabling ssd optimizations
[  256.537279][ T8934] BTRFS info (device loop0): auto enabling async discard
[  256.777470][ T7997] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.798023][ T5769] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  257.252458][ T2131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  257.273209][ T5771] BTRFS info (device loop0): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  257.347774][ T9001] loop6: detected capacity change from 0 to 4096
[  257.520564][ T9001] ntfs3: loop6: Mark volume as dirty due to NTFS errors
[  258.263150][ T9018] loop6: detected capacity change from 0 to 1024
[  258.298859][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  258.302895][ T9020] loop0: detected capacity change from 0 to 1024
[  258.356702][ T9020] EXT4-fs: inline encryption not supported
[  258.419934][ T9018] EXT4-fs (loop6): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  258.452694][ T9020] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  258.496104][ T9018] ext4 filesystem being mounted at /38/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  258.543880][ T2955] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  258.555079][ T5813] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  258.564451][ T2131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  258.605247][ T9020] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  258.735307][ T9027] netlink: 20 bytes leftover after parsing attributes in process `syz.2.833'.
[  258.873403][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.906216][ T7997] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  259.077747][ T9032] loop2: detected capacity change from 0 to 512
[  259.136352][ T9032] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  259.219131][ T9037] loop5: detected capacity change from 0 to 128
[  259.328500][ T2131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  259.561891][ T9041] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  259.759113][ T9044] loop2: detected capacity change from 0 to 4096
[  259.809685][ T2955] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  259.818948][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  259.848521][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  259.865181][ T9044] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  259.885164][ T9046] pimreg: entered allmulticast mode
[  260.378421][ T9056] loop6: detected capacity change from 0 to 256
[  260.402383][ T9056] exfat: Deprecated parameter 'utf8'
[  260.424619][ T9056] exfat: Deprecated parameter 'utf8'
[  260.457431][ T9056] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  260.757598][ T9061] loop5: detected capacity change from 0 to 4096
[  260.804971][ T9061] EXT4-fs (loop5): Test dummy encryption mode enabled
[  260.850941][ T9061] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  260.908786][  T788] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  260.950670][ T9068] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  261.014579][   T28] audit: type=1800 audit(1772647020.093:161): pid=9061 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.857" name="file1" dev="loop5" ino=15 res=0 errno=0
[  261.056235][   T28] audit: type=1800 audit(1772647020.133:162): pid=9061 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.857" name="file1" dev="loop5" ino=15 res=0 errno=0
[  261.147097][  T788] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  261.166846][   T28] audit: type=1800 audit(1772647020.133:163): pid=9061 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.857" name="file1" dev="loop5" ino=15 res=0 errno=0
[  261.178814][  T788] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  261.229253][ T7208] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.239295][  T788] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  261.314055][  T788] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  261.374118][  T788] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  261.399654][  T788] usb 3-1: config 0 descriptor??
[  261.408517][   T23] net_ratelimit: 1 callbacks suppressed
[  261.408535][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  261.648374][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  261.843820][  T788] plantronics 0003:047F:FFFF.0010: unknown main item tag 0xd
[  261.880764][  T788] plantronics 0003:047F:FFFF.0010: No inputs registered, leaving
[  261.920030][ T9078] netlink: 'syz.6.864': attribute type 4 has an invalid length.
[  261.938907][  T788] plantronics 0003:047F:FFFF.0010: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  262.031373][ T9071] loop0: detected capacity change from 0 to 32768
[  262.127891][ T9071] JBD2: Ignoring recovery information on journal
[  262.212866][ T9073] loop5: detected capacity change from 0 to 32768
[  262.262244][  T788] usb 3-1: USB disconnect, device number 13
[  262.315618][ T9082] Invalid argument reading file caps for ./file0
[  262.338987][ T9071] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  262.448555][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  262.459649][ T2941] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  262.470583][ T2131] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  262.485411][ T5814] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  262.695470][ T5771] ocfs2: Unmounting device (7,0) on (node local)
[  262.953884][   T28] audit: type=1326 audit(1772647022.033:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9087 comm="syz.5.866" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2a40d9c799 code=0x0
[  263.044451][ T9091] loop6: detected capacity change from 0 to 512
[  263.072728][ T9091] EXT4-fs: Ignoring removed bh option
[  263.122911][ T9091] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  263.154647][ T9091] EXT4-fs error (device loop6): ext4_iget_extra_inode:4732: inode #15: comm syz.6.869: corrupted in-inode xattr: e_value size too large
[  263.184813][ T9091] EXT4-fs error (device loop6): ext4_orphan_get:1403: comm syz.6.869: couldn't read orphan inode 15 (err -117)
[  263.253878][ T9091] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  263.356828][ T9099] loop0: detected capacity change from 0 to 256
[  263.368831][ T9099] exfat: Deprecated parameter 'utf8'
[  263.374525][ T9099] exfat: Deprecated parameter 'utf8'
[  263.390730][ T9099] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  263.449064][ T7997] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.568570][ T5814] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  263.649547][   T11] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  263.665350][ T5813] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  263.674331][ T5814] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  263.898603][ T9109] loop0: detected capacity change from 0 to 764
[  263.935902][ T9109] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  264.018329][ T5814] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  264.208713][ T5814] usb 3-1: Using ep0 maxpacket: 32
[  264.227039][ T5814] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0021, bcdDevice=29.40
[  264.254292][ T5814] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  264.278770][ T5814] usb 3-1: config 0 descriptor??
[  264.526204][ T9102] loop6: detected capacity change from 0 to 40427
[  264.556613][ T5814] dvb-usb: found a 'Elgato EyeTV DTT' in warm state.
[  264.596312][ T9102] F2FS-fs (loop6): invalid crc value
[  264.609962][ T9102] F2FS-fs (loop6): Found nat_bits in checkpoint
[  264.622560][ T5814] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  264.650539][ T5814] dvbdev: DVB: registering new adapter (Elgato EyeTV DTT)
[  264.670676][ T5814] usb 3-1: media controller created
[  264.717816][ T9116] syzkaller1: entered promiscuous mode
[  264.732768][ T9102] F2FS-fs (loop6): Start checkpoint disabled!
