last executing test programs:

3.080508417s ago: executing program 1 (id=2157):
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
request_key(&(0x7f0000000400)='user\x00', 0x0, 0x0, 0x0)

2.924754209s ago: executing program 1 (id=2161):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000003c0)='./file0\x00', 0x210451, &(0x7f0000000000)=ANY=[], 0x1, 0x259, &(0x7f0000000900)="$eJzsmc9r1EAUx78zSbPZWvxx0IMH99LDCjabZFV6EakXTxVLK+JxsbG0m3Zlu0hbELrg1T9A8O/w0JMHb949eVBPFdyjggiOTDKTzKYpcSue+j6w2W9m3pt585J5gQQEQZxavnz+/unlnfmVawBmMIuaaj+0tIUNbth/fGVNKflu6+zzg+J4DIAQ+bldMb8D4O2CBeynwwqRe/8UwKwacwU80ZIH4Liq9EMweDpWkXtHYHikmjcM3asrEUfscS9efbIeR748BPIQykMbEGPxj4YMqwBcNQUz4t/e3et24hfopyKOtJgSep68y1VO48ZubNqUCGyUpq6WxbfAcctIAQfOaSNP/ftG/gJwBEq3wbCs9Dxq8DyvoU6jwFj/ZTsf30ovm7H+igVkwp3E+N/FhblJvK6UdN0uWWC9xF3fgWaXvtO6v8WRkfdREQ/vdmKmcm524TygbJwTXYJJhdx+1cbFtf+d4I2jXk7VOG6WOvtEk8YRK7bIDZ21XBodvC946UxnLR8WDXfHNGaYPB5ZX//ndoCqO3nL11TM1IHF3Jjl5eni2DjT6drvAWiaJUzn5dhbAod3oQq4UZ9s46nQGmw+bW3v7s2tb3bWorVoKwzbN/3rvn8jbMm8+K2kQpcWwLT+uUl9mjaLosHSj1w7zMFOZzDoBzvAoB/oDdoPk9bQqLjLb3rfsqhHQ47mLyH048UxJmKF+Zj68dfyX6qmdWzwBEEQBEEQBEEQBEEQBEEQFQj1LrIGnAEaYMlb1mH2tWpJfxoTiWUibOc+ntWBPwEAAP//pQoy/w==")
chdir(&(0x7f0000000340)='./file0\x00')

2.642696551s ago: executing program 1 (id=2167):
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x50807100, 0x0, 0x0, 0x0, 0x0, 0x0)

2.288574966s ago: executing program 4 (id=2173):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@getnexthop={0x18, 0x6a, 0xe0d, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x4000000}}, 0x18}}, 0x0)

2.168581808s ago: executing program 1 (id=2176):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_TLS_RX(r0, 0x6, 0x2, &(0x7f0000000640)=@gcm_256={{0x304}, "55b2bfe456f65ac5", "94933eabd65daad540f97d075c35dc3d0c5423c36a5a29e09986c18918a9d481", "ea6eda2b", "a3df11c174fa26bb"}, 0x38)

2.168168393s ago: executing program 4 (id=2177):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000080)={0x0, 0xdfffffff, 0x800, 0x0, 0x1}, 0x20)

2.001225849s ago: executing program 1 (id=2180):
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000340)='./file1\x00', 0x0, &(0x7f0000000000)={[{@space_cache_v1}, {@clear_cache}, {@compress_algo={'compress', 0x3d, 'zstd'}}]}, 0xff, 0x50d4, &(0x7f00000051c0)="$eJzs3U+IVWUfB/Dnzjg6KDjXnbp48QW3wiQKRURDaFaYc82CosVMLYIQYVAwFy3EgpIWDgha4cJgWmR/nFVFC3GVBEEQBcEgzEKQdkIxGC6Ke8957pz7HO+5dyZ1TD+fmDnnOb/zPOeZy1nc783n3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhhJNz585V1bdemTm7Y2DP1Us3T+w8NTE6H0KtdbyW1yeeeuaFNw5MPD8cO0zuz7b1erchs67zWWN1x8Fmv86f10IIQ8kAg/l292Bp1OLu4fKAlfZfXNh25NbeXTPHxg9dOLp5qvyn0zS80hNYKfl9dW3xXhpr/R5Izmi3C7dereMWzfqnN9w9+SMAgCUZbbQ27bej+Vvcdvt4Wk/aY0l7OmnHdwjTxcZyZOOu7jbPLWl9heY5lkWFNd3mWU/q+evfbjeSekjbnVFjCfPsPDWPNMPd5jmV1FdqngAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3k6c/+eJ6VX3rlZmzOwb2XL1088TOUxOj8yHUW8drWbn2xMLcwqa3dj/63e4vP/6zPn5yMO8Xt6sKJ4ff4s5jIyG8Xqhci8P+vj6ERmeh1QwflQtvtnaejQUAAAAeJJtavwfa7SwODnW0a600WWv9F2Vhcf/FhW1Hbu3dNXNs/NCFo5unlj9eo8t4Y7cdr92uL/7UCsE4xt90vMV6PPVwaZxq6Yhpnn959MPtVf1L+b9enf/jKyf/AwAA8G/I/+k41Xrl//nPX91X1b+U/7d0XLKU/+OMY/4fCMvL/wAAAHA/u9v5f6w0TrVe+f/r9/edrupfyv+j/eX/VcVpx4M/xgkfHAlhtNfUAQAAgC7i/3df/Ggh5vXsk4M0r7+49fpQ1Xil/D/WX/6vHBQAAAC4p34488jfVfVS/m/0l//X3NVZAwAAAEvxv/cmD1TVS/l/sr/8vzbf5isfsk7fx3+FcHokhOHmzlRWuBKmn2wXAAAAgDsk5vSXvt18tOq8Uv6fqn7+f3zSQVz/3/H8v9L6/0Ihe+rf4x4MAAAAwMOovJ4/Ph4/++aCbt+/3+/6/09//nVD1fVL+f94f/l/sLi9k9//BwAAAMvwX/v+v1dK41Tr9fz/t9/dsLT8P91f/o/bdcU/73J8fd4ZCWFjcyd/muBn8XIHk8LsUKHQ0kh6HIg98sLsmkKhZSrpsX0khP83d44nhQ2xMJ0UbqzPC+eTwk+xkN8P7cJXSeFyvNPOrM+nmxa+iYV8gcVsXEGxrr0kIunxR7cezcJte8y1Lw4AAPBQieE5z7JDnc2QRtnZWq8T1vY6YaDXCYO9TliVnJCe2O14mOwsxON//TL+XKhQyv/n+8v/8aVYnW26rf8Pcf1//r2G7fX/k7FQTwqzsdBInxjQiNfIwu4H8Rr1Rt7jxsZ2AQAAAB5o8XOBwRWeBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAPe/ceY8dVHw787PN61+vdDUHKQxYxL0N+ktdrOw7WLyCcVBEIpGQtov6DQtbYm9TxBhs/Co4s1RhUlCKEC66IQh+2RFSnEsgqbXmEEosqQVUtGoU2fziPpgWEKkGjFNclSiRX986c2bln9j78WNsbPh/Je8+933POzDn33vGcmblnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgt8PV373hy+3i7/jR1796U+8HXvjBbw6u/9I9ky+FMNV4vScL97zvzHNnrvvU7Ru+d/s3Hjk9fudDg3m5PB6W1v/05k8+F2v92bIQvt0TQn8aWDWSBQby5yOxvuUjIVwV5gJFiZnhrES64PDkUAhHwlygqOq7QyGMlAJ3PfPDJ75YTxweCuGdIYRauowXatkyhtLAysEsMJwGdvRngf89mykC3+nNAnDB4peh+NAfn2rOMD5/uRafv4GLtmKXV9q8vpgYb53vV7cu8EqVDKYvTF3Q21apjgVR+Xqc8G1bBN+2Sj8f8raVd6TyPZSzc6Fa6N06c+/mvbN74iu9YWKir1VNC/Q+n3pl/5ZzSS+az2FcgfGL8jm8//DNzw5+7I4XH3n98f2na19bfqGr2ap7F1ot5J+5RfM+RhttTxbB16+yl7TCTlcI4fSJk/vbxSvj//H24//4cY6PvU25Y62vjWZj8/jKSEy8PJqNzQEAAGDRWAxHTQdX/OtP29VXGf+v6O78fzzlnw/ms9aeCGFjI/HZsRCubbyeBR6Li/v4WAhvbaSmmgO3JoETIVzXSNxYVJWUWBJLrEgCvxjNAxuTwFMxMJUEHo2BQ0ngczFwPAlsiYETSeC2GAjbmtvx/0bzdnQdGIqB6awTj8erEH49GpeW9NVzRVUAAAAXST46HGh+WrrW4UIzxOHl8aFOGeIV2C0z1JIa0hFsMaxqWUN/pxp6O9VQtPtA++ZXau7pVHPlMoye5gz/c+qaHaGNyvh/sv34vzbPivRUzv+HyU2Nh5i7N4/MFhmmp5oyAAAAABfg9948vbldvDL+39jd9f/xmEhfKXM4GQ9DbB8LYbI5kFV7SzWQnfVemgcAAABgMSjOxxfnwrflj9kl2ul4upp/6hzzxxP/G+fNv+PH//J4u/WtjP+nurv+f7j5MVuJp+JafGUshCWlwI/iWtYDDSti4KX3Nwfy9j8VO+ALsar8woSiqi/EEtMxMJkEjrQq8XRR4trmQP5mFQv/bNGObXmJUgAAAAAuuXg4IJ6Xj9f/r/nbP3yyXbnK+H/63K7/b4yDK5f3zy4NYXV/CH3pDwNODmcTA8bASE+e+PvhrK6+tKqDwyHcUm9YWtV/5PP/96dzDP5kKKsqBq5927FXVtYTXx8KYXU58OxHj66vJ/YmgWLhvzsUwg311qYL/7sl2cIH0oU/vCSEt5QCRVVbloRQX9hgWtU/1PL7GKRVHa+FcHUpUFT1nloI+wIAi1X8v3Rr+cXd+x7cvnl2dmbXAibiQfyhcO+22ZmJLTtmt9ZarNPWZJ2b5jH6TLVN3d765vk4R9Hdx8a6SRc/FJwsLys/kF+5cjB/HneGBhrtXDvQ9HRd2uR3v726iFDalWrV5N4FbvJwuZK5N7FSf8w/GJaGJXt3z+ya+PTmPXt2rcn+dpt9bfY3nmfK+mpN2lfD861bFx+PltNlJc63r1aWK1m954Gdq3fve3DVtgc23zdz38wnNkyuW7vh5sn171ldb9Rk9rdDS1fOV3PS0rNHu2zWRWzp9f2lSi7FRkNCQmKxJQYH7jzVbvNTGf/vbD/+j1uduOHP52dodf5/PJ7mz16fO80/HQNHuj3/P97qbH5xYcCKJHAgBg44zQ8AAMAbQzwcGY9mxoPSB971wvvalauM/w909/v/izT/fzF1/YdaTfN/Yywx2Wr+/3Sa/2L+/wOt5v9Pp/kv5v8/chnm/99bBJIu+bX5/wEAgDeCSzf/f8fp/dMbBFQydJzeP71BQCVDx2n8u71BwDnP//83v1yzPrRRGf8f6m78b+J+AAAAuHJcc9sNP24Xr4z/j3Q3/r/08/+FVtf/r2gVmGo1MaD5/wAAAFikWs3/98xHdr6/XbnK+P94d+P/eNlFb1PuWOtro9mcdiGd0+7l0eInAwAAALA49IaJiYEu8zZNjHrr+S/zVJwKtE267NDnj53b7/9PdDf+b/pdxv2Hb3528GN3vPjaI68/vv907WvL587/AwAAAAun2+MSAAAAAAAAAAAAAADA5ffo1d+ad16AqPL7/7Cp8Xqr3//H+/413TTxTD4Z4IE4s/6XxkzzBwAAAAvroVtffTj+u+/Lf/Rf7fJWxv/j3Y3/4/0F8vvgZbfeOxHv//fZsRAat9YbzwKPxcV9fCyEtzZSU7FEdkO9D8USk1ngsThh4o2xxPRUc1VLYuB4EvjFaB44kQSeioH8KMWxeGPAPx4NYX0jtam5xM5YYjwJ3BkDK5LARAxMJoFlMbAxCfxyWR6YSgL/FAP5zQeLvvrWsryvAAAAzkU+zhpofhrScd7x/k4Zejpl6LiI4U4ZejtlqLXIEJ//dVyHgfJ8/HmG+NJAWutQUkslQ7wZ3vk3vZiu7+nmnGnByqL7YsHx5pwxw85/vukroY3K+H9Fd+P/y3j///Ru/htjYEUS2BkDG5PA9KY8cOSa5oD7/wMAAHBla3X//9G3/NWhduUq4//J7sb/8UDEm5tyx1o73/8/f37Xh7+5r7HKJ0dDeHs5sP3g9qvqiUdHQ3hXOfDE3Tc2Ru0H0xLff/G2n9cT96SBD65605l64r1JYDp20nVpIB5VObMsCcTu/UkaiP1xPA0M5oGHlmXt6En76j9Hsr7qSfvq1Eh2eUVP2lffHsmW0ZM28HASKBr4yTQQG3hHHuhN1+qbS7O1ioGRWPQvlhYXfQAAcGWKe4ED4d5tszOT6U94r+9vfoyabln+mWq1PV0u/vl4a/K7j411k+5L90VrRVUDoVZvwprK7mo5S0+jlRenlg5d9+YWTe50t/feFuVS59p1g61bNJS1aGLLjtmtAx0bvq5zlrX9HbOsqQx2yll6G13aRS1drEsXLeqyb7pY5fi8N0xM9CW5/n8MjocmnT4R3d6vr3yf/1afgnKeo5//91fb1VcZ/2/sbvwf27M0lD7On4u1/mxZCN/umTsaUQRWjWSB2NyRODxePhLCVaV+KErMDGclBpMFhyeHshHqYFrVd4eyYwzx+V3P/PCJL9YTh4dCeGfpvSqW8UItW8ZQGlg5mAWG08CO/iwQr/woAt/pzQJwwYqNQvxA5T91KYzPX67F5++Nck/QtHmVa6DmyTffNneh1NIX8muqCuf2tlWqY0FUvh4nfNsW47ct+LaVd6TyPZSzc6Fa6N06c+/mvbN74ivlPdmKBXqfy3up3aQvwufwwPmvbWe1dAUmk83H5Pzl5v8c9sTq7j9887ODH7vjxUdef3z/6drXlne9Gi3EgcKT//2mq8rdu9BqIf/MLbrtyZTtyWL8b2Dc2xZCOPTnQ59sF6+M/6e6G//3J48Nr8bO3D0WwrtLnXsydv/vjGXbwVIg20peXQ1kl9z/dLTllhMAAAAutuJwR3G8YFv+mP0gPB0nV/NPnWP+eLxi47z5u13v/U/+/mPt4pXx/3T78f+SZDWd/3f+nwXi/P+8rvRD0UvSFw5c0KHoSnUsCOf/53Wlf9uc/5+X8//O/8/H+f8OnP+f15X+tlX2knba6QohnL1+4OF28cr4f2d34//fsvn/09n8i/n/00n7i/n/p1vN/7+z1fz/B8z/DwAALKgWE82n47zK5PyVDOnk/JUMPUmGc7/FQMdp9M3/n87/f/DPbtkT2qiM/w90N/6PH4eR8tIXy/z/45talNi4qXl1i8ChGNjpjgEAAABcRvEAQbzovdsZJgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhYd7x6ZnO7+Dt+9PWv3tT7gRd+8JuD6790z+RLIWxrvN6ThXved+a5M9d96vYN37v9G4+cHr/zoVpebiB/XN6UO9b62mgIR0qvjMTEy6P1J3OBuz78zX399cTJ0RDeXg5sP7j9qnri0dEQ3lUOPHH3jdfUEwfTEt9/8baf1xP3pIEPrnrTmXrivXmgJ13dP12WrW5PurpfXBbCWClQrO79y5qrKpbxgTzQmy7jL0eyZcTASCz68Ei2jBiYjSW2LQlhdX8IfWlV/1jLqupLq/peLauqL63qD2oh3BJC6E+r+rfBrKr+tOVPD2ZVxcC1bzv2ysp64uhgCKvLgWc/enR9PbErCRQL/8hgCDfUPzLpwr81kC18IF34nwyE8JZSoKhqeiCE+sIG06pO9GdVDaZVfaM/hKtLgaKqm/pD2Be4XOKGZGv5xd37Hty+eXZ2ZtcCJgbzZQ2Fe7fNzkxs2TG7tZasUys9pfTZz5x/259/Zf+WRuLuY2PdpIv1miyvy9NTlRfLz/vzpwONdq4daHq6brE0ebhcydybWKk/5h8MS8OSvbtndk18evOePbvWZH+7zb42+9uXR7O+WrNY+mpluZLVex7YuXr3vgdXbXtg830z9818YsPkurUbbp5c/57V9UZNZn8vRkuPXvqWXt9fquRSbDQkJCQWW6K3aes2eaVvxys7+nMrOhBqjQ10ZVhRztLTaOXFaPSt59Ha3Lk2ujIkqbRoTWXgUMmytnOWdZUxw1yWoSxLY1+wMjgs19Tb6NL4vDdMTPS16ofx5qfl7v3VBXTvqdh1XaYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4P3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04FgAAAAAQ5m8dRs8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXAoAAP//Qczu7Q==")
removexattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)=@random={'btrfs.', ',\x00'})

1.930284876s ago: executing program 3 (id=2181):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SFACILITIES(r0, 0x89e3, &(0x7f0000000100)={0x2d, 0xffff, 0xc, 0x4, 0x1})

1.900511034s ago: executing program 4 (id=2182):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000100)=@assoc_value={0x0, 0x401}, 0x8)

1.775979973s ago: executing program 3 (id=2184):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x3c, 0x0, &(0x7f00000080c0))

1.758733639s ago: executing program 4 (id=2185):
r0 = socket$kcm(0xa, 0x1, 0x106)
setsockopt$sock_int(r0, 0x1, 0xe, 0x0, 0x0)

1.644873226s ago: executing program 2 (id=2186):
syz_mount_image$vfat(&(0x7f0000000580), &(0x7f0000000180)='./file0\x00', 0x1000802, &(0x7f00000001c0)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c6e6f6e756d7461696c003130dbbb3121258e322c262b537f5d0000006e695f7804590000000000003d312c696f63686172538c6c90392bc69373686f72746e616d65653ff959f53d6d697865642c636f6465706167653d3821332c696f6368617273650000000031323831e54f1bb0a3d72c007e3db5a829498e2a721ae5804ff8ccb41eff157cfdfcef90a6010100003ceeeac934b3165b4a0ea182cdd0666ab32f2d041a99ac9fc865ba946f1bb7759d02742dfcc68937ff86d7a54d6de8823119c767d45d6047209f4436383ee21373a9c3f450cb6d7c37b59a34407d4a0e6a382108ddd52580281f1d8ad71c4ceafb49960f1429b090d1429f519f9c2b0cb88ffa6fc04fa61c275bf560b9eeeb2d0c8b3ddeb56783f9908c21cf9b2ba0b76b9b60c991bb17c7d0accad1cdaf3259b7dc405d72e2bc3abe0cf37bda3dbfc05e2e55f8aa272b5ea736019c3c0a9b34115a445e0c5da1bd7352ec9529f5caa71f1ae71b36b500c79fffb487ed081232b5d93d3162c7f71f4d5756c9e5442fa3692127266a0c15dac9171edda86b148d17a48d4d90470e79620eeab5acf6f78f807298315e2b80fe1874098d75ab47837a96699e2a7db456f2a4368bece813135ed970951c7471ac16703820a799421cb24f32a5f49ab45bec637c38bcbdae4da3a05f96b2162c47d0b1277e1b1bcc981cce8f6f7f3dd8d06352eb387997b498a732d8442115755ff14d508891abd401b3cafcba75a6901fbe08002674d8663b8c40e9cf13fa4c4a092cb8004a1d2a6fe18cd5d702493d52a7110b17e64b9fa22fb3ace98b9ca35cb98c65f0902dd430373f6ae43c4a60c423b6f65b5ecc2093698072abc857ab2d36a261a7fc5776d39c3d5d5fad291c88ff9726d5ee32c6bcac1799ade9459eb39b56d985d29b988c72c9ad7e82b589f454a58d7cd5ace9436cf69acc217737c863d8938cc95767a0c9b14cb79f5b45ea2408d1da65a2ed8cf55a"], 0x4, 0x24e, &(0x7f0000000a00)="$eJzs3cFLk38YAPBnOtGf8GMeAkmC3ug+1OiuhII0KJId6pSkUjgTEoQ6qJ06d+pS/0Jdgq5Bh+jaPxBBWNBFO3kIFvqq07nlrLZFfj6XPez7PPt+33cv+26HPe/NM/Nz0wuLsxsba9HTk+nKjsTLgc1M9EVHdEZqNQCAf8lmuRzr5VS71wIAtIb9HwBOnsr+nzm0/2dW974TXG39ygCAZvH7HwBOnsnrNy6PFgpj19aTnoj5R0vFpWL6mI6PzsadKMVMDEYuvkeU96Txk4nC2GCy5XNfFOdXdupXloqdB+uHIhd9h+vHJwpjQ0nqYH1X9O7Uf+iNmRiOXJyqXT9cq74rIs7vmz8fuXh/KxaiFNOxVVupXx5KkktXClXzd2/nAQAAAAAAAAAAAAAAAAAAAABAM+Q7tlvnlLuTpGb/nnw+2VU1ntbv7w/0X43+QON7/YGq+/tkYyDb3mMHAAAAAAAAAAAAAAAAAACAv8Xi/QdzU6XSzL2fBXffPX9zVE6DQWZn3po53RHx+1M0GPx/7tPT+jkPj3N+/mzw+myLJ9067cetert2+/SFxf6L9XIi27Q1d/zKm/I117RL68VuMPLtyOTHk626wjurn+l/NjL1avnjl0Zfp40fSgAAAAAAAAAAAAAAAAAAcEJV/vTb7pUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQPtU7v9fJ8hE3aEGg9V2HyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwIAAD//8pHpIo=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)

1.641097058s ago: executing program 3 (id=2187):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x9)

