last executing test programs:

55.85442684s ago: executing program 3 (id=971):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000040)='./bus\x00', 0x18, &(0x7f0000000300)={[{@space_cache_v1}, {@nossd_spread}, {@ref_verify}, {@nodatacow}, {@clear_cache}, {@noacl}, {@nossd}, {@barrier}, {@ref_verify}]}, 0x1, 0x55ae, &(0x7f000000ac40)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKArVHV3YPxzZB90a9oyc/Q0H1lRV5/lR+3czuZ9PD6xERD8XxvHbaDO5Wj4Lls2aanrduXBttdwdtjtXdbL3i3FWznJZ623C9SmW8om7eEqkP5zLZZ0xd0zI+PlIfGxj7FatpBz/O6TefM2Jp0r3kdxg40bJfX4QO1k+ove3viwStP/uPp+85fO3Vbu/lczibNTe9o1SHzmus1z2M04dP7PNm8LYW3r539aSv4ljTUl64QwvF/+nzZM3Ne2n3jB6+eOPH2Fy6+etrCa6ZMfHbQL8b+47W73D3t8oL5f8NHz//jyznelufljq1+WJ/MzeMjdTGxsT6ZmwMAAECv0Rv2mn519KsvnfrQ3YteXH5cxXfH/eqk3eorzv5+x/G7rhz/xUuvbH98l4L5/9DSjv/HQ/51uaNdHcKErsQFA0LYrevxJPCz2J2TB4SwV1eqJT9wWCqwOoQvdCX2z1aVKtE3lhiaCvy+PhOYkAqsiYGWVODGGFiSClwYAytSgRkxsDoVODwGQnv+OA6oz4yj5EBNDLQmG3FFPAvhnfrYWmpbrctWBQAAsJ1kZoeV+XdzznXY1gxxermipqcM8QzsohmqUzWkZ7DZaVXRGip6qqG8pxqy41700cMvqLmsp5oLTsMoy8/w4ZDvlA+YuPeP7rpxxE3NL0787rtjj//Kn998d/X+//Tf7zln/nUHFMz/mz56/l/dTUfKCo7/hzC562/MXZ6JdGTjrS15GQAAAIBtcNVjS5+84YCj/s99L99355euvaF89dVf/7+vbLxg71HHDS/r+3ffXlEw/59Q2vn/cZ9In5zM4dG4G2L2gBCa8gNJtQcXBpKj3v0yAQAAAOgNssfjs8fC2zO3ySna6fl0Yf6WrcwfD/xP6Db/5Zv++tkvX/vkiQuH7bPhiv925gdlnx/7u12OXTvy8bf2HPYPDX0Lz/9vKe38/9r826QTa2IvrhwQQt+cwCOxl52BLkNj4OVD8wOZ8a+JG2BxrCpzYkK2qsWxRGsMNKUCy4qV+G22xG75gcyTlW38guw42jMlcgIAAADwiYu7A+Jx+Xj+/z2TD/jS/oNeGvPinvcufG3C0hNOrf3hPrfs+vqAjkljDpxwyBHPFMz/W7fu/P+ueXDB6f0d/UIYWRFCn/QPAx6tTRYGjIG6skzi/tqkrj7pqs6rDWF858DSVb2SWf+/Ir3G4BM1SVUxsNveP900rDNxQ00II3MDz3zz+jGdifmpQLbxb9SEMKRztOnGV/ZNGq9MN35N3xD2zAlkqzq5bwidjVWlq3qwOnMdg3RVt1WHMDAnkK3qwOoQFgYAeqn4r3Rm7oPzFp49e3pHR9sZOzAR9+HXhFntHW2NM+Z0zKwu0qeZqT7nLWN0XuGYSr3yzfOZJYqmDrl9eCnp7O8Em3LbyuzHLzhxMHM/fheq7Bpnc2Xe3dHpIQ/fp7CJkPNNqtiQy3fwkGtzK9nyJBbUH/NXhX6h74J5bWc0njV9/vwzRiV/S83enPyNh5mSbTUqva1qu+tbCS+PoqtlpXzcbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/PQx1v+6qTg118/Uljms7DnX3ipxKPolPDQkJid6WmL6k7PwJ0359/7f2WHPaWSft8fd7zBxx0l9d/pu5JzYeMvlX1//l2oL5/9yPnv/HT534yZ9Zn6HY8f+GeJg/eXzLYf7WGFhW6vH/hmJH87MnBgxNBRbFwCKH+QEAAPhsiLsj497MuFf6urp/uvvImTMOef+XJ0y5+m/Hjjv1rPX7Nlx89bFL/sP6d5asOuLtgvn/otJ+/7+d1v/PLl3/tWLL/O8fSzQVW/8/vcx/dv3/RcXW/08v859d/3/Zp7D+/4JsILVJ3rH+PwAA8Fnwya3/3+Py/ukLBBRk6HF5//QFAgoy9LiMf6kXCNjq9f/ndPxF7aDL54w7dMTcHz+yau8lA2/70vMTf73P0oNG3LvylvdG3Vow/19S2vzfwv0AAACw83jol32/ffG7w+5/6pH3jyy79Lcbbzr+r9oOOOQPA5tPmXx0zfdv+reC+f+y0ub/n/z6f6HY+f9DiwVaii0MaP0/AAAAeqli6//dPPDloavnj7jxsZ+/ectLrb+YOf61f7fkB1+ZPqzp5jXrftMwY33B/H9FafP/eNpFeV7u2JsP65M17UJ6TbuN9dmfDAAAAEDvUB4aGytLzJu3MuphH7/NdZmlQD8qnevp+watWlD+0FVl1Rt/cMm0QxrPPfbMOUdetP77tU/+pHZqY/UZBfP/1aXN//N+l/FA7aT6y96eePCHK0/+4+n7zl87dcvxfwAAAGDHKXW/BAAAAAAAAAAAAAAA8Ol7qnXpQR+MOvqNmXuN+tM3jn3hB4u/+M1H/ubaP5/588Pv26t987ApBb//D5O7yhX7/X+87l/8fcGuebljqz2v/5e5P+WYWxd2LVn4aH0I++QGZp8/+3Mhc23+/XIDq6buP7gzcX66xH0vHv5aZ2JaOnDUiF3e60yMTwVa4yKJX0gH4lUV3+ufCsTlFZ9MB+L2WJEOVGUCl/RPxlGW3lYb6pJtVZbeVs/VhTAgJ5DdVnfXJW2UpQd4VSqQHeDp6UAc4KRMoDzdq1v7Jb2KgbpY9G/6Jb0CAGCnFb8FVoZZ7R1tTfErfLzdvSL/Nspbsuy8wmrLSmz++czSZFOH3D68lHSf9HfRLdcarwzVnUMYVfB1NTdLWdcot08tPWy6XYsMuafV3sqLlEvb2k1XVXxENcmIGmfM6ZhZ2ePAR/ecpbmixyyjCiY7uVnKuzZpCbWU0JcSRlTitimhy/F+eWhs7JPKNS4GG0Kenl4Rpf5eP3edv2Kvgtw8f1tz7aV9Bvd5/9/GX/TQgwMqO06d3HbR7o/988BRM3/8wwdbr/l9wfy/obT5f3XuuN7LXAxgUbyy3sEDQmgtcUQAAADw2fc/z11+x4lz1myYtbri2d/9bnb5cSdWbj7nrnPOvui5+xcfdcm/v3lb4yvKntp04hubzvrrN37ylesePuulw2ecddekdYesb6u+8bt/sfzUIQXz/6Glzf/jHqzMoeBkb8fqeP3/CwaE0HVp/YYk8LM43JMHhLBXV6ollkguqP+1WKIpCfws7jDZP5Zobcmvqm8MrEgFfl+fCaxOBdbEQGYvxU9DZlfOFfUhjOlKTc4vMTeWaEgFjouBoalAYww0pQL9Y2BCKvBm/0ygJRX4xxgI7fnb6s7+mW0FAACwNTLzrMr8uyE9z1tR0VOGsp4y1PaUobynDNU9ZSg2inj/jpihMnXySllOpsp0rTWpWgoyxIvhb3W/CjKE3+bnTBcsaDqef5A936AsP8O4H97RetDX5v1408U/evzIAy88csmVb196dL/BVz77v9vP7dd/U23B/L+ptPl/bf5t0vqaOP/fcv2/JPBI7N6V8dTxoTHw8qH5gcyOgTVxsrs4W1VLpkRm0r44lpgQA0NTgbkxMCEVaJ2cCSwbnB/IzLSzjV+Qbbw9UyInAAAAAJ+4uIMg7qaJ8/+V48I7exz5fvPuVw6cO+7xR847YnrNrtU1/zx+7dLxl1Y/tF/fgvn/hNLm/7G9frmNXRh782r/EO4u29KbbGBEXRKI+zHq4s/j96gL4XM5OziyJdpqkxJVqYbDwzXJL9Sr0lXdW5OsMRDvT3niwVWXdSauqglh35y9L9k2XqhO2qhJB4ZVJYHadGBORRKIe36ygXvKkwBss+xewfiCypzqktXQfbkir7/PyjVB08Mr2AfaTb7ufnO1o1SnH8jsU83auqetoDp2iIK3x2rvtt74bmvwbsv9IpX5hrJ5S6g6lM9smzV9Qcf8+EjuL1kL7KDnOfdXqqWkt8PrcNHH723PqtMdaEp9fDR1X67712FZrO6B2kn1l7098eCVJ//x9H3nr51acjeKiD8UPvjWuQc8l7N5d7TqkHnN9brPkxafJ73x38BQT1sIYfkFs5584l/ef75iffN/OXDs8tvefGz5Tw56YNaIL2y45Msb33r3qIL5f0tp8/+K1G2XD+LGnDcghOE5G/fRuPknDkg+B3MCyafkwMJAcsh9fX3RT04AAADY3rK7O7L7C9ozt8kJ4el5cmH+lq3MH/dXTOg2f6n9HjjmH7536FWvf+Pr63e//NGlT637T2++csS0Qx/Y9PSKla83H/v5pwvm/60fPf/vm+qm4/+O/7ODOP7frZ19V3Tf9AOLtmlXdEF17BCO/3drZ3+3Of7fLcf/Hf/vjuP/PXD8v1s7+9NW8C1pri9dIYTWATfc/ova6cP7XXHOt2as/fnT7zSNe6Hu3KPv/B+HLw7XnLfqzwXz/7mlzf+t/9f9on3Z9f9ai63/N7fY+n+LrP8HAADsUEUWmkvP8wpW7yvIkF69ryBDjwsE9rjEoPX/tnr9v9qTzj7plfq39rpm4u3/+c7pFz5/0onP7tvn+RNuP+GmkVcPf+nLGwrm/4tKm//Hl0O/3NZ7y/p/QycXqWpJDMy1MCAAAAA7o2I7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh0rXhw8Rc3L97noJue/fxNh//rsjWz9v7VAZtHjzm5cfjigWVX/t2/vDVowcI32iadeW3L9OXXbFi5NIT2rnJlSfGyhwaVl4/+wzF33XbFw03TBk85tzpTb2Xm9ot5uWOrH9aHsCznkbqY2FjfeWdLYMoxty6s6Ew8Wh/CPrmB2efP/lxn4sb6EPbLDayauv/gzsT56RL3vXj4a52JaenAUSN2ea8zMT4TKEt397r+SXfL0t29rH8IA3IC2e5+u39+Vdk2/mMmUJ5u4+a6pI0YqItFf1SXtBEDHbFEe98QRlaE0Cdd1a+rk6r6pKv6++qkqj7pqv5rdQjjQwgV6aperEqqqkiPfG1VUlUM7Lb3TzcN60wsqwphZG7gmW9eP6YzcXoqkG3861UhDOl8yaQbv6Myabwy3fhVlSHsGUKoSpf414qkRFW6xCsVIQzMCWQbP7UihIWBz4T44TMz98F5C8+ePb2jo+2MHZioyrRVE2a1d7Q1zpjTMbM61adiynLSm8/7+GN/ftM5Mzpvpw65fXgp6YpMucquLjdX5t0dvbP3PvarNreSLc9HQf0xf1XoF/oumNd2RuNZ0+fPP2NU8rfU7M3J3z6ZaLKtRvWWbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/22Oo13/yQ929IqeST+IDQEJCorclyvM+3Zp29g/ygi/6WzpaGaq7PqALphW5Wcq6Rrk9Bn3Yxxzxx/me0uOIRhVMHAqyNPecZXTBZGJLlpokS9f3uoLJYW5N5V2bNN4vD42NfYpth4b8u7mb961t2LzrMpuu1DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBYAAAAAECYv3UYPRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//WKHPZA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000180)=""/82, 0x52)
getdents64(r0, 0xfffffffffffffffe, 0x29)

54.61842784s ago: executing program 3 (id=979):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000000280)={0x80, 0x400000b4, 0x0, 0x0})

54.103712411s ago: executing program 3 (id=982):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000d"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001400)={0x11, 0x15, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x10000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1000009}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10)

