last executing test programs:

27.717397441s ago: executing program 3 (id=707):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x55c, &(0x7f0000001040)="$eJzs3c1vG2kZAPBnJh92u91mC3uAFdCCFgqqajfubrXay7YXEFqthFhxQBy6IXGjqHZdamfZhEpk/4ZFAokT/AkckDgg7YkDN45IHBDSckAqEIEaJJCMZux8NHGIiR17E/9+0mQ+Xs88z9tkPK/fcecNYGJdiYiNiJiNiHciYq67PelOcbszZa97uvl4cWvz8WIS7fbbf0vy8mxbvkNh95jPdY9ZjIhvfi3iu8nBuM219fsLtVr1UXe93Ko/LDfX1q+v1BeWq8vVB5XKrflbN167+WplaHW9XP/Fk6+uvPmtX//qsx/9buMrP8jSutAt26nHkHWqPrMTJzMdEW+eRLAxmOrOZ8ecB8eTRsQnIuIL+fk/F1P5XycAcJa123PRntu7DgCcdWneB5akpYhI024joNTpw3sxzqe1RrN17V5j9cFSp6/shZhJ763UqjcuFf7wvfzFM0m2Pp+X5eX5emXf+s2IuBQRPyqcy9dLi43a0niaPAAw8Z7be/2PiH8W0rRU6mvXHnf1AIBTo3jsPX1ZAABOq+Nf/wGA02rf9f/cuPIAAEanj8//3Zv9GyeeCwAwGv9f///FE8sDABgd9/8BYPK4/gPARPnGW29lU3ur+/zrpXfXVu833r2+VG3eL9VXF0uLjUcPS8uNxnL+zJ76UcerNRoP51+J1ffKrWqzVW6urd+tN1YftO7mz/W+W50ZSa0AgP/l0uUPf59ExMbr5/Ip9ozl4FoNZ1s67gSAsZkaZGcNBDjVPMALJldfl/C8kfDbE88FGI+eD/Mu9lx81k86sw/6CeJ7RvCxcvXT/ff/G+MZzhb9/zC5jtf//8bQ8wBGT/8/TK52O9k/5v/sThEAcCYN8BW+9g+H1QgBxuqowbyPuv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAk+jC7exnkpbyscDT7GdaKkU8HxEvxExyb6VWvRERF+NyRMwUsvX5cScNAAwo/UvSHf/r6tzLF/aXzib/KuTziPj+T9/+8XsLrdaj+Wz733e2F7aHD6vs7jfAuIIAwJDl1+9Kd77ng/zTzceL29Mo83lyJ/7THYp4cWvzcT51SqYj2xhRzNsS5/+RxHR3n2JEvBQRU0OIv/F+RHyqV/2TuJD3gXRGPt0bP7qxnx9p/PSZ+Gle1plnja9PDiEXmDQf3omI273OvzSu5PPe538xf4ca3JM7nYNtv/dt7Yk/3Y001SN+ds5f6TfGK7/5+oGN7blO2fsRL033ip/sxE8Oif9yn/H/+JnPffDGIWXtn0Vcjd7x98Yqt+oPy8219esr9YXl6nL1QaVya/7Wjdduvlop533U5e2e6oP++vq1i4flltX//CHxiz3rP7uz7xf7rP/P//3Odz6/u1rYH//L21v2/f5f7Bm/I7smfqnP+Avnf3no8N1Z/KVD6n/U7/9an/E/+vP6Up8vBQBGoLm2fn+hVqs+Gmgh+xQ6jOMcWMhS7O/F283FwYL+KU6iFsdcmDmpf9VjLxT7zGd6p6043DS+nR2xR1Ha5x/JcRbSoddioIWno4o1vvckYDR2T/pxZwIAAAAAAAAAAAAAABxmFP91adx1BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Oz6bwAAAP//yxbH0Q==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x18)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents(r1, 0x0, 0x0)
fchown(r0, 0x0, 0x0)

27.369257204s ago: executing program 3 (id=710):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x20085e, &(0x7f0000000100), 0x1, 0x502, &(0x7f0000000a00)="$eJzs3c9vI1cdAPCvnV9OmjZp6QEQokspLGi1TuJto6oHKCeEUCVEjyBtQ+KNothxFDulCXvY/g9IVOIER/4Azj3xJyC4cYEDEj8iULMSSFPNeLzrzdob7yaxs/HnI41m3ryxv+/t7rzn+W7iF8DYuhYR9yJiOiI+iIiF/Hwh3+Ld9pZe99nR3fXjo7vrhUiS9/9VyOrTc9H1mtQL+XuWIuLH34/4WeHxuM2Dw+21Wq261y7OLrXqu0vNg8ObW/W1zepmdadSWV1ZXX771luVc+vra/Xp9sFE2sBv/yJt1nxe192Pc/T/JDP1IE5qMiJ+eAHBRmEi78/0qBvCMylGxCsR8Xp2/y/ERPa3CQBcZUmyEMlCdxkAuOqKWQ6sUCznuYD5KBbL5XYO79WYK9YazdaNO439nY12rmwxpop3tmrV5TxXuBhThbS8kh0/LFdOlG9FxMsR8cuZ2axcXm/UNkb5wQcAxtgLJ+b//860538A4IorjboBAMDQmf8BYPyY/wFg/Jj/AWD8mP8BYPyY/wFg/Jj/AWCs/Oi999ItOc6//3rjw4P97caHNzeqze1yfX+9vN7Y2y1vNhqb2Xf21E97v1qjsbvyZux/tPid3WZrqXlweLve2N9p3c6+1/t2dWoovQIAnuTl1z79cyEi7r0zm23RtZaDuRqutuJZXjx7fu0Ahm9i1A0ARsZqXzC+zvCMLz0AV0SPJXofUXrkcT+/OkmS5GKbBVyg61+S/4dx1ZX/91PAMGbk/2F8DZr/Py0/ADx/kqQw6Jr/MeiFAMDlJscP9Hm+fyXf/y7/z4Gfbpy84pOLbBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcbp31f8v5WuDzUSyWyxEvRsRiTBXubNWqyxHxUkT8aWZqJi2vjLjNAMBZFf9eyNf/ur7wxvzJ2unC/ZlsHxE///X7v/pordXa+2N6/t8Pzrc+yc9XRtF+AOA0nXk623c9yH92dHe9sw2zPf/4XkSU2vGPj6bj+EH8yZjM9qWYioi5/xTycluhK3dxFvc+jogv9up/IeazHEh75dOT8dPYLw41fvGR+MWsrr1P/yy+8NSRk4VzaD481z5Nx593e91/xbiW7Xvf/6VshDq7fPxL32r9OBsDH8bvjH8Tfca/a4PGePMPP2gfzT5e93HElycjOrGPu8afTvxCn/hvDBj/L1/56uv96pLfRFyP3vG7Yy216rtLzYPDm1v1tc3qZnWnUlldWV1++9ZblaUsR73Ufzb45zs3XupXl/Z/rk/80in9/8aA/f/t/z74ydeeEP9bX+8VvxivPiF+Oid+c8D4a3O/L/WrS+Nv9Ox/R//+3xgw/l//dvjYsuEAwOg0Dw6312q16t4wDzofJIYa1MEVOEj/1VyCZvQ8+O6wYk3HU70qSZ4pVr8R4zyybsBl0L7Xk+peRNwfdWMAAAAAAAAAAAAAAICehvEbS6PuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFfX5wEAAP//90HVog==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x187842, 0x3)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000080)={0x3920e, r0, 0x0, 0x0, 0x2, 0x1e67b6d3})

26.954321586s ago: executing program 3 (id=713):
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet_sctp(0x2, 0x5, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x5, 0xb, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000040900010073797a30000000002c000000030a01080000000000000000010000000900030073797a32000000000900010073797a300000000050000000060a010400000000000000000100000008000b40000000000900010073797a30000000002800048024000180090001006d6574610000000014000280080001400000001208000240000000", @ANYRES16=r0], 0xc4}}, 0x0)

26.873421337s ago: executing program 3 (id=715):
socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$jfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x210004, &(0x7f00000000c0)=ANY=[@ANYBLOB='noquota,errors=continue,nodiscard,uid=', @ANYRESHEX=0x0, @ANYBLOB="00020000000000006f636861727365743d69736f383835392d392c75737271756f74612c75737271756f74612c6769643d", @ANYRESHEX=0x0, @ANYBLOB=',\x00'], 0x3, 0x62b5, &(0x7f00000069c0)="$eJzs3UuPHFfZB/Cn+jYXv3GsLKK8FkKTxFxCiK/BGAIkWcCCDQvkLbI1mUQWDiDbICey8ESzYcGHACGxRIglKz5AFmzZ8QGwZCOBskqhmjlnXNPpdo/Hma4en99Pmql6+lRNn/K/qy+uqj4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMQPf/Djc1VEXPlVuuFExP9FP6IXsdLUaxGxsnYiLz+IiBdiuzmej4jhUkSz/vavZyNej4iPj0fcf3Bnvbn5/D778f0//+MPPzn2o7//aXjmv3+51X9j2nK3b//2P3+9+2TbDAAAAKWp67qu0sf8k+nzfa/rTgEAc5Ff/+sk365euHpzwfqjVqvV6iNYt9WT3W0XEbHZXqd5z+BwPAAcMZvxSdddoEPyL9ogIo513QlgoVVdd4BDcf/BnfUq5Vu1Xw/WdtrzuSB78t+sdq/vmDadZfwck3k9vraiH89N6c/KnPqwSHL+vfH8r+y0j9Jyh53/vEzLf7Rz6VNxcv798fzHpPyXt38f6fx7E/MvVc5/sL/8d2z25Q8AAAAAAAss////iY6P/y4dpPMHOIjwqOO/awfpAwAAAAAAAAAsgCcd/2+X8f8AAABgYTWf1Ru/O/7wtmnfxdbcfrmKeGZseaAw6WKZ1a77AQAAAAAAAAAAAAAlGeycw3u5ihhGxDOrq3VdNz9t4/XjetL1j7rStx9K1vWTPAAA7Pj4+Ni1/FXEckRcTt/1N1xdXa3r5ZXVerVeWcrvZ0dLy/VK63Ntnja3LY328YZ4MKqbP7bcWq9t1uflWe3jf6+5r1Hd30fH5qPDwAEgInZeje57RXrK1PWz0fW7HI4G+//Tx/7PfnT9OAUAAAAOX13XdZW+zvtkOubf67pTAMBc5Nf/8eMCarVarVarn766rZ7sbruIiM32Os17BsPxA8ARsxmfdN0FOiT/og0i4oWuOwEstKrrDnAo7j+4s16lfKv260Ea3z2fC7In/81qe728/qTpLOPnmMzr8bUV/XhuSn+en1MfFknOvzee/5Wd9lFa7qD5T8u1q3OMpuXfbOeJDvrTtZx/fzz/MYe9/8/LVvQm5l+qnP/gsfLvyx8AAAAAABZY/v//Ewt1/Hd00M2Z6VHHf9cO7V4BAAAAAAAA4HDdf3BnPV/3mo//f2HCcq7/fDrl/Cv5Fynn3xvL/6tjy/Vb8/fefpj/vx/cWf/jrX/9f57uN/+lPFOlR1aVHhFVuqdqkKZPsnWftTXsj5p7Gla9fnMPa7t//3psxNk9y/bSv0c9fDeubbef29Pe9HS43V73d9rP72kf7Lbn9S/saR+mM53qldx+Otbj53E93tlub9qWZmz/8oz2ekZ7zr9v/y9Szn/Q+mnyX03t1di0ce+j3mf2+/Z00v28de2Lvzl7+Jsz01b0d7etrdm+lzroz/a/ybFR/PLmxo3Tt6/eunXjXKTJnlvPR5p8znL+w/Sz+/z/8k57ft5v76/3Pho9dv6LYisGU/N/uTXfbO8rc+5bF3L+o/ST838ntU/e/49y/tP3/1c76A8AAAAAAAAAAAAAAAA8Sl3X25eIvhURF9P1P11dmwkAzFd+/a+TfPu86v6c70+tPuJ1tWD9mWv9ab1Y/VGrj2LdVk/2ZruIiL+112neM/x60h8DABbZpxHxz647QWfkX7D8fX/N9NSeb/kFnnY3P/jwp1evX9+4cbPrngAAAAAAAAAAB5XH/1xrjf98qq7ru2PL7Rn/9e1Ye9LxPwd5ZneA0SkDVX/OpyRt9Ub9Xmu48RejPT53e4Ti4e7co8b/Hsy4v+GM9tGM9qUZ7csz2ide6NGS83+xNd75qYg4OTb8egnjv46PeV+CnP9Lrcdzk/9XxpZr51///ijn39uT/5lb7//izM0PPnzt2vtX39t4b+NnF86dO3vh4sVLly6deffa9Y2zO7877PHhyvnnsa9z/pQh558zl39Zcv5fSrX8y5Lz/3Kq5V+WnH9+vyf/suT882cf+Zcl5/9KquVflpz/11It/7Lk/F9NtfzLkvP/eqrlX5ac/2upln9Zcv6nUy3/suT8z6R6n/mvHHa/mI+cfz7CZf8vS84/n9kg/7Lk/M+nWv5lyflfSLX8y5Lzfz3V8i9Lzv8bqZZ/WXL+F1Mt/7Lk/L+ZavmXJed/KdXyL0vO/1upln9Zcv7fTrX8y5LzfyPV8i9Lzv87qZZ/WXL+3021/MuS8/9equVflpz/m6mWf1kefv//os7kS+wXpT9mzJQw0/UzEwAAAAAAAAAAAAAwbh6nE3e9jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwP3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhb27jZHjru8APvfoswOJgZA6qSEXx4SQOLmznfiBNsWEx4anEgiFPmC7vrM5cGzHZ5dAI9lRoETCqAjRNrxoCwi1kaoKq+IFrQDlBWpVqRK0L+gbRIWK1KgKKCBVaivIVTvz//9vd29u9863d96d+Xwk++fbnZ35z+x/5/Z35+8OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS75Q2znxrKsqzxJ/9ra5a9qPHvzZNb89tee7VHCAAAAKzVL/K/n78u3XBoBQ9qWuYfX/mdry0sLCxk7x/547HPLyykOyazbGxTluX3RZd/+IGh5mWCJ7KJoeGmr4e7bH6ky/2jXe4f63L/eJf7N3W5f6LL/UsOwBKbi5/H5Cvbmf9za3FIs+uzsfy+nSWPemJo0/Bw/FlObih/zMLY8WwuO5nNZtMtyxfLDuXLf+OWxrbemsVtDTdta3tjhvz0sWNxDEPhGO9s2dbiOqMfvz6b/NlPHzv2l+eeu7Gsdj0MLesrxnn7jsY4PxFuKcY6lG1KxySOc7hpnNtLnpORlnEO5Y9r/Lt9nM+vcJwji8PcUO3P+UQ2nP/7u/lxGm3+sV46TtvDbf9za5ZlFxeH3b7Mkm1lw9mWlluGF5+fiWJGNtbRmEovzUZXNU9vWcE8bdSZna3ztP01EZ//W8LjRpcZQ/PT9OPHx5ue958vXMk8jRp7vdxrpX0O9vq10i9zMM6L7+Y7/WTpHNwZ9v+x25afg6Vzp2QOpv1umoM7us3B4fGRfMzpSRjKH7M4B3e3LD+Sb2kor8/e1nkOTp17+MzU/Mc+ftfcw0dPzJ6YPbV39+7pvfv2HThwYOr43MnZ6eLvKzza/W9LNpxeAzvCsYuvgVe3Lds8VRe+NL7k/Hulr8OJDq/DrW3L9vp1ONq+c0Mb84JcOqeL18Z7Gwd94tJwtsxrLH9+7lj76zDtd9PrcLTpdVj6PaXkdTi6gtdhY5kzd6zsPcto05+yMSz/vWBtc3Br0xxsfz/SPgd7/X6kX+bgRJgX379j+e8F28N4n9y12vcjI0vmYNrdcO5p3JLe708cyEvZvLypccc149n5+dmzdz969Ny5s7uzUDbEy5rmSvt83dK0T9mS+Tq86vl6aO6VT95UcvvWcKwm7mr8NbHsc9VY5p67Oz9X+Xe38uPZcuueLJQe2+jjWfbdvHE8x7PsC99+/MFvPvaFNyx7PBv95iem1v5ePPWlTeffsWXOv7Hvf6HYXlrVEyNjo8XrdyQdnbGW83HrUzWan7uG8m0/P7Wy8/FY+LPR5+PrO5yPt7Ut2+vz8Vj7zsXz8VC3n3asTfvzORHmycnpzufjxjLb9qx2To52PB/fGupQOP6vCZ1C6oua5s5y8zZta3R0LOzXaNxC6zzd27L8WOjNGtt6es+VzdPbby3WNZL2btFGzdPJtmV7PU/Tz76Wm6dD3X76dmXan8+JMC+u39t5njaWeeaetZ87N8d/Np07x7vNwbGR8caYx9IkzM/32cLmOAfvzo5lp7OT2Ux+73g+n4bybe26d2VzcDz82ehz5bYOc/D2tmV7PQfT97Hl5t7Q6NKd74H253MizIun7u08BxvLvHF/b9+73h5uScs0vXdt//nacj/zuqntMK3XXBkN4/z2/s4/m20sc/LAavvMzsfpznDLNSXHqf31u9xraibbmOO0LYzzuQPLH6fGeBrLfP7gCufToSzLLjxyf/7z3vD7lb89/72vtfzepex3Ohceuf8nLz7+D6sZPwCD74WibCm+1zX9Zmolv/8HAAAABkLs+4dDTfT/AAAAUBmx74//KzzR/wMAAEBlxL5/NNSkJv3/tjc+N/fChSwl8xeCeH86DA8Uy8WM63T4enJhUeP2+78y+99/f2Fl2x7OsuznD/xB6fLbHojjKkyGcV5+U+vtS3ztrhVt+8hDF9J2m/PrXwzrj/uz0mlQFsGdzrLsG9d9Jt/O5Acu5fWZB47k9cGLTz7RWOb5g8XX8fHPvqxY/s9C+PfQ8aMtj382HIcfhTr9tvLjER/31Uuv2b7/fYvbi48b2nFtvttPfbBYb/ycnM8+USwfj/Ny4//mp5/+amP5R19VPv4Lw+Xjfzqs9yuh/u8riuWbn4PG1/Fxnwzjb2yvMUPj4+7+8rdKx3/5U8XyZ95cLHck1Lj928PXO9/83Fzz8Xp06GjLfmVvKZaL25/+3h/l98f1xfW3j3/i8KWW49E+P57512I9U23Lx9vjdqK/a9t+Yz3N8zNu/+k/PNJynLtt//KDz76isd727d/ZttyZR+7It7+4vtZPbPrzT36mdHtxPIf+5kzL/hx6d3gdh+0/9cEwH8P9/3e5WF/7pysceXfr+Scu/8WtF1r2J3rrz4rtX37dibxumti85ZoXvfjaizc3jl2WfXdTsb5u2z/xF6dbxv+lG4rjEe+PGf327S8nbv/sR3edOj1/fm4mHdXHrss/O+ftxXjieK8L59b2rw+fPveh2bOT05PTWTZZ3Y/Qu2JfDvUnRbnYeemFJWfQOx4Kz+dNf/qNLbf9y6fj7f/23uL2S28rvm+9Oiz32XD71vD8rW77Sz11yw3563vomTDChaWfF7wW23f+14EVLRj2v/19QZzvZ17+ofw4NO7Lv2/E1/Uax/+DmWI9Xw/HdSF8MvOOGxa317x8/GyES+8pXu9rPn7hNBef178Kz/c7flSsP44r7u8PwvuYb21rPd/F+fH1C8Pt688/xeNiOJ9kF4v741LxeF96/obS4cXPIcku3ph//bm0nhtXtZvLmf/Y/NTJuVPnH506Nzt/bmr+Yx8//PDp86fOHc4/y/Pwh7s9fvH8tCU/P83M7rsny89Wp4uyzq72+M88dGxm//RtM7PHj54/fu6hM7NnTxybnz82OzN/29Hjx2c/2u3xczP37d5zcO/+PbtOzM3cd+Dgwb0Hd82dOt0YRjGoLvZNf2TXqbOH84fM33fPwd333nvP9K6HT8/M3rd/enrX+W6Pz7837Wo8+vd3nZ09efTc3MOzu+bnPj573+6D+/bt6fppgA+fOT4/OXX2/Kmp8/OzZ6eKfZk8l9/c+N7X7fFU0/y/F+9n2w0VH8SXvevOfenzWRu+8viyqyoWafsA0efCZ9H800vOHFjJ17HvHws1qUn/DwAAAHUQ+/7xUBP9PwAAAFRG7Ps3hZro/wEAAKAyYt8/EWpSk/6/cvn/bRdWtH35/8HL/2fy//L/bftzxfn/9/Rb/r84X8j/98Za8/fy/4H8v/y//L/8v/w/PdBv+f/Y92/Oslr2/wAAAFAHse/fEmqi/wcAAIDKiH3/NaEm+n8AAACojNj3vyjUpCb9v/y//L/8v/y//H/59leR/9+UrYD8/8aQ/++s5vn/4a4DkP+fyuqV/7/Yy/HXN/9f9FDy/5Tpt/x/7PtfHGpSk/4fAAAAKuU/y2+Off+1oSb6fwAAAKiM2PdfF2qi/wcAAIDKiH3/1lCTmvT/8v/y//L/8v/y/+Xbd/3/wST/31nN8//dyf+7/r/8v+v/01P9lv+Pff9LQk1q0v8DAABAHcS+/6WhJvp/AAAA6D+jV/aw2Pe/LNRkSf9/hRsAAAAArrrY91+ftQXBa/L7f/l/+X/5f/l/+f/y7a88/z+Syf/3D/n/zuT/u5D/l/+X/5f/p6f6Lf+f9/3ZRPbyUJOa9P8AAABQB7HvvyHURP8PAAAAlRH7/l8KNdH/AwAAQGXEvn9bqElN+n/5/0rm/xtPk/y//P+y269A/j8/WfdP/n9dr/8/GwKb8v8rJP/fmfx/F/L/8v/y//L/9FS/5f9j339jqElN+n8AAACog9j33xRqov8HAACAyoh9/y+Hmuj/AQAAoDJi37891KQm/b/8f5/n/2Ny1PX/5f8X8/+PyP8XapL/d/3/VZL/70z+vwv5f/l/+X/5f3qq3/L/se9/RahJTfp/AAAAqIPY978y1ET/DwAAAJUR+/6bQ030/wAAAFAZse+fDDWpSf8v/9/n+f8ru/6//H+18/+ruv7/zfL/8v81I//fmfx/F/L/8v/y//L/9FS/5f9j339LqElN+n8AAACog9j37wg10f8DAABAZcS+/9ZQE/0/AAAAVEbs+3eGmtSk/5f/l/+X/692/r9s+/L/8v9VJv/fmfx/F/L/8v/y//L/9FS/5f9j3/+qUJOa9P8AAABQB7Hvvy3URP8PAAAAlRH7/leHmuj/AQAAoDJi3397qElN+n/5f/l/+X/5/5rn/y/I/1eL/H9n8v9dyP/3Ij//Dvl/+X/5f6J+y//Hvv81oSY16f8BAACgDmLff0eoif4fAAAAKiP2/XeGmuj/AQAAoDJi378r1KQm/b/8v/y//L/8f83z/67/XzF9kP+fWMv25f/l/yuQ/3f9f/l/+X+Sq5X/z7Ly/H/s++8KNalJ/w8AAAB1EPv+u0NN9P8AAAAwgDaX3hr7/qlQE/0/AAAAVEbs+6dDTWrS/8v/y//L/9c6/39x1fn/mxfXK/9fkP/vL+uW/x/OXP9f/l/+v4tBy/+3/3awP/L/Y/L/VMoV5f+/Wrqqnlz/P/b9u0NNatL/AwAAQB3Evn9PqIn+HwAAACoj9v17Q030/wAAAFAZse+/J9SkJv2//P/G5f9HM/l/+f++y/+7/r/8f+X0wfX/17T9wcv/x12U/5f/H7z8f6/H7/r/8v8sdUX5/3I9yf/Hvv/eUJOa9P8AAABQB7Hv3xdqov8HAACAyoh9//5QE/0/AAAAVEbs+w+EmtSk/5f/d/1/+X/5f/n/8u3L/w8m+f/OXP+/C/l/+X/5f/l/eqrf8v+x7z8YalKT/h8AAADqIPb9rw010f8DAABAZcS+/1dCTfT/AAAAUBmx7//VUJOa9P/y//L/8v/y//L/5duX/x9M8v+dyf93If8v/y//L/9PT/Vb/j/2/feFmtSk/wcAAIA6iH3/r4Wa6P8BAACgMmLf/7pQE/0/AAAAVEbs+w+FmtSk/5f/X2H+f3Pn9cn/t45f/r98fsj/y//L/68/+f/O5P+7kP+X/69g/v9x+X+uon7L/8e+//WhJjXp/wEAAKAOYt9/f6iJ/h8AAAAqI/b9bwg10f8DAABAZcS+/42hJjXp/+X/Xf9f/l/+X/6/fPvy/4NJ/r8z+f8u5P/l/yuY/9+A6/+Phyr/zxIrzf/H91Xrnf+Pff+bQk1q0v8DAABAHcS+/82hJvp/AAAAqIzY978l1ET/DwAAAJUR+/63hprUpP+X/5f/l/+X/5f/L9++/P9gkv/vTP6/C/l/+f8Byf9/r+TxVzH/n3P9f8r02/X/Y9//66EmNen/AQAAoA5i3/9AqIn+HwAAACoj9v1vCzXR/wMAAEBlxL7/7aEmNen/e5f/H5f/byP/L//fPj/k/+X/5f/Xn/x/ZwOW///FteF2+f+C/P86jX/yc8WBH6D8f5nS/P8Pl8v/L2xqf7z8P+uh3/L/se9/R6hJTfp/AAAAqIPY978z1ET/DwAAAJUR+/53hZro/wEAAGDwLRTxgdj3/0aoSU36f9f/b4xjMb28zvn/v5b/l/+X/5f/l/9fX/L/nQ1Y/t/1/9vI//f3+Psy/+/6/1xl/Zb/j33/u0NNatL/AwAAQB3Evv/BUBP9PwAAAFRG7PvfE2qi/wcAAIDKiH3/e0NNatL/y/+7/r/8/4Dn/yezLJP/l/8nkf/vTP6/C/l/+f9+y///h/w/g63f8v+x738o1KQm/T8AAADUQez73xdqov8HAACAyoh9/2+Gmuj/AQAAoDJi3//+UJOa9P/y/4OS/5+U/5f/d/3/tv2R/5f/LyP/39nG5/9X94ZK/l/+f5DH7/r/8v8s1W/5/9j3fyDUZOXfriZWvCQAAABwVcS+/7dCTWry+38AAACog9j3/3aoif4fAAAAKiP2/b8TalKT/l/+f1Dy/67/n8n/y/+37Y/8v/x/mY3L/8czj/y/6//L/0fy//L/8v+067f8f+z7fzfUpCb9PwAAANRB7Ps/GGqi/wcAAICBUPZ/stvFvv9wqEn3/n/V/6cPAAAAuDpi338k1KQmv/+X/5f/l//v0/z/n+z45+9/551Hdsv/y//L/6/Khl7/v/Hid/1/+X/5/0T+X/6/NP+/Sf6/ztYh/z/WfONq8/+x7z8aalKT/h8AAADqIPb9vxdqov8HAACAyoh9/7FQE/0/AAAAVEbs+2dCTWrS/8v/y//L//dp/n+V1/8fCtvph/x/PB7y/616lv+PJ135/1Ibmv9/32JOXP5/tfn/8dJb5f9XnP/P37jJ//fX+OX/Xf+fpXqV/x9ZzP+3WG3+P/b9s6EmNen/AQAAoA5C3z98vKiLd+j/AQAAoDJi338i1ET/DwAAAJUR+/4PhZrUpP+X/5f/l/+vRv7f9f8Xl698/t/1/zuS/++sf/L/5eT/Xf9/kMcv/y//z1LrcP3/FqvN/8e+fy7UpCb9PwAAANRB7Ps/HGqi/wcAAIDKiH3/R0JN9P8AAABQGbHvPxlq8v/s3dmT5fVZx/HT2FPMFBeWVVZ54YXcW/4FXMC1/gFeeOONVZRV4gLuC4P7ivuGC7ivuIAibriCCmpCQvaQlSRkTwhJCElqUsw8zzOnu0//Tvf06enf+T6v10UeGTM5nXGcySfDu75N9r/+X/+v/9f/6/9Xf/7l/n/36r+u/n876P+n6f/X0P/r//X/+n82am79f+7+b4pbmux/AAAA6CB3/x1xi/0PAAAAw8jd/81xi/0PAAAAw8jd/y1xS5P9r//X/w/b/9+q/z/s8/X/3v8fmf5/mv5/jS3q/7/0vP5/bl+//l//z0Fz6/9z939r3NJk/wMAAEAHufu/LW6x/wEAAGAYufvvjFvsfwAAABhG7v674pYm+39f/7+z6Nn/Z8ar/x+p//f+/6Gfr//X/4/s+vb/97zyK5/+X//v/f+g/9f/6//Zb279f+7+b49bmux/AAAA6CB3/3fELfY/AAAADCN3/3fGLfY/AAAADCN3/3fFLU32/8ne/98dpf8vG+j/d7JF1//r//f//ND/6//1/6fP+//TOvX/dz5z0x0vPPLljx7n8/X/+n/9v/6fzZpb/5+7/7vjlib7HwAAADrI3f89cYv9DwAAAMPI3f+9cYv9DwAAAEN4/qsWtfu/L25psv9P1v8P8/5/8f6//v/yN+j/9f/6/62l/5/Wqf+/ls/X/+v/r+Hrr98G9f/6fw6aW/+fu//745Ym+x8AAAA6yN3/A3GL/Q8AAADDyN1/d9xi/wMAAMAwcvdfjFua7H/9/+n3/5/X/299/39uof+/Qv+v/58//f80/f8a+n/9v/f/9f9s1Nz6/9z998QtTfY/AAAAdJC7/wfjFvsfAAAAhpG7/4fiFvsfAAAAhpG7/4fjlib7X//v/X/9v/f/9f+rP1//v530/9P0/2vo/0/az5/T/+v/9f8sO2b///LEL9sb6f9z9/9I3NJk/wMAAEAHuft/NG6x/wEAAGAYuft/LG6x/wEAAGAYuft/PG5psv/1//p//b/+X/+/+vP1/9tJ/z9tNv3/zu7Kb9b/b33/7/1//b/+nz3m9v5/7v6fiFua7H8AAADoIHf/T8Yt9j8AAAAMI3f/T8Ut9j8AAAAMI3f/T8ctTfa//l//r//X/+v/V3/+VP//6NLXp/+fl432/zv6f+//6//1//p//T8nMbf+P3f/z8QtTfY/AAAAdJC7/964xf4HAACAYeTu/9m4ZWn/7/97UQEAAIDtkrv/5+KWJn/+v7r/v/q/1/8fzXXq/3f1//r/K//3vvKvqP+f7P9v8/5/T97/n7a+/89fUfX/+n/9/0b6/8XOKP3/hXXfX//PKnPr/3P3/3zc0mT/AwAAQAe5+38hbrH/AQAAYBi5+38xbrH/AQAAYBi5+38pbmmy/73/v1X9v/f/e/X/D5zz/v9lc3z/f3Hd+/9d/f8R6f+nef9/Df2//t/7/97/Z6Pm1v/n7v/luKXJ/gcAAIAOcvf/Stxi/wMAAMB2WP57Bw55xD93/6/GLfY/AAAADCN3/6/FLU32/+D9/62H/dP0//r/5R+vmfb/h77/r/+/olf/7/3/o9L/T9P/r6H/P41+fnew/v/+w77/HPr/u/X/zMye/v+xq99+Vv1/7v5fj1ua7H8AAADoIHf/fXGL/Q8AAADDyN3/G3GL/Q8AAADDyN3/m3FLk/1/6v3/hcM/2/v/+n/9v/5f/6//3zT9/zT9/xr7+/9X/qOh/t/7/97/1/9zzfb0/0vOqv/P3f9bcUuT/Q8AAAAd5O7/7bjF/gcAAIBh5O6/P26x/wEAAGAYufsfiFua7P/B3/8/lP5f/7/846X/1/+v+nz9/3bS/0/T/6/h/X/9/1n0//ETQP/PiObW/+fu/524pcn+BwAAgA5y9/9u3GL/AwAAwDBy9/9e3GL/AwAAwDBy9/9+3NJk/+v/T7f/z2/X/+v/F/p//b/+/7po2//vrPqd6KBD+v+nbr/4NXu/Rf+v/x+y/3/uVL9+7//r/zloFv3/pav/6TJ3/x/ELU32PwAAAHSQu/8P4xb7HwAAAIaRu/+P4hb7HwAAAIaRu/+P45Ym+3+p/8/kQv/v/X/9v/5f/6//31pt+/8j8v7/tJfi36/+f9T+/3S/fv2//p+DZtH/L/117v4/iVua7H8AAADoIHf/n8Yt9j8AAAAMI3f/n8Ut9j8AAAAMI3f/n8ctTfa/9/979P83LvT/+n/9v/6/B/3/NP3/Gt7/1//r//X/bNTc+v/c/Q/GLU32PwAAAHSQu/8v4hb7HwAAAIaRu/8v4xb7HwAAAIaRu/+v4pYm+1//f0j/vxir//f+v/5/of/X/zeh/5921v3/qt8vl12X/v+hiS9gVf9/6Ub9/5b3/+eP+P31//p/Nm9u/X/u/r+OW5rsfwAAAOggd/9DcYv9DwAAAMPI3f9w3GL/AwAAwDBy9/9N3NJk/+v/e7z/r//X/y/0//r/JvT/01b3/zcc/Cbv/3v/f6D+3/v/+n/Oztz6/9z9fxu3NNn/AAAA0EHu/kfiFvsfAAAAhpG7/+/iFvsfAAAAhpG7/9G4pcn+1//r//X/+n/9/+rP1/9vp9Pr/xcD9/8r6P/1//p//b/+nw2YW/+fu//v45Ym+x8AAAA6yN3/D3GL/Q8AAADDyN3/j3GL/Q8AAADDyN3/T3FLk/1/Vv3/bfp//b/+X/+v/68fVf3/5nj/f5r+fw39v/5f/6//Z6Pm1v/n7v/nuKXJ/gcAAIAOcvc/FrfY/wAAADCM3P3/ErfY/wAAADCM3P3/Grc02f/e/9f/7+3/F4uZ9//5/6T6f/3/CP3/+YX+f+P0/9P0/2vo/8fs/29YDNT/Xzj0++v/maO59f+5+/8tbmmy/wEAAKCD3P3/HrfY/wAAADCM3P3/EbfY/wAAADCM3P3/Gbc02f/6f/2/9//H6f8ff3H1z0f9/2z7//pR1f9vjv5/mv5/Df3/mP2/9//1/5yZufX/ufsfj1ua7H8AAADoIHf/E/v/DNX+BwAAgGE8cfkfzy/+K26x/wEAAGAYufv/O25psv/1//p//f84/b/3/6/Q//d2Rv3/zqY+X/+v/9f/b+/Xr//X/3PQ3Pr/3P3/E7c02f8AAADQQe7+J+MW+x8AAACGkbv/qbjF/gcAAIBh5O7/37ilyf7X/+v/9f/b2f+f1/8P3//nV6b/P565vP9/yy1f/bT+X/+v/9f/6//1/93Nrf/P3f9/cUuT/Q8AAAAd5O7//7jF/gcAAIBh5O5/Vdxi/wMAAMAwcve/Om5psv8P9v/nFlcK1StW9f/RqOn/l+j/9379+v/VPz+8/6//9/7/6ZtL/+/9/2v7+ufW/9+l/9f/n1b/f/PB76//Z0Rz6/9z9z8dtzTZ/wAAANBB7v7XxC32PwAAAMzYqr8T+3C5+18bt9j/AAAAMIzc/c/ELU32v/f/9f/6f/2//n/156/r/5P+f170/9P0/2t4/1//3+j9//j9r36dqv7/i/T/bM7c+v/c/a+LW5rsfwAAAOggd//r4xb7HwAAAIaRu/8NcYv9DwAAAMPI3f/GuKXJ/tf/b7T/313+Nv2//n/fzw/9/2D9v/f/50n/P03/v4b+X//fqP/fz/v/nIa59f+5+98UtzTZ/wAAANBB7v43xy1H2v8XTumrAgAAADYpd/9b4hZ//g8AAADDyN3/1rilyf6fa/9/93b2/3vo/+fS/3+9/n/f5+v/9f8j0//n7+ir6f/X0P8ft59/afkv9P/6f/0/+82t/8/d/2zc0mT/AwAAQAe5+98Wt9j/AAAAMIzc/W+PW+x/AAAAGEbu/nfELU32/1z7/y19/3+POfb/O4uO/b/3/y//9c6O/l//34L+f5r+f43N9v/3NOj/99D/6//1/+w3t/4/d/8745Ym+x8AAAC21dd+5Tc+e9R/bu7+d8Ut9j8AAAAMI3f/u+MW+x8AAACGkbv/ubilyf7X//fq/3u+/6//9/6//r8T/f80/f8a3v/X/+v/9f9s1Nz6/9z974lblobf7rH/XQIAAABzkrv/vXFLkz//BwAAgA5y978vbjmw/y8d8e9qBwAAAOYmd//zcUuTP/8/cf+/2NH/n2b/v9D/6//1//p//f9x6P+nnbD/v7Sj/9f/T9D/6//1/yy7MMP+P3f/++OWJvsfAAAABrXnv1HI3f+BuMX+BwAAgGHk7v9g3GL/AwAAwDBy938obmmy/73/P/P+/5re/79Q/5P+v3n/f+/5lZ+v/9f/j0z/f6gvidvp/f9LX6z/P5az7ue3/evX/+v/OWhu/X/u/g/HLU32PwAAAHSQu/8jcYv9DwAAAMPI3f/RuMX+BwAAgGHk7v9Y3NJk/+v/R+z/vf+v/5/+/HH6/y+76eKTX/cNDz+o/+eq69n/58+FLen/Lzvh+//b1v8f5/Pvu/yP+n/9v/7/2P3/zXH1/6wyt/4/d//H45Ym+x8AAAA6yN3/Qtxi/wMAAMAwcvd/Im6x/wEAAGAYuftfjFua7P+t6v+/Qv8/cv+fP9Zn0P9f3L7+P5vi7v2/9//1/wd5/3+a/n8N/b/+X//v/X82am79f+7+T8YtTfY/AAAAdJC7/1Nxi/0PAAAAw8jd/+m4xf4HAACAYeTufyluabL/t6r/9/7/0P1/upb+Pz/f+//6/4X+vz39/5Ldg9+k/19D/6//1//r/9moufX/ufs/E7c02f8AAADQQe7+l+MW+x8AAACGkbv/s3GL/Q8AAADDyN3/ubilyf7X/+v/R+j/T/j+/9n0/6/8cqP/1//r/zdO/z9N/7+G/l//377/v13/z0bNrf/P3f+FAAAA//9/pV3V")
r0 = open(0x0, 0x8000, 0x50)
getdents(r0, 0x0, 0x0)
creat(&(0x7f0000000040)='./bus\x00', 0x122dfb579e447c7a)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000200)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7ffffffffffffffb, 0x3, 0x0, 0x0, 0x17, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000007700000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220fffff2ff00000000000000000e00", [0x4]})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)