1.582475929s ago: executing program 4 (id=2188):
syz_mount_image$jfs(&(0x7f0000000080), &(0x7f0000000440)='./file3\x00', 0x0, &(0x7f0000000480)=ANY=[], 0x2, 0x6276, &(0x7f0000003680)="$eJzs3c1vHGcdB/Df7JtfStOoh6pECLlteCmleS0hUKDtAQ5cOKBcUSLXrSJSQElAaRURV75w4I8AIXFBQogjJ/6AHrhy4w8gUoIE6qmD1n4eZzxde+2k3ln7+XwkZ+Y3z4z3mXx3vLueGT8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMQPf/Dj81VEXP1VWnAy4nPRj+hFLI3rlYhYWjmZ1x9ExPOx2RzPRcRwIaLKjc9EvBYRH52IePDw7up40YV99uP7f/nnH37y1I/+8efh2f/99Xb/9d3Wu3Pnt//9273H318AAAAoUV3XdZU+5p9Kn+97XXcKAJiJ/PpfJ3m5eu7q9Tnrj1qtVquPYN1UT3avWUTEenOb8XsGp+MB4IhZj4+77gIdkn/RBhHxVNedAOZa1XUHOBQPHt5drVK+VfP1YGWrPV8LsiP/9Wr7/o7dptO0rzGZ1fNrI/rx7C79WZpRH+ZJzr/Xzv/qVvsorXfY+c/KbvmPtm59Kk7Ov9/Ov+X45N+bmH+pcv6DA+Xflz8AAAAAAMyx/Pv/kx2f/1148l3Zl73O/67MqA8AAAAAAAAA8Fl70vH/tlXG/wMAAIB5Nf6sPva7E4+WNa/1H8XO5VeqiKdb6wOFSTfLLHfdDwAAAAAAAAAAAAAoyWDrGt4rVcQwIp5eXq7revzV1K4P6km3P+pK338oWdc/5AEAYMtHJ1r38lcRixFxJf2tv+Hy8nJdLy4t18v10kJ+PztaWKyXGp9r83S8bGG0jzfEg1E9/maLje2apn1entbe/n7jxxrV/X10bDY6DBwAImLr1eiBV6Rjpq6fia7f5XA0OP6PH8c/+9H18xQAAAA4fHVd11X6c96n0jn/XtedAgBmIr/+t88LqNVqtVqtPn51Uz3ZvWYREevNbcbvGQzHDwBHzHp83HUX6JD8izaIiOe77gQw16quO8ChePDw7mqV8q2arwdpfPd8LciO/Nerze3y9pOm07SvMZnV82sj+vHsLv15bkZ9mCc5/147/6tb7aO03mHnPyu75T/ez5Md9KdrOf9+O/+W45N/b2L+pcr5Dw6Uf1/+AAAAAAAwx/Lv/0/O1fnf0ePuzlR7nf9dObRHBQAAAAAAAIDD9eDh3dV832s+//+FCeu5//N4yvlX8i9Szr/Xyv+rrfX6jfn7bz3K/z8P767+8fa/P5+n+81/Ic9U6ZlVpWdElR6pGqTpk+zdp20M+6PxIw2rXn+Qrvmph+/E9bgRa3Fux7q99P/xqP38jvZxT4eb7XV/q/3CjvbBdnve/uKO9mG60qleyu1nYjV+Hjfi7c32cdvClP1fnNJeT2nP+fcd/0XK+Q8aX+P8l1N71ZqO3f+w96njvjmd9DhvXv/ib84d/u5MtRH97X1rGu/fix30Z/P/5KlR/PLW2s0zd67dvn3zfKTJjqUXIk0+Yzn/Yfra/vn/0lZ7/rnfPF7vfzg6cP7zYiMGu+b/UmN+vL8vz7hvXcj5j9JXzv/t1D75+D9A/r0/zWxf9mOv4/+VDvoDAAAAAAAAAAAAAAAAe6nrevMW0Tcj4lK6/6erezMBgNnKr/91kpfPqu7P+PHU6iNeV3PWn5nWn9Tz1R+1+ijWTfVkbzSLiPh7c5vxe4ZfT/pmAMA8+yQi/tV1J+iM/AuW/97feHq6684AM3Xr/Q9+eu3GjbWbt7ruCQAAAAAAAADwuPL4nyuN8Z9P13V9r7XejvFf34qVJx3/dZBntgcY3WWg6v7B92kvG71Rv9cYbvyF2G387+H23F7jfw+mPN5wSvtoSvvClPbFKe0Tb/RoyPm/0Bjv/HREnGoNv/7Y47/Omb3Gf22PeV+CnP+LjefzOP+vtNZr5l///ijn39uR/9nb7/3i7K33P3j1+nvX3l17d+1nF8+fP3fx0qXLly+ffef6jbVzW/922OPDlfPPY1+7DrQsOf+cufzLkvP/UqrlX5ac/5dTLf+y5Pzz+z35lyXnnz/7yL8sOf+XUy3/suT8v5Zq+Zcl5/9KquVflpz/11Mt/7Lk/F9NtfzLkvM/k2r5lyXnfzbV+8x/6bD7xWzk/PMZLsd/WXL++coG+Zcl538h1fIvS87/YqrlX5ac/2upln9Zcv7fSLX8y5Lzv5Rq+Zcl5//NVMu/LDn/y6mWf1ly/t9KtfzLkvP/dqrlX5ac/+upln9Zcv7fSbX8y5Lz/26q5V+WnP/3Ui3/suT830i1/Mvy6O//mzFjxkye6fonEwAAAAAAAAAAAADQNovLibveRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCnt3FyPXWd4B/Mx+eeNAYiCkTmrCxjHGOJvs+iP+oHUx4bPhqySEQj+wXe/aLPgLr10CjWpHgRIJo6KKtuGiLSDU5qbCqrigFaBcoFaVKkF7QW8QFSoXURVQQKrUVsBWM+d9352ZnZ3Z9Y7XZ875/ST78c6cmfedM++c2WfX/zkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANLv7DbOfqmVZVqvV8gs2ZdmL6vWmiU2NS157Y+cHAAAArN3PG3+/cGu64PAKbtS0zT/d9e2vLiwsLGTvG/7T0c8tLKQrJrJsdEOWNa6Lrv7g/bXmbYIns/HaUNPXQz2GH+5x/UiP60d7XD/W4/oNPa4f73H9kh2wxE1ZLd3ZtsY/N+W7NLstG21ct63DrZ6sbRiq77t026zWuM3C6IlsLjuVzWbTLdvn29Ya23/97vpYb83iWENNY22pr5CfPH48zqEW9vG2lrEW7zP60euziZ/+5PHjf33h+Ts61Z67oeX+8nnu2Fqf5yfCJflca9mGtE/iPIea5rmlw3My3DLPWuN29X+3z/OFFc5zeHGa66r9OR/Phhr//k5jP43Usg77aUu47H/uybLs8uK027dZMlY2lG1suWRo8fkZz1dk/T7qS+ml2Uj3dbpQa1mnd69gndbrzLbWddr+mojP/93hdiPLzKH5afrRE2NNz/vPFq5lnUb1R73ca6V9Dfb7tVKUNRjXxXcaD/qpjmtwW3j8j29ffg12XDsd1mB63E1rcGuvNTg0NtyYc3oSao3bLK7BXS3bDzdGqjXqc9u7r8GpC6fPTc1/7OP3zZ0+dnL25OyZPbt2Te/Zt+/AgQNTJ+ZOzU7nf1/j3i6+jdlQeg1sDfsuvgZe3bZt81Jd+OLYkuPvtb4Ox7u8Dje1bdvv1+FI+4Orrc8Lcumazl8b76nv9PErQ9kyr7HG87Nz7a/D9LibXocjTa/Dju8pHV6HIyt4Hda3ObdzZd+zjDT96TSH5d8L1rYGNzWtwfbvR9rXYL+/HynKGhwP6+J7O5d/L9gS5vvU5Gq/HxlesgbTww3Hnvol6fv98QON0mld3lm/4uax7OL87Pn7Hzt24cL5XVko6+JlTWulfb1ubHpM2ZL1OrTq9Xp47q6n7uxw+aawr8bvq/81vuxzVd9m7/3dn6vGu1vn/dly6e4slD4L+3Nhwzrtz07v5vX9OZZln//WEw9/4/HPv2HZ/VnvNz8xtfbvxVNf2nT8HV3m+Bv7/l/k46W7enJ4dCR//Q6nvTPacjxufapGGseuWmPsF6ZWdjweDX/W+3h8W5fj8ea2bft9PB5tf3DxeFzr9dOOtWl/PsfDOjk13f14XN9m8+7VrsmRrsfje0Kthf3/mtAppL6oae0st27TWCMjo+FxjcQRWtfpnpbtR0NvVh/rmd3Xtk533JPf13B6dIvWa51OtG3b73Wafva13Dqt9frp27Vpfz7Hw7q4bU/3dVrf5tm9az923hT/2XTsHOu1BkeHx+pzHk2LsHG8zxZuimvw/ux4djY7lc00rh1rrKdaY6zJB1a2BsfCn/U+Vm7usgZ3tG3b7zWY3seWW3u1kaUPvg/an8/xsC6efqD7Gqxv88b9/f3edUe4JG3T9L1r+8/XlvuZ151tu+l6rZWRMM9v7e/+s9n6NqcOrLbP7L6f7g2X3NxhP7W/fpd7Tc1k67OfNod5Pn9g+f1Un099m88dXOF6Opxl2aWPPNj4eW/4/crfXfzuV1t+79LpdzqXPvLgj1984h9XM38ABt8v8rIxf69r+s3USn7/DwAAAAyE2PcPhZro/wEAAKA0Yt8f/1d4ov8HAACA0oh9/0ioSUX6/81vfH7uF5eylMxfCOL1aTc8lG8XM67T4euJhUX1yx/88ux//8OllY09lGXZzx76g47bb34ozis3EeZ59U2tly/x1ftWNPbRRy+lcZvz618I9x8fz0qXQacI7nSWZV+/9TONcSbef6VRn33oaKM+fPmpJ+vbvHAw/zre/rmX5dv/RQj/Hj5xrOX2z4X98MNQp9/WeX/E233lymu27H/v4njxdrWttzQe9tMfyO83fk7OZ5/Mt4/7ebn5f+PTz3ylvv1jr+o8/0tDnef/TLjfL4f6v6/It29+Dupfx9t9Msw/jhdvd/+Xvtlx/lc/lW9/7s35dkdDjePvCF9ve/Pzc83767HasZbHlb0l3y6OP/3dP25cH+8v3n/7/MePXGnZH+3r49l/y+9nqm37eHkcJ/r7tvHr99O8PuP4z/zR0Zb93Gv8qw8/94r6/baPf2/bduc+srMx/uL9tX5i019+8jMdx4vzOfy351oez+F3h9dxGP/pD4T1GK7/v6v5/bV/usLRd7cef+L2X9h0qeXxRG/9aT7+1dedbNQN4zdtvPlFL77l8ivr+y7LvrMhv79e45/8q7Mt8//i7fn+iNfHjH77+MuJ45//6OSZs/MX52bSXn381sZn57w9n0+c763h2Nr+9ZGzFz44e35iemI6yybK+xF61+xLof44L5e7b72w5Ai689HwfN7551/fuP1fPx0v//f35JdfeVv+vvXqsN1nw+WbwvO3uvGXevru2xuv79qzYYYLSz8veC22bPuvAyvaMDz+9u8L4no/9/IPNvZD/brG+0Z8Xa9x/t+fye/na2G/LoRPZt56++J4zdvHz0a48kj+el/z/guHufi8/k14vt/xw/z+47zi4/1++D7mm5tbj3dxfXzt0lD7/Tc+xeNyOJ5kl/Pr41Zxf1954faO04ufQ5JdvqPx9Z+k+7ljVQ9zOfMfm586NXfm4mNTF2bnL0zNf+zjR06fvXjmwpHGZ3ke+VCv2y8enzY2jk8zs/v2Zo2j1dm8XGc3ev7nHj0+s396+8zsiWMXT1x49Nzs+ZPH5+ePz87Mbz924sTsR3vdfm7m0K7dB/fs3z15cm7m0IGDB/ccnJw7c7Y+jXxSPeyb/vDkmfNHGjeZP7T34K4HHtg7PXn67Mzsof3T05MXe92+8d40Wb/170+enz117MLc6dnJ+bmPzx7adXDfvt09Pw3w9LkT8xNT5y+embo4P3t+Kn8sExcaF9ff+3rdnnKa/4/8+9l2tfyD+LJ33bsvfT5r3ZefWPau8k3aPkD0+fBZNP/8knMHVvJ17PtHQ00q0v8DAABAFcS+fyzURP8PAAAApRH7/g2hJvp/AAAAKI3Y94+HmlSk/y9d/n/zpRWNL/8v/9+8v+T/K5b/f6Ro+f/8eCH/3x9rzd/L/wfy//L/8v8Dk/9fCG9I8v8UUdHy/7HvvynLKtn/AwAAQBXEvn9jqIn+HwAAAEoj9v03h5ro/wEAAKA0Yt//olCTivT/8v/y//L/8v/y/53Hl/8fTPL/3cn/9yD/P5VVK/9/uZ/zd/5/+X+WKlr+P/b9Lw41qUj/DwAAAFUQ+/5bQk30/wAAAFAase+/NdRE/w8AAAClEfv+TaEmFen/5f/l/+X/5f/l/zuPL/8/mOT/u5P/70H+3/n/5f/l/+mrouX/Y9//klCTivT/AAAAUAWx739pqIn+HwAAAIpn5NpuFvv+l4WaLOn/r3EAAAAA4IaLff9tWVsQvCK//5f/l/8vfv5/Q7pO/l/+Pytk/n84k/8vDvn/7uT/e5D/l/+X/5f/p6+Klv9v9P3ZePbyUJOK9P8AAABQBbHvvz3URP8PAAAApRH7/l8KNdH/AwAAQGnEvn9zqElF+n/5f/n/G53/H22bu/P/L95O/j9X/Py/8/8Xifx/d/L/Pcj/y//L/8v/01dFy//Hvv+OUJOK9P8AAABQBbHvvzPURP8PAAAApRH7/l8ONdH/AwAAQGnEvn9LqElF+n/5/4Ln/2NytMT5/97n/5f/l/+X/5f/Xzn5/+7k/3uQ/5f/l/+X/6evipb/j33/K0JNKtL/AwAAQBXEvv+uUBP9PwAAAJRG7PtfGWqi/wcAAIDSiH3/RKhJRfp/+f+C5//zHPxYmc//L/8v/y//L//fT/L/3cn/9xAOcz/Kskz+X/5f/l/+n7UrWv4/9v13h5pUpP8HAACAKoh9/9ZQE/0/AAAAlEbs++8JNdH/AwAAQGnEvn9bqElF+n/5/4HI/2fy//L/8v/y//L/KyP/3538fw/O/y//L/8v/09fFS3/H/v+V4WaVKT/BwAAgCqIff/2UBP9PwAAAJRG7PtfHWqi/wcAAIDSiH3/jlCTivT/8v/y//L/8v/y/53Hl/8fTPL/3cn/9yD/L/8v/y//T18VLf8f+/7XhJpUpP8HAACAKoh9/85QE/0/AAAAlEbs++8NNdH/AwAAQGnEvn8y1KQi/b/8v/y//L/8v/x/5/Hl/weT/H938v89yP/L/8v/y//TV0XL/8e+/75Qk4r0/wAAAFAFse+/P9RE/w8AAAClEfv+qVAT/T8AAACURuz7p0NNKtL/y//L/8v/y/+vKv//ysX7lf/Pyf8Xi/x/d/L/Pcj/y//f8Pz/qPw/pVK0/H/s+3eFmqTGb+waHiUAAABQJLHv3x1qUpHf/wMAAEAVxL5/T6iJ/h8AAABKI/b9e0NNKtL/y//L/8v/y/87/3/n8eX/B5P8f3f9z//Hhyj/L/8v/+/8//L/LFW0/H/s+x8INalI/w8AAABVEPv+faEm+n8AAAAojdj37w810f8DAABAacS+/0CoSUX6f/l/+X/5f/l/+f/O48v/Dyb5/+6c/7+H4uX/X9d88/XM/9fHkv+X/5f/Z/Ue+cPmr4qW/499/8FQk4r0/wAAAFAFse9/baiJ/h8AAABKI/b9vxJq0r3/33B9ZwUAAAD0U+z7fzXUpCK//5f/l/+X/5f/l//vPL78/2CS/+9O/r+H4uX/Wzj/f7HnL/8v/89SRcv/x77/UKhJRfp/AAAAqILY9/9aqIn+HwAAAEoj9v2vCzXR/wMAAEBpxL7/cKhBpzh3Kcn/y/8PZv5/XP5f/r90+f+xeL/y/2si/9+d/H8P8v/y//L/8v/0VdHy/7Hvf32oid//AwAAQGnEvv/BUBP9PwAAAJRG7PvfEGqi/wcAAIDSiH3/G0NNKtL/y//L/w9m/t/5/zP5/9Ll/53/vz/k/7uT/+9B/l/+X/5f/p++Klr+P/b9bwo1qUj/DwAAAFUQ+/43h5ro/wEAAKA0Yt//llAT/T8AAACURuz73xpqUpH+X/5f/v9G5v9zl+X/5f8b5P/l//tB/r87+f8e5P/l/+X/5f/pq6Ll/2Pf/+uhJhXp/wEAAKAKYt//UKiJ/h8AAABKI/b9bws10f8DAABAacS+/+2hJhXp/+X/5f+d/1/+X/6/8/jy/4NJ/r+7Acv///yWcLn8f07+v9jzX23+f6Tt6+uS///Bcvn/hQ3tt5f/53ooWv4/9v3vCDWpSP8PAAAAVRD7/neGmuj/AQAAoDRi3/+uUJOm/r+v//EOAAAAWHex7/+NUJOK/P5f/r8+j8X0svy//H/jAvl/+X/5/4El/9/dgOX/nf+/jfx/sefv/P/y/yxVtPx/7PvfHWpSkf4fAAAAqiD2/Q+Hmuj/AQAAoDRi3/9IqIn+HwAAAEoj9v3vCTWpSP8v/+/8//L/8v/y/53Hl/8fTPL/3cn/9yD/L/9ftPz/f8r/M9iKlv+Pff+joSYV6f8BAACgCmLf/95QE/0/AAAAlEbs+38z1ET/DwAAAKUR+/73hZpUpP+X/x+U/P/EgOb/n5D/v475/7tuybeT/5f/Z5H8f3fy/z3I/8v/Fy3/7/z/DLii5f9j3//+UJOV9//jK94SAAAAuI5Glr0m9v2/FWpSkd//AwAAQBXEvv+3Q030/wAAAFAase//nVCTivT/8v+Dkv93/v9M/t/5/9sej/y//H8n65f/j0ce+X/5/2Ll/zet6gG3utH5+bW60fOvbv4/f2eU/6eTouX/Y9//u6EmFen/AQAAoApi3/+BUBP9PwAAAAyETv8nu13s+4+Emuj/AQAAoDRi33801KQi/b/8v/y//H9B8/9/tvVfvvftdx7dJf8v/y//vyrrev7/+ovf+f/l/wuW/1+LG52fX6/515Y5NZj8v/P/039Fy//Hvv9YqElF+n8AAACogtj3/16oif4fAAAASiP2/cdDTfT/AAAAUBqx758JNalI/y//L/8v/1/Q/P8An/8/7g/5/1Z9y//Hg678f0frmv9/72JOXP5/tfn/sY6Xyv/L/w/y/OX/5f9Zqmj5/9j3z4aaVKT/BwAAgCoIff/QibwuXqH/BwAAgNKIff/JUBP9PwAAAJRG7Ps/GGpSkf5f/l/+X/5f/t/5/zuP3y3/Xxtx/v+ikv/vrjj5/87k/+X/B3n+8v/y/yxVtPx/7PvnQk0q0v8DAABAFcS+/0OhJvp/AAAAKI3Y93841ET/DwAAAKUR+/5ToSYV6f/l/+X/5f/l/+X/O49f2PP/y/93Jf/fnfx/D/L/8v/y//L//8/enXxZWtd3HL8FDV19yCK7LLLJOVnmT2AR1sk+WWSTRXJOTs4JRFFxpnEeUVScFcVZwQEEERXnCZxQnEFFxXnECVFPe6j6fr9dw1P3VlXf6vs8v9/rteCbrlB9r31a6E9Xv31YqrH1/7n7/y9u6WT/AwAAQA9y918ct9j/AAAA0Izc/ZfELfY/AAAANCN3///HLZ3sf/2//r/Z/v+f9f97vb7+X//fMv3/fPr/BfT/+n/9v/6fpRpb/5+7/2FxSyf7HwAAAHqQu//hcYv9DwAAAM3I3X9p3GL/AwAAQDNy9z8ibulk/+/o/9dmffb/mfHq/1vq/z3/f8/X1/+fQf9/rv5/7M5u/3/FQ//k0//r//X/Qf+/r/7/+F6fr/+nRWPr/3P3PzJu6WT/AwAAQA9y9z8qbrH/AQAAoBm5+y+LW+x/AAAAaEbu/kfHLZ3s/+U9///Exscn2v8X/b/+f+MD+n/9/179/7HT39b/j5Pn/8/XU/9/6V0XXHz/zX9/y0FeX/+v//f8f/0/yzW2/j93/2Pilk72PwAAAPQgd/9j4xb7HwAAAJqRu/9xcYv9DwAAAM3I3f/4uKWT/b+8/n/Sz/8v+n/9/8YH9P/6/736/3/z/P+x0//P11P/f5jX1//r//X/+n+Wa9X9f37H+e3c/U+IWzrZ/wAAANCD3P1PjFvsfwAAAGhG7v7L4xb7HwAAAJqRu/9k3NLJ/tf/H33//xf9v/4/rv5f/6//P3r6//n0/wvo//X/+n/9P0u16v5/57dz918Rt3Sy/wEAAKAHufufFLfY/wAAANCM3P1PjlvsfwAAAGhG7v6nxC2d7H/9v+f/6//1//r/4dfX/0+T/n8+/f8C+v8z7efP0/9PsP+PX0jp/zkKB+z/H5zzj+2l9P+5+58at3Sy/wEAAKAHufufFrfY/wAAANCM3P1Pj1vsfwAAAGhG7v5nxC2d7H/9v/5f/6//P3T/v/un3gb9/zD9/9mh/59vNP3/2rHBD+v/J9//e/7/FPv/oP/nKIzt+f+5+58Zt3Sy/wEAAKAHufufFbfM2f8H/s18AAAAYKVy9z87bvH1fwAAAJi8rM5y9z8nbulk/+v/9f/6f/2/5/8Pv/68/v+WLe9P/z8u+v/5RtP/70H/r/+f8vvX/+v/2W1s/X/u/ufGLZ3sfwAAAOhB7v4r4xb7HwAAAJqRu/95cYv9DwAAAM3I3f/8uKWT/T/c/5/+/+v/90f/v/396/+Hf34sq//P71H/P7f/v8jz//uk/5/v7Pf/x/X/279//f8RWvX7b7z/P7Ho8/X/DBlb/5+7/6q4pZP9DwAAAD3I3f+CuMX+BwAAgGbk7n9h3GL/AwAAQDNy978obulk/6/4+f9XnL/X+9L/b9D/6/89/3+cz/+fnfX+/5j+f5/0//N5/v8C+n/9v/7f8/9ZqrH1/7n7r45bOtn/AAAA0IOrH5ht7P4Xz2b2PwAAAEzR1j87sPMPlIbc/S+JW+x/AAAAaEbu/pfGLZ3s/xX3/0f1/P/zFr22/l//v/XHS/+v/x96/XH1/57/v1/6//n0/wvo/4+inz/WWP9/zV6fP4b+/3L9PyOzrf+/7fTHV9X/5+5/WdzSyf4HAACAHuTuf3ncYv8DAABAM3L3vyJusf8BAACgGbn7Xxm3dLL/j7z/P7H3ax9h/7+Q/l//v/XHS/+v/x96ff3/NOn/59P/L6D/9/x/z//X/7NU2/r/LVbV/+fuf1Xc0sn+BwAAgB7k7n913GL/AwAAQDNy918Tt9j/AAAA0Izc/a+JWzrZ/40+/38h/b/+f+uPl/5f/z/0+vr/adL/z6f/X0D/r//X/y/u/3f+izro/xkytv4/d/9r45ZO9j8AAAD0IHf/tXGL/Q8AAADNyN3/urjF/gcAAIBm5O5/fdzSyf7X/x9t/58f1//r/2cH6f/jE/T/m/T/+v+DmFr/v/O/P4fu19eG/k202x79/x3/c/Jft39E/6//1//r/z3/nyUYRf9/6vSvLnP3vyFu6WT/AwAAQA9y978xbrH/AQAAoBm5+98Ut9j/AAAA0Izc/W+OWw64//92qe/q7NH/e/6//n+E/X/Q/2/S/+v/D2Jq/f9Onv+v/9f/T/f96//1/+w2iv5/y7dz978lbvH1fwAAAGhG7v63xi32PwAAADQjd//b4hb7HwAAAJqRu/+6uKWT/a//1//r//X/+v/h1z9s/78+G6b/Pzv0//Pp/xfQ/+v/9f/6f5ZqbP1/7v7r45ZO9j8AAAD0IHf/2+MW+x8AAACakbv/HXGL/Q8AAABTkunYoNz974xbOtn/+n/9v/5f/6//H359z/+fpon2//WPwan2/+dOqf+/Yc4bGOr/Tx3X/+v/9f/6fw5pbP1/7v53xS2d7H8AAADoQe7+G+IW+x8AAACakbv/xrjF/gcAAIBm5O5/d9zSyf7X/+v/9f/6f/3/8Ovr/6dpov1/mWr/7/n/+v+Z/l//r/9nwNj6/9z9N8Utnex/AAAA6EHu/pvjFvsfAAAAmpG7/z1xi/0PAAAAzcjdf0vc0sn+1//r//X/+n/9//Dr6/+n6ej6/9nq+v/7zjnod7Mn/f8C+n/9v/5f/89Sja3/z93/3rilk/0PAAAAPcjdf2vcYv8DAABAM3L3vy9usf8BAACgGbn73x+3dLL/9f/6/2n2/1etD71//b/+f6b/757n/8+n/19A/6//1//r/1mqsfX/ufs/ELd0sv8BAACgB7n7b4tb7H8AAABoRu7+D8Yt9j8AAAA0I3f/h+KWTva//l//v73/n82m0f97/v9M/99C/78+0/8vnf5/vv31/xfp//X/bfX/58wa6v9P7Pn5+n/GaGz9f+7+D8ctnex/AAAA6EHu/o/ELfY/AAAANGDzz87k7v9o3GL/AwAAwJgdO8jfnLv/Y3FLJ/t/+v3/8R2fqP+fzWZ3X9b88//1/zP9fwv9f/2o6v+XR/8/n+f/L6D/b7P/9/x//T8rM7b+P3f/x+OWTvY/AAAA9CB3/yfiFvsfAAAAmpG7/5Nxi/0PAAAAzcjd/6m4pZP9P/3+f+cn6v9nZ/T8f/3/xgf0//p//f9k6f/n0/8voP9f2M+v7fHrnpn+X/+v/2fA2Pr/3P2fjls62f8AAADQg9z9t8ct9j8AAAA0I3f/HXGL/Q8AAADNyN3/mbilk/2v/9f/6/+n2f+v6//1//r/QWPp/y+88F/u1P/r/1vs/+fR/+v/9f/sNLb+P3f/Z+OWTvY/AAAA9CB3/+fiFvsfAAAAmpG7//Nxi/0PAAAAzcjd/4W4pZP9v7v/P2+2WahuGur/o1HT/2+h/9/+/vX/wz8/PP9f/6//P3pj6f89//9w71//r/+f8vs/UP//D7s/X/9Pi8bW/+fuvzNu6WT/AwAAQA9y938xbrH/AQAAoBm5+78Ut9j/AAAA0Izc/XfFLZ3sf8//1//r//X/+v/h19f/T5P+fz79/wL6f/2/5/9f8l/n6v9ZnrH1/7n7vxy3bAy/f/ybQ/7HBAAAAEYkd/9X4pZOvv4PAAAAPcjd/9W4xf4HAACAZuTu/1rc0sn+1//r//X/+n/9//Dr6/+nSf8/n/5/gX76//WhD666nz9Tq37/zfT/nv/PEo2t/8/d//W4pZP9DwAAAD3I3f+NuMX+BwAAgGbk7v9m3GL/AwAAQDNy998dt3Sy//X/+v/2+///1P/veH39v/6/Zfr//Df6MP3/Av30/4NW3c9P/f3r//X/7Da2/j93/z1xSyf7HwAAAHqQu/9bcYv9DwAAAM3I3f/tuMX+BwAAgGbk7v9O3NLJ/tf/99X/r8167P89/1//r//vyXT6/2uPDX3U8//1//r/6b5//b/+n93G1v/n7r937ViX+x8AAACm6t//6X/v2e/fe+/GX9dn341b7H8AAABoRu7+78Ut9j8AAAA0I3f/9+OWTva//r+v/r/P5//r//X/+v+eTKf/H6b/1//r/6f7/vX/+n92G1v/n7v/vrhly/Ab/B/oAQAAACYjd/8P4pZOvv4PAAAAPcjd/8O4Zdf+P7XPP9UOAAAAjE3u/h/FLZ18/V//P/L+f3ZE/X/8ffr/Tfp//f/Q6+v/p6m1/v/4bFT9/6k1/b/+fw79v/5f/89OY+v/c/ffetOsy/0PAAAAjdr2Owo/3vjr+uwncYv9DwAAAM3I3f/TuMX+BwAAgGbk7v9Z3NLJ/tf/j7z/P9Tz/0/U/+X5/533/1euD76+/l//37LW+n/P/9/8uP5/k/5/3O9f/6//Z7cD9P8bg/So+//c/T+PWzrZ/wAAANCD3P2/iFvsfwAAAGhG7v5fxi32PwAAADQjd/+v4pZO9r/+fwX9/1XHZ7Mj7f/38fx//X8f/f8er99O//93F5y8/T/++8br9f+cdjb7//y5oP/X/6+g/78ufv7p/0f0/vX/+n92G9vz/3P3/zpu6WT/AwAAQA9y998ft9j/AAAA0Izc/b+JW+x/AAAAaEbu/t/GLZ3sf/1/i8//n2b/nz/WK+j/T06v/8+muPf+3/P/9f+7ef7/fPr/BabT/2982/P/x/X+9f/6f3YbW/+fu/93cUsn+x8AAAB6kLv/93FL7v+1A//WPQAAADAyufv/ELf4+j8AAAA0I3f/A3FLJ/tf/6//H0v/nzz///Tnef7/Jv2//v8g9P/z6f8X0P/r//X/+n+Wamz9f+7+P8Ytnex/AAAA6EHu/gfjFvsfAAAAmpG7/09xi/0PAAAAzcjd/+e4pZP9r//X/+v/9f/6/+HX1/9Pk/5/Pv3/Q87f+w3o//X/+n/9P0s1tv4/d/9fAwAA//+9M2Fu")
truncate(&(0x7f0000000040)='./file3\x00', 0xc)