[  264.739848][ T9116] syzkaller1: entered allmulticast mode
[  264.760361][ T9102] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  264.782517][ T5814] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  264.917605][ T9107] loop5: detected capacity change from 0 to 40427
[  264.946796][ T9107] F2FS-fs (loop5): build fault injection attr: rate: 690, type: 0x7ffff
[  264.968189][ T9107] F2FS-fs (loop5): heap/no_heap options were deprecated
[  264.975481][ T9107] F2FS-fs (loop5): Image doesn't support compression
[  264.992547][ T9107] F2FS-fs (loop5): invalid crc value
[  265.036939][ T9107] F2FS-fs (loop5): Found nat_bits in checkpoint
[  265.073579][ T5814] DVB: Unable to find symbol dib7000p_attach()
[  265.099343][ T5814] dvb-usb: no frontend was attached by 'Elgato EyeTV DTT'
[  265.216155][ T9107] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  265.352467][ T2933] kworker/u4:9: attempt to access beyond end of device
[  265.352467][ T2933] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  265.375468][ T5814] rc_core: IR keymap rc-dib0700-rc5 not found
[  265.382402][ T9107] F2FS-fs (loop5): sanity_check_inode: corrupted inode i_blocks i_ino=b iblocks=0, run fsck to fix.
[  265.397342][ T5814] Registered IR keymap rc-empty
[  265.405244][ T2933] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  265.424559][ T5814] dvb-usb: could not initialize remote control.
[  265.454004][ T5814] dvb-usb: Elgato EyeTV DTT successfully initialized and connected.
[  265.474716][ T7208] syz-executor: attempt to access beyond end of device
[  265.474716][ T7208] loop5: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  265.508289][ T7208] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  265.514115][ T5814] usb 3-1: USB disconnect, device number 14
[  265.515328][ T7208] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  265.691173][ T5814] dvb-usb: Elgato EyeTV DTT successfully deinitialized and disconnected.
[  266.105240][ T9133] syzkaller1: entered promiscuous mode
[  266.128147][ T9133] syzkaller1: entered allmulticast mode
[  266.485555][ T9141] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  266.688655][ T5814] net_ratelimit: 5 callbacks suppressed
[  266.688671][ T5814] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  266.768579][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  266.779930][ T9144] syzkaller1: entered promiscuous mode
[  266.785726][ T9144] syzkaller1: entered allmulticast mode
[  267.244607][ T9152] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  267.254095][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  267.289507][ T9152] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  267.298049][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  267.308827][ T9153] netlink: 'syz.2.892': attribute type 4 has an invalid length.
[  268.025823][ T9148] loop0: detected capacity change from 0 to 40427
[  268.033095][  T788] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  268.064130][ T9151] loop6: detected capacity change from 0 to 32768
[  268.072467][ T9148] F2FS-fs (loop0): invalid crc value
[  268.091055][ T9148] F2FS-fs (loop0): Found nat_bits in checkpoint
[  268.122011][ T9151] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  268.229161][ T9148] F2FS-fs (loop0): Start checkpoint disabled!
[  268.243062][ T9148] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  268.251822][  T788] usb 6-1: Using ep0 maxpacket: 32
[  268.288548][  T788] usb 6-1: New USB device found, idVendor=0fd9, idProduct=0021, bcdDevice=29.40
[  268.297702][  T788] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  268.390530][  T788] usb 6-1: config 0 descriptor??
[  268.406627][ T9151] XFS (loop6): Ending clean mount
[  268.422411][ T9151] XFS (loop6): Quotacheck needed: Please wait.
[  268.476620][ T9173] kvm: user requested TSC rate below hardware speed
[  268.543166][ T9151] XFS (loop6): Quotacheck: Done.
[  268.638225][  T788] dvb-usb: found a 'Elgato EyeTV DTT' in warm state.
[  268.664627][  T788] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  268.699321][  T788] dvbdev: DVB: registering new adapter (Elgato EyeTV DTT)
[  268.706685][  T788] usb 6-1: media controller created
[  268.750021][ T2933] kworker/u4:9: attempt to access beyond end of device
[  268.750021][ T2933] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  268.785921][ T2933] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  268.819946][  T788] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  268.988939][  T788] DVB: Unable to find symbol dib7000p_attach()
[  269.002898][  T788] dvb-usb: no frontend was attached by 'Elgato EyeTV DTT'
[  269.139923][ T9182] netlink: 12 bytes leftover after parsing attributes in process `syz.2.900'.
[  269.198211][  T788] rc_core: IR keymap rc-dib0700-rc5 not found
[  269.204449][  T788] Registered IR keymap rc-empty
[  269.218402][  T788] dvb-usb: could not initialize remote control.
[  269.224748][  T788] dvb-usb: Elgato EyeTV DTT successfully initialized and connected.
[  269.258986][  T788] usb 6-1: USB disconnect, device number 11
[  269.333065][ T9186] loop2: detected capacity change from 0 to 128
[  269.374604][  T788] dvb-usb: Elgato EyeTV DTT successfully deinitialized and disconnected.
[  269.447557][ T9186] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  269.476151][ T9186] ext4 filesystem being mounted at /223/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  269.573504][ T9184] ./file0: Can't open blockdev
[  269.715018][ T9189] ./file0: Can't open blockdev
[  269.755245][ T9151] XFS (loop6): User initiated shutdown received.
[  269.768667][ T9151] XFS (loop6): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0x105/0x150 (fs/xfs/xfs_fsops.c:491).  Shutting down filesystem.