26.266136161s ago: executing program 3 (id=717):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x11, 0x80a, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4048b}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_FLAGS={0x6}, @IFLA_IPTUN_PROTO={0x5, 0x9, 0x4}]}}}]}, 0x40}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="780000001000010400"/20, @ANYRES32, @ANYBLOB="60300300001400005800128009000100626f6e6400000000480002802c0008"], 0x78}}, 0x0)

24.735426271s ago: executing program 3 (id=722):
syz_open_dev$video(0x0, 0x8, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x10})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})

24.388952883s ago: executing program 32 (id=722):
syz_open_dev$video(0x0, 0x8, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x10})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})

4.79059259s ago: executing program 0 (id=816):
socket$phonet_pipe(0x23, 0x5, 0x2)
socket$unix(0x1, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140))
socket(0x2, 0x80805, 0x0)
timerfd_create(0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$inet(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x11, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_io_uring_setup(0x5771, &(0x7f0000000440)={0x0, 0x0, 0x10100, 0x1, 0x1c5}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000180)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000040)=ANY=[@ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x24844})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

3.606507327s ago: executing program 0 (id=824):
r0 = syz_usb_connect(0x3, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000d5e9bd40eb030200c0ba050000010902115c01000000000904000001b504b100090581"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x0)
ioctl$EVIOCSKEYCODE(r1, 0x40084504, 0x0)

3.327848089s ago: executing program 1 (id=828):
syz_open_procfs(0x0, &(0x7f0000000480)='uid_map\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000080)={0x0, 0x0, 0x1})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3.327242869s ago: executing program 4 (id=829):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='utf8=0,uni_xlate=1,errors=remount-ro,check=strict,codepage=932,nonumtail=0,shortname=mixed,shortname=lower,iocharset=cp834,shortname=mixed,nonumtail=0,iocharset=cp866,rodir,\x00'], 0x2a, 0x33c, &(0x7f0000000a40)="$eJzs3T1sW1UUAODjvjROI5V4QKpgMmxIqGqCGGBKVBWpIgMUWfwtWDTlJzaVYmEpDHG9gBhBLEgwsXWAsTNiQIiNgZUioQJioVukVjxkvxf7+SfUgJzy831DdXTuOb73vV7FL1F889J6bF88Hpdu3rwRS0ulWFg/ux77pajEsUgicyUAgP+S/TSNX9PMnavfXz6IFue8LgBgfvrv/6+cHCbKd3M1AMBRmPH7/6emZi/PbVkAwBztx9j7/4Mjw2M/5l8Y/E4AAPDv9czzLzy5sRlxoVpdimi+0661a/H4cHzjUrwWjdiKM7EStyOyB4XsaaH37xPnN8+dqfb8WIlar6Ndi2h22rXsSWEj6feXYzVWopL3p4P+pNe/2u+vRsSVTn/+aJbateOxnM//3XJsxVqsxL0T/RHnN8+tVfMXqDUP+jsR3Vg6uIje+k/HSnzzclyORlyMXu9w/Xur1erZdHOkv3213K8DAAAAAAAAAAAAAAAAAAAAAIB5OF0dqAzOv0mbnfbbF8YLKiPn49Sy4fx8oG52PlBaPjid591k/Hyg0fN52rWFOHZXrxwAAAAAAAAAAAAAAAAAAAD+OVq7i1FvNLZ2WrtvbReDTiHzxleffnEixmteT4aZWMhebqQmz0WhK4lBezpoT5ORmjxIIobFV68NVlysKQ+uYqK9F5Qnhkr5muqNxskHfvhoWtdvw0wSE7dlNCjl8xeGmvdkqT/oOjxYu0PN9TRND2vf+3CyK0oRCxP/cX8nWMyDL2+8et8jrVOP9oc+zw99eOjhlWevf/DJz9v1RuS3ptFY3GndTv/ypElh/5Ty+1yashOmB91hprvT2q0n3/7y3P3vfT1WnEzfP2kx8+bhc302nlnMgt4yZ7nS41M2//TgxVuD3fvnb+apj9fr1/a+/2nWrsIXCQd1AAAAAAAAAAAAAAAAAADAkSh8Vnwm2WevH3t6vqsCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKM1/Pv/haA7kZkluNWJyaHy1k7r0MlPHOmlAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwP/Z7AAAA///zeHd6")
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x4000, &(0x7f0000000140)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c636865636b3d7374726963742c756d61736b3d30303030303030303030303030303030303133363033302c756e695f786c6174653d312c756e695f786c6174653d302c666d61736b3d30303030303030303030303030303030303030303034302c757466383d302c6e6f6e756d7461696c3d302c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c74696d655f6f66667365743d3078303030303030303030303030303166622c666c7573682c756e695f786c6174653d302c73686f72746e616d653d77696e39352c00208893fdd4787adad4209069"], 0x6, 0x2ab, &(0x7f0000000a80)="$eJzs3b1rLFUUAPAzyX6pxW5hJYIDWlg9Xl5rs0HyILiVsoVa6MP3Hkh2ERII+IFrKlsbS/8CQbDzn7CxsBdsBTtTBEZmZya7ibObTHATP36/Jjd3zrn3zOQmYYs9+/6L04PHaTw9+eyX6PWS2BrGME6TGMRWVL6IC4ZfBQDwb3aaZfF7VmiSl0REb3NlAQAb1Pj///cbLwkA2LC33n7njd3RaO/NNO3Fw+mXx+P8lX3+tbi++zQ+jEk8ifvRj7OI7Fwxfphl2ayV5gbxynR2PM4zp+/9WK6/+1vEPH8n+jGYT13M3x/t7aSFpfxZXsez5f7DPP9B9OP5mv33R3sPavJj3IlXX16q/17046cP4qOYxON5EYv8z3fS9PXs6z8+fTcvL89PZsfj7jxuIdu+5R8NAAAAAAAAAAAAAAAAAAAAAAD/YffK3jndmPfvyafK/jvbZ/k37Ugrg4v9eYr8pFroUn+gWRbfVP117qdpmpWBi/xWvNCK1t3cNQAAAAAAAAAAAAAAAAAAAPyzHH38ycGjyeTJ4d8yqLoBVG/rv+k6w6WZl6ImZhDnM93FllvltmtWju0qJolYW0a+YqPi21fvvmLwzKqsb79r+uh6V8e0b1Bhw0F1ug4eJfXPsBvVTK86JD8sx3Timnt1Vl3KGh2/Tu2lfuN77zw3H8zWxESyrrDXfi2eXDmTXL6Lzvyp1qa3y0Hxu1B3Nhqd57/+rUh06wAAAAAAAAAAAAAAAAAAgI1avOm35uLJiqSf94sP+Y/BhqsDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNux+Pz/BoNZmXyN4E4cHt3xLQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA/8GcAAAD//wrtYeE=")
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='blkio.bfq.idle_time\x00', 0x275a, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x800, 0x0)

3.003367291s ago: executing program 1 (id=831):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101142, 0xeaff)
ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f00000000c0)={{r0}, 0xffffffffffffffff, 0x0, 0x100002})

2.800550652s ago: executing program 4 (id=833):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000140)=0x8, 0x4)
sendto$packet(r0, &(0x7f0000000340)="05030006e8fe091c6202a0ffffffff0060031200000088fb143488a87f43055762cb80948864113b022543424aa608", 0xfef2, 0x0, &(0x7f0000000a80)={0x11, 0x88a8, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)

2.799914562s ago: executing program 1 (id=834):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xe4776000)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, 0x0, 0x0)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000100)='./bus\x00', 0x210c11, &(0x7f0000000080)=ANY=[@ANYRES64=0x0, @ANYRES8, @ANYRESHEX=0x0, @ANYRES32=0x0, @ANYRES32], 0x2, 0x227, &(0x7f0000000580)="$eJzsmb9rFEEUx78zu7e3iaJYaGFzFgEjmL3dPZU0IrGxigiJiOVh1pC4ycndIbmAkPwB/gGCf4dFKgs7OwsrCxWEFF5pIUJGZnfmdm7X9e5csPF9ILPf+fXmvdnZN5ADQRD/LV8+f//04vby+lUAp7GAumo/tvQIG9wY//GlVVPy7e6Z50d5ewyAEFndnrC+A+DNigUcpGaFyGb/EMCCsrkOnmjJfXBcUfoBGDztq8hmR2B4qJq3Dd2ZUyKO2KNOvPF4K458WQSyCGXRAsSY/8NDhg0ArlqCGf73BvtP2jHQTUUcaVETep1CV0645V2pwHb5/iX+rXDcNLaAA2d1v6eevrF/ATgCpVtgWFN6GXV4ntdQ1Sgw4r9oZ/at9LUZ8U8OMhXuLIOri3NLVe3cmjHA34oTUeg6QPUAnb96BbMK+flNHiz9mH0J3ijOcibZcStvHcu3yA961HJhePSuOOvrWMuH1bIlGP7pCZ9KJIkLQKHr/Xwcr2YtOq91e4PzY3YupftzN3/Y9AksPRI4vqOGXDbyk23cCs3+ztNmb7C/tLXT3ow2o90wbN3wr/n+9bAp7x2/mWToP+Q/N8lP84b9WslYhznYa/f73WAP6HeDUT1MSyPjrr3ufBul+eEhx+JPIfT1koStLkqWW4OpP/5KPqVatEqdJwiCIAiCIAiCIAiCIAiCmJI6cApogEH9r/JE/1olCtjhPTybA34FAAD//5X3XDw=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x40000, 0x20)
lsetxattr$trusted_overlay_redirect(&(0x7f00000000c0)='./bus\x00', &(0x7f0000000140), 0x0, 0x0, 0x3)
fadvise64(r0, 0x54056, 0x0, 0x3)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, 0x0)
stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000380))

2.725326123s ago: executing program 2 (id=835):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_mount_image$udf(&(0x7f0000000c40), &(0x7f0000000340)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='noadinicb,nostrict,mode=00000000000000000000004,uid=forget,noadinicb,umask=00000000000000040002000,lastblock=00000000000000000013,undelete,partition=00000000000000000005,\x00'], 0x43, 0xc11, &(0x7f0000000d00)="$eJzs3V1oXOl5B/DnnSOtRto00WYTb9Jm04GUxCi18VdsBZcgZxW1AccbIit0r6LRh51h5ZGR5MabtkFtSQu9Cd2b0psimi4t5KJX3V5WabaQUAol5CK9KAiaLHvRC10ECi0bhXPmHWlky7ayXlvS7u+3zP7PnHnO+P0YnzkCvzoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89nOXTp1OB90KAOBxujL5pVNnff8DwLvKVT//AwAAAAAAAAAAAADAYZeiiGORYujVzTRdPe+oX261b92eGp/Y+7DBFClqUVT15aN++szZc586f2G0m/c//u324Xh+8uqlxnOLN24uzS8vz881ptqt2cW5+X2/w8Mef6eRagAaN168NXft2nLjzMmzu16+Pfz6wJPHhi9eOHF+tFs7NT4xMdlT09f/lv/0u9xrhccTUUQzUrw5/EZqRkQtHn4sHvDZedQGq06MVJ2YGp+oOrLQarZXyhdTLVfVIho9B411x+gxzMVDGYtYLZtfNnik7N7kzeZSc2ZhvvHF5tJKa6W12E61TmvL/jSiFqMpYi0iNgbufrv+KOKjkeLlU5tpJiKK7jh8sloY/OD21B5BH/ehbGejP2KtdgTm7BAbiCKuRIqfvXY8Zssxy4/4eMQXynw14pUyPxORyg/GuYif7vE54mjqiyL+PVIsps00V50PuueVy19ufL59bbGntnteOfLfD4/TIT831aOImeqMv5ne+sUOAAAAAAAAAAAAAAAAAG+3wSji25HiT579vWpdcVTr0t93cfQ9L/x275rxZx7wPmXtyYhYre1vTW5/XjqcauV/j6Bj7Es9ivhGXv/3RwfdGAAAAAAAAAAAAAAAAAAAgHe1Il6IFF85cTytRe89xVvt642rzZmFzl1hu/f+7d4zfWtra6uROjmWczrnas61nOs5N3JGLR+fcyzndM7VnGs513Nu5IwiH59zLOd0ztWcaznXc27kjL58fM6xnNM5V3Ou5VzPuZEzDsm9ewEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3klqUcTPI8W3vraZIkXEWMR0dHJ94KBbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU6qmIk5Fi/YV69XytFnE1In6+tbXVfUTEZpkP66D7CgAAAAAAAAAAAAAAAAAAAIdWKuJjkeLp/9tMjYi4Pfz6wJPHhi9eOHF+tIgiUlnSW//85NVLjecWb9xcml9enp9rTLVbs4tz8/v94+qXW+1bt6fGJx5JZx5o8BG3f7D+3OLNl5Za17+6sufrQ/VLM8srS83ZvV+OwahFTPfuGakaPDU+UTV6odVsV4em2j0aWIsY229nAAAAAAAAAAAAAAAAAAAAODSGUhGfixQ/+a9zqbtuvK+z5v9XOs+K7dpX/mDndwEs3JFdvb8/YD/bab8NHakW3jemxicmJnt29/XfXVq2KaUinokUn3j5Q9V6+BRDe66NL+veW9bdOJfrhn+trFvdVVUfmRqfaFxZbJ+4tLCwONtcac4szDcmbzZn9/2LAwAAAAAAAAAAAAAAAAAAAOA+hlIRP4oU//P3/5G6953P6//7Os961v//VrWEvlJPu3Nbtbb/vdXa/s72+y6ODn302XvtfxTr/8s2pVTENyPF2R99qLqffnf9//QdtWXdn0WKN579SK6rPVHWNbvd6bzjtdbC/Kmy9q8jxa+/2a2NqvZ6rn16p/Z0WTsYKf5yc3ftV3PtB3Zqz5S1xyPF9/5779oP7tSeLWt/Ein+6e8a3dqhsvb3c+2xndqTs4sLcw8a1nL+vxMp/vbK76Run+85/z2//2H1jtx215zff/vtmv/hnn2reV7/NM9/8wHzfz5SfKf+kVzXGfuZ/PpT1f935v8TkeI//2137bVc+/6d2tP77dZBK+f/25Hiu3/14+0+5/nPI7szQ73z/6t9u3P7U3JA8/9Uz77h3K7ZX3Is3o2WX/r6i82FhfklGzZs2NjeOOgzE49D+f3/55Hi/48VqXsdk7//39N5tnP997/f2Pn+v3hHbjug7//39+y7mK9a+vsi6is3bvY/E1FffunrJ1o3mtfnr8+3z5w+9elPnz996vT5/ie6F3c7W/seu3eCcv5/ECl++A8/3P45Zvf1397X/0N35LYDmv+ne/u067pm30PxrlTO/99Eiqc+++Ptnzfvd/3f/fn/+Md25/bfvwOa/w/07BvO7Wr9kmMBAAAAAAAAAABwlAylIv4iUvzuH/9m6q4h2s+//5u7I7cd0L//Otazb+4xrWvY9yADABwi5fXfByPFP299f3st9+7rv/iNbm3v9d+9HIb7/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFGXoog/jBRDr26m9YHyeUf9cqt96/bU+MTehw2mSFGLoqovH/XTZ86e+9T5C6PdvP/xb7cPx/OTVy81nlu8cXNpfnl5fq4x1W7NLs7N7/sdHvb4O41UA9C48eKtuWvXlhtnTp7d9fLt4dcHnjw2fPHCifOj3dqp8YmJyZ6avv63/KffJd1j/xNRxPcjxZvDb6TvDkTU4uHH4gGfnUdtsOrESNWJqfGJqiMLrWZ7pXwx1XJVLaLRc9BYd4wew1w8lLGI1bL5ZYNHyu5N3mwuNWcW5htfbC6ttFZai+1U67S27E8jajGaItYiYmPg7rfrjyK+GSlePrWZ/mUgouiOwyevTH7p1NkHt6f2CPq4D2U7G/0Ra7UjMGeH2EAU8Y+R4mevHY/vDUT0RecRH4/4QpmvRrxS5mciUvnBOBfx0z0+RxxNfVHEuUixmDbTawPl+aB7Xrn85cbn29cWe2q755Uj//3wOB3yc1M9ivhBdcbfTP/q7zUAAAAAAAAAAAAAAADAIVLEWqT4yonjqVofvL2muNW+3rjanFnoLOvrrv3rrpne2traaqROjuWczrmacy3nes6NnFHLx+ccyzmdczXnWs71nBs5o8jH5xzLOZ1zNedazvWcGzmjLx+fcyzndM7VnGs513Nu5IxDsnYPAAAAAAAAAAAAAAAAAAB4Z6lFUd3F/Vtf20xbA537S09HJ9fdD/Qd7xcBAAD//0kCdPc=")
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000140)=0x7)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file2\x00', 0x63901, 0x10)
pwrite64(r2, &(0x7f0000000000)="6c0b546bc2", 0x5, 0x404042ffc)