1.44181138s ago: executing program 3 (id=2189):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xf0f071, 0x1})

1.397485249s ago: executing program 3 (id=2190):
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000001540)='./bus\x00', 0x8000, &(0x7f0000000400)=ANY=[], 0x1, 0x1502, &(0x7f0000003fc0)="$eJzs3Qu0jtX2MPA511oPm6Q3yX3NNR/e5LJIklyS5JIkSZLklpAkSRKSW25JSELuSe4hucVO7vdb7klyJEkSkluyvqFOxzn/zn90znfO//P/zp6/MdZ41xzrmetZ65177/d5njH23t+2H1S5bpUKtZkZ/iX460s3AEgBgL4AcA0ARABQIkuJLJfGM2js9q+dRPx7PTT1Sq9AXElS/7RN6p+2Sf3TNql/2ib1T9uk/mmb1D9tk/oLkZZtmZbzWmlpt/3rz/9Tfn2R5///H5LP/7RN6v+f5lSGf+Zoqf9/koshhH8uQ+qftkn90zapf9om9U/bpP5pm9RfiLTsSj9/lnZl25X++hNCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIkTacDZcZAPitf6XXJYQQQgghhBBCiH+fkP5Kr0AIIYQQQgghhBD/8xAUaDAQQTpIDymQATLCVZAJrobMcA0k4FrIAtdBVrgeskF2yAE5IRfkhjxggcABQwx5IR8k4QbIDzdCASgIhaAweCgCReEmKAY3Q3G4BUrArVASboNSUBrKQFm4HcrBHVAe7oQKcBdUhEpQGarA3VAV7oFqcC9Uh/ugBtwPNeEBqAUPQm14COrAw1AXHoF68CjUhwbQEBpB4/+r/BehM7wEXaArdIPu0ANehp7QC3pDH+gLr0A/eBX6w2swAAbCIHgdBsMbMATehKEwDIbDWzACRsIoGA1jYCyMg7dhPLwDE+BdmAiTYDJMgakwDabDezADZsIseB9mwwcwB+bCPJgPC+BDWAiLIBU+gsXwMSyBpbAMlsMKWAmrYDWsgbWwDtbDBtgIm2AzbIFPYCtsg+2wA3bCLtgNn8Ie+Az2wuewD774J/PP/Jf8DggIqFChQYPpMB2mYApmxIyYCTNhZsyMCUxgFsyCWTErZsNsmANzYC7MhXkwDxISMjLmxbyYxCTmx/xYAAtgISyEHj0WxaJYDG/G4lgcS2AJLIklsRSWxtJYFstiOSyH5bE8VsAKWBErYmWsjHfj3XgPVsNqWB2rYw2sgTWxJtbCWlgba2MdrIN1sS7Ww3pYH+tjQ2yIjbExNsEm2BSbYnNsji2wBbbEltgKW2FrbI1tsA22xbbYDtthe2yPHbAjdsQX8UV8CV/CrlhRdcce2AN7Yk/sjX2wD76C/fBVfBVfwwE4EAfh6/g6voFD8DQOxWE4HIdjOTUSR+FoZDUWx+E4HI/jcQJOwIk4CSfhFJyK03A6TscZOBNn4vs4Gz/AD3AuzsX5uAAX4EJchKmYiovxDC7BpbgMl+MKXIkrcDWuwdW4DtfjOtyIG3EzbsZP8BPchttwB+7AXbgLP8VP8TP8DAfgPtyH+3E/HsADeBAP4iE8hIfxMB7BI3gUj+IxPIbH8QSexBN4Ck/haTyDZ/EsnsfzeAEv4EW8eOmbX11ilFHpVDqVolJURpVRZVKZVGaVWSVUQmVRWVRWlVVlU9lUDpVD5VK5VB6VR5EixSpWeVVelVRJlV/lVwVUAVVIFVJeeVVUFVXFVDFVXBVXJdStqqS6TZVSpVUzX1aVVeVUc19e3akqqAqqoqqkKqsqqoqqqqqqaqqaqq6qqxqqhqqpHlC1VHfsjQ+pS5WpqwZiPTUI66sGkKIaqTfwMdVEDcGmqplqrp5Qw3AotlRNfCv1tGqtRmEb9awajc+pdmostlcvqA6qo+qkXlSdVVPfRXVVE7G76qGmYE/VS/VWfdQMrKQuVayyek0NUAPVIPW6mo9vqCHqTTVUDVPD1VtqhBqpRqnRaowaq8apt9V49Y6aoN5VE9UkNVlNUVPVNDVdvadmqJlqlnpfzVYfqDlqrpqn5qsF6kO1UC1SqeojtVh9rJaopWqZWq5WqJVqlVqt1qi1ap1arzaojWqT2qy2qE/UVrVNbVc71E61S+1Wn6o96jO1V32u9qkv1H71J3VAfakOqq/UIfW1Oqy+UUfUt+qo+k4dU9+r4+qEOql+UKfUj+q0OqPOqnPqvPpJXVA/q4sqKNColdba6Ein0+l1is6gM+qrdCZ9tc6sr9EJfa3Ooq/TWfX1OpvOrnPonDqXzq3zaKtJO8061nl1Pp3UN+j8+kZdQBfUhXRh7XURXVTfpIvpm3VxfYsuoW/VJfVtupQurcvosvp2XU7focvrO3UFfZeuqCvpyrqKvltX1ffoavpeXV3fp2vo+3VN/YCupR/UtfVDuo5+WNfVj+h6+lFdXzfQDXUj3Vg/ppvox3VT3Uw310/oFvpJ3VI/pVvpp3Vr/Yxuo5/VbfVzup1+XrfXL+gOuqPupH/WF3XQXXRX3U131z30y7qn7qV76z66r35F99Ov6v76NT1AD9SD9Ot6sH5DD9Fv6qF6mB6u39Ij9Eg9So/WY/RYPU6/rcfrd/QE/a6eqCfpyXqKnqqn6d5/nmnWP5D/zt/J7//L2TfrLfoTvVVv09v1Dr1T79K79W69R+/Re/VevU/v0/v1fn1AH9AH9UF9SB/Sh/VhfUQf0Uf1UX1MH9PH9Ql9Tv+gT+kf9Wl9Rp/R5/R5fV5f+PN7AAaNMtoYE5l0Jr1JMRnMuRBCJnO1yWyuMQlzrclirjNZzfUmm8lucpicJpfJbfIYa8g4wyY2eU0+kzQ3mPzmRlPAFDSFTGHjTRFT1Nz0L+f/vfVlNFeZ39bX2DQ2TUwT09Q0Nc1Nc9PCtDAtTUvTyrQyrU1r08a0MW1NW9POtDPtTXvTwXQwnUwn09l0NgEAuplupod52fQ0vUxv08f0Na+Yfqaf6W/6mwFmgBlkBpnBZrAZYoaYoWaoGW6GmxFmhBllRpkxZowZZ8aZ8Wa8mWAmmIlmoplsJpupZqqZbqabGWaGmWVmmdlmtplj5ph5Zp5ZYBaYhWahSTWpZrFZbJaYpWapWW6Wm5VmpVltVpu1Zq1Zb9abjWajWWLgbEgHAGG72W52mp1mt9lt9pg9Zq/Za/aZfWa/2W8OmAPmoDloDplD5rA5bI6YI+aoOWqOmWPmuDluTpqT5pQ5ZU6b0+asOWvOm/PmgrlgLpqLly77IhWpyEQmSheli1KilChjlDHKFGWKMkeZo0SUiLJEWaKs0fVRtih7lCPKGeWKckd5IhtR5CKO4ihvlC9KRjdE+aMbowJRwahQVDjyUZGoaHRTVCy6OSoe3RKViG6NSka3RaWi0lGZqGx0e1QuuiMqH90ZVYjuiipGlaLKUZXo7qhqdE9ULbo3qh7dF9WI7o9qRg9EtaIHo9rRQ1Gd6OGobvRIVC96NKofNYgaRo2ixv/W+UM4nf1x38V2td1sd9vDvmx72l62t+1j+9pXbD/7qu1vX7MD7EA7yL5uB9s37BD7ph1qh9nh9i07wo60o+xoO8aOtePs23a8fcdOsO/aiXaSnWyn2Kl2mp1u37Mz7Ew7y75vZ9sP7Bw7186z8+0C+6FdaBfZVPuRXWw/tkvsUrvMLrcr7Eq7yq62a+xau86utxvsRrvJbrZb7Cd2q91mt9sddqfdZXfbT+0e+5ndaz+3++wXdr/9kz1gv7QH7Vf2kP3aHrbf2CP2W3vUfmeP2e/tcXvCnrQ/2FP2R3vanrFn7Tl73v5kL9if7UUbLl3cX/p4J0OG0lE6SqEUykgZKRNlosyUmRKUoCyUhbJSVspG2SgH5aBclIvyUB66hIkpL+WlJCUpP+WnAlSAClEh8uSpKBWlYlSMilNxKkElqCSVpFJUisrQpfuR2+kOuoPupDvpLrqLKlElqkJVqCpVpWpUjapTdapBNagm1aRaVItqU22qQ3WoLtWlelSP6lN9akgNqTE1pibUhJpSU2pOzakFtaCW1JJaUStqTa2pDbWhttSW2lE7ak/tqQN1oE7UiTpTZ+pCXagbdaMe1IN6Uk/qTb2pL/WlftSP+lN/GkADaBANosE0mIbQEBpKw2g4vUUjaCSNotE0hsbSOBpH42k8TaAJNJEm0mSaTFNpKk2n6TSDZtAsmkWzaTbNoTk0j+bRAlpAC2khpVIqLabFtISW0DJaRitoBa2iVbSG1tA6WkcbaANtok20hbbQVtpK22k77aSdtJt20x7aQ3tpL+2jfbSf9tMBOkAH6SAdokN0mA7TETpCR+koHaNjdJyO40k6SafoFJ2m03SWztJ5+oku0M90kQKluAwuo7vKZXJXu8zuGpfiMnQFgL/EOVxOl8vldnmcddlc9r+JyTlXwBV0hVxh510RV9Td9Lu4lCvtyriy7nZXzt3hyv8ururucdXcva66u89VcXf/TVzD3e9qukdcLfeoq+0auDqukavrHnH13KOuvmvgGrpGroV70rV0T7lW7mnX2j3zu3ihW+TWuLVunVvv9rjP3Fl3zh1x37rz7ifXxXV1fd0rrp971fV3r7kBbuDv4uHuLTfCjXSj3Gg3xo39XTzZTXFT3TQ33b3nZriZv4sXuA/dbJfq5ri5bp6b/0t8aU2p7iO32H3slrilbplb7la4lW6VW/2XtS53G90mt9ntdp+6rW6b2+52uJ1u1y/xpX3sdZ+7fe4Ld9h94w64L91Bd9Qdcl//El/a31H3nTvmvnfH3Ql30v3gTrkf3Wl35pf9X9r7D+5nd9EFB4ysWLPhiNNxek7hDJyRr+JMfDVn5ms4wddyFr6Os/L1nI2zcw7Oybk4N+dhy8SOmWPOy/k4yTdwfr6RC3BBLsSF2XMRLso3cTG+mYvzLVyCb+WSfBuX4tJchsvy7VyO7+DyfCdX4Lu4IlfiylyF7+aqfA9X43u5Ot/HNfh+rskPcC1+kGvzQ1yHH+a6/AjX40e5PjfghtyIG/Nj3IQf56bcjJvzE9yCn+SW/BS34qe5NT/DbfhZbsvPcTt+ntvzC9yBO3InfpE780vchbtyN+7OPfhl7sm9uDf34b78CvfjV7k/v8YDeCAP4td5ML/BQ/hNHsrDeDi/xSN4JI/i0TyGx/I4fpvH8zs8gd/liTyJJ/MUnsrTeDq/xzN4Js/i93k2f8BzeC7P4/m8gD/khbyIU/kjXswf8xJeyst4Oa/glbyKV/MaXsvreD1v4I28iTfzFv6Et/I23s47eCfv4t38Ke/hz3gvf877+Avez3/iA/wlH+Sv+BB/zYf5Gz7C3/JR/o6P8fd8nE/wSf6BT/GPfJrP8Fk+x+f5J77AP/NFDgwxxirWsYmjOF2cPk6JM8QZ46viTPHVceb4mjgRXxtnia+Ls8bXx9ni7HGOOGecK84d54ltTLGLOY7jvHG+OBnfEOePb4wLxAXjQnHh2MdF4qLxTXGx+Oa4eHxLXCK+NS4Z3xaXikvHZeKy8e1xufiOuHx8Z1whviuuGFeKK8dV4rvjqvE9cbX43rh6fF9cPL4/rhk/ENeKH4xrxw/FdeKH47rxI3G9+NG4ftwgbhg3ihvHj8VN4sfjpnGzuHn8RNwifjJuGT8Vt4qfjlvHz/zheLe4e9wjfjl+OQ7hXj0vOT+5IPlhcmFyUTI1+VFycfLj5JLk0uSy5PLkiuTK5Krk6uSa5NrkuuT65IbkxuSm5OZkCFXSg0evvPbGRz6dT+9TfAaf0V/lM/mrfWZ/jU/4a30Wf53P6q/32Xx2n8Pn9Ll8bp/HW0/e+QwQ+7w+n0/6G3x+f6Mv4Av6Qr6w976IL+ob+ca+sW/iH/dNfTPf3D/hn/BP+if9U/4p/7Rv7Z/xbfyzvq1/zrfzz/vn/Qu+g+/oO/kXfWf/ku/iu/puvpvv4Xv4nr6n7+17+76+r+/n+/n+vr8f4Af4QX6QH+wH+yF+iB/qh/rhfrgf4Uf4UX6UH+PH+HF+nB/vx/sJfoKf6Cf6yX6yn+qn+ul+up/hZ/hZfpaf7Wf7OX6On+fn+QV+gV/oF/pUn+oX+8V+iV/il/llfoVf4Vf5VX6NX+PX+XV+g9/gN/lNfovf4rf6rX673+53+p1+t9/t9/g9fq/f6/f5fX6/3+8P+AP+oP/KH/Jf+8P+G3/Ef+uP+u/8Mf+9P+5P+JP+B3/K/+hP+zP+rD/nz/uf/AX/s7/ogx+XeDsxPvFOYkLi3cTExKTE5MSUxNTEtMT0xHuJGYmZiVmJ9xOzEx8k5iTmJuYl5icWJD5MLEwsSqQmPkosTnycWJJYmliWWJ5YkViZCCH31jjkDflCMtwQ8ocbQ4FQMBQKhYMPRULRcFMoFm4OxcMtoUS4NZQMt4VSoXQoEx4N9UOD0DA0Co3DY6FJeDw0Dc1C8/BEaBGeDC3DU6FVeDq0Ds+ENuHZ0DY8F9qF50P78ELoEDqGTuHF0Dm8FLqErqFb6B56hJdDz9Ar9A59Qt/wSugXXg39w2thQBgYBoXXw+DwRhgS3gxDw7AwPLwVRoSRYVQYHcaEsWFceDuMD++ECeHdMDFMCpPDlDA1TAvTw3thRpgZZoX3w+zwQZgT5oZ5YX5YED4MC8OikBo+CovDx2FJWBqWheVhRVgZVoXVYU1YG9aF9WFD2Bg2hc1hS/gkbA3bwvawI+wMu8Lu8GnYEz4Le8PnYV/4IuwPfwoHwpfhYPgqHApfh8Phm3AkfBuOhu/CsfB9OB5OhJPhh3Aq/BhOhzPhbDgXzoefwoXwc7gov7MmhBBCCPEP0X8w3v2/yVF/7vcAgKu35Tz0X8c3ZPu13yt9rhYJAHi6a/uHfmsVK3br1u3Pxy7REOWbCwCJy/np4HK8FJrDk9AKmkGxv4yn/NW51uXteJ7/YP7krQAZ/yrnUv5v8eX5b/67+++lRs7+w/nnAhTIdzknA1yOL89f/L+ZP3uTP5g/w5fjAJr+VU4muBxfnr8oPA7PQKu/OVIIIYQQQgghhPhVL1Wm7R/d3166P89lLuekh8vx37s/F0IIIYQQQgghxP8uz3Xs9NRjrVo1ayud/6lOuObXt/p/y3qkI51/oHOlfzIJIYQQQggh/t0uX/Rf6ZUIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBp1/+LPyf227n+6H8NCiGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEP+p/k8AAAD///wROr8=")
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x103)

1.379361818s ago: executing program 2 (id=2191):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000a40), 0x80000, 0x0)
ioctl$IOMMU_IOAS_COPY(r0, 0x3b83, &(0x7f0000000ac0)={0x28, 0x2, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x7})

1.248766202s ago: executing program 2 (id=2192):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
ioctl$UI_END_FF_UPLOAD(r0, 0x406855c9, &(0x7f0000000100)={0xe, 0x1, {0x55, 0x81, 0x8a07, {0x800, 0x8}, {0x5, 0x5d}, @ramp={0x4, 0xc86, {0xfff9, 0x8, 0x9, 0x5}}}, {0x51, 0x5, 0x1, {0x6, 0x49}, {0x3, 0x1}, @ramp={0x6, 0x8000, {0x7fff, 0x8e4, 0x9, 0x400}}}})

1.140767121s ago: executing program 2 (id=2193):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)={0x1c, 0x3, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

1.097941292s ago: executing program 3 (id=2195):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000340)={[{@coherency_buffered}, {@heartbeat_none}, {@intr}, {@err_cont}, {@journal_async_commit}, {@localflocks}, {@intr}, {@journal_async_commit}]}, 0x9, 0x444b, &(0x7f00000088c0)="$eJzs3c9vE9kdAPA3kwAJBZpQDlSqVEtFatVWUcKJNkgkIRASSKloQVUvxkkMpHVilDhVDxzSG1VPlXqoekBdaW85rFAOe2X/hL3skT0jLYe9rLQS2qxsjxPPOFa8bJxs2M/nkPG83/Z35vnNwXlxovJocTW3uJorLOfK8w9WL+b+Vi6tLRVDfEB27f/YwfXPjkvHQ9vPvRvXyWFfe99nt69e/8O9iyF8tPDJq62tra1Q1RsSUWg20vT6i8+fzDcfG+KQVm03dNWfQwjnWsZV1RNC+NOH9XcxnqRNJMf+EMLp5B3ee/Kv+7l9Gs3zl8XL+TezTzdHL8xsPNts/96jEP5X+vGvHy599rOe0U9/uU/dAwAAAAAAAAAAAAAAAABwxE3duX3398Mj4UUUejei1t/rTiXHdr+P3do3P+3+mwUAAAAAAAAAAAAAAAAAAIDvqJ3f/+eis7v8/n8yOY61qb91pftjpHumf3d78trwSLL/e5TNPtufvHg93hMGd9n3Pbv/+3imgd33f2/p561ditL9DoQoHkqdx/HQUAjvJRu/n49OxqXyauVXD8prywv7NowjKx3/+u79qegkG/p3Gv+JTPvd3///Ry1XU/X8fssldry7wziituN/pRr/nrbl3v9H1FH8r2bqHUT8eXvp+7+3ltbfXGCsPgFU4//v3r3jP5lpf1/i/8E/W5LOhBByUXWsudQMUF3DVNPbrVdIS8f/WC0tNXUmH2S7+//LTPyvZdo/rPl/PftFxK7S8a9/R/alSuzc/4Px3vf/9Uz7hxH/6vjX92+J+U5Lx/9EPbE3VaT2SXY6/09l2u9W/O/GyTjPRKkrYCOqp7f7f3WkpePf15LfeL56PR53tP67kal/UM9/jX4bz3+N6f8XUf35j92l49/ftlyn9/90pt5O/Le6MPrq8iTnCeBbSMf/ZC0tvXYeqP3tNP4zmfa7Nf/XViV9jfjvzCdfnain/9/6ryPp+P+gnhg3l1iv/a2t/6K91/83M+0fxvqvOv71uLu9viua498TTrUtV43/xx18/9/K1Ot+/EMYttZ/a+n7/3TbcrX7v2/v+M9m6nU7/j/vZuMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAR8BEchwIUTyUOo/joaEQribn58PJaK6wkJ8rlef/uhrCZJKeC2ejh6XyXKGUX1wuLxTzhVKpPB/CtST/XOiLVkvlSn6p8Pj6dlv90aNiYaUyVyxUQghTSfpPwulGW3OLlaXC4xDCje28H8bllcePCsv5hcWV3w4PDw+H6e0xDEbFv1eKy5V67/XcEGa26w5ETYOrZd/cHsup6C/ltZXlQqmWfqupTqk8Xyg11ZlN8v4TBqPKytryfKFSzJfKDxv9Haax5Dg5feePd26NtOTfj+rHiYMdFgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADf0IvR3/w3hNBbP4tDCGONF9Fu5Z+/LF7Ov5l9ujl6YWbj2earduUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC+ZgcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgq7dIzSQBCFAfjNWKidx7BadjvbFUW0cEXwBHoMD6NH8RLeIUWKtClCIJmFsNmFbZLq+5oH8zPzHswDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYJ6n9+7jrW4iUlxtLiP+vv4Xh/lLqT/34/cvzjAjp/P82j081k3593SU35WjZZt36Xr1/Rkjtfc72JPhPu31fa4n55rat6n5+r43kXIVEW3Jb1POVTXvLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANiyAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04FgAAAAAQ5m8dRd8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwKAAD///Y7H0Y=")
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)

988.685237ms ago: executing program 0 (id=2196):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000005c0)={0x2, 0x400000000000003, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x6c, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x40, 0x3, 0x40000000}, @sadb_address={0x5, 0x5, 0x0, 0x80, 0x0, @in6={0xa, 0x0, 0x0, @mcast1}}]}, 0x70}}, 0x0)

988.195436ms ago: executing program 2 (id=2197):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000004040)={0x28, 0x3e, 0x107, 0xfffffffe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x16, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x4, 0x2}]}, 0x28}, 0x1, 0x0, 0x0, 0x404c0c0}, 0xc000)

826.484617ms ago: executing program 0 (id=2198):
r0 = fanotify_init(0x2, 0x800)
ppoll(&(0x7f00000003c0)=[{r0, 0x200}], 0x1, &(0x7f0000000400)={0x0, 0x3938700}, 0x0, 0x0)