[  269.792161][ T9151] XFS (loop6): Please unmount the filesystem and rectify the problem(s)
[  269.804549][ T5769] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  269.847920][ T7997] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  270.127809][   T28] audit: type=1326 audit(1772647029.193:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9201 comm="syz.2.904" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff30759c799 code=0x0
[  271.829232][ T9223] loop5: detected capacity change from 0 to 32768
[  271.870939][ T9223] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop5 scanned by syz.5.910 (9223)
[  271.976162][ T9223] BTRFS info (device loop5): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  271.996992][ T9223] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm
[  272.020693][ T9223] BTRFS info (device loop5): using free space tree
[  272.108888][ T2131] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  272.224533][ T9223] BTRFS info (device loop5): enabling ssd optimizations
[  272.261501][ T9223] BTRFS info (device loop5): auto enabling async discard
[  272.368486][ T2131] usb 7-1: Using ep0 maxpacket: 32
[  272.388013][ T2131] usb 7-1: New USB device found, idVendor=0fd9, idProduct=0021, bcdDevice=29.40
[  272.429650][ T2131] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  272.465131][ T2131] usb 7-1: config 0 descriptor??
[  272.772762][ T2131] dvb-usb: found a 'Elgato EyeTV DTT' in warm state.
[  272.822958][ T7208] BTRFS info (device loop5): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  272.835359][ T2131] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  272.884561][ T2131] dvbdev: DVB: registering new adapter (Elgato EyeTV DTT)
[  272.902779][ T2131] usb 7-1: media controller created
[  272.982832][ T2131] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  273.102497][ T9278] loop2: detected capacity change from 0 to 4096
[  273.238644][ T9278] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  273.282688][ T2131] DVB: Unable to find symbol dib7000p_attach()
[  273.292414][ T2131] dvb-usb: no frontend was attached by 'Elgato EyeTV DTT'
[  273.403383][ T9278] ntfs3: loop2: Failed to initialize $Extend/$Reparse.
[  273.532020][ T2131] rc_core: IR keymap rc-dib0700-rc5 not found
[  273.555558][ T9278] ntfs3: loop2: ino=1e, "file1" attr_set_size
[  273.560086][ T2131] Registered IR keymap rc-empty
[  273.568430][ T2131] dvb-usb: could not initialize remote control.
[  273.597554][ T2131] dvb-usb: Elgato EyeTV DTT successfully initialized and connected.
[  273.666072][ T2131] usb 7-1: USB disconnect, device number 5
[  273.829068][ T2131] dvb-usb: Elgato EyeTV DTT successfully deinitialized and disconnected.
[  274.158279][ T5814] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  274.381821][ T5814] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  274.406845][ T5814] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  274.427974][ T5814] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  274.437896][ T5814] usb 3-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  274.446409][ T5814] usb 3-1: Manufacturer: syz
[  274.464292][ T5814] usb 3-1: config 0 descriptor??
[  274.467820][ T9304] loop6: detected capacity change from 0 to 256
[  274.514910][ T9304] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x204dac4c, utbl_chksum : 0xe619d30d)
[  274.805086][ T9296] loop0: detected capacity change from 0 to 32768
[  274.873790][ T9296] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  275.027901][ T9296] XFS (loop0): Ending clean mount
[  275.071064][ T9296] XFS (loop0): Quotacheck needed: Please wait.
[  275.223434][ T9296] XFS (loop0): Quotacheck: Done.
[  275.344080][ T5814] input: syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0011/input/input29
[  275.378561][   T28] audit: type=1804 audit(1772647034.453:166): pid=9296 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.921" name="/newroot/260/file1/file1" dev="loop0" ino=6150 res=1 errno=0
[  275.462445][ T5814] input: syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0011/input/input30
[  275.482260][ T9306] loop5: detected capacity change from 0 to 32768
[  275.500719][ T5771] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  275.537981][ T5814] input: syz Touch Strip as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0011/input/input31
[  275.557412][ T5814] input: syz Dial as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0011/input/input32
[  275.672086][ T9306] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  275.714244][ T5814] uclogic 0003:256C:006D.0011: input,hidraw0: USB HID v0.00 Keypad [syz] on usb-dummy_hcd.2-1/input0
[  275.866508][ T9306] XFS (loop5): Ending clean mount
[  275.889164][ T5814] usb 3-1: USB disconnect, device number 15
[  275.992281][ T9306] XFS (loop5): Quotacheck needed: Please wait.
[  276.236057][ T9334] fido_id[9334]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory
[  276.325979][ T9306] XFS (loop5): Quotacheck: Done.
[  276.582594][ T7208] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  276.612975][  T788] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  276.848591][  T788] usb 1-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  276.869393][  T788] usb 1-1: config 0 interface 0 has no altsetting 0
[  276.918831][  T788] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  276.938484][  T788] usb 1-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  276.958166][  T788] usb 1-1: Product: syz
[  276.962441][  T788] usb 1-1: Manufacturer: syz
[  276.967092][  T788] usb 1-1: SerialNumber: syz
[  276.989462][  T788] usb 1-1: config 0 descriptor??
[  277.018940][  T788] usb 1-1: selecting invalid altsetting 0
[  277.077656][ T5814] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  277.246941][    T9] usb 1-1: USB disconnect, device number 10
[  277.308322][ T5814] usb 3-1: Using ep0 maxpacket: 32
[  277.351752][ T5814] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0021, bcdDevice=29.40
[  277.368931][ T5814] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  277.388878][ T5814] usb 3-1: config 0 descriptor??
[  277.619499][ T5814] dvb-usb: found a 'Elgato EyeTV DTT' in warm state.
[  277.643662][ T5814] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  277.660571][ T5814] dvbdev: DVB: registering new adapter (Elgato EyeTV DTT)
[  277.672085][ T5814] usb 3-1: media controller created
[  277.711369][ T5814] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  277.835719][ T5814] DVB: Unable to find symbol dib7000p_attach()
[  277.846516][ T5814] dvb-usb: no frontend was attached by 'Elgato EyeTV DTT'
[  278.053477][ T5814] rc_core: IR keymap rc-dib0700-rc5 not found
[  278.062079][ T5814] Registered IR keymap rc-empty
[  278.067259][ T5814] dvb-usb: could not initialize remote control.