53.907987297s ago: executing program 3 (id=984):
syz_mount_image$jfs(&(0x7f0000000400), &(0x7f0000000040)='./file1\x00', 0xc00, &(0x7f00000007c0)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYRESOCT=0x0, @ANYRESDEC, @ANYRESOCT, @ANYRES8, @ANYRES32=0x0, @ANYRESOCT, @ANYRES8, @ANYRES16=0x0, @ANYRESOCT=0x0], 0x1, 0x6207, &(0x7f0000012500)="$eJzs3ctvHVcdB/DfffoRmkZdVCVCyG3Do5TmWUKgQNsFLNiwQNmiRK5bRaSAkoDSKiKuvGHBHwFCYokQS1b8AV2wZccfQKQECdRVpxr7HGc88c21k/rOtc/nIzlzf3NmfM/ke+c+PDP3BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQP/7RT8/1IuLKb9KMExFfiEFEP2KprlciYmnlRHOdF2KzOZ6PiNFCRL3+5j/PRrweER8fj7j/4M5qPfv8Hvvxw7/+608/O/aTf/5ldOb/f7s1eGPScrdv//5/f7/75NsLAAAAJaqqquqlj/knI2KYPtsDAEdffv2vkjxfPXf1+pz1R61Wq9WHsG6qdne3WUTEenOd+j2Dw/EAcMisxyddd4EOyb9ow4g41nUngLnW67oDHIj7D+6s9lK+vebrwcpWez4XZEf+673t6zsmTadpn2Myq8fXRgziuQn9WZpRH+ZJzr/fzv/KVvs4LXfQ+c/KpPzHW5c+FSfnP2jn33J08u/vmn+pcv7DfeU/kD8AAAAAAMyx/Pf/Ex0f/114+k3Zk8cd/12ZUR8AAAAAAAAA4PO23/H/hq3x/7YZ/w8AAADmVv1ZvfaH4w/nTfoutnr+5V7EM63lgcKki2WWu+4HAAAAAAAAAAAAAJRkuHUO7+VexCginllerqqq/mlq1/v1tOsfdqVvP5Ss6yd5AADY8vHx1rX8vYjFiLicvutvtLy8XFWLS8vVcrW0kN/PjhcWq6XG59o8rectjPfwhng4rupftthYr2na5+Vp7e3fV9/XuBrsoWOz0WHgABARW69G970iHTFV9Wx0/S6Hw8H+f/TY/9mLrh+nAAAAwMGrqqrqpa/zPpmO+fe77hQAMBP59b99XECtVqvVavXRq5uq3d1tFhGx3lynfs9gOH4AOGTW45Ouu0CH5F+0YUS80HUngLnW67oDHIj7D+6s9lK+vebrQRrfPZ8LsiP/9d7menn93abTtM8xmdXjayMG8dyE/jw/oz7Mk5x/v53/la32cVruoPOflUn519t5ooP+dC3nP2jn33J08u/vmn+pcv7DfeU/kD8AAAAAAMyx/Pf/E3N1/Hf8pJsz1eOO/64c2L0CAAAAAAAAwMG6/+DOar7uNR///9Iuy7n+82jK+ffkX6Scf7+V/9dbyw0at++9/TD//z64s/rnW//5Yp7uMf+Hv66XHlm99IjopabeME2fZusetTEajOt7GvX6g2E656cavRvX4nqsxdkdy/bT/8fD9nOPbMRos70abLWf39E+3G7P61/Y0T5KZzpVS7n9dKzGL+N6vLPZXrctTNn+xSnt1ZT2nP/A/l+knP+w8VPnv5zae61p7d5H/Uf2++Z0t/t569qXf3f24Ddnqo0YbG9bU719L3XQn83/k2Pj+PXNtRunb1+9devGuUiTHXPPR5p8znL+o/Sz/fz/8lZ7fqJu7q/3PhrvO/95sRHDifm/3Lhdb+8rM+5bF3L+4/ST838nte++/x/m/Cfv/6920B8AAAAAAAAAAAAAAAB4nKqqNi8RfSsiLqbrf7q6NhMAmK38+l8lef6s6sGM70+tPuR1b876M9P602q++qNWH8a6qdrdm80iIv7RXKd+z/Db3X4ZADDPPo2If3fdCToj/4Ll7/urp6e67gwwUzc/+PDnV69fX7txs+ueAAAAAAAAAABPKo//udIY//lUVVV3W8vtGP/17Vh52vE/h/nG9gCjEwaqHux/mx5noz8e9BvDjb8Yk8b/Hm3fetz438Mp9zea0j6e0r7w6KylZrE4Zf1dL/RoyPm/2Bjv/FREnGwNv17C+K/tMe9LkPN/qfF4rvP/Wmu5Zv7VHw9z/v0d+Z+59f6vztz84MPXrr1/9b2199Z+ceHcubMXLl68dOnSmXevXV87u/Vvhz0+WDn/PPa180DLkvPPmcu/LDn/r6Ra/mXJ+X811fIvS84/v9+Tf1ly/vmzj/zLkvN/JdXyL0vO/xupln9Zcv6vplr+Zcn5fzPV8i9Lzv+1VMu/LDn/06mWf1ly/mdSvcf8lw66X8xGzj8f4bL/lyXnn89skH9Zcv7nUy3/suT8L6Ra/mXJ+b+eavmXJef/rVTLvyw5/4upln9Zcv7fTrX8y5Lzv5Rq+Zcl5/+dVMu/LDn/76Za/mXJ+b+RavmXJef/vVTLvyw5/++nWv5lyfn/INXyL0vO/81Uy78sD7//3w03Znxj5OE3vze6fmYCAAAAAAAAAAAAANpmcTpx19sIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfMYOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrB3dzFynfX9wM+ud9drBxIDIX8nfwMbx4SQONn1S/xCm2LCa8N7IBT6gu1612bBb3jtEmgkGwVKJIyKKtqGi7aAUMlNhVWhilaAcoFaVa0E7QW9QVS0XERVQAG1UltBtppznufZmdnZmVnvZH3mnM9Hin/emTNzzpw5c3a/63xnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABodutr5z41kmVZ47/8jy1Z9rzG3zdNbckve9W13kIAAABgrX6R//nMDemCQ33cqGmZv3vpd762uLi4mL13wx+Of25xMV0xlWXjG7Msvy668sP3jTQvEzyaTY6MNn092mP1G3pcP9bj+vEe10/0uH5jj+sne1y/bAcss6n4fUx+Zzvyv24pdml2YzaeX7ejw60eHdk4Ohp/l5MbyW+zOH48m89OZnPZTMvyxbIj+fLfuLWxrjdlcV2jTeva1jhCfvrIsbgNI2Ef72hZ19J9Rj9+TTb1s58+cuzPzz99c6fZcze03F+xnXdsb2znJ8IlxbaOZBvTPonbOdq0nds6PCcbWrZzJL9d4+/t2/lMn9u5YWkz11X7cz6ZjeZ//26+n8aaf62X9tO2cNl/35Zl2aWlzW5fZtm6stFsc8slo0vPz2RxRDbuo3EovTAbW9Vxemsfx2ljzu5oPU7bXxPx+b813G5shW1ofpp+/PGJpuf954tXc5xGjUe90mul/Rgc9GulLMdgPC6+mz/oxzoegzvC43/k9pWPwY7HTodjMD3upmNwe69jcHRiQ77No1/ZHNe+veUY3NWy/IZ8TSP5fOr27sfg9PlTZ6cXPvqxu+dPHT0xd2Lu9J5du2b27Nt34MCB6ePzJ+dmij+ven+X3eZsNL0Gtod9F18Dr2hbtvlQXfzixLLz79W+Die7vA63tC076NfhWPuDG1mfF+TSMR0vKV4b727s9MnLo9kKr7H8+blz7a/D9LibXodjTa/Djt9Tlm3zSH6bXq/DxjJn7+zvZ5axpv86bcPK3wvWdgxuaToG238eaT8GB/3zSFmOwclwXHz/zpW/F2wL2/vYztX+PLJh2TGYHm449zQuST/vTx7IR6fj8pbGFddNZBcW5s7d8/DR8+fP7crCWBcvajpW2o/XzU2PKVt2vI6u+ng9NP/Sx27pcPmWsK8m7278Mbnic9VYZu893Z+r/Ltb5/3ZcunuLIwBW+/92em7eWN/TmTZ57/98Qe/+cjnX7vi/mzkzU9Mr/1n8ZRLm86/4yucf2Puf7ZYX7qrRzeMjxWv3w1p74y3nI9bn6qx/Nw1kq/7men+zsfj4b/1Ph/f2OV8vLVt2UGfj8fbH1w8H4/0+m3H2rQ/n5PhODk50/183Fhm6+7VHpNjXc/Ht4U5Evb/K0NSSLmo6dhZ6bhN6xobGw+PayyuofU43dOy/HjIZo11PbH76o7TO24r7mtDenRL1us4nWpbdtDHafrd10rH6Uiv375dnfbnczIcFzfu6X6cNpZ5cu/az52b4l+bzp0TvY7B8Q0TjW0eTwdhfr7PFjfFY/Ce7Fh2JjuZzebXTuTH00i+rp339ncMToT/1vtcubXLMXhH27KDPgbT97GVjr2RseUPfgDan8/JcFw8fm/3Y7CxzOv2D/Zn1zvCJWmZpp9d23+/ttLvvG5p203P1bEyFrbz2/u7/262sczJA6vNmd33013hkus67Kf21+9Kr6nZbH3209awnU8fWHk/NbanscznDvZ5PB3Ksuzih+/Pf98b/n3lLy9872st/+7S6d90Ln74/p88//jfrmb7ARh+zxZjc/G9rulfpvr5938AAABgKMTcPxpmIv8DAABAZcTcH/+v8ET+BwAAgMqIuX8szKQm+X/r656ef/Zilpr5i0G8Pu2GB4rlYsd1Jnw9tbikcfn9X577r7+52N+6R7Ms+/kDv9tx+a0PxO0qTIXtvPL61suX+drdfa37yEMX03qb++tfCPcfH0+/h0GnCu5MlmXfuOEz+Xqm3nc5n08+cCSfD1567NHGMs8cLL6Ot3/qRcXyfxLKv4eOH225/VNhP/wozJk3d94f8XZfvfzKbfvfs7S+eLuR7dfnD/vx9xf3G98n57OPFsvH/bzS9n/z0098tbH8wy/vvP0XRztv/xPhfr8c5v+8pFi++TlofB1v98mw/XF98Xb3fOlbHbf/yqeK5c++oVjuSJhx/XeEr3e84en55v318MjRlseVvbFYLq5/5nu/n18f7y/ef/v2Tx6+3LI/2o+PJ/+5uJ/ptuXj5XE90V+3rb9xP83HZ1z/E793pGU/91r/lQefeknjftvXf1fbcmc/fGe+/qX7a33Hpj/95Gc6ri9uz6G/ONvyeA69M7yOw/off384HsP1/3uluL/2d1c48s7W809c/gtbLrY8nuhNPyvWf+XVJ/K5cXLT5uue9/zrL72sse+y7Lsbi/vrtf4Tf3amZfu/eFOxP+L1saPfvv6VxPWf+8jO02cWLszPpr36yA35e+e8pdieuL03hHNr+9eHz5z/wNy5qZmpmSybqu5b6F21L4X5k2Jc6r704rIz6J0Phefzlj/+xubb/+nT8fJ/eXdx+eU3F9+3XhGW+2y4fEt4/la3/uUev/Wm/PU98mTYwsXl7xe8Ftt2/MeBvhYMj7/954J4vJ998Qfy/dC4Lv++EV/Xa9z+H8wW9/P1sF8Xwzszb79paX3Ny8f3Rrj8ruL1vub9F05z8Xn9Sni+3/qj4v7jdsXH+4Pwc8y3trae7+Lx8fWLo+33n7+Lx6VwPskuFdfHpeL+vvzMTR03L74PSXbp5vzrP0j3c/OqHuZKFj66MH1y/vSFh6fPzy2cn1746McOnzpz4fT5w/l7eR7+YK/bL52fNufnp9m5fXuz/Gx1phjPsWu9/WcfOja7f+b22bnjRy8cP//Q2blzJ44tLBybm124/ejx43Mf6XX7+dn7du0+uGf/7p0n5mfvO3Dw4J6DO+dPn2lsRrFRPeyb+dDO0+cO5zdZuG/vwV333rt3ZuepM7Nz9+2fmdl5odft8+9NOxu3/p2d5+ZOHj0/f2pu58L8x+bu23Vw377dPd8N8NTZ4wtT0+cunJ6+sDB3brp4LFPn84sb3/t63Z5qWvjX4ufZdiPFG/Flb79rX3p/1oYvf3zFuyoWaXsD0afDe9H8/QvOHujn65j7x8NMapL/AQAAoA5i7p8IM5H/AQAAoDJi7t8YZiL/AwAAQGXE3D8ZZlKT/F+5/v/Wi32tX/9f/795f+n/16z//66y9f8b54u51OvU/1+btfbv9f8D/X/9f/1//X/9fwagbP3/mPs3ZVkt8z8AAADUQcz9m8NM5H8AAACojJj7rwszkf8BAACgMmLuf16YSU3yv/6//r/+v/6//n/n9a9v/9/n/w+K/n93+v896P9PZ/Xq/18a5Pbr//fZ/5/qdU9USdn6/zH3Pz/MpCb5HwAAAOog5v7rw0zkfwAAAKiMmPtvCDOR/wEAAKAyYu7fEmZSk/yv/6//r/+v/6//33n9+v/DSf+/O/3/HvT/ff6//r/P/2egytb/j7n/BWEmNcn/AAAAUD3Lf5kQc/8Lw0zkfwAAACifsau7Wcz9LwozWZb/r3IFAAAAwDUXc/+NWVsRvCb//q//r/+v/6//r//fef399/83ZPr/5aH/353+fw/6/2vrzzdOjPr/+v/6/zQpW/8/z/3ZZPbiMJOa5H8AAACog5j7bwozkf8BAACgMmLu/39hJvI/AAAAVEbM/VvDTGqS//X/9f/r1v//t736//r/Pv+/yvT/u9P/70H/3+f/6//r/zNQZev/x9x/c5hJTfI/AAAA1EHM/beEmcj/AAAAUBkx9///MBP5HwAAACoj5v5tYSY1yf/6/yXv/8fmqP6/z//X/9f/1//vi/5/d/r/Pej/6//r/+v/M1Bl6//H3P+SMJOa5H8AAACog5j7XxpmIv8DAABAZcTc/7IwE/kfAAAAKiPm/qkwk5rkf/3/kvf/ix78hM//1//X/9f/1//vj/5/d/r/Pej/6//r/+v/M1Bl6//H3H9rmElN8j8AAADUQcz928NM5H8AAACojJj7bwszkf8BAACgMmLu3xFmUpP8r/8/FP3/TP9f/1//X/9f/78/+v/d6f/3oP+v/6//r//PQJWt/x9z/8vDTGqS/wEAAKAOYu6/PcxE/gcAAIDKiLn/FWEm8j8AAABURsz9d4SZ1CT/6//r/+v/6//r/3dev/7/cNL/707/vwf9f/1//X/9fwaqbP3/mPtfGWZSk/wPAAAAdRBz/51hJvI/AAAAVEbM/XeFmcj/AAAAUBkx9+8MM6lJ/tf/1//X/9f/1//vvH79/+Gk/9+d/n8P+v/6//r/+v8MVNn6/zH33x1mUpP8DwAAAHUQc/89YSbyPwAAAFRGzP3TYSbyPwAAAFRGzP0zYSY1yf/6//r/+v+l7P/nNyll//9lS/er/1/Q/y8X/f/u9P970P/X/7/m/f9x/X8qpWz9/5j7d4WZ1CT/AwAAQB3E3L87zET+BwAAgMqIuX9PmIn8DwAAAJURc//eMJOa5H/9f/1//f9S9v9zpez/N9H/L+j/l4v+f3eD7//Hh6j/r/+v/+/z//X/Wa5s/f+Y++8NM6lJ/gcAAIA6iLl/X5iJ/A8AAACVEXP//jAT+R8AAAAqI+b+A2EmNcn/+v/6//r/+v/6/53Xr/8/nMrZ/x/te/3D1//3+f/6/0v0//X/9f9pV7b+f8z9B8NMapL/AQAAoA5i7n9VmIn8DwAAAJURc/8vhZnI/wAAAFAZMff/cphJTfK//n/Z+/+jmf6//r/+v/6//n//ytn/75/+v/6//v/wbr/+v/4/y5Wt/x9z/31hJjXJ/wAAAFAHMff/SpiJ/A8AAACVEXP/q8NM5H8AAACojJj7D4WZ1CT/V6z/P9nfmoep/+/z//X/9f/1//X/V0P/vzv9/x70//X/9f/1/xmosvX/Y+5/TZhJTfI/AAAA1EHM/feHmcj/AAAAUBkx9782zET+BwAAgMqIuf91YSY1yf8V6/9X8PP/9f/1//X/9f/1/1dD/787/f8e9P/1//X/9f8ZqLL1/2Puf32YSU3yPwAAANRBzP1vCDMav2ZbBAAAAAxazP1vDDPx7/8AAABQGTH3vynMpCb5X/9f/1//X/9f/7/z+vX/h5P+f3f6/z3o/+v/6//r/zNQZev/x9z/q2EmNcn/AAAAUAcx9z8QZiL/AwAAQGXE3P/mMBP5HwAAACoj5v63hJnUJP/r/+v/6//r/+v/d16//v9w0v/vbsj6/7+4Plyu/1/Q/y/39q+2/z/W9vVz0v//4Ur9/8WN7bfX/+e5ULb+f8z9bw0zqUn+BwAAgDqIuf9tYSbyPwAAAFRGzP1vDzOR/wEAAKAyYu5/R5hJTfK//n9jO5bay/r/+v/5BevS/3/Hf+r/6/9n+v8Dp//f3ZD1/33+fxv9/3Jvv8//1/9nubL1/2Puf2eYSU3yPwAAANRBzP0PhpnI/wAAAFAZMfe/K8xE/gcAAIDKiLn/3WEmNcn/+v8+/1//3+f/6/93Xr/+/3DS/+9O/78H/X/9/7L1//9d/5/hVrb+f8z9D4WZ1CT/AwAAQB3E3P+eMBP5HwAAACoj5v5fCzOR/wEAAKAyYu5/b5hJTfL/te7/b9L/77P/P6X/r/+v/9/2ePT/9f870f/vTv+/B/1//f+y9f99/j9Drmz9/5j73xdm0n/+n+x7SQAAAOCaiLn/18NMavLv/wAAAFAHMff/RpiJ/A8AAACVEXP/b4aZ1CT/X+v+v8//9/n/+v816v+P6v/r/z/31q//H888+v/6//r/kf6//r/+P+3K1v+Puf+3wkxqkv8BAACgDmLuf3+YifwPAAAAQ6HT/5PdLub+w2Em8j8AAABURsz9R8JMapL/9f9r1P//q38ortT/H47+/x9t/8fvf+dtR3ZVqf/v8//1/9fBun7+f+PF7/P/9f/1/xP9f/1//X/ala3/H3P/0TCTmuR/AAAAqIOY+387zET+BwAAgMqIuf9YmIn8DwAAAJURc/9smElN8r/+f436/z7/f7j6/0P8+f9xf+j/txpY/z+edPX/O1rX/v97lnri+v+r7f9PdLxU/1//f5i3X/9f/5/lytb/j7l/LsykJvkfAAAA6iDk/tHjxVy6Qv4HAACAyoi5/0SYifwPAAAAlRFz/wfCTGqS//X/9f/1//X/ff5/5/WXtv/v8/+70v/vrjz9/870//X/h3n79f/1/1mubP3/mPvnw0xqkv8BAACgDmLu/2CYifwPAAAAlRFz/4fCTOR/AAAAqIyY+0+GmdQk/+v/6//r/+v/6/93Xr/+/3DS/+9O/78H/X/9/6vZ/nDc6P/r/7Nc2fr/MfefCjOpSf4HAACAOoi5/3SYifwPAAD8H3v38WRpWfZx/DQM0l1UiTsXblzrn8BC1/oHuHDjxip1YcKcGMwRE+aAOWMARUyomMGEYhYRc0BFFANijeXMdV3TPefp53TPnNP9nPv+fBZevvM6ngPvlL4/hm/dQDNy9z8qbrH/AQAAoBm5+x8dt3Sy//X/+v9m+//76f93+3z9v/6/Zfr/cfr/BfT/+n/v/+v/Waqp9f+5+x8Tt3Sy/wEAAKAHufsfG7fY/wAAANCM3P0Xxi32PwAAADQjd//j4pZO9v8p/f/GrM/+PzNe/X9L/b/3/3f9fP2//r9lB9v/X/z//+TT/+v/9f9B/6//1/9zqqn1/7n7Hx+3dLL/AQAAoAe5+58Qt9j/AAAA0Izc/U+MW+x/AAAAaEbu/ifFLZ3sf+//e/9f/6//1/8Pf77+fz15/39cT/3/hTee98jbr7rX1fv5/NX3/7ft7P+D/n85Dvv76//1/8ybWv+fu//JcUsn+x8AAAB6kLv/KXGL/Q8AAADNyN3/1LjF/gcAAIBm5O5/WtzSyf7X/+v/9f/6/1b6/0vjx/X/fdP/j+up/z+dz/f+v/5f/6//Z7mm1v/n7n963NLJ/gcAAIAe5O5/Rtxi/wMAAEAzcvdfFLfY/wAAANCM3P1H45ZO9r/+f/X9/3/1//r/uPp/7//r/1dP/z9O/7+A/l//r//X/7NUU+v/c/dfHLd0sv8BAACgB7n7nxm32P8AAADQjNz9z4pb7H8AAABoRu7+Z8ctnex//b/3//X/+n/9//Dn6//Xk/5/nP5/Af3/mfbz5+j/9f/6f7bbZ/9/58h/bC+l/8/d/5y4pZP9DwAAAD3I3f/cuMX+BwAAgGbk7n9e3GL/AwAAQDNy9z8/bulk/+v/9f/6f/3/aff/87/0jtP/D1te/79V/576/3n6/3GT6f83jgz+sP5/7ft/7//r//X/7DC19/9z978gbulk/wMAAEAPcve/MG4Z2f/7/ov5AAAAwKHK3f+iuMXv/wMAAMDay+osd/+L45ZO9r/+X/+v/9f/e/9/+PPH+v+rt30/7/9Pi/5/3GT6/13o//X/6/z99f/6f+ZNrf/P3f+SuKWT/Q8AAAA9yN1/Sdxi/wMAAEAzcve/NG6x/wEAAKAZuftfFrd0sv+H+/+T/3v9/97o/3d+f/3/8K+PZfX/+e+o/x/t/+/f7vv/+v8x+v9x+v8F9P/77+e3/SHq/5vu/7cW/Xz9P0Om1v/n7n953NLJ/gcAAIAe5O5/Rdxi/wMAAEAzcve/Mm6x/wEAAKAZufsvjVs62f/e/9f/Zz+/uQb9/9n6f+//T+T9/9mB9/9H9P97pP8fp/9fQP/v/f82+v/8Ie//c+im1v/n7n9V3NLJ/gcAAIAe5O5/ddxi/wMAAMB62P73Dpz6N5SG3P2viVvsfwAAAGhG7v7Xxi2d7H/9v/7f+//6f/3/8OdPq//3/v9e6f/H6f8X0P+vop8/0lj/f9luP38K/f9Fq3v/X//PadnR/19z8scPq//P3f+6uKWT/Q8AAAA9yN3/+rjF/gcAAIBm5O5/Q9xi/wMAAEAzcve/MW7pZP+vvP/f2v2z9f/6f/2//l//f+JXj/5/efT/4/T/C+j/vf/fxvv/+n8mY0f/v81h9f+5+98Ut3Sy/wEAAKAHufvfHLfY/wAAANCM3P2XxS32PwAAADQjd/9b4pZO9r/3//X/+n/9v/5/+PO9/7+e9P/j9P8L6P+39/MPn+n/9f/6f87Q1Pr/3P1vjVs62f8AAADQg9z9b4tb7H8AAABoRu7+t8ct9j8AAAA0I3f/O+KWTva//n+1/X/+uP5f/z/T/+v/9f8Hotv+f2Pov4nm7dL/X/+wow/c+SP6f/2/9//1//p/lmAS/f+xk//fZe7+d8Ytnex/AAAA6EHu/nfFLfY/AAAANCN3/7vjFvsfAAAAmpG7/z1xyz73/z2W+q0Ojv7f+//6f/2//n/48/X/66nb/n+PvP+/gP5f/6//1/+zVJPo/7f9z7n73xu3+P1/AAAAaEbu/vfFLfY/AAAANCN3//vjFvsfAAAAmpG7/wNxSyf7X/+v/9f/6//1/8Ofr/9fT/r/cRPt/7fyn+j/T6v/v/U++v9JfH/9v/6feVPr/3P3Xx63dLL/AQAAoAe5+z8Yt9j/AAAA0Izc/R+KW+x/AAAAaEbu/g/HLZ3sf/2//l//r//X/w9/vv5/Pen/x020/y8H0v9fMfIFhvr/Y+dOvf/3/v9Evr/+X//PvKn1/7n7PxK3dLL/AQAAoAe5+6+IW+x/AAAAaEbu/ivjFvsfAAAAmpG7/6NxSyf7X/+v/9f/6//1/8OfP9D/H9n+vfT/06T/H6f/X2A93//X/0/k++v/9f/Mm1r/n7v/Y3FLJ/sfAAAAepC7/6q4xf4HAACAZuTu/3jcYv8DAABAM3L3Xx23dLL/9f/6f/2//l//P/z53v9fT6vr/2f6f/2//n+BffXz5y7lKx/e9x+g/9f/M29q/X/u/k/ELZ3sfwAAAOhB7v5Pxi172f9b56/qawEAAABLlLv/U3GL3/8HAACAZuTu/3Tc0sn+1//PZmdti5f1//r/4z+g/9f/L7v/P1//f1C8/z9O/7+A/t/7//p//T9LNbX+P3f/Z+KWTvY/AAAA9CB3/zVxi/0PAAAAzbjj+D9uzj4bt9j/AAAA0Izc/Z+LWzrZ//p/7//v7P9nM/2//l//f8IBvP+/OdP/L53+f5z+fwH9f5v9/1mzhvr/rV1/vv6fKZpa/5+7//NxSyf7HwAAAHqQu//auMX+BwAAgGbk7v9C3GL/AwAAQDNy938xbulk/+v/9f/e/9f/6/+HP/8A+v/6s6r/Xx79/zj9/wL6/zb7f+//6/85NFPr/3P3fylu6WT/AwAAQA9y9385brH/AQAAoBm5+78St9j/AAAA0Izc/V+NWzrZ//p//b/+X/+v/x/+fP3/etL/j9P/L6D/1//r//X/LNXU+v/c/V+LWzrZ/wAAANCD3P3XxS32PwAAADQjd//1cYv9DwAAAM3I3f/1uKWT/a//1//r/9ez/9/U/+v/9f+DptL/X3DBA27Q/+v/9f/6f/2//r93U+v/c/d/I27pZP8DAABAD3L3fzNusf8BAACgGbn7vxW32P8AAADQjNz9345bOtn/8/3/ObMTheoJQ/1/NGr6/230/zu/v/5/+NeH9//1//r/1Tu1/z93nz/f+/9B/6//1/+vtv+/9/zP1//Toqn1/7n7b4hbOtn/AAAA0IPc/d+JW+x/AAAAaEbu/u/GLfY/AAAANCN3/41xSyf73/v/+n/9/0H2/xv6f/2//n/FpvL+v/7/9L6//l//v87fv5n3/8/W/7M8q+//t+Kf7a3/z93/vbilk/0PAAAAPcjd//24xf4HAACAZuTu/0HcYv8DAABAM3L3/zBu6WT/6//1//p/7//r/4c/X/+/nvT/4/T/C/TT/28O/eBh9/Nn6rC/fzP9v/f/WaKpvf+fu/9HcUsn+x8AAAB6kLv/x3GL/Q8AAADNyN3/k7jF/gcAAIBm5O7/adzSyf7X/+v/2+//H6L/P+XzD6n/P6r/1/8fBP1//jf6MP3/ApPp/4f/r+j9/2l/f/2//p95U+v/c/ffFLd0sv8BAACgB7n7fxa32P8AAADQjNz9N8ct9j8AAAA0I3f/z+OWTva//r+v/n9j1mP/7/3/ifT/3v/X/x8I/f84/f8Ck+n/V/7+/6DD7ucP4fvftczvr//X/zNvav1/7v5bNo50uf8BAABgXT3ovo+4aa//2luO/+Pm7Bdxi/0PAAAAzcjd/8u4xf4HAACAZuTu/1Xc0sn+1//31f/3+f6//l//r//vif5/nP5/Af1/b/3/Ur+//l//z7yp9f+5+38dt2wbfkf2/UcJAAAATEnu/t/ELZ38/j8AAAD0IHf/b+OWuf1/bI9/VzsAAAAwNbn7fxe3dPL7/2vc/w9nGa31/7MV9f/xr+u1/7/2gp1/vvT/+v+hz9f/ryf9/7gz7P+Pbej/9f8jhvv5m++u/9f/6//7NbX+P3f/7+OWTvY/AAAANGrHX1HI3f+HuMX+BwAAgGbk7v9j3GL/AwAAQDNy998at3Sy/9e4/9/lD6ix/v+03v/fqn/m/f/O3/+/ZHPw85fe/5+z849X/z9M/38w9P/jvP+/gP7f+//6f/0/SzW1/j93/5/ilk72PwAAAPQgd/+f4xb7HwAAAJqRu/8vcYv9DwAAAM3I3X9b3NLJ/tf/t9j/7+H9f/1/H/3/Lp/fzvv/9zzv6HUPfuiVl+v/Oekg+//8taD/1//r/0/Q/+v/9f+camr9f+7+v8Ytnex/AAAA6EHu/tvjFvsfAAAAmpG7/29xi/0PAAAAzcjd//e4pZP9r//X/0+l/88/14fQ/x9dv/4/m+Le+3/v/+v/53n/f5z+fwH9v/5f/6//Z6mm1v/n7r8jbulk/wMAAEAPcvf/I27J/b+x7790DwAAAExM7v5/Hr/b/h4tv/8PAAAAzTix+zdn/4pbOtn/+n/9/1T6/+T9/5M/z/v/J+j/9f/7sfb9/+ws/b/+X/+/pt9f/6//Z97U+v/c/f+OWzrZ/wAAANCD3P13xi079//dDvZbAQAAAMuUu/8/cYvf/wcAAIBm5O6/K27pZP/r//X/+n/9v/5/+PP1/+tp7ft/7//r//X/a/v99f/6f+ZNrf/P3f+/AAAA//+4rmTi")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000380)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)