2.506426714s ago: executing program 4 (id=836):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_CT_DIRECTION={0x5, 0x3, 0x1}, @NFTA_CT_KEY={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x80}}, 0x0)

2.263453105s ago: executing program 4 (id=837):
r0 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901010000003f0904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$sierra_net(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$sierra_net(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io$rtl8150(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000001180)={0x84, &(0x7f0000000080)={0x20, 0xe, 0x6, "e34543eaeb00"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

2.171712216s ago: executing program 2 (id=838):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
listen(r0, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r1, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, &(0x7f0000000340)=[{&(0x7f00000002c0)='/', 0x1}], 0x1, 0x0, 0x0, 0x480c5}, 0x0)
r2 = accept4(r0, 0x0, 0x0, 0x0)
recvmsg$kcm(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000380)=""/115, 0x73}, 0x100)

2.070466316s ago: executing program 1 (id=839):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000002880), 0x88400, 0x0)
ioctl$TCFLSH(r0, 0x540b, 0x2)

1.968650918s ago: executing program 1 (id=840):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
syz_usb_connect$uac1(0x2, 0xdc, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES8=r1, @ANYRES16=r0], 0x0)

1.934071478s ago: executing program 2 (id=841):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = memfd_create(0x0, 0x0)
splice(r1, 0x0, r1, 0x0, 0x9, 0x2)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)={0x1c, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}}, 0x1c}}, 0x44000)
nanosleep(0x0, 0x0)
syz_80211_inject_frame(0x0, &(0x7f0000000340)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x4, [{0x2, 0x1}, {0x4, 0x1}, {0x12}, {0x18}]}, @void, @void, @void, @void, @void, @void}, 0x32)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x10}}, 0x0)
keyctl$unlink(0x9, 0x0, 0xfffffffffffffffd)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r6=>0x0})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="2000000010000100760100000475000000000000", @ANYRES32=r6, @ANYBLOB="9a"], 0x20}}, 0x0)

1.810531078s ago: executing program 0 (id=842):
syz_mount_image$squashfs(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="001d5933b55bd31ac3830ebbee275adf1db2744fe57fb1082c"], 0x1, 0x232, &(0x7f0000000340)="$eJzKKC4sZmdgYPj7sSaZgUGAAQRYGEQYLjAwMrAwMDDIM4KFGD4yQeipUPomlGaDyl+B0r5Q8XYo/de8KiKKgYExU+meGdMB8RRFRgEGHpGvpx4wJDPwxzJYzvMGKZxyVejt0v0g9V6hlZsYGNVT+BfN2TDBaSYv2FjGyChkc5gPyMziABnEwMAw+U/EvQcskgwiYLPWXArKnHJVlOOf2KmW5avMOu8zzOiYlsbAaDCLg4GBQe+I7kw7A95uJqiZxZVV2Yk5OalFxWcYUM2fzLifSZERpO7M36vBDxjtGLpjGRgZ5Db4qy3+9keqcuOm+sjpVRE1U7ubbi5dH8ewTf/vFROp9xMzwv4/OCSoZZGX/2GejNL3zQ1zPtTUPTFx7GxUnsvfevnvu/cxtcUJakyPxbsK2fgT3LRqPjk7uVk+npte3b6lWHFBVprLxGNTL/5NOL6WgWHyhSe2+jVnDsUrxnBKuVXOjbnrlivItUz9fN0bBoaDUZ8nMjAuZ2RgYmCYGbZzD9Rf7CB/lTdAI4OBmYGBQYWBgYGJgYUhLTMn1cCDgZGBWQPCMWSBqoKpZmLgAEvoJefnpLQzMDKwQiUMljOwwM0wfMzACucYIXOMLRqgGhjaobQKlPaA0suh9GMGBjYGpOQFSzYsYBP6oTyNBpCyisSSkiJDkHIICy5mBBczEoDbzAS1dS4TqueOMzGMglEwCkbBKBgFo2AUjIJRMApGwUgGgAAAAP//DYm1qA==")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@metacopy_on}]})
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='mountinfo\x00')
read$FUSE(r0, &(0x7f00000042c0)={0x2020}, 0x2020)

1.57033538s ago: executing program 0 (id=843):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000005600)='./file0\x00', 0x0, &(0x7f0000000040)={[{@compress_algo={'compress', 0x3d, 'zstd'}}]}, 0x1, 0x559a, &(0x7f0000005680)="$eJzs3X2QVWUdB/Bzd1lYZGI3BMGBFShfQEIhpVRS7kBBuDJtkjU2GQtioaAwzBI1ii04WLgam1kz5QxCiwjDUmszGmXlygyQk9PWjIPIgjLThjG9SMXEFjU2e+99Lveey+5eyVxfPh9m99zn/s7znOeeOX/c72WfcyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIoujgjtr/rB1ZV75+06hFt199cPSq0RNWVDWdHHWg+rzdl/absWjovuntdw6b0bH6SPX65tsu6IyiRKpfItN/3vSPX/+FufPmlIcBaz+Z3lZWdnfIdNfD6Ub/vCe7+uX/zI+iqCw2QGlmu7s0p52IHyBaXjhgj8pmbVsycEGyduvmp+ouX7J1XOFLp0t5X0+gr2Suq45T11Iy9bsktke2nXPpJfIu0XT/+AX3prwIAOB1mVST2mTfjmbe4mbb9fF6rJ2MtRtj7fAOoTG3cSbS4/bvbp5j4vU+mmcyHRUGdDvPWD1z/rPtmnj/WDsWNV7HPPN3zUSa8u7muSxW76t5AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALyVvFa3Ys34z714sOyX549bvfLk4WvLL3zoq/8uWXrzS68dqlnzl7ah+6a33zlsRsfqI9Xrm2+7oDOKKlP9EunuiWknXr1kYvWcUeuf+N7ETc+OP16aGTds++XsHO0PD66siKIFOZWOMOzRwVFUk19INaPvFhZuTT2YHQoAAAC8k5yb+l2SbafjYFleO5FKk4nUvyAdFstmbVsycEGyduvmp+ouX7J13JmPV9PNeMnTjpdtV576SeQE4xB/4+OdqoddlxeM07P4iPE8P+X5l1+oGHHtT5+pOu+mlde/NPKax9tmfnP48UX7K+8YtGrc2CsK8n9lz/k/nDn5HwAAgP+F/B8fp2e95f/PzK+75Y5HvnJszD2HVw66+8H9G4eVH7nplsn7/jj8hosvvqz2xoL8PybvkAX5P8w45P+S6MzyPwAAALyV/b/zf7JgnJ71lv/bhzff/MB7Di2sbOt4evtlK/b0X3j1RUMOPHTR3In3XjdozPkNBfl/UnH5v1/utMOTz4UJL66IoknFn1QAAAAgT/h/91MfLYS8nv7kIJ7XW+dtGd3y6swvTxj78KH6P1Vtnvj5jUMe37lh5jd2PXf3/RPbzi7I/8ni8n/Zm/NyAQAAgCI0HTpnxNBPJ38e3X/01vnf/+yuR+9b+sWrLtnbOWvC2l9UP72jviD/1xSX/wf0zcsBAAAATuPE+GsW/mPnkd9e1/yJ+5qO/v5Lq0p/NaNp9/62hqZ/bh81e/XkgvxfW1z+Pyuzzax8SHfaE/4K4VsVUVTe9WBZurA3apyWLQAAAABvkJDT75ryfMm9A6edu2Xub06Me+KFPZ/aN3vxhnPWTGp69n2tiz9y4WMF+X9Zz/f/D3c6COv/8+7/V7D+P6eQvuvfVDcGAAAA4N2ocD1/uD1++psLuvv+/WLX///w6xv+mqiqf/ID8342q/P9zT/Z2zr1wZNVf5hz/OGW5MgnL32xIP/XF5f/S3O3b+T3/wEAAMAZeLt9/9+NBeP0rLf7/7c980j1o1d+6GtXza2buuN3H77iz68Mn9qwPXpl+UfbFx342K5fF+T/xuLyf9gOyn15reH83FMRRSO6HmTuJrgtTHdxrNBSllNIn/hYj7mhR6bQMiCnkLIs1uODFVE0tutBfazw3lBojBWODc4UNsYKbaGQuR6yhR/ECq3hSvvO4Mx044Ufh0JmgUVLWEExKLskItbj79316Cqctkd79uAAAADvKiE8Z7JsWX4zikfZlkRvO5zV2w4lve1Q2tsO/WI7xHfs7vmoNr8Qnv/Rt294ecBdD2yom7Jl04KqhrPX/euxyZNuX7Z2Z93SziF/W7euIP9vLC7/h1PRP73pbv1/FNb/Z77XMLv+vzYUKmOFllCoid8xoCYcIx12G8IxKmsyPY6NyBYAAADgHS18LlDax/MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7J373FW1nXiwL8zzIUZhplRMS+RISaKwTCMKYaZID/TnwQOq6WFJgSDjgxCXEzQTUTd1VzB2+ZtE0jdtIwoNbVUeGnekspLsKl5SfHSK41lS5Js133NnPM9nPOcOc5BQBn3/f5jzvecz/f6nMuc7/M85/sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/N2z85GVfeHmfj/xg3cKBi1eP+krfI4cMn3DMNTceu/jhb0/e777f//8+aw575sydR60955XRi245de+3QmjuKFeSKl5y6F/XNQwePabvotuvGbz0kYF/qUjXm46HXu1/StN3zoutru0dwh0lIZQlA4NrUoHy9P2aWF/fmhB2CJsCmRIt1akSyYbDA1UhLAmbApmq7qoKoSYrcOwT9624uD1xRVUIe4cQKpNtPFuZaqMqGRhQkQpUJwPTy1KBv76TkgncWZoKwBaLb4bMi355c26G+s7LFXj9lW+1jn2wksPrERP1hfO9MXIbdypLRfKB5i162vKqY5vIe3us9G7rBu+2vO18iact+4tU+hvKO5tClaF0csuUiXPaZsdHSkNDQ49CNW2j5/np9WdN2px0t3kdxg7Ub5XX4aoLe49d/OhRw2+tG35Dn0ELN25pNwtt3m2tMqRfc93meYxG+DzpBm+/vG9J/XzpCiHsf9v42798wcs3L7h87K4HPbHTsDc+u/vdLT+75YTxxx++fsVXf//jvPl//bvP/+PLOd6W5uSOrb5dm5qbx0dqYmJdbWpuDgAAAN1Gd9hr+srq/5722X3HDX185OrqW2+659SL7/v8tT9r3a/t4bE77fj8vvN+lDf/71fc8f94yL8me7QrQxjRkTi3LoRdOx5PBW6O3flqXQh7dqSacwMjE4GVIezWkRiYqSpRomcs0S8ReLU2HRiRCDwYA82JwI0xcEkicF4MLE8EJsXAykTgsBgIrbnj2K82PY6iA1UxMCG1EZfHsxD+XBtbS2yrZzJVAQAAbCXp2WF57t2scx22NEOcXi6v6ipDPAO7YIbKRA3JGWxmWlWwhrKuaijtqobMuOe/+/Dzai7pqua80zBKcjNcWXXLpT8aNumNu2e8tOG0Iz7x2quP1S/96afXXfPGU9Mr79/j8ofz5v+N7z7/r+ykIyV5x/9DGNfxN+YuTUfaMvEJzTkZAAAAgC3w1sADvvydsq/NfeH3jwz75K+vfez1lQ9/dO8zb1v7/Bk/+NZ3au4fnTf/H1Hc+f9xn0iPrMxhVdwNMbUuhMbcQKrag/MDqaPevdIBAAAA6A4yx+Mzx8Jb07epU7ST8+n8/M2bmT8e+B/Raf7131p2/Y6feGT2Q7W3zXhqw+NfWTl64bEz3xh05dmP7HvoQU+N/Gze/L+5uPP/q3NvU514MPbi8roQemYFHoq9bA906BcDLxyaG0iP/8G4AS6KVaVPTMhUdVEsMSEGGhOBJYVKPJYpsWtuIP1kZRo/NzOO1nSJrAAAAAC87+LugHhcPp7/v2LBXZf9x41/umzVgUtnnzz98de+V1H5zknL7zyxzwX39li008hJefP/CZt3/n/HPDjv9P62XiEMKQuhR/KHAauqUwsDxkBNSTpxT3Wqrh7JqhZUh3Bw+8CSVb2YXv+/LLnG4JNVqapiYNf+N60f0J64oSqEIdmBNeOXHtCemJMIZBr/YlUIH28fbbLxn/RMNV6ebPyqniHskRXIVDWpZwjtjVUkq7q/Mn0dg2RVyytD2CkrkKlqWGUIcwMA3VX8Xzo5+8FZc+dNndjW1jJzGybiTvyqMKW1raVh0vS2yZUF+jQ50eecdYzOyR9TsZe++V16jaLVx0ytKyad+aFgY3Zb6R35eWcOpu/HL0PlHeNsKs+5u39yyPvuld9EyPoqVWjIpdt4yNXZlWx6EvPqj/krQq/Qc86slpkNZ0ycPXvm0NTfYrM3pf7G40ypbTU0ua2qO+tbES+PgstlJbzXbTUgu5Ihs6fNGDJr7rzBrdMmntxycstpwz7VNKxp6P5NjUPaB5X+28VIB3RWc2Kk7ywtclhbcaS7l2VV8n58aEhISHS3xE2Xj39m0UcXV3538UmXPHH++WefcvrOt1057ft9p48fdOXnlkz9et78f8a7z//jp0784E+vz1Do+H99PMyfenzTYf4JMbCk2OP/9YWO5mdODOiXCMyPgfkO8wMAAPDhEHdHxr2Zcad07SvfOP1/Tjii9NA/HP2LpqGDdrnw1qkDbnx94+kf23vekmvLKvKv/ze/uN//b6X1/zNL1x9VaJn/gbFEY6H1/5PL/GfW/59faP3/5DL/mfX/l3wA6//PyQQSm+TP1v8HAAA+DN6/9f+7XN4/eYGAvAxdLu+fvEBAXoYul/Ev9gIBm73+/89/XrbDx47YrW/ZF56YuNedB/7mpGkP7vKjUVev+3RT/TfPWPPzZXnz/0uKm/9buB8AAAC2Hyfs+6UBC14a8vVzpj/ww8Ezdn7purOfH3HPL4/75MYxfddVr+v76bz5/5Li5v/v//p/odD5//0KBZoLLQxo/T8AAAC6qULr//3t42d987p+O24Y1O/M29+6emrJ8L2fO/XXbRc9NOrwj435xyWTrs2b/y8vbv4fT7sozckde/N2bWpNu5Bc025dbeYnAwAAANA9lIaGhvIi8+YsjDryvbf5dHop0HdLZ9vtE6vWnHvvdX8fcvP5C9Ydf3rtQUf+oeyQOydf99KCU/boX/Pc2rz5/8ri5v85v8tYdWHvsYsfPWr427fWDb+hz6CFGzcd/wcAAAC2nWL3SwAAAAAAAAAAAAAAAB+8Y1b95Kz/+uWY4+4cNu/qR3d+/OT//PqsM1on/aLtiHUHPLv0hk/tk/f7/zCuo1yh3//H6/7F3xf0yckdW+16/b/0/WNHL5vbsWThqtoQ9soOTF0wdYeQvjb/PtmBFScO3KU9sSBZ4u7nDnu5PXFSMnDk4B03tCc+kwhMiIsk7pYMxKsqbuidCMTlFZ9MBuL2WJ4MVKQDF/ZOjaMkua3+UJPaViXJbfV0TQh1WYHMtrqjJtVGSXKAVyQCmQF+LRmIAxybDpQme7WsV6pXMVATiy7uleoVAADbrfgtsDxMaW1raYxf4ePt7mW5t1HOkmXn5FdbUmTzv0svTbb6mKl1xaR7JL+LbrrWeHmobB/C0Lyvq9lZSjpGuXVq6WLT9Skw5K5WeystUC5pczddReERVaVG1DBpetvk8i4Hvn/XWZrKuswyNG+yk52ltGOTFlFLEX0pYkRFbpsiuhzvl4aGhh6JXMNjsD7k6OoVUezv9bPX+Sv0KsjOs3zUQQOOW/bcgRMWPXnQtKnhI5e9M2Li5FmHXPHiU0vnjxw0oUfe/L++uPl/Zfa4NqQvBjA/Xlnv4LoQJhQ5IgAAAPjwO+W05y674P5LX32hecDL04dcuuK3c6+aV1Z783mHP3336W+OX3jSlsYHDHtj6Kl3/ebcjU2jHrqy99X3X7PTkXU//H/Vvea+tWLQmy/cvVfe/L9fcfP/uAcrfSg4tbdjZbz+/7l1IXRcWr8+Fbg5DverdSHs2ZFqjiVSF9Q/KpZoTAVujjtMBsYSE5pzq+oZA8sTgVdr04GVicCDMZDeS3FTSO/KubQ2hAM6UuNyS8yIJeoTgaNjoF8i0BADjYlA7xgYkQi83jsdaE4EHo2B0Jq7rW7tnd5WAAAAmyM9zyrPvRuS87zlZV1lKOkqQ3VXGUq7ylDZVYZCo4j3fxwzlCdOXinJylSerLUqUUtehngx/M3uV16G8FhuzmTBvKbj+QeZ8w1KcjNccWbF9Dc/33/R8UPGrB/ftPhzc38a/uHtOW9d8OYvz6977pqNJXnz/8bi5v/Vubep1h+M8/9N1/9LBR6K3bs8njreLwZeODQ3kN4x8GCc7F6Uqao5XSI9ab8olhgRA/0SgRkxMCIRmDAuHViyS24gPdPONH5upvHWdImsAAAAALzv4g6CuJsmzv+fXTv+iWnjf3vQZX1nLzx/+VFffvrXx736i3t73v3d/osebitZuzpv/j+iuPl/bK9XdmPnxd6s7R3CHSWbepMJDK5JBeJ+jJr48/i+NSHskLWDI1OipTpVoiLRcHigKvUL9YpkVXdVpdYYiPePfeK+FRe3J66oCmHvrL0vmTaerUy1UZUMDKhIBaqTgellqUDc85MJ3FmaCsAWy+wVjC+o9KkuGfWdlyvw+vuwXBM0Oby8faCd5OvsN1fbSmXygfQ+1YzNe9ryqmObyHt7rPRu647vtnrvtuwvUulvKO9sClWG0sktUybOaZsdH8n+JWuebfQ8Z/9KtZj0Vngdzn/vve1aZbIDjYmPj8bOy3X+OiyJ1a26sPfYxY8eNfzWuuE39Bm0cGPR3Sgg/lB45rCr6rM377ZWGdKvuW73edLs86Q7/hvo52kLIYy7d+xFjYfcuHDSiP7X73xH7fDLvzT4lkMbnx1XM2eXw8e89sV5efP/5uLm/2WJ2w4b48acVRfCvlkbd1Xc/KPqUp+DWYHUp+RO+YHUIfeXagt+cgIAAMDWltndkdlf0Jq+TZ0Qnpwn5+dv3sz8cX/FiE7zF9vv/lecsnL0hAN/23f8XoccvM9Zdy04er+/Tbz+tT9Wj5z0wPd+tfr6vPn/hHef//dMdNPxf8f/2UYc/+/U9r4rumfygflbtCs6rzq2Ccf/O7W9v9sc/++U4/+O/3fG8f8uOP7fqe39acv7ljTDl64Qwr9f/vm/vX3Pbv02LC393pQH5vU//rLvL1r2k52f+efH/mn69H33/FXe/H9GcfN/6/91vmhfZv2/CYXW/5tRaP2/+db/AwAAtqkCC80l53l5q/flZUiu3peXocsFArtcYtD6f5u9/t+L/3Lpgr2mjv3GiWc9dnDvR+tHrRkz6O8nvbrnmuuevHLoIyf8/dt58//5xc3/48uhV3br3WX9v37jClR1SQzMsDAgAAAA26NCOwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4YJ31xynnjVjw+J+ap39l/fLx32nd8fGHprzefMQPRy87es0pu5xyb581hz1z5s6j1p7zyuhFt5y691shtHaUK0kVLzn0r+saBo8e03fR7dcMXvrIwL9UpustT99+NCd3bPXt2hCWZD1SExPratvvbAocO3rZ3LL2xKraEPbKDkxdMHWH9sSNtSHskx1YceLAXdoTC5Il7n7usJfbEyclA0cO3nFDe+Iz6UBJsrv/1jvV3ZJkdy/uHUJdViDT3VN751aVaeOIdKA02cZ3a1JtxEBNLHpVTaqNGGiLJVp7hjCkLIQeyaoeqUxV1SNZ1U8rU1X1SFZ1dmUIB4cQypJVPV+RqqosOfLHKlJVxcCu/W9aP6A9sbQihCHZgTXjlx7QnpiZCGQaP6YihI+3v2SSjd9anmq8PNn4v5aHsEcIoSJZ4s2yVImKZIkXy0LYKSuwaSOWhTA38OEQP30mZz84a+68qRPb2lpmbsNERbqtqjClta2lYdL0tsmViT4VUpKVfuec9z72360/a1L77epjptYVky5Llyvv6HJTec7d/bf33sd+VWdXsun5yKs/5q8IvULPObNaZjacMXH27JlDU3+Lzd6U+tsjHU1tq6HdZVsNyK5kyOxpM4bMmjtvcOu0iSe3nNxy2rBPNQ1rGrp/U+OQ9kGl/26NkS59/0e6e1lWJe/H+19CQqK7JUpzPt0at/fP8bwv+ps6Wh4qOz6g86YV2VlKOka5NQY98j2O+L18TelyREPzJg55WZq6zrJ/3mRiU5aqVJaOr3V5k8Psmko7Nmm8XxoaGnoU2g71uXezN+8bW7B5n05vumLTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwv+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwLAAAAAAgzN86jJ4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAD//+GI8JI=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101142, 0xeaff)
ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f00000000c0)={{r0}, 0xffffffffffffffff, 0x0, 0x100002})

1.179704383s ago: executing program 2 (id=844):
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x3, 0x3a)
socket$nl_netfilter(0x10, 0x3, 0xc)
landlock_create_ruleset(&(0x7f00000002c0)={0x7f6e}, 0x18, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x26e1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000062102000100000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES16], 0x54}}, 0x20000000)

662.136556ms ago: executing program 0 (id=845):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_CT_DIRECTION={0x5, 0x3, 0x1}, @NFTA_CT_KEY={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x80}}, 0x0)