[  278.102116][ T5814] dvb-usb: Elgato EyeTV DTT successfully initialized and connected.
[  278.135665][ T5814] usb 3-1: USB disconnect, device number 16
[  278.226510][ T5814] dvb-usb: Elgato EyeTV DTT successfully deinitialized and disconnected.
[  278.753951][ T9356] loop0: detected capacity change from 0 to 512
[  278.775030][ T9356] EXT4-fs: Ignoring removed bh option
[  278.811693][ T9356] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  278.858032][ T9356] EXT4-fs (loop0): 1 truncate cleaned up
[  278.871538][ T9356] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  278.893583][ T9359] loop6: detected capacity change from 0 to 4096
[  278.936680][ T9359] ntfs: (device loop6): ntfs_read_locked_inode(): $DATA attribute is missing.
[  279.000539][ T9359] ntfs: (device loop6): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  279.056630][ T9356] overlayfs: upper fs needs to support d_type.
[  279.098261][ T9359] ntfs: (device loop6): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  279.130542][ T9359] ntfs: volume version 3.1.
[  279.275424][ T9359] ntfs: (device loop6): ntfs_cluster_alloc(): Failed to allocate clusters, aborting (error -28).
[  279.300676][ T5771] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294901760 (level 0)
[  279.317408][ T9359] ntfs: (device loop6): ntfs_attr_extend_allocation(): Cannot extend allocation of inode 0x43, attribute type 0x80, because the allocation of clusters failed with error code -28.
[  279.377925][ T5771] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294967295 (level 1)
[  279.435100][ T9367] loop2: detected capacity change from 0 to 8192
[  279.441875][ T5771] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 65535 (level 2)
[  279.493984][ T9367] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  279.535927][ T9367] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal
[  279.546911][ T9367] REISERFS (device loop2): using ordered data mode
[  279.553677][ T9367] reiserfs: using flush barriers
[  279.564532][ T9367] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  279.575293][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.614914][ T7997] ntfs: (device loop6): ntfs_put_super(): Volume has errors.  Leaving volume marked dirty.  Run chkdsk.
[  279.615521][ T9367] REISERFS (device loop2): checking transaction log (loop2)
[  279.950732][ T9367] REISERFS (device loop2): Using tea hash to sort names
[  279.963017][ T9364] loop5: detected capacity change from 0 to 32768
[  279.977030][ T9364] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.939 (9364)
[  279.989290][ T9367] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  280.074790][ T9364] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  280.098178][ T2131] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  280.126941][ T9364] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  280.157356][ T9364] BTRFS info (device loop5): using free space tree
[  280.301711][ T2131] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  280.315698][ T2131] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  280.333090][ T2131] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  280.343185][ T2131] usb 1-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  280.352379][ T2131] usb 1-1: Manufacturer: syz
[  280.361774][ T2131] usb 1-1: config 0 descriptor??
[  280.403470][ T9364] BTRFS info (device loop5): enabling ssd optimizations
[  280.428331][ T9364] BTRFS info (device loop5): auto enabling async discard
[  280.438518][  T788] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  280.645435][  T788] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  280.672753][  T788] usb 7-1: config 0 interface 0 has no altsetting 0
[  280.681830][ T7208] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  280.714526][  T788] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  280.727519][  T788] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  280.745547][  T788] usb 7-1: Product: syz
[  280.764323][  T788] usb 7-1: Manufacturer: syz
[  280.771069][  T788] usb 7-1: SerialNumber: syz
[  280.801947][  T788] usb 7-1: config 0 descriptor??
[  280.868561][  T788] usb 7-1: selecting invalid altsetting 0
[  281.200782][  T788] usb 7-1: USB disconnect, device number 6
[  281.216105][ T2131] input: syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0012/input/input34
[  281.361198][ T2131] input: syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0012/input/input35
[  281.431536][ T2131] input: syz Touch Strip as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0012/input/input36
[  281.454888][ T9400] loop5: detected capacity change from 0 to 1024
[  281.486652][ T2131] input: syz Dial as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0012/input/input37
[  281.513631][ T2131] uclogic 0003:256C:006D.0012: input,hidraw0: USB HID v0.00 Keypad [syz] on usb-dummy_hcd.0-1/input0
[  281.535060][ T2131] usb 1-1: USB disconnect, device number 11
[  281.967397][   T11] hfsplus: b-tree write err: -5, ino 25
[  281.988433][   T11] hfsplus: b-tree write err: -5, ino 4
[  281.994452][   T11] hfsplus: b-tree write err: -5, ino 2
[  282.008261][   T11] hfsplus: b-tree write err: -5, ino 26
[  282.023578][ T9402] fido_id[9402]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/1-1/report_descriptor': No such file or directory
[  283.115261][ T9432] loop0: detected capacity change from 0 to 512
[  283.180335][ T9432] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  283.242371][ T9432] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  283.288424][ T9432] ext4 filesystem being mounted at /268/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  283.375431][   T28] audit: type=1800 audit(1772647042.453:167): pid=9432 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.957" name="file2" dev="loop0" ino=16 res=0 errno=0
[  283.557601][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.389368][ T2131] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  284.612796][ T2131] usb 3-1: config index 0 descriptor too short (expected 39, got 27)
[  284.622347][ T2131] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  284.649106][ T2131] usb 3-1: config 0 interface 0 has no altsetting 0
[  284.662572][ T2131] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  284.672526][ T2131] usb 3-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  284.698444][ T2131] usb 3-1: Product: syz
[  284.718249][ T2131] usb 3-1: Manufacturer: syz
[  284.723154][ T2131] usb 3-1: SerialNumber: syz
[  284.760868][ T2131] usb 3-1: config 0 descriptor??
