last executing test programs:

9m22.534554678s ago: executing program 3 (id=71):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120108009e173610ef171e7206de010203010902120001000000000904"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$sierra_net(r0, &(0x7f00000000c0)={0x14, 0x0, 0x0}, &(0x7f0000000240)={0x1c, &(0x7f0000000100)={0x20, 0x31, 0x6, "35432773beb9"}, 0x0, 0x0})

9m20.882461964s ago: executing program 3 (id=81):
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='environ\x00')
preadv(r0, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/26, 0x1a}], 0x1, 0xfffff273, 0x0)

9m20.730296342s ago: executing program 3 (id=84):
syz_mount_image$hfs(&(0x7f0000002c80), &(0x7f00000000c0)='./file1\x00', 0x4490, &(0x7f0000000000)=ANY=[], 0xfd, 0x29b, &(0x7f0000000100)="$eJzs3U1rE0Ecx/HfbLZttKVuH0SQnqoFT9KHi3gpSN6BF0+iNhGKoYJWUE/Rs/gCvOct+AI8ehLPQm89+QJyi8zsrNkku0kMTTeJ3w8kbLrz353JzHbmv6WsAPy3HlTOmgfn9mWkkkqS7kuBpLIUSrquG+U3J6fHp/VaddCBSi7CvoziSNNX5uiklhVq41yEF9lPoVbSP8NklH+psbVcdC1QNHf1ZwikJX91uv3lS6/ZZDSKrkDBTEstvdVq0fUAABTLz/+Bn+dX/Po9CKQdP+3H83+yqp/xCbRVdAUm7NuQ/an532VZbWP795rb1cn3XGeHWvBBzYPzceqyqHhkdS0wzbCs0tUluPL8uF67e/SyXg30UYfeQqfYpnuvxkM3cdY0Lqe12x/6D73tc9MR88skQx6tdJpLrIIF24b9dP1TRTYu9ozDme/mh3lsIn1R9e/6L2wb202up6Kenorrv5t/RNfKRblSOa1ccye56c/gDWxlSTkZiZIRtdbTgVFOPcOuqPWeqLh1e/mtc1EbmVH7Q6I2e6M6ozk/ctLMZ/PIbOu3vqqSWv8H9tve0ShXpi3jSvqRMbA9oSsZufnEzx2NrcySwbgtwhg+6ZnuafX1u/cvntbrtVdzu2GvxCmoxlRtJINgWuoztxv2Sy7k7Mm8M/5x8n91cFt+fnQ6/R8DGQTzwq67TJz/pfKVXbdYs29R9zp9KR3bHnbw1BH3cnKDdfd+tTeDy8kNjLv1sJzx18X+Mw7MuW7dkW6PcsZY5Os5fQ7HCTIV/dQT7v8DAAAAAAAAAAAAAAAAAADMmov7l4Oy8nYV3UYAAAAAAAAAAAAAAAAAAAAAAGZdxvN/l7qe/2u3L/P5vw8Vf+L5v8DE/QkAAP//58py3g==")
openat(0xffffffffffffff9c, &(0x7f0000000740)='./file1\x00', 0x183042, 0x15)
truncate(&(0x7f0000000080)='./file1\x00', 0x20020fffffffb)

9m20.459319638s ago: executing program 3 (id=88):
syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file1\x00', 0x2200050, &(0x7f00000000c0)=ANY=[], 0xfe, 0x1af, &(0x7f0000000580)="$eJzs282O0lAYxvGnlALi99fGlYkL3QiKbtzJBXgD7ghUQixqxA3ExHgpcyfcydwAJDO7WU0nLWUCpMBpOzOF4f9LgDc5fc45JD1wzqICcLAehe+WLDlh5fv+v5eSvn6RVMx5cgCula9zH8Chsk/yngGAfEybdrgPGFvS8enf9iR6OYb7h2mzMCsqkhbyJdP8fyv8fFGUJgv5ctTl1v3L0Sz/Wsv5OwnHr67kq1ty1mV+9v3fvFrO35V0T9J9SQ8kPYzOWo8lPYkZv7My/nPD+QNZBHdfLWs+QwfB6vnW89x3cY329rwT5d/HNy/8hIxjLyhF+YbhfNflP6TMl6N8rf3T68S0F1L2C5go5Lz+benMX13/n83zxc3rH8AGg+Hoe8vz3N8JCicsylEPCeLB5QnHosijqMQ0OSnvlp0ugr+vHZiGaTFftTc5FoDbqv6n/6s+GI7e9vqtrtt1fzQ+fpofu8NzeX3t6RzAnlvenAMAAAAAAAAAAAAAgH30VNKzNEHTB/wAAAAA7IyrfWbIkRT/2B8AAAAAAAAAAAAAAAAAAACA7C4CAAD//3Y4Qng=")
syz_mount_image$fuse(0x0, &(0x7f0000000400)='./file4\x00', 0x1018000, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file4'}}], [], 0x2c})