605.893286ms ago: executing program 2 (id=846):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_mount_image$udf(&(0x7f0000000c40), &(0x7f0000000340)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='noadinicb,nostrict,mode=00000000000000000000004,uid=forget,noadinicb,umask=00000000000000040002000,lastblock=00000000000000000013,undelete,partition=00000000000000000005,\x00'], 0x43, 0xc11, &(0x7f0000000d00)="$eJzs3V1oXOl5B/DnnSOtRto00WYTb9Jm04GUxCi18VdsBZcgZxW1AccbIit0r6LRh51h5ZGR5MabtkFtSQu9Cd2b0psimi4t5KJX3V5WabaQUAol5CK9KAiaLHvRC10ECi0bhXPmHWlky7ayXlvS7u+3zP7PnHnO+P0YnzkCvzoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89nOXTp1OB90KAOBxujL5pVNnff8DwLvKVT//AwAAAAAAAAAAAADAYZeiiGORYujVzTRdPe+oX261b92eGp/Y+7DBFClqUVT15aN++szZc586f2G0m/c//u324Xh+8uqlxnOLN24uzS8vz881ptqt2cW5+X2/w8Mef6eRagAaN168NXft2nLjzMmzu16+Pfz6wJPHhi9eOHF+tFs7NT4xMdlT09f/lv/0u9xrhccTUUQzUrw5/EZqRkQtHn4sHvDZedQGq06MVJ2YGp+oOrLQarZXyhdTLVfVIho9B411x+gxzMVDGYtYLZtfNnik7N7kzeZSc2ZhvvHF5tJKa6W12E61TmvL/jSiFqMpYi0iNgbufrv+KOKjkeLlU5tpJiKK7jh8sloY/OD21B5BH/ehbGejP2KtdgTm7BAbiCKuRIqfvXY8Zssxy4/4eMQXynw14pUyPxORyg/GuYif7vE54mjqiyL+PVIsps00V50PuueVy19ufL59bbGntnteOfLfD4/TIT831aOImeqMv5ne+sUOAAAAAAAAAAAAAAAAAG+3wSji25HiT579vWpdcVTr0t93cfQ9L/x275rxZx7wPmXtyYhYre1vTW5/XjqcauV/j6Bj7Es9ivhGXv/3RwfdGAAAAAAAAAAAAAAAAAAAgHe1Il6IFF85cTytRe89xVvt642rzZmFzl1hu/f+7d4zfWtra6uROjmWczrnas61nOs5N3JGLR+fcyzndM7VnGs513Nu5IwiH59zLOd0ztWcaznXc27kjL58fM6xnNM5V3Ou5VzPuZEzDsm9ewEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3klqUcTPI8W3vraZIkXEWMR0dHJ94KBbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU6qmIk5Fi/YV69XytFnE1In6+tbXVfUTEZpkP66D7CgAAAAAAAAAAAAAAAAAAAIdWKuJjkeLp/9tMjYi4Pfz6wJPHhi9eOHF+tIgiUlnSW//85NVLjecWb9xcml9enp9rTLVbs4tz8/v94+qXW+1bt6fGJx5JZx5o8BG3f7D+3OLNl5Za17+6sufrQ/VLM8srS83ZvV+OwahFTPfuGakaPDU+UTV6odVsV4em2j0aWIsY229nAAAAAAAAAAAAAAAAAAAAODSGUhGfixQ/+a9zqbtuvK+z5v9XOs+K7dpX/mDndwEs3JFdvb8/YD/bab8NHakW3jemxicmJnt29/XfXVq2KaUinokUn3j5Q9V6+BRDe66NL+veW9bdOJfrhn+trFvdVVUfmRqfaFxZbJ+4tLCwONtcac4szDcmbzZn9/2LAwAAAAAAAAAAAAAAAAAAAOA+hlIRP4oU//P3/5G6953P6//7Os961v//VrWEvlJPu3Nbtbb/vdXa/s72+y6ODn302XvtfxTr/8s2pVTENyPF2R99qLqffnf9//QdtWXdn0WKN579SK6rPVHWNbvd6bzjtdbC/Kmy9q8jxa+/2a2NqvZ6rn16p/Z0WTsYKf5yc3ftV3PtB3Zqz5S1xyPF9/5779oP7tSeLWt/Ein+6e8a3dqhsvb3c+2xndqTs4sLcw8a1nL+vxMp/vbK76Run+85/z2//2H1jtx215zff/vtmv/hnn2reV7/NM9/8wHzfz5SfKf+kVzXGfuZ/PpT1f935v8TkeI//2137bVc+/6d2tP77dZBK+f/25Hiu3/14+0+5/nPI7szQ73z/6t9u3P7U3JA8/9Uz77h3K7ZX3Is3o2WX/r6i82FhfklGzZs2NjeOOgzE49D+f3/55Hi/48VqXsdk7//39N5tnP997/f2Pn+v3hHbjug7//39+y7mK9a+vsi6is3bvY/E1FffunrJ1o3mtfnr8+3z5w+9elPnz996vT5/ie6F3c7W/seu3eCcv5/ECl++A8/3P45Zvf1397X/0N35LYDmv+ne/u067pm30PxrlTO/99Eiqc+++Ptnzfvd/3f/fn/+Md25/bfvwOa/w/07BvO7Wr9kmMBAAAAAAAAAABwlAylIv4iUvzuH/9m6q4h2s+//5u7I7cd0L//Otazb+4xrWvY9yADABwi5fXfByPFP299f3st9+7rv/iNbm3v9d+9HIb7/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFGXoog/jBRDr26m9YHyeUf9cqt96/bU+MTehw2mSFGLoqovH/XTZ86e+9T5C6PdvP/xb7cPx/OTVy81nlu8cXNpfnl5fq4x1W7NLs7N7/sdHvb4O41UA9C48eKtuWvXlhtnTp7d9fLt4dcHnjw2fPHCifOj3dqp8YmJyZ6avv63/KffJd1j/xNRxPcjxZvDb6TvDkTU4uHH4gGfnUdtsOrESNWJqfGJqiMLrWZ7pXwx1XJVLaLRc9BYd4wew1w8lLGI1bL5ZYNHyu5N3mwuNWcW5htfbC6ttFZai+1U67S27E8jajGaItYiYmPg7rfrjyK+GSlePrWZ/mUgouiOwyevTH7p1NkHt6f2CPq4D2U7G/0Ra7UjMGeH2EAU8Y+R4mevHY/vDUT0RecRH4/4QpmvRrxS5mciUvnBOBfx0z0+RxxNfVHEuUixmDbTawPl+aB7Xrn85cbn29cWe2q755Uj//3wOB3yc1M9ivhBdcbfTP/q7zUAAAAAAAAAAAAAAADAIVLEWqT4yonjqVofvL2muNW+3rjanFnoLOvrrv3rrpne2traaqROjuWczrmacy3nes6NnFHLx+ccyzmdczXnWs71nBs5o8jH5xzLOZ1zNedazvWcGzmjLx+fcyzndM7VnGs513Nu5IxDsnYPAAAAAAAAAAAAAAAAAAB4Z6lFUd3F/Vtf20xbA537S09HJ9fdD/Qd7xcBAAD//0kCdPc=")
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000140)=0x7)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file2\x00', 0x63901, 0x10)
pwrite64(r2, &(0x7f0000000000)="6c0b546bc2", 0x5, 0x404042ffc)

458.400077ms ago: executing program 1 (id=847):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/comedi0\x00', 0x0, 0x0)
syz_mount_image$udf(&(0x7f0000000c40), &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='noadinicb,nostrict,mode=00000000000000000000004,uid=forget,noadinicb,umask=00000000000000040002000,lastblock=00000000000000000013,undelete,partition=00000000000000000005,\x00'], 0x47, 0xc11, &(0x7f0000000d00)="$eJzs3V1oXOl5B/DnnSOtRto00WYTb9Jm04GUxCi18VdsBZcgZxW1AccbIit0r6LRh51h5ZGR5MabtkFtSQu9Cd2b0psimi4t5KJX3V5WabaQUAol5CK9KAiaLHvRC10ECi0bhXPmHWlky7ayXlvS7u+3zP7PnHnO+P0YnzkCvzoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89nOXTp1OB90KAOBxujL5pVNnff8DwLvKVT//AwAAAAAAAAAAAADAYZeiiGORYujVzTRdPe+oX261b92eGp/Y+7DBFClqUVT15aN++szZc586f2G0m/c//u324Xh+8uqlxnOLN24uzS8vz881ptqt2cW5+X2/w8Mef6eRagAaN168NXft2nLjzMmzu16+Pfz6wJPHhi9eOHF+tFs7NT4xMdlT09f/lv/0u9xrhccTUUQzUrw5/EZqRkQtHn4sHvDZedQGq06MVJ2YGp+oOrLQarZXyhdTLVfVIho9B411x+gxzMVDGYtYLZtfNnik7N7kzeZSc2ZhvvHF5tJKa6W12E61TmvL/jSiFqMpYi0iNgbufrv+KOKjkeLlU5tpJiKK7jh8sloY/OD21B5BH/ehbGejP2KtdgTm7BAbiCKuRIqfvXY8Zssxy4/4eMQXynw14pUyPxORyg/GuYif7vE54mjqiyL+PVIsps00V50PuueVy19ufL59bbGntnteOfLfD4/TIT831aOImeqMv5ne+sUOAAAAAAAAAAAAAAAAAG+3wSji25HiT579vWpdcVTr0t93cfQ9L/x275rxZx7wPmXtyYhYre1vTW5/XjqcauV/j6Bj7Es9ivhGXv/3RwfdGAAAAAAAAAAAAAAAAAAAgHe1Il6IFF85cTytRe89xVvt642rzZmFzl1hu/f+7d4zfWtra6uROjmWczrnas61nOs5N3JGLR+fcyzndM7VnGs513Nu5IwiH59zLOd0ztWcaznXc27kjL58fM6xnNM5V3Ou5VzPuZEzDsm9ewEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3klqUcTPI8W3vraZIkXEWMR0dHJ94KBbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU6qmIk5Fi/YV69XytFnE1In6+tbXVfUTEZpkP66D7CgAAAAAAAAAAAAAAAAAAAIdWKuJjkeLp/9tMjYi4Pfz6wJPHhi9eOHF+tIgiUlnSW//85NVLjecWb9xcml9enp9rTLVbs4tz8/v94+qXW+1bt6fGJx5JZx5o8BG3f7D+3OLNl5Za17+6sufrQ/VLM8srS83ZvV+OwahFTPfuGakaPDU+UTV6odVsV4em2j0aWIsY229nAAAAAAAAAAAAAAAAAAAAODSGUhGfixQ/+a9zqbtuvK+z5v9XOs+K7dpX/mDndwEs3JFdvb8/YD/bab8NHakW3jemxicmJnt29/XfXVq2KaUinokUn3j5Q9V6+BRDe66NL+veW9bdOJfrhn+trFvdVVUfmRqfaFxZbJ+4tLCwONtcac4szDcmbzZn9/2LAwAAAAAAAAAAAAAAAAAAAOA+hlIRP4oU//P3/5G6953P6//7Os961v//VrWEvlJPu3Nbtbb/vdXa/s72+y6ODn302XvtfxTr/8s2pVTENyPF2R99qLqffnf9//QdtWXdn0WKN579SK6rPVHWNbvd6bzjtdbC/Kmy9q8jxa+/2a2NqvZ6rn16p/Z0WTsYKf5yc3ftV3PtB3Zqz5S1xyPF9/5779oP7tSeLWt/Ein+6e8a3dqhsvb3c+2xndqTs4sLcw8a1nL+vxMp/vbK76Run+85/z2//2H1jtx215zff/vtmv/hnn2reV7/NM9/8wHzfz5SfKf+kVzXGfuZ/PpT1f935v8TkeI//2137bVc+/6d2tP77dZBK+f/25Hiu3/14+0+5/nPI7szQ73z/6t9u3P7U3JA8/9Uz77h3K7ZX3Is3o2WX/r6i82FhfklGzZs2NjeOOgzE49D+f3/55Hi/48VqXsdk7//39N5tnP997/f2Pn+v3hHbjug7//39+y7mK9a+vsi6is3bvY/E1FffunrJ1o3mtfnr8+3z5w+9elPnz996vT5/ie6F3c7W/seu3eCcv5/ECl++A8/3P45Zvf1397X/0N35LYDmv+ne/u067pm30PxrlTO/99Eiqc+++Ptnzfvd/3f/fn/+Md25/bfvwOa/w/07BvO7Wr9kmMBAAAAAAAAAABwlAylIv4iUvzuH/9m6q4h2s+//5u7I7cd0L//Otazb+4xrWvY9yADABwi5fXfByPFP299f3st9+7rv/iNbm3v9d+9HIb7/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFGXoog/jBRDr26m9YHyeUf9cqt96/bU+MTehw2mSFGLoqovH/XTZ86e+9T5C6PdvP/xb7cPx/OTVy81nlu8cXNpfnl5fq4x1W7NLs7N7/sdHvb4O41UA9C48eKtuWvXlhtnTp7d9fLt4dcHnjw2fPHCifOj3dqp8YmJyZ6avv63/KffJd1j/xNRxPcjxZvDb6TvDkTU4uHH4gGfnUdtsOrESNWJqfGJqiMLrWZ7pXwx1XJVLaLRc9BYd4wew1w8lLGI1bL5ZYNHyu5N3mwuNWcW5htfbC6ttFZai+1U67S27E8jajGaItYiYmPg7rfrjyK+GSlePrWZ/mUgouiOwyevTH7p1NkHt6f2CPq4D2U7G/0Ra7UjMGeH2EAU8Y+R4mevHY/vDUT0RecRH4/4QpmvRrxS5mciUvnBOBfx0z0+RxxNfVHEuUixmDbTawPl+aB7Xrn85cbn29cWe2q755Uj//3wOB3yc1M9ivhBdcbfTP/q7zUAAAAAAAAAAAAAAADAIVLEWqT4yonjqVofvL2muNW+3rjanFnoLOvrrv3rrpne2traaqROjuWczrmacy3nes6NnFHLx+ccyzmdczXnWs71nBs5o8jH5xzLOZ1zNedazvWcGzmjLx+fcyzndM7VnGs513Nu5IxDsnYPAAAAAAAAAAAAAAAAAAB4Z6lFUd3F/Vtf20xbA537S09HJ9fdD/Qd7xcBAAD//0kCdPc=")
openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0xc6000, 0x1e1)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000180)={'c6xdigio\x00', [0x9, 0x8, 0x6, 0x6, 0xf56, 0x7fff, 0xcb, 0x3ff, 0x1, 0x8, 0x10001, 0x7595, 0x3, 0x1, 0xfffffe01, 0x1ff, 0x3, 0x0, 0x1b, 0xfffffdb8, 0x9, 0x0, 0x9, 0x8, 0x9, 0x3c, 0x0, 0xc, 0x5, 0xed, 0x150]})
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000003240), 0x4000000000000e4, 0x0)
ioctl$TUNGETVNETLE(0xffffffffffffffff, 0x800454dd, &(0x7f0000000000))

207.009759ms ago: executing program 4 (id=848):
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet_sctp(0x2, 0x5, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000040900010073797a30000000002c000000030a01080000000000000000010000000900030073797a32000000000900010073797a300000000050000000060a010400000000000000000100000008000b40000000000900010073797a30000000002800048024000180090001006d6574610000000014000280080001400000001208000240000000", @ANYRES16=r0], 0xc4}}, 0x0)

79.720269ms ago: executing program 2 (id=849):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
listen(r0, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r1, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, &(0x7f0000000340)=[{&(0x7f00000002c0)='/', 0x1}], 0x1, 0x0, 0x0, 0x480c5}, 0x0)
r2 = accept4(r0, 0x0, 0x0, 0x0)
recvmsg$kcm(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, &(0x7f0000000380)=""/115, 0x73}, 0x100)

33.95458ms ago: executing program 0 (id=850):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4000, 0x5, @loopback, 0xb}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_256={{0x303}, "c8444943470da91b", "42f3ac0e0b8a32be8fe91c368e60693800000000d6e5394b00", "e7198360", "f7a5c1777af05eaa"}, 0x38)
write$binfmt_aout(r0, 0x0, 0xfdef)

0s ago: executing program 4 (id=851):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001200), 0x2, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0)
ppoll(&(0x7f0000000300)=[{r0, 0x2428}], 0x1, 0x0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000080)={<r2=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300), 0x106, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e62, 0x2, @empty, 0xa098}, {0xa, 0x4e21, 0x8000009, @mcast1}, r2, 0x4040099d}}, 0x48)
writev(r1, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2)

kernel console output (not intermixed with test programs):