[  284.784420][ T2131] hub 3-1:0.0: bad descriptor, ignoring hub
[  284.824951][ T2131] hub: probe of 3-1:0.0 failed with error -5
[  284.834780][ T9469] loop5: detected capacity change from 0 to 2048
[  284.864956][ T2131] usb 3-1: selecting invalid altsetting 0
[  284.915089][ T9469] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  285.069597][ T9471] loop6: detected capacity change from 0 to 256
[  285.168948][ T9471] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  285.338785][ T9475] loop0: detected capacity change from 0 to 1024
[  285.394808][ T9475] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  285.448256][ T9458] usb 3-1: reset high-speed USB device number 17 using dummy_hcd
[  285.497328][ T9475] ext4 filesystem being mounted at /270/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  285.577721][ T9479] loop5: detected capacity change from 0 to 2048
[  285.613225][ T9475] EXT4-fs error (device loop0): ext4_map_blocks:718: inode #15: block 3: comm syz.0.974: lblock 3 mapped to illegal pblock 3 (length 3)
[  285.658043][ T9479] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  285.675037][ T9458] usb 3-1: device firmware changed
[  285.691644][ T9475] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  285.713495][ T2131] usb 3-1: USB disconnect, device number 17
[  285.727915][ T9475] EXT4-fs (loop0): This should not happen!! Data will be lost
[  285.727915][ T9475] 
[  285.767540][ T9482] EXT4-fs error (device loop0): ext4_free_blocks:6690: comm syz.0.974: Freeing blocks not in datazone - block = 3, count = 3
[  285.867268][ T9482] EXT4-fs error (device loop0): ext4_free_blocks:6690: comm syz.0.974: Freeing blocks not in datazone - block = 0, count = 16
[  285.958360][ T2131] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  286.020831][   T12] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm kworker/u4:1: bg 0: block 112: padding at end of block bitmap is not set
[  286.099146][   T12] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 37 with max blocks 31 with error 28
[  286.118107][   T12] EXT4-fs (loop0): This should not happen!! Data will be lost
[  286.118107][   T12] 
[  286.132288][   T12] EXT4-fs (loop0): Total free blocks count 0
[  286.148254][   T12] EXT4-fs (loop0): Free/Dirty block details
[  286.154346][   T12] EXT4-fs (loop0): free_blocks=0
[  286.177489][   T12] EXT4-fs (loop0): dirty_blocks=48
[  286.185931][ T2131] usb 3-1: config index 0 descriptor too short (expected 39, got 27)
[  286.211859][ T2131] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  286.213089][   T12] EXT4-fs (loop0): Block reservation details
[  286.243791][ T2131] usb 3-1: config 0 interface 0 has no altsetting 0
[  286.273993][ T2131] usb 3-1: string descriptor 0 read error: -22
[  286.281836][ T2131] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  286.319452][ T2131] usb 3-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  286.332017][ T2131] usb 3-1: config 0 descriptor??
[  286.340131][ T2131] hub 3-1:0.0: bad descriptor, ignoring hub
[  286.347308][ T2131] hub: probe of 3-1:0.0 failed with error -5
[  286.357120][ T2131] usb 3-1: selecting invalid altsetting 0
[  286.789412][  T788] usb 3-1: USB disconnect, device number 18
[  286.871351][ T9491] hugetlbfs: Bad value '0x00000000ffffffff' for mount option 'uid'
[  286.871351][ T9491] 
[  287.728762][ T9515] loop6: detected capacity change from 0 to 1024
[  287.991302][ T9515] hfsplus: xattr search failed
[  288.169706][ T7997] hfsplus: node 4:3 still has 1 user(s)!
[  288.193169][ T9525] loop0: detected capacity change from 0 to 128
[  288.269123][ T5785] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  288.373474][ T9528] loop6: detected capacity change from 0 to 128
[  288.414566][ T9528] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  288.473237][ T9528] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  288.597658][   T12] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  289.118833][ T9531] loop0: detected capacity change from 0 to 32768
[  289.235113][ T9531] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  289.476835][ T9531] XFS (loop0): Ending clean mount
[  289.521012][ T9531] XFS (loop0): Quotacheck needed: Please wait.
[  289.690965][ T9531] XFS (loop0): Quotacheck: Done.
[  289.761571][   T28] audit: type=1800 audit(1772647048.833:168): pid=9531 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.998" name="file1" dev="loop0" ino=4422 res=0 errno=0
[  290.039742][ T9557] loop2: detected capacity change from 0 to 4096
[  290.071877][ T9557] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  290.143376][ T9557] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 4096)
[  290.178504][ T5771] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  290.248395][ T9558] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  290.317663][ T9557] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  290.380921][ T9557] Remounting filesystem read-only
[  290.409415][ T9557] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  290.445515][ T9557] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  290.482009][ T9557] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  290.502453][ T9557] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  290.514981][ T9557] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  290.527260][ T9557] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  290.541607][ T9557] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  290.553390][ T9557] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  290.598783][ T9557] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  290.658399][ T9557] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  290.713990][ T9557] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  290.738319][ T9557] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  290.753343][ T9557] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  290.764965][ T9557] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  290.806840][ T5769] NILFS (loop2): discard dirty page: offset=8192, ino=6
[  290.819460][ T5769] NILFS (loop2): discard dirty block: blocknr=25, size=4096
[  290.827209][ T5769] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer
[  290.843841][ T5769] NILFS (loop2): discard dirty page: offset=49152, ino=15
[  290.869609][ T5769] NILFS (loop2): discard dirty block: blocknr=0, size=4096
[  290.891155][ T5769] NILFS (loop2): discard dirty page: offset=0, ino=3
[  290.898013][ T5769] NILFS (loop2): discard dirty block: blocknr=28, size=4096
[  290.918591][ T5769] NILFS (loop2): discard dirty page: offset=4096, ino=3
[  290.926678][ T5769] NILFS (loop2): discard dirty block: blocknr=29, size=4096
[  290.959364][ T5769] NILFS (loop2): discard dirty page: offset=925696, ino=3
[  290.966949][ T5769] NILFS (loop2): discard dirty block: blocknr=36, size=4096
[  291.090020][ T9554] loop5: detected capacity change from 0 to 32768
[  291.160220][ T9554] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  291.333161][ T5813] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  291.367331][ T9553] loop6: detected capacity change from 0 to 40427
[  291.409194][ T9554] syz.5.1004 (9554) used greatest stack depth: 18736 bytes left
[  291.436373][ T9553] F2FS-fs (loop6): invalid crc value
[  291.471083][ T9553] F2FS-fs (loop6): Found nat_bits in checkpoint
[  291.542502][ T5813] usb 1-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  291.568237][ T5813] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  291.593668][ T5813] usb 1-1: config 0 descriptor??