751.604868ms ago: executing program 2 (id=2199):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./bus\x00', 0x20008c0, &(0x7f00000002c0)={[{@fat=@allow_utime={'allow_utime', 0x3d, 0xff}}, {@shortname_mixed}, {@iocharset={'iocharset', 0x3d, 'koi8-u'}}, {@shortname_lower}, {@fat=@check_strict}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp950'}}, {@iocharset={'iocharset', 0x3d, 'cp1251'}}, {@utf8no}, {@shortname_winnt}, {@uni_xlateno}, {@shortname_lower}, {@utf8}, {@uni_xlate}]}, 0x80, 0x350, &(0x7f0000000580)="$eJzs3U9oW3UcAPBv9tKkHcz2IAwF4elN0LJWPOipZXQwzEUl+OcgBtepNHXQYLA7NKsX8Sh41JM3D3rwsLMIinjz4NUJMhUPutvA4ZMkL81Lk3adkM3i53MI331/329+v7c8mtfX5tdXV2LjwkxcvHHjeszOlqK8cnYlbpZiIZIYuBLjKhNyAMDxcDPL4s+s74gtpSkvCQCYst77/+unCpl3vz6sPvPuDwDHXv79/9xhNbMHDVyaypIAgCkbu///yMhwZfRH/eXCbwUAAMfV8y+9/MxqLeK5NJ2N2HyvXW/X4+nh+OrFeDOasR5nYj5uRfQvFLoPpd7jufO1tTNpmnbil4Wodzva9YjNTrvev1JYTXr91ViK+VjI+/OrjSzLknNf1NaW0p6IuNLpzR+bpXZ9Jk7m8/94MtZjOdK4f6w/4nxtbTnNn6C+OejvROwO71t0178Y8/H9a3EpmnEhur2Dy5ra2s5Smp7NaiP97Xq1V9d34B0QAAAAAAAAAAAAAAAAAAAAAAD4VxbTPQt7+99kw/17FhcnjPf2x+n35/sD7fb3B8qqWWTZH+88Xn8/iZH9gfbvz9Oul+PEvT10AAAAAAAAAAAAAAAAAAAA+M9obVei0Wyub7W2L28Ug85Wa/tERHQzb3372VdzMV5zm6Ccz1EYSvPU5Y1GlgyKs2SkJg+S7uSDzKdX91ZcrKnuHcXEZVQPHmo2Tz3880fDzEPJ4Jn/HtYkMfkAk33LKAab9/WXdCf/UXvB8m1qrmVZdlD7zivjXVGKKN/5C3d4kHWDb66/8cATrdNP9jJfZn2PPjb/wrUPP/lto9Hszhy9V7Cy1bqVbTTyf08+2Q4OksL5U4p+UCqeCeXD2ndHM43kh99ffPCD7442e1bMvD2hJukfzuf7hyr9oLvMfUNzk+aamXDyTyE4/fFK4+rOT78etavwRcJGHQAAAAAAAAAAAAAAAAAAcFcUPiueyz/sO3NY11PPTn9lAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHD3DP/+fyHYHcscJfirE+ND1fWtVkTlXh8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/c/8EAAD//9HQbnk=")
open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)

582.786547ms ago: executing program 0 (id=2200):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001640)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x98, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x70, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x2d}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x38, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_OP={0x8, 0x6, 0x1, 0x0, 0x3}, @NFTA_BITWISE_XOR={0x4}, @NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x10c}}, 0x0)

320.12917ms ago: executing program 0 (id=2201):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x34, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x4}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xa8}, 0x1, 0x0, 0x0, 0x8040}, 0x0)

181.251208ms ago: executing program 1 (id=2202):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWSET={0x50, 0x9, 0xa, 0x401, 0x0, 0x0, {}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xf}, @NFTA_SET_DESC={0x14, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_CONCAT={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}]}]}]}]}], {0x14, 0x10}}, 0x78}, 0x1, 0x0, 0x0, 0x5044}, 0x0)

147.9794ms ago: executing program 4 (id=2203):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1ae8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d000000850000002300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r0}, 0xc)

132.520102ms ago: executing program 0 (id=2204):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r0, 0x400452c8, 0x0)

0s ago: executing program 0 (id=2205):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, 0x0)

kernel console output (not intermixed with test programs):