9m19.888707171s ago: executing program 3 (id=94):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="4400000010000104fcfffffffbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="431f0700fb01002208000a00", @ANYRES32=r1, @ANYBLOB="08000500", @ANYRES32=r1, @ANYBLOB="140012800b0001006d6163736563"], 0x44}, 0x1, 0x0, 0x0, 0x2004d808}, 0x0)

9m19.358423202s ago: executing program 3 (id=99):
r0 = memfd_create(&(0x7f0000000480)='\xff\x00l\x1e\xa0</\x00\x8eO4._\x14zC\x8a\xe8\xe0u\xe0\xff\xf1\xb2\xfd\xf6nz\x05-]\xc2Vk\xaeky\xd3\x83\xe2\xc7\xd3\xe6M^\x98ox\x14\t\xe9Q1\x1dK\x9a\x045\xd37\xb22\xfdD(\xd2\xdd\xa0\xff\x0f\x00\x00\x00\x00\x00\x00v\n\xd8?]k\x14N\x18\xf4\xc2j\xed6g\xfd\xd2\xd4\xe3\x1f\xa6 \xa0\x8d\xb5\x9aE<2`]<\x8cR\xd69\x0fO\xbf\xc3\xbd\xb0\x96\x90\x91k\x86\x1a\x10\xd2\xf5\x8b\xfc\xf4\xd0[\x12\xf5+\x1aS\x02/Yx\xf2jJb\x97\x9c/\x1f5i\xc6\x861\x9a\xff\xc3\xe7\xbfU\xd5\xac\xccB=\x8f\xfd\x84\xeepQ\x93nn\x0f\xc6\xa9?\xad\x8b~\x96@i=G\x9ft\x1d\xcc\xc6Ys7\x7f\x8ehv\xd3$\x13s\xa0\xbfi\xfaFS\xa9=Xe\xf8tI\x15\x882\x8b\x8e-X\xb8\xf2\x9du\x15S^\xec\xce\xfaf$S\x9f\xe7Ed\n\x84\\ u\xd2\x16\xc1\xa5\xa0\xaa\xe8.i\xc8\x0e\vt\xe2\xf1lA\x93\xdd\xce\x8f$\x06v\xbe\xe7\x95nN\xc5\xaa\x1ev\xc6P\x9c\\G&y\x8bYA\xc3}\xd9\x86[\xb2\xf3\x0f\x90%\xcb\x81\xe8\xea\xbcs\x95\xe9\x8eXH\x19m\xdfOY\xf1E9-\xc8\xe7\x13^+(\x034\x82\xafiOO\x14\x8f^\x8c', 0x7)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xa, 0x4d091, r0, 0x0)
fcntl$addseals(r0, 0x409, 0xa)