[  291.621460][ T5813] gspca_main: cpia1-2.14.0 probing 0813:0001
[  291.636591][ T7208] ocfs2: Unmounting device (7,5) on (node local)
[  291.650162][ T9553] F2FS-fs (loop6): Start checkpoint disabled!
[  291.659051][ T9553] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  291.722924][ T9553] syz.6.1003: attempt to access beyond end of device
[  291.722924][ T9553] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  291.804695][ T9553] syz.6.1003: attempt to access beyond end of device
[  291.804695][ T9553] loop6: rw=0, sector=45096, nr_sectors = 8 limit=40427
[  292.043206][ T9564] loop2: detected capacity change from 0 to 32768
[  292.058228][ T5813] cpia1 1-1:0.0: unexpected state after lo power cmd: 00
[  292.085447][ T1304] kworker/u4:7: attempt to access beyond end of device
[  292.085447][ T1304] loop6: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  292.135300][ T1304] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  292.147641][   T28] audit: type=1800 audit(1772647051.223:169): pid=9564 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1008" name="file1" dev="loop2" ino=4 res=0 errno=0
[  292.202674][ T1304] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  292.249391][ T1304] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  292.666640][ T5813] gspca_cpia1: usb_control_msg 05, error -71
[  292.688345][ T5813] cpia1 1-1:0.0: unexpected systemstate: 00
[  292.709227][ T5813] usb 1-1: USB disconnect, device number 12
[  292.868996][ T9572] team0 (unregistering): Port device team_slave_0 removed
[  292.882114][ T9572] team0 (unregistering): Port device team_slave_1 removed
[  293.126769][ T9578] loop6: detected capacity change from 0 to 1024
[  293.288237][ T2131] usb 3-1: new full-speed USB device number 19 using dummy_hcd
[  293.455326][ T2941] hfsplus: bad catalog file entry
[  293.479270][ T2941] hfsplus: b-tree write err: -5, ino 3
[  293.511801][ T2131] usb 3-1: unable to get BOS descriptor or descriptor too short
[  293.527056][ T2131] usb 3-1: not running at top speed; connect to a high speed hub
[  293.539712][ T2131] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0xD has invalid maxpacket 1024, setting to 64
[  293.564310][ T2131] usb 3-1: New USB device found, idVendor=15ca, idProduct=1806, bcdDevice= 0.40
[  293.588601][ T2131] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  293.596694][ T2131] usb 3-1: Product: syz
[  293.646712][ T2131] usb 3-1: Manufacturer: syz
[  293.668641][ T2131] usb 3-1: SerialNumber: syz
[  293.690102][ T9574] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  293.943292][ T2131] usb 3-1: Quirk or no altest; falling back to MIDI 1.0
[  293.958521][ T2131] usb 3-1: MIDIStreaming interface descriptor not found
[  294.017524][ T2131] usb 3-1: USB disconnect, device number 19
[  294.515838][ T9599] loop6: detected capacity change from 0 to 32768
[  294.528526][ T5816] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  294.548009][ T9599] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  294.587580][ T9599] XFS (loop6): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  294.634681][ T9599] XFS (loop6): Starting recovery (logdev: internal)
[  294.752133][ T5816] usb 6-1: config index 0 descriptor too short (expected 39, got 27)
[  294.761559][ T9599] XFS (loop6): Ending recovery (logdev: internal)
[  294.778255][ T5816] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  294.808285][ T5816] usb 6-1: config 0 interface 0 has no altsetting 0
[  294.831020][ T5816] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  294.867158][ T5816] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  294.897159][ T9611] loop2: detected capacity change from 0 to 2048
[  294.898744][ T5816] usb 6-1: Product: syz
[  294.939516][ T5816] usb 6-1: Manufacturer: syz
[  294.959548][ T5816] usb 6-1: SerialNumber: syz
[  294.963872][   T28] audit: type=1800 audit(1772647054.033:170): pid=9599 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1031" name="file1" dev="loop6" ino=4422 res=0 errno=0
[  294.999318][ T5816] usb 6-1: config 0 descriptor??
[  295.019436][ T5816] hub 6-1:0.0: bad descriptor, ignoring hub
[  295.025879][ T5816] hub: probe of 6-1:0.0 failed with error -5
[  295.053803][  T788] XFS (loop6): Metadata corruption detected at xfs_inobt_verify+0xc5/0x230, xfs_finobt block 0x8 
[  295.079687][ T9611] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  295.085226][ T5816] usb 6-1: selecting invalid altsetting 0
[  295.109830][  T788] XFS (loop6): Unmount and run xfs_repair
[  295.130282][ T9611] ext4 filesystem being mounted at /245/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  295.151786][  T788] XFS (loop6): First 128 bytes of corrupted metadata buffer:
[  295.168430][  T788] 00000000: 41 42 33 42 00 00 00 02 ff ff ff ff ff ff ff ff  AB3B............
[  295.194164][  T788] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 10  ................
[  295.235782][  T788] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[  295.287805][  T788] 00000030: 00 00 00 00 c8 fc 31 e4 00 00 04 4e 00 00 00 02  ......1....N....
[  295.315840][  T788] 00000040: 00 00 04 60 00 00 0b a0 00 00 00 00 00 00 00 00  ...`............