da-4727-8c75-0525a5b65a09.
[  109.972869][ T7682] loop0: detected capacity change from 0 to 4096
[  109.987306][ T7686] loop3: detected capacity change from 0 to 4096
[  110.002527][ T7682] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512).
[  110.027630][ T7682] ntfs3(loop0): ino=3, mi_enum_attr
[  110.122118][ T7694] loop1: detected capacity change from 0 to 64
[  110.167320][ T7696] netlink: 8 bytes leftover after parsing attributes in process `syz.4.742'.
[  110.198519][   T44] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  110.380078][   T44] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  110.412629][   T44] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.449311][   T44] usb 3-1: config 0 descriptor??
[  110.697778][   T44] udl 3-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  110.716223][   T44] [drm:udl_init] *ERROR* Selecting channel failed
[  110.756513][   T44] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2
[  110.771085][ T7730] loop0: detected capacity change from 0 to 256
[  110.790234][   T44] [drm] Initialized udl on minor 2
[  110.804282][   T44] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  110.844625][   T44] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  110.852320][ T5922] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  110.889289][   T44] usb 3-1: USB disconnect, device number 2
[  110.897753][ T5922] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  110.906035][ T5922] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  110.924401][ T7730] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  110.993969][ T7736] loop1: detected capacity change from 0 to 1024
[  111.037312][ T7738] sock: sock_timestamping_bind_phc: sock not bind to device
[  111.092198][ T2975] hfsplus: b-tree write err: -5, ino 4
[  111.453205][ T7727] loop4: detected capacity change from 0 to 40427
[  111.492406][ T7727] F2FS-fs: heap/no_heap options were deprecated
[  111.531211][ T7727] F2FS-fs (loop4): build fault injection rate: 19
[  111.538183][ T7727] F2FS-fs (loop4): build fault injection type: 0x3bfe8c
[  111.552624][ T7727] F2FS-fs (loop4): invalid crc value
[  111.575690][ T7727] F2FS-fs (loop4): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[  111.695934][ T7727] F2FS-fs (loop4): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x20a/0x3f0
[  111.720049][ T7769] loop2: detected capacity change from 0 to 128
[  111.743132][ T7769] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  111.763057][ T7727] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  111.778567][ T7773] netlink: 8 bytes leftover after parsing attributes in process `syz.1.778'.
[  111.787591][ T7773] netlink: 8 bytes leftover after parsing attributes in process `syz.1.778'.
[  111.795283][ T7769] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  111.808580][ T7727] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  111.850327][ T7727] F2FS-fs (loop4): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  111.909464][ T7775] loop0: detected capacity change from 0 to 8
[  111.916962][ T7775] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  111.938698][ T5871] syz-executor: attempt to access beyond end of device
[  111.938698][ T5871] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  111.945733][ T6055] udevd[6055]: incorrect cramfs checksum on /dev/loop0
[  111.976266][ T5871] CPU: 1 UID: 0 PID: 5871 Comm: syz-executor Not tainted 6.17.0-rc2-next-20250818-syzkaller #0 PREEMPT(full) 
[  111.976296][ T5871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  111.976309][ T5871] Call Trace:
[  111.976316][ T5871]  <TASK>
[  111.976325][ T5871]  dump_stack_lvl+0x189/0x250
[  111.976355][ T5871]  ? __pfx_dump_stack_lvl+0x10/0x10
[  111.976378][ T5871]  ? __pfx_queue_work_on+0x10/0x10
[  111.976397][ T5871]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  111.976428][ T5871]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  111.976464][ T5871]  f2fs_handle_critical_error+0x37c/0x540
[  111.976495][ T5871]  f2fs_write_end_io+0x886/0xb60
[  111.976523][ T5871]  __submit_merged_bio+0x27a/0x6a0
[  111.976552][ T5871]  __submit_merged_write_cond+0x255/0x530
[  111.976583][ T5871]  f2fs_write_data_pages+0x261d/0x3000
[  111.976631][ T5871]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  111.976687][ T5871]  ? __mod_zone_page_state+0xd7/0x140
[  111.976720][ T5871]  ? folios_put_refs+0x560/0x640
[  111.976798][ T5871]  ? __pfx_folios_put_refs+0x10/0x10
[  111.976820][ T5871]  ? rcu_is_watching+0x15/0xb0
[  111.976840][ T5871]  ? lru_add+0xa2f/0xd80
[  111.976860][ T5871]  ? lru_add+0x198/0xd80
[  111.976880][ T5871]  ? do_raw_spin_lock+0x121/0x290
[  111.976911][ T5871]  ? do_raw_spin_unlock+0x122/0x240
[  111.976936][ T5871]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  111.976965][ T5871]  do_writepages+0x32e/0x550
[  111.976993][ T5871]  ? rcu_is_watching+0x15/0xb0
[  111.977025][ T5871]  ? do_raw_spin_unlock+0x122/0x240
[  111.977052][ T5871]  filemap_fdatawrite+0x199/0x240
[  111.977081][ T5871]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  111.977131][ T5871]  ? rcu_is_watching+0x15/0xb0
[  111.977154][ T5871]  ? do_raw_spin_unlock+0x122/0x240
[  111.977181][ T5871]  f2fs_sync_dirty_inodes+0x31f/0x830
[  111.977208][ T5871]  f2fs_write_checkpoint+0x93e/0x2440
[  111.977245][ T5871]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  111.977295][ T5871]  kill_f2fs_super+0x2cc/0x6d0
[  111.977318][ T5871]  ? __pfx_kill_f2fs_super+0x10/0x10
[  111.977346][ T5871]  ? shrinker_free+0x2ce/0x3e0
[  111.977369][ T5871]  deactivate_locked_super+0xb9/0x130
[  111.977392][ T5871]  cleanup_mnt+0x425/0x4c0
[  111.977416][ T5871]  task_work_run+0x1d4/0x260
[  111.977444][ T5871]  ? __pfx_task_work_run+0x10/0x10
[  111.977468][ T5871]  ? __x64_sys_umount+0x122/0x160
[  111.977491][ T5871]  ? __pfx___x64_sys_umount+0x10/0x10
[  111.977518][ T5871]  ? rcu_is_watching+0x15/0xb0
[  111.977538][ T5871]  exit_to_user_mode_loop+0xec/0x130
[  111.977567][ T5871]  do_syscall_64+0x2bd/0x3b0
[  111.977589][ T5871]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.977607][ T5871]  ? clear_bhb_loop+0x60/0xb0
[  111.977629][ T5871]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.977648][ T5871] RIP: 0033:0x7f0c2718ff17
[  111.977678][ T5871] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  111.977694][ T5871] RSP: 002b:00007ffd24ac9bd8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  111.977715][ T5871] RAX: 0000000000000000 RBX: 00007f0c27211c05 RCX: 00007f0c2718ff17
[  111.977728][ T5871] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd24ac9c90
[  111.977740][ T5871] RBP: 00007ffd24ac9c90 R08: 0000000000000000 R09: 0000000000000000
[  111.977752][ T5871] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd24acad20
[  111.977764][ T5871] R13: 00007f0c27211c05 R14: 000000000001b4de R15: 00007ffd24acad60
[  111.977787][ T5871]  </TASK>
[  112.313758][    C1] vkms_vblank_simulate: vblank timer overrun
[  112.362826][ T7754] loop3: detected capacity change from 0 to 32768
[  112.368414][ T5871] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  112.497968][ T7754] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  112.614344][ T7800] loop0: detected capacity change from 0 to 64
[  112.627913][ T7754] XFS (loop3): Ending clean mount
[  112.644988][ T7802] bridge_slave_1: left allmulticast mode
[  112.684820][ T7754] XFS (loop3): Quotacheck needed: Please wait.
[  112.704640][ T7802] bridge_slave_1: left promiscuous mode
[  112.735797][ T7792] loop2: detected capacity change from 0 to 32768
[  112.741641][ T7802] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.750387][ T7792] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.782 (7792)
[  112.774210][ T7754] XFS (loop3): Quotacheck: Done.
[  112.794912][ T7802] net_ratelimit: 164 callbacks suppressed
[  112.794933][ T7802] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  112.875647][ T7792] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  112.898210][ T7792] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  112.971023][ T5866] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  112.993834][ T7792] BTRFS info (device loop2): turning off barriers
[  113.026721][ T7792] BTRFS info (device loop2): enabling free space tree
[  113.049889][ T7792] BTRFS info (device loop2): use zstd compression, level 3
[  113.151740][ T7824] overlay: Unknown parameter '\'
[  113.165017][ T5858] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  113.199450][ T7822] loop1: detected capacity change from 0 to 4096
[  113.228263][ T7822] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  113.347397][ T7822] ntfs3(loop1): Failed to initialize $Extend/$Reparse.
[  113.361585][ T7831] netlink: 8 bytes leftover after parsing attributes in process `syz.0.795'.
[  113.723402][ T7849] loop4: detected capacity change from 0 to 764
[  113.758665][ T7856] netlink: 36 bytes leftover after parsing attributes in process `syz.2.807'.
[  113.780254][ T7849] rock: directory entry would overflow storage
[  113.807585][ T7849] rock: sig=0x4654, size=5, remaining=4
[  114.077783][ T5914] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  114.247795][ T5914] usb 1-1: Using ep0 maxpacket: 32
[  114.265839][ T5914] usb 1-1: config 0 has an invalid interface number: 35 but max is 0
[  114.296383][ T5914] usb 1-1: config 0 has no interface number 0
[  114.323348][ T5914] usb 1-1: config 0 interface 35 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  114.366975][ T5914] usb 1-1: config 0 interface 35 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  114.406776][ T5914] usb 1-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  114.416197][ T5914] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  114.424670][ T5914] usb 1-1: Product: syz
[  114.429243][ T5914] usb 1-1: Manufacturer: syz
[  114.434561][ T5914] usb 1-1: SerialNumber: syz
[  114.457584][ T5914] usb 1-1: config 0 descriptor??
[  114.467017][ T7895] netlink: 'syz.1.825': attribute type 11 has an invalid length.
[  114.484732][ T7895] netlink: 'syz.1.825': attribute type 11 has an invalid length.
[  114.494671][ T7895] netlink: 224 bytes leftover after parsing attributes in process `syz.1.825'.
[  114.604536][ T7903] netlink: 'syz.3.829': attribute type 10 has an invalid length.
[  114.626116][ T7903] 8021q: adding VLAN 0 to HW filter on device team0
[  114.637781][ T5963] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  114.661189][ T7903] bond0: (slave team0): Enslaving as an active interface with an up link
[  114.687807][ T5914] radio-si470x 1-1:0.35: this is not a si470x device.
[  114.797496][ T7909] loop1: detected capacity change from 0 to 8192
[  114.799984][ T5963] usb 3-1: Using ep0 maxpacket: 16
[  114.831110][ T7913] netlink: 56 bytes leftover after parsing attributes in process `syz.4.834'.
[  114.842770][ T7909]  loop1: p4
[  114.844485][ T5963] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  114.846947][ T7909] loop1: p4 size 16776960 extends beyond EOD, truncated
[  114.872357][ T5963] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFC, changing to 0x8C
[  114.886352][ T5914] radio-raremono 1-1:0.35: this is not Thanko's Raremono.
[  114.910466][ T5963] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8C has an invalid bInterval 0, changing to 7
[  114.922676][ T5963] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  114.938121][ T5963] usb 3-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=a4.8f
[  114.947617][ T5963] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.014799][ T5963] usb 3-1: Product: syz
[  115.021381][ T5963] usb 3-1: Manufacturer: syz
[  115.026042][ T5963] usb 3-1: SerialNumber: syz
[  115.053303][ T5914] usb 1-1: USB disconnect, device number 7
[  115.143804][ T5963] usb 3-1: config 0 descriptor??
[  115.250441][ T5963] rc_core: IR keymap rc-xbox-dvd not found
[  115.278117][ T5963] Registered IR keymap rc-empty
[  115.283713][ T5963] rc rc0: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  115.320432][ T5963] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input7
[  115.342909][ T6055] udevd[6055]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  115.401149][ T7935] netlink: 20 bytes leftover after parsing attributes in process `syz.3.844'.
[  115.407244][ T6055] udevd[6055]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  115.433709][    C0] xbox_remote 3-1:0.0: xbox_remote_irq_in: usb_submit_urb()=-19
[  115.447297][ T5963] usb 3-1: USB disconnect, device number 3
[  115.461789][ T7935] netlink: 20 bytes leftover after parsing attributes in process `syz.3.844'.
[  115.702497][ T7952] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  115.972292][ T7971] loop1: detected capacity change from 0 to 2048
[  115.995181][ T7971] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  116.034485][ T7971] UDF-fs: incorrect filename length (10)
[  116.067080][   T30] audit: type=1326 audit(1755562262.758:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7974 comm="syz.3.864" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f389518ebe9 code=0x0
[  116.568370][ T5922] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[  116.697800][ T5921] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  116.720561][ T8025] netlink: 40 bytes leftover after parsing attributes in process `syz.1.888'.
[  116.736340][ T5922] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  116.757632][ T5922] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  116.767511][ T5922] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  116.796853][ T5922] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.806865][ T5922] usb 4-1: config 0 descriptor??
[  116.814509][ T5922] hub 4-1:0.0: USB hub found
[  116.867735][ T5921] usb 3-1: Using ep0 maxpacket: 16
[  116.890276][ T5921] usb 3-1: config 0 has an invalid interface number: 105 but max is 0
[  116.903295][ T5921] usb 3-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  116.948216][ T5921] usb 3-1: config 0 has no interface number 0
[  116.958950][ T5921] usb 3-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  116.968691][ T5921] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  116.976765][ T5921] usb 3-1: Product: syz
[  116.991274][ T5921] usb 3-1: Manufacturer: syz
[  116.995972][ T5921] usb 3-1: SerialNumber: syz
[  117.020559][ T5921] usb 3-1: config 0 descriptor??
[  117.025697][ T5922] hub 4-1:0.0: 2 ports detected
[  117.118991][ T8045] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  117.130545][ T8048] loop4: detected capacity change from 0 to 512
[  117.147253][ T8048] EXT4-fs: Ignoring removed nomblk_io_submit option
[  117.187227][ T8048] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.200563][ T8048] ext4 filesystem being mounted at /200/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  117.219983][ T8048] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #15: comm syz.4.900: corrupted xattr block 19: overlapping e_value 
[  117.221609][ T5922] hub 4-1:0.0: hub_hub_status failed (err = -71)
[  117.251704][ T5921] usb 3-1: Found UVC 0.00 device syz (046d:08f3)
[  117.282987][ T5871] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.288531][ T5921] usb 3-1: No valid video chain found.
[  117.309743][ T5922] hub 4-1:0.0: config failed, can't get hub status (err -71)
[  117.319921][ T5921] usb 3-1: USB disconnect, device number 4
[  117.338419][ T5922] usbhid 4-1:0.0: can't add hid device: -71
[  117.351806][ T5922] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  117.378679][ T5922] usb 4-1: USB disconnect, device number 3
[  117.379788][ T5963] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  117.413511][ T8060] netlink: 'syz.1.904': attribute type 1 has an invalid length.
[  117.588095][ T5963] usb 1-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  117.607712][ T5963] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.615849][ T5963] usb 1-1: Product: syz
[  117.627708][ T5963] usb 1-1: Manufacturer: syz
[  117.632390][ T5963] usb 1-1: SerialNumber: syz
[  117.649244][ T5963] usb 1-1: config 0 descriptor??
[  117.869890][ T5963] usb-storage 1-1:0.0: USB Mass Storage device detected
[  117.985029][ T8070] loop4: detected capacity change from 0 to 32768
[  118.042383][ T8090] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  118.099101][ T5922] usb 1-1: USB disconnect, device number 8
[  118.535155][   T30] audit: type=1326 audit(1755562265.228:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8118 comm="syz.4.921" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0c2718ebe9 code=0x0
[  118.604437][ T8125] loop4: detected capacity change from 0 to 256
[  118.646917][ T8125] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  118.663411][ T8125] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  118.672931][ T8125] FAT-fs (loop4): Filesystem has been set read-only
[  118.696237][   T30] audit: type=1326 audit(1755562265.388:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8126 comm="syz.0.936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9bd98ebe9 code=0x7ffc0000
[  118.718388][    C0] vkms_vblank_simulate: vblank timer overrun
[  118.735807][ T8129] (unnamed net_device) (uninitialized): Unable to set peer notification delay as MII monitoring is disabled
[  118.798470][   T30] audit: type=1326 audit(1755562265.388:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8126 comm="syz.0.936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9bd98ebe9 code=0x7ffc0000
[  118.820590][    C0] vkms_vblank_simulate: vblank timer overrun
[  118.853452][ T8133] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  118.887751][   T30] audit: type=1326 audit(1755562265.388:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8126 comm="syz.0.936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7fb9bd98ebe9 code=0x7ffc0000
[  118.889963][ T8133] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  118.936218][ T8131] loop0: detected capacity change from 0 to 2048
[  118.943447][   T30] audit: type=1326 audit(1755562265.388:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8126 comm="syz.0.936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9bd98ebe9 code=0x7ffc0000
[  119.014526][   T30] audit: type=1326 audit(1755562265.388:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8126 comm="syz.0.936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9bd98ebe9 code=0x7ffc0000
[  119.036644][    C0] vkms_vblank_simulate: vblank timer overrun
[  119.043520][ T8131] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  119.055464][ T8113] loop2: detected capacity change from 0 to 32768
[  119.115516][ T8113] JBD2: Ignoring recovery information on journal
[  119.211953][ T8146] tmpfs: User quota inode hardlimit too large.
[  119.273671][ T8113] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  119.385009][ T8113] (syz.2.930,8113,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry too close to end - offset=32, inode=17057, rec_len=280, name_len=10
[  119.451385][ T8113] (syz.2.930,8113,1):ocfs2_prepare_dir_for_insert:4302 ERROR: status = -2
[  119.499566][ T8113] (syz.2.930,8113,1):ocfs2_mknod:301 ERROR: status = -2
[  119.516816][ T8113] (syz.2.930,8113,1):ocfs2_mknod:505 ERROR: status = -2
[  119.524710][ T8168] netlink: 212408 bytes leftover after parsing attributes in process `syz.4.955'.
[  119.548186][ T8113] (syz.2.930,8113,0):ocfs2_mkdir:661 ERROR: status = -2
[  119.574174][ T8170] loop3: detected capacity change from 0 to 512
[  119.690982][ T5858] ocfs2: Unmounting device (7,2) on (node local)
[  119.766008][ T8170] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  119.770535][   T24] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  119.812587][ T8170] EXT4-fs warning (device loop3): dx_probe:837: inode #2: comm syz.3.956: Unimplemented hash flags: 0x0001
[  119.878209][ T8170] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.956: Corrupt directory, running e2fsck is recommended
[  119.986685][ T8177] warning: `syz.2.957' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  120.019511][ T5866] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.289961][   T30] audit: type=1326 audit(1755562266.988:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8184 comm="syz.2.964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51b538ebe9 code=0x7ffc0000
[  120.343137][   T30] audit: type=1326 audit(1755562266.988:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8184 comm="syz.2.964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51b538ebe9 code=0x7ffc0000
[  120.374539][   T24] usb 1-1: Using ep0 maxpacket: 32
[  120.404197][   T24] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  120.449853][   T24] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  120.488794][   T24] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  120.493306][ T8195] loop3: detected capacity change from 0 to 512
[  120.506115][   T24] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  120.516528][ T8198] bond0: (slave bond0): Error: Device is in use and cannot be enslaved
[  120.520588][   T24] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  120.544660][ T8200] loop2: detected capacity change from 0 to 164
[  120.553454][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  120.597511][   T24] usb 1-1: SerialNumber: syz
[  120.602563][ T8195] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  120.609065][   T24] cdc_acm 1-1:1.0: Control and data interfaces are not separated!
[  120.648218][   T24] cdc_acm 1-1:1.0: probe with driver cdc_acm failed with error -12
[  120.678009][ T8195] ext4 filesystem being mounted at /181/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  120.684085][ T8207] openvswitch: netlink: Message has 4 unknown bytes.
[  120.817267][ T5866] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.871524][ T5914] usb 1-1: USB disconnect, device number 9
[  120.917836][ T8217] netlink: 'syz.2.978': attribute type 6 has an invalid length.
[  121.022600][ T8223] ieee802154 phy0 wpan0: encryption failed: -22
[  121.177807][ T8233] netlink: 8 bytes leftover after parsing attributes in process `syz.4.985'.
[  121.333170][ T8239] netlink: 'syz.4.988': attribute type 1 has an invalid length.
[  121.352857][ T8213] loop1: detected capacity change from 0 to 40427
[  121.356682][ T8239] netlink: 244 bytes leftover after parsing attributes in process `syz.4.988'.
[  121.373624][ T8213] F2FS-fs (loop1): Image doesn't support compression
[  121.408478][ T8213] F2FS-fs (loop1): invalid crc value
[  121.575016][ T8255] netlink: 12 bytes leftover after parsing attributes in process `syz.3.995'.
[  121.590937][ T8213] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  121.638445][ T8213] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  121.646419][ T8257] loop0: detected capacity change from 0 to 8
[  121.662066][ T8257] SQUASHFS error: Unable to read inode 0xe3
[  122.249508][ T8286] loop2: detected capacity change from 0 to 512
[  122.336980][ T8286] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  122.359082][ T8271] loop3: detected capacity change from 0 to 32768
[  122.386585][ T8286] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  122.409001][ T8271] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1004 (8271)
[  122.420533][ T8286] ext4 filesystem being mounted at /194/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  122.460444][ T8271] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  122.487764][ T8271] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  122.509151][ T8275] loop4: detected capacity change from 0 to 32768
[  122.525188][ T8286] Quota error (device loop2): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  122.551826][ T8275] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[  122.580832][ T8286] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  122.616069][ T8275] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  122.657158][ T8271] BTRFS info (device loop3): enabling ssd optimizations
[  122.661972][ T8286] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.1011: Failed to acquire dquot type 0
[  122.691497][ T8275] (syz.4.1005,8275,1):ocfs2_read_blocks:239 ERROR: status = -12
[  122.734528][ T8271] BTRFS info (device loop3): enabling free space tree
[  122.747943][ T8275] (syz.4.1005,8275,0):ocfs2_xattr_block_find:2831 ERROR: status = -12
[  122.782749][ T5858] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  122.844570][ T5871] ocfs2: Unmounting device (7,4) on (node local)
[  122.917369][ T5866] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  123.033332][   T30] audit: type=1326 audit(1755562269.728:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8336 comm="syz.4.1026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c2718ebe9 code=0x7ffc0000
[  123.161431][   T30] audit: type=1326 audit(1755562269.768:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8336 comm="syz.4.1026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=122 compat=0 ip=0x7f0c2718ebe9 code=0x7ffc0000
[  123.233307][   T30] audit: type=1326 audit(1755562269.768:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8336 comm="syz.4.1026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c2718ebe9 code=0x7ffc0000
[  123.291093][   T30] audit: type=1326 audit(1755562269.768:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8336 comm="syz.4.1026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c2718ebe9 code=0x7ffc0000
[  123.447734][ T5921] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  123.489358][ T8360] netlink: 'syz.4.1036': attribute type 21 has an invalid length.
[  123.518759][ T8360] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1036'.
[  123.610598][ T5921] usb 2-1: config 0 has an invalid interface number: 50 but max is 0
[  123.622295][ T5921] usb 2-1: config 0 has no interface number 0
[  123.629798][ T5921] usb 2-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  123.643580][ T5921] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[  123.663291][ T5921] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.675068][ T5921] usb 2-1: Product: syz
[  123.680167][ T5921] usb 2-1: Manufacturer: syz
[  123.685109][ T8370] loop3: detected capacity change from 0 to 256
[  123.685483][ T5921] usb 2-1: SerialNumber: syz
[  123.698725][ T5921] usb 2-1: config 0 descriptor??
[  123.717919][ T5921] yurex 2-1:0.50: USB YUREX device now attached to Yurex #0
[  123.760921][ T8370] FAT-fs (loop3): Directory bread(block 64) failed
[  123.768428][   T24] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  123.773987][ T8370] FAT-fs (loop3): Directory bread(block 65) failed
[  123.784833][ T8370] FAT-fs (loop3): Directory bread(block 66) failed
[  123.793085][ T8370] FAT-fs (loop3): Directory bread(block 67) failed
[  123.807244][ T8370] FAT-fs (loop3): Directory bread(block 68) failed
[  123.823623][ T8370] FAT-fs (loop3): Directory bread(block 69) failed
[  123.830623][ T8370] FAT-fs (loop3): Directory bread(block 70) failed
[  123.837319][ T8370] FAT-fs (loop3): Directory bread(block 71) failed
[  123.844178][ T5914] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  123.855378][ T8370] FAT-fs (loop3): Directory bread(block 72) failed
[  123.862290][ T8370] FAT-fs (loop3): Directory bread(block 73) failed
[  123.920566][   T24] usb 3-1: config 0 has an invalid interface number: 108 but max is 0
[  123.929298][   T24] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  123.940220][    C1] yurex 2-1:0.50: yurex_interrupt - overflow with length 8, actual length is 8
[  123.959926][   T24] usb 3-1: config 0 has no interface number 0
[  123.966094][   T24] usb 3-1: too many endpoints for config 0 interface 108 altsetting 111: 119, using maximum allowed: 30
[  123.986684][   T24] usb 3-1: config 0 interface 108 altsetting 111 has 0 endpoint descriptors, different from the interface descriptor's value: 119
[  124.000494][   T24] usb 3-1: config 0 interface 108 has no altsetting 0
[  124.001620][ T5914] usb 5-1: config 0 has an invalid interface number: 156 but max is 1
[  124.007336][   T24] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  124.032319][ T5914] usb 5-1: config 0 has no interface number 1
[  124.059048][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.067444][ T5914] usb 5-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  124.089283][ T8380] comedi: No check for data length of config insn id 70541 is implemented
[  124.089727][   T24] usb 3-1: config 0 descriptor??
[  124.100262][ T5914] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.111912][ T8380] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  124.125109][ T8380] comedi: Assuming n=15 is correct
[  124.131844][ T5914] usb 5-1: config 0 descriptor??
[  124.141915][ T5963] usb 2-1: USB disconnect, device number 3
[  124.150973][ T5914] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  124.162365][ T5963] yurex 2-1:0.50: USB YUREX #0 now disconnected
[  124.172766][ T5914] usb 5-1: MIDIStreaming interface descriptor not found
[  124.246056][ T5914] gspca_main: spca561-2.14.0 probing abcd:cdee
[  124.324268][   T24] usb 3-1: string descriptor 0 read error: -71
[  124.345605][ T5914] spca561 5-1:0.0: probe with driver spca561 failed with error -22
[  124.358350][   T24] usb 3-1: USB disconnect, device number 5
[  124.377516][ T5914] usb 5-1: USB disconnect, device number 3
[  125.006502][ T8424] loop3: detected capacity change from 0 to 64
[  125.065561][ T8424] Trying to free block not in datazone
[  125.251425][ T8436] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1073'.
[  125.362570][ T8444] loop4: detected capacity change from 0 to 8
[  125.389476][ T8444] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  125.401004][ T8446] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1077'.
[  125.413006][ T6055] udevd[6055]: incorrect cramfs checksum on /dev/loop4
[  125.423376][ T8444] cramfs: Error -3 while decompressing!
[  125.431470][ T8412] loop0: detected capacity change from 0 to 32768
[  125.447919][ T8444] cramfs: ffffffff99e00648(26)->ffff888052689000(4096)
[  125.456874][ T8412] btrfs: Deprecated parameter 'usebackuproot'
[  125.463748][ T8444] cramfs: Error -3 while decompressing!
[  125.470335][ T8412] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  125.488380][ T8444] cramfs: ffffffff99e00662(26)->ffff88805268a000(4096)
[  125.500327][ T8412] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1061 (8412)
[  125.501118][ T6055] udevd[6055]: incorrect cramfs checksum on /dev/loop4
[  125.514673][ T8444] cramfs: Error -3 while decompressing!
[  125.534501][ T8444] cramfs: ffffffff99e0067c(16)->ffff88805268b000(4096)
[  125.549614][ T8412] BTRFS info (device loop0 state S): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  125.564018][ T8444] cramfs: Error -3 while decompressing!
[  125.571096][ T8412] BTRFS info (device loop0 state S): using blake2b (blake2b-256-generic) checksum algorithm
[  125.584503][ T6055] udevd[6055]: incorrect cramfs checksum on /dev/loop4
[  125.586357][ T8444] cramfs: ffffffff99e00648(26)->ffff888052689000(4096)
[  125.657729][ T5921] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  125.690720][ T8465] loop4: detected capacity change from 0 to 256
[  125.788685][ T8412] BTRFS info (device loop0 state CS): enabling ssd optimizations
[  125.811507][ T8412] BTRFS info (device loop0 state CS): turning off barriers
[  125.811688][ T5921] usb 3-1: Using ep0 maxpacket: 16
[  125.852534][ T5921] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  125.857786][ T8412] BTRFS info (device loop0 state CS): disabling tree log
[  125.890363][ T5921] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  125.909317][ T8412] BTRFS info (device loop0 state CS): disabling log replay at mount time
[  125.919985][ T5921] usb 3-1: Product: syz
[  125.937828][ T5921] usb 3-1: Manufacturer: syz
[  125.946642][ T8480] loop3: detected capacity change from 0 to 2048
[  125.947943][ T5921] usb 3-1: SerialNumber: syz
[  125.962296][ T8412] BTRFS info (device loop0 state CS): enabling free space tree
[  125.987753][ T8412] BTRFS info (device loop0 state CS): force clearing of disk cache