52.783583998s ago: executing program 3 (id=994):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@afid={'afid', 0x3d, 0x8000000000000001}}]}})

51.571749286s ago: executing program 3 (id=999):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$netlink(0x10, 0x3, 0x4)
writev(r0, &(0x7f0000000300)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560aff820fffff5bab003a0000002058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100040c100000000100224e0000", 0x58}], 0x1)

50.994946603s ago: executing program 32 (id=999):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$netlink(0x10, 0x3, 0x4)
writev(r0, &(0x7f0000000300)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560aff820fffff5bab003a0000002058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100040c100000000100224e0000", 0x58}], 0x1)

3.979145638s ago: executing program 1 (id=1320):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x3000009, 0x11, r0, 0x0)
truncate(&(0x7f0000000080)='./file1\x00', 0xc30)

3.729464418s ago: executing program 1 (id=1322):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x5, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x94eb2000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000)

2.768730016s ago: executing program 2 (id=1331):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)={0x34, r1, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0x5, 0x34, @random='n'}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}]]}, 0x34}}, 0x4800)

2.59203936s ago: executing program 2 (id=1333):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000900)={0x2c, r1, 0x101, 0x70bd2a, 0x80000, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0x5, 0x34, @random='v'}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1478}]]}, 0x2c}}, 0x4804)

2.443187172s ago: executing program 2 (id=1334):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000001700)={0x48, r0, 0x801, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY={0x20, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "4abee339084eeef16f162471f4"}, @NL80211_KEY_TYPE={0x8, 0x7, 0x1}]}]}, 0x48}}, 0x0)

2.284982035s ago: executing program 2 (id=1336):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220f000000040b2100000095f5758483"], 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x2e, 0x16}, [@call={0x5c}]}, &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, 0xffffffffffffffff, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffed8, 0x0, 0xffffffffffffffff, 0xfe8e}, 0x3f)

2.195711992s ago: executing program 1 (id=1337):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000680)=ANY=[@ANYBLOB="3400000013000500000000000000000007000000", @ANYRES32=r2, @ANYBLOB="000000004000000014001a80100005800c000a"], 0x34}}, 0x60040050)

2.031139816s ago: executing program 0 (id=1340):
syz_mount_image$bfs(&(0x7f0000000040), &(0x7f0000000000)='./bus\x00', 0x10, &(0x7f00000004c0)=ANY=[@ANYBLOB="004a5ee0571b8b8ed0f6a48d325fba60ad6f06000000000000007c070002000000000021b507dcf20b43396d320c73fa0435a17ef90d9e367a72143ad49101519c27821d8fb92ae6ac27790cf4b0e5ba4f28f0717d21815a8c028cd891adb9ed510bc262d300000000000046d3817e28effc50f2bcd60c4d947d5e38e19ad1850bfeef8025459fcbf2f16438c2624c0c3a1323988be1f74e65c5098522bae8e8ba957ad8774e4e665c9a4ad49144e3f9ebfe06eff9b8edc7440e932e133e228e344bd22a3ac2e2d3a9f006a3aef51a7aec57bbf2c360e284b902ade529a9140c889a18f357d7a424f96ca02d9b917784e84246cfcd5ff450a276bd4c8b77aae199342dc8ade5b0d1f9f54dd440ae3736fb92ba0e088ab18dd6a79e96e5cf2f97f41a90c175ee9590a2033a6a1a64c3"], 0x1, 0x9e, &(0x7f0000000140)="$eJzszr2JAkEABeB3Gxx7yTZwwXVwNWgRVmBoaKQI2pCtWIKpkYGpyYjsCrKggYE/8H0wDG8eA29zXP+mScoyKaWs0ipn09l88p3b7nV8hqq76yR/TZv3w2SQ5Kvrt4fF+HJ630f1CzYDAACPqfLfz1cPu5/nLwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4L6cAAAD//6LYGgE=")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000002380)=""/4094, 0xffe)

2.000500858s ago: executing program 1 (id=1341):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000300)={{}, {0x1, 0x6}, [{0x2, 0x6}], {0x4, 0x5}, [{0x8, 0x3}], {0x10, 0x3}, {0x20, 0x7}}, 0x34, 0x1)
setreuid(0xffffffffffffffff, 0xee01)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)

1.84509616s ago: executing program 1 (id=1343):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000001180)=ANY=[@ANYBLOB="12010000090003206d0414c34000ffff000109022400010400a000090400000103010100093700086ce82201000905815f"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000480)={0x24, &(0x7f0000000380)={0x40, 0xe, 0xc, {0xc, 0xc, "694c9201025a63a18819"}}, 0x0, 0x0, 0x0}, 0x0)

1.674706994s ago: executing program 0 (id=1346):
r0 = syz_io_uring_setup(0x460, &(0x7f0000000480)={0x0, 0x40000020, 0x10, 0x2, 0x34f}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0xffffffffffffff8a)

1.404526626s ago: executing program 0 (id=1348):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
sendfile(r0, r0, 0x0, 0x7)

1.309321254s ago: executing program 0 (id=1349):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14615}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x44}, 0x1, 0x0, 0x0, 0x11}, 0x0)

789.323666ms ago: executing program 0 (id=1350):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_QOS_MAP(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x34, r1, 0xc11, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{0x2, 0x1}, {0xf, 0x2}, {0x4, 0x2}, {0x4, 0x7}, {0x0, 0x4}, {0xe8, 0x6}], "7ecd4163b8fccf09"}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000}, 0x8000)

709.312532ms ago: executing program 0 (id=1351):
syz_mount_image$reiserfs(&(0x7f0000000000), &(0x7f0000000340)='./file1\x00', 0x8488, &(0x7f00000002c0), 0xfe, 0x10fd, &(0x7f0000001140)="$eJzs2T9rFEEYBvBnds8/3cqmXwQtLCQknF8ghcK1ttqIpDJVrlL8OH4cTWUf0msRsF9Zb/dO5UTwTm1+PzjmvYd9Z2fKmQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMZsmnkhxUSTtlVZKSdN3F4ipJN+V33tdVSp6eLpaPz+dPlknqb4+XZ0kZuoa2tMf3brfzdt4et48OTu5/WL5+8+rF2dnp+ThNSZfL6/1vpYzrAQAAAH7U76z5z+8HAAAAfmdvFwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf6hvNnU7FVWSknTdxeIqSbel78Y/Wh8AAACwu5Iqz5tt+eoaYONhPjZlnQ/jlzLUR3m3pR8AAAD4pf7WWHz/fb3c3JzHH2S2PpcP2d3Mcni4+j8O+XyS1EmOfpr88vrty+lX+vpv7wUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK/swLEAAAAAgDB/6zQ6NgAAAAAAAAAAAAAAAAAAAPYKAAD///F61s8=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x103a42, 0x100)
truncate(&(0x7f0000000080)='./file0\x00', 0x3a6000)
write(r0, &(0x7f0000000180)="ab3e", 0x2)

641.254338ms ago: executing program 4 (id=1352):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b40)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}], {0x14}}, 0x64}}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)={0x20, 0x15, 0xa, 0x201, 0x0, 0x0, {}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x24040808)

543.674436ms ago: executing program 4 (id=1353):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x4, &(0x7f0000000140)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x4, 0x98, &(0x7f00000001c0)=""/152, 0x41000}, 0x94)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000200)=@mangle={'mangle\x00', 0x1f, 0x6, 0x6b8, 0x1d8, 0x1d8, 0x0, 0x1d8, 0xe8, 0x5e8, 0x5e8, 0x5e8, 0x5e8, 0x5e8, 0x6, 0x0, {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [0x0, 0xff], [0xff0000ff, 0x4de325748c9179dc, 0xffffffff, 0xff000000], 'wlan1\x00', 'wlan0\x00', {}, {0xff}, 0x6, 0x0, 0x2, 0x4}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x5, 0x8, @ipv4=@dev={0xac, 0x14, 0x14, 0x15}, 0x4e21}}}, {{@ipv6={@remote, @local, [0xff, 0xffffff00], [0xffffff00, 0xffffff00, 0xff, 0xff], 'veth1_macvtap\x00', 'erspan0\x00', {0xff}, {}, 0x87, 0x7f, 0x4, 0x2}, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4=@broadcast, @ipv6=@mcast1, 0x33, 0x23, 0x8}}}, {{@ipv6={@remote, @private1={0xfc, 0x1, '\x00', 0x1}, [0xffffff00, 0xffffff00, 0xffffff00], [0x0, 0xffffffff, 0xffffffff, 0xff], 'pimreg\x00', 'pimreg0\x00', {0xff}, {0xff}, 0x0, 0x49, 0x1, 0x54}, 0x0, 0x208, 0x248, 0x0, {}, [@common=@rt={{0x138}, {0x80000000, [0x64b3d7eb, 0x4], 0xd3, 0x21, 0x0, [@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, @private2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @loopback, @empty, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @remote, @mcast2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty, @mcast2, @private1, @mcast2, @private1, @private1, @private1={0xfc, 0x1, '\x00', 0x1}], 0x10}}, @inet=@rpfilter={{0x28}, {0x2}}]}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00', 0x0, {[0x8, 0xffffffff, 0x7, 0x76be0f9b, 0x7, 0x8, 0x4, 0x733]}}}, {{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x6}}]}, @inet=@TOS={0x28, 'TOS\x00', 0x0, {0x5c, 0xf7}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x1, 0x9, 0x1}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x653afb6a7eb5282b)

464.923582ms ago: executing program 4 (id=1354):
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbfc, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=@newlink={0x48, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x23, 0x844}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x901}}}}}}]}, 0x48}}, 0x4)

324.489923ms ago: executing program 4 (id=1355):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCGIDLE(r1, 0x8010743f, 0x0)

211.317593ms ago: executing program 2 (id=1356):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f00000001c0)={0x2c, r2, 0x1, 0x70bd2a, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_SCAN_FREQUENCIES={0xc, 0x2c, 0x0, 0x1, [{0x8, 0x0, 0x1}]}, @NL80211_ATTR_SCAN_SSIDS={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2c040050}, 0x4044084)

170.787996ms ago: executing program 4 (id=1357):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, &(0x7f0000000140)={0x0, 0x2, 0x0, 0x8})

45.095606ms ago: executing program 2 (id=1358):
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x3, 0x81, 0xffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={<r1=>0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
sendmmsg$unix(r0, &(0x7f0000000d40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[@cred={{0x1c, 0x1, 0x2, {r1, r2}}}], 0x20}}], 0x1, 0x0)

25.399497ms ago: executing program 1 (id=1359):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
fchmodat(0xffffffffffffffff, 0x0, 0xc2)

0s ago: executing program 4 (id=1360):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000580)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x57, 0x7fc00100}]})
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000740))
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