[  295.360814][  T788] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  295.374821][ T5769] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.385216][  T788] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  295.402453][  T788] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  295.428399][ T9617] XFS (loop6): metadata I/O error in "xfs_btree_read_buf_block+0x1df/0x2e0" at daddr 0x8 len 8 error 117
[  295.544529][ T9624] Bluetooth: hci0: Opcode 0x0c20 failed: -4
[  295.676042][ T7997] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  295.838312][ T9601] usb 6-1: reset high-speed USB device number 12 using dummy_hcd
[  296.139549][ T9601] usb 6-1: device firmware changed
[  296.184425][    T9] usb 6-1: USB disconnect, device number 12
[  296.318967][ T9636] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1034'.
[  296.399015][    T9] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  296.423461][ T9626] loop0: detected capacity change from 0 to 32768
[  296.517917][ T9626] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  296.610491][    T9] usb 6-1: config index 0 descriptor too short (expected 39, got 27)
[  296.628530][    T9] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  296.652479][    T9] usb 6-1: config 0 interface 0 has no altsetting 0
[  296.676411][    T9] usb 6-1: string descriptor 0 read error: -22
[  296.696834][    T9] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  296.706726][    T9] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  296.728410][    T9] usb 6-1: config 0 descriptor??
[  296.748306][    T9] hub 6-1:0.0: bad descriptor, ignoring hub
[  296.754320][    T9] hub: probe of 6-1:0.0 failed with error -5
[  296.769608][ T9626] XFS (loop0): Ending clean mount
[  296.781783][    T9] usb 6-1: selecting invalid altsetting 0
[  296.918195][ T5816] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  296.999763][ T5771] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  297.125441][ T5816] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  297.170539][ T5816] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  297.218764][ T5813] usb 6-1: USB disconnect, device number 13
[  297.230840][ T5816] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  297.241195][ T5816] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  297.276705][ T5816] usb 3-1: Product: syz
[  297.283451][ T5816] usb 3-1: Manufacturer: syz
[  297.288746][ T5816] usb 3-1: SerialNumber: syz
[  297.339365][ T5816] cdc_mbim 3-1:1.0: skipping garbage
[  297.551928][ T9650] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  297.570749][ T5780] Bluetooth: hci0: command 0x0c20 tx timeout
[  297.687342][ T9660] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  297.935975][ T9668] netlink: 'syz.6.1046': attribute type 5 has an invalid length.
[  297.977479][ T9668] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  297.986830][ T9668] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  297.996494][ T9668] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  298.005734][ T9668] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  298.059217][ T9668] netdevsim netdevsim6 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  298.068581][ T9668] netdevsim netdevsim6 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  298.077784][ T9668] netdevsim netdevsim6 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  298.088144][ T9668] netdevsim netdevsim6 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  298.234549][ T9650] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  298.254141][ T5816] cdc_mbim 3-1:1.0: setting rx_max = 16384
[  298.298492][ T9671] netlink: 'syz.6.1046': attribute type 5 has an invalid length.
[  298.343776][ T9671] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  298.353086][ T9671] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  298.362339][ T9671] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  298.371409][ T9671] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  298.432420][ T9671] netdevsim netdevsim6 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  298.442222][ T9671] netdevsim netdevsim6 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  298.451532][ T9671] netdevsim netdevsim6 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  298.460858][ T9671] netdevsim netdevsim6 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  298.476920][ T5816] cdc_mbim 3-1:1.0: setting tx_max = 184
[  298.495743][ T5816] cdc_mbim 3-1:1.0: cdc-wdm0: USB WDM device
[  298.560490][ T5816] wwan wwan0: port wwan0mbim0 attached
[  298.643851][ T5816] cdc_mbim 3-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.2-1, CDC MBIM, e6:86:a2:cb:59:02
[  298.683993][ T5816] usb 3-1: USB disconnect, device number 20
[  298.701527][ T5816] cdc_mbim 3-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.2-1, CDC MBIM
[  298.940116][ T5816] wwan wwan0: port wwan0mbim0 disconnected
[  298.957512][ T9686] loop5: detected capacity change from 0 to 2048
[  299.066982][ T9686] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  299.247876][ T7208] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.448319][ T5814] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  299.524859][ T9698] loop5: detected capacity change from 0 to 64
[  299.624380][   T28] audit: type=1800 audit(1772647058.703:171): pid=9698 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1056" name="file1" dev="loop5" ino=21 res=0 errno=0
[  299.650161][ T9698] hfs: request for non-existent node 237 in B*Tree
[  299.677380][ T9698] hfs: request for non-existent node 237 in B*Tree
[  299.694015][ T9698] hfs: request for non-existent node 237 in B*Tree
[  299.711842][ T5814] usb 1-1: config index 0 descriptor too short (expected 39, got 27)
[  299.726400][ T5814] usb 1-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  299.742531][ T5814] usb 1-1: config 0 interface 0 has no altsetting 0
[  299.749866][ T9698] hfs: request for non-existent node 237 in B*Tree
[  299.760139][ T5814] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  299.762687][ T9699] hfs: request for non-existent node 237 in B*Tree
[  299.770571][ T5814] usb 1-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  299.789599][ T5814] usb 1-1: Product: syz
[  299.794177][ T5814] usb 1-1: Manufacturer: syz
[  299.799823][ T5814] usb 1-1: SerialNumber: syz
[  299.854436][ T9699] hfs: request for non-existent node 237 in B*Tree
[  299.878731][ T5814] usb 1-1: config 0 descriptor??
[  299.948849][ T5814] hub 1-1:0.0: bad descriptor, ignoring hub
[  299.954852][ T5814] hub: probe of 1-1:0.0 failed with error -5
[  299.989784][ T2941] hfs: request for non-existent node 237 in B*Tree
[  299.997179][ T5814] usb 1-1: selecting invalid altsetting 0
[  300.033269][ T2941] hfs: request for non-existent node 237 in B*Tree
[  300.065505][ T2941] ------------[ cut here ]------------
[  300.071195][ T2941] kernel BUG at fs/hfs/inode.c:449!