[  125.993339][ T5921] r8152-cfgselector 3-1: Unknown version 0x0000
[  126.018392][ T5921] r8152-cfgselector 3-1: config 0 descriptor??
[  126.030461][ T8412] BTRFS info (device loop0 state CS): trying to use backup root at mount time
[  126.063605][ T8412] BTRFS info (device loop0 state CS): ignoring bad roots
[  126.082498][ T8412] BTRFS info (device loop0 state CS): ignoring data csums
[  126.106744][ T8488] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  126.137789][ T8412] BTRFS info (device loop0 state CS): ignoring meta csums
[  126.145009][ T8412] BTRFS info (device loop0 state CS): ignoring unknown super block flags
[  126.154902][ T8480] NILFS error (device loop3): nilfs_check_folio: bad entry in directory #2: disallowed inode number - offset=56, inode=6, rec_len=24, name_len=5
[  126.197243][ T8480] Remounting filesystem read-only
[  126.355089][ T5874] BTRFS info (device loop0 state CS): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  126.492957][ T8502] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1098'.
[  126.544132][ T5914] r8152-cfgselector 3-1: USB disconnect, device number 6
[  126.753434][ T8517] PKCS7: Unknown OID: [5] (bad)
[  126.786184][ T8517] PKCS7: Only support pkcs7_signedData type
[  127.034262][ T8527] loop3: detected capacity change from 0 to 1024
[  127.062744][ T8508] loop1: detected capacity change from 0 to 32768
[  127.106655][ T8527] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  127.132160][ T8508] (syz.1.1099,8508,1):ocfs2_find_slot:468 ERROR: no free slots available!
[  127.167805][ T8508] (syz.1.1099,8508,1):ocfs2_mount_volume:1751 ERROR: status = -22
[  127.192488][ T8508] (syz.1.1099,8508,1):ocfs2_fill_super:1177 ERROR: status = -22
[  127.239611][ T8508] NILFS (loop1): couldn't find nilfs on the device
[  127.246771][ T8543] loop4: detected capacity change from 0 to 512
[  127.256920][ T8527] EXT4-fs warning (device loop3): ext4_rmdir:3187: inode #11: comm syz.3.1108: empty directory 'file1' has too many links (111)
[  127.313709][ T8543] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.372282][ T8543] ext4 filesystem being mounted at /250/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  127.417948][ T8549] syz.1.1116 uses old SIOCAX25GETINFO
[  127.426423][ T8551] netlink: 'syz.0.1117': attribute type 1 has an invalid length.
[  127.462144][ T5866] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.475326][ T8543] EXT4-fs error (device loop4): ext4_xattr_block_find:1869: inode #15: comm syz.4.1114: corrupted xattr block 19: overlapping e_value 
[  127.508083][ T8543] EXT4-fs (loop4): Remounting filesystem read-only
[  127.594938][ T8559] loop3: detected capacity change from 0 to 64
[  127.611064][ T5871] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.659252][ T8559] syz.3.1118: attempt to access beyond end of device
[  127.659252][ T8559] loop3: rw=0, sector=130062, nr_sectors = 2 limit=64
[  127.711772][ T8559] Buffer I/O error on dev loop3, logical block 65031, async page read
[  128.010059][ T8583] Option '    ' to dns_resolver key: bad/missing value
[  128.062496][ T8587] loop1: detected capacity change from 0 to 256
[  128.075987][ T8587] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  128.340805][ T8604] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  128.370214][ T8607] netlink: 'syz.1.1145': attribute type 27 has an invalid length.
[  128.398064][ T8607] netlink: 'syz.1.1145': attribute type 3 has an invalid length.
[  128.422690][ T8607] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1145'.
[  128.639417][ T8613] loop2: detected capacity change from 0 to 4096
[  128.679998][ T8613] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  128.727556][ T8613] ntfs3(loop2): Failed to initialize $Extend/$Reparse.
[  128.785984][ T8623] loop1: detected capacity change from 0 to 128
[  128.823691][ T8623] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x00000000 (sector = 1)
[  128.859770][ T8623] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF
[  128.861060][   T30] audit: type=1800 audit(1755562275.548:30): pid=8623 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1153" name="file2" dev="loop1" ino=1048613 res=0 errno=0
[  128.868840][ T8623] FAT-fs (loop1): Filesystem has been set read-only
[  128.889190][    C1] vkms_vblank_simulate: vblank timer overrun
[  129.095867][ T8628] netlink: 10 bytes leftover after parsing attributes in process `syz.1.1156'.
[  129.095867][ T8609] loop0: detected capacity change from 0 to 32768
[  129.182146][ T8609] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1146 (8609)
[  129.234518][ T8609] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  129.247012][ T8609] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  129.328869][ T8648] random: crng reseeded on system resumption
[  129.336132][ T8619] loop4: detected capacity change from 0 to 32768
[  129.347081][ T8612] loop3: detected capacity change from 0 to 40427
[  129.355290][ T8619] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1151 (8619)
[  129.380117][ T8612] F2FS-fs (loop3): Invalid log blocks per segment (4278190089)
[  129.457796][ T8612] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  129.516091][ T8612] F2FS-fs (loop3): invalid crc value
[  129.526361][ T8619] BTRFS info (device loop4): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  129.547560][ T8609] BTRFS info (device loop0): enabling ssd optimizations
[  129.576583][ T8609] BTRFS info (device loop0): enabling free space tree
[  129.577531][ T8619] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  129.615620][ T8657] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1160'.
[  129.692523][ T8657] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1160'.
[  129.707977][ T8657] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1160'.
[  129.752006][ T8612] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  129.808392][ T5874] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  129.820029][ T8633] loop2: detected capacity change from 0 to 32768
[  129.838892][ T8633] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1158 (8633)
[  129.840200][ T8619] BTRFS info (device loop4): allowing degraded mounts
[  129.866878][ T8612] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  129.869613][ T8619] BTRFS info (device loop4): enabling ssd optimizations
[  129.881936][ T8612] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  129.919043][ T8619] BTRFS info (device loop4): turning on sync discard
[  129.928187][ T8633] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  129.950327][ T8619] BTRFS info (device loop4): enabling free space tree
[  129.973715][ T8619] BTRFS info (device loop4): enabling auto defrag
[  129.987848][ T8633] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[  129.997248][ T8633] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  130.072485][ T8612] F2FS-fs (loop3): Corrupted max_depth of 3: 255
[  130.103449][ T8612] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  130.191039][ T8619] BTRFS info (device loop4 state M): resize thread pool 5 -> 4
[  130.207469][ T8633] BTRFS info (device loop2): rebuilding free space tree
[  130.261490][ T8633] BTRFS info (device loop2): disabling free space tree
[  130.290175][ T8633] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  130.326711][ T5871] BTRFS info (device loop4): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  130.333336][ T8633] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  130.371233][ T8633] BTRFS info (device loop2): allowing degraded mounts
[  130.402877][ T8633] BTRFS info (device loop2): enabling ssd optimizations
[  130.446731][ T8633] BTRFS info (device loop2): enabling disk space caching
[  130.470390][ T8633] BTRFS info (device loop2): force clearing of disk cache
[  130.477585][ T8633] BTRFS info (device loop2): use zlib compression, level 3
[  130.722968][ T5858] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  131.284826][ T8747] loop3: detected capacity change from 0 to 16
[  131.307084][ T8747] erofs (device loop3): mounted with root inode @ nid 36.
[  131.356729][ T8747] erofs (device loop3): readahead error at folio 3 @ nid 89
[  131.396789][ T8747] erofs (device loop3): readahead error at folio 2 @ nid 89
[  131.414486][ T8747] erofs (device loop3): readahead error at folio 1 @ nid 89
[  131.445131][ T8747] erofs (device loop3): readahead error at folio 0 @ nid 89
[  131.453563][ T8721] loop1: detected capacity change from 0 to 32768
[  131.492816][ T8721] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1177 (8721)
[  131.513129][ T8747] erofs (device loop3): read error -117 @ 0 of nid 89
[  131.551639][   T30] audit: type=1800 audit(1755562278.238:31): pid=8747 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1187" name="file3" dev="loop3" ino=89 res=0 errno=0
[  131.574565][ T8721] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  131.587375][ T8721] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  131.613741][ T8759] loop0: detected capacity change from 0 to 1024
[  131.795913][ T8779] netlink: 264 bytes leftover after parsing attributes in process `syz.3.1197'.
[  131.806750][ T8779] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1197'.
[  131.831289][ T8721] BTRFS info (device loop1): enabling ssd optimizations
[  131.837169][ T8785] netlink: 14601 bytes leftover after parsing attributes in process `syz.4.1199'.
[  131.859311][ T8721] BTRFS info (device loop1): enabling free space tree
[  131.894152][ T2975] hfsplus: b-tree write err: -5, ino 4
[  131.953822][ T8778] loop2: detected capacity change from 0 to 4096
[  131.991269][ T8790] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1201'.
[  132.030225][ T5859] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  132.143804][ T8795] vim2m vim2m.0: Fourcc format (0x31384142) invalid.
[  132.217258][ T8799] netlink: 'syz.1.1203': attribute type 21 has an invalid length.
[  132.300074][ T8799] netlink: 'syz.1.1203': attribute type 1 has an invalid length.
[  132.357896][ T8799] netlink: 144 bytes leftover after parsing attributes in process `syz.1.1203'.
[  132.558358][ T8818] mmap: syz.2.1214 (8818): VmData 45854720 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  132.777610][ T8832] loop3: detected capacity change from 0 to 256
[  132.789904][ T8832] exfat: Deprecated parameter 'utf8'
[  132.805913][ T8832] exfat: Deprecated parameter 'namecase'
[  132.857084][ T8832] exfat: Deprecated parameter 'namecase'
[  132.873485][ T8832] exfat: Deprecated parameter 'utf8'
[  132.896102][ T8838] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1224'.
[  132.899332][ T8837] mac80211_hwsim hwsim6 ��: renamed from wlan0 (while UP)
[  132.917340][ T8832] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffc20, utbl_chksum : 0xe619d30d)
[  132.938172][ T8838] netlink: 'syz.1.1224': attribute type 5 has an invalid length.
[  132.979692][ T8838] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1224'.
[  133.012580][ T8838] geneve2: entered promiscuous mode
[  133.019937][ T8838] geneve2: entered allmulticast mode
[  133.061033][ T3525] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 256 - 0
[  133.090577][ T3525] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 256 - 0
[  133.111484][ T3525] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 256 - 0
[  133.152407][ T8844] loop2: detected capacity change from 0 to 2048
[  133.165294][ T3525] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 256 - 0
[  133.224239][ T8850] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  133.242337][ T8844] NILFS error (device loop2): nilfs_lookup: deleted inode referenced: 12
[  133.288309][ T8844] Remounting filesystem read-only
[  133.508866][ T8828] loop4: detected capacity change from 0 to 32768
[  133.536392][ T8828] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1218 (8828)
[  133.630922][ T8869] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1238'.
[  133.662297][ T8828] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  133.690337][ T8828] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm
[  133.735288][ T8828] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  133.859825][ T8895] loop1: detected capacity change from 0 to 16
[  133.901735][ T8828] BTRFS info (device loop4): rebuilding free space tree
[  133.917986][ T8895] erofs (device loop1): mounted with root inode @ nid 36.
[  133.957597][ T8828] BTRFS info (device loop4): disabling free space tree
[  134.007198][ T8828] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  134.043588][ T8828] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  134.070940][ T8909] loop2: detected capacity change from 0 to 256
[  134.095324][ T8828] BTRFS info (device loop4): allowing degraded mounts
[  134.127789][ T8828] BTRFS info (device loop4): enabling ssd optimizations
[  134.129072][ T8909] exFAT-fs (loop2): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  134.147728][ T8828] BTRFS info (device loop4): enabling disk space caching
[  134.154807][ T8828] BTRFS info (device loop4): force clearing of disk cache
[  134.179900][ T8912] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1253'.
[  134.203676][ T8828] BTRFS info (device loop4): use zlib compression, level 3
[  134.369536][ T8828] BTRFS error (device loop4): balance: mixed groups data and metadata options must be the same
[  134.480834][ T5871] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  134.504094][ T8927] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1261'.
[  134.739042][ T8938] loop1: detected capacity change from 0 to 1024
[  134.936157][ T8952] loop3: detected capacity change from 0 to 1024
[  134.970917][ T8952] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  135.017837][ T8952] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869)
[  135.074527][ T8952] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  135.125597][ T8952] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #3: comm syz.3.1272: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 2, max 15(4), depth 0(0)
[  135.152640][ T8952] EXT4-fs (loop3): no journal found
[  135.174357][ T8952] EXT4-fs (loop3): can't get journal size
[  135.200293][ T8952] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  135.229082][ T8966] loop1: detected capacity change from 0 to 64
[  135.280190][ T5866] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.280957][ T9036] loop1: detected capacity change from 0 to 256
[  136.379459][ T9036] FAT-fs (loop1): Directory bread(block 64) failed
[  136.399056][ T9036] FAT-fs (loop1): Directory bread(block 65) failed
[  136.436128][ T9036] FAT-fs (loop1): Directory bread(block 66) failed
[  136.455265][ T9036] FAT-fs (loop1): Directory bread(block 67) failed
[  136.467495][ T9036] FAT-fs (loop1): Directory bread(block 68) failed
[  136.475517][ T9036] FAT-fs (loop1): Directory bread(block 69) failed
[  136.488822][ T9036] FAT-fs (loop1): Directory bread(block 70) failed
[  136.495692][ T9036] FAT-fs (loop1): Directory bread(block 71) failed
[  136.520392][ T9036] FAT-fs (loop1): Directory bread(block 72) failed
[  136.548693][ T9036] FAT-fs (loop1): Directory bread(block 73) failed
[  136.562081][ T9050] loop2: detected capacity change from 0 to 1024
[  136.655569][ T9004] loop3: detected capacity change from 0 to 40427
[  136.693442][ T9004] F2FS-fs (loop3): invalid crc value
[  136.782813][ T9004] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  136.845806][ T9004] F2FS-fs (loop3): Start checkpoint disabled!
[  136.902010][ T9004] F2FS-fs (loop3): f2fs_disable_checkpoint() finish, err:0
[  136.950056][ T9004] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  137.195858][ T9076] loop4: detected capacity change from 0 to 4096
[  137.215849][ T9076] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512).
[  137.288137][ T9076] ntfs3(loop4): Failed to initialize $Extend/$ObjId.
[  137.654919][ T9108] __nla_validate_parse: 7 callbacks suppressed
[  137.654942][ T9108] netlink: 172 bytes leftover after parsing attributes in process `syz.1.1348'.
[  137.729638][ T9110] netlink: 'syz.0.1349': attribute type 15 has an invalid length.
[  137.738436][ T5921] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  137.752918][ T9110] netlink: 666 bytes leftover after parsing attributes in process `syz.0.1349'.
[  137.891108][ T5921] usb 3-1: Using ep0 maxpacket: 32
[  137.905710][ T5921] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  137.939433][ T5921] usb 3-1: New USB device found, idVendor=0525, idProduct=2888, bcdDevice=d0.43
[  137.962948][ T5921] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.008467][ T5921] usb 3-1: config 0 descriptor??
[  138.116342][ T9138] netlink: 10 bytes leftover after parsing attributes in process `syz.4.1363'.
[  138.125617][ T9136] usb usb7: usbfs: process 9136 (syz.1.1362) did not claim interface 0 before use
[  138.213033][ T9142] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1365'.
[  138.225500][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  138.225552][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  138.247857][ T9142] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1365'.
[  138.288937][ T5921] cdc_subset 3-1:0.0: probe with driver cdc_subset failed with error -22
[  138.301819][ T9142] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1365'.
[  138.324935][ T9142] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1365'.
[  138.334736][ T9142] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1365'.
[  138.343900][ T9142] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1365'.
[  138.353286][ T9142] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1365'.
[  138.505598][ T5963] usb 3-1: USB disconnect, device number 7
[  138.522646][ T9160] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  138.944052][ T9183] loop1: detected capacity change from 0 to 1024
[  139.040217][   T30] audit: type=1326 audit(1755562285.738:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9191 comm="syz.0.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9bd98ebe9 code=0x7ffc0000
[  139.125717][   T30] audit: type=1326 audit(1755562285.768:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9191 comm="syz.0.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9bd98ebe9 code=0x7ffc0000
[  139.226557][   T30] audit: type=1326 audit(1755562285.778:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9191 comm="syz.0.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7fb9bd98ebe9 code=0x7ffc0000
[  139.315903][   T30] audit: type=1326 audit(1755562317.786:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9191 comm="syz.0.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9bd98ebe9 code=0x7ffc0000
[  139.414227][   T30] audit: type=1326 audit(1755562317.786:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9191 comm="syz.0.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9bd98ebe9 code=0x7ffc0000
[  139.733560][ T9236] netlink: 'syz.2.1409': attribute type 4 has an invalid length.
[  139.734737][ T5963] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  139.920220][ T9242] loop2: detected capacity change from 0 to 1024
[  139.927733][ T5963] usb 5-1: Using ep0 maxpacket: 32
[  139.938744][ T5963] usb 5-1: unable to get BOS descriptor or descriptor too short
[  139.954845][ T5963] usb 5-1: config 176 has an invalid interface number: 240 but max is 0
[  139.973611][ T5963] usb 5-1: config 176 has no interface number 0
[  139.998426][ T5963] usb 5-1: config 176 interface 240 altsetting 81 endpoint 0x9 has invalid maxpacket 1024, setting to 64
[  140.046789][ T5963] usb 5-1: config 176 interface 240 has no altsetting 0
[  140.053700][ T9244] loop3: detected capacity change from 0 to 4096
[  140.060618][   T56] hfsplus: b-tree write err: -5, ino 4
[  140.061083][ T5963] usb 5-1: language id specifier not provided by device, defaulting to English
[  140.114385][ T5963] usb 5-1: New USB device found, idVendor=19d2, idProduct=fff6, bcdDevice=c3.db
[  140.125871][ T5963] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.137165][ T9224] loop0: detected capacity change from 0 to 40427
[  140.146208][ T5963] usb 5-1: Product: syz
[  140.150429][ T5963] usb 5-1: Manufacturer: ᘩ弸摯ȶ§誒愳ṇᒻࣣ뻖友몴릌俈佫⌋㴒✫硉࿾ᤖ붗嵿呈弳ጚ臰䣋恗ꟸ楞痡䐶⇾ᇵ鹓᤻濾뷐谿兵ꈵ䏀ﯠ樃ꏻ䕇䂒췼쓜
[  140.182490][ T5963] usb 5-1: SerialNumber: syz
[  140.187295][ T9224] F2FS-fs (loop0): Invalid log sectors per block(0) log sectorsize(9)
[  140.220677][ T9224] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  140.221840][ T9250] geneve2: entered promiscuous mode
[  140.245302][ T9250] geneve2: entered allmulticast mode
[  140.252320][ T9224] F2FS-fs (loop0): invalid crc value
[  140.256927][ T2975] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  140.299488][ T2975] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  140.324922][ T2975] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  140.367978][ T2975] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  140.448353][ T5963] option 5-1:176.240: GSM modem (1-port) converter detected
[  140.485415][ T9224] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  140.511211][ T5963] usb 5-1: USB disconnect, device number 4
[  140.527589][ T5963] option 5-1:176.240: device disconnected
[  140.555579][ T9224] F2FS-fs (loop0): Start checkpoint disabled!
[  140.588178][ T9224] F2FS-fs (loop0): f2fs_disable_checkpoint() finish, err:0
[  140.603452][ T9224] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  140.613113][ T9224] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  140.758024][ T9271] binder: 9270:9271 unknown command 0
[  140.773975][ T9271] binder: 9270:9271 ioctl c0306201 2000000001c0 returned -22
[  141.049545][ T9260] loop3: detected capacity change from 0 to 40427
[  141.077249][ T9260] F2FS-fs: heap/no_heap options were deprecated
[  141.088394][ T9260] F2FS-fs (loop3): Image doesn't support compression
[  141.111308][ T9260] F2FS-fs (loop3): invalid crc value
[  141.341749][ T9260] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  141.381373][ T9260] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  141.494337][ T9307] comedi comedi2: board detection failed
[  141.746173][ T9323] tmpfs: Bad value for 'mpol'
[  142.278003][ T9318] loop2: detected capacity change from 0 to 32768
[  142.299924][ T9318] XFS: attr2 mount option is deprecated.
[  142.337348][ T9355] loop1: detected capacity change from 0 to 256
[  142.363562][ T9318] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  142.484615][ T9355] FAT-fs (loop1): Directory bread(block 64) failed
[  142.522399][ T9355] FAT-fs (loop1): Directory bread(block 65) failed
[  142.537107][ T9355] FAT-fs (loop1): Directory bread(block 66) failed
[  142.543725][ T9355] FAT-fs (loop1): Directory bread(block 67) failed
[  142.550574][ T9355] FAT-fs (loop1): Directory bread(block 68) failed
[  142.557176][ T9355] FAT-fs (loop1): Directory bread(block 69) failed
[  142.564375][ T9355] FAT-fs (loop1): Directory bread(block 70) failed
[  142.564733][ T9318] XFS (loop2): Ending clean mount
[  142.571111][ T9355] FAT-fs (loop1): Directory bread(block 71) failed
[  142.582923][ T9355] FAT-fs (loop1): Directory bread(block 72) failed
[  142.590918][ T9355] FAT-fs (loop1): Directory bread(block 73) failed
[  142.626615][ T9341] loop0: detected capacity change from 0 to 32768
[  142.655681][ T9318] XFS (loop2): Quotacheck needed: Please wait.
[  142.719494][ T9341] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  142.725169][ T9375] __nla_validate_parse: 49 callbacks suppressed
[  142.725192][ T9375] netlink: 1041 bytes leftover after parsing attributes in process `syz.3.1471'.
[  142.735803][ T9318] XFS (loop2): Quotacheck: Done.
[  142.821918][ T5858] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  142.917514][ T9341] XFS (loop0): Ending clean mount
[  143.047023][ T5874] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  143.054418][ T9393] loop1: detected capacity change from 0 to 8
[  143.190501][ T9397] loop2: detected capacity change from 0 to 1024
[  143.214727][ T9397] hfsplus: invalid btree flag
[  143.221963][ T9397] hfsplus: failed to load attributes file
[  143.263433][ T9399] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1481'.
[  143.434076][ T9407] netlink: 248 bytes leftover after parsing attributes in process `syz.2.1483'.
[  143.742064][ T9423] netlink: 'syz.2.1491': attribute type 15 has an invalid length.
[  143.781859][ T9423] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1491'.
[  143.802330][ T9389] loop3: detected capacity change from 0 to 32768
[  143.858155][ T9389] JBD2: Ignoring recovery information on journal
[  143.934564][ T9389] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[  144.011930][   T30] audit: type=1326 audit(1755562322.836:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9445 comm="syz.4.1495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c2718ebe9 code=0x7ffc0000
[  144.096039][ T5866] ocfs2: Unmounting device (7,3) on (node local)
[  144.098365][   T30] audit: type=1326 audit(1755562322.836:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9445 comm="syz.4.1495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c2718ebe9 code=0x7ffc0000
[  144.226007][   T30] audit: type=1326 audit(1755562322.866:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9445 comm="syz.4.1495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7f0c2718ebe9 code=0x7ffc0000
[  144.305179][   T30] audit: type=1326 audit(1755562322.866:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9445 comm="syz.4.1495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c2718ebe9 code=0x7ffc0000
[  144.426973][ T9468] loop0: detected capacity change from 0 to 1024
[  144.434510][   T30] audit: type=1326 audit(1755562322.866:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9445 comm="syz.4.1495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c2718ebe9 code=0x7ffc0000
[  144.484081][ T9472] loop2: detected capacity change from 0 to 1024
[  144.491702][ T9468] EXT4-fs: inline encryption not supported
[  144.512450][ T9468] EXT4-fs: Ignoring removed i_version option
[  144.548005][ T9468] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  144.556265][ T9472] EXT4-fs: inline encryption not supported
[  144.621966][ T9472] EXT4-fs: Ignoring removed bh option
[  144.628840][ T9468] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 2: comm syz.0.1505: lblock 2 mapped to illegal pblock 2 (length 1)
[  144.691958][ T9468] Quota error (device loop0): qtree_write_dquot: dquota write failed
[  144.716160][ T9472] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.731165][   T30] audit: type=1326 audit(1755562323.572:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9486 comm="syz.1.1511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe13f58ebe9 code=0x7ffc0000
[  144.776567][ T9468] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 48: comm syz.0.1505: lblock 0 mapped to illegal pblock 48 (length 1)
[  144.807949][   T30] audit: type=1326 audit(1755562323.634:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9486 comm="syz.1.1511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe13f58ebe9 code=0x7ffc0000
[  144.834354][   T30] audit: type=1326 audit(1755562323.634:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9486 comm="syz.1.1511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7fe13f58ebe9 code=0x7ffc0000
[  144.864626][   T30] audit: type=1326 audit(1755562323.634:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9486 comm="syz.1.1511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe13f58ebe9 code=0x7ffc0000
[  144.931079][ T9468] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.1505: Failed to acquire dquot type 0
[  144.959464][ T5858] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.989565][ T9468] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  145.040772][ T9468] EXT4-fs error (device loop0): ext4_evict_inode:254: inode #11: comm syz.0.1505: mark_inode_dirty error
[  145.093586][ T9468] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  145.133901][ T9468] EXT4-fs (loop0): 1 orphan inode deleted
[  145.151667][ T3585] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:10: lblock 1 mapped to illegal pblock 1 (length 1)
[  145.152532][ T9468] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.224296][ T3585] EXT4-fs error (device loop0): ext4_release_dquot:6973: comm kworker/u8:10: Failed to release dquot type 0
[  145.287391][ T9468] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.329803][ T9468] EXT4-fs error (device loop0): __ext4_get_inode_loc:4861: comm syz.0.1505: Invalid inode table block 1 in block_group 0
[  145.377870][ T9468] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  145.414939][ T9468] EXT4-fs error (device loop0): ext4_quota_off:7221: inode #3: comm syz.0.1505: mark_inode_dirty error
[  145.733345][ T9489] loop3: detected capacity change from 0 to 40427
[  145.807712][ T9489] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  145.815503][ T9489] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  145.839578][ T9494] loop1: detected capacity change from 0 to 32768
[  145.890094][ T9494] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  145.900223][ T9489] F2FS-fs (loop3): invalid crc value
[  146.064780][ T9489] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  146.094759][ T9494] XFS (loop1): Ending clean mount
[  146.107272][ T9489] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  146.109767][ T9494] XFS (loop1): Quotacheck needed: Please wait.
[  146.125887][ T9489] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  146.191868][ T9494] XFS (loop1): Quotacheck: Done.
[  146.242536][ T9556] loop4: detected capacity change from 0 to 764
[  146.244411][ T9489] fscrypt (loop3, inode 3): Error -61 getting encryption context
[  146.300573][ T9556] Symlink component flag not implemented
[  146.322526][ T9556] Symlink component flag not implemented
[  146.343141][ T9556] Symlink component flag not implemented (129)
[  146.350616][ T9556] Symlink component flag not implemented (6)
[  146.351345][ T5859] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  146.616061][ T9564] netlink: 'syz.4.1537': attribute type 9 has an invalid length.
[  147.010033][ T9583] loop3: detected capacity change from 0 to 512
[  147.051226][ T9560] loop2: detected capacity change from 0 to 32768
[  147.070555][ T9583] EXT4-fs: Ignoring removed i_version option
[  147.077063][ T9583] EXT4-fs: Ignoring removed mblk_io_submit option
[  147.094065][ T9560] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  147.106973][ T9583] EXT4-fs error (device loop3): ext4_orphan_get:1392: comm syz.3.1544: inode #13: comm syz.3.1544: iget: illegal inode #
[  147.150564][ T9583] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1544: couldn't read orphan inode 13 (err -117)
[  147.163914][ T9583] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  147.196238][ T9560] syz.2.1535 (9560) used greatest stack depth: 18088 bytes left
[  147.276385][ T5858] ocfs2: Unmounting device (7,2) on (node local)
[  147.286715][ T5866] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.544868][ T9576] loop1: detected capacity change from 0 to 32768
[  147.586098][ T9576] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1541 (9576)
[  147.667890][ T9612] netlink: 9 bytes leftover after parsing attributes in process `syz.2.1557'.
[  147.679731][ T9576] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  147.708588][ T9612] 0�: renamed from hsr_slave_1
[  147.739612][ T9576] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  147.760217][ T9612] 0�: entered allmulticast mode
[  147.789216][ T9612] A link change request failed with some changes committed already. Interface 
c0� may have been left with an inconsistent configuration, please check.
[  147.809115][ T9622] netlink: 'syz.0.1560': attribute type 5 has an invalid length.
[  147.838516][ T9622] netlink: 'syz.0.1560': attribute type 7 has an invalid length.
[  147.885967][ T9576] BTRFS info (device loop1): enabling ssd optimizations
[  147.908245][ T9638] loop3: detected capacity change from 0 to 64