6120][ T7290] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.236375][ T7300] mac80211_hwsim hwsim5 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  142.477001][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.608260][ T7296] loop3: detected capacity change from 0 to 40427
[  142.630376][ T7296] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  142.643260][ T7296] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  142.682098][ T7296] F2FS-fs (loop3): invalid crc value
[  142.692119][ T7310] netem: change failed
[  142.720151][ T7296] F2FS-fs (loop3): Found nat_bits in checkpoint
[  142.897794][ T7296] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  142.925178][ T7296] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  143.102651][ T7323] loop0: detected capacity change from 0 to 64
[  143.239909][ T7323] hfs: request for non-existent node 1280 in B*Tree
[  143.272216][ T7323] hfs: request for non-existent node 1280 in B*Tree
[  143.631866][ T7309] loop1: detected capacity change from 0 to 40427
[  143.720197][ T7309] F2FS-fs (loop1): Found nat_bits in checkpoint
[  143.788443][ T7336] loop0: detected capacity change from 0 to 128
[  143.877982][ T7336] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  143.944688][ T7336] ext4 filesystem being mounted at /134/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  143.970695][ T7309] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  144.133971][ T7309] syz.1.538: attempt to access beyond end of device
[  144.133971][ T7309] loop1: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  144.178760][ T5786] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  144.246045][ T7344] netlink: 68 bytes leftover after parsing attributes in process `syz.3.549'.
[  144.288391][ T5782] syz-executor: attempt to access beyond end of device
[  144.288391][ T5782] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  144.355693][ T5782] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  144.626661][   T12] wlan1: Trigger new scan to find an IBSS to join
[  144.756083][ T7358] capability: warning: `syz.0.556' uses 32-bit capabilities (legacy support in use)
[  144.984687][ T7360] loop3: detected capacity change from 0 to 256
[  145.036865][ T7360] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  145.080499][ T7360] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  145.165771][ T7360] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  145.222971][ T7366] input: syz1 as /devices/virtual/input/input7
[  145.245122][ T7366] input: failed to attach handler leds to device input7, error: -6
[  145.582693][ T7378] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  145.668240][ T7373] binder: 7372:7373 ioctl 4018620d 0 returned -22
[  145.717252][ T7384] netlink: 'syz.1.568': attribute type 39 has an invalid length.
[  146.616594][ T7416] loop1: detected capacity change from 0 to 1024
[  146.739532][ T7415] loop2: detected capacity change from 0 to 4096
[  146.785340][ T7415] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512).
[  146.877799][ T7415] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  146.939613][   T42] hfsplus: b-tree write err: -5, ino 4
[  147.057785][ T7415] ntfs3: loop2: ino=1e, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" failed to parse mft record
[  147.340754][   T42] ntfs3: loop2: ino=1e, failed to parse mft record
[  147.592669][ T7412] loop3: detected capacity change from 0 to 40427
[  147.624993][ T7412] F2FS-fs (loop3): Small segment_count (9 < 1 * 24)
[  147.632161][ T7412] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  147.674203][   T42] wlan1: Trigger new scan to find an IBSS to join
[  147.742079][ T7437] loop0: detected capacity change from 0 to 256
[  147.751648][ T7441] loop2: detected capacity change from 0 to 16
[  147.764455][ T7412] F2FS-fs (loop3): Found nat_bits in checkpoint
[  147.789918][ T7441] erofs: (device loop2): mounted with root inode @ nid 36.
[  147.861595][   T28] audit: type=1800 audit(1755031107.510:20): pid=7441 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.594" name="file1" dev="loop2" ino=86 res=0 errno=0
[  147.945065][ T7412] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  147.952317][ T7412] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  148.149254][ T7412] syz.3.581: attempt to access beyond end of device
[  148.149254][ T7412] loop3: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  148.268688][ T5788] syz-executor: attempt to access beyond end of device
[  148.268688][ T5788] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  148.286226][ T5788] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  149.172345][ T7446] loop1: detected capacity change from 0 to 40427
[  149.221371][ T7446] F2FS-fs (loop1): build fault injection attr: rate: 690, type: 0x7ffff
[  149.258266][ T7446] F2FS-fs (loop1): invalid crc value
[  149.307993][ T7446] F2FS-fs (loop1): Found nat_bits in checkpoint
[  149.438289][ T7446] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  149.595952][ T7446] F2FS-fs (loop1): inject no more block in inc_valid_block_count of f2fs_map_blocks+0x161f/0x3c00
[  149.642049][ T7446] syz.1.597: attempt to access beyond end of device
[  149.642049][ T7446] loop1: rw=34817, sector=77824, nr_sectors = 880 limit=40427
[  149.775277][ T5782] syz-executor: attempt to access beyond end of device
[  149.775277][ T5782] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  149.814043][ T5782] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  149.831678][ T7462] loop2: detected capacity change from 0 to 40427
[  149.856824][ T7462] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504)
[  149.864041][ T7462] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  149.880590][ T7462] F2FS-fs (loop2): invalid crc value
[  149.907279][ T7462] F2FS-fs (loop2): Found nat_bits in checkpoint
[  150.011598][ T7462] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  150.039459][ T7462] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  150.057451][ T7467] loop0: detected capacity change from 0 to 32768
[  150.091507][ T7467] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.606 (7467)
[  150.142043][ T7467] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  150.174213][ T7467] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  150.194062][ T7467] BTRFS info (device loop0): enabling auto defrag
[  150.212170][ T7467] BTRFS info (device loop0): doing ref verification
[  150.226415][ T7467] BTRFS info (device loop0): use no compression
[  150.243177][ T7467] BTRFS info (device loop0): force clearing of disk cache
[  150.255042][ T7467] BTRFS info (device loop0): setting nodatacow, compression disabled
[  150.276509][ T5791] syz-executor: attempt to access beyond end of device
[  150.276509][ T5791] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  150.303950][ T7467] BTRFS info (device loop0): disabling free space tree
[  150.353669][ T5791] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  150.446851][ T7467] BTRFS info (device loop0): enabling ssd optimizations
[  150.494762][ T7467] BTRFS info (device loop0): auto enabling async discard
[  150.531371][ T7467] BTRFS info (device loop0): rebuilding free space tree
[  150.616068][ T7467] BTRFS info (device loop0): disabling free space tree
[  150.623647][ T7467] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  150.626267][   T12] wlan1: Creating new IBSS network, BSSID f6:9b:41:a1:43:c2
[  150.706051][ T7467] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  150.819498][ T7492] loop1: detected capacity change from 0 to 1024
[  150.824673][ T7465] loop3: detected capacity change from 0 to 65536
[  150.840231][ T7492] EXT4-fs: Ignoring removed bh option
[  150.893738][   T28] audit: type=1800 audit(1755031110.540:21): pid=7467 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.606" name="file2" dev="loop0" ino=261 res=0 errno=0
[  150.964472][ T7465] XFS (loop3): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  150.964681][ T7492] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  151.147832][ T7465] XFS (loop3): Ending clean mount
[  151.172859][ T7465] XFS (loop3): Quotacheck needed: Please wait.
[  151.243789][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  151.355004][ T7465] XFS (loop3): Quotacheck: Done.
[  151.364504][ T7507] loop2: detected capacity change from 0 to 2048
[  151.408105][ T7507] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  151.505923][ T5786] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  151.683821][ T5788] XFS (loop3): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  152.373356][ T7509] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  152.633378][ T7524] loop3: detected capacity change from 0 to 4096
[  152.666351][ T7524] ntfs: (device loop3): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  152.739438][   T48] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  152.754784][ T7524] ntfs: (device loop3): ntfs_read_locked_inode(): Corrupt standard information attribute in inode.
[  152.779950][ T7524] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  152.824057][ T7524] ntfs: (device loop3): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  152.869114][ T7524] ntfs: volume version 3.1.
[  152.979675][ T7524] ntfs: (device loop3): ntfs_write_block(): Writing beyond initialized size is not supported yet. Sorry.
[  153.160998][   T48] ntfs: (device loop3): ntfs_write_block(): Writing beyond initialized size is not supported yet. Sorry.
[  153.225657][ T5788] ntfs: (device loop3): ntfs_put_super(): Volume has errors.  Leaving volume marked dirty.  Run chkdsk.
[  153.287294][ T7522] loop2: detected capacity change from 0 to 40427
[  153.314661][ T7522] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  153.334940][ T7522] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  153.392080][ T7522] F2FS-fs (loop2): invalid crc value
[  153.436151][ T7522] F2FS-fs (loop2): Found nat_bits in checkpoint
[  153.539718][ T7522] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  153.559421][ T7522] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  153.655235][ T5831] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  153.871762][ T5831] usb 4-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  153.887600][ T5831] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  153.897590][ T5831] usb 4-1: Product: syz
[  153.902140][ T5831] usb 4-1: Manufacturer: syz
[  153.908553][ T5831] usb 4-1: SerialNumber: syz
[  153.923200][ T5831] usb 4-1: config 0 descriptor??
[  154.240054][ T5851] usb 4-1: USB disconnect, device number 5
[  154.672431][ T7576] netlink: 'syz.1.637': attribute type 12 has an invalid length.
[  154.771453][ T7579] loop0: detected capacity change from 0 to 1024
[  154.812918][ T7579] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  154.840483][ T7579] ext4 filesystem being mounted at /167/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  154.876894][ T7582] loop1: detected capacity change from 0 to 4096
[  154.893781][ T7582] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[  154.919584][ T7579] EXT4-fs error (device loop0): ext4_map_blocks:718: inode #15: block 3: comm syz.0.639: lblock 3 mapped to illegal pblock 3 (length 3)
[  154.943742][ T7579] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  154.961268][ T7582] ntfs3: loop1: Failed to initialize $Extend/$Reparse.
[  155.001892][ T7579] EXT4-fs (loop0): This should not happen!! Data will be lost
[  155.001892][ T7579] 
[  155.030103][ T7585] EXT4-fs error (device loop0): ext4_map_blocks:718: inode #15: comm syz.0.639: lblock 0 mapped to illegal pblock 0 (length 3)
[  155.088580][ T7582] ntfs3: loop1: ino=5, "/" directory corrupted
[  155.119128][ T7587] loop3: detected capacity change from 0 to 2048
[  155.125234][ T7585] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 3 with error 117
[  155.138295][ T7587] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  155.159360][ T7585] EXT4-fs (loop0): This should not happen!! Data will be lost
[  155.159360][ T7585] 
[  155.160782][ T5782] ntfs3: loop1: ino=1a, ntfs_sync_fs failed, -22.
[  155.193634][ T7588] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  155.281677][   T12] EXT4-fs error (device loop0): ext4_map_blocks:718: inode #15: block 7: comm kworker/u4:1: lblock 7 mapped to illegal pblock 7 (length 9)
[  155.337363][   T12] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 7 with max blocks 9 with error 117
[  155.376122][   T12] EXT4-fs (loop0): This should not happen!! Data will be lost
[  155.376122][   T12] 
[  155.403772][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  155.560713][ T7592] net_ratelimit: 46 callbacks suppressed
[  155.560727][ T7592] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  155.740341][ T7594] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  156.027509][ T7607] loop1: detected capacity change from 0 to 2048
[  156.052647][ T7605] loop3: detected capacity change from 0 to 4096
[  156.061453][ T7607] EXT4-fs: Ignoring removed bh option
[  156.069646][ T7605] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512).
[  156.138428][ T7607] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  156.174442][ T7607] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  156.200010][ T7607] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 12 with max blocks 2 with error 28
[  156.213118][ T7607] EXT4-fs (loop1): This should not happen!! Data will be lost
[  156.213118][ T7607] 
[  156.219530][ T7605] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  156.225569][ T7607] EXT4-fs (loop1): Total free blocks count 0
[  156.240286][ T7607] EXT4-fs (loop1): Free/Dirty block details
[  156.247301][ T7607] EXT4-fs (loop1): free_blocks=2415919104
[  156.253592][ T7607] EXT4-fs (loop1): dirty_blocks=16
[  156.262628][ T7607] EXT4-fs (loop1): Block reservation details
[  156.270942][ T7607] EXT4-fs (loop1): i_reserved_data_blocks=1
[  156.412863][   T11] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  156.552771][   T48] ntfs3: loop3: ino=5, ntfs3_write_inode failed, -22.
[  156.608378][ T7601] loop2: detected capacity change from 0 to 32768
[  156.745498][ T7601] JBD2: Ignoring recovery information on journal
[  156.862664][ T7611] loop0: detected capacity change from 0 to 32768
[  156.927967][ T7601] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  156.963475][ T7611] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  157.168830][ T7611] XFS (loop0): Ending clean mount
[  157.185187][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  157.190099][ T7611] XFS (loop0): Quotacheck needed: Please wait.
[  157.289075][ T7611] XFS (loop0): Quotacheck: Done.
[  157.420126][ T5791] ocfs2: Unmounting device (7,2) on (node local)
[  157.521906][ T7618] loop1: detected capacity change from 0 to 32768
[  157.571955][ T7618] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.652 (7618)
[  157.623948][ T7618] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  157.640956][ T7618] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  157.656381][ T5786] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  157.668741][ T7618] BTRFS info (device loop1): setting nodatacow, compression disabled
[  157.731313][ T7618] BTRFS info (device loop1): max_inline at 0
[  157.783422][ T7618] BTRFS info (device loop1): turning on async discard
[  157.790938][ T7618] BTRFS info (device loop1): turning off barriers
[  157.798871][ T7618] BTRFS info (device loop1): turning on flush-on-commit
[  157.815635][ T7618] BTRFS info (device loop1): turning on barriers
[  157.822044][ T7618] BTRFS info (device loop1): force clearing of disk cache
[  157.876121][ T7618] BTRFS info (device loop1): enabling ssd optimizations
[  157.905598][ T7618] BTRFS info (device loop1): turning off barriers
[  157.956505][ T7618] BTRFS info (device loop1): max_inline at 868
[  157.962954][ T7618] BTRFS info (device loop1): using free space tree
[  158.154412][ T7618] BTRFS info (device loop1): rebuilding free space tree
[  158.645026][ T5783] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  158.816434][ T5782] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  158.851979][ T5783] usb 3-1: New USB device found, idVendor=1645, idProduct=0008, bcdDevice=cf.36
[  158.879212][ T5783] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.906227][ T5783] usb 3-1: config 0 descriptor??
[  159.163974][ T5783] kaweth 3-1:0.0: Firmware present in device.
[  159.355302][ T5783] kaweth 3-1:0.0: Statistics collection: 0
[  159.362241][ T5783] kaweth 3-1:0.0: Multicast filter limit: 0
[  159.405941][ T5783] kaweth 3-1:0.0: MTU: 0
[  159.410361][ T5783] kaweth 3-1:0.0: Read MAC address 00:00:00:00:00:00
[  159.631580][ T7669] loop0: detected capacity change from 0 to 32768
[  159.702525][ T7684] input: syz0 as /devices/virtual/input/input8
[  159.756480][ T5783] kaweth 3-1:0.0: Error setting SOFS wait
[  159.774303][ T5783] kaweth: probe of 3-1:0.0 failed with error -5
[  159.821987][ T5783] usb 3-1: USB disconnect, device number 4
[  160.017521][ T7688] syz_tun: entered promiscuous mode
[  160.039203][ T7688] syz_tun: left promiscuous mode
[  160.252655][ T7691] loop1: detected capacity change from 0 to 4096
[  160.259952][ T5852] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  160.290784][ T7692] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  160.457297][ T5852] usb 4-1: Using ep0 maxpacket: 8
[  160.525272][ T5852] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  160.534734][ T5852] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.601620][ T5852] pvrusb2: Hardware description: Terratec Grabster AV400
[  160.633487][ T5852] pvrusb2: **********
[  160.644994][ T5852] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  160.685023][ T5852] pvrusb2: Important functionality might not be entirely working.
[  160.693292][ T5852] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  160.741458][ T5852] pvrusb2: **********
[  160.750601][ T7702] netlink: 16178 bytes leftover after parsing attributes in process `syz.1.677'.
[  160.810165][ T2318] pvrusb2: Invalid write control endpoint
[  160.989239][ T2318] pvrusb2: Invalid write control endpoint
[  161.006722][ T2318] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  161.058117][ T2318] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  161.076039][ T2318] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  161.105049][ T2318] pvrusb2: Device being rendered inoperable
[  161.128949][ T7689] pvrusb2: Attempted to execute control transfer when device not ok
[  161.156221][ T2318] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[  161.177747][ T5851] usb 4-1: USB disconnect, device number 6
[  161.191590][ T7710] loop0: detected capacity change from 0 to 4096
[  161.192416][ T2318] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  161.242627][ T7710] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  161.255304][ T2318] pvrusb2: Attached sub-driver cx25840
[  161.261596][ T2318] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  161.285897][ T2318] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  161.365430][ T7710] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  161.373583][ T7696] loop2: detected capacity change from 0 to 32768
[  161.389188][ T7710] ntfs3: loop0: Failed to initialize $Extend/$Reparse.
[  161.425025][ T5831] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  161.430082][ T7696] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[  161.628871][ T5831] usb 2-1: Using ep0 maxpacket: 8
[  161.647620][ T5831] usb 2-1: config 0 has an invalid interface number: 31 but max is 0
[  161.665139][ T5831] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  161.694623][ T5831] usb 2-1: config 0 has no interface number 0
[  161.715352][ T5831] usb 2-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  161.729396][ T5831] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  161.747934][ T5831] usb 2-1: Product: syz
[  161.754995][ T5831] usb 2-1: Manufacturer: syz
[  161.773785][ T5831] usb 2-1: SerialNumber: syz
[  161.824576][ T5831] usb 2-1: config 0 descriptor??
[  161.911816][ T5791] ocfs2: Unmounting device (7,2) on (node local)
[  161.919830][ T7721] loop3: detected capacity change from 0 to 256
[  162.122491][ T5852] usb 2-1: USB disconnect, device number 5
[  162.277100][ T7725] loop3: detected capacity change from 0 to 16
[  162.287450][ T7725] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  162.310171][ T5799] udevd[5799]: incorrect cramfs checksum on /dev/loop3
[  162.374358][ T5799] udevd[5799]: incorrect cramfs checksum on /dev/loop3
[  162.581866][ T7719] loop0: detected capacity change from 0 to 40427
[  162.598622][ T7719] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  162.614555][ T7719] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  162.635704][ T7719] F2FS-fs (loop0): invalid crc value
[  162.674452][ T7719] F2FS-fs (loop0): Found nat_bits in checkpoint
[  162.800122][ T7737] mmap: syz.1.689 (7737) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  162.840457][ T7719] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  162.847779][ T7719] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  163.259932][ T7745] loop2: detected capacity change from 0 to 128
[  163.278597][ T7745] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  163.405143][ T7745] FAT-fs (loop2): FAT read failed (blocknr 128)
[  164.162082][ T7747] loop1: detected capacity change from 0 to 32768
[  164.180812][ T7747] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.694 (7747)
[  164.206965][ T7747] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  164.221627][ T7747] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  164.231673][ T7747] BTRFS info (device loop1): turning off barriers
[  164.243539][ T7747] BTRFS info (device loop1): setting nodatasum
[  164.250395][ T7747] BTRFS info (device loop1): use zlib compression, level 3
[  164.262429][ T7747] BTRFS info (device loop1): using free space tree
[  164.405830][ T5782] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  165.057872][ T7785] loop3: detected capacity change from 0 to 32768
[  165.067906][ T7792] loop0: detected capacity change from 0 to 2048
[  165.079081][ T7792] EXT4-fs: Ignoring removed bh option
[  165.085356][ T7785] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.702 (7785)
[  165.142783][ T7785] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  165.153520][ T7785] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  165.166265][ T7785] BTRFS info (device loop3): using free space tree
[  165.209506][ T7792] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.302500][ T7785] BTRFS info (device loop3): enabling ssd optimizations
[  165.351203][ T7785] BTRFS info (device loop3): auto enabling async discard
[  165.370959][ T7792] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  165.398341][ T7814] loop2: detected capacity change from 0 to 512
[  165.419636][ T7814] EXT4-fs: Ignoring removed oldalloc option
[  165.439242][ T7814] EXT4-fs: inline encryption not supported
[  165.451834][ T7792] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 28
[  165.483700][ T7814] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  165.487977][ T7792] EXT4-fs (loop0): This should not happen!! Data will be lost
[  165.487977][ T7792] 
[  165.494715][ T7814] EXT4-fs (loop2): 1 truncate cleaned up
[  165.522753][ T7792] EXT4-fs (loop0): Total free blocks count 0
[  165.529740][ T7792] EXT4-fs (loop0): Free/Dirty block details
[  165.537786][ T7792] EXT4-fs (loop0): free_blocks=2415919104
[  165.543822][ T7792] EXT4-fs (loop0): dirty_blocks=16
[  165.549528][ T7792] EXT4-fs (loop0): Block reservation details
[  165.555888][ T7792] EXT4-fs (loop0): i_reserved_data_blocks=1