e=2048 fake=0
[  120.315831][ T7021] netlink: 8 bytes leftover after parsing attributes in process `syz.1.358'.
[  120.337431][ T7029] EXT4-fs error (device loop2): ext4_readdir:263: inode #2: block 15: comm syz.2.362: path /85/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  120.370790][ T7029] EXT4-fs error (device loop2): ext4_readdir:263: inode #2: block 16: comm syz.2.362: path /85/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  120.376244][ T7021] bond0: entered promiscuous mode
[  120.404219][ T7021] bond_slave_0: entered promiscuous mode
[  120.409967][ T7029] EXT4-fs error (device loop2): ext4_readdir:263: inode #2: block 17: comm syz.2.362: path /85/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  120.431352][ T7021] bond_slave_1: entered promiscuous mode
[  120.447521][ T7021] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  120.463654][ T7029] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #2: block 18: comm syz.2.362: lblock 23 mapped to illegal pblock 18 (length 1)
[  120.487544][ T7021] bond0: left promiscuous mode
[  120.497390][ T7021] bond_slave_0: left promiscuous mode
[  120.507309][ T7029] EXT4-fs error (device loop2): ext4_readdir:263: inode #2: block 19: comm syz.2.362: path /85/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  120.532408][ T7021] bond_slave_1: left promiscuous mode
[  120.556694][ T7029] EXT4-fs error (device loop2): ext4_readdir:263: inode #2: block 20: comm syz.2.362: path /85/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0
[  120.585341][ T7049] loop3: detected capacity change from 0 to 1024
[  120.640657][ T5788] usb 2-1: USB disconnect, device number 6
[  120.828571][ T5783] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.946719][ T7055] 9pnet_fd: Insufficient options for proto=fd
[  121.096696][ T7060] loop3: detected capacity change from 0 to 64
[  121.119590][ T7047] loop0: detected capacity change from 0 to 32768
[  121.137913][ T7060] overlayfs: missing 'workdir'
[  121.174799][ T7047] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  121.282975][ T7047] XFS (loop0): Ending clean mount
[  121.311845][ T7047] XFS (loop0): Quotacheck needed: Please wait.
[  121.368826][ T7047] XFS (loop0): Quotacheck: Done.
[  121.376231][ T7073] loop1: detected capacity change from 0 to 64
[  121.489513][ T5784] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  121.570244][ T7077] loop1: detected capacity change from 0 to 1024
[  121.958662][ T7079] loop3: detected capacity change from 0 to 32768
[  121.969627][ T7079] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.381 (7079)
[  122.001666][ T7079] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  122.012758][ T7079] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  122.021468][ T7079] BTRFS info (device loop3): turning on flush-on-commit
[  122.028666][ T7079] BTRFS info (device loop3): max_inline at 4096
[  122.034993][ T7079] BTRFS info (device loop3): enabling disk space caching
[  122.042957][ T7079] BTRFS info (device loop3): enabling free space tree
[  122.049754][ T7079] BTRFS info (device loop3): turning off barriers
[  122.056248][ T7079] BTRFS info (device loop3): disabling tree log
[  122.062691][ T7079] BTRFS info (device loop3): enabling ssd optimizations
[  122.069649][ T7079] BTRFS info (device loop3): force clearing of disk cache
[  122.076877][ T7079] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_LZO (0x8)
[  122.086670][ T7079] BTRFS info (device loop3): use lzo compression, level 0
[  122.093907][ T7079] BTRFS info (device loop3): max_inline at 0
[  122.099911][ T7079] BTRFS info (device loop3): using free space tree
[  122.124309][ T7083] 9pnet_fd: Insufficient options for proto=fd
[  122.243272][ T7079] BTRFS info (device loop3): rebuilding free space tree
[  122.257122][ T7079] BTRFS info (device loop3): checking UUID tree
[  122.379598][ T7108] loop1: detected capacity change from 0 to 64
[  122.404597][ T5786] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  122.467802][ T7108] overlayfs: missing 'workdir'
[  122.666822][   T28] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  122.862167][   T28] usb 1-1: Using ep0 maxpacket: 32
[  122.871969][   T28] usb 1-1: config 3 has 0 interfaces, different from the descriptor's value: 1
[  122.892072][   T28] usb 1-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  122.919638][   T28] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.158300][ T7109] netlink: 8 bytes leftover after parsing attributes in process `syz.0.386'.
[  123.201620][ T7109] bond0: entered promiscuous mode
[  123.220550][ T7109] bond_slave_0: entered promiscuous mode
[  123.230809][ T7109] bond_slave_1: entered promiscuous mode
[  123.245243][ T7119] loop3: detected capacity change from 0 to 1024
[  123.246834][ T7109] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  123.276276][ T7109] bond0: left promiscuous mode
[  123.281289][ T7109] bond_slave_0: left promiscuous mode
[  123.293592][ T7109] bond_slave_1: left promiscuous mode
[  123.451421][ T7114] loop1: detected capacity change from 0 to 32768
[  123.459807][ T5855] usb 1-1: USB disconnect, device number 5
[  123.509739][ T7114] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  123.612577][ T7134] 9pnet_fd: Insufficient options for proto=fd
[  123.623543][ T7114] XFS (loop1): Ending clean mount
[  123.641742][ T7114] XFS (loop1): Quotacheck needed: Please wait.
[  123.697490][ T7114] XFS (loop1): Quotacheck: Done.
[  123.749922][ T7136] netlink: 24 bytes leftover after parsing attributes in process `syz.2.394'.
[  123.841206][ T5785] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  123.935091][ T7140] loop2: detected capacity change from 0 to 64
[  124.118274][ T7143] loop0: detected capacity change from 0 to 256
[  124.137719][ T7143] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000e8a4, chksum : 0x7bc75166, utbl_chksum : 0xe619d30d)
[  124.292318][ T7147] loop0: detected capacity change from 0 to 1024
[  124.599105][ T7149] loop1: detected capacity change from 0 to 32768
[  124.608338][ T7149] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.396 (7149)
[  124.627521][ T7149] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  124.637767][ T7149] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  124.646549][ T7149] BTRFS info (device loop1): turning on flush-on-commit
[  124.653620][ T7149] BTRFS info (device loop1): max_inline at 4096
[  124.659889][ T7149] BTRFS info (device loop1): enabling disk space caching
[  124.667007][ T7149] BTRFS info (device loop1): enabling free space tree
[  124.674518][ T7149] BTRFS info (device loop1): turning off barriers
[  124.680958][ T7149] BTRFS info (device loop1): disabling tree log
[  124.687351][ T7149] BTRFS info (device loop1): enabling ssd optimizations
[  124.694369][ T7149] BTRFS info (device loop1): force clearing of disk cache
[  124.701497][ T7149] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_LZO (0x8)
[  124.710965][ T7149] BTRFS info (device loop1): use lzo compression, level 0
[  124.712911][ T7153] 9pnet_fd: Insufficient options for proto=fd
[  124.718258][ T7149] BTRFS info (device loop1): max_inline at 0
[  124.730206][ T7149] BTRFS info (device loop1): using free space tree
[  124.878961][ T7173] loop3: detected capacity change from 0 to 64
[  124.902574][ T7149] BTRFS info (device loop1): rebuilding free space tree
[  124.919133][ T7149] BTRFS info (device loop1): checking UUID tree
[  125.067785][ T5785] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  125.089298][ T7180] netlink: 24 bytes leftover after parsing attributes in process `syz.2.407'.
[  125.228668][ T7182] loop3: detected capacity change from 0 to 1024
[  125.632344][ T5854] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  125.775380][ T7194] 9pnet_fd: Insufficient options for proto=fd
[  125.803006][ T7175] loop0: detected capacity change from 0 to 32768
[  125.812103][ T5854] usb 2-1: Using ep0 maxpacket: 32
[  125.822674][ T5854] usb 2-1: config 3 has 0 interfaces, different from the descriptor's value: 1
[  125.830837][ T7175] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  125.832359][ T5854] usb 2-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  125.849695][ T5854] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.919238][ T7175] XFS (loop0): Ending clean mount
[  125.930025][ T7175] XFS (loop0): Quotacheck needed: Please wait.
[  125.984713][ T7175] XFS (loop0): Quotacheck: Done.
[  126.060738][ T5784] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  126.085892][ T7184] netlink: 8 bytes leftover after parsing attributes in process `syz.1.408'.
[  126.107091][ T7184] bond0: entered promiscuous mode
[  126.112851][ T7184] bond_slave_0: entered promiscuous mode
[  126.125210][ T7184] bond_slave_1: entered promiscuous mode
[  126.137450][ T7184] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  126.151637][ T7184] bond0: left promiscuous mode
[  126.167015][ T7184] bond_slave_0: left promiscuous mode
[  126.181580][ T7184] bond_slave_1: left promiscuous mode
[  126.318835][ T5875] usb 2-1: USB disconnect, device number 7
[  126.360203][ T7211] loop2: detected capacity change from 0 to 64
[  126.660896][ T7215] loop3: detected capacity change from 0 to 1024
[  126.672635][ T7213] loop0: detected capacity change from 0 to 32768
[  126.682626][ T7213] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.418 (7213)
[  126.703246][ T7213] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  126.713590][ T7213] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  126.723392][ T7213] BTRFS info (device loop0): turning on flush-on-commit
[  126.730387][ T7213] BTRFS info (device loop0): max_inline at 4096
[  126.736699][ T7213] BTRFS info (device loop0): enabling disk space caching
[  126.743791][ T7213] BTRFS info (device loop0): enabling free space tree
[  126.750573][ T7213] BTRFS info (device loop0): turning off barriers
[  126.757070][ T7213] BTRFS info (device loop0): disabling tree log
[  126.763428][ T7213] BTRFS info (device loop0): enabling ssd optimizations
[  126.770386][ T7213] BTRFS info (device loop0): force clearing of disk cache
[  126.777562][ T7213] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_LZO (0x8)
[  126.786884][ T7213] BTRFS info (device loop0): use lzo compression, level 0
[  126.794147][ T7213] BTRFS info (device loop0): max_inline at 0
[  126.800146][ T7213] BTRFS info (device loop0): using free space tree
[  126.965807][ T7213] BTRFS info (device loop0): rebuilding free space tree
[  126.987713][ T7213] BTRFS info (device loop0): checking UUID tree
[  127.047232][ T7238] 9pnet_fd: Insufficient options for proto=fd
[  127.120320][ T7241] netlink: 24 bytes leftover after parsing attributes in process `syz.2.423'.
[  127.144360][ T5784] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  127.375773][ T7248] loop1: detected capacity change from 0 to 64
[  127.573276][ T7254] loop3: detected capacity change from 0 to 1024
[  128.060410][ T7256] loop1: detected capacity change from 0 to 40427
[  128.069743][ T7256] F2FS-fs (loop1): build fault injection attr: rate: 690, type: 0x7ffff
[  128.078192][ T7256] F2FS-fs (loop1): Image doesn't support compression
[  128.084957][ T7256] F2FS-fs (loop1): Image doesn't support compression
[  128.100417][ T7256] F2FS-fs (loop1): invalid crc value
[  128.113292][ T7256] F2FS-fs (loop1): Found nat_bits in checkpoint
[  128.161013][ T7256] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  128.197335][ T7256] syz.1.430: attempt to access beyond end of device
[  128.197335][ T7256] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  128.212404][ T7256] F2FS-fs (loop1): Remounting filesystem read-only
[  128.397967][ T7264] 9pnet_fd: Insufficient options for proto=fd
[  128.557713][ T7251] loop0: detected capacity change from 0 to 32768
[  128.582266][ T7251] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  128.651590][ T7251] XFS (loop0): Ending clean mount
[  128.662088][ T5855] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  128.688943][ T7251] XFS (loop0): Quotacheck needed: Please wait.
[  128.757751][ T7251] XFS (loop0): Quotacheck: Done.
[  128.872318][ T5855] usb 4-1: Using ep0 maxpacket: 32
[  128.885791][ T5855] usb 4-1: config 3 has 0 interfaces, different from the descriptor's value: 1
[  128.895725][ T5855] usb 4-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  128.905775][ T5855] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.922901][ T5784] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  129.155410][ T7265] netlink: 8 bytes leftover after parsing attributes in process `syz.3.432'.
[  129.191349][ T7265] bond0: entered promiscuous mode
[  129.196787][ T7265] bond_slave_0: entered promiscuous mode
[  129.207837][ T7265] bond_slave_1: entered promiscuous mode
[  129.218550][ T7265] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  129.269523][ T7265] bond0: left promiscuous mode
[  129.282299][ T7265] bond_slave_0: left promiscuous mode
[  129.284106][ T7289] loop0: detected capacity change from 0 to 64
[  129.301278][ T7265] bond_slave_1: left promiscuous mode
[  129.418164][ T7292] loop1: detected capacity change from 0 to 256
[  129.433468][ T7292] exfat: Unknown parameter 'zero_size_dir'
[  129.439390][ T5788] usb 4-1: USB disconnect, device number 4
[  129.548596][ T7294] 9pnet_fd: Insufficient options for proto=fd
[  129.563319][ T5854] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  129.762165][ T5854] usb 3-1: Using ep0 maxpacket: 16
[  129.783091][ T5854] usb 3-1: config 1 has an invalid interface number: 105 but max is 0
[  129.797282][ T5854] usb 3-1: config 1 has no interface number 0
[  129.803598][ T5854] usb 3-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  129.813783][ T5854] usb 3-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  129.828199][ T5854] usb 3-1: config 1 interface 105 has no altsetting 0
[  129.844101][ T5854] usb 3-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  129.858974][ T5854] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  129.867332][ T5854] usb 3-1: Product: syz
[  129.871613][ T5854] usb 3-1: Manufacturer: syz
[  129.876588][ T5854] usb 3-1: SerialNumber: syz
[  129.892565][ T7290] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  129.905270][ T7290] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  129.957977][ T7301] loop0: detected capacity change from 0 to 32768
[  129.988112][ T7301] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  130.049983][ T7301] XFS (loop0): Ending clean mount
[  130.058943][ T7301] XFS (loop0): Quotacheck needed: Please wait.
[  130.105435][ T7301] XFS (loop0): Quotacheck: Done.
[  130.186323][ T5784] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  130.325536][ T7290] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  130.335401][ T7290] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  130.545344][ T7320] loop0: detected capacity change from 0 to 64
[  130.633951][ T7325] 9pnet_fd: Insufficient options for proto=fd
[  130.748962][ T7322] loop3: detected capacity change from 0 to 2048
[  130.796125][ T7322] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  130.947321][ T5854] aqc111 3-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  130.968950][ T5854] aqc111 3-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  131.018361][ T5854] aqc111 3-1:1.105 eth1: register 'aqc111' at usb-dummy_hcd.2-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, 12:f1:2d:3a:ff:9d
[  131.042851][ T5854] usb 3-1: USB disconnect, device number 7
[  131.058815][ T5854] aqc111 3-1:1.105 eth1: unregister 'aqc111' usb-dummy_hcd.2-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[  131.192295][ T5788] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  131.244085][ T5854] aqc111 3-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  131.270185][ T5854] aqc111 3-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  131.286817][ T5854] aqc111 3-1:1.105 eth1 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[  131.392090][ T5788] usb 2-1: Using ep0 maxpacket: 32
[  131.409441][ T5788] usb 2-1: config 3 has 0 interfaces, different from the descriptor's value: 1
[  131.432743][ T5788] usb 2-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  131.452619][ T5788] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.689576][ T7333] loop0: detected capacity change from 0 to 32768
[  131.695110][ T7331] netlink: 8 bytes leftover after parsing attributes in process `syz.1.456'.
[  131.748465][ T7360] loop3: detected capacity change from 0 to 64
[  131.756089][ T7333] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  131.759019][ T7331] bond0: entered promiscuous mode
[  131.769916][ T7331] bond_slave_0: entered promiscuous mode
[  131.775842][ T7331] bond_slave_1: entered promiscuous mode
[  131.783145][ T7331] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  131.792383][ T7331] bond0: left promiscuous mode
[  131.797175][ T7331] bond_slave_0: left promiscuous mode
[  131.848241][ T7331] bond_slave_1: left promiscuous mode
[  131.939945][ T7333] XFS (loop0): Ending clean mount
[  131.970544][ T7333] XFS (loop0): Quotacheck needed: Please wait.
[  132.023191][ T5788] usb 2-1: USB disconnect, device number 8
[  132.074842][ T7333] XFS (loop0): Quotacheck: Done.
[  132.099842][ T7367] 9pnet_fd: Insufficient options for proto=fd
[  132.171674][ T5784] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  132.865773][ T7394] loop0: detected capacity change from 0 to 64
[  132.928750][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  132.935858][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  133.200897][ T7404] 9pnet_fd: Insufficient options for proto=fd
[  133.538684][ T7383] loop3: detected capacity change from 0 to 32768
[  133.563387][ T7383] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.468 (7383)
[  133.593277][ T7396] loop1: detected capacity change from 0 to 32768
[  133.625076][ T7383] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  133.637034][ T7396] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  133.652126][ T5788] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  133.659769][ T7383] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  133.690477][ T7383] BTRFS info (device loop3): turning on flush-on-commit
[  133.716162][ T7383] BTRFS info (device loop3): max_inline at 4096
[  133.723256][ T7383] BTRFS info (device loop3): enabling disk space caching
[  133.730440][ T7383] BTRFS info (device loop3): enabling free space tree
[  133.737490][ T7383] BTRFS info (device loop3): turning off barriers
[  133.760797][ T7396] XFS (loop1): Ending clean mount
[  133.767102][ T7383] BTRFS info (device loop3): disabling tree log
[  133.777918][ T7396] XFS (loop1): Quotacheck needed: Please wait.
[  133.787873][ T7383] BTRFS info (device loop3): enabling ssd optimizations
[  133.811390][ T7383] BTRFS info (device loop3): force clearing of disk cache
[  133.829102][ T7396] XFS (loop1): Quotacheck: Done.
[  133.836502][ T7383] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_LZO (0x8)
[  133.843566][ T5788] usb 1-1: Using ep0 maxpacket: 8
[  133.853824][ T5788] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  133.873031][ T5788] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  133.873184][ T7383] BTRFS info (device loop3): use lzo compression, level 0
[  133.897489][ T5788] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  133.916298][ T5788] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  133.920796][ T7383] BTRFS info (device loop3): max_inline at 0
[  133.939046][ T5788] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  133.952028][ T7383] BTRFS info (device loop3): using free space tree
[  133.980322][ T5785] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  133.995600][ T5788] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  134.008116][ T5788] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.034574][ T7383] BTRFS info (device loop3): rebuilding free space tree
[  134.061678][ T7383] BTRFS info (device loop3): checking UUID tree
[  134.262441][ T5786] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  134.375220][ T5778] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 11 /dev/loop3 scanned by udevd (5778)
[  134.378072][ T7437] ALSA: mixer_oss: invalid OSS volume ''
[  134.470845][ T7437] loop1: detected capacity change from 0 to 1024
[  134.594399][ T7437] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  134.604524][ T7437] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  134.613826][ T7437] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  134.622998][ T7437] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  134.754101][ T7446] loop2: detected capacity change from 0 to 64
[  134.782241][    T9] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  134.817614][ T7449] usbtmc 1-1:16.0: usb_control_msg returned -32
[  134.834087][ T5788] usb 1-1: USB disconnect, device number 6
[  134.972173][    T9] usb 4-1: Using ep0 maxpacket: 32
[  134.996536][    T9] usb 4-1: config 3 has 0 interfaces, different from the descriptor's value: 1
[  135.000528][ T7453] 9pnet_fd: Insufficient options for proto=fd
[  135.015791][    T9] usb 4-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  135.042204][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.278619][ T7442] netlink: 8 bytes leftover after parsing attributes in process `syz.3.478'.
[  135.297538][ T7442] bond0: entered promiscuous mode
[  135.302738][ T7442] bond_slave_0: entered promiscuous mode
[  135.308578][ T7442] bond_slave_1: entered promiscuous mode
[  135.316160][ T7442] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  135.325638][ T7442] bond0: left promiscuous mode
[  135.330509][ T7442] bond_slave_0: left promiscuous mode
[  135.336280][ T7442] bond_slave_1: left promiscuous mode
[  135.442409][ T5788] usb 4-1: USB disconnect, device number 5
[  135.513312][ T7458] loop2: detected capacity change from 0 to 32768
[  135.532565][ T7458] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 11
[  135.650168][ T5778] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 11
[  135.695089][ T7467] loop0: detected capacity change from 0 to 512
[  135.727143][ T7467] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.490: inode has both inline data and extents flags
[  135.745383][ T7467] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.490: couldn't read orphan inode 15 (err -117)
[  135.771031][ T6529] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 11
[  135.795639][ T7467] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.956278][ T5784] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.075797][ T7475] loop0: detected capacity change from 0 to 64
[  136.249262][ T7477] 9pnet_fd: Insufficient options for proto=fd
[  136.345895][ T7479] loop3: detected capacity change from 0 to 4096
[  136.413769][ T7479] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.533573][ T7479] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  136.636940][ T7486] netlink: 'syz.1.499': attribute type 4 has an invalid length.
[  136.726284][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.010827][ T7500] loop3: detected capacity change from 0 to 64
[  137.102079][ T5854] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  137.167332][ T7502] 9pnet_fd: Insufficient options for proto=fd
[  137.253675][ T7490] loop0: detected capacity change from 0 to 32768
[  137.273362][ T7490] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 11
[  137.297152][ T5854] usb 3-1: Using ep0 maxpacket: 32
[  137.311270][ T5854] usb 3-1: config 3 has 0 interfaces, different from the descriptor's value: 1
[  137.327512][ T5854] usb 3-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  137.350443][ T5854] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.429714][ T6529] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 11
[  137.500993][ T7510] loop3: detected capacity change from 0 to 256
[  137.571130][ T7510] FAT-fs (loop3): Directory bread(block 64) failed
[  137.589544][ T7510] FAT-fs (loop3): Directory bread(block 65) failed
[  137.605517][ T7510] FAT-fs (loop3): Directory bread(block 66) failed
[  137.620004][ T7493] netlink: 8 bytes leftover after parsing attributes in process `syz.2.502'.
[  137.621466][ T7510] FAT-fs (loop3): Directory bread(block 67) failed
[  137.638833][ T7493] bond0: entered promiscuous mode
[  137.645769][ T7493] bond_slave_0: entered promiscuous mode
[  137.653116][ T7493] bond_slave_1: entered promiscuous mode
[  137.662191][ T7510] FAT-fs (loop3): Directory bread(block 68) failed
[  137.667025][ T7493] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  137.668754][ T7510] FAT-fs (loop3): Directory bread(block 69) failed
[  137.668853][ T7510] FAT-fs (loop3): Directory bread(block 70) failed
[  137.689785][ T7510] FAT-fs (loop3): Directory bread(block 71) failed
[  137.690374][ T7493] bond0: left promiscuous mode
[  137.696465][ T7510] FAT-fs (loop3): Directory bread(block 72) failed
[  137.696493][ T7510] FAT-fs (loop3): Directory bread(block 73) failed
[  137.707533][ T7493] bond_slave_0: left promiscuous mode
[  137.722119][ T5875] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  137.736571][ T7493] bond_slave_1: left promiscuous mode
[  137.826114][ T7512] netlink: 24 bytes leftover after parsing attributes in process `syz.1.510'.
[  137.878033][ T5854] usb 3-1: USB disconnect, device number 8
[  137.912079][ T5875] usb 1-1: Using ep0 maxpacket: 16
[  137.919640][ T5875] usb 1-1: config 1 has an invalid interface number: 105 but max is 0
[  137.930598][ T5875] usb 1-1: config 1 has no interface number 0
[  137.942510][ T5875] usb 1-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  137.972056][ T5875] usb 1-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  137.990475][ T5875] usb 1-1: config 1 interface 105 has no altsetting 0
[  138.004687][ T5875] usb 1-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  138.018720][ T5875] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  138.036499][ T5875] usb 1-1: Product: syz
[  138.040778][ T5875] usb 1-1: Manufacturer: syz
[  138.056922][ T5875] usb 1-1: SerialNumber: syz
[  138.066590][ T7508] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  138.074175][ T7508] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  138.085144][ T7518] loop1: detected capacity change from 0 to 64
[  138.322958][ T7522] 9pnet_fd: Insufficient options for proto=fd
[  138.516354][ T7508] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  138.532541][ T7508] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  138.603050][ T7528] Bluetooth: MGMT ver 1.22
[  138.616971][ T7528] Bluetooth: hci0: invalid length 0, exp 2 for type 20
[  139.000169][ T7534] netlink: 24 bytes leftover after parsing attributes in process `syz.2.520'.
[  139.111147][ T7526] loop1: detected capacity change from 0 to 32768
[  139.124674][ T7526] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 11
[  139.156040][ T5875] aqc111 1-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  139.177305][ T5875] aqc111 1-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  139.197806][ T5875] aqc111 1-1:1.105 eth1: register 'aqc111' at usb-dummy_hcd.0-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, 6a:bd:57:f3:6b:c8
[  139.216563][ T5875] usb 1-1: USB disconnect, device number 7
[  139.225164][ T5875] aqc111 1-1:1.105 eth1: unregister 'aqc111' usb-dummy_hcd.0-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[  139.264854][ T7538] loop2: detected capacity change from 0 to 64
[  139.301654][ T5875] aqc111 1-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  139.305921][ T5778] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 11
[  139.327134][ T5875] aqc111 1-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  139.344767][ T5875] aqc111 1-1:1.105 eth1 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[  139.405721][ T7540] loop1: detected capacity change from 0 to 128
[  139.585650][ T7545] 9pnet_fd: Insufficient options for proto=fd
[  139.898589][ T7556] netlink: 24 bytes leftover after parsing attributes in process `syz.3.530'.
[  139.982195][ T5875] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  140.013491][ T7560] loop3: detected capacity change from 0 to 64
[  140.162158][   T28] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  140.172113][ T5875] usb 2-1: Using ep0 maxpacket: 32
[  140.184678][ T5875] usb 2-1: config 3 has 0 interfaces, different from the descriptor's value: 1
[  140.195267][ T5875] usb 2-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  140.208959][ T5875] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.309947][ T7558] loop2: detected capacity change from 0 to 32768
[  140.321534][ T7558] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 11
[  140.392961][   T28] usb 1-1: Using ep0 maxpacket: 32
[  140.397275][ T6529] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 11
[  140.404842][   T28] usb 1-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  140.426691][   T28] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.448387][   T28] usb 1-1: Product: syz
[  140.458288][ T7548] netlink: 8 bytes leftover after parsing attributes in process `syz.1.526'.
[  140.467295][   T28] usb 1-1: Manufacturer: syz
[  140.471906][   T28] usb 1-1: SerialNumber: syz
[  140.487377][   T28] usb 1-1: config 0 descriptor??
[  140.494635][ T7548] bond0: entered promiscuous mode
[  140.499691][ T7548] bond_slave_0: entered promiscuous mode
[  140.513430][   T28] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  140.520329][ T7548] bond_slave_1: entered promiscuous mode
[  140.531151][ T7548] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  140.543907][ T7548] bond0: left promiscuous mode
[  140.557328][ T7548] bond_slave_0: left promiscuous mode
[  140.568107][ T7566] 9pnet_fd: Insufficient options for proto=fd
[  140.572247][ T7548] bond_slave_1: left promiscuous mode
[  140.682519][ T5854] usb 2-1: USB disconnect, device number 9
[  141.106644][ T7580] loop2: detected capacity change from 0 to 64
[  141.140060][   T28] gspca_ov534_9: reg_w failed -71
[  141.343828][ T7585] netlink: 24 bytes leftover after parsing attributes in process `syz.2.543'.
[  141.353909][ T7586] 9pnet_fd: Insufficient options for proto=fd
[  141.513743][ T7590] loop2: detected capacity change from 0 to 1024
[  141.521123][ T7590] EXT4-fs: Ignoring removed bh option
[  141.562266][   T28] gspca_ov534_9: Unknown sensor 0000
[  141.562351][   T28] ov534_9: probe of 1-1:0.0 failed with error -22
[  141.598354][ T7590] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.610910][   T28] usb 1-1: USB disconnect, device number 8
[  141.806943][ T7582] loop3: detected capacity change from 0 to 32768
[  141.845197][ T7582] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  141.847107][ T5783] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.857506][ T7582] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  141.876258][ T7582] BTRFS info (device loop3): turning on flush-on-commit