[  147.908476][ T9576] BTRFS info (device loop1): enabling free space tree
[  147.986460][ T9622] : entered promiscuous mode
[  148.045312][ T5859] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  148.773358][ T9679] syz.4.1580 uses obsolete (PF_INET,SOCK_PACKET)
[  148.995239][ T9691] tmpfs: Bad value for 'mpol'
[  149.040790][ T9640] loop2: detected capacity change from 0 to 40427
[  149.073939][ T9640] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  149.117287][ T9640] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  149.148040][ T9693] loop0: detected capacity change from 0 to 4096
[  149.172300][ T9640] F2FS-fs (loop2): invalid crc value
[  149.268517][ T9693] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  149.410116][ T9640] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  149.433784][ T9710] xfrm1: entered allmulticast mode
[  149.454078][ T9640] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  149.455091][ T5874] ntfs3(loop0): ino=9, ntfs_sync_fs failed, -22.
[  149.482600][ T9640] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  149.688933][ T9724] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1603'.
[  149.707862][ T9725] loop4: detected capacity change from 0 to 64
[  150.028132][ T9742] netlink: 3 bytes leftover after parsing attributes in process `syz.1.1610'.
[  150.041117][ T9742] 0�X���: renamed from caif0
[  150.060610][ T9742] 0�X���: entered allmulticast mode
[  150.066205][ T9742] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  150.107024][ T9743] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1611'.
[  150.107085][ T9745] cgroup: subsys name conflicts with all
[  150.387942][ T9765] netlink: 'syz.2.1621': attribute type 5 has an invalid length.
[  150.387969][ T9765] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1621'.
[  150.407919][ T9757] loop4: detected capacity change from 0 to 4096
[  150.410500][ T9757] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  150.423204][ T9757] ntfs3(loop4): Failed to initialize $Extend/$Reparse.
[  150.459323][ T9757] ntfs3(loop4): ino=1e, mi_enum_attr
[  150.496096][ T9757] ntfs3(loop4): ino=1e, mi_enum_attr
[  150.496398][ T9757] ntfs3(loop4): ino=1e, mi_enum_attr
[  150.588561][ T9773] loop0: detected capacity change from 0 to 164
[  150.613623][ T9773] iso9660: Corrupted directory entry in block 2 of inode 1920
[  150.675407][ T9775] loop2: detected capacity change from 0 to 1024
[  150.712206][ T9775] fuse: Bad value for 'fd'
[  150.749538][ T9780] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1628'.
[  150.786921][   T13] hfsplus: b-tree write err: -5, ino 4
[  150.976314][ T9793] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[  150.976469][ T9793] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  151.112511][ T9799] loop2: detected capacity change from 0 to 512
[  151.156803][ T9799] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #13: comm syz.2.1639: attempt to clear invalid blocks 1 len 1
[  151.163500][ T9799] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1639: bg 0: block 343: padding at end of block bitmap is not set
[  151.166566][ T9799] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  151.174526][ T9799] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.1639: invalid indirect mapped block 1819239214 (level 0)
[  151.175025][ T9799] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.1639: invalid indirect mapped block 1819239214 (level 1)
[  151.179276][ T9799] EXT4-fs (loop2): 1 truncate cleaned up
[  151.253607][ T9799] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  151.256010][ T9807] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  151.360564][ T9799] tmpfs: Bad value for 'mpol'
[  151.406310][ T5858] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.540386][ T9823] netlink: 'syz.0.1650': attribute type 11 has an invalid length.
[  151.737902][ T9836] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1655'.
[  151.952098][ T9845] loop2: detected capacity change from 0 to 4096
[  152.002741][ T9845] ntfs3(loop2): Failed to initialize $Extend/$ObjId.
[  152.175933][ T9860] netlink: 228 bytes leftover after parsing attributes in process `syz.2.1664'.
[  152.840266][ T9896] netlink: 'syz.0.1681': attribute type 1 has an invalid length.
[  152.840266][ T9894] netlink: 'syz.3.1679': attribute type 10 has an invalid length.
[  152.840293][ T9894] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1679'.
[  152.873325][ T9896] netlink: 'syz.0.1681': attribute type 3 has an invalid length.
[  152.901934][ T9900] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1680'.
[  152.904757][ T9896] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1681'.
[  152.916956][ T9894] team0: Port device geneve0 added
[  153.036358][ T9878] loop4: detected capacity change from 0 to 32768
[  153.044740][ T9878] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1671 (9878)
[  153.088306][ T9905] netlink: 'syz.1.1685': attribute type 2 has an invalid length.
[  153.094095][ T9906] netlink: 'syz.0.1683': attribute type 6 has an invalid length.
[  153.120145][ T9878] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  153.121389][ T9906] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1683'.
[  153.139717][ T9905] �: entered promiscuous mode
[  153.175474][ T9878] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  153.271479][ T9878] BTRFS info (device loop4): allowing degraded mounts
[  153.328089][ T9878] BTRFS info (device loop4): enabling ssd optimizations
[  153.372355][ T9878] BTRFS info (device loop4): enabling free space tree
[  153.379203][ T9878] BTRFS info (device loop4): force zlib compression, level 3
[  153.387795][ T9928] netlink: 'syz.0.1688': attribute type 1 has an invalid length.
[  153.635922][ T5871] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  153.662608][ T9898] loop2: detected capacity change from 0 to 40427
[  153.682908][ T9898] F2FS-fs (loop2): invalid crc value
[  153.836943][ T9951] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1698'.
[  153.852005][ T9898] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  153.944134][ T9898] F2FS-fs (loop2): Start checkpoint disabled!
[  153.989171][ T9898] F2FS-fs (loop2): f2fs_disable_checkpoint() finish, err:0
[  154.007353][ T9898] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  154.044080][ T9898] syz.2.1682: attempt to access beyond end of device
[  154.044080][ T9898] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  154.067021][ T5922] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  154.115657][ T3525] kworker/u8:9: attempt to access beyond end of device
[  154.115657][ T3525] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  154.150090][ T3525] CPU: 1 UID: 0 PID: 3525 Comm: kworker/u8:9 Not tainted 6.17.0-rc2-next-20250818-syzkaller #0 PREEMPT(full) 
[  154.150122][ T3525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  154.150137][ T3525] Workqueue: writeback wb_workfn (flush-7:2)
[  154.150170][ T3525] Call Trace:
[  154.150178][ T3525]  <TASK>
[  154.150187][ T3525]  dump_stack_lvl+0x189/0x250
[  154.150218][ T3525]  ? __pfx_dump_stack_lvl+0x10/0x10
[  154.150242][ T3525]  ? __pfx_queue_work_on+0x10/0x10
[  154.150263][ T3525]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  154.150297][ T3525]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  154.150337][ T3525]  f2fs_handle_critical_error+0x37c/0x540
[  154.150369][ T3525]  f2fs_write_end_io+0x886/0xb60
[  154.150397][ T3525]  __submit_merged_bio+0x27a/0x6a0
[  154.150434][ T3525]  __submit_merged_write_cond+0x255/0x530
[  154.150464][ T3525]  f2fs_write_data_pages+0x261d/0x3000
[  154.150514][ T3525]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  154.150552][ T3525]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  154.150594][ T3525]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  154.150630][ T3525]  ? trace_f2fs_writepages+0x7f/0x200
[  154.150659][ T3525]  ? f2fs_write_node_pages+0x478/0x6e0
[  154.150697][ T3525]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  154.150726][ T3525]  ? f2fs_update_inode+0x13d9/0x2620
[  154.150753][ T3525]  ? f2fs_write_inode+0x3fb/0x5f0
[  154.150780][ T3525]  ? __pfx_f2fs_balance_fs+0x10/0x10
[  154.150809][ T3525]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  154.150841][ T3525]  do_writepages+0x32e/0x550
[  154.150869][ T3525]  ? unwind_next_frame+0xa5/0x2390
[  154.150901][ T3525]  __writeback_single_inode+0x145/0xff0
[  154.150927][ T3525]  ? do_raw_spin_unlock+0x122/0x240
[  154.150956][ T3525]  writeback_sb_inodes+0x6c7/0x1010
[  154.150992][ T3525]  ? fprop_reflect_period_percpu+0x6b/0x330
[  154.151016][ T3525]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  154.151066][ T3525]  ? rcu_is_watching+0x15/0xb0
[  154.151092][ T3525]  wb_writeback+0x43b/0xaf0
[  154.151122][ T3525]  ? queue_io+0x361/0x590
[  154.151148][ T3525]  ? __pfx_wb_writeback+0x10/0x10
[  154.151178][ T3525]  ? rcu_is_watching+0x15/0xb0
[  154.151201][ T3525]  wb_workfn+0x409/0xef0
[  154.151229][ T3525]  ? __pfx_wb_workfn+0x10/0x10
[  154.151250][ T3525]  ? rcu_is_watching+0x15/0xb0
[  154.151271][ T3525]  ? rcu_is_watching+0x15/0xb0
[  154.151296][ T3525]  ? process_scheduled_works+0x9ef/0x17b0
[  154.151315][ T3525]  ? rcu_is_watching+0x15/0xb0
[  154.151335][ T3525]  ? lock_acquire+0x5f/0x360
[  154.151366][ T3525]  ? rcu_is_watching+0x15/0xb0
[  154.151385][ T3525]  ? process_scheduled_works+0x9ef/0x17b0
[  154.151404][ T3525]  ? process_scheduled_works+0x9ef/0x17b0
[  154.151425][ T3525]  process_scheduled_works+0xade/0x17b0
[  154.151463][ T3525]  ? __pfx_process_scheduled_works+0x10/0x10
[  154.151495][ T3525]  worker_thread+0x8a0/0xda0
[  154.151530][ T3525]  kthread+0x711/0x8a0
[  154.151557][ T3525]  ? __pfx_worker_thread+0x10/0x10
[  154.151578][ T3525]  ? __pfx_kthread+0x10/0x10
[  154.151601][ T3525]  ? rcu_is_watching+0x15/0xb0
[  154.151619][ T3525]  ? __pfx_kthread+0x10/0x10
[  154.151642][ T3525]  ret_from_fork+0x3f9/0x770
[  154.151673][ T3525]  ? __pfx_ret_from_fork+0x10/0x10
[  154.151697][ T3525]  ? __switch_to_asm+0x39/0x70
[  154.151723][ T3525]  ? __switch_to_asm+0x33/0x70
[  154.151749][ T3525]  ? __pfx_kthread+0x10/0x10
[  154.151774][ T3525]  ret_from_fork_asm+0x1a/0x30
[  154.151811][ T3525]  </TASK>
[  154.152153][ T3525] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  154.565561][ T9957] loop1: detected capacity change from 0 to 32768
[  154.572134][ T5922] usb 4-1: Using ep0 maxpacket: 8
[  154.580493][ T5922] usb 4-1: config 0 has an invalid interface number: 52 but max is 0
[  154.601373][ T5922] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  154.638053][ T5922] usb 4-1: config 0 has no interface number 0
[  154.644203][ T5922] usb 4-1: config 0 interface 52 has no altsetting 0
[  154.655810][ T9957] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1701 (9957)
[  154.673474][ T9975] netlink: 248 bytes leftover after parsing attributes in process `syz.4.1710'.
[  154.674693][ T9977] loop0: detected capacity change from 0 to 512
[  154.693660][ T5922] usb 4-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[  154.703471][ T5922] usb 4-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0
[  154.717258][ T9957] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  154.719385][ T5922] usb 4-1: Manufacturer: syz
[  154.734249][ T9977] EXT4-fs: Ignoring removed oldalloc option
[  154.743082][ T9977] EXT4-fs: inline encryption not supported
[  154.750530][ T5922] usb 4-1: config 0 descriptor??
[  154.762996][ T9957] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[  154.767723][ T9977] EXT4-fs: Ignoring removed mblk_io_submit option
[  154.800693][ T5922] hub 4-1:0.52: bad descriptor, ignoring hub
[  154.808319][ T9957] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  154.836281][ T5922] hub 4-1:0.52: probe with driver hub failed with error -5
[  154.848259][ T9977] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  154.937928][ T9977] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1711: bg 0: block 64: padding at end of block bitmap is not set
[  154.971288][ T9977] __quota_error: 3 callbacks suppressed
[  154.971307][ T9977] Quota error (device loop0): write_blk: dquota write failed
[  155.025785][ T9957] BTRFS info (device loop1): rebuilding free space tree
[  155.033067][ T9977] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  155.098229][ T9957] BTRFS info (device loop1): disabling free space tree
[  155.108258][ T9977] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.1711: Failed to acquire dquot type 0
[  155.121352][ T9957] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  155.160567][ T9957] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  155.161468][ T9977] EXT4-fs (loop0): 1 truncate cleaned up
[  155.187988][ T9977] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  155.203378][ T9957] BTRFS info (device loop1): setting nodatasum
[  155.243307][ T9957] BTRFS info (device loop1): allowing degraded mounts
[  155.264835][   T30] audit: type=1326 audit(1755562334.274:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10009 comm="syz.4.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c2718ebe9 code=0x7ffc0000
[  155.269626][ T9957] BTRFS info (device loop1): enabling disk space caching
[  155.333776][ T9977] Quota error (device loop0): do_check_range: Getting block 144 out of range 0-5
[  155.351203][ T5922] usb 4-1: USB disconnect, device number 4
[  155.356260][   T30] audit: type=1326 audit(1755562334.304:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10009 comm="syz.4.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c2718ebe9 code=0x7ffc0000
[  155.371940][ T9957] BTRFS info (device loop1): force clearing of disk cache
[  155.407160][ T9957] BTRFS info (device loop1): force zlib compression, level 3
[  155.419460][   T30] audit: type=1326 audit(1755562334.304:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10009 comm="syz.4.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=155 compat=0 ip=0x7f0c2718ebe9 code=0x7ffc0000
[  155.495374][   T30] audit: type=1326 audit(1755562334.304:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10009 comm="syz.4.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c2718ebe9 code=0x7ffc0000
[  155.526264][ T5874] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.544256][   T30] audit: type=1326 audit(1755562334.304:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10009 comm="syz.4.1714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c2718ebe9 code=0x7ffc0000
[  155.567453][ T9957] BTRFS error (device loop1): balance: invalid convert data profile raid0
[  155.569871][T10021] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1717'.
[  155.635197][ T5859] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  155.665139][T10021] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1717'.
[  156.033722][T10039] ip6tnl1: entered promiscuous mode
[  156.057239][T10039] ip6tnl1: entered allmulticast mode
[  156.209490][T10057] loop0: detected capacity change from 0 to 128
[  156.279286][T10057] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  156.290265][ T5922] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  156.318186][T10057] FAT-fs (loop0): Filesystem has been set read-only
[  156.477145][ T5922] usb 5-1: Using ep0 maxpacket: 16
[  156.488653][ T5922] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  156.520426][ T5922] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  156.577362][ T5922] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  156.609621][ T5922] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  156.638197][ T5922] usb 5-1: Product: syz
[  156.638221][ T5922] usb 5-1: Manufacturer: syz
[  156.638238][ T5922] usb 5-1: SerialNumber: syz
[  156.700310][T10083] netlink: 4388 bytes leftover after parsing attributes in process `syz.3.1740'.
[  156.829230][T10088] loop3: detected capacity change from 0 to 2048
[  156.863566][ T5922] usb 5-1: 0:2 : does not exist
[  156.878733][T10088] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  156.904673][ T5922] usb 5-1: USB disconnect, device number 5
[  156.948987][ T5860] udevd[5860]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  157.104603][T10099] netlink: 'syz.3.1747': attribute type 3 has an invalid length.
[  157.130498][T10099] netlink: 'syz.3.1747': attribute type 3 has an invalid length.
[  157.281808][T10109] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1751'.
[  157.584380][T10125] comedi comedi4: bad chanlist[1]=0x00000040 chan=64 range length=2
[  157.708868][T10134] loop4: detected capacity change from 0 to 512
[  157.737008][T10135] loop3: detected capacity change from 0 to 1764
[  157.752980][T10134] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  157.803509][T10135] iso9660: Corrupted directory entry in block 2 of inode 1920
[  157.813079][T10134] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  157.853264][T10134] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended
[  157.889721][T10134] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  157.973450][T10134] System zones: 0-2, 18-18, 34-34
[  158.031405][T10134] EXT4-fs (loop4): 1 truncate cleaned up
[  158.038072][T10134] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  158.129246][T10134] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 3: comm syz.4.1763: path /392/file1: bad entry in directory: inode out of bounds - offset=0, inode=63, rec_len=12, size=4096 fake=1
[  158.265449][ T5871] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.266970][T10113] loop0: detected capacity change from 0 to 32768
[  158.371595][T10113] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  158.429788][T10113] XFS (loop0): Ending clean mount
[  158.438685][T10113] XFS (loop0): Quotacheck needed: Please wait.
[  158.465813][T10113] XFS (loop0): Quotacheck: Done.
[  158.739517][ T5874] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  158.981083][T10197] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1781'.
[  159.107178][T10205] syz.3.1785 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  159.706373][T10196] loop2: detected capacity change from 0 to 40427
[  159.737376][T10237] loop4: detected capacity change from 0 to 2048
[  159.745609][T10196] F2FS-fs: heap/no_heap options were deprecated
[  159.765479][T10237] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  159.786951][T10196] F2FS-fs (loop2): build fault injection rate: 19
[  159.793448][T10196] F2FS-fs (loop2): build fault injection type: 0x3bfe8c
[  159.820803][T10244] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  159.820950][T10237] syz.4.1801: attempt to access beyond end of device
[  159.820950][T10237] loop4: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  159.821618][T10196] F2FS-fs (loop2): invalid crc value
[  159.853620][T10243] bridge1: entered allmulticast mode
[  159.878777][T10237] syz.4.1801: attempt to access beyond end of device
[  159.878777][T10237] loop4: rw=0, sector=9437254, nr_sectors = 2 limit=2048
[  159.912099][T10196] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[  159.944069][T10237] NILFS (loop4): I/O error reading meta-data file (ino=6, block-offset=0)
[  160.141247][T10196] F2FS-fs (loop2): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x20a/0x3f0
[  160.216476][T10196] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  160.245018][T10196] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  160.336727][T10196] F2FS-fs (loop2): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  160.363977][T10269] loop3: detected capacity change from 0 to 256
[  160.372752][T10196] syz.2.1783: attempt to access beyond end of device
[  160.372752][T10196] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  160.467563][T10259] loop1: detected capacity change from 0 to 8192
[  160.487679][T10269] FAT-fs (loop3): Directory bread(block 64) failed
[  160.510727][T10269] FAT-fs (loop3): Directory bread(block 65) failed
[  160.517912][ T5858] syz-executor: attempt to access beyond end of device
[  160.517912][ T5858] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  160.529407][T10269] FAT-fs (loop3): Directory bread(block 66) failed
[  160.538462][T10269] FAT-fs (loop3): Directory bread(block 67) failed
[  160.547638][ T5858] CPU: 1 UID: 0 PID: 5858 Comm: syz-executor Not tainted 6.17.0-rc2-next-20250818-syzkaller #0 PREEMPT(full) 
[  160.547670][ T5858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  160.547683][ T5858] Call Trace:
[  160.547691][ T5858]  <TASK>
[  160.547699][ T5858]  dump_stack_lvl+0x189/0x250
[  160.547729][ T5858]  ? __pfx_dump_stack_lvl+0x10/0x10
[  160.547754][ T5858]  ? __pfx_queue_work_on+0x10/0x10
[  160.547774][ T5858]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  160.547806][ T5858]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  160.547844][ T5858]  f2fs_handle_critical_error+0x37c/0x540
[  160.547875][ T5858]  f2fs_write_end_io+0x886/0xb60
[  160.547902][ T5858]  __submit_merged_bio+0x27a/0x6a0
[  160.547932][ T5858]  __submit_merged_write_cond+0x255/0x530
[  160.547961][ T5858]  f2fs_write_data_pages+0x261d/0x3000
[  160.548008][ T5858]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  160.548061][ T5858]  ? stack_trace_save+0x9c/0xe0
[  160.548085][ T5858]  ? __pfx_stack_trace_save+0x10/0x10
[  160.548114][ T5858]  ? kasan_save_stack+0x4d/0x60
[  160.548139][ T5858]  ? kasan_save_stack+0x3e/0x60
[  160.548162][ T5858]  ? kasan_record_aux_stack+0xbd/0xd0
[  160.548183][ T5858]  ? call_rcu+0x157/0x9c0
[  160.548202][ T5858]  ? __schedule+0x17a0/0x4cc0
[  160.548232][ T5858]  ? schedule_timeout+0x9a/0x270
[  160.548257][ T5858]  ? wait_for_completion+0x2bf/0x5d0
[  160.548275][ T5858]  ? kthread_stop+0x194/0x5c0
[  160.548297][ T5858]  ? deactivate_locked_super+0xb9/0x130
[  160.548318][ T5858]  ? cleanup_mnt+0x425/0x4c0
[  160.548338][ T5858]  ? task_work_run+0x1d4/0x260
[  160.548362][ T5858]  ? exit_to_user_mode_loop+0xec/0x130
[  160.548389][ T5858]  ? do_syscall_64+0x2bd/0x3b0
[  160.548411][ T5858]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.548436][ T5858]  ? filemap_get_folios_tag+0xed/0x630
[  160.548455][ T5858]  ? rcu_is_watching+0x15/0xb0
[  160.548475][ T5858]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  160.548506][ T5858]  do_writepages+0x32e/0x550
[  160.548535][ T5858]  ? rcu_is_watching+0x15/0xb0
[  160.548557][ T5858]  ? do_raw_spin_unlock+0x122/0x240
[  160.548584][ T5858]  filemap_fdatawrite+0x199/0x240
[  160.548614][ T5858]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  160.548659][ T5858]  ? rcu_is_watching+0x15/0xb0
[  160.548682][ T5858]  ? do_raw_spin_unlock+0x122/0x240
[  160.548708][ T5858]  f2fs_sync_dirty_inodes+0x31f/0x830
[  160.548734][ T5858]  f2fs_write_checkpoint+0x93e/0x2440
[  160.548769][ T5858]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  160.548815][ T5858]  kill_f2fs_super+0x2cc/0x6d0
[  160.548838][ T5858]  ? __pfx_kill_f2fs_super+0x10/0x10
[  160.548866][ T5858]  ? shrinker_free+0x2ce/0x3e0
[  160.548913][ T5858]  deactivate_locked_super+0xb9/0x130
[  160.548938][ T5858]  cleanup_mnt+0x425/0x4c0
[  160.548961][ T5858]  task_work_run+0x1d4/0x260
[  160.548990][ T5858]  ? __pfx_task_work_run+0x10/0x10
[  160.549015][ T5858]  ? __x64_sys_umount+0x122/0x160
[  160.549040][ T5858]  ? __pfx___x64_sys_umount+0x10/0x10
[  160.549071][ T5858]  ? rcu_is_watching+0x15/0xb0
[  160.549090][ T5858]  exit_to_user_mode_loop+0xec/0x130
[  160.549119][ T5858]  do_syscall_64+0x2bd/0x3b0
[  160.549142][ T5858]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.549161][ T5858]  ? clear_bhb_loop+0x60/0xb0
[  160.549183][ T5858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.549202][ T5858] RIP: 0033:0x7f51b538ff17
[  160.549227][ T5858] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  160.549244][ T5858] RSP: 002b:00007ffca12bd3b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  160.549266][ T5858] RAX: 0000000000000000 RBX: 00007f51b5411c05 RCX: 00007f51b538ff17
[  160.549280][ T5858] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca12bd470
[  160.549293][ T5858] RBP: 00007ffca12bd470 R08: 0000000000000000 R09: 0000000000000000
[  160.549305][ T5858] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffca12be500
[  160.549319][ T5858] R13: 00007f51b5411c05 R14: 00000000000273fc R15: 00007ffca12be540
[  160.549341][ T5858]  </TASK>
[  160.653685][T10269] FAT-fs (loop3): Directory bread(block 68) failed
[  160.657373][    C1] vkms_vblank_simulate: vblank timer overrun
[  160.665285][T10269] FAT-fs (loop3): Directory bread(block 69) failed
[  160.755866][T10260] loop0: detected capacity change from 0 to 32768
[  160.826944][ T5858] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  160.829776][T10269] FAT-fs (loop3): Directory bread(block 70) failed
[  160.857253][T10260] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1811 (10260)
[  160.858821][T10269] FAT-fs (loop3): Directory bread(block 71) failed
[  161.035612][T10269] FAT-fs (loop3): Directory bread(block 72) failed
[  161.042282][T10260] BTRFS info (device loop0 state S): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  161.100769][T10260] BTRFS info (device loop0 state S): using blake2b (blake2b-256-generic) checksum algorithm
[  161.129494][T10260] workqueue: max_active 2097158 requested for btrfs-worker is out of range, clamping between 1 and 2048
[  161.144435][T10269] FAT-fs (loop3): Directory bread(block 73) failed
[  161.186159][T10260] workqueue: max_active 2097158 requested for btrfs-delalloc is out of range, clamping between 1 and 2048
[  161.246730][T10260] workqueue: max_active 2097158 requested for btrfs-endio is out of range, clamping between 1 and 2048
[  161.278325][T10260] workqueue: max_active 2097158 requested for btrfs-endio-meta is out of range, clamping between 1 and 2048
[  161.353707][T10260] workqueue: max_active 2097158 requested for btrfs-rmw is out of range, clamping between 1 and 2048
[  161.374194][T10260] workqueue: max_active 2097158 requested for btrfs-endio-write is out of range, clamping between 1 and 2048
[  161.412527][T10260] workqueue: max_active 2097158 requested for btrfs-compressed-write is out of range, clamping between 1 and 2048
[  161.476191][ T3525] BTRFS warning (device loop0 state S): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0x3fff8ff18ac4f264f26c9b61444b99be3a51e4b9014c9227426415668fcd4ed9 level 0, ignored
[  161.500490][    C1] vkms_vblank_simulate: vblank timer overrun
[  161.618647][ T3525] BTRFS warning (device loop0 state CS): checksum verify failed on logical 5328896 mirror 1 wanted 0xe27e479340067083b74b333c1de55c530774f48d9bb4dbb5f2229db663324412 found 0x95f62be744ba79d2c7edda0b7f35c3ed250500c283e6cfbf6ba5d84a2ae65a3d level 1, ignored
[  161.718532][ T3525] BTRFS error (device loop0 state CS): level verify failed on logical 5328896 mirror 1 wanted 0 found 1
[  161.764740][T10260] BTRFS info (device loop0 state CS): setting nodatasum
[  161.789742][T10260] BTRFS info (device loop0 state CS): allowing degraded mounts
[  161.817155][T10260] BTRFS info (device loop0 state CS): setting nodatacow
[  161.826222][T10283] loop4: detected capacity change from 0 to 32768
[  161.835926][T10260] BTRFS info (device loop0 state CS): enabling ssd optimizations
[  161.862528][T10283] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  161.866382][T10260] BTRFS info (device loop0 state CS): using spread ssd allocation scheme
[  161.888970][T10260] BTRFS info (device loop0 state CS): turning off barriers
[  161.909531][T10313] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1817'.
[  161.920950][T10260] BTRFS info (device loop0 state CS): disabling log replay at mount time
[  161.938643][T10313] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1817'.
[  161.947781][T10260] BTRFS info (device loop0 state CS): enabling free space tree
[  161.966578][T10260] BTRFS info (device loop0 state CS): ignoring bad roots
[  161.969665][T10283] XFS (loop4): Ending clean mount
[  162.008716][T10283] XFS (loop4): Quotacheck needed: Please wait.
[  162.021234][T10260] BTRFS info (device loop0 state CS): ignoring data csums
[  162.049197][T10283] XFS (loop4): Quotacheck: Done.
[  162.074812][T10260] BTRFS info (device loop0 state CS): ignoring meta csums
[  162.121523][T10260] BTRFS info (device loop0 state CS): ignoring unknown super block flags
[  162.147231][T10260] BTRFS info (device loop0 state CS): max_inline set to 0
[  162.149400][ T5871] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  162.263773][T10329] loop2: detected capacity change from 0 to 512
[  162.330183][T10329] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.380783][ T5874] BTRFS info (device loop0 state CS): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  162.382558][T10329] ext4 filesystem being mounted at /337/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  162.436318][T10329] Quota error (device loop2): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[  162.483805][T10329] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[  162.529833][T10329] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.1832: Failed to acquire dquot type 1
[  162.626682][ T5858] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.123595][T10381] loop1: detected capacity change from 0 to 256
[  163.159929][ T5921] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  163.218715][T10381] FAT-fs (loop1): Directory bread(block 64) failed
[  163.228250][T10384] vlan0: entered promiscuous mode
[  163.229035][T10381] FAT-fs (loop1): Directory bread(block 65) failed
[  163.277390][T10381] FAT-fs (loop1): Directory bread(block 66) failed
[  163.295575][T10381] FAT-fs (loop1): Directory bread(block 67) failed
[  163.306163][T10381] FAT-fs (loop1): Directory bread(block 68) failed
[  163.313334][T10381] FAT-fs (loop1): Directory bread(block 69) failed
[  163.319944][ T5921] usb 1-1: Using ep0 maxpacket: 16
[  163.321984][ T5921] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  163.328835][T10381] FAT-fs (loop1): Directory bread(block 70) failed
[  163.348689][ T5921] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  163.371332][ T5921] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  163.380977][ T5921] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.389026][T10381] FAT-fs (loop1): Directory bread(block 71) failed
[  163.389122][T10381] FAT-fs (loop1): Directory bread(block 72) failed
[  163.389146][T10381] FAT-fs (loop1): Directory bread(block 73) failed
[  163.465652][   T30] audit: type=1800 audit(1755562342.545:52): pid=10381 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1852" name="file2" dev="loop1" ino=1048632 res=0 errno=0
[  163.497184][ T5921] usb 1-1: Product: syz
[  163.502569][ T5921] usb 1-1: Manufacturer: syz
[  163.524608][ T5921] usb 1-1: SerialNumber: syz
[  163.711801][T10379] loop4: detected capacity change from 0 to 32768
[  163.745743][ T5921] usb 1-1: 0:2 : does not exist
[  163.754467][T10379] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[  163.776865][ T5921] usb 1-1: USB disconnect, device number 10
[  163.803719][T10410] netlink: 'syz.2.1866': attribute type 5 has an invalid length.
[  163.814829][T10379] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  163.832451][T10379] (syz.4.1854,10379,1):ocfs2_find_entry:1094 ERROR: status = -117
[  163.870874][T10379] (syz.4.1854,10379,0):ocfs2_find_entry:1094 ERROR: status = -117
[  163.888984][ T6055] udevd[6055]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  163.935051][T10379] (syz.4.1854,10379,1):ocfs2_mknod:505 ERROR: status = -117
[  163.942422][T10379] (syz.4.1854,10379,1):ocfs2_create:678 ERROR: status = -117
[  164.080609][ T5871] ocfs2: Unmounting device (7,4) on (node local)
[  164.152297][T10422] vlan0: left promiscuous mode
[  164.157948][T10422] geneve2: left promiscuous mode
[  164.335992][T10430] autofs: Bad value for 'fd'
[  164.384255][T10407] loop1: detected capacity change from 0 to 32768
[  164.634466][T10449] loop4: detected capacity change from 0 to 512
[  164.638333][T10447] geneve3: entered promiscuous mode
[  164.650215][T10447] geneve3: entered allmulticast mode