[  165.577081][ T7814] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.710415][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.787224][ T7814] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000.
[  165.888351][ T5788] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  165.964250][ T5791] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.170128][ T7826] loop2: detected capacity change from 0 to 128
[  166.225754][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  166.366989][ T7830] loop3: detected capacity change from 0 to 128
[  166.395244][ T7830] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  166.436756][ T7830] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  166.445117][ T5831] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  166.531172][ T7830] overlayfs: upper fs needs to support d_type.
[  166.561866][ T7830] overlayfs: upper fs does not support tmpfile.
[  166.599350][ T7834] loop2: detected capacity change from 0 to 512
[  166.665446][ T5831] usb 1-1: Using ep0 maxpacket: 8
[  166.679648][ T7834] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.732288][ T5831] usb 1-1: New USB device found, idVendor=12d1, idProduct=fae2, bcdDevice=70.8b
[  166.752149][ T5831] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.797866][ T5791] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.807635][ T5831] usb 1-1: Product: syz
[  166.811936][ T5831] usb 1-1: Manufacturer: syz
[  166.861698][ T5831] usb 1-1: SerialNumber: syz
[  166.880147][ T5831] usb 1-1: config 0 descriptor??
[  166.917401][ T5831] option 1-1:0.0: GSM modem (1-port) converter detected
[  166.993483][ T7842] loop3: detected capacity change from 0 to 512
[  167.035147][ T7842] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.120389][ T7848] loop1: detected capacity change from 0 to 256
[  167.130122][ T7842] EXT4-fs error (device loop3): ext4_lookup:1858: inode #14: comm syz.3.718: unexpected EA_INODE flag
[  167.177369][ T5852] usb 1-1: USB disconnect, device number 5
[  167.184564][ T5852] option 1-1:0.0: device disconnected
[  167.203986][ T7848] FAT-fs (loop1): Directory bread(block 64) failed
[  167.218056][ T7848] FAT-fs (loop1): Directory bread(block 65) failed
[  167.224835][ T7848] FAT-fs (loop1): Directory bread(block 66) failed
[  167.245442][ T7848] FAT-fs (loop1): Directory bread(block 67) failed
[  167.275091][ T5788] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.285571][ T7848] FAT-fs (loop1): Directory bread(block 68) failed
[  167.295177][ T7848] FAT-fs (loop1): Directory bread(block 69) failed
[  167.302149][ T7848] FAT-fs (loop1): Directory bread(block 70) failed
[  167.325391][ T7848] FAT-fs (loop1): Directory bread(block 71) failed
[  167.341554][ T7848] FAT-fs (loop1): Directory bread(block 72) failed
[  167.349148][ T7848] FAT-fs (loop1): Directory bread(block 73) failed
[  167.999899][ T7868] loop2: detected capacity change from 0 to 512
[  168.051881][ T7870] netlink: 830 bytes leftover after parsing attributes in process `syz.0.729'.
[  168.067654][ T7868] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  168.097779][ T7868] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  168.148603][ T7868] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2244: inode #15: comm syz.2.728: corrupted in-inode xattr: overlapping e_value 
[  168.197979][ T7868] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.728: couldn't read orphan inode 15 (err -117)
[  168.222429][ T7860] loop3: detected capacity change from 0 to 32768
[  168.235146][ T7860] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 scanned by syz.3.724 (7860)
[  168.260310][ T7860] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  168.271830][ T7868] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.296516][ T7860] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  168.324207][ T7860] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_LZO (0x8)
[  168.363488][ T7860] BTRFS info (device loop3): use lzo compression, level 0
[  168.395247][ T7860] BTRFS info (device loop3): using free space tree
[  168.432966][ T5791] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.619615][ T7860] BTRFS info (device loop3): enabling ssd optimizations
[  168.653462][ T7860] BTRFS info (device loop3): auto enabling async discard
[  168.670749][ T7862] loop1: detected capacity change from 0 to 32768
[  168.695636][ T7895] netlink: 'syz.2.732': attribute type 2 has an invalid length.
[  168.711650][ T7862] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.725 (7862)
[  168.724081][ T7895] netlink: 'syz.2.732': attribute type 2 has an invalid length.
[  168.756501][ T7895] netlink: 8 bytes leftover after parsing attributes in process `syz.2.732'.
[  168.767449][ T7862] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  168.806187][ T7862] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  168.835135][ T7862] BTRFS info (device loop1): enabling auto defrag
[  168.842483][ T7862] BTRFS info (device loop1): doing ref verification
[  168.850638][ T7862] BTRFS info (device loop1): use no compression
[  168.859101][ T7862] BTRFS info (device loop1): force clearing of disk cache
[  168.875871][ T7862] BTRFS info (device loop1): setting nodatacow, compression disabled
[  168.931215][ T7862] BTRFS info (device loop1): disabling free space tree
[  168.939731][ T7898] loop2: detected capacity change from 0 to 16
[  168.976152][ T7898] erofs: (device loop2): mounted with root inode @ nid 36.
[  169.206319][ T5788] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  169.247552][ T7862] BTRFS info (device loop1): enabling ssd optimizations
[  169.275147][ T7862] BTRFS info (device loop1): auto enabling async discard
[  169.327320][ T7862] BTRFS info (device loop1): rebuilding free space tree
[  169.405414][ T7862] BTRFS info (device loop1): disabling free space tree
[  169.427660][ T7862] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  169.455055][ T7862] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  169.590971][ T7890] loop0: detected capacity change from 0 to 32768
[  169.735014][   T28] audit: type=1800 audit(1755031129.360:22): pid=7862 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.725" name="file2" dev="loop1" ino=261 res=0 errno=0
[  169.813242][ T7890] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  170.205463][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  170.214315][ T5782] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  170.851748][ T7938] loop1: detected capacity change from 0 to 1024
[  170.901543][ T7939] loop0: detected capacity change from 0 to 512
[  170.947212][ T7939] EXT4-fs: Ignoring removed nobh option
[  171.016965][ T7939] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.183878][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.399830][ T7948] loop1: detected capacity change from 0 to 128
[  171.590362][ T7954] input: syz0 as /devices/virtual/input/input9
[  171.838016][ T7964] loop2: detected capacity change from 0 to 512
[  171.862294][ T7964] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  171.927709][ T7964] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.997998][ T7964] ext4 filesystem being mounted at /188/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  172.132359][ T7956] loop0: detected capacity change from 0 to 32768
[  172.262302][ T5791] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.586924][ T7974] overlay: filesystem on ./file0 not supported as upperdir
[  172.641110][ T7959] loop1: detected capacity change from 0 to 32768
[  172.719845][ T7959] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  173.003296][ T7984] loop3: detected capacity change from 0 to 2048
[  173.011132][ T5831] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  173.099296][ T5782] ocfs2: Unmounting device (7,1) on (node local)
[  173.114173][ T7984] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.213643][ T7984] EXT4-fs error (device loop3): ext4_find_extent:936: inode #2: comm syz.3.760: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  173.237563][ T5831] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  173.256676][ T5831] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  173.266570][ T7984] EXT4-fs (loop3): Remounting filesystem read-only
[  173.276510][ T5831] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  173.292922][ T5831] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  173.304350][ T5831] usb 1-1: SerialNumber: syz
[  173.347583][ T5788] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.521435][ T7990] netlink: 'syz.3.762': attribute type 39 has an invalid length.
[  173.524174][ T7982] loop2: detected capacity change from 0 to 32768
[  173.596872][ T5831] usb 1-1: 0:2 : does not exist
[  173.775153][ T5852] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  173.782406][ T5831] usb 1-1: USB disconnect, device number 6
[  173.965126][ T5852] usb 2-1: Using ep0 maxpacket: 32
[  173.984247][ T5852] usb 2-1: unable to get BOS descriptor or descriptor too short
[  174.008864][ T5852] usb 2-1: config 5 has an invalid interface number: 92 but max is 1
[  174.033286][ T5852] usb 2-1: config 5 has no interface number 1
[  174.065121][ T5852] usb 2-1: config 5 interface 0 altsetting 1 endpoint 0x8 has invalid maxpacket 512, setting to 64
[  174.114276][ T5852] usb 2-1: config 5 interface 92 has no altsetting 0
[  174.139231][ T5852] usb 2-1: config 5 interface 0 has no altsetting 0
[  174.160442][ T5852] usb 2-1: New USB device found, idVendor=0424, idProduct=b832, bcdDevice=16.3c
[  174.180706][ T5852] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.205136][ T5852] usb 2-1: Product: syz
[  174.209376][ T5852] usb 2-1: Manufacturer: syz
[  174.229820][ T5852] usb 2-1: SerialNumber: syz
[  174.529579][ T8010] netlink: 'syz.0.772': attribute type 4 has an invalid length.
[  174.638244][ T5852] usb 2-1: USB disconnect, device number 6
[  174.711513][ T5799] udevd[5799]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:5.92/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  174.942753][ T8024] loop3: detected capacity change from 0 to 128
[  175.068650][ T8026] loop0: detected capacity change from 0 to 128
[  175.077492][ T8026] EXT4-fs: Ignoring removed nobh option
[  175.104694][ T8026] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  175.132120][ T8026] ext4 filesystem being mounted at /198/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  175.209208][ T8026] fscrypt (loop0, inode 12): Can't use IV_INO_LBLK_64 policy on filesystem 'loop0' because it doesn't have stable inode numbers
[  175.276955][ T5786] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  175.333182][ T8031] pim6reg0: tun_chr_ioctl cmd 1074812118
[  175.601405][ T8038] netlink: 132 bytes leftover after parsing attributes in process `syz.1.784'.
[  175.654042][ T8044] netlink: 'syz.1.784': attribute type 12 has an invalid length.
[  175.696639][ T8044] netlink: 132 bytes leftover after parsing attributes in process `syz.1.784'.
[  175.934131][ T8050] loop1: detected capacity change from 0 to 2048
[  176.006496][ T8054] netlink: 16 bytes leftover after parsing attributes in process `syz.3.791'.
[  176.063264][ T8050] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.106457][ T8050] ext4 filesystem being mounted at /191/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  176.111693][ T8035] loop0: detected capacity change from 0 to 32768
[  176.138481][ T8035] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.782 (8035)
[  176.168854][ T8035] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  176.190598][ T8035] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  176.210971][ T8035] BTRFS info (device loop0): setting nodatacow, compression disabled
[  176.232853][ T8035] BTRFS info (device loop0): max_inline at 0
[  176.255016][ T8035] BTRFS info (device loop0): turning on async discard
[  176.262066][ T8035] BTRFS info (device loop0): turning off barriers
[  176.302902][ T8035] BTRFS info (device loop0): turning on flush-on-commit
[  176.337021][ T8035] BTRFS info (device loop0): turning on barriers
[  176.361048][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.370814][ T8035] BTRFS info (device loop0): force clearing of disk cache
[  176.379692][ T8035] BTRFS info (device loop0): enabling ssd optimizations
[  176.413794][ T8035] BTRFS info (device loop0): turning off barriers
[  176.446318][ T8035] BTRFS info (device loop0): max_inline at 868
[  176.452621][ T8035] BTRFS info (device loop0): using free space tree
[  176.643617][ T8035] BTRFS info (device loop0): rebuilding free space tree
[  176.785596][ T5784] Bluetooth: hci3: command 0x0c1a tx timeout
[  177.006127][ T5786] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  178.049310][ T8123] loop8: detected capacity change from 0 to 1
[  178.088642][ T8123] Dev loop8: unable to read RDB block 1
[  178.088739][ T8123]  loop8: unable to read partition table
[  178.088984][ T8123] loop8: partition table beyond EOD, truncated
[  178.089003][ T8123] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5)
[  178.640745][   T60] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  178.694590][ T8118] loop2: detected capacity change from 0 to 32768
[  178.722601][ T8118] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.808 (8118)
[  178.760395][ T8118] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  178.774590][ T8118] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  178.790983][ T8118] BTRFS info (device loop2): setting nodatacow, compression disabled
[  178.800281][ T8118] BTRFS info (device loop2): max_inline at 0
[  178.834983][ T8118] BTRFS info (device loop2): turning on async discard
[  178.841891][ T8118] BTRFS info (device loop2): turning off barriers
[  178.871781][ T8146] netlink: 8 bytes leftover after parsing attributes in process `syz.0.821'.
[  178.875278][ T8118] BTRFS info (device loop2): turning on flush-on-commit
[  178.902795][ T8118] BTRFS info (device loop2): turning on barriers
[  178.917554][ T8118] BTRFS info (device loop2): force clearing of disk cache
[  178.934985][ T8118] BTRFS info (device loop2): enabling ssd optimizations
[  178.983867][ T8118] BTRFS info (device loop2): turning off barriers
[  178.999614][ T8118] BTRFS info (device loop2): max_inline at 868
[  179.012873][ T8118] BTRFS info (device loop2): using free space tree
[  179.096853][ T8158] netlink: 8 bytes leftover after parsing attributes in process `syz.0.823'.
[  179.135997][ T8118] BTRFS info (device loop2): rebuilding free space tree
[  179.380693][ T8172] netlink: 'syz.0.826': attribute type 14 has an invalid length.
[  179.518208][ T5791] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  179.591281][ T8176] loop1: detected capacity change from 0 to 4096
[  179.707931][ T8182] loop0: detected capacity change from 0 to 256
[  179.743010][ T8182] FAT-fs (loop0): Directory bread(block 1285) failed
[  179.804235][ T8182] FAT-fs (loop0): Directory bread(block 1285) failed
[  179.972242][ T8176] EXT4-fs: inline encryption not supported
[  179.982288][ T8176] EXT4-fs (loop1): Test dummy encryption mode enabled
[  180.069858][ T8176] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  180.625348][ T8176] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  180.751129][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.325883][ T8204] loop3: detected capacity change from 0 to 32768
[  181.402281][   T28] audit: type=1800 audit(1755031141.050:23): pid=8204 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.838" name="bus" dev="loop3" ino=7 res=0 errno=0
[  181.871377][ T8215] loop1: detected capacity change from 0 to 32768
[  181.919347][ T8215] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 scanned by syz.1.843 (8215)
[  181.991757][ T8215] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  182.007171][ T8215] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[  182.022072][ T8215] BTRFS info (device loop1): force zlib compression, level 3
[  182.054991][ T8215] BTRFS info (device loop1): force clearing of disk cache
[  182.062292][ T8215] BTRFS info (device loop1): turning off barriers
[  182.100425][ T8215] BTRFS info (device loop1): doing ref verification
[  182.107493][ T8215] BTRFS info (device loop1): enabling disk space caching
[  182.128186][ T8215] BTRFS info (device loop1): disk space caching is enabled
[  182.278496][ T8215] BTRFS info (device loop1): enabling ssd optimizations
[  182.298789][ T8215] BTRFS info (device loop1): auto enabling async discard
[  182.321862][ T8215] BTRFS info (device loop1): rebuilding free space tree
[  182.372219][ T8215] BTRFS info (device loop1): disabling free space tree
[  182.375064][    T8] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  182.385016][ T8215] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  182.415107][ T8215] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  182.595060][    T8] usb 4-1: Using ep0 maxpacket: 8
[  182.598063][ T8215] BTRFS info (device loop1): balance: start -d -m
[  182.607529][    T8] usb 4-1: config 0 has no interfaces?
[  182.618483][ T8229] loop2: detected capacity change from 0 to 32768
[  182.643481][    T8] usb 4-1: New USB device found, idVendor=0458, idProduct=7003, bcdDevice=7a.1a
[  182.652961][ T8215] BTRFS info (device loop1): relocating block group 6881280 flags data|metadata
[  182.670123][ T8229] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop2 scanned by syz.2.850 (8229)
[  182.689332][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  182.719488][    T8] usb 4-1: Product: syz
[  182.724134][    T8] usb 4-1: Manufacturer: syz
[  182.750807][    T8] usb 4-1: SerialNumber: syz
[  182.770217][ T8229] BTRFS info (device loop2): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  182.783074][    T8] usb 4-1: config 0 descriptor??
[  182.789556][ T5783] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  182.828149][ T8229] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  182.855748][ T8229] BTRFS info (device loop2): using free space tree
[  182.943557][ T8215] BTRFS info (device loop1): balance: paused
[  182.995155][ T5783] usb 1-1: Using ep0 maxpacket: 32
[  183.011653][ T5783] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  183.033872][ T5783] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  183.074783][ T8229] BTRFS info (device loop2): enabling ssd optimizations
[  183.093769][ T5782] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  183.096059][ T8229] BTRFS info (device loop2): auto enabling async discard
[  183.118653][ T5783] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  183.163315][ T5783] usb 1-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  183.212466][ T5783] usb 1-1: Product: syz
[  183.219804][ T5783] usb 1-1: Manufacturer: syz
[  183.251887][ T5783] hub 1-1:4.0: USB hub found
[  183.416837][ T5791] BTRFS info (device loop2): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  183.488379][ T5783] hub 1-1:4.0: config failed, hub doesn't have any ports! (err -19)
[  183.620311][    T8] usb 4-1: USB disconnect, device number 7
[  183.896881][ T5783] usb 1-1: USB disconnect, device number 7
[  184.039474][ T8280] syz_tun: entered allmulticast mode
[  184.084473][ T8279] syz_tun: left allmulticast mode
[  184.145179][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  184.649303][ T8297] tun0: tun_chr_ioctl cmd 1074025681
[  184.669418][ T8299] loop1: detected capacity change from 0 to 128
[  184.746040][ T8303] loop2: detected capacity change from 0 to 256
[  184.806546][   T28] audit: type=1800 audit(1755031144.460:24): pid=8303 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.867" name="file1" dev="loop2" ino=1048603 res=0 errno=0
[  184.827690][    C0] vkms_vblank_simulate: vblank timer overrun
[  184.874543][ T8303] FAT-fs (loop2): error, clusters badly computed (0 != 128)
[  184.905290][ T8303] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  184.935321][ T8304] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  185.065566][ T5782] sysv_free_block: flc_count > flc_size
[  185.136033][ T5782] sysv_free_block: flc_count > flc_size
[  185.145067][ T5782] sysv_free_block: flc_count > flc_size
[  185.150765][ T5782] sysv_free_block: flc_count > flc_size
[  185.200387][ T5782] sysv_free_block: flc_count > flc_size
[  185.210516][ T5782] sysv_free_block: flc_count > flc_size
[  185.221068][ T5782] sysv_free_block: flc_count > flc_size
[  185.235166][ T5782] sysv_free_block: flc_count > flc_size
[  185.240808][ T5782] sysv_free_block: flc_count > flc_size
[  185.265006][ T5782] sysv_free_block: flc_count > flc_size
[  185.291328][ T5782] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  185.785143][ T5783] usb 3-1: new full-speed USB device number 5 using dummy_hcd
[  185.869944][ T8311] loop3: detected capacity change from 0 to 32768
[  185.903963][ T8311] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop3 scanned by syz.3.872 (8311)
[  185.966233][ T8311] BTRFS info (device loop3): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  185.990528][ T5783] usb 3-1: config 0 has an invalid interface number: 138 but max is 0
[  185.995349][ T8311] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  186.005895][    T8] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  186.012232][ T8311] BTRFS info (device loop3): using free space tree
[  186.024195][ T5783] usb 3-1: config 0 has no interface number 0
[  186.042359][ T5783] usb 3-1: config 0 interface 138 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[  186.066614][ T5783] usb 3-1: New USB device found, idVendor=07c4, idProduct=a004, bcdDevice=b4.df
[  186.080624][ T5783] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  186.099568][ T5783] usb 3-1: Product: syz
[  186.103896][ T5783] usb 3-1: Manufacturer: syz
[  186.132372][ T5783] usb 3-1: SerialNumber: syz
[  186.141634][ T5783] usb 3-1: config 0 descriptor??
[  186.150189][ T8317] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  186.173212][ T5783] ums-datafab 3-1:0.138: USB Mass Storage device detected
[  186.211514][ T8311] BTRFS info (device loop3): enabling ssd optimizations
[  186.225182][ T8311] BTRFS info (device loop3): auto enabling async discard
[  186.226041][    T8] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  186.244101][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.260141][ T5783] scsi host1: usb-storage 3-1:0.138
[  186.292060][    T8] usb 2-1: config 0 descriptor??
[  186.338768][   T28] audit: type=1800 audit(1755031145.990:25): pid=8311 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.872" name="file1" dev="loop3" ino=263 res=0 errno=0
[  186.502884][ T5788] BTRFS info (device loop3): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  186.528944][    T8] [drm] vendor descriptor length:6 data:06 5f 00 00 00 00 00 00 00 00 00
[  186.549510][    T8] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  186.677414][ T5783] usb 3-1: USB disconnect, device number 5
[  186.931071][    T8] [drm] Initialized udl 0.0.1 20120220 for 2-1:0.0 on minor 2
[  186.958281][    T8] [drm] Initialized udl on minor 2
[  187.043268][    T8] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed
[  187.092908][    T8] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  187.294463][ T5852] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  187.294573][ T5851] usb 2-1: USB disconnect, device number 7
[  187.345702][ T5852] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  187.385007][ T5831] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  187.402422][ T8357] loop2: detected capacity change from 0 to 1024
[  187.444823][ T8357] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  187.489948][ T8357] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  187.504386][ T8357] ext4 filesystem being mounted at /217/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  187.544349][ T8357] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  187.573040][ T8357] EXT4-fs (loop2): Remounting filesystem read-only