[  141.886528][ T7582] BTRFS info (device loop3): max_inline at 4096
[  141.936510][ T7582] BTRFS info (device loop3): enabling disk space caching
[  141.965441][ T7601] loop0: detected capacity change from 0 to 64
[  141.974669][ T7582] BTRFS info (device loop3): enabling free space tree
[  141.981595][ T7582] BTRFS info (device loop3): turning off barriers
[  141.991536][ T7582] BTRFS info (device loop3): disabling tree log
[  142.003755][ T7582] BTRFS info (device loop3): enabling ssd optimizations
[  142.020705][ T7582] BTRFS info (device loop3): force clearing of disk cache
[  142.046158][ T7582] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_LZO (0x8)
[  142.070824][ T7582] BTRFS info (device loop3): use lzo compression, level 0
[  142.079503][ T7582] BTRFS info (device loop3): max_inline at 0
[  142.085997][ T7582] BTRFS info (device loop3): using free space tree
[  142.303924][ T7582] BTRFS info (device loop3): rebuilding free space tree
[  142.359802][ T7582] BTRFS info (device loop3): checking UUID tree
[  142.520951][ T5786] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  142.586273][ T7619] loop2: detected capacity change from 0 to 40427
[  142.595964][ T7619] F2FS-fs (loop2): build fault injection attr: rate: 14, type: 0x7ffff
[  142.606469][    C0] F2FS-fs (loop2): inject read IO error in f2fs_read_end_io of blk_update_request+0x597/0xe40
[  142.622989][   T28] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  142.649774][ T7619] F2FS-fs (loop2): inject kmalloc in f2fs_kmalloc of f2fs_build_segment_manager+0x2fde/0x4730
[  142.660140][ T7619] F2FS-fs (loop2): Failed to initialize F2FS segment manager (-12)
[  142.717972][ T7629] netlink: 24 bytes leftover after parsing attributes in process `syz.1.555'.
[  142.832095][   T28] usb 1-1: Using ep0 maxpacket: 32
[  142.854605][   T28] usb 1-1: config 3 has 0 interfaces, different from the descriptor's value: 1
[  142.892791][   T28] usb 1-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  142.936197][   T28] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.199300][ T7623] netlink: 8 bytes leftover after parsing attributes in process `syz.0.553'.
[  143.237826][ T7623] bond0: entered promiscuous mode
[  143.263258][ T7623] bond_slave_0: entered promiscuous mode
[  143.282337][ T7623] bond_slave_1: entered promiscuous mode
[  143.282348][ T5788] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  143.299613][ T7623] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  143.342914][ T7623] bond0: left promiscuous mode
[  143.362172][ T7623] bond_slave_0: left promiscuous mode
[  143.378096][ T7623] bond_slave_1: left promiscuous mode
[  143.454967][ T7646] loop2: detected capacity change from 0 to 64
[  143.482592][    T9] usb 1-1: USB disconnect, device number 9
[  143.522383][ T5788] usb 2-1: Using ep0 maxpacket: 32
[  143.537160][ T5788] usb 2-1: config 0 has an invalid interface number: 12 but max is 0
[  143.572617][ T5788] usb 2-1: config 0 has no interface number 0
[  143.578764][ T5788] usb 2-1: config 0 interface 12 has no altsetting 0
[  143.595037][ T5788] usb 2-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  143.612222][ T5788] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.620254][ T5788] usb 2-1: Product: syz
[  143.632047][ T5788] usb 2-1: Manufacturer: syz
[  143.652340][ T5788] usb 2-1: SerialNumber: syz
[  143.670956][ T5788] usb 2-1: config 0 descriptor??
[  143.939053][ T7648] loop3: detected capacity change from 0 to 32768
[  143.948719][ T7648] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.562 (7648)
[  143.968169][ T7648] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  143.978431][ T7648] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  143.987399][ T7648] BTRFS info (device loop3): turning on flush-on-commit
[  143.994506][ T7648] BTRFS info (device loop3): max_inline at 4096
[  144.000803][ T7648] BTRFS info (device loop3): enabling disk space caching
[  144.008291][ T7648] BTRFS info (device loop3): enabling free space tree
[  144.015267][ T7648] BTRFS info (device loop3): turning off barriers
[  144.022867][ T7648] BTRFS info (device loop3): disabling tree log
[  144.029169][ T7648] BTRFS info (device loop3): enabling ssd optimizations
[  144.061513][ T7648] BTRFS info (device loop3): force clearing of disk cache
[  144.073369][ T7648] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_LZO (0x8)
[  144.114184][ T7648] BTRFS info (device loop3): use lzo compression, level 0
[  144.121387][ T7648] BTRFS info (device loop3): max_inline at 0
[  144.172470][ T7648] BTRFS info (device loop3): using free space tree
[  144.210640][ T7656] netlink: 'syz.0.564': attribute type 2 has an invalid length.
[  144.228045][ T7656] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.564'.
[  144.246995][ T7648] BTRFS info (device loop3): rebuilding free space tree
[  144.272734][ T7648] BTRFS info (device loop3): checking UUID tree
[  144.424074][ T5786] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  144.641650][ T7676] netlink: 24 bytes leftover after parsing attributes in process `syz.0.568'.
[  144.890464][ T7684] loop0: detected capacity change from 0 to 64
[  144.894450][ T5788] f81534 2-1:0.12: f81534_get_register: reg: 1003 failed: -71
[  144.923248][ T5788] f81534 2-1:0.12: f81534_find_config_idx: read failed: -71
[  144.944673][ T5788] f81534 2-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  144.966894][ T5788] f81534: probe of 2-1:0.12 failed with error -71
[  145.025918][ T5788] usb 2-1: USB disconnect, device number 10
[  145.243265][ T7695] loop0: detected capacity change from 0 to 128
[  145.255129][ T7695] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  145.273557][ T7695] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  145.342491][ T1194] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  145.542422][ T1194] usb 4-1: Using ep0 maxpacket: 32
[  145.549577][ T1194] usb 4-1: config 3 has 0 interfaces, different from the descriptor's value: 1
[  145.572117][ T1194] usb 4-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  145.581172][ T1194] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.759741][ T7693] loop2: detected capacity change from 0 to 32768
[  145.779938][ T7693] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.575 (7693)
[  145.852130][ T7689] netlink: 8 bytes leftover after parsing attributes in process `syz.3.573'.
[  145.856933][ T7701] loop1: detected capacity change from 0 to 32768
[  145.875263][ T7689] bond0: entered promiscuous mode
[  145.880316][ T7689] bond_slave_0: entered promiscuous mode
[  145.886711][ T7689] bond_slave_1: entered promiscuous mode
[  145.894176][ T7689] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  145.903535][ T7701] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 scanned by syz.1.579 (7701)
[  145.917394][ T7693] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  145.919718][ T7689] bond0: left promiscuous mode
[  145.938737][ T7701] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  145.948950][ T7701] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  145.958511][ T7701] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  145.963113][ T7693] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  145.969164][ T7701] BTRFS info (device loop1): use zstd compression, level 3
[  145.984469][ T7701] BTRFS info (device loop1): using free space tree
[  145.999568][ T7689] bond_slave_0: left promiscuous mode
[  146.002739][ T7693] BTRFS info (device loop2): turning on flush-on-commit
[  146.007836][ T7689] bond_slave_1: left promiscuous mode
[  146.024278][ T7693] BTRFS info (device loop2): max_inline at 4096
[  146.050403][ T7693] BTRFS info (device loop2): enabling disk space caching
[  146.059401][ T7693] BTRFS info (device loop2): enabling free space tree
[  146.067344][ T7693] BTRFS info (device loop2): turning off barriers
[  146.076978][ T7693] BTRFS info (device loop2): disabling tree log
[  146.084410][ T7693] BTRFS info (device loop2): enabling ssd optimizations
[  146.091567][ T7693] BTRFS info (device loop2): force clearing of disk cache
[  146.105841][ T7701] BTRFS info (device loop1): enabling ssd optimizations
[  146.112870][ T7701] BTRFS info (device loop1): auto enabling async discard
[  146.117302][ T7693] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_LZO (0x8)
[  146.129665][ T7693] BTRFS info (device loop2): use lzo compression, level 0
[  146.144720][ T7693] BTRFS info (device loop2): max_inline at 0
[  146.152938][ T7693] BTRFS info (device loop2): using free space tree
[  146.191418][   T28] usb 4-1: USB disconnect, device number 6
[  146.205564][ T5785] BTRFS info (device loop1): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  146.294108][ T7693] BTRFS info (device loop2): rebuilding free space tree
[  146.346491][ T7693] BTRFS info (device loop2): checking UUID tree
[  146.490301][ T7738] netlink: 24 bytes leftover after parsing attributes in process `syz.0.581'.
[  146.550516][ T5783] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  147.040583][ T7743] loop0: detected capacity change from 0 to 32768
[  147.072933][ T7748] loop3: detected capacity change from 0 to 2048
[  147.164219][ T7750] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  147.269896][ T7748] NILFS (loop3): bad btree node (ino=16, blocknr=12): level = 0, flags = 0x0, nchildren = 0
[  147.330072][ T7748] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  147.422964][ T7748] Remounting filesystem read-only
[  147.471102][ T7748] NILFS (loop3): bad btree node (ino=16, blocknr=12): level = 0, flags = 0x0, nchildren = 0
[  147.525079][ T7748] NILFS error (device loop3): nilfs_bmap_last_key: broken bmap (inode number=16)
[  147.570637][ T7748] NILFS (loop3): error -5 truncating bmap (ino=16)
[  147.699238][ T5786] NILFS (loop3): discard dirty page: offset=4096, ino=6
[  147.716616][ T5786] NILFS (loop3): discard dirty block: blocknr=39, size=1024
[  147.729930][ T5786] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  147.751913][ T7763] random: crng reseeded on system resumption
[  147.760148][ T5786] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  147.788336][ T5786] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  147.826246][ T5786] NILFS (loop3): disposed unprocessed dirty file(s) when detaching log writer
[  147.970415][ T7766] loop3: detected capacity change from 0 to 64
[  148.208557][ T7768] netlink: 24 bytes leftover after parsing attributes in process `syz.3.594'.
[  148.233438][ T7761] loop2: detected capacity change from 0 to 32768
[  148.247584][ T7761] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.591 (7761)
[  148.301888][ T7761] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  148.330244][ T7761] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  148.350447][ T7761] BTRFS info (device loop2): turning on flush-on-commit
[  148.358485][ T7761] BTRFS info (device loop2): max_inline at 4096
[  148.366032][ T7761] BTRFS info (device loop2): enabling disk space caching
[  148.412178][ T7761] BTRFS info (device loop2): enabling free space tree
[  148.439398][ T7761] BTRFS info (device loop2): turning off barriers
[  148.457670][ T7761] BTRFS info (device loop2): disabling tree log
[  148.482344][ T7761] BTRFS info (device loop2): enabling ssd optimizations
[  148.489464][ T7761] BTRFS info (device loop2): force clearing of disk cache
[  148.564581][ T7761] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_LZO (0x8)
[  148.586579][ T7761] BTRFS info (device loop2): use lzo compression, level 0
[  148.601120][ T7761] BTRFS info (device loop2): max_inline at 0
[  148.612325][ T5854] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  148.635017][ T7761] BTRFS info (device loop2): using free space tree
[  148.700760][ T7761] BTRFS info (device loop2): rebuilding free space tree
[  148.739885][ T7761] BTRFS info (device loop2): checking UUID tree
[  148.746437][ T5875] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  148.822438][ T5854] usb 4-1: Using ep0 maxpacket: 32
[  148.839892][ T5854] usb 4-1: config 3 has 0 interfaces, different from the descriptor's value: 1
[  148.860580][ T5854] usb 4-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  148.889747][ T5854] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.915888][ T5783] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  148.942702][ T5875] usb 1-1: Using ep0 maxpacket: 32
[  148.960089][ T5875] usb 1-1: config 0 has an invalid interface number: 255 but max is 0
[  148.983622][ T5875] usb 1-1: config 0 has no interface number 0
[  149.017788][ T5875] usb 1-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30
[  149.030189][ T5875] usb 1-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  149.078561][ T5875] usb 1-1: config 0 interface 255 has no altsetting 0
[  149.143987][ T5875] usb 1-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  149.171822][ T7770] netlink: 8 bytes leftover after parsing attributes in process `syz.3.595'.
[  149.181324][ T5875] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  149.217581][ T5875] usb 1-1: Product: syz
[  149.239935][ T5875] usb 1-1: Manufacturer: syz
[  149.257521][ T7770] bond0: entered promiscuous mode
[  149.267180][ T5875] usb 1-1: SerialNumber: syz
[  149.281216][ T7770] bond_slave_0: entered promiscuous mode
[  149.309813][ T5875] usb 1-1: config 0 descriptor??
[  149.321191][ T7770] bond_slave_1: entered promiscuous mode
[  149.356494][ T7770] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  149.406170][ T7770] bond0: left promiscuous mode
[  149.426442][ T7770] bond_slave_0: left promiscuous mode
[  149.457192][ T7770] bond_slave_1: left promiscuous mode
[  149.553453][ T5875] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  149.587743][ T5875] gspca_ov534_9: reg_w failed -71
[  149.647889][ T5854] usb 4-1: USB disconnect, device number 7
[  150.102110][ T5875] gspca_ov534_9: Unknown sensor 0000
[  150.102197][ T5875] ov534_9: probe of 1-1:0.255 failed with error -22
[  150.177544][ T5875] usb 1-1: USB disconnect, device number 10
[  150.366792][ T7806] netlink: 24 bytes leftover after parsing attributes in process `syz.2.603'.
[  151.131331][ T7813] loop2: detected capacity change from 0 to 32768
[  151.157416][ T7813] gfs2: fsid=localflocks: Trying to join cluster "lock_nolock", "localflocks"
[  151.166780][ T7813] gfs2: fsid=localflocks: Now mounting FS (format 1801)...
[  151.196726][ T7813] gfs2: fsid=localflocks.s: fatal: filesystem consistency error
[  151.196726][ T7813]   inode = 1 19
[  151.196726][ T7813]   function = gfs2_jdesc_check, file = fs/gfs2/super.c, line = 119
[  151.215673][ T7813] gfs2: fsid=localflocks.s: G:  s:SH n:2/13 f:qob t:SH d:EX/0 a:0 v:0 r:3 m:20 p:6
[  151.225133][ T7813] gfs2: fsid=localflocks.s:  H: s:SH f:eEcH e:0 p:7813 [syz.2.605] init_journal+0x17f1/0x2260
[  151.235672][ T7813] gfs2: fsid=localflocks.s:  I: n:1/19 t:8 f:0x00 d:0x00000200 s:33554432 p:0
[  151.244589][ T7813] gfs2: fsid=localflocks.s: about to withdraw this file system
[  151.252479][ T7813] gfs2: fsid=localflocks.s: Journal recovery skipped for jid 0 until next mount.
[  151.261601][ T7813] gfs2: fsid=localflocks.s: Glock dequeues delayed: 0
[  151.269786][ T7813] gfs2: fsid=localflocks.s: File system withdrawn
[  151.276271][ T7813] CPU: 1 PID: 7813 Comm: syz.2.605 Not tainted syzkaller #0
[  151.283563][ T7813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  151.293619][ T7813] Call Trace:
[  151.296888][ T7813]  <TASK>
[  151.299812][ T7813]  dump_stack_lvl+0x16c/0x230
[  151.304493][ T7813]  ? show_regs_print_info+0x20/0x20
[  151.309684][ T7813]  ? load_image+0x3b0/0x3b0
[  151.314178][ T7813]  ? kobject_uevent_env+0x363/0x8c0
[  151.319373][ T7813]  gfs2_withdraw+0xe50/0x13b0
[  151.324056][ T7813]  ? gfs2_lm+0x220/0x220
[  151.328307][ T7813]  ? gfs2_consist_inode_i+0xf5/0x110
[  151.333590][ T7813]  gfs2_jdesc_check+0x13b/0x2a0
[  151.338435][ T7813]  check_journal_clean+0x159/0x300
[  151.343542][ T7813]  ? gfs2_trans_remove_revoke+0x370/0x370
[  151.349256][ T7813]  ? init_journal+0x17f1/0x2260
[  151.354106][ T7813]  ? __rwlock_init+0x150/0x150
[  151.358885][ T7813]  ? do_raw_spin_unlock+0x121/0x230
[  151.364084][ T7813]  ? _raw_spin_unlock+0x28/0x40
[  151.369020][ T7813]  ? gfs2_jdesc_find+0xab/0xc0
[  151.373779][ T7813]  init_journal+0x17f1/0x2260
[  151.378457][ T7813]  ? gfs2_glock_dq_uninit+0x28/0xe0
[  151.383655][ T7813]  ? init_inodes+0xdb/0x320
[  151.388151][ T7813]  ? vsnprintf+0x7b2/0x1a40
[  151.392645][ T7813]  ? _compound_head+0x120/0x120
[  151.397489][ T7813]  ? vsnprintf+0x1957/0x1a40
[  151.402094][ T7813]  ? snprintf+0xdb/0x120
[  151.406340][ T7813]  ? init_inodes+0xdb/0x320
[  151.410835][ T7813]  ? vscnprintf+0x80/0x80
[  151.415153][ T7813]  ? gfs2_glock_nq_num+0x183/0x1c0
[  151.420259][ T7813]  init_inodes+0xdb/0x320
[  151.424582][ T7813]  gfs2_fill_super+0x1815/0x1f80
[  151.429521][ T7813]  ? gfs2_reconfigure+0xb10/0xb10
[  151.434541][ T7813]  ? init_locking+0xb8/0x200
[  151.439126][ T7813]  ? setup_bdev_super+0x56b/0x660
[  151.444139][ T7813]  get_tree_bdev+0x3e4/0x510
[  151.448717][ T7813]  ? end_current_label_crit_section+0x170/0x170
[  151.454950][ T7813]  ? gfs2_reconfigure+0xb10/0xb10
[  151.459966][ T7813]  ? setup_bdev_super+0x660/0x660
[  151.464982][ T7813]  gfs2_get_tree+0x51/0x1e0
[  151.469479][ T7813]  vfs_get_tree+0x8c/0x280
[  151.473884][ T7813]  do_new_mount+0x24b/0xa40
[  151.478379][ T7813]  __se_sys_mount+0x2da/0x3c0
[  151.483050][ T7813]  ? __x64_sys_mount+0xc0/0xc0
[  151.487807][ T7813]  ? lockdep_hardirqs_on+0x98/0x150
[  151.492994][ T7813]  ? __x64_sys_mount+0x20/0xc0
[  151.497745][ T7813]  do_syscall_64+0x55/0xb0
[  151.502158][ T7813]  ? clear_bhb_loop+0x40/0x90
[  151.506822][ T7813]  ? clear_bhb_loop+0x40/0x90
[  151.511490][ T7813]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  151.517370][ T7813] RIP: 0033:0x7f15c8f90e6a
[  151.521784][ T7813] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.541376][ T7813] RSP: 002b:00007f15c9d3ee68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  151.549783][ T7813] RAX: ffffffffffffffda RBX: 00007f15c9d3eef0 RCX: 00007f15c8f90e6a
[  151.557744][ T7813] RDX: 0000200000000400 RSI: 0000200000012500 RDI: 00007f15c9d3eeb0
[  151.565706][ T7813] RBP: 0000200000000400 R08: 00007f15c9d3eef0 R09: 0000000000210401
[  151.573664][ T7813] R10: 0000000000210401 R11: 0000000000000246 R12: 0000200000012500
[  151.581622][ T7813] R13: 00007f15c9d3eeb0 R14: 0000000000012610 R15: 0000200000000000
[  151.589592][ T7813]  </TASK>
[  151.594329][ T7813] gfs2: fsid=localflocks.s: Error checking journal for spectator mount.
[  151.823722][ T7819] loop3: detected capacity change from 0 to 64
[  152.080577][ T7823] loop2: detected capacity change from 0 to 4096
[  152.131095][ T7832] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  152.371047][ T7836] netlink: 24 bytes leftover after parsing attributes in process `syz.1.614'.
[  152.382243][ T1194] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  152.556369][ T7840] 9pnet: Could not find request transport: fd0x0000000000000003
[  152.582222][ T1194] usb 4-1: Using ep0 maxpacket: 32
[  152.594342][ T1194] usb 4-1: config 3 has 0 interfaces, different from the descriptor's value: 1
[  152.613653][ T1194] usb 4-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  152.639677][ T1194] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  152.871194][ T7843] loop2: detected capacity change from 0 to 32768
[  152.876351][ T7830] netlink: 8 bytes leftover after parsing attributes in process `syz.3.613'.
[  152.904295][ T7830] bond0: entered promiscuous mode
[  152.909361][ T7830] bond_slave_0: entered promiscuous mode
[  152.917386][ T7830] bond_slave_1: entered promiscuous mode
[  152.924621][ T7830] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  152.939608][ T7830] bond0: left promiscuous mode
[  152.944704][ T7830] bond_slave_0: left promiscuous mode
[  152.950471][ T7830] bond_slave_1: left promiscuous mode
[  153.004160][ T7843] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  153.031141][ T7851] loop1: detected capacity change from 0 to 512
[  153.049252][ T7851] EXT4-fs: Ignoring removed oldalloc option
[  153.079779][ T1194] usb 4-1: USB disconnect, device number 8
[  153.109885][ T7851] EXT4-fs error (device loop1): ext4_xattr_inode_iget:440: comm syz.1.620: Parent and EA inode have the same ino 15
[  153.127478][ T7851] EXT4-fs (loop1): Remounting filesystem read-only
[  153.136320][ T7851] EXT4-fs warning (device loop1): ext4_evict_inode:272: xattr delete (err -5)
[  153.145787][ T7851] EXT4-fs (loop1): 1 orphan inode deleted
[  153.153128][ T7851] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  153.191851][ T7851] netlink: 12 bytes leftover after parsing attributes in process `syz.1.620'.
[  153.229975][ T7851] geneve2: entered promiscuous mode
[  153.235687][ T7851] geneve2: entered allmulticast mode
[  153.311532][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.433254][ T7859] loop0: detected capacity change from 0 to 2048
[  153.467988][ T7859] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  153.501332][ T7862] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  153.517757][ T6529] udevd[6529]: incorrect nilfs2 checksum on /dev/loop0
[  153.822400][ T7866] netlink: 24 bytes leftover after parsing attributes in process `syz.3.627'.
[  153.827437][ T5783] ocfs2: Unmounting device (7,2) on (node local)
[  154.214923][ T7877] 9pnet: Could not find request transport: fd0x0000000000000003
[  154.421628][ T7884] capability: warning: `syz.1.634' uses deprecated v2 capabilities in a way that may be insecure
[  154.678865][ T7882] loop2: detected capacity change from 0 to 32768
[  154.687795][ T3063] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  154.700768][ T7882] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  154.709038][ T7882] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  154.727446][ T7882] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  154.738503][ T5854] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  154.745584][ T5854] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  154.777419][ T5854] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 31ms
[  154.786290][ T5854] gfs2: fsid=syz:syz.0: jid=0: Done
[  154.792713][ T7882] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  154.802276][    T9] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  154.876709][ T3063] usb 1-1: Using ep0 maxpacket: 32
[  154.893869][ T3063] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  154.935437][ T3063] usb 1-1: New USB device found, idVendor=5fc9, idProduct=0063, bcdDevice=30.48
[  154.944749][ T3063] usb 1-1: New USB device strings: Mfr=1, Product=25, SerialNumber=3
[  154.953106][ T3063] usb 1-1: Product: syz
[  154.957469][ T3063] usb 1-1: Manufacturer: syz
[  154.962315][ T3063] usb 1-1: SerialNumber: syz
[  154.972115][ T3063] usb 1-1: config 0 descriptor??
[  155.006547][    T9] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  155.011131][ T7882] gfs2: fsid=syz:syz.0: found 1 quota changes
[  155.030391][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.054038][    T9] usb 2-1: config 0 descriptor??
[  155.121501][ T5783] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[  155.121501][ T5783]   inode = 11 2339
[  155.121501][ T5783]   function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 472
[  155.141916][ T5783] gfs2: fsid=syz:syz.0: G:  s:EX n:2/923 f:qobnN t:EX d:EX/0 a:0 v:0 r:3 m:20 p:1
[  155.155689][ T5783] gfs2: fsid=syz:syz.0:  H: s:EX f:H e:0 p:5783 [syz-executor] gfs2_quota_sync+0x411/0x5a0
[  155.166432][ T5783] gfs2: fsid=syz:syz.0:  I: n:11/2339 t:0 f:0x00 d:0x00000000 s:0 p:0
[  155.175001][ T5783] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  155.190480][ T5783] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  155.199317][ T5783] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  155.200342][ T5788] usb 1-1: USB disconnect, device number 11
[  155.207576][ T5783] gfs2: fsid=syz:syz.0: File system withdrawn
[  155.218913][ T5783] CPU: 1 PID: 5783 Comm: syz-executor Not tainted syzkaller #0
[  155.226486][ T5783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  155.236530][ T5783] Call Trace:
[  155.239798][ T5783]  <TASK>
[  155.242750][ T5783]  dump_stack_lvl+0x16c/0x230
[  155.247423][ T5783]  ? kobject_uevent_env+0x363/0x8c0
[  155.252621][ T5783]  ? show_regs_print_info+0x20/0x20
[  155.257816][ T5783]  ? load_image+0x3b0/0x3b0
[  155.262315][ T5783]  ? kobject_uevent_env+0x363/0x8c0
[  155.267517][ T5783]  gfs2_withdraw+0xe50/0x13b0
[  155.272209][ T5783]  ? gfs2_lm+0x220/0x220
[  155.276454][ T5783]  ? preempt_schedule+0xab/0xc0
[  155.281311][ T5783]  ? gfs2_consist_inode_i+0xf5/0x110
[  155.286591][ T5783]  gfs2_inode_refresh+0xb83/0xff0
[  155.291608][ T5783]  ? gfs2_inode_metasync+0xf0/0xf0
[  155.296708][ T5783]  ? gfs2_glock_nq+0xd4f/0x1420
[  155.301567][ T5783]  gfs2_instantiate+0x162/0x220
[  155.306412][ T5783]  gfs2_glock_wait+0x1d4/0x2a0
[  155.311171][ T5783]  do_sync+0x47d/0xe00
[  155.315234][ T5783]  ? gfs2_quota_sync+0x411/0x5a0
[  155.320163][ T5783]  ? bh_get+0x710/0x710
[  155.324315][ T5783]  ? __lock_acquire+0x7c80/0x7c80
[  155.329325][ T5783]  ? do_raw_spin_lock+0x121/0x2c0
[  155.334382][ T5783]  ? gfs2_quota_sync+0x411/0x5a0
[  155.339406][ T5783]  ? do_raw_spin_unlock+0x121/0x230
[  155.344600][ T5783]  gfs2_quota_sync+0x411/0x5a0
[  155.349476][ T5783]  gfs2_sync_fs+0x4c/0xb0
[  155.353800][ T5783]  sync_filesystem+0xea/0x220
[  155.358474][ T5783]  generic_shutdown_super+0x6f/0x2b0
[  155.363758][ T5783]  kill_block_super+0x44/0x90
[  155.368424][ T5783]  deactivate_locked_super+0x97/0x100
[  155.373796][ T5783]  cleanup_mnt+0x429/0x4c0
[  155.378206][ T5783]  task_work_run+0x1ce/0x250
[  155.382792][ T5783]  ? task_work_cancel+0x240/0x240
[  155.387815][ T5783]  ? exit_to_user_mode_loop+0x3b/0x110
[  155.393272][ T5783]  exit_to_user_mode_loop+0xe6/0x110
[  155.398555][ T5783]  exit_to_user_mode_prepare+0xf6/0x180
[  155.404097][ T5783]  syscall_exit_to_user_mode+0x1a/0x50
[  155.409548][ T5783]  do_syscall_64+0x61/0xb0
[  155.413958][ T5783]  ? clear_bhb_loop+0x40/0x90
[  155.418621][ T5783]  ? clear_bhb_loop+0x40/0x90
[  155.423287][ T5783]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  155.429166][ T5783] RIP: 0033:0x7f15c8f909f7
[  155.433570][ T5783] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  155.453167][ T5783] RSP: 002b:00007ffdb2789e48 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  155.461575][ T5783] RAX: 0000000000000000 RBX: 00007f15c9011d7d RCX: 00007f15c8f909f7
[  155.469539][ T5783] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdb2789f00
[  155.477586][ T5783] RBP: 00007ffdb2789f00 R08: 0000000000000000 R09: 0000000000000000
[  155.485544][ T5783] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdb278af90
[  155.493504][ T5783] R13: 00007f15c9011d7d R14: 0000000000025d96 R15: 00007ffdb278afd0
[  155.501497][ T5783]  </TASK>
[  155.506654][ T1194] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  155.520021][    T9] [drm] vendor descriptor length:6 data:06 5f 01 2f 00 65 00 00 00 00 00
[  155.528664][    T9] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  155.721179][    T9] [drm:udl_init] *ERROR* Selecting channel failed
[  155.728499][ T1194] usb 4-1: Using ep0 maxpacket: 32
[  155.743054][ T1194] usb 4-1: config 3 has 0 interfaces, different from the descriptor's value: 1
[  155.759576][    T9] [drm] Initialized udl 0.0.1 20120220 for 2-1:0.0 on minor 2
[  155.767271][ T1194] usb 4-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  155.777272][ T1194] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.785337][    T9] [drm] Initialized udl on minor 2
[  155.796050][    T9] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  155.811809][    T9] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  155.824947][ T5855] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  155.836585][    T9] usb 2-1: USB disconnect, device number 11
[  155.843020][ T5855] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  155.972083][ T5854] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  156.019215][ T7891] netlink: 8 bytes leftover after parsing attributes in process `syz.3.636'.
[  156.038299][ T7891] bond0: entered promiscuous mode
[  156.043509][ T7891] bond_slave_0: entered promiscuous mode
[  156.049251][ T7891] bond_slave_1: entered promiscuous mode
[  156.056165][ T7891] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  156.066078][ T7891] bond0: left promiscuous mode
[  156.070882][ T7891] bond_slave_0: left promiscuous mode
[  156.076681][ T7891] bond_slave_1: left promiscuous mode
[  156.100063][ T7897] netlink: 24 bytes leftover after parsing attributes in process `syz.0.639'.
[  156.152331][ T3063] usb 4-1: USB disconnect, device number 9
[  156.166268][ T5854] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  156.183665][ T5854] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  156.197031][ T5854] usb 3-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  156.228592][ T5854] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  156.238821][ T5854] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.265496][ T5854] usb 3-1: Quirk or no altest; falling back to MIDI 1.0
[  156.291387][ T5854] usb 3-1: invalid MIDI out EP 0
[  156.376122][ T7901] 9pnet: Could not find request transport: fd0x0000000000000003
[  156.477731][ T5854] snd-usb-audio: probe of 3-1:27.0 failed with error -22
[  156.509147][ T5854] usb 3-1: USB disconnect, device number 9
[  156.532970][ T7907] loop0: detected capacity change from 0 to 64
[  156.748458][ T7913] netlink: 8 bytes leftover after parsing attributes in process `syz.3.646'.
[  156.915242][ T7919] netlink: 24 bytes leftover after parsing attributes in process `syz.3.649'.
[  156.924799][ T3063] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  157.050654][ T7923] netlink: 16 bytes leftover after parsing attributes in process `syz.3.651'.
[  157.059645][ T7923] netlink: 8 bytes leftover after parsing attributes in process `syz.3.651'.
[  157.073214][ T7923] IPv6: sit1: Disabled Multicast RS
[  157.079323][ T7923] sit1: entered allmulticast mode
[  157.093465][ T7925] 9pnet_fd: Insufficient options for proto=fd
[  157.120898][ T3063] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  157.146512][ T3063] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.178142][ T3063] usb 1-1: config 0 descriptor??
[  157.195779][ T3063] cp210x 1-1:0.0: cp210x converter detected
[  157.231766][ T7929] vivid-000: disconnect
[  157.238891][ T7928] vivid-000: reconnect
[  157.324753][ T7927] loop3: detected capacity change from 0 to 4096