[  164.721982][T10449] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1885: invalid indirect mapped block 4294967295 (level 1)
[  164.722002][T10451] netlink: 'syz.2.1887': attribute type 3 has an invalid length.
[  164.802497][T10449] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1885: invalid indirect mapped block 4294967295 (level 1)
[  164.824288][T10449] EXT4-fs (loop4): 2 truncates cleaned up
[  164.840768][T10449] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.884054][T10462] loop3: detected capacity change from 0 to 512
[  164.922009][T10449] EXT4-fs error (device loop4): ext4_get_parent:1834: inode #11: comm syz.4.1885: bad parent inode number: 3
[  164.970131][T10462] EXT4-fs: Ignoring removed mblk_io_submit option
[  165.028495][T10462] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13
[  165.043940][ T5871] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.063414][T10462] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #13: comm syz.3.1890: attempt to clear invalid blocks 2 len 1
[  165.139513][T10462] EXT4-fs (loop3): Remounting filesystem read-only
[  165.146995][T10462] EXT4-fs (loop3): 1 truncate cleaned up
[  165.154692][T10462] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.263076][ T5866] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.555329][   T30] audit: type=1326 audit(1755562344.638:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10504 comm="syz.2.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51b538ebe9 code=0x7ffc0000
[  165.596380][T10507] pim6reg: entered allmulticast mode
[  165.630638][   T30] audit: type=1326 audit(1755562344.638:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10504 comm="syz.2.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51b538ebe9 code=0x7ffc0000
[  165.683678][   T30] audit: type=1326 audit(1755562344.648:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10504 comm="syz.2.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f51b538ebe9 code=0x7ffc0000
[  165.744017][T10513] loop1: detected capacity change from 0 to 2048
[  165.763719][   T30] audit: type=1326 audit(1755562344.648:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10504 comm="syz.2.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51b538ebe9 code=0x7ffc0000
[  165.834120][T10513] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  165.847423][   T30] audit: type=1326 audit(1755562344.648:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10504 comm="syz.2.1910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51b538ebe9 code=0x7ffc0000
[  165.892102][T10514] loop3: detected capacity change from 0 to 8192
[  165.916762][T10514] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  165.974914][T10525] netlink: 'syz.0.1921': attribute type 11 has an invalid length.
[  166.045357][T10514] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  166.062662][T10514] ntfs3(loop3): Failed to load $Extend (-2).
[  166.082807][T10514] ntfs3(loop3): Failed to initialize $Extend.
[  166.151594][ T5921] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  166.335992][ T5921] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  166.353295][ T5921] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  166.364425][ T5921] usb 3-1: config 0 descriptor??
[  166.403257][ T5921] cp210x 3-1:0.0: cp210x converter detected
[  166.481532][T10545] CIFS: iocharset name too long
[  166.486909][T10547] bridge_slave_1: left allmulticast mode
[  166.493429][T10547] bridge_slave_1: left promiscuous mode
[  166.499454][T10547] bridge0: port 2(bridge_slave_1) entered disabled state
[  166.558791][T10547] bridge_slave_0: left allmulticast mode
[  166.577681][T10547] bridge_slave_0: left promiscuous mode
[  166.609281][T10547] bridge0: port 1(bridge_slave_0) entered disabled state
[  166.680681][T10532] loop0: detected capacity change from 0 to 32768
[  166.718935][T10532] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1924 (10532)
[  166.749803][T10532] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  166.762614][T10532] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  166.810752][ T5921] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -71
[  166.820612][ T5921] cp210x 3-1:0.0: failed to get vendor val 0x370c size 73: -71
[  166.835714][ T5921] cp210x 3-1:0.0: GPIO initialisation failed: -71
[  166.846757][ T5921] usb 3-1: cp210x converter now attached to ttyUSB0
[  166.856464][ T5921] usb 3-1: USB disconnect, device number 8
[  166.880583][ T5921] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  166.932670][ T5921] cp210x 3-1:0.0: device disconnected
[  166.934184][T10576] netlink: 'syz.4.1940': attribute type 1 has an invalid length.
[  166.979977][T10532] BTRFS info (device loop0): allowing degraded mounts
[  166.980003][T10532] BTRFS info (device loop0): enabling ssd optimizations
[  166.980022][T10532] BTRFS info (device loop0): enabling free space tree
[  166.980040][T10532] BTRFS info (device loop0): force zlib compression, level 3
[  167.116388][ T5874] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  167.199674][T10587] cifs: Unknown parameter 'no'�a��N�[G�zob,er��;%j��
[  167.199674][T10587] ��z�,�@q�������J#�"��h/.�W1ȱ�nNC�"�C�׈�E)�8+����'
[  167.453087][T10603] loop4: detected capacity change from 0 to 512
[  167.489931][T10603] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  167.570508][T10603] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.614528][ T5963] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  167.631465][T10603] ext4 filesystem being mounted at /433/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  167.754503][ T5871] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.774449][ T5963] usb 4-1: config 0 has an invalid interface number: 255 but max is 0
[  167.788564][ T5963] usb 4-1: config 0 has no interface number 0
[  167.824208][ T5963] usb 4-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30
[  167.856527][ T5963] usb 4-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  167.900563][ T5963] usb 4-1: config 0 interface 255 has no altsetting 0
[  167.906981][T10633] program syz.4.1961 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  167.911967][ T5963] usb 4-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b
[  167.936522][ T5963] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.947207][ T5963] usb 4-1: config 0 descriptor??
[  167.959229][ T5963] ums-realtek 4-1:0.255: USB Mass Storage device detected
[  167.975287][T10636] netlink: 'syz.0.1966': attribute type 7 has an invalid length.
[  168.032589][T10636] : entered promiscuous mode
[  168.185340][ T5921] usb 4-1: USB disconnect, device number 5
[  168.657554][T10684] loop2: detected capacity change from 0 to 512
[  168.714591][T10684] EXT4-fs error (device loop2): ext4_orphan_get:1392: comm syz.2.1986: inode #15: comm syz.2.1986: iget: illegal inode #
[  168.782481][T10684] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.1986: couldn't read orphan inode 15 (err -117)
[  168.860883][T10684] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.952407][T10684] EXT4-fs error (device loop2): ext4_lookup:1787: comm syz.2.1986: inode #15: comm syz.2.1986: iget: illegal inode #
[  169.139520][ T5858] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.271514][T10726] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2002'.
[  169.407122][T10735] loop4: detected capacity change from 0 to 8
[  169.413987][T10735] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  169.469904][T10735] cramfs: bad data blocksize 4294967270
[  169.488876][T10735] cramfs: Error -3 while decompressing!
[  169.494555][T10735] cramfs: ffffffff99dfc662(26)->ffff88805019d000(4096)
[  169.539658][T10735] cramfs: bad data blocksize 3221485902
[  169.558042][T10742] loop1: detected capacity change from 0 to 256
[  169.567842][T10735] cramfs: bad data blocksize 4294967270
[  169.578216][T10742] exfat: Deprecated parameter 'utf8'
[  169.583991][   T30] audit: type=1800 audit(1755562348.699:58): pid=10735 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2007" name="file2" dev="loop4" ino=348 res=0 errno=0
[  169.654101][T10742] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xdf1ac56c, utbl_chksum : 0xe619d30d)
[  169.743001][T10748] binder: 10747:10748 ioctl c0046209 200000000000000 returned -22
[  169.949263][T10756] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2013'.
[  170.010391][T10732] loop3: detected capacity change from 0 to 32768
[  170.034107][T10732] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2005 (10732)
[  170.070740][T10732] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  170.118625][T10732] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  170.282143][T10739] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  170.288997][T10739] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  170.324335][T10732] BTRFS info (device loop3): enabling ssd optimizations
[  170.334721][T10732] BTRFS info (device loop3): enabling free space tree
[  170.391762][T10739] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  170.402028][T10739] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  170.530798][ T5866] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  170.618736][T10739] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  170.634345][T10739] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  170.645591][T10804] loop4: detected capacity change from 0 to 256
[  170.801796][T10804] FAT-fs (loop4): Directory bread(block 64) failed
[  170.809384][T10739] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  170.831193][T10804] FAT-fs (loop4): Directory bread(block 65) failed
[  170.836175][T10815] netlink: 'syz.1.2029': attribute type 7 has an invalid length.
[  170.862967][T10804] FAT-fs (loop4): Directory bread(block 66) failed
[  170.866750][T10739] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  170.899285][T10804] FAT-fs (loop4): Directory bread(block 67) failed
[  170.946559][T10804] FAT-fs (loop4): Directory bread(block 68) failed
[  170.968598][T10804] FAT-fs (loop4): Directory bread(block 69) failed
[  170.986368][T10739] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  170.995700][T10804] FAT-fs (loop4): Directory bread(block 70) failed
[  171.019610][T10804] FAT-fs (loop4): Directory bread(block 71) failed
[  171.023588][T10739] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  171.034102][T10804] FAT-fs (loop4): Directory bread(block 72) failed
[  171.065432][T10804] FAT-fs (loop4): Directory bread(block 73) failed
[  171.112069][T10828] loop1: detected capacity change from 0 to 1024
[  171.187065][T10828] hfsplus: keylen 65060 too large
[  171.220979][T10828] hfsplus: xattr search failed
[  171.452604][T10845] netlink: 256 bytes leftover after parsing attributes in process `syz.4.2037'.
[  171.736846][T10860] net veth1_virt_wifi ������: renamed from virt_wifi0
[  171.865729][T10870] loop0: detected capacity change from 0 to 1024
[  171.882572][T10871] netlink: 'syz.3.2051': attribute type 2 has an invalid length.
[  171.892788][T10870] fuse: Bad value for 'fd'
[  171.927778][T10871] netlink: 'syz.3.2051': attribute type 1 has an invalid length.
[  172.038082][ T2962] hfsplus: b-tree write err: -5, ino 4
[  172.472849][ T5921] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  172.480632][T10910] netlink: 'syz.0.2066': attribute type 5 has an invalid length.
[  172.633048][ T5921] usb 5-1: config 0 has an invalid interface number: 50 but max is 0
[  172.658690][ T5921] usb 5-1: config 0 has no interface number 0
[  172.687353][ T5921] usb 5-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  172.734091][ T5921] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[  172.774293][ T5921] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  172.796033][ T5921] usb 5-1: Product: syz
[  172.800351][ T5921] usb 5-1: Manufacturer: syz
[  172.840779][ T5921] usb 5-1: SerialNumber: syz
[  172.859527][ T5921] usb 5-1: config 0 descriptor??
[  172.884453][ T5921] yurex 5-1:0.50: USB YUREX device now attached to Yurex #0
[  172.932214][T10936] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2076'.
[  172.954004][T10890] loop1: detected capacity change from 0 to 32768
[  172.965669][T10936] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  173.013967][T10890] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  173.093554][T10890] XFS (loop1): Ending clean mount
[  173.100966][T10890] XFS (loop1): Quotacheck needed: Please wait.
[  173.110622][T10951] netlink: 148 bytes leftover after parsing attributes in process `syz.2.2078'.
[  173.180386][T10951] netlink: 148 bytes leftover after parsing attributes in process `syz.2.2078'.
[  173.196374][T10954] binder: Bad value for 'stats'
[  173.202959][T10890] XFS (loop1): Quotacheck: Done.
[  173.331882][T10959] comedi comedi0: comedi_test: 236 microvolt, 100000 microsecond waveform attached
[  173.385492][ T5859] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  173.399439][ T5921] usb 5-1: USB disconnect, device number 6
[  173.415859][ T5921] yurex 5-1:0.50: USB YUREX #0 now disconnected
[  173.599969][T10971] loop0: detected capacity change from 0 to 2048
[  173.639555][T10971] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  173.976306][T10996] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2095'.
[  174.511431][T11034] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2112'.
[  175.626924][T11121] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2142'.
[  175.698533][T11123] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2144'.
[  175.735193][T11123] netlink: 88 bytes leftover after parsing attributes in process `syz.3.2144'.
[  175.797322][T11133] loop2: detected capacity change from 0 to 256
[  175.891406][T11133] FAT-fs (loop2): Directory bread(block 64) failed
[  175.911321][T11133] FAT-fs (loop2): Directory bread(block 65) failed
[  175.950891][T11133] FAT-fs (loop2): Directory bread(block 66) failed
[  175.981242][T11133] FAT-fs (loop2): Directory bread(block 67) failed
[  175.987901][T11133] FAT-fs (loop2): Directory bread(block 68) failed
[  176.034585][T11133] FAT-fs (loop2): Directory bread(block 69) failed
[  176.074834][T11133] FAT-fs (loop2): Directory bread(block 70) failed
[  176.107296][T11133] FAT-fs (loop2): Directory bread(block 71) failed
[  176.133227][T11133] FAT-fs (loop2): Directory bread(block 72) failed
[  176.153859][T11133] FAT-fs (loop2): Directory bread(block 73) failed
[  176.215886][T11160] loop1: detected capacity change from 0 to 16
[  176.265277][T11160] erofs (device loop1): mounted with root inode @ nid 36.
[  176.322674][T11160] erofs (device loop1): bogus lookback distance 1388 @ lcn 42 of nid 36
[  176.361025][T11160] erofs (device loop1): failed to decompress -38 in[60, 4036] out[1851]
[  176.397278][T11160] erofs (device loop1): read error -117 @ 43 of nid 36
[  176.529731][T11176] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2164'.
[  176.544445][T11179] loop4: detected capacity change from 0 to 128
[  176.579398][   T10] usb 1-1: new full-speed USB device number 11 using dummy_hcd
[  176.596467][T11179] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  176.795235][   T10] usb 1-1: config 5 has an invalid interface number: 123 but max is 0
[  176.845259][   T10] usb 1-1: config 5 has no interface number 0
[  176.893536][   T10] usb 1-1: config 5 interface 123 altsetting 7 has an endpoint descriptor with address 0xEB, changing to 0x8B
[  176.963864][T11205] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2174'.
[  176.968443][   T10] usb 1-1: config 5 interface 123 altsetting 7 endpoint 0x4 has invalid wMaxPacketSize 0
[  176.982255][T11205] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  177.031177][   T10] usb 1-1: config 5 interface 123 has no altsetting 0
[  177.083710][   T10] usb 1-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[  177.108614][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.139184][   T10] usb 1-1: Product: syz
[  177.143416][   T10] usb 1-1: Manufacturer: syz
[  177.166876][   T10] usb 1-1: SerialNumber: syz
[  177.422238][   T10] ni6501 1-1:5.123: driver 'ni6501' failed to auto-configure device.
[  177.486412][   T10] usb 1-1: USB disconnect, device number 11
[  177.543277][T11233] loop2: detected capacity change from 0 to 256
[  177.578726][T11233] FAT-fs (loop2): Directory bread(block 1285) failed
[  177.642540][T11233] FAT-fs (loop2): Directory bread(block 1285) failed
[  177.676610][T11233] FAT-fs (loop2): Directory bread(block 1285) failed
[  177.699727][T11233] FAT-fs (loop2): Directory bread(block 1285) failed
[  177.793327][T11245] loop3: detected capacity change from 0 to 256
[  177.887782][T11245] exFAT-fs (loop3): failed to load upcase table (idx : 0x0001034b, chksum : 0x6322ccb6, utbl_chksum : 0xe619d30d)
[  177.941073][T11219] loop1: detected capacity change from 0 to 32768
[  177.986848][T11219] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2180 (11219)
[  178.067757][T11257] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2194'.
[  178.086135][T11219] BTRFS info (device loop1): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  178.137322][T11219] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  178.180861][T11219] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  178.269988][T11265] openvswitch: netlink: Key 22 has unexpected len 2 expected 4
[  178.435186][T11219] BTRFS info (device loop1): rebuilding free space tree
[  178.491727][T11288] loop2: detected capacity change from 0 to 256
[  178.517276][T11219] BTRFS info (device loop1): disabling free space tree
[  178.530333][T11238] loop4: detected capacity change from 0 to 32768
[  178.542358][T11219] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  178.548213][T11238] 
[  178.548213][T11238]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  178.548213][T11238] 
[  178.594049][T11219] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  178.643561][T11238] 
[  178.643561][T11238]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  178.643561][T11238] 
[  178.660609][T11288] FAT-fs (loop2): Directory bread(block 64) failed
[  178.667821][T11219] BTRFS info (device loop1): enabling ssd optimizations
[  178.694833][T11288] FAT-fs (loop2): Directory bread(block 65) failed
[  178.696466][T11219] BTRFS info (device loop1): enabling disk space caching
[  178.701544][T11238] 
[  178.701544][T11238]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  178.701544][T11238] 
[  178.733721][T11219] BTRFS info (device loop1): force clearing of disk cache
[  178.736358][T11288] FAT-fs (loop2): Directory bread(block 66) failed
[  178.766401][T11219] BTRFS info (device loop1): use zstd compression, level 3
[  178.774537][T11238] 
[  178.774537][T11238]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  178.774537][T11238] 
[  178.793929][T11288] FAT-fs (loop2): Directory bread(block 67) failed
[  178.815351][T11288] FAT-fs (loop2): Directory bread(block 68) failed
[  178.822034][T11288] FAT-fs (loop2): Directory bread(block 69) failed
[  178.833469][T11238] 
[  178.833469][T11238]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  178.833469][T11238] 
[  178.890396][T11288] FAT-fs (loop2): Directory bread(block 70) failed
[  178.906205][T11238] 
[  178.906205][T11238]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  178.906205][T11238] 
[  178.926419][T11288] FAT-fs (loop2): Directory bread(block 71) failed
[  178.933098][T11288] FAT-fs (loop2): Directory bread(block 72) failed
[  178.960306][T11288] FAT-fs (loop2): Directory bread(block 73) failed
[  178.970340][T11260] loop3: detected capacity change from 0 to 32768
[  178.983429][ T5859] BTRFS info (device loop1): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  179.027187][ T2962] 
[  179.027187][ T2962]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  179.027187][ T2962] 
[  179.064929][T11260] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  179.089487][ T2962] 
[  179.089487][ T2962]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  179.089487][ T2962] 
[  179.101825][   T30] audit: type=1800 audit(1755562358.240:59): pid=11288 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2199" name="file1" dev="loop2" ino=1048638 res=0 errno=0
[  179.152971][ T5871] 
[  179.152971][ T5871]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  179.152971][ T5871] 
[  179.163914][ T5871] 
[  179.163914][ T5871]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  179.163914][ T5871] 
[  179.209737][  T114] ==================================================================
[  179.217885][  T114] BUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x23d/0x290
[  179.225727][  T114] Read of size 4 at addr ffff8880277ec0c4 by task jfsCommit/114
[  179.233380][  T114] 
[  179.235719][  T114] CPU: 1 UID: 0 PID: 114 Comm: jfsCommit Not tainted 6.17.0-rc2-next-20250818-syzkaller #0 PREEMPT(full) 
[  179.235740][  T114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  179.235751][  T114] Call Trace:
[  179.235758][  T114]  <TASK>
[  179.235765][  T114]  dump_stack_lvl+0x189/0x250
[  179.235791][  T114]  ? __pfx_dump_stack_lvl+0x10/0x10
[  179.235812][  T114]  ? lock_release+0x4b/0x3e0
[  179.235840][  T114]  ? __virt_addr_valid+0x4a5/0x5c0
[  179.235862][  T114]  print_report+0xca/0x240
[  179.235878][  T114]  ? do_raw_spin_lock+0x23d/0x290
[  179.235898][  T114]  kasan_report+0x118/0x150
[  179.235923][  T114]  ? do_raw_spin_lock+0x23d/0x290
[  179.235946][  T114]  do_raw_spin_lock+0x23d/0x290
[  179.235967][  T114]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  179.235991][  T114]  _raw_spin_lock_irqsave+0xb3/0xf0
[  179.236017][  T114]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  179.236044][  T114]  ? schedule+0x16f/0x360
[  179.236058][  T114]  ? __mutex_lock+0x37a/0x1350
[  179.236075][  T114]  __mutex_lock+0x3d1/0x1350
[  179.236093][  T114]  ? do_raw_spin_lock+0x121/0x290
[  179.236114][  T114]  ? rcu_is_watching+0x15/0xb0
[  179.236131][  T114]  ? jfs_syncpt+0x25/0x90
[  179.236145][  T114]  ? rcu_is_watching+0x15/0xb0
[  179.236162][  T114]  ? __pfx___mutex_lock+0x10/0x10
[  179.236178][  T114]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  179.236204][  T114]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  179.236232][  T114]  ? rcu_is_watching+0x15/0xb0
[  179.236251][  T114]  jfs_syncpt+0x25/0x90
[  179.236266][  T114]  txEnd+0x2e5/0x530
[  179.236283][  T114]  jfs_lazycommit+0x5ba/0xa90
[  179.236304][  T114]  ? __pfx_jfs_lazycommit+0x10/0x10
[  179.236322][  T114]  ? __pfx_default_wake_function+0x10/0x10
[  179.236347][  T114]  ? __kthread_parkme+0x7b/0x200
[  179.236365][  T114]  ? __kthread_parkme+0x1a1/0x200
[  179.236384][  T114]  kthread+0x711/0x8a0
[  179.236405][  T114]  ? __pfx_jfs_lazycommit+0x10/0x10
[  179.236423][  T114]  ? __pfx_kthread+0x10/0x10
[  179.236445][  T114]  ? _raw_spin_unlock_irq+0x23/0x50
[  179.236470][  T114]  ? lockdep_hardirqs_on+0x9c/0x150
[  179.236486][  T114]  ? __pfx_kthread+0x10/0x10
[  179.236507][  T114]  ret_from_fork+0x3f9/0x770
[  179.236525][  T114]  ? __pfx_ret_from_fork+0x10/0x10
[  179.236543][  T114]  ? __switch_to_asm+0x39/0x70
[  179.236564][  T114]  ? __switch_to_asm+0x33/0x70
[  179.236585][  T114]  ? __pfx_kthread+0x10/0x10
[  179.236604][  T114]  ret_from_fork_asm+0x1a/0x30
[  179.236633][  T114]  </TASK>
[  179.236638][  T114] 
[  179.475387][  T114] Allocated by task 11238:
[  179.479813][  T114]  kasan_save_track+0x3e/0x80
[  179.484504][  T114]  __kasan_kmalloc+0x93/0xb0
[  179.489106][  T114]  __kmalloc_cache_noprof+0x230/0x3d0
[  179.494492][  T114]  lmLogOpen+0x2d1/0xfb0
[  179.498857][  T114]  jfs_mount_rw+0xe9/0x670
[  179.503294][  T114]  jfs_fill_super+0x754/0xd80
[  179.507999][  T114]  get_tree_bdev_flags+0x40e/0x4d0
[  179.513133][  T114]  vfs_get_tree+0x92/0x2b0
[  179.517569][  T114]  do_new_mount+0x2a2/0xa30
[  179.522088][  T114]  __se_sys_mount+0x317/0x410
[  179.526776][  T114]  do_syscall_64+0xfa/0x3b0
[  179.531290][  T114]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.537301][  T114] 
[  179.539672][  T114] Freed by task 5871:
[  179.543667][  T114]  kasan_save_track+0x3e/0x80
[  179.548353][  T114]  kasan_save_free_info+0x46/0x50
[  179.553394][  T114]  __kasan_slab_free+0x5b/0x80
[  179.558176][  T114]  kfree+0x18e/0x440
[  179.562084][  T114]  lmLogClose+0x297/0x520
[  179.566422][  T114]  jfs_umount+0x2ef/0x3c0
[  179.570754][  T114]  jfs_put_super+0x8c/0x190
[  179.575293][  T114]  generic_shutdown_super+0x135/0x2c0
[  179.580761][  T114]  kill_block_super+0x44/0x90
[  179.585451][  T114]  deactivate_locked_super+0xb9/0x130
[  179.590855][  T114]  cleanup_mnt+0x425/0x4c0
[  179.595283][  T114]  task_work_run+0x1d4/0x260
[  179.599890][  T114]  exit_to_user_mode_loop+0xec/0x130
[  179.605189][  T114]  do_syscall_64+0x2bd/0x3b0
[  179.609874][  T114]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.616051][  T114] 
[  179.618553][  T114] The buggy address belongs to the object at ffff8880277ec000
[  179.618553][  T114]  which belongs to the cache kmalloc-1k of size 1024
[  179.633072][  T114] The buggy address is located 196 bytes inside of
[  179.633072][  T114]  freed 1024-byte region [ffff8880277ec000, ffff8880277ec400)
[  179.646975][  T114] 
[  179.649316][  T114] The buggy address belongs to the physical page:
[  179.655886][  T114] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880277eb000 pfn:0x277e8
[  179.665979][  T114] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  179.674495][  T114] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  179.683020][  T114] page_type: f5(slab)
[  179.687009][  T114] raw: 00fff00000000240 ffff88801a841dc0 ffffea0001fd8c10 ffffea0000c3be10
[  179.695600][  T114] raw: ffff8880277eb000 000000000010000a 00000000f5000000 0000000000000000
[  179.704199][  T114] head: 00fff00000000240 ffff88801a841dc0 ffffea0001fd8c10 ffffea0000c3be10
[  179.712876][  T114] head: ffff8880277eb000 000000000010000a 00000000f5000000 0000000000000000
[  179.721550][  T114] head: 00fff00000000003 ffffea00009dfa01 00000000ffffffff 00000000ffffffff
[  179.730223][  T114] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  179.738900][  T114] page dumped because: kasan: bad access detected
[  179.745331][  T114] page_owner tracks the page as allocated
[  179.751050][  T114] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 2962, tgid 2962 (kworker/u8:7), ts 84397810866, free_ts 84131155024
[  179.770337][  T114]  post_alloc_hook+0x240/0x2a0
[  179.775125][  T114]  get_page_from_freelist+0x21e4/0x22c0
[  179.780672][  T114]  __alloc_frozen_pages_noprof+0x181/0x370
[  179.786518][  T114]  alloc_pages_mpol+0x232/0x4a0
[  179.791467][  T114]  allocate_slab+0x8a/0x370
[  179.796048][  T114]  ___slab_alloc+0xbeb/0x1410
[  179.800725][  T114]  __kmalloc_noprof+0x305/0x4f0
[  179.805587][  T114]  ieee802_11_parse_elems_full+0x152/0x2ab0
[  179.811502][  T114]  ieee80211_inform_bss+0x10c/0x10a0
[  179.816797][  T114]  cfg80211_inform_single_bss_data+0xd05/0x1ac0
[  179.823051][  T114]  cfg80211_inform_bss_data+0x1fb/0x3b30
[  179.828903][  T114]  cfg80211_inform_bss_frame_data+0x3d7/0x730
[  179.834986][  T114]  ieee80211_bss_info_update+0x746/0x9e0
[  179.840656][  T114]  ieee80211_ibss_rx_queued_mgmt+0xa36/0x2ae0
[  179.846733][  T114]  ieee80211_iface_work+0x85f/0x12d0
[  179.852024][  T114]  cfg80211_wiphy_work+0x2bb/0x470
[  179.857138][  T114] page last free pid 5869 tgid 5869 stack trace:
[  179.863569][  T114]  __free_frozen_pages+0xbc4/0xd30
[  179.868699][  T114]  __put_partials+0x156/0x1a0
[  179.873379][  T114]  put_cpu_partial+0x17c/0x250
[  179.878144][  T114]  __slab_free+0x2d5/0x3c0
[  179.882561][  T114]  qlist_free_all+0x97/0x140
[  179.887158][  T114]  kasan_quarantine_reduce+0x148/0x160
[  179.892628][  T114]  __kasan_slab_alloc+0x22/0x80
[  179.897487][  T114]  __kmalloc_node_noprof+0x21b/0x4e0
[  179.902775][  T114]  allocate_slab+0x16a/0x370
[  179.907371][  T114]  ___slab_alloc+0xbeb/0x1410
[  179.912072][  T114]  __kvmalloc_node_noprof+0x41e/0x5e0
[  179.917453][  T114]  seq_read_iter+0x202/0xe20
[  179.922051][  T114]  vfs_read+0x557/0xa30
[  179.926212][  T114]  ksys_read+0x145/0x250
[  179.930459][  T114]  do_syscall_64+0xfa/0x3b0
[  179.934963][  T114]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.940861][  T114] 
[  179.943187][  T114] Memory state around the buggy address:
[  179.948832][  T114]  ffff8880277ebf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  179.956894][  T114]  ffff8880277ec000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  179.964959][  T114] >ffff8880277ec080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  179.973104][  T114]                                            ^
[  179.979285][  T114]  ffff8880277ec100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  179.987364][  T114]  ffff8880277ec180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  179.995432][  T114] ==================================================================
[  180.003507][  T114] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  180.010791][  T114] CPU: 1 UID: 0 PID: 114 Comm: jfsCommit Not tainted 6.17.0-rc2-next-20250818-syzkaller #0 PREEMPT(full) 
[  180.022077][  T114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  180.032221][  T114] Call Trace:
[  180.035531][  T114]  <TASK>
[  180.038485][  T114]  dump_stack_lvl+0x99/0x250
[  180.043089][  T114]  ? __asan_memcpy+0x40/0x70
[  180.047683][  T114]  ? __pfx_dump_stack_lvl+0x10/0x10
[  180.052898][  T114]  ? __pfx__printk+0x10/0x10
[  180.057509][  T114]  vpanic+0x281/0x750
[  180.061582][  T114]  ? __pfx_print_hex_dump+0x10/0x10
[  180.066805][  T114]  ? __pfx_vpanic+0x10/0x10
[  180.071317][  T114]  panic+0xb9/0xc0
[  180.075050][  T114]  ? __pfx_panic+0x10/0x10
[  180.079478][  T114]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  180.085393][  T114]  ? do_raw_spin_lock+0x23d/0x290
[  180.090437][  T114]  check_panic_on_warn+0x89/0xb0
[  180.095425][  T114]  ? do_raw_spin_lock+0x23d/0x290
[  180.100456][  T114]  end_report+0x78/0x160
[  180.104709][  T114]  kasan_report+0x129/0x150
[  180.109411][  T114]  ? do_raw_spin_lock+0x23d/0x290
[  180.114444][  T114]  do_raw_spin_lock+0x23d/0x290
[  180.119307][  T114]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  180.124694][  T114]  _raw_spin_lock_irqsave+0xb3/0xf0
[  180.129909][  T114]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  180.135817][  T114]  ? schedule+0x16f/0x360
[  180.140168][  T114]  ? __mutex_lock+0x37a/0x1350
[  180.144953][  T114]  __mutex_lock+0x3d1/0x1350
[  180.149572][  T114]  ? do_raw_spin_lock+0x121/0x290
[  180.154631][  T114]  ? rcu_is_watching+0x15/0xb0
[  180.159418][  T114]  ? jfs_syncpt+0x25/0x90
[  180.163768][  T114]  ? rcu_is_watching+0x15/0xb0
[  180.168562][  T114]  ? __pfx___mutex_lock+0x10/0x10
[  180.173610][  T114]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  180.179531][  T114]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  180.185883][  T114]  ? rcu_is_watching+0x15/0xb0
[  180.190696][  T114]  jfs_syncpt+0x25/0x90
[  180.194857][  T114]  txEnd+0x2e5/0x530
[  180.198757][  T114]  jfs_lazycommit+0x5ba/0xa90
[  180.203531][  T114]  ? __pfx_jfs_lazycommit+0x10/0x10
[  180.208738][  T114]  ? __pfx_default_wake_function+0x10/0x10
[  180.214644][  T114]  ? __kthread_parkme+0x7b/0x200
[  180.219596][  T114]  ? __kthread_parkme+0x1a1/0x200
[  180.224639][  T114]  kthread+0x711/0x8a0
[  180.228725][  T114]  ? __pfx_jfs_lazycommit+0x10/0x10
[  180.233940][  T114]  ? __pfx_kthread+0x10/0x10
[  180.238540][  T114]  ? _raw_spin_unlock_irq+0x23/0x50
[  180.243842][  T114]  ? lockdep_hardirqs_on+0x9c/0x150
[  180.249485][  T114]  ? __pfx_kthread+0x10/0x10
[  180.254170][  T114]  ret_from_fork+0x3f9/0x770
[  180.258771][  T114]  ? __pfx_ret_from_fork+0x10/0x10
[  180.264002][  T114]  ? __switch_to_asm+0x39/0x70
[  180.268779][  T114]  ? __switch_to_asm+0x33/0x70
[  180.273575][  T114]  ? __pfx_kthread+0x10/0x10
[  180.278187][  T114]  ret_from_fork_asm+0x1a/0x30
[  180.283001][  T114]  </TASK>
[  180.286335][  T114] Kernel Offset: disabled
[  180.290753][  T114] Rebooting in 86400 seconds..