[  187.597349][ T5831] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  187.614983][ T5831] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  187.630518][ T5831] usb 4-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[  187.640283][ T5831] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  187.648585][ T5831] usb 4-1: Product: syz
[  187.653816][ T5831] usb 4-1: Manufacturer: syz
[  187.660918][ T5831] usb 4-1: SerialNumber: syz
[  187.668580][ T5831] usb 4-1: config 0 descriptor??
[  187.686171][ T5831] usb 4-1: Quirk or no altest; falling back to MIDI 1.0
[  187.704847][ T5791] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.053654][ T5831] snd-usb-audio: probe of 4-1:0.0 failed with error -12
[  188.111065][ T5831] usb 4-1: USB disconnect, device number 8
[  188.119886][ T8374] loop1: detected capacity change from 0 to 256
[  188.258728][ T6297] udevd[6297]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  189.107046][ T8400] loop2: detected capacity change from 0 to 512
[  189.121098][ T8382] loop1: detected capacity change from 0 to 40427
[  189.155786][ T8400] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  189.166212][ T8382] F2FS-fs (loop1): build fault injection attr: rate: 691, type: 0x7ffff
[  189.186100][ T8382] F2FS-fs (loop1): Image doesn't support compression
[  189.220009][ T8400] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.248711][ T8382] F2FS-fs (loop1): invalid crc value
[  189.261974][ T8400] ext4 filesystem being mounted at /225/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  189.293665][ T8382] F2FS-fs (loop1): Found nat_bits in checkpoint
[  189.491927][ T8394] loop0: detected capacity change from 0 to 32768
[  189.529294][ T5791] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.552830][ T8394] add_index: next_index = 0.  Resetting!
[  189.558161][ T8382] F2FS-fs (loop1): Start checkpoint disabled!
[  189.587578][ T8394] find_entry called with index >= next_index
[  189.613661][ T8382] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  189.617435][ T8394] find_entry called with index >= next_index
[  189.698381][ T8394] find_entry called with index >= next_index
[  189.729910][ T8394] find_entry called with index >= next_index
[  189.776261][ T8408] non-latin1 character 0x3ff found in JFS file name
[  189.784494][ T8408] mount with iocharset=utf8 to access
[  190.033324][ T8419] af_packet: tpacket_rcv: packet too big, clamped from 46 to 4294967286. macoff=82
[  190.578704][ T8436] netlink: 'syz.2.916': attribute type 2 has an invalid length.
[  190.968174][ T8449] loop2: detected capacity change from 0 to 64
[  191.694100][ T8453] loop1: detected capacity change from 0 to 32768
[  191.705025][ T5851] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  191.896173][ T5851] usb 4-1: Using ep0 maxpacket: 8
[  191.921671][ T5851] usb 4-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  191.941548][ T5851] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.962188][ T5851] usb 4-1: Product: syz
[  191.972311][ T5851] usb 4-1: Manufacturer: syz
[  191.982429][ T5851] usb 4-1: SerialNumber: syz
[  192.016041][ T5851] usb 4-1: config 0 descriptor??
[  192.031710][ T5851] gspca_main: se401-2.14.0 probing 047d:5003
[  192.035297][ T5852] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  192.157735][ T8469] loop2: detected capacity change from 0 to 32768
[  192.188315][ T8469] (syz.2.931,8469,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  192.218303][ T8469] (syz.2.931,8469,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  192.267524][ T5852] usb 1-1: Using ep0 maxpacket: 16
[  192.278657][ T5852] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  192.313478][ T8469] JBD2: Ignoring recovery information on journal
[  192.322920][ T5852] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  192.357596][ T5852] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  192.382671][ T5852] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  192.408128][ T8469] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  192.424252][ T5852] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  192.436840][ T5851] gspca_se401: ExtraFeatures: 35
[  192.478155][ T5852] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  192.501560][ T5852] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  192.523387][ T5852] usb 1-1: Manufacturer: syz
[  192.545936][ T5852] usb 1-1: config 0 descriptor??
[  192.641566][ T5851] input: se401 as /devices/platform/dummy_hcd.3/usb4/4-1/input/input10
[  192.664102][ T5791] ocfs2: Unmounting device (7,2) on (node local)
[  192.728922][ T5851] usb 4-1: USB disconnect, device number 9
[  192.915236][ T5852] rc_core: IR keymap rc-hauppauge not found
[  192.921208][ T5852] Registered IR keymap rc-empty
[  192.957576][ T5852] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  193.005230][ T5852] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  193.057165][ T5852] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[  193.115396][ T5852] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input11
[  193.155172][ T5852] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  193.164414][    C0] mceusb 1-1:0.0: long-range (0x1) receiver active
[  193.195170][ T5852] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  193.234934][ T5852] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  193.270905][ T5852] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  193.305105][ T5852] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  193.345220][ T5852] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  193.387488][ T5852] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  193.447395][ T5852] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  193.506023][ T5852] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  193.517558][ T8483] loop1: detected capacity change from 0 to 32768
[  193.547536][ T5852] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[  193.560862][ T8483] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.937 (8483)
[  193.614590][ T8483] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  193.616925][ T5852] mceusb 1-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  193.631613][ T8483] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  193.646399][ T8483] BTRFS info (device loop1): disabling tree log
[  193.682016][ T5852] mceusb 1-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x1 active)
[  193.711174][ T8483] BTRFS info (device loop1): using free space tree
[  193.727709][ T5852] usb 1-1: USB disconnect, device number 8
[  193.926863][ T8483] BTRFS info (device loop1): auto enabling async discard
[  193.955268][ T8483] BTRFS info (device loop1): checking UUID tree
[  194.069426][ T5782] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  194.245029][ T5851] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  194.355573][ T8499] loop2: detected capacity change from 0 to 32768
[  194.422671][ T8524] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.434822][ T8524] bridge0: port 1(bridge_slave_0) entered disabled state
[  194.450827][ T8499] ocfs2: Slot 0 on device (7,2) was already allocated to this node!
[  194.486526][ T5851] usb 4-1: Using ep0 maxpacket: 8
[  194.499568][ T5851] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  194.516828][ T8499] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  194.529262][ T5851] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  194.610623][ T5851] usb 4-1: New USB device found, idVendor=046d, idProduct=c343, bcdDevice= 0.00
[  194.623328][ T8524] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  194.684930][ T5851] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.770212][ T5851] usb 4-1: config 0 descriptor??
[  194.973041][ T5791] ocfs2: Unmounting device (7,2) on (node local)
[  195.037142][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  195.043769][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  195.265104][ T5851] logitech-hidpp-device 0003:046D:C343.0004: hidraw0: USB HID v3.0e Device [HID 046d:c343] on usb-dummy_hcd.3-1/input0
[  195.503630][ T5852] usb 4-1: USB disconnect, device number 10
[  195.623896][ T8551] loop0: detected capacity change from 0 to 512
[  195.673133][ T8551] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.693350][ T8551] ext4 filesystem being mounted at /239/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  195.722894][ T8551] EXT4-fs warning (device loop0): ext4_group_extend:1892: will only finish group (16384 blocks, 16256 new)
[  195.743834][ T8551] EXT4-fs warning (device loop0): ext4_group_extend:1897: can't read last block, resize aborted
[  195.829816][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.940610][ T8562] loop0: detected capacity change from 0 to 256
[  195.950577][ T8562] exfat: Bad value for 'uid'
[  196.012450][ T8564] netlink: 4 bytes leftover after parsing attributes in process `syz.1.961'.
[  196.028765][ T8564] netlink: 4 bytes leftover after parsing attributes in process `syz.1.961'.
[  196.207315][ T8570] loop3: detected capacity change from 0 to 256
[  196.261519][ T8570] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  196.288586][ T8566] nbd0: detected capacity change from 0 to 549764202496
[  196.295677][ T8570] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  196.309345][ T5784] block nbd0: Receive control failed (result -32)
[  196.316745][   T96] block nbd0: Send control failed (result -32)
[  196.326865][   T96] block nbd0: Request send failed, requeueing
[  196.340809][   T96] block nbd0: Dead connection, failed to find a fallback
[  196.348991][   T96] block nbd0: shutting down sockets
[  196.356168][   T96] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  196.367359][   T96] Buffer I/O error on dev nbd0, logical block 0, async page read
[  196.382809][   T55] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  196.394661][   T55] Buffer I/O error on dev nbd0, logical block 0, async page read
[  196.406670][   T55] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  196.416220][   T55] Buffer I/O error on dev nbd0, logical block 0, async page read
[  196.426838][   T96] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  196.436388][   T96] Buffer I/O error on dev nbd0, logical block 0, async page read
[  196.475170][   T55] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  196.486005][   T55] Buffer I/O error on dev nbd0, logical block 0, async page read
[  196.493974][   T55] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  196.513018][   T55] Buffer I/O error on dev nbd0, logical block 0, async page read
[  196.521564][   T55] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  196.531097][   T55] Buffer I/O error on dev nbd0, logical block 0, async page read
[  196.539390][   T55] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  196.549461][   T55] Buffer I/O error on dev nbd0, logical block 0, async page read
[  196.572659][ T8380] ldm_validate_partition_table(): Disk read failed.
[  196.581307][   T55] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  196.592027][   T55] Buffer I/O error on dev nbd0, logical block 0, async page read
[  196.600718][   T55] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  196.615446][   T55] Buffer I/O error on dev nbd0, logical block 0, async page read
[  196.623897][ T8380] Dev nbd0: unable to read RDB block 0
[  196.631374][ T8380]  nbd0: unable to read partition table
[  196.643931][ T8380] ldm_validate_partition_table(): Disk read failed.
[  196.651366][ T8380] Dev nbd0: unable to read RDB block 0
[  196.660205][ T8380]  nbd0: unable to read partition table
[  196.908549][ T8586] loop0: detected capacity change from 0 to 4096
[  196.974989][ T5851] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  196.989355][ T8587] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  197.053390][   T28] audit: type=1800 audit(1755031156.700:26): pid=8586 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.970" name="file1" dev="loop0" ino=15 res=0 errno=0
[  197.185536][ T5851] usb 3-1: Using ep0 maxpacket: 16
[  197.204314][ T5851] usb 3-1: config 1 has an invalid interface number: 105 but max is 0
[  197.233194][ T5851] usb 3-1: config 1 has no interface number 0
[  197.254433][ T5851] usb 3-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  197.277751][ T5851] usb 3-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  197.290401][ T8584] loop3: detected capacity change from 0 to 32768
[  197.297404][ T5851] usb 3-1: config 1 interface 105 has no altsetting 0
[  197.311428][ T8584] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.971 (8584)
[  197.340985][ T5851] usb 3-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  197.350783][ T5851] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  197.359806][ T5851] usb 3-1: Product: syz
[  197.365435][ T5851] usb 3-1: Manufacturer: syz
[  197.370177][ T5851] usb 3-1: SerialNumber: syz
[  197.382660][ T8584] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  197.405197][ T8580] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  197.412852][ T8580] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  197.430010][ T8584] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  197.443930][ T8584] BTRFS info (device loop3): enabling disk space caching
[  197.453324][ T8584] BTRFS info (device loop3): doing ref verification
[  197.469057][ T8584] BTRFS info (device loop3): setting nodatacow, compression disabled
[  197.483198][ T8584] BTRFS info (device loop3): force clearing of disk cache
[  197.498044][ T8584] BTRFS info (device loop3): doing ref verification
[  197.506570][ T8584] BTRFS info (device loop3): disk space caching is enabled
[  197.635959][ T8584] BTRFS info (device loop3): auto enabling async discard
[  197.683245][ T8584] BTRFS info (device loop3): rebuilding free space tree
[  197.745589][ T8584] BTRFS info (device loop3): disabling free space tree
[  197.753458][ T8584] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  197.789644][ T8584] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  197.892432][ T8580] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  197.916123][ T8580] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  198.048395][ T5788] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  198.223773][ T5799] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 12 /dev/loop3 scanned by udevd (5799)
[  198.318497][ T8618] 8021q: adding VLAN 0 to HW filter on device bond1
[  198.345894][ T5851] aqc111 3-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  198.361029][ T8618] bond0: (slave bond1): Enslaving as an active interface with an up link
[  198.365504][ T5851] aqc111 3-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  198.404039][ T5851] aqc111 3-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  198.554483][ T5851] aqc111 3-1:1.105 eth1: register 'aqc111' at usb-dummy_hcd.2-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, 62:ce:e2:4b:53:0a
[  198.622382][ T5851] usb 3-1: USB disconnect, device number 6
[  198.633927][ T8628] loop0: detected capacity change from 0 to 1024
[  198.728052][ T5851] aqc111 3-1:1.105 eth1: unregister 'aqc111' usb-dummy_hcd.2-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[  198.891922][   T60] hfsplus: b-tree write err: -5, ino 4
[  198.986460][ T5851] aqc111 3-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  199.009534][ T5851] aqc111 3-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  199.035868][ T5851] aqc111 3-1:1.105 eth1 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[  199.595254][    T8] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  199.691187][ T8633] loop3: detected capacity change from 0 to 32768
[  199.700933][ T8651] loop2: detected capacity change from 0 to 256
[  199.795166][    T8] usb 2-1: Using ep0 maxpacket: 32
[  199.813034][    T8] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  199.843997][ T8651] FAT-fs (loop2): Directory bread(block 64) failed
[  199.855768][    T8] usb 2-1: config 0 has no interface number 0
[  199.870056][ T8651] FAT-fs (loop2): Directory bread(block 65) failed
[  199.871763][ T5788] add_index: next_index = 0.  Resetting!
[  199.882084][ T8651] FAT-fs (loop2): Directory bread(block 66) failed
[  199.899871][ T8651] FAT-fs (loop2): Directory bread(block 67) failed
[  199.905322][    T8] usb 2-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  199.909966][ T8651] FAT-fs (loop2): Directory bread(block 68) failed
[  199.925728][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.935427][ T5788] non-latin1 character 0x3ff found in JFS file name
[  199.936027][    T8] usb 2-1: Product: syz
[  199.950420][    T8] usb 2-1: Manufacturer: syz
[  199.955841][    T8] usb 2-1: SerialNumber: syz
[  199.959346][ T5788] mount with iocharset=utf8 to access
[  199.968051][ T8651] FAT-fs (loop2): Directory bread(block 69) failed
[  199.985196][ T8651] FAT-fs (loop2): Directory bread(block 70) failed
[  200.000363][    T8] usb 2-1: config 0 descriptor??
[  200.007318][ T8651] FAT-fs (loop2): Directory bread(block 71) failed
[  200.014471][ T8651] FAT-fs (loop2): Directory bread(block 72) failed
[  200.030390][    T8] usb 2-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  200.037324][ T5788] read_mapping_page failed!
[  200.056773][ T8651] FAT-fs (loop2): Directory bread(block 73) failed
[  200.057630][    T8] usb 2-1: selecting invalid altsetting 1
[  200.074504][ T5788] ERROR: (device loop3): txCommit: 
[  200.074504][ T5788] 
[  200.094101][    T8] usb 2-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  200.121397][ T5788] ERROR: (device loop3): remounting filesystem as read-only
[  200.133156][    T8] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  200.198876][    T8] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  200.225109][    T8] usb 2-1: media controller created
[  200.380900][    T8] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  200.481368][    C0] vkms_vblank_simulate: vblank timer overrun
[  200.776946][ T4176] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.959023][ T4176] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.119752][ T4176] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.161995][ T8654] loop0: detected capacity change from 0 to 32768
[  201.320270][ T4176] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.345838][ T8643] usb 2-1: dvb_usb_ce6230: usb_control_msg() failed=-110
[  201.396839][    T8] usb 2-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  201.397652][ T5851] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  201.404834][    T8] zl10353_read_register: readreg error (reg=127, ret==-71)
[  201.445315][    T8] usb 2-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  201.599795][    T8] usb 2-1: USB disconnect, device number 8
[  201.645341][ T5851] usb 3-1: Using ep0 maxpacket: 8
[  201.669619][ T5851] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  201.715181][ T5851] usb 3-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  201.761413][ T5851] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.804257][ T5851] usb 3-1: config 0 descriptor??
[  201.827513][ T5851] gspca_main: vc032x-2.14.0 probing 046d:0892
[  202.093867][    C0] vkms_vblank_simulate: vblank timer overrun
[  202.589226][ T5797] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  202.604629][ T5797] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  202.663116][ T5797] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  202.677348][ T5797] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  202.688363][ T5797] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  202.698362][ T5851] gspca_vc032x: reg_w err -71
[  202.703272][ T5851] vc032x: probe of 3-1:0.0 failed with error -71
[  202.711486][ T5797] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  202.756476][ T5851] usb 3-1: USB disconnect, device number 7
[  202.904358][ T8674] loop1: detected capacity change from 0 to 32768
[  202.947850][ T8674] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[  202.975447][ T8674] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  204.545851][ T4176] hsr_slave_0: left promiscuous mode
[  204.566169][ T4176] hsr_slave_1: left promiscuous mode
[  204.579323][ T5782] ocfs2: Unmounting device (7,1) on (node local)
[  204.645598][ T4176] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  204.664645][ T4176] batman_adv: batadv0: Removing interface: batadv_slave_0
[  204.709078][ T4176] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  204.743264][ T4176] batman_adv: batadv0: Removing interface: batadv_slave_1
[  204.785745][ T5797] Bluetooth: hci2: command tx timeout
[  204.794036][ T4176] bridge_slave_1: left allmulticast mode
[  204.803387][ T4176] bridge_slave_1: left promiscuous mode
[  204.838457][ T4176] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.927374][ T4176] bridge_slave_0: left allmulticast mode
[  204.933543][ T4176] bridge_slave_0: left promiscuous mode
[  204.957697][ T4176] bridge0: port 1(bridge_slave_0) entered disabled state
[  204.960349][ T8701] loop2: detected capacity change from 0 to 32768
[  205.069115][ T8701] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  205.086141][ T4176] veth1_macvtap: left promiscuous mode
[  205.093077][ T4176] veth0_macvtap: left promiscuous mode
[  205.116907][ T4176] veth1_vlan: left promiscuous mode
[  205.127677][ T4176] veth0_vlan: left promiscuous mode
[  205.210119][ T8701] XFS (loop2): Ending clean mount
[  205.347938][ T8701] XFS (loop2): WARNING: Reset corrupted AGFL on AG 0. 1 blocks leaked. Please unmount and run xfs_repair.
[  205.703157][ T5791] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  205.936849][ T8744] loop0: detected capacity change from 0 to 512
[  206.042603][ T8744] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  206.085047][ T8744] ext4 filesystem being mounted at /264/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  206.151887][ T8744] EXT4-fs error (device loop0): ext4_do_update_inode:5230: inode #2: comm syz.0.1017: corrupted inode contents
[  206.192562][ T8744] EXT4-fs error (device loop0): ext4_dirty_inode:6106: inode #2: comm syz.0.1017: mark_inode_dirty error
[  206.244769][ T8744] EXT4-fs error (device loop0): ext4_do_update_inode:5230: inode #2: comm syz.0.1017: corrupted inode contents
[  206.269879][ T8744] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #2: comm syz.0.1017: mark_inode_dirty error
[  206.335224][ T8744] EXT4-fs error (device loop0): ext4_lookup:1855: inode #18: comm syz.0.1017: 'file0' linked to parent dir
[  206.429495][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.811574][    C0] vkms_vblank_simulate: vblank timer overrun
[  206.866104][ T5797] Bluetooth: hci2: command tx timeout
[  207.091307][ T8751] loop0: detected capacity change from 0 to 40427
[  207.141564][ T8751] F2FS-fs (loop0): build fault injection attr: rate: 771, type: 0x7ffff
[  207.145961][    C0] vkms_vblank_simulate: vblank timer overrun
[  207.178808][ T8751] F2FS-fs (loop0): invalid crc value
[  207.278267][    C0] vkms_vblank_simulate: vblank timer overrun
[  207.313198][ T8751] F2FS-fs (loop0): Found nat_bits in checkpoint
[  207.412510][ T4176] team0 (unregistering): Port device team_slave_1 removed
[  207.422366][ T8751] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  207.510814][   T28] audit: type=1800 audit(1755031167.160:27): pid=8751 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1018" name="file1" dev="loop0" ino=10 res=0 errno=0
[  207.527243][    C0] vkms_vblank_simulate: vblank timer overrun
[  207.566584][ T4176] team0 (unregistering): Port device team_slave_0 removed
[  207.609957][ T5786] syz-executor: attempt to access beyond end of device