[  157.583448][ T5854] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  157.686317][ T7939] netlink: 24 bytes leftover after parsing attributes in process `syz.1.658'.
[  157.799123][ T5854] usb 3-1: Using ep0 maxpacket: 32
[  157.833548][ T3063] cp210x 1-1:0.0: failed to get vendor val 0x3711 size 2: -71
[  157.841056][ T3063] cp210x 1-1:0.0: GPIO initialisation failed: -71
[  157.854843][ T5854] usb 3-1: config 3 has 0 interfaces, different from the descriptor's value: 1
[  157.877240][ T5854] usb 3-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  157.920446][ T5854] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.932621][ T3063] usb 1-1: cp210x converter now attached to ttyUSB0
[  157.975757][ T3063] usb 1-1: USB disconnect, device number 12
[  158.022929][ T3063] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  158.031313][ T3063] cp210x 1-1:0.0: device disconnected
[  158.135187][ T7943] loop1: detected capacity change from 0 to 1024
[  158.181264][ T7931] netlink: 8 bytes leftover after parsing attributes in process `syz.2.655'.
[  158.224773][ T7931] bond0: entered promiscuous mode
[  158.230453][ T7931] bond_slave_0: entered promiscuous mode
[  158.238730][ T7931] bond_slave_1: entered promiscuous mode
[  158.250849][ T7931] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  158.261235][ T7931] bond0: left promiscuous mode
[  158.266112][ T7931] bond_slave_0: left promiscuous mode
[  158.271867][ T7931] bond_slave_1: left promiscuous mode
[  158.331287][ T7945] netlink: 'syz.1.661': attribute type 13 has an invalid length.
[  158.334963][ T7948] 9pnet_fd: Insufficient options for proto=fd
[  158.382078][ T5875] usb 3-1: USB disconnect, device number 10
[  158.406295][ T7945] gretap0: refused to change device tx_queue_len
[  158.432834][ T7945] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  158.478810][ T7950] netlink: 8 bytes leftover after parsing attributes in process `syz.3.663'.
[  158.669411][ T7960] netlink: 24 bytes leftover after parsing attributes in process `syz.1.668'.
[  158.747927][ T7962] loop1: detected capacity change from 0 to 2048
[  158.790943][ T7963] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  158.832144][ T3063] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  158.999142][ T7967] 9pnet_fd: Insufficient options for proto=fd
[  159.038630][ T3063] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  159.052962][ T3063] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  159.066514][ T3063] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  159.076795][ T3063] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.088470][ T3063] usb 4-1: config 0 descriptor??
[  159.162368][ T5875] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  159.332249][ T5855] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  159.352185][ T5875] usb 2-1: Using ep0 maxpacket: 32
[  159.359640][ T5875] usb 2-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  159.372011][ T5875] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  159.389543][ T5875] usb 2-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  159.398744][ T5875] usb 2-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  159.407190][ T5875] usb 2-1: Product: syz
[  159.411367][ T5875] usb 2-1: Manufacturer: syz
[  159.416027][ T5875] usb 2-1: SerialNumber: syz
[  159.428016][ T7965] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  159.455265][ T5875] appletouch 2-1:1.0: Could not find int-in endpoint
[  159.472400][ T5875] appletouch: probe of 2-1:1.0 failed with error -5
[  159.480079][ T5875] usbhid 2-1:1.0: couldn't find an input interrupt endpoint
[  159.514913][ T3063] kovaplus 0003:1E7D:2D50.0001: hidraw0: USB HID v0.00 Device [HID 1e7d:2d50] on usb-dummy_hcd.3-1/input0
[  159.787649][   T23] usb 2-1: USB disconnect, device number 12
[  159.840525][ T7971] loop0: detected capacity change from 0 to 40427
[  159.852729][ T7971] F2FS-fs (loop0): LFS is not compatible with checkpoint=disable
[  159.893860][ T5855] usb 3-1: Using ep0 maxpacket: 16
[  159.909200][ T5855] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xF3, skipping
[  159.928917][ T5855] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  159.952154][ T5855] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.959307][ T7974] syzkaller0: entered promiscuous mode
[  159.960160][ T5855] usb 3-1: Product: syz
[  159.966596][ T7974] syzkaller0: entered allmulticast mode
[  159.992030][ T5855] usb 3-1: Manufacturer: syz
[  159.997279][ T5855] usb 3-1: SerialNumber: syz
[  160.008838][ T5855] usb 3-1: config 0 descriptor??
[  160.338049][ T3063] kovaplus 0003:1E7D:2D50.0001: couldn't init struct kovaplus_device
[  160.376924][ T3063] kovaplus 0003:1E7D:2D50.0001: couldn't install mouse
[  160.416089][ T3063] kovaplus: probe of 0003:1E7D:2D50.0001 failed with error -71
[  160.469296][ T3063] usb 4-1: USB disconnect, device number 10
[  160.556441][ T7976] loop0: detected capacity change from 0 to 40427
[  160.578762][ T7976] F2FS-fs (loop0): build fault injection attr: rate: 771, type: 0x7ffff
[  160.590054][ T7976] F2FS-fs (loop0): invalid crc value
[  160.600607][ T7976] F2FS-fs (loop0): Found nat_bits in checkpoint
[  160.651150][ T7976] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  160.770787][ T5784] syz-executor: attempt to access beyond end of device
[  160.770787][ T5784] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  160.823910][ T5784] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  160.969760][ T7984] loop1: detected capacity change from 0 to 32768
[  160.983012][ T7984] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.677 (7984)
[  160.999347][ T7984] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  161.009755][ T7984] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  161.018526][ T7984] BTRFS info (device loop1): using free space tree
[  161.062709][ T7989] loop3: detected capacity change from 0 to 256
[  161.104901][ T7984] BTRFS info (device loop1): enabling ssd optimizations
[  161.111882][ T7984] BTRFS info (device loop1): auto enabling async discard
[  161.114531][ T7989] FAT-fs (loop3): Directory bread(block 64) failed
[  161.160385][ T7989] FAT-fs (loop3): Directory bread(block 65) failed
[  161.184352][ T7989] FAT-fs (loop3): Directory bread(block 66) failed
[  161.211910][ T7989] FAT-fs (loop3): Directory bread(block 67) failed
[  161.241768][ T7989] FAT-fs (loop3): Directory bread(block 68) failed
[  161.253398][ T7989] FAT-fs (loop3): Directory bread(block 69) failed
[  161.260039][ T7989] FAT-fs (loop3): Directory bread(block 70) failed
[  161.266859][ T7989] FAT-fs (loop3): Directory bread(block 71) failed
[  161.304738][   T27] audit: type=1800 audit(1762579857.661:6): pid=7984 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.677" name="file1" dev="loop1" ino=260 res=0 errno=0
[  161.345662][ T7989] FAT-fs (loop3): Directory bread(block 72) failed
[  161.365820][ T7989] FAT-fs (loop3): Directory bread(block 73) failed
[  161.406604][   T27] audit: type=1800 audit(1762579857.661:7): pid=7984 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.677" name="file1" dev="loop1" ino=260 res=0 errno=0
[  161.589552][ T5785] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  161.740904][ T8006] netlink: 24 bytes leftover after parsing attributes in process `syz.0.678'.
[  161.758361][ T8008] 9pnet_fd: Insufficient options for proto=fd
[  161.799459][ T6529] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 10 /dev/loop1 scanned by udevd (6529)
[  162.136982][ T3063] usb 3-1: USB disconnect, device number 11
[  162.152325][ T5855] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  162.239617][ T8021] syz.0.684 uses obsolete (PF_INET,SOCK_PACKET)
[  162.353819][ T5855] usb 2-1: Using ep0 maxpacket: 32
[  162.367112][ T5855] usb 2-1: config 3 has 0 interfaces, different from the descriptor's value: 1
[  162.386707][ T5855] usb 2-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  162.419184][ T5855] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.505190][ T8031] loop0: detected capacity change from 0 to 1764
[  162.541062][ T8028] loop3: detected capacity change from 0 to 4096
[  162.564875][ T6529] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  162.588324][ T8028] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.650404][ T8035] 9pnet_fd: Insufficient options for proto=fd
[  162.671925][ T8011] netlink: 8 bytes leftover after parsing attributes in process `syz.1.680'.
[  162.723590][ T8011] bond0: entered promiscuous mode
[  162.739940][ T8011] bond_slave_0: entered promiscuous mode
[  162.753204][ T8011] bond_slave_1: entered promiscuous mode
[  162.768573][ T8011] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  162.779635][ T8011] bond0: left promiscuous mode
[  162.784606][ T8011] bond_slave_0: left promiscuous mode
[  162.790685][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.792323][ T8011] bond_slave_1: left promiscuous mode
[  162.869924][ T8037] netlink: 24 bytes leftover after parsing attributes in process `syz.2.692'.
[  162.939387][    T9] usb 2-1: USB disconnect, device number 13
[  163.152109][ T8039] loop0: detected capacity change from 0 to 40427
[  163.166184][ T8039] F2FS-fs (loop0): build fault injection attr: rate: 14, type: 0x7ffff
[  163.292287][ T6529] I/O error, dev loop0, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  163.524303][ T8054] netlink: 96 bytes leftover after parsing attributes in process `syz.3.698'.
[  163.698051][ T8058] 9pnet_fd: Insufficient options for proto=fd
[  163.823358][ T8053] loop2: detected capacity change from 0 to 32768
[  163.835134][ T8053] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 10
[  163.983747][    T9] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  164.037707][ T5778] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 10
[  164.059786][ T8067] netlink: 24 bytes leftover after parsing attributes in process `syz.2.705'.
[  164.145514][ T8071] loop3: detected capacity change from 0 to 512
[  164.193296][ T8071] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  164.215134][    T9] usb 1-1: Using ep0 maxpacket: 32
[  164.240485][    T9] usb 1-1: config 0 has an invalid interface number: 12 but max is 0
[  164.263402][ T8071] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.286815][    T9] usb 1-1: config 0 has no interface number 0
[  164.314162][ T8071] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1154: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  164.322289][    T9] usb 1-1: config 0 interface 12 has no altsetting 0
[  164.381116][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.383877][    T9] usb 1-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  164.408194][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.430949][    T9] usb 1-1: Product: syz
[  164.436234][    T9] usb 1-1: Manufacturer: syz
[  164.440859][    T9] usb 1-1: SerialNumber: syz
[  164.474760][    T9] usb 1-1: config 0 descriptor??
[  164.503337][ T5875] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  164.548317][ T8083] loop3: detected capacity change from 0 to 512
[  164.589482][ T8083] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.635286][ T8083] ext4 filesystem being mounted at /191/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  164.677110][   T27] audit: type=1800 audit(1762579861.051:8): pid=8083 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.710" name="file1" dev="loop3" ino=15 res=0 errno=0
[  164.702230][ T5875] usb 2-1: Using ep0 maxpacket: 32
[  164.715404][   T27] audit: type=1800 audit(1762579861.081:9): pid=8083 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.710" name="file2" dev="loop3" ino=16 res=0 errno=0
[  164.737395][ T5875] usb 2-1: config 3 has 0 interfaces, different from the descriptor's value: 1
[  164.757287][ T5875] usb 2-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  164.767129][ T5875] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.770417][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.057803][ T8077] netlink: 8 bytes leftover after parsing attributes in process `syz.1.709'.
[  165.080612][ T8077] bond0: entered promiscuous mode
[  165.111787][ T8077] bond_slave_0: entered promiscuous mode
[  165.128725][ T8077] bond_slave_1: entered promiscuous mode
[  165.143407][ T8077] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  165.152644][ T8077] bond0: left promiscuous mode
[  165.166793][ T8077] bond_slave_0: left promiscuous mode
[  165.180301][ T8077] bond_slave_1: left promiscuous mode
[  165.274816][ T8094] loop3: detected capacity change from 0 to 32768
[  165.333430][ T8094] loop3: detected capacity change from 32768 to 0
[  165.341296][ T5875] usb 2-1: USB disconnect, device number 14
[  165.349160][ T8094] syz.3.715: attempt to access beyond end of device
[  165.349160][ T8094] loop3: rw=0, sector=160, nr_sectors = 8 limit=0
[  165.351702][    C0] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  165.363297][ T8094] metapage_read_end_io: I/O error
[  165.376943][ T8094] read_mapping_page failed!
[  165.381512][ T8094] jfs_create: dtInsert returned -EIO
[  165.387369][ T8094] ERROR: (device loop3): jfs_create: 
[  165.387369][ T8094] 
[  165.396466][ T8094] syz.3.715: attempt to access beyond end of device
[  165.396466][ T8094] loop3: rw=0, sector=64, nr_sectors = 8 limit=0
[  165.402217][ T1194] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  165.409509][ T8094] syz.3.715: attempt to access beyond end of device
[  165.409509][ T8094] loop3: rw=0, sector=120, nr_sectors = 8 limit=0
[  165.464532][ T5786] ERROR: (device loop3): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 1
[  165.464532][ T5786] 
[  165.476431][ T5786] syz-executor: attempt to access beyond end of device
[  165.476431][ T5786] loop3: rw=0, sector=64, nr_sectors = 8 limit=0
[  165.489667][ T5786] syz-executor: attempt to access beyond end of device
[  165.489667][ T5786] loop3: rw=0, sector=120, nr_sectors = 8 limit=0
[  165.503287][ T5786] non-latin1 character 0x3ff found in JFS file name
[  165.510294][ T5786] mount with iocharset=utf8 to access
[  165.648275][ T1194] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  165.659309][ T1194] usb 3-1: New USB device found, idVendor=04f2, idProduct=1236, bcdDevice= 0.00
[  165.668654][ T1194] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.678612][ T1194] usb 3-1: config 0 descriptor??
[  165.730344][    T9] f81534 1-1:0.12: f81534_set_register: reg: 1003 data: b0 failed: -71
[  165.739037][    T9] f81534 1-1:0.12: f81534_find_config_idx: read failed: -71
[  165.746525][    T9] f81534 1-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  165.754810][    T9] f81534: probe of 1-1:0.12 failed with error -71
[  165.767355][    T9] usb 1-1: USB disconnect, device number 13
[  165.779343][   T62] kworker/u4:5: attempt to access beyond end of device
[  165.779343][   T62] loop3: rw=1, sector=264, nr_sectors = 8 limit=0
[  165.796798][   T62] metapage_write_end_io: I/O error
[  165.803548][   T62] kworker/u4:5: attempt to access beyond end of device
[  165.803548][   T62] loop3: rw=2049, sector=30744, nr_sectors = 8 limit=0
[  165.818129][   T62] lbmIODone: I/O error in JFS log
[  165.830255][  T113] jfsCommit: attempt to access beyond end of device
[  165.830255][  T113] loop3: rw=0, sector=160, nr_sectors = 8 limit=0
[  165.843827][   T62] kworker/u4:5: attempt to access beyond end of device
[  165.843827][   T62] loop3: rw=1, sector=264, nr_sectors = 8 limit=0
[  165.846019][  T113] metapage_read_end_io: I/O error
[  165.866507][   T62] metapage_write_end_io: I/O error
[  165.876070][  T113] read_mapping_page failed!
[  165.917327][ T1105] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.932446][ T1194] usbhid 3-1:0.0: can't add hid device: -71
[  165.944460][ T1194] usbhid: probe of 3-1:0.0 failed with error -71
[  165.966926][ T1194] usb 3-1: USB disconnect, device number 12
[  166.046539][ T1105] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.112576][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  166.121241][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  166.129923][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  166.138529][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  166.147562][    T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!!
[  166.171433][ T5786] syz-executor: attempt to access beyond end of device
[  166.171433][ T5786] loop3: rw=1, sector=224, nr_sectors = 8 limit=0
[  166.227290][ T8105] loop1: detected capacity change from 0 to 1024
[  166.236606][ T8105] EXT4-fs: Ignoring removed nomblk_io_submit option
[  166.245197][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  166.267641][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[  166.277660][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  166.286307][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  166.301832][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[  166.372658][ T5786] metapage_write_end_io: I/O error
[  166.456688][ T5786] syz-executor: attempt to access beyond end of device
[  166.456688][ T5786] loop3: rw=1, sector=256, nr_sectors = 8 limit=0
[  166.486924][ T8105] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=6002c018, mo2=0102]
[  166.496474][ T8105] System zones: 0-1, 3-12
[  166.518588][ T8105] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.682965][ T5786] metapage_write_end_io: I/O error
[  166.734080][ T5786] syz-executor: attempt to access beyond end of device
[  166.734080][ T5786] loop3: rw=1, sector=176, nr_sectors = 8 limit=0
[  166.801383][ T1105] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.907095][ T5786] metapage_write_end_io: I/O error
[  166.918925][ T5786] syz-executor: attempt to access beyond end of device
[  166.918925][ T5786] loop3: rw=1, sector=72, nr_sectors = 8 limit=0
[  166.932890][ T5786] metapage_write_end_io: I/O error
[  166.938309][ T5786] syz-executor: attempt to access beyond end of device
[  166.938309][ T5786] loop3: rw=1, sector=128, nr_sectors = 8 limit=0
[  166.952782][ T5786] metapage_write_end_io: I/O error
[  166.958236][ T5786] syz-executor: attempt to access beyond end of device
[  166.958236][ T5786] loop3: rw=1, sector=88, nr_sectors = 8 limit=0
[  166.976434][ T5786] metapage_write_end_io: I/O error
[  166.981641][ T5786] metapage_write_end_io: I/O error
[  166.986916][ T5786] lbmIODone: I/O error in JFS log
[  166.992441][ T5786] lbmIODone: I/O error in JFS log
[  166.997534][ T5786] lbmIODone: I/O error in JFS log
[  167.003204][ T5786] lmLogShutdown: exit(-5)
[  167.007832][ T5786] jfs_umount failed with return code -5
[  167.111765][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.138270][   T51] Bluetooth: hci3: unexpected Set CIG Parameters response data
[  167.224064][ T1105] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.346661][ T8117] warning: `syz.1.720' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  167.778357][ T5793] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  167.788461][ T5793] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  167.798149][ T5793] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  167.850792][ T5793] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  167.860991][ T5793] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  167.868814][ T5793] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  167.912223][ T8136] netlink: 'syz.0.726': attribute type 25 has an invalid length.
[  167.920273][ T8136] netlink: 'syz.0.726': attribute type 7 has an invalid length.
[  167.928190][ T8136] netlink: 'syz.0.726': attribute type 1 has an invalid length.
[  167.936130][ T8136] netlink: 156 bytes leftover after parsing attributes in process `syz.0.726'.
[  167.945463][ T8136] bridge0: port 1(bridge_slave_0) entered disabled state
[  168.554880][ T8140] loop1: detected capacity change from 0 to 65536
[  168.600121][ T8140] XFS (loop1): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  168.686863][ T8140] XFS (loop1): Ending clean mount
[  168.698045][ T8140] XFS (loop1): Quotacheck needed: Please wait.
[  168.714811][ T5875] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  168.768451][ T8140] XFS (loop1): Quotacheck: Done.
[  168.992049][ T5875] usb 3-1: Using ep0 maxpacket: 32
[  168.999490][ T5875] usb 3-1: config 3 has 0 interfaces, different from the descriptor's value: 1
[  169.010280][ T8133] chnl_net:caif_netlink_parms(): no params data found
[  169.028029][ T5875] usb 3-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  169.046198][ T5875] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.130296][ T5785] XFS (loop1): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  169.398058][ T8138] netlink: 8 bytes leftover after parsing attributes in process `syz.2.727'.
[  169.456092][ T8138] bond0: entered promiscuous mode
[  169.467769][ T8138] bond_slave_0: entered promiscuous mode
[  169.503089][ T8138] bond_slave_1: entered promiscuous mode
[  169.520387][ T8138] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  169.565019][ T8171] loop0: detected capacity change from 0 to 32768
[  169.571893][ T8138] bond0: left promiscuous mode
[  169.584970][ T8138] bond_slave_0: left promiscuous mode
[  169.586319][ T8171] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  169.599436][ T8171] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  169.599721][ T8138] bond_slave_1: left promiscuous mode
[  169.628006][ T8171] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  169.639182][    T9] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  169.646453][    T9] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  169.681806][    T9] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 35ms
[  169.703527][    T9] gfs2: fsid=syz:syz.0: jid=0: Done
[  169.715256][ T8171] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  169.836689][ T8171] gfs2: fsid=syz:syz.0: found 1 quota changes
[  169.937754][ T1194] usb 3-1: USB disconnect, device number 13
[  169.962273][ T5793] Bluetooth: hci2: command tx timeout
[  169.979784][ T5784] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[  169.979784][ T5784]   inode = 11 2339
[  169.979784][ T5784]   function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 472
[  170.010087][ T5784] gfs2: fsid=syz:syz.0: G:  s:EX n:2/923 f:qobnN t:EX d:EX/0 a:0 v:0 r:3 m:20 p:1
[  170.021142][ T5784] gfs2: fsid=syz:syz.0:  H: s:EX f:H e:0 p:5784 [syz-executor] gfs2_quota_sync+0x411/0x5a0
[  170.043112][ T5784] gfs2: fsid=syz:syz.0:  I: n:11/2339 t:0 f:0x00 d:0x00000000 s:0 p:0
[  170.067833][ T5784] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  170.094013][ T5784] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  170.107874][ T5784] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  170.118133][ T5784] gfs2: fsid=syz:syz.0: File system withdrawn
[  170.125821][ T5784] CPU: 0 PID: 5784 Comm: syz-executor Not tainted syzkaller #0
[  170.133389][ T5784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  170.143451][ T5784] Call Trace:
[  170.146739][ T5784]  <TASK>
[  170.149679][ T5784]  dump_stack_lvl+0x16c/0x230
[  170.154373][ T5784]  ? kobject_uevent_env+0x363/0x8c0
[  170.159586][ T5784]  ? show_regs_print_info+0x20/0x20
[  170.164802][ T5784]  ? load_image+0x3b0/0x3b0
[  170.169312][ T5784]  ? kobject_uevent_env+0x363/0x8c0
[  170.174534][ T5784]  gfs2_withdraw+0xe50/0x13b0
[  170.179246][ T5784]  ? gfs2_lm+0x220/0x220
[  170.183515][ T5784]  ? gfs2_consist_inode_i+0xf5/0x110
[  170.188825][ T5784]  gfs2_inode_refresh+0xb83/0xff0
[  170.193872][ T5784]  ? gfs2_inode_metasync+0xf0/0xf0
[  170.199006][ T5784]  ? gfs2_glock_nq+0xd4f/0x1420
[  170.203880][ T5784]  gfs2_instantiate+0x162/0x220
[  170.208739][ T5784]  gfs2_glock_wait+0x1d4/0x2a0
[  170.213488][ T5784]  do_sync+0x47d/0xe00
[  170.217547][ T5784]  ? gfs2_quota_sync+0x411/0x5a0
[  170.222472][ T5784]  ? bh_get+0x710/0x710
[  170.226611][ T5784]  ? __lock_acquire+0x7c80/0x7c80
[  170.231616][ T5784]  ? do_raw_spin_lock+0x121/0x2c0
[  170.236641][ T5784]  ? gfs2_quota_sync+0x411/0x5a0
[  170.241601][ T5784]  ? do_raw_spin_unlock+0x121/0x230
[  170.246806][ T5784]  gfs2_quota_sync+0x411/0x5a0
[  170.251571][ T5784]  gfs2_sync_fs+0x4c/0xb0
[  170.255890][ T5784]  sync_filesystem+0xea/0x220
[  170.260566][ T5784]  generic_shutdown_super+0x6f/0x2b0
[  170.265844][ T5784]  kill_block_super+0x44/0x90
[  170.270511][ T5784]  deactivate_locked_super+0x97/0x100
[  170.275875][ T5784]  cleanup_mnt+0x429/0x4c0
[  170.280286][ T5784]  task_work_run+0x1ce/0x250
[  170.284873][ T5784]  ? task_work_cancel+0x240/0x240
[  170.289894][ T5784]  ? exit_to_user_mode_loop+0x3b/0x110
[  170.295349][ T5784]  exit_to_user_mode_loop+0xe6/0x110
[  170.300621][ T5784]  exit_to_user_mode_prepare+0xf6/0x180
[  170.306159][ T5784]  syscall_exit_to_user_mode+0x1a/0x50
[  170.311608][ T5784]  do_syscall_64+0x61/0xb0
[  170.316047][ T5784]  ? clear_bhb_loop+0x40/0x90
[  170.320710][ T5784]  ? clear_bhb_loop+0x40/0x90
[  170.325374][ T5784]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  170.331256][ T5784] RIP: 0033:0x7face85909f7
[  170.335665][ T5784] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  170.355261][ T5784] RSP: 002b:00007ffe9e6f1608 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  170.363664][ T5784] RAX: 0000000000000000 RBX: 00007face8611d7d RCX: 00007face85909f7
[  170.371624][ T5784] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe9e6f16c0
[  170.379584][ T5784] RBP: 00007ffe9e6f16c0 R08: 0000000000000000 R09: 0000000000000000
[  170.387541][ T5784] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe9e6f2750
[  170.395497][ T5784] R13: 00007face8611d7d R14: 000000000002979f R15: 00007ffe9e6f2790
[  170.403470][ T5784]  </TASK>
[  170.417604][ T8133] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.427396][ T8133] bridge0: port 1(bridge_slave_0) entered disabled state
[  170.439323][ T8133] bridge_slave_0: entered allmulticast mode
[  170.461588][ T8133] bridge_slave_0: entered promiscuous mode
[  170.482521][ T8183] loop1: detected capacity change from 0 to 512
[  170.494739][ T8183] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  170.519302][ T8183] EXT4-fs (loop1): invalid journal inode
[  170.533320][ T8183] EXT4-fs (loop1): can't get journal size
[  170.553938][ T8183] EXT4-fs (loop1): 1 truncate cleaned up
[  170.561189][ T8183] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.599728][ T8133] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.633472][ T8133] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.640663][ T8133] bridge_slave_1: entered allmulticast mode
[  170.655044][ T8133] bridge_slave_1: entered promiscuous mode
[  170.824717][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.883378][ T8133] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  170.945031][ T8133] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  171.002695][ T8189] loop0: detected capacity change from 0 to 4096
[  171.051430][ T8198] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  171.062415][ T8197] loop1: detected capacity change from 0 to 128
[  171.064010][ T8197] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  171.158660][ T8197] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  171.169868][ T5793] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  171.179758][ T5793] Bluetooth: hci3: Injecting HCI hardware error event
[  171.188713][ T5793] Bluetooth: hci3: hardware error 0x00
[  171.520319][ T8133] team0: Port device team_slave_0 added
[  171.600948][ T8133] team0: Port device team_slave_1 added
[  171.705424][ T8217] loop0: detected capacity change from 0 to 128
[  171.813107][ T8133] batman_adv: batadv0: Adding interface: batadv_slave_0
[  171.840981][ T8217] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  171.871262][ T8133] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  171.925077][ T8217] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  172.005182][ T8216] loop2: detected capacity change from 0 to 32768
[  172.014081][ T8216] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 scanned by syz.2.742 (8216)
[  172.033859][ T8133] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  172.050387][ T8216] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  172.060703][ T8216] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  172.070330][ T8216] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  172.080499][ T8216] BTRFS info (device loop2): use zstd compression, level 3
[  172.087802][ T8216] BTRFS info (device loop2): using free space tree
[  172.095845][   T51] Bluetooth: hci2: command tx timeout
[  172.166567][ T8133] batman_adv: batadv0: Adding interface: batadv_slave_1
[  172.208163][ T8133] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  172.303036][ T8133] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  172.313909][ T8229] loop1: detected capacity change from 0 to 2048
[  172.335591][ T8216] BTRFS info (device loop2): enabling ssd optimizations
[  172.342750][ T8216] BTRFS info (device loop2): auto enabling async discard
[  172.421413][ T8229] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  172.436101][ T1105] hsr_slave_0: left promiscuous mode
[  172.507006][ T1105] hsr_slave_1: left promiscuous mode
[  172.591768][ T1105] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  172.637825][ T8243] loop0: detected capacity change from 0 to 32768
[  172.639232][ T1105] batman_adv: batadv0: Removing interface: batadv_slave_0
[  172.670116][ T8243] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.745 (8243)
[  172.695190][ T8243] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  172.705381][ T8243] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  172.714091][ T8243] BTRFS info (device loop0): enabling auto defrag
[  172.720536][ T8243] BTRFS info (device loop0): turning on sync discard
[  172.728780][ T8243] BTRFS info (device loop0): force clearing of disk cache
[  172.737295][ T8243] BTRFS info (device loop0): using default commit interval 30s
[  172.744168][ T1105] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  172.746258][ T8243] BTRFS info (device loop0): max_inline at 0
[  172.758239][ T8243] BTRFS info (device loop0): disabling free space tree
[  172.768153][ T1105] batman_adv: batadv0: Removing interface: batadv_slave_1
[  172.781843][ T1105] bridge_slave_1: left allmulticast mode
[  172.792036][ T1105] bridge_slave_1: left promiscuous mode
[  172.800046][ T1105] bridge0: port 2(bridge_slave_1) entered disabled state
[  172.844773][ T5783] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  172.863305][ T8243] BTRFS info (device loop0): enabling ssd optimizations
[  172.871269][ T8243] BTRFS info (device loop0): rebuilding free space tree
[  172.888428][ T8243] BTRFS info (device loop0): disabling free space tree
[  172.895403][ T8243] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  172.906131][ T8243] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  172.947046][ T1105] bridge_slave_0: left allmulticast mode