9m18.840888632s ago: executing program 32 (id=99):
r0 = memfd_create(&(0x7f0000000480)='\xff\x00l\x1e\xa0</\x00\x8eO4._\x14zC\x8a\xe8\xe0u\xe0\xff\xf1\xb2\xfd\xf6nz\x05-]\xc2Vk\xaeky\xd3\x83\xe2\xc7\xd3\xe6M^\x98ox\x14\t\xe9Q1\x1dK\x9a\x045\xd37\xb22\xfdD(\xd2\xdd\xa0\xff\x0f\x00\x00\x00\x00\x00\x00v\n\xd8?]k\x14N\x18\xf4\xc2j\xed6g\xfd\xd2\xd4\xe3\x1f\xa6 \xa0\x8d\xb5\x9aE<2`]<\x8cR\xd69\x0fO\xbf\xc3\xbd\xb0\x96\x90\x91k\x86\x1a\x10\xd2\xf5\x8b\xfc\xf4\xd0[\x12\xf5+\x1aS\x02/Yx\xf2jJb\x97\x9c/\x1f5i\xc6\x861\x9a\xff\xc3\xe7\xbfU\xd5\xac\xccB=\x8f\xfd\x84\xeepQ\x93nn\x0f\xc6\xa9?\xad\x8b~\x96@i=G\x9ft\x1d\xcc\xc6Ys7\x7f\x8ehv\xd3$\x13s\xa0\xbfi\xfaFS\xa9=Xe\xf8tI\x15\x882\x8b\x8e-X\xb8\xf2\x9du\x15S^\xec\xce\xfaf$S\x9f\xe7Ed\n\x84\\ u\xd2\x16\xc1\xa5\xa0\xaa\xe8.i\xc8\x0e\vt\xe2\xf1lA\x93\xdd\xce\x8f$\x06v\xbe\xe7\x95nN\xc5\xaa\x1ev\xc6P\x9c\\G&y\x8bYA\xc3}\xd9\x86[\xb2\xf3\x0f\x90%\xcb\x81\xe8\xea\xbcs\x95\xe9\x8eXH\x19m\xdfOY\xf1E9-\xc8\xe7\x13^+(\x034\x82\xafiOO\x14\x8f^\x8c', 0x7)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xa, 0x4d091, r0, 0x0)
fcntl$addseals(r0, 0x409, 0xa)

8m37.678208048s ago: executing program 1 (id=433):
r0 = socket$inet6(0xa, 0x3, 0x87)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000280)={{{@in6=@remote, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x4, 0x4e20, 0x9d, 0x2}, {0x0, 0x4, 0x1, 0x0, 0x0, 0x9}, {0x1ff, 0xffffffffe, 0x4053e5, 0x20}, 0x7fff, 0x1, 0x1, 0x0, 0x1, 0x1}, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x1, 0x32}, 0x2, @in6=@empty, 0x3502, 0x1, 0x0, 0x0, 0x6, 0xfffffffd}}, 0xe8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x12}}, 0x9df}, 0x55)

8m37.550388326s ago: executing program 1 (id=435):
syz_mount_image$hfs(&(0x7f0000002c80), &(0x7f00000000c0)='./file1\x00', 0x4490, &(0x7f0000000000)=ANY=[], 0xfd, 0x29b, &(0x7f0000000100)="$eJzs3U1rE0Ecx/HfbLZttKVuH0SQnqoFT9KHi3gpSN6BF0+iNhGKoYJWUE/Rs/gCvOct+AI8ehLPQm89+QJyi8zsrNkku0kMTTeJ3w8kbLrz353JzHbmv6WsAPy3HlTOmgfn9mWkkkqS7kuBpLIUSrquG+U3J6fHp/VaddCBSi7CvoziSNNX5uiklhVq41yEF9lPoVbSP8NklH+psbVcdC1QNHf1ZwikJX91uv3lS6/ZZDSKrkDBTEstvdVq0fUAABTLz/+Bn+dX/Po9CKQdP+3H83+yqp/xCbRVdAUm7NuQ/an532VZbWP795rb1cn3XGeHWvBBzYPzceqyqHhkdS0wzbCs0tUluPL8uF67e/SyXg30UYfeQqfYpnuvxkM3cdY0Lqe12x/6D73tc9MR88skQx6tdJpLrIIF24b9dP1TRTYu9ozDme/mh3lsIn1R9e/6L2wb202up6Kenorrv5t/RNfKRblSOa1ccye56c/gDWxlSTkZiZIRtdbTgVFOPcOuqPWeqLh1e/mtc1EbmVH7Q6I2e6M6ozk/ctLMZ/PIbOu3vqqSWv8H9tve0ShXpi3jSvqRMbA9oSsZufnEzx2NrcySwbgtwhg+6ZnuafX1u/cvntbrtVdzu2GvxCmoxlRtJINgWuoztxv2Sy7k7Mm8M/5x8n91cFt+fnQ6/R8DGQTzwq67TJz/pfKVXbdYs29R9zp9KR3bHnbw1BH3cnKDdfd+tTeDy8kNjLv1sJzx18X+Mw7MuW7dkW6PcsZY5Os5fQ7HCTIV/dQT7v8DAAAAAAAAAAAAAAAAAADMmov7l4Oy8nYV3UYAAAAAAAAAAAAAAAAAAAAAAGZdxvN/l7qe/2u3L/P5vw8Vf+L5v8DE/QkAAP//58py3g==")
openat(0xffffffffffffff9c, &(0x7f0000000740)='./file1\x00', 0x183