[  207.609957][ T5786] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  207.628419][    C0] vkms_vblank_simulate: vblank timer overrun
[  207.636829][ T5786] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  207.683601][ T4176] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  207.799258][ T4176] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  208.653691][ T8769] loop0: detected capacity change from 0 to 512
[  208.671245][ T8769] EXT4-fs (loop0): Test dummy encryption mode enabled
[  208.681073][ T8769] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  208.693608][ T8769] EXT4-fs (loop0): Errors on filesystem, clearing orphan list.
[  208.704005][ T8769] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  208.944933][ T8769] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  208.945053][ T5797] Bluetooth: hci2: command tx timeout
[  209.005457][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.428389][ T4176] bond0 (unregistering): Released all slaves
[  209.628865][ T8680] chnl_net:caif_netlink_parms(): no params data found
[  209.770231][ T8745] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  210.000954][ T8680] bridge0: port 1(bridge_slave_0) entered blocking state
[  210.020991][ T8680] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.055229][ T8680] bridge_slave_0: entered allmulticast mode
[  210.063612][ T8680] bridge_slave_0: entered promiscuous mode
[  210.088270][ T8680] bridge0: port 2(bridge_slave_1) entered blocking state
[  210.107691][ T8784] loop1: detected capacity change from 0 to 8192
[  210.118660][ T8680] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.128869][ T8680] bridge_slave_1: entered allmulticast mode
[  210.144799][ T8680] bridge_slave_1: entered promiscuous mode
[  210.190188][ T8784] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  210.275052][ T8784] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal
[  210.301473][ T8784] REISERFS (device loop1): using ordered data mode
[  210.334449][ T8680] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  210.345078][ T8784] reiserfs: using flush barriers
[  210.370577][ T8784] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  210.400128][ T8680] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  210.435668][ T8784] REISERFS (device loop1): checking transaction log (loop1)
[  210.483458][ T8784] REISERFS (device loop1): Using r5 hash to sort names
[  210.503012][ T8784] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[  210.558005][ T8680] team0: Port device team_slave_0 added
[  210.625338][ T8680] team0: Port device team_slave_1 added
[  210.877913][ T8680] batman_adv: batadv0: Adding interface: batadv_slave_0
[  210.905173][ T8680] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.975454][ T8680] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  211.003702][ T8680] batman_adv: batadv0: Adding interface: batadv_slave_1
[  211.016931][ T8680] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  211.043863][ T5784] Bluetooth: hci2: command tx timeout
[  211.062140][ T8680] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  211.184102][ T8680] hsr_slave_0: entered promiscuous mode
[  211.204053][ T8680] hsr_slave_1: entered promiscuous mode
[  211.215208][ T8680] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  211.229759][ T8680] Cannot create hsr debugfs directory
[  211.505139][ T5784] Bluetooth: hci4: command 0x1003 tx timeout
[  211.513808][ T5797] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  212.050536][ T8827] loop0: detected capacity change from 0 to 512
[  212.067124][ T8680] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  212.123162][ T8680] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  212.169741][ T8680] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  212.173512][ T8827] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  212.208577][ T8827] ext4 filesystem being mounted at /273/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  212.242131][ T8680] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  212.364336][ T8814] loop1: detected capacity change from 0 to 32768
[  212.421521][ T8814] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 12
[  212.470625][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.659693][ T8680] 8021q: adding VLAN 0 to HW filter on device bond0
[  212.750637][ T5799] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 12
[  212.773260][ T8680] 8021q: adding VLAN 0 to HW filter on device team0
[  212.822947][ T8745] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.830325][ T8745] bridge0: port 1(bridge_slave_0) entered forwarding state
[  212.907491][ T1092] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.914672][ T1092] bridge0: port 2(bridge_slave_1) entered forwarding state
[  213.034128][ T8852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  213.064035][ T8855] loop1: detected capacity change from 0 to 1024
[  213.070892][ T8852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  213.115039][ T8852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  213.124218][ T8823] loop2: detected capacity change from 0 to 40427
[  213.151612][ T8852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  213.176576][ T8823] F2FS-fs (loop2): invalid crc value
[  213.205635][ T8852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  213.222595][ T8852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  213.227992][ T8823] F2FS-fs (loop2): Found nat_bits in checkpoint
[  213.260279][ T8852] batman_adv: batadv0: Adding interface: ipvlan2
[  213.285185][ T8852] batman_adv: batadv0: The MTU of interface ipvlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  213.351999][ T8852] batman_adv: batadv0: Interface activated: ipvlan2
[  213.405454][    T8] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  213.430097][ T8823] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  213.605549][    T8] usb 2-1: Using ep0 maxpacket: 32
[  213.637251][    T8] usb 2-1: config 0 has an invalid interface number: 51 but max is 0
[  213.666253][    T8] usb 2-1: config 0 has no interface number 0
[  213.702345][    T8] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  213.728111][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  213.756459][    T8] usb 2-1: Product: syz
[  213.760705][    T8] usb 2-1: Manufacturer: syz
[  213.801402][    T8] usb 2-1: SerialNumber: syz
[  213.822122][    T8] usb 2-1: config 0 descriptor??
[  213.876730][    T8] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  214.125873][    T8] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  214.176667][    T8] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  214.224447][ T8680] 8021q: adding VLAN 0 to HW filter on device batadv0
[  214.381079][    C0] quatech-serial ttyUSB0: qt2_process_read_urb - unsupported command 106
[  214.596665][    C0] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71
[  214.608886][    T8] usb 2-1: USB disconnect, device number 9
[  214.646070][    T8] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  214.707085][ T8886] loop0: detected capacity change from 0 to 2048
[  214.726515][    T8] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  214.779974][    T8] quatech2 2-1:0.51: device disconnected
[  214.811761][ T8890] loop2: detected capacity change from 0 to 1024
[  214.822937][ T8886] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  214.861285][ T8890] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  214.979779][ T8890] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  215.070407][ T8890] ext4 filesystem being mounted at /260/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  215.122905][ T8680] veth0_vlan: entered promiscuous mode
[  215.188129][ T8680] veth1_vlan: entered promiscuous mode
[  215.194362][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.322360][ T8680] veth0_macvtap: entered promiscuous mode
[  215.400943][ T5791] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.412059][ T8680] veth1_macvtap: entered promiscuous mode
[  215.422378][ T8904] loop1: detected capacity change from 0 to 256
[  215.546498][ T8680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.585502][ T8680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.629056][ T8680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.659632][ T8680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.680823][ T8680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.681677][ T8907] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  215.699031][ T8680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.711955][ T8680] batman_adv: batadv0: Interface activated: batadv_slave_0
[  215.793911][ T8680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  215.835143][ T8680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.850292][ T8680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  215.888420][ T8680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.914138][ T8680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  215.952322][ T8680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.985299][ T8680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: ipvlan2
[  216.029418][ T8680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.068304][ T8680] batman_adv: batadv0: Interface activated: batadv_slave_1
[  216.106028][ T8680] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  216.126785][ T8680] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  216.145767][ T8680] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  216.205046][ T8680] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  216.513030][ T4176] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  216.538944][ T4176] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  216.600041][ T4176] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  216.627120][ T4176] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  216.851384][ T8938] IPVS: stopping master sync thread 6554 ...
[  216.950231][ T8942] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1057'.
[  217.447312][ T8958] loop0: detected capacity change from 0 to 2048
[  217.475060][ T8958] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  217.506318][ T8958] NILFS (loop0): mounting unchecked fs
[  217.558029][ T8958] NILFS (loop0): recovery complete
[  217.586673][ T8966] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  217.741819][ T8969] loop4: detected capacity change from 0 to 2048
[  217.874658][ T8969] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  217.930838][ T8969] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  217.949951][ T8969] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 33 with error 28
[  217.963730][ T8969] EXT4-fs (loop4): This should not happen!! Data will be lost
[  217.963730][ T8969] 
[  217.974359][ T8969] EXT4-fs (loop4): Total free blocks count 0
[  217.982531][ T8969] EXT4-fs (loop4): Free/Dirty block details
[  217.989077][ T8969] EXT4-fs (loop4): free_blocks=4096
[  217.994511][ T8969] EXT4-fs (loop4): dirty_blocks=64
[  217.995167][ T8979] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  218.000578][ T8969] EXT4-fs (loop4): Block reservation details
[  218.045271][ T8969] EXT4-fs (loop4): i_reserved_data_blocks=4
[  218.458920][ T8989] netlink: 16186 bytes leftover after parsing attributes in process `syz.4.1069'.
[  218.988924][ T9010] loop4: detected capacity change from 0 to 512
[  219.121625][ T9010] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  219.147858][ T9016] loop0: detected capacity change from 0 to 1024
[  219.219873][ T9010] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  219.405038][   T28] audit: type=1800 audit(1755031179.050:28): pid=9016 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1079" name="file1" dev="loop0" ino=20 res=0 errno=0
[  219.458468][ T9010] Quota error (device loop4): write_blk: dquota write failed
[  219.489299][ T9010] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota
[  219.502875][   T12] hfsplus: b-tree write err: -5, ino 4
[  219.516487][ T9010] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.1078: Failed to acquire dquot type 1
[  219.792773][ T8680] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  220.003973][ T9044] loop1: detected capacity change from 0 to 2048
[  220.049548][ T9044] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  220.063274][ T9044] NILFS (loop1): mounting unchecked fs
[  220.153145][ T8380] udevd[8380]: incorrect nilfs2 checksum on /dev/loop1
[  220.197267][ T9044] NILFS (loop1): recovery complete
[  220.228734][ T9049] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  220.453205][ T9054] loop0: detected capacity change from 0 to 2048
[  220.569992][ T9054] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.738216][ T9054] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  220.813043][ T9054] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 33 with error 28
[  220.824183][ T9064] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  220.838972][ T9064] EXT4-fs (loop0): This should not happen!! Data will be lost
[  220.838972][ T9064] 
[  220.849618][ T9064] EXT4-fs (loop0): Total free blocks count 0
[  220.856400][ T9064] EXT4-fs (loop0): Free/Dirty block details
[  220.881522][ T9064] EXT4-fs (loop0): free_blocks=4096
[  220.887406][ T9064] EXT4-fs (loop0): dirty_blocks=64
[  220.897003][ T9064] EXT4-fs (loop0): Block reservation details
[  220.903139][ T9054] EXT4-fs (loop0): This should not happen!! Data will be lost
[  220.903139][ T9054] 
[  221.265102][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  221.426378][ T9048] loop2: detected capacity change from 0 to 32768
[  221.487549][ T9048] 
[  221.487549][ T9048]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  221.487549][ T9048] 
[  221.505797][   T28] audit: type=1326 audit(1755031181.150:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9082 comm="syz.4.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a6678ebe9 code=0x7ffc0000
[  221.606578][   T28] audit: type=1326 audit(1755031181.150:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9082 comm="syz.4.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a6678ebe9 code=0x7ffc0000
[  221.670626][ T5797] Bluetooth: hci2: command tx timeout
[  221.701280][   T28] audit: type=1326 audit(1755031181.150:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9082 comm="syz.4.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7f4a6678ebe9 code=0x7ffc0000
[  221.777352][   T12] read_mapping_page failed!
[  221.782759][   T12] ERROR: (device loop2): txCommit: 
[  221.782759][   T12] 
[  221.828292][   T28] audit: type=1326 audit(1755031181.150:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9082 comm="syz.4.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a6678ebe9 code=0x7ffc0000
[  221.830198][   T12] jfs_write_inode: jfs_commit_inode failed!
[  221.863633][ T9093] loop4: detected capacity change from 0 to 1024
[  221.878185][ T9093] EXT4-fs: Ignoring removed orlov option
[  221.900218][ T9093] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  221.911342][ T5791] 
[  221.911342][ T5791]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  221.911342][ T5791] 
[  221.941953][   T28] audit: type=1326 audit(1755031181.150:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9082 comm="syz.4.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a6678ebe9 code=0x7ffc0000
[  221.976764][ T5791] 
[  221.976764][ T5791]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  221.976764][ T5791] 
[  221.976789][ T9093] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.081794][ T8680] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.305081][ T5783] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  222.487100][ T5783] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  222.506920][ T5783] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  222.542997][ T5783] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  222.585107][ T5783] usb 2-1: config 1 has no interface number 1
[  222.591360][ T5783] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  222.628557][ T5783] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  222.644941][ T5783] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  222.664994][ T5783] usb 2-1: Product: syz
[  222.669220][ T5783] usb 2-1: Manufacturer: syz
[  222.674741][ T5783] usb 2-1: SerialNumber: syz
[  222.950013][ T5783] usb 2-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0
[  222.962714][ T5783] usb 2-1: MIDIStreaming interface descriptor not found
[  223.023227][ T5783] usb 2-1: USB disconnect, device number 10
[  223.168371][ T9119] loop0: detected capacity change from 0 to 128
[  223.215855][   T23] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  223.315063][ T9121] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1111'.
[  223.381198][ T9123] netlink: 'syz.2.1112': attribute type 1 has an invalid length.
[  223.405061][   T23] usb 5-1: Using ep0 maxpacket: 32
[  223.417509][   T23] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  223.432204][   T23] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  223.460884][   T23] usb 5-1: config 0 descriptor??
[  223.715225][   T23] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  223.747105][   T23] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  223.776183][   T23] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  223.793407][   T23] usb 5-1: media controller created
[  223.823535][   T23] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  223.909552][ T9113] az6027: more than 2 i2c messages at a time is not handled yet. TODO.
[  223.976978][   T23] az6027: usb out operation failed. (-71)
[  223.990085][   T23] az6027: usb out operation failed. (-71)
[  223.996542][ T9136] netlink: 'syz.0.1118': attribute type 16 has an invalid length.
[  224.003624][   T23] stb0899_attach: Driver disabled by Kconfig
[  224.018194][   T23] az6027: no front-end attached
[  224.018194][   T23] 
[  224.028105][ T9136] netlink: 'syz.0.1118': attribute type 3 has an invalid length.
[  224.028441][   T23] az6027: usb out operation failed. (-71)
[  224.043465][   T23] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  224.046351][ T9136] netlink: 64066 bytes leftover after parsing attributes in process `syz.0.1118'.
[  224.078987][ T9138] input: syz1 as /devices/virtual/input/input13
[  224.091378][   T23] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input14
[  224.114823][   T23] dvb-usb: schedule remote query interval to 400 msecs.
[  224.132016][   T23] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  224.173384][   T23] usb 5-1: USB disconnect, device number 2
[  224.292131][ T9128] loop2: detected capacity change from 0 to 32768
[  224.313064][   T23] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  224.340322][ T9140] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1120'.
[  224.564622][ T9146] loop0: detected capacity change from 0 to 512
[  224.636984][ T9146] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.666087][ T9146] ext4 filesystem being mounted at /302/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  224.710755][ T9146] fs-verity (loop0, inode 15): Unrecognized descriptor size: 0 bytes
[  224.790581][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.504221][ T9167] loop4: detected capacity change from 0 to 32768
[  225.516420][ T9167] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.1132 (9167)
[  225.552311][ T9167] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  225.563541][ T9167] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  225.573211][ T9167] BTRFS info (device loop4): force clearing of disk cache
[  225.580913][ T9167] BTRFS info (device loop4): enabling auto defrag
[  225.587993][ T9167] BTRFS info (device loop4): max_inline at 0
[  225.594130][ T9167] BTRFS info (device loop4): enabling disk space caching
[  225.602019][ T9167] BTRFS info (device loop4): disk space caching is enabled
[  225.735204][ T9167] BTRFS info (device loop4): enabling ssd optimizations
[  225.754290][ T9167] BTRFS info (device loop4): rebuilding free space tree
[  225.804976][ T9167] BTRFS info (device loop4): disabling free space tree
[  225.812267][ T9167] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  225.823550][ T9167] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  226.089708][ T8680] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  226.429433][ T9214] sch_tbf: burst 2 is lower than device vlan0 mtu (1514) !
[  226.787280][ T9180] loop0: detected capacity change from 0 to 32768
[  226.914538][ T9180] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  227.384028][ T9239] loop1: detected capacity change from 0 to 2048
[  227.392890][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  227.491883][ T9239] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  227.515801][ T9239] ext4 filesystem being mounted at /280/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  227.661946][ T9237] EXT4-fs error (device loop1): ext4_free_inode:356: comm syz.1.1148: bit already cleared for inode 15
[  227.824799][ T9252] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  227.888487][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.181921][ T9270] loop1: detected capacity change from 0 to 64
[  228.300625][ T9270] minix_free_block (loop1:1): bit already cleared
[  228.392051][ T9270] minix_free_block (loop1:4): bit already cleared
[  228.412737][ T9270] minix_free_block (loop1:3): bit already cleared
[  228.434254][ T9270] minix_free_block (loop1:2): bit already cleared
[  228.456104][ T9270] minix_free_block (loop1:1): bit already cleared
[  229.041811][ T9301] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1163'.
[  229.318020][ T9308] veth1_to_bond: entered allmulticast mode
[  229.365545][ T9308] veth1_to_bond: entered promiscuous mode
[  229.392257][ T9307] veth1_to_bond: left promiscuous mode
[  229.433403][ T9307] veth1_to_bond: left allmulticast mode
[  229.562827][ T9320] input: syz0 as /devices/virtual/input/input15
[  229.649372][ T9323] loop1: detected capacity change from 0 to 256
[  229.686322][ T9326] loop4: detected capacity change from 0 to 16
[  229.701639][ T9323] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  229.729871][ T9326] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  229.738911][ T9323] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  230.431748][ T9348] loop2: detected capacity change from 0 to 256
[  230.459732][ T9348] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  230.514322][ T9348] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  230.563278][ T9348] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  230.673780][ T9353] loop0: detected capacity change from 0 to 512
[  230.784087][ T9353] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  230.806756][ T9353] ext4 filesystem being mounted at /317/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  230.903928][ T9358] loop4: detected capacity change from 0 to 256
[  230.962744][ T9358] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  231.013641][ T9360] loop2: detected capacity change from 0 to 2364
[  231.409767][ T9342] loop1: detected capacity change from 0 to 32768
[  231.477785][ T9342] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  231.582819][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.616469][ T9342] XFS (loop1): Ending clean mount
[  231.640753][ T9342] XFS (loop1): Quotacheck needed: Please wait.
[  231.712716][ T9342] XFS (loop1): Quotacheck: Done.
[  231.951563][ T5782] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  232.031857][ T9363] loop2: detected capacity change from 0 to 32768
[  232.321044][ T9379] loop0: detected capacity change from 0 to 128
[  232.347909][ T9379] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  232.385061][ T9379] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  232.553806][ T9365] loop4: detected capacity change from 0 to 40427