[  172.995794][ T1105] bridge_slave_0: left promiscuous mode
[  173.032760][ T1105] bridge0: port 1(bridge_slave_0) entered disabled state
[  173.225691][ T5784] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  173.297232][ T1105] veth0_macvtap: left promiscuous mode
[  173.332115][ T5793] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  173.342099][ T1105] veth1_vlan: left promiscuous mode
[  173.378684][ T1105] veth0_vlan: left promiscuous mode
[  174.071419][ T8279] loop2: detected capacity change from 0 to 1024
[  174.081893][ T8279] EXT4-fs: Ignoring removed nomblk_io_submit option
[  174.164422][ T5793] Bluetooth: hci2: command tx timeout
[  174.406667][ T8279] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=6002c018, mo2=0102]
[  174.415216][ T8279] System zones: 0-1, 3-12
[  174.519056][ T8279] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  174.927965][ T8284] loop0: detected capacity change from 0 to 64
[  174.962540][ T5783] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.057665][ T8286] loop2: detected capacity change from 0 to 128
[  175.076376][ T8286] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  175.568101][ T8288] loop0: detected capacity change from 0 to 40427
[  175.579850][ T8288] F2FS-fs (loop0): Small segment_count (9 < 1 * 24)
[  175.586566][ T8288] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  175.608153][ T8292] loop2: detected capacity change from 0 to 256
[  175.646637][ T8288] F2FS-fs (loop0): Found nat_bits in checkpoint
[  175.655372][ T8292] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  175.707062][ T8288] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  175.714180][ T8288] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  175.816906][ T5784] bio_check_eod: 6 callbacks suppressed
[  175.816919][ T5784] syz-executor: attempt to access beyond end of device
[  175.816919][ T5784] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  175.838257][ T5784] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  175.845253][ T1105] team0 (unregistering): Port device team_slave_1 removed
[  175.908715][ T1105] team0 (unregistering): Port device team_slave_0 removed
[  175.959881][ T1105] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  176.019331][ T1105] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  176.202848][ T5793] Bluetooth: hci2: command tx timeout
[  176.619258][ T8308] loop0: detected capacity change from 0 to 64
[  176.757414][ T1105] bond0 (unregistering): Released all slaves
[  176.877513][ T8311] loop0: detected capacity change from 0 to 1024
[  176.887207][ T8311] EXT4-fs: Ignoring removed nomblk_io_submit option
[  177.030497][ T8311] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=6002c018, mo2=0102]
[  177.039191][ T8311] System zones: 0-1, 3-12
[  177.049077][ T8311] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  177.743975][ T5784] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.756232][ T8262] netlink: 'syz.1.746': attribute type 25 has an invalid length.
[  177.764153][ T8262] netlink: 'syz.1.746': attribute type 7 has an invalid length.
[  177.771803][ T8262] netlink: 'syz.1.746': attribute type 1 has an invalid length.
[  177.789624][ T8262] netlink: 156 bytes leftover after parsing attributes in process `syz.1.746'.
[  177.805053][ T8262] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.050506][ T8133] hsr_slave_0: entered promiscuous mode
[  178.076199][ T8133] hsr_slave_1: entered promiscuous mode
[  178.088765][ T8319] loop0: detected capacity change from 0 to 4096
[  178.114308][ T8133] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  178.138234][ T8133] Cannot create hsr debugfs directory
[  178.155824][ T8323] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  178.788881][ T8340] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  178.940643][ T8133] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  179.042693][ T8133] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  179.066981][ T8133] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  179.090550][ T8133] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  179.218922][ T8351] loop1: detected capacity change from 0 to 4096
[  179.348608][ T8133] 8021q: adding VLAN 0 to HW filter on device bond0
[  179.376457][ T8364] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  179.424876][ T8133] 8021q: adding VLAN 0 to HW filter on device team0
[  179.536840][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  179.544524][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  179.547694][ T8363] loop2: detected capacity change from 0 to 32768
[  179.566849][ T8363] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 10
[  179.603708][ T1105] bridge0: port 2(bridge_slave_1) entered blocking state
[  179.610886][ T1105] bridge0: port 2(bridge_slave_1) entered forwarding state
[  179.620195][ T5776] I/O error, dev loop2, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  180.047365][ T8363] loop2: detected capacity change from 0 to 4096
[  180.386353][ T8372] loop0: detected capacity change from 0 to 32768
[  180.411367][ T8372] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 scanned by syz.0.779 (8372)
[  180.442406][ T8372] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  180.452777][ T8372] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  180.462273][ T8372] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  180.471705][ T8372] BTRFS info (device loop0): use zstd compression, level 3
[  180.479666][ T8372] BTRFS info (device loop0): using free space tree
[  180.540043][ T8381] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  180.547178][ T8381] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  180.580144][   T27] audit: type=1800 audit(1762579876.941:10): pid=8363 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.777" name="file1" dev="loop2" ino=0 res=0 errno=0
[  180.629397][   T27] audit: type=1800 audit(1762579876.951:11): pid=8363 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.777" name="file1" dev="loop2" ino=0 res=0 errno=0
[  180.649939][ T8372] BTRFS info (device loop0): enabling ssd optimizations
[  180.659047][ T8372] BTRFS info (device loop0): auto enabling async discard
[  180.866445][ T8133] 8021q: adding VLAN 0 to HW filter on device batadv0
[  180.881749][ T5784] BTRFS info (device loop0): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  181.191916][ T8410] loop1: detected capacity change from 0 to 256
[  181.336345][ T8410] FAT-fs (loop1): Directory bread(block 64) failed
[  181.366317][ T8410] FAT-fs (loop1): Directory bread(block 65) failed
[  181.406430][ T8410] FAT-fs (loop1): Directory bread(block 66) failed
[  181.435651][ T8410] FAT-fs (loop1): Directory bread(block 67) failed
[  181.446951][ T8410] FAT-fs (loop1): Directory bread(block 68) failed
[  181.481195][ T8410] FAT-fs (loop1): Directory bread(block 69) failed
[  181.525106][ T8410] FAT-fs (loop1): Directory bread(block 70) failed
[  181.531769][ T8410] FAT-fs (loop1): Directory bread(block 71) failed
[  181.576212][ T8410] FAT-fs (loop1): Directory bread(block 72) failed
[  181.592172][ T8410] FAT-fs (loop1): Directory bread(block 73) failed
[  181.610524][ T8424] loop2: detected capacity change from 0 to 256
[  181.643332][ T8424] exfat: Deprecated parameter 'namecase'
[  181.686926][ T8425] loop0: detected capacity change from 0 to 2048
[  181.703290][ T8424] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf4419509, utbl_chksum : 0xe619d30d)
[  181.780684][ T8425] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  181.954608][ T8133] veth0_vlan: entered promiscuous mode
[  182.006109][ T8133] veth1_vlan: entered promiscuous mode
[  182.126663][ T8133] veth0_macvtap: entered promiscuous mode
[  182.146291][ T8133] veth1_macvtap: entered promiscuous mode
[  182.205422][ T8133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  182.242404][ T8133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.272054][ T8133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  182.312221][ T8133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.347306][ T8133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  182.382215][ T8133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.437397][ T8133] batman_adv: batadv0: Interface activated: batadv_slave_0
[  182.504407][ T8133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  182.517904][ T8437] loop0: detected capacity change from 0 to 32768
[  182.533967][ T8437] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 scanned by syz.0.791 (8437)
[  182.551005][ T8133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.568162][ T8437] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  182.578374][ T8437] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  182.587858][ T8437] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  182.596653][ T8133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  182.597276][ T8437] BTRFS info (device loop0): use zstd compression, level 3
[  182.615161][ T8437] BTRFS info (device loop0): using free space tree
[  182.628532][ T8133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.657665][ T8133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  182.668715][ T8133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.704721][ T8133] batman_adv: batadv0: Interface activated: batadv_slave_1
[  182.721284][ T8437] BTRFS info (device loop0): enabling ssd optimizations
[  182.728974][ T8437] BTRFS info (device loop0): auto enabling async discard
[  182.784004][ T8133] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  182.812324][ T8133] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  182.821035][ T8133] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  182.862198][ T8133] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  182.900959][ T5784] BTRFS info (device loop0): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  182.917498][ T8462] loop1: detected capacity change from 0 to 4096
[  183.276254][   T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  183.307396][   T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  183.362480][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  183.380448][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  183.422320][   T28] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  183.496634][ T8477] loop1: detected capacity change from 0 to 256
[  183.642616][   T28] usb 3-1: Using ep0 maxpacket: 32
[  183.656625][ T8477] FAT-fs (loop1): Directory bread(block 64) failed
[  183.685461][   T28] usb 3-1: config 3 has 0 interfaces, different from the descriptor's value: 1
[  183.702213][ T8477] FAT-fs (loop1): Directory bread(block 65) failed
[  183.708857][ T8477] FAT-fs (loop1): Directory bread(block 66) failed
[  183.721426][   T28] usb 3-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  183.758250][   T28] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  183.768055][ T8477] FAT-fs (loop1): Directory bread(block 67) failed
[  183.795309][ T8477] FAT-fs (loop1): Directory bread(block 68) failed
[  183.809787][ T8477] FAT-fs (loop1): Directory bread(block 69) failed
[  183.851099][ T8477] FAT-fs (loop1): Directory bread(block 70) failed
[  183.865811][ T8477] FAT-fs (loop1): Directory bread(block 71) failed
[  183.873093][ T8477] FAT-fs (loop1): Directory bread(block 72) failed
[  183.879638][ T8477] FAT-fs (loop1): Directory bread(block 73) failed
[  184.034727][ T8468] netlink: 8 bytes leftover after parsing attributes in process `syz.2.794'.
[  184.065381][ T8468] bond0: entered promiscuous mode
[  184.078458][ T8468] bond_slave_0: entered promiscuous mode
[  184.095805][ T8468] bond_slave_1: entered promiscuous mode
[  184.113632][ T8468] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  184.143567][ T8468] bond0: left promiscuous mode
[  184.173117][ T8468] bond_slave_0: left promiscuous mode
[  184.202428][ T8468] bond_slave_1: left promiscuous mode
[  184.236645][ T8489] loop0: detected capacity change from 0 to 2048
[  184.307843][ T8489] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  184.443740][   T28] usb 3-1: USB disconnect, device number 14
[  184.494940][ T8498] loop1: detected capacity change from 0 to 32768
[  184.508759][ T8498] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 scanned by syz.1.800 (8498)
[  184.526312][ T8498] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  184.536524][ T8498] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  184.547110][ T8498] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  184.556565][ T8498] BTRFS info (device loop1): use zstd compression, level 3
[  184.563846][ T8498] BTRFS info (device loop1): using free space tree
[  184.701923][ T8498] BTRFS info (device loop1): enabling ssd optimizations
[  184.710531][ T8498] BTRFS info (device loop1): auto enabling async discard
[  184.822571][ T5785] BTRFS info (device loop1): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  184.923467][ T8522] loop0: detected capacity change from 0 to 4096
[  185.319609][ T8527] loop2: detected capacity change from 0 to 4096
[  185.333535][ T8535] netlink: 360 bytes leftover after parsing attributes in process `syz.4.805'.
[  185.432599][ T8529] loop1: detected capacity change from 0 to 4096
[  185.445831][ T8527] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  185.668503][ T1194] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  185.741872][ T1194] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  185.783127][ T5783] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.040087][ T8547] fido_id[8547]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  186.058165][ T8553] loop2: detected capacity change from 0 to 256
[  186.291805][ T8549] loop4: detected capacity change from 0 to 2048
[  186.404833][ T8553] FAT-fs (loop2): Directory bread(block 64) failed
[  186.438782][ T8549] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  186.467297][ T8553] FAT-fs (loop2): Directory bread(block 65) failed
[  186.498957][ T8553] FAT-fs (loop2): Directory bread(block 66) failed
[  186.529612][ T8559] loop0: detected capacity change from 0 to 40427
[  186.537516][ T8559] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  186.545383][ T8559] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  186.553761][ T8553] FAT-fs (loop2): Directory bread(block 67) failed
[  186.567990][ T8559] F2FS-fs (loop0): invalid crc value
[  186.573723][ T8553] FAT-fs (loop2): Directory bread(block 68) failed
[  186.580493][ T8553] FAT-fs (loop2): Directory bread(block 69) failed
[  186.588969][ T8553] FAT-fs (loop2): Directory bread(block 70) failed
[  186.597218][ T8553] FAT-fs (loop2): Directory bread(block 71) failed
[  186.604193][ T8553] FAT-fs (loop2): Directory bread(block 72) failed
[  186.610812][ T8553] FAT-fs (loop2): Directory bread(block 73) failed
[  186.620506][ T8559] F2FS-fs (loop0): Found nat_bits in checkpoint
[  186.705810][ T8559] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  186.713006][ T8559] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  186.732259][   T23] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  186.947663][   T23] usb 2-1: Using ep0 maxpacket: 32
[  186.965194][   T23] usb 2-1: config 3 has 0 interfaces, different from the descriptor's value: 1
[  187.001256][   T23] usb 2-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  187.019932][ T8575] loop4: detected capacity change from 0 to 128
[  187.038188][   T23] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.042935][ T8575] FAT-fs (loop4): Unrecognized mount option "shortx¾C.=win95" or missing value
[  187.119647][ T5778] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  187.121077][ T8575] netlink: 8 bytes leftover after parsing attributes in process `syz.4.815'.
[  187.222441][ T8575] netlink: 'syz.4.815': attribute type 1 has an invalid length.
[  187.257259][ T8575] netlink: 'syz.4.815': attribute type 2 has an invalid length.
[  187.308548][ T8562] netlink: 8 bytes leftover after parsing attributes in process `syz.1.812'.
[  187.346745][ T8562] bond0: entered promiscuous mode
[  187.354223][ T8562] bond_slave_0: entered promiscuous mode
[  187.401542][ T8562] bond_slave_1: entered promiscuous mode
[  187.432464][ T8562] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  187.452885][ T8562] bond0: left promiscuous mode
[  187.479867][ T8562] bond_slave_0: left promiscuous mode
[  187.487883][ T8562] bond_slave_1: left promiscuous mode
[  187.618756][ T8589] loop2: detected capacity change from 0 to 1024
[  187.621754][ T5854] usb 2-1: USB disconnect, device number 15
[  187.710772][ T8589] hfsplus: cannot replace xattr
[  188.030525][ T8597] loop2: detected capacity change from 0 to 2048
[  188.107397][ T8597] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  188.512306][   T28] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  188.550228][ T8625] loop4: detected capacity change from 0 to 256
[  188.600859][ T8625] FAT-fs (loop4): Directory bread(block 64) failed
[  188.610837][ T8625] FAT-fs (loop4): Directory bread(block 65) failed
[  188.628712][ T8625] FAT-fs (loop4): Directory bread(block 66) failed
[  188.635640][ T8625] FAT-fs (loop4): Directory bread(block 67) failed
[  188.643704][ T8625] FAT-fs (loop4): Directory bread(block 68) failed
[  188.650630][ T8625] FAT-fs (loop4): Directory bread(block 69) failed
[  188.659448][ T8625] FAT-fs (loop4): Directory bread(block 70) failed
[  188.670790][ T8625] FAT-fs (loop4): Directory bread(block 71) failed
[  188.678063][ T8625] FAT-fs (loop4): Directory bread(block 72) failed
[  188.702351][ T8625] FAT-fs (loop4): Directory bread(block 73) failed
[  188.719299][   T28] usb 1-1: config index 0 descriptor too short (expected 23569, got 27)
[  188.742098][   T28] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  188.769008][   T28] usb 1-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  188.782050][   T28] usb 1-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  188.790071][   T28] usb 1-1: Manufacturer: syz
[  188.862427][   T28] usb 1-1: config 0 descriptor??
[  189.075632][   T28] rc_core: IR keymap rc-hauppauge not found
[  189.087393][ T8638] loop1: detected capacity change from 0 to 16
[  189.091999][   T28] Registered IR keymap rc-empty
[  189.130679][   T28] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[  189.137681][ T8638] erofs: (device loop1): mounted with root inode @ nid 36.
[  189.161173][   T28] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input5
[  189.224586][ T8638] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36
[  189.229615][    C1] igorplugusb 1-1:0.0: Error: urb status = -32
[  189.266387][ T8638] erofs: (device loop1): z_erofs_read_folio: read error -117 @ 43 of nid 36
[  189.295216][ T8647] erofs: (device loop1): z_erofs_readahead: readahead error at folio 87 @ nid 36
[  189.315323][ T8647] erofs: (device loop1): z_erofs_readahead: readahead error at folio 86 @ nid 36
[  189.334418][ T8646] loop2: detected capacity change from 0 to 2048
[  189.338533][ T1194] usb 1-1: USB disconnect, device number 14
[  189.365619][ T8647] syz.1.834: attempt to access beyond end of device
[  189.365619][ T8647] loop1: rw=524288, sector=16, nr_sectors = 16 limit=16
[  189.389289][ T8646] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  189.428337][ T8638] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36
[  189.462923][ T8647] syz.1.834: attempt to access beyond end of device
[  189.462923][ T8647] loop1: rw=524288, sector=14425508768, nr_sectors = 8 limit=16
[  189.521162][ T8638] erofs: (device loop1): z_erofs_read_folio: read error -117 @ 43 of nid 36
[  189.566834][ T8647] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -24 in[52, 4044] out[3749]
[  189.874071][   T28] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  189.980373][ T8668] loop0: detected capacity change from 0 to 8
[  189.990135][ T8663] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  190.038795][ T8668] SQUASHFS error: xz decompression failed, data probably corrupt
[  190.050222][ T8668] SQUASHFS error: Failed to read block 0x108: -5
[  190.058554][ T8668] SQUASHFS error: Unable to read metadata cache entry [106]
[  190.066154][ T8668] SQUASHFS error: Unable to read inode 0x11f
[  190.085517][   T28] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  190.096347][   T28] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  190.107268][   T28] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.118000][   T28] usb 5-1: config 0 descriptor??
[  190.126572][   T28] pwc: Askey VC010 type 2 USB webcam detected.
[  190.202320][ T5840] usb 2-1: new full-speed USB device number 16 using dummy_hcd
[  190.404239][ T5840] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  190.414878][ T5840] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  190.434887][ T5840] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  190.444075][ T5840] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  190.457230][ T5840] usb 2-1: Product: syz
[  190.461418][ T5840] usb 2-1: Manufacturer: syz
[  190.466096][ T5840] usb 2-1: SerialNumber: syz
[  190.530622][   T28] pwc: recv_control_msg error -32 req 02 val 2b00
[  190.555620][   T28] pwc: recv_control_msg error -32 req 02 val 2700
[  190.573548][   T28] pwc: recv_control_msg error -32 req 02 val 2c00
[  190.576407][ T8671] loop0: detected capacity change from 0 to 32768
[  190.589639][ T8671] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 scanned by syz.0.843 (8671)
[  190.590204][   T28] pwc: recv_control_msg error -32 req 04 val 1000
[  190.616464][   T28] pwc: recv_control_msg error -32 req 04 val 1300
[  190.645358][ T8671] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  190.652098][   T28] pwc: recv_control_msg error -32 req 04 val 1400
[  190.666116][ T8671] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  190.676567][   T28] pwc: recv_control_msg error -32 req 02 val 2000
[  190.687077][ T8675] netlink: 8 bytes leftover after parsing attributes in process `syz.2.844'.
[  190.690254][ T8671] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  190.705144][ T5840] usb 2-1: 0:2 : does not exist
[  190.717632][ T5840] usb 2-1: 5:0: failed to get current value for ch 0 (-22)
[  190.719825][ T8671] BTRFS info (device loop0): use zstd compression, level 3
[  190.737720][ T8671] BTRFS info (device loop0): using free space tree
[  190.740044][ T8675] bond0: entered promiscuous mode
[  190.750019][ T8675] bond_slave_0: entered promiscuous mode
[  190.757619][ T8675] bond_slave_1: entered promiscuous mode
[  190.789990][ T5840] usb 2-1: USB disconnect, device number 16
[  190.797184][ T8675] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  190.829116][ T8675] bond0: left promiscuous mode
[  190.844158][ T8675] bond_slave_0: left promiscuous mode
[  190.849916][ T6529] udevd[6529]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  190.863390][ T8675] bond_slave_1: left promiscuous mode
[  190.904073][   T28] pwc: recv_control_msg error -71 req 04 val 1500
[  190.924303][   T28] pwc: recv_control_msg error -71 req 02 val 2500
[  190.944145][   T28] pwc: recv_control_msg error -71 req 02 val 2400
[  190.951824][   T28] pwc: recv_control_msg error -71 req 02 val 2600
[  190.965681][ T8671] BTRFS info (device loop0): enabling ssd optimizations
[  190.974027][ T8671] BTRFS info (device loop0): auto enabling async discard
[  190.981227][   T28] pwc: recv_control_msg error -71 req 02 val 2900
[  190.992139][   T28] pwc: recv_control_msg error -71 req 02 val 2800
[  191.002168][   T28] pwc: recv_control_msg error -71 req 04 val 1100
[  191.021555][   T28] pwc: recv_control_msg error -71 req 04 val 1200
[  191.049437][   T28] pwc: Registered as video103.
[  191.072521][   T28] input: PWC snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/input/input6
[  191.122878][   T28] usb 5-1: USB disconnect, device number 2
[  191.148886][ T5784] BTRFS info (device loop0): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  191.322165][   T51] Bluetooth: hci0: command 0x0406 tx timeout
[  191.406356][ T8696] loop2: detected capacity change from 0 to 2048
[  191.439381][ T8696] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  191.572460][ T8702] loop1: detected capacity change from 0 to 2048
[  191.644299][ T8702] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  191.694094][   T27] audit: type=1800 audit(1762579888.071:12): pid=8702 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.847" name="file1" dev="loop1" ino=1415 res=0 errno=0
[  191.694675][ T8702] comedi comedi0: c6xdigio: I/O port conflict (0x9,3)
[  191.752149][ T8702] ------------[ cut here ]------------
[  191.757956][ T8702] Unexpected driver unregister!
[  191.834379][ T8702] WARNING: CPU: 1 PID: 8702 at drivers/base/driver.c:270 driver_unregister+0x92/0xa0
[  191.845326][ T8702] Modules linked in:
[  191.850314][ T8702] CPU: 1 PID: 8702 Comm: syz.1.847 Not tainted syzkaller #0
[  191.857689][ T8702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  191.867944][ T8702] RIP: 0010:driver_unregister+0x92/0xa0
[  191.873898][ T8702] Code: e8 a3 cb da fc 48 89 df 5b 41 5e 41 5f e9 e6 5a ff ff e8 01 4b 4d fc eb 05 e8 fa 4a 4d fc 48 c7 c7 40 15 21 8b e8 4e c8 17 fc <0f> 0b 5b 41 5e 41 5f c3 cc cc cc cc cc cc 66 0f 1f 00 41 57 41 56
[  191.894250][ T8702] RSP: 0018:ffffc90005077a60 EFLAGS: 00010246
[  191.900673][ T8702] RAX: 7de6905efa67a900 RBX: ffffffff8de9a800 RCX: 0000000000080000
[  191.909005][ T8702] RDX: ffffc9000d8f9000 RSI: 000000000007ffff RDI: 0000000000080000
[  191.917291][ T8702] RBP: 0000000000000001 R08: ffffc90005077667 R09: 1ffff92000a0eecc
[  191.925584][ T8702] R10: dffffc0000000000 R11: fffff52000a0eecd R12: ffff88814bf23038
[  191.934171][ T8702] R13: ffffffff8de9a750 R14: 0000000000000000 R15: dffffc0000000000
[  191.942614][ T8702] FS:  00007f8b3a84f6c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  191.952677][ T8702] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  191.959291][ T8702] CR2: 00007f15c9d156c0 CR3: 0000000078e90000 CR4: 00000000003506e0
[  191.967851][ T8702] Call Trace:
[  191.971152][ T8702]  <TASK>
[  191.974414][ T8702]  comedi_device_detach_locked+0x172/0x710
[  191.980270][ T8702]  comedi_device_attach+0x5cd/0x710
[  191.985787][ T8702]  comedi_unlocked_ioctl+0x606/0xfe0
[  191.991119][ T8702]  ? tomoyo_path_number_perm+0x477/0x590
[  191.997087][ T8702]  ? comedi_poll+0x8c0/0x8c0
[  192.001763][ T8702]  ? __fget_files+0x28/0x4d0
[  192.006552][ T8702]  ? bpf_lsm_file_ioctl+0x9/0x10
[  192.011513][ T8702]  ? security_file_ioctl+0x80/0xa0
[  192.016696][ T8702]  ? comedi_poll+0x8c0/0x8c0
[  192.021317][ T8702]  __se_sys_ioctl+0xfd/0x170
[  192.026045][ T8702]  do_syscall_64+0x55/0xb0
[  192.030488][ T8702]  ? clear_bhb_loop+0x40/0x90
[  192.035225][ T8702]  ? clear_bhb_loop+0x40/0x90
[  192.039928][ T8702]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  192.045897][ T8702] RIP: 0033:0x7f8b3998f6c9
[  192.051193][ T8702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.071061][ T8702] RSP: 002b:00007f8b3a84f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  192.079549][ T8702] RAX: ffffffffffffffda RBX: 00007f8b39be5fa0 RCX: 00007f8b3998f6c9
[  192.087648][ T8702] RDX: 0000200000000180 RSI: 0000000040946400 RDI: 0000000000000003
[  192.095689][ T8702] RBP: 00007f8b39a11f91 R08: 0000000000000000 R09: 0000000000000000
[  192.103730][ T8702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  192.111728][ T8702] R13: 00007f8b39be6038 R14: 00007f8b39be5fa0 R15: 00007fffd0e51668
[  192.119789][ T8702]  </TASK>
[  192.122924][ T8702] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  192.130214][ T8702] CPU: 1 PID: 8702 Comm: syz.1.847 Not tainted syzkaller #0
[  192.137514][ T8702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  192.147583][ T8702] Call Trace:
[  192.150858][ T8702]  <TASK>
[  192.153799][ T8702]  dump_stack_lvl+0x16c/0x230
[  192.158483][ T8702]  ? show_regs_print_info+0x20/0x20
[  192.163677][ T8702]  ? load_image+0x3b0/0x3b0
[  192.168184][ T8702]  panic+0x2c0/0x710
[  192.172081][ T8702]  ? bpf_jit_dump+0xd0/0xd0
[  192.176585][ T8702]  __warn+0x2e0/0x470
[  192.180557][ T8702]  ? driver_unregister+0x92/0xa0
[  192.185491][ T8702]  ? driver_unregister+0x92/0xa0
[  192.190419][ T8702]  report_bug+0x2be/0x4f0
[  192.194746][ T8702]  ? driver_unregister+0x92/0xa0
[  192.199687][ T8702]  ? driver_unregister+0x92/0xa0
[  192.204620][ T8702]  ? driver_unregister+0x94/0xa0
[  192.209551][ T8702]  handle_bug+0xcf/0x120
[  192.213792][ T8702]  exc_invalid_op+0x1a/0x50
[  192.218290][ T8702]  asm_exc_invalid_op+0x1a/0x20
[  192.223132][ T8702] RIP: 0010:driver_unregister+0x92/0xa0
[  192.228671][ T8702] Code: e8 a3 cb da fc 48 89 df 5b 41 5e 41 5f e9 e6 5a ff ff e8 01 4b 4d fc eb 05 e8 fa 4a 4d fc 48 c7 c7 40 15 21 8b e8 4e c8 17 fc <0f> 0b 5b 41 5e 41 5f c3 cc cc cc cc cc cc 66 0f 1f 00 41 57 41 56
[  192.248276][ T8702] RSP: 0018:ffffc90005077a60 EFLAGS: 00010246
[  192.254343][ T8702] RAX: 7de6905efa67a900 RBX: ffffffff8de9a800 RCX: 0000000000080000
[  192.262310][ T8702] RDX: ffffc9000d8f9000 RSI: 000000000007ffff RDI: 0000000000080000
[  192.270289][ T8702] RBP: 0000000000000001 R08: ffffc90005077667 R09: 1ffff92000a0eecc
[  192.278260][ T8702] R10: dffffc0000000000 R11: fffff52000a0eecd R12: ffff88814bf23038
[  192.286226][ T8702] R13: ffffffff8de9a750 R14: 0000000000000000 R15: dffffc0000000000
[  192.294204][ T8702]  comedi_device_detach_locked+0x172/0x710
[  192.300023][ T8702]  comedi_device_attach+0x5cd/0x710
[  192.305220][ T8702]  comedi_unlocked_ioctl+0x606/0xfe0
[  192.310506][ T8702]  ? tomoyo_path_number_perm+0x477/0x590
[  192.316134][ T8702]  ? comedi_poll+0x8c0/0x8c0
[  192.320757][ T8702]  ? __fget_files+0x28/0x4d0
[  192.325351][ T8702]  ? bpf_lsm_file_ioctl+0x9/0x10
[  192.330290][ T8702]  ? security_file_ioctl+0x80/0xa0
[  192.335398][ T8702]  ? comedi_poll+0x8c0/0x8c0
[  192.339983][ T8702]  __se_sys_ioctl+0xfd/0x170
[  192.344568][ T8702]  do_syscall_64+0x55/0xb0
[  192.348980][ T8702]  ? clear_bhb_loop+0x40/0x90
[  192.353652][ T8702]  ? clear_bhb_loop+0x40/0x90
[  192.358339][ T8702]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  192.364240][ T8702] RIP: 0033:0x7f8b3998f6c9
[  192.368656][ T8702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.388258][ T8702] RSP: 002b:00007f8b3a84f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  192.396666][ T8702] RAX: ffffffffffffffda RBX: 00007f8b39be5fa0 RCX: 00007f8b3998f6c9
[  192.404627][ T8702] RDX: 0000200000000180 RSI: 0000000040946400 RDI: 0000000000000003
[  192.412589][ T8702] RBP: 00007f8b39a11f91 R08: 0000000000000000 R09: 0000000000000000
[  192.420548][ T8702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  192.428508][ T8702] R13: 00007f8b39be6038 R14: 00007f8b39be5fa0 R15: 00007fffd0e51668
[  192.436486][ T8702]  </TASK>
[  192.439705][ T8702] Kernel Offset: disabled
[  192.444083][ T8702] Rebooting in 86400 seconds..