[  300.087007][ T2941] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[  300.093151][ T2941] CPU: 0 PID: 2941 Comm: kworker/u4:10 Not tainted syzkaller #0
[  300.100837][ T2941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  300.110939][ T2941] Workqueue: writeback wb_workfn (flush-7:5)
[  300.116991][ T2941] RIP: 0010:hfs_write_inode+0x87a/0x880
[  300.122587][ T2941] Code: c7 c1 00 b3 30 97 80 e1 07 80 c1 03 38 c1 0f 8c 73 fe ff ff 48 c7 c7 00 b3 30 97 e8 f0 0c 84 ff e9 62 fe ff ff e8 16 de 2b ff <0f> 0b 0f 1f 40 00 f3 0f 1e fa 55 41 57 41 56 41 54 53 48 89 fb 49
[  300.142244][ T2941] RSP: 0018:ffffc9000bb67340 EFLAGS: 00010293
[  300.148456][ T2941] RAX: ffffffff825b3e4a RBX: ffff888077f74928 RCX: ffff88802c018000
[  300.156657][ T2941] RDX: 0000000000000000 RSI: ffffffff8d339960 RDI: 0000000000000000
[  300.164948][ T2941] RBP: ffffc9000bb674d0 R08: ffff88802c018000 R09: 0000000000000003
[  300.173678][ T2941] R10: 0000000000000004 R11: 0000000000000000 R12: dffffc0000000000
[  300.181696][ T2941] R13: 1ffff9200176ce6c R14: ffff888077f748d8 R15: 0000000000000000
[  300.189986][ T2941] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  300.198976][ T2941] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  300.205732][ T2941] CR2: 00007ffcc77f1c60 CR3: 000000002f962000 CR4: 00000000003506f0
[  300.213901][ T2941] Call Trace:
[  300.217226][ T2941]  <TASK>
[  300.220222][ T2941]  ? hfs_inode_write_fork+0x1a0/0x1a0
[  300.226003][ T2941]  ? __rwlock_init+0x150/0x150
[  300.230976][ T2941]  __writeback_single_inode+0x705/0xec0
[  300.236842][ T2941]  writeback_sb_inodes+0x7cd/0xf50
[  300.242052][ T2941]  ? queue_io+0x550/0x550
[  300.246536][ T2941]  ? rcu_is_watching+0x15/0xb0
[  300.251391][ T2941]  wb_writeback+0x46a/0xbf0
[  300.256053][ T2941]  ? queue_io+0x3b1/0x550
[  300.260450][ T2941]  ? percpu_ref_tryget+0x250/0x250
[  300.265629][ T2941]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  300.272022][ T2941]  ? _raw_spin_unlock_irq+0x23/0x50
[  300.277300][ T2941]  wb_workfn+0x400/0xe60
[  300.281598][ T2941]  ? try_to_wake_up+0x70a/0x1190
[  300.286624][ T2941]  ? inode_wait_for_writeback+0x230/0x230
[  300.292444][ T2941]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  300.298498][ T2941]  ? read_lock_is_recursive+0x20/0x20
[  300.304467][ T2941]  ? _raw_spin_unlock_irq+0x23/0x50
[  300.309908][ T2941]  ? process_scheduled_works+0x96f/0x15d0
[  300.315694][ T2941]  ? process_scheduled_works+0x96f/0x15d0
[  300.321470][ T2941]  process_scheduled_works+0xa5d/0x15d0
[  300.327090][ T2941]  ? worker_attach_to_pool+0x380/0x380
[  300.332632][ T2941]  ? assign_work+0x3d2/0x5d0
[  300.337374][ T2941]  worker_thread+0xa55/0xfc0
[  300.342119][ T2941]  kthread+0x2fa/0x390
[  300.346248][ T2941]  ? pr_cont_work+0x560/0x560
[  300.351003][ T2941]  ? kthread_blkcg+0xd0/0xd0
[  300.355658][ T2941]  ret_from_fork+0x48/0x80
[  300.360143][ T2941]  ? kthread_blkcg+0xd0/0xd0
[  300.364790][ T2941]  ret_from_fork_asm+0x11/0x20
[  300.369624][ T2941]  </TASK>
[  300.372690][ T2941] Modules linked in:
[  300.462299][ T2941] ---[ end trace 0000000000000000 ]---
[  300.467917][ T2941] RIP: 0010:hfs_write_inode+0x87a/0x880
[  300.477199][ T2941] Code: c7 c1 00 b3 30 97 80 e1 07 80 c1 03 38 c1 0f 8c 73 fe ff ff 48 c7 c7 00 b3 30 97 e8 f0 0c 84 ff e9 62 fe ff ff e8 16 de 2b ff <0f> 0b 0f 1f 40 00 f3 0f 1e fa 55 41 57 41 56 41 54 53 48 89 fb 49
[  300.488823][ T9696] loop2: detected capacity change from 0 to 32768
[  300.501513][ T2941] RSP: 0018:ffffc9000bb67340 EFLAGS: 00010293
[  300.523044][ T2941] RAX: ffffffff825b3e4a RBX: ffff888077f74928 RCX: ffff88802c018000
[  300.578776][ T2941] RDX: 0000000000000000 RSI: ffffffff8d339960 RDI: 0000000000000000
[  300.603845][ T2941] RBP: ffffc9000bb674d0 R08: ffff88802c018000 R09: 0000000000000003
[  300.634462][ T2941] R10: 0000000000000004 R11: 0000000000000000 R12: dffffc0000000000
[  300.664130][ T2941] R13: 1ffff9200176ce6c R14: ffff888077f748d8 R15: 0000000000000000
[  300.673377][ T2941] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  300.690795][ T2941] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  300.707680][ T2941] CR2: 00002000000021c0 CR3: 00000000625b6000 CR4: 00000000003506e0
[  300.720784][ T2941] Kernel panic - not syncing: Fatal exception
[  300.727100][ T2941] Kernel Offset: disabled
[  300.731528][ T2941] Rebooting in 86400 seconds..