[  232.643201][ T9365] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x7ffff
[  232.695017][ T9365] F2FS-fs (loop4): invalid crc value
[  232.759496][ T9365] F2FS-fs (loop4): Found nat_bits in checkpoint
[  233.010986][ T9365] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  233.359883][ T8680] syz-executor: attempt to access beyond end of device
[  233.359883][ T8680] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  233.441933][ T8680] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  233.853589][ T9381] loop2: detected capacity change from 0 to 40427
[  233.916364][ T9381] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  233.924257][ T9381] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  233.986289][ T9381] F2FS-fs (loop2): invalid crc value
[  234.059710][ T9381] F2FS-fs (loop2): Found nat_bits in checkpoint
[  234.356014][ T9381] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  234.363414][ T9381] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  234.466420][ T9440] loop4: detected capacity change from 0 to 128
[  234.723428][ T9445] loop1: detected capacity change from 0 to 1024
[  234.946371][ T5784] Bluetooth: hci2: command tx timeout
[  235.007564][ T9445] hfsplus: xattr searching failed
[  235.019864][   T28] audit: type=1800 audit(1755031194.660:34): pid=9445 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1204" name="file1" dev="loop1" ino=2 res=0 errno=0
[  235.042288][ T9456] loop4: detected capacity change from 0 to 1024
[  235.057761][ T9445] hfsplus: xattr searching failed
[  235.137263][   T28] audit: type=1800 audit(1755031194.790:35): pid=9445 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1204" name="file1" dev="loop1" ino=2 res=0 errno=0
[  235.223877][ T9459] loop0: detected capacity change from 0 to 256
[  235.889015][ T9474] loop1: detected capacity change from 0 to 1024
[  236.540099][ T9499] loop0: detected capacity change from 0 to 47
[  236.949585][ T9509] loop1: detected capacity change from 0 to 4096
[  236.980431][ T9509] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512).
[  237.284999][ T5783] usb 1-1: new full-speed USB device number 9 using dummy_hcd
[  237.489903][ T5783] usb 1-1: config 0 has an invalid interface number: 106 but max is 0
[  237.521645][ T5783] usb 1-1: config 0 has no interface number 0
[  237.545036][ T5783] usb 1-1: config 0 interface 106 has no altsetting 0
[  237.567438][ T5783] usb 1-1: New USB device found, idVendor=413c, idProduct=8217, bcdDevice=b2.59
[  237.578791][ T5783] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  237.603250][ T5783] usb 1-1: Product: syz
[  237.615018][ T5783] usb 1-1: Manufacturer: syz
[  237.620572][ T5783] usb 1-1: SerialNumber: syz
[  237.648088][ T5783] usb 1-1: config 0 descriptor??
[  237.903331][ T5783] usb 1-1: USB disconnect, device number 9
[  238.089862][ T9519] loop2: detected capacity change from 0 to 32768
[  238.112271][ T9519] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 12
[  238.129935][ T9515] loop4: detected capacity change from 0 to 40427
[  238.174724][ T9515] F2FS-fs (loop4): invalid crc value
[  238.226668][ T9515] F2FS-fs (loop4): Found nat_bits in checkpoint
[  238.377903][ T5799] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 12
[  238.394986][ T9515] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  238.551407][ T9538] f2fs_ckpt-7:4: attempt to access beyond end of device
[  238.551407][ T9538] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  238.664442][ T9538] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  238.715069][ T9552] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1234'.
[  238.861777][ T9557] loop0: detected capacity change from 0 to 256
[  238.870700][ T9557] exfat: Deprecated parameter 'namecase'
[  238.881774][ T9557] exfat: Deprecated parameter 'utf8'
[  238.997828][ T9557] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  239.696370][ T9571] loop0: detected capacity change from 0 to 256
[  239.704703][ T9573] loop4: detected capacity change from 0 to 764
[  239.742427][ T9571] MINIX-fs: mounting file system with errors, running fsck is recommended
[  239.792165][ T9571] MINIX-fs warning: remounting fs with errors, running fsck is recommended
[  239.811468][ T9571] MINIX-fs warning: remounting unchecked fs, running fsck is recommended
[  239.978649][ T9577] loop0: detected capacity change from 0 to 8
[  240.139863][ T9579] loop4: detected capacity change from 0 to 256
[  240.163248][ T9579] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  240.179684][ T9579] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  240.209215][ T9579] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012c58, chksum : 0x1a21e67f, utbl_chksum : 0xe619d30d)
[  240.551390][ T9588] loop1: detected capacity change from 0 to 256
[  240.623026][ T9588] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  240.675077][ T9588] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  240.738360][ T9588] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  240.785035][ T5784] Bluetooth: hci2: command tx timeout
[  240.811542][ T9595] netlink: 'syz.4.1253': attribute type 21 has an invalid length.
[  240.825800][ T9595] netlink: 128 bytes leftover after parsing attributes in process `syz.4.1253'.
[  240.835705][ T9595] netlink: 'syz.4.1253': attribute type 4 has an invalid length.
[  240.843724][ T9595] netlink: 'syz.4.1253': attribute type 5 has an invalid length.
[  240.853108][ T9595] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1253'.
[  240.899267][ T1092] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  241.025309][ T9601] netlink: 'syz.2.1256': attribute type 10 has an invalid length.
[  241.101195][ T9601] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  241.154533][ T9600] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  241.210617][ T9607] loop4: detected capacity change from 0 to 256
[  241.229526][ T5783] kernel read not supported for file /dsp1 (pid: 5783 comm: kworker/0:3)
[  241.441183][ T9609] loop4: detected capacity change from 0 to 512
[  241.484320][ T9609] EXT4-fs error (device loop4): ext4_orphan_get:1425: comm syz.4.1260: bad orphan inode 15
[  241.514914][ T9609] ext4_test_bit(bit=14, block=5) = 0
[  241.522128][ T9609] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  241.687881][ T9605] loop1: detected capacity change from 0 to 32768
[  241.720349][ T9605] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  241.736118][ T8680] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.868830][ T9623] loop2: detected capacity change from 0 to 8
[  241.975354][ T9605] XFS (loop1): Ending clean mount
[  242.019181][ T9605] XFS (loop1): Quotacheck needed: Please wait.
[  242.214145][ T9605] XFS (loop1): Quotacheck: Done.
[  242.304269][ T9629] loop2: detected capacity change from 0 to 512
[  242.325124][ T9629] EXT4-fs: Ignoring removed oldalloc option
[  242.351202][ T9629] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  242.383293][ T9629] ext4 filesystem being mounted at /309/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  242.539935][ T9625] loop4: detected capacity change from 0 to 32768
[  242.569580][ T9625] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.1262 (9625)
[  242.632248][ T5782] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  242.642638][ T9613] loop0: detected capacity change from 0 to 32768
[  242.660862][ T9629] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.1265: bg 0: block 217: padding at end of block bitmap is not set
[  242.677642][ T9625] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  242.690075][ T9625] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  242.700174][ T9625] BTRFS info (device loop4): force clearing of disk cache
[  242.708755][ T9625] BTRFS info (device loop4): enabling auto defrag
[  242.716084][ T9625] BTRFS info (device loop4): max_inline at 0
[  242.722568][ T9625] BTRFS info (device loop4): enabling disk space caching
[  242.731247][ T9625] BTRFS info (device loop4): disk space caching is enabled
[  242.864995][ T5784] Bluetooth: hci2: command tx timeout
[  242.910452][ T5791] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.923138][ T9625] BTRFS info (device loop4): enabling ssd optimizations
[  243.027734][ T9625] BTRFS info (device loop4): rebuilding free space tree
[  243.121918][ T9625] BTRFS info (device loop4): disabling free space tree
[  243.130659][ T9625] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  243.224937][ T9625] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  243.632520][ T9660] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1270'.
[  243.655172][ T9660] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1270'.
[  243.665943][ T8680] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  243.828421][ T8380] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 11 /dev/loop4 scanned by udevd (8380)
[  243.900864][ T9666] netlink: 'syz.1.1274': attribute type 9 has an invalid length.
[  243.952005][ T9666] netlink: 61951 bytes leftover after parsing attributes in process `syz.1.1274'.
[  244.236502][ T9663] Falling back ldisc for ttyS3.
[  244.247825][ T9672] loop1: detected capacity change from 0 to 512
[  244.376000][ T9672] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  244.441032][ T9672] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2
[  244.513793][ T9672] EXT4-fs (loop1): 1 truncate cleaned up
[  244.529598][ T9672] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  244.761071][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  245.061575][ T9667] loop2: detected capacity change from 0 to 40427
[  245.091987][ T9667] F2FS-fs (loop2): invalid crc value
[  245.115380][ T9667] F2FS-fs (loop2): Found nat_bits in checkpoint
[  245.179047][ T9667] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  245.358055][ T9667] syz.2.1273: attempt to access beyond end of device
[  245.358055][ T9667] loop2: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  245.418645][ T9693] loop4: detected capacity change from 0 to 2048
[  245.444494][ T9694] syz.2.1273: attempt to access beyond end of device
[  245.444494][ T9694] loop2: rw=2049, sector=53256, nr_sectors = 40 limit=40427
[  245.460674][ T9694] syz.2.1273: attempt to access beyond end of device
[  245.460674][ T9694] loop2: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  245.478352][ T9693] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  245.514721][ T9693] UDF-fs: Scanning with blocksize 512 failed
[  245.546056][ T9693] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  245.564105][ T5791] syz-executor: attempt to access beyond end of device
[  245.564105][ T5791] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  245.582097][ T9696] loop0: detected capacity change from 0 to 4096
[  245.589737][ T5791] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  246.115732][ T9702] loop1: detected capacity change from 0 to 8
[  246.172830][ T9704] loop0: detected capacity change from 0 to 1024
[  246.294394][ T9704] hfsplus: xattr search failed
[  246.780929][ T9721] loop2: detected capacity change from 0 to 512
[  246.845402][ T5783] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  246.917899][ T9721] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1296: invalid indirect mapped block 10 (level 1)
[  247.005031][ T9721] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1296: invalid indirect mapped block 8 (level 1)
[  247.045942][ T5783] usb 1-1: Using ep0 maxpacket: 8
[  247.066826][ T9721] EXT4-fs (loop2): 1 truncate cleaned up
[  247.070613][ T5783] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 7
[  247.084491][ T9721] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  247.113454][ T5783] usb 1-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  247.134989][ T5783] usb 1-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  247.143285][ T5783] usb 1-1: Product: syz
[  247.190466][ T5783] usb 1-1: Manufacturer: syz
[  247.199505][ T5783] usb 1-1: SerialNumber: syz
[  247.243996][ T5791] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.465034][ T5783] usb 1-1: Handspring Visor / Palm OS: port 79, is for unknown use
[  247.485153][ T5783] usb 1-1: Handspring Visor / Palm OS: port 0, is for Generic use
[  247.493686][ T5783] usb 1-1: Handspring Visor / Palm OS: Number of ports: 2
[  247.665594][ T5783] usb 1-1: palm_os_3_probe - error -71 getting bytes available request
[  247.687504][ T5783] visor 1-1:1.0: Handspring Visor / Palm OS converter detected
[  247.735452][ T5783] usb 1-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[  247.762006][ T5783] usb 1-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[  247.801771][ T5783] usb 1-1: USB disconnect, device number 10
[  247.846363][ T5783] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[  247.896869][ T5783] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[  247.927896][ T5783] visor 1-1:1.0: device disconnected
[  248.322544][ T9762] io-wq is not configured for unbound workers
[  248.461539][ T9746] loop4: detected capacity change from 0 to 32768
[  248.581143][ T9746] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  248.596906][ T9777] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  248.843869][ T9746] XFS (loop4): Ending clean mount
[  248.892909][ T9746] XFS (loop4): Quotacheck needed: Please wait.
[  249.073918][ T9746] XFS (loop4): Quotacheck: Done.
[  249.367563][ T8680] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  249.371262][ T9803] program syz.2.1325 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  250.126966][ T9818] loop4: detected capacity change from 0 to 8
[  250.712950][ T9834] loop0: detected capacity change from 0 to 64
[  250.792805][ T9834] BFS-fs: bfs_fill_super(): loop0 is unclean, continuing
[  250.801250][ T5783] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  251.009864][ T5783] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  251.024491][ T5783] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  251.053032][ T5783] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  251.071464][ T5783] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  251.082858][ T5783] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  251.096998][ T5783] usb 3-1: config 0 descriptor??
[  251.215263][ T5870] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  251.395609][ T5870] usb 2-1: Using ep0 maxpacket: 32
[  251.410452][ T5870] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  251.429299][ T5870] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  251.456301][ T5870] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  251.469626][ T9852] mac80211_hwsim hwsim5 wlan1: entered promiscuous mode
[  251.474914][ T5870] usb 2-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  251.490777][ T5870] usb 2-1: Product: syz
[  251.498562][ T9852] macvtap1: entered allmulticast mode
[  251.499024][ T5870] usb 2-1: Manufacturer: syz
[  251.514560][ T9852] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode
[  251.536853][ T5870] hub 2-1:4.0: USB hub found
[  251.547832][ T9852] mac80211_hwsim hwsim5 wlan1: left allmulticast mode
[  251.557779][ T5783] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving
[  251.575126][ T9852] mac80211_hwsim hwsim5 wlan1: left promiscuous mode
[  251.640428][ T5783] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  251.765547][ T5870] hub 2-1:4.0: config failed, hub has too many ports! (err -19)
[  251.833695][ T5870] usb 3-1: USB disconnect, device number 8
[  252.083380][ T9860] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1352'.
[  252.130733][ T9858] loop0: detected capacity change from 0 to 8192
[  252.155424][ T9858] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  252.189754][   T23] usb 2-1: USB disconnect, device number 11
[  252.235539][ T9858] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  252.256351][ T9858] REISERFS (device loop0): using ordered data mode
[  252.278092][ T9858] reiserfs: using flush barriers
[  252.301501][ T9858] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  252.320575][ T9858] REISERFS (device loop0): checking transaction log (loop0)
[  252.345724][ T9858] REISERFS (device loop0): Using r5 hash to sort names
[  252.374111][ T9858] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  252.627321][   T12] wlan1: Trigger new scan to find an IBSS to join
[  252.686366][   T11] ------------[ cut here ]------------
[  252.693338][   T11] no supported rates for sta (null) (0xffffffff, band 0) in rate_mask 0xffffffff with flags 0x20
[  252.704685][   T11] WARNING: CPU: 1 PID: 11 at net/mac80211/rate.c:385 __rate_control_send_low+0x635/0x880
[  252.714810][   T11] Modules linked in:
[  252.718802][   T11] CPU: 1 PID: 11 Comm: kworker/u4:0 Not tainted 6.6.101-syzkaller #0
[  252.727032][   T11] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  252.737368][   T11] Workqueue: events_unbound cfg80211_wiphy_work
[  252.743864][   T11] RIP: 0010:__rate_control_send_low+0x635/0x880
[  252.750425][   T11] Code: 30 42 0f b6 04 28 84 c0 0f 85 e6 01 00 00 41 8b 0e 48 c7 c7 00 85 be 8b 48 8b 74 24 10 44 8b 44 24 1c 45 89 e1 e8 9b e7 6a f7 <0f> 0b e9 78 fe ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 03 fa ff
[  252.770219][   T11] RSP: 0018:ffffc90000107380 EFLAGS: 00010246
[  252.776579][   T11] RAX: 862eb02b8715ed00 RBX: 000000000000000c RCX: ffff888019e7bc00
[  252.784908][   T11] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  252.793097][   T11] RBP: 0000000000000084 R08: ffffc90000106f87 R09: 1ffff92000020df0
[  252.801223][   T11] R10: dffffc0000000000 R11: fffff52000020df1 R12: 0000000000000020
[  252.809379][   T11] R13: dffffc0000000000 R14: ffff88801c3c3358 R15: ffff88802d940b68
[  252.817469][   T11] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  252.826567][   T11] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  252.833368][   T11] CR2: 00007fc198586358 CR3: 0000000062ae2000 CR4: 00000000003506e0
[  252.841608][   T11] Call Trace:
[  252.844940][   T11]  <TASK>
[  252.848118][   T11]  rate_control_send_low+0x194/0x790
[  252.853915][   T11]  rate_control_get_rate+0x20b/0x5c0
[  252.859335][   T11]  ieee80211_tx_h_rate_ctrl+0xb2d/0x1770
[  252.865076][   T11]  ? ieee80211_tx_h_select_key+0x18f0/0x18f0
[  252.871106][   T11]  ? __lock_acquire+0x1260/0x7c80
[  252.876215][   T11]  ? ieee80211_is_bufferable_mmpdu+0xfb/0x1f0
[  252.882362][   T11]  invoke_tx_handlers_late+0xb6/0x1810
[  252.887972][   T11]  ? ieee80211_tx_h_select_key+0x13cc/0x18f0
[  252.894039][   T11]  ? invoke_tx_handlers_early+0xa11/0x1cf0
[  252.900162][   T11]  ieee80211_tx+0x2ad/0x420
[  252.904720][   T11]  ? ieee80211_skb_resize+0x630/0x630
[  252.910250][   T11]  ? ieee80211_set_qos_hdr+0x1ca/0x510
[  252.915891][   T11]  ? __bpf_trace_tasklet+0x140/0x140
[  252.921322][   T11]  ? ieee80211_xmit+0x310/0x3f0
[  252.926270][   T11]  ? __ieee80211_tx_skb_tid_band+0x490/0x610
[  252.932495][   T11]  __ieee80211_tx_skb_tid_band+0x4d5/0x610
[  252.938507][   T11]  ? ieee80211_scan_state_send_probe+0x4b4/0x930
[  252.945014][   T11]  ieee80211_scan_state_send_probe+0x560/0x930
[  252.951247][   T11]  ieee80211_scan_work+0x4e8/0x1c30
[  252.956854][   T11]  cfg80211_wiphy_work+0x225/0x260
[  252.962109][   T11]  ? process_scheduled_works+0x957/0x15b0
[  252.968095][   T11]  process_scheduled_works+0xa45/0x15b0
[  252.973725][   T11]  ? assign_work+0x400/0x400
[  252.978591][   T11]  ? assign_work+0x39e/0x400
[  252.983694][   T11]  worker_thread+0xa55/0xfc0
[  252.988618][   T11]  kthread+0x2fa/0x390
[  252.992916][   T11]  ? pr_cont_work+0x560/0x560
[  252.997902][   T11]  ? kthread_blkcg+0xd0/0xd0
[  253.002537][   T11]  ret_from_fork+0x48/0x80
[  253.007044][   T11]  ? kthread_blkcg+0xd0/0xd0
[  253.011683][   T11]  ret_from_fork_asm+0x11/0x20
[  253.016676][   T11]  </TASK>
[  253.019727][   T11] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  253.027105][   T11] CPU: 1 PID: 11 Comm: kworker/u4:0 Not tainted 6.6.101-syzkaller #0
[  253.035546][   T11] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  253.045633][   T11] Workqueue: events_unbound cfg80211_wiphy_work
[  253.052012][   T11] Call Trace:
[  253.055316][   T11]  <TASK>
[  253.058281][   T11]  dump_stack_lvl+0x16c/0x230
[  253.063176][   T11]  ? show_regs_print_info+0x20/0x20
[  253.068409][   T11]  ? load_image+0x3b0/0x3b0
[  253.072972][   T11]  panic+0x2c0/0x710
[  253.077025][   T11]  ? bpf_jit_dump+0xd0/0xd0
[  253.081763][   T11]  ? ret_from_fork_asm+0x11/0x20
[  253.086833][   T11]  __warn+0x2e0/0x470
[  253.090958][   T11]  ? __rate_control_send_low+0x635/0x880
[  253.096994][   T11]  ? __rate_control_send_low+0x635/0x880
[  253.102845][   T11]  report_bug+0x2be/0x4f0
[  253.107478][   T11]  ? __rate_control_send_low+0x635/0x880
[  253.113168][   T11]  ? __rate_control_send_low+0x635/0x880
[  253.119015][   T11]  ? __rate_control_send_low+0x637/0x880
[  253.124868][   T11]  handle_bug+0xcf/0x120
[  253.129244][   T11]  exc_invalid_op+0x1a/0x50
[  253.133959][   T11]  asm_exc_invalid_op+0x1a/0x20
[  253.139110][   T11] RIP: 0010:__rate_control_send_low+0x635/0x880
[  253.145477][   T11] Code: 30 42 0f b6 04 28 84 c0 0f 85 e6 01 00 00 41 8b 0e 48 c7 c7 00 85 be 8b 48 8b 74 24 10 44 8b 44 24 1c 45 89 e1 e8 9b e7 6a f7 <0f> 0b e9 78 fe ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 03 fa ff
[  253.165699][   T11] RSP: 0018:ffffc90000107380 EFLAGS: 00010246
[  253.171809][   T11] RAX: 862eb02b8715ed00 RBX: 000000000000000c RCX: ffff888019e7bc00
[  253.180161][   T11] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  253.188578][   T11] RBP: 0000000000000084 R08: ffffc90000106f87 R09: 1ffff92000020df0
[  253.196670][   T11] R10: dffffc0000000000 R11: fffff52000020df1 R12: 0000000000000020
[  253.204846][   T11] R13: dffffc0000000000 R14: ffff88801c3c3358 R15: ffff88802d940b68
[  253.212988][   T11]  rate_control_send_low+0x194/0x790
[  253.218422][   T11]  rate_control_get_rate+0x20b/0x5c0
[  253.224107][   T11]  ieee80211_tx_h_rate_ctrl+0xb2d/0x1770
[  253.229899][   T11]  ? ieee80211_tx_h_select_key+0x18f0/0x18f0
[  253.236027][   T11]  ? __lock_acquire+0x1260/0x7c80
[  253.241126][   T11]  ? ieee80211_is_bufferable_mmpdu+0xfb/0x1f0
[  253.247249][   T11]  invoke_tx_handlers_late+0xb6/0x1810
[  253.252853][   T11]  ? ieee80211_tx_h_select_key+0x13cc/0x18f0
[  253.258974][   T11]  ? invoke_tx_handlers_early+0xa11/0x1cf0
[  253.265083][   T11]  ieee80211_tx+0x2ad/0x420
[  253.269716][   T11]  ? ieee80211_skb_resize+0x630/0x630
[  253.275136][   T11]  ? ieee80211_set_qos_hdr+0x1ca/0x510
[  253.281079][   T11]  ? __bpf_trace_tasklet+0x140/0x140
[  253.286663][   T11]  ? ieee80211_xmit+0x310/0x3f0
[  253.291658][   T11]  ? __ieee80211_tx_skb_tid_band+0x490/0x610
[  253.297775][   T11]  __ieee80211_tx_skb_tid_band+0x4d5/0x610
[  253.303640][   T11]  ? ieee80211_scan_state_send_probe+0x4b4/0x930
[  253.310173][   T11]  ieee80211_scan_state_send_probe+0x560/0x930
[  253.316652][   T11]  ieee80211_scan_work+0x4e8/0x1c30
[  253.322098][   T11]  cfg80211_wiphy_work+0x225/0x260
[  253.327250][   T11]  ? process_scheduled_works+0x957/0x15b0
[  253.333008][   T11]  process_scheduled_works+0xa45/0x15b0
[  253.338622][   T11]  ? assign_work+0x400/0x400
[  253.343353][   T11]  ? assign_work+0x39e/0x400
[  253.348460][   T11]  worker_thread+0xa55/0xfc0
[  253.353403][   T11]  kthread+0x2fa/0x390
[  253.357603][   T11]  ? pr_cont_work+0x560/0x560
[  253.362330][   T11]  ? kthread_blkcg+0xd0/0xd0
[  253.367320][   T11]  ret_from_fork+0x48/0x80
[  253.371780][   T11]  ? kthread_blkcg+0xd0/0xd0
[  253.376789][   T11]  ret_from_fork_asm+0x11/0x20
[  253.381727][   T11]  </TASK>
[  253.385332][   T11] Kernel Offset: disabled
[  253.390172][   T11] Rebooting in 86400 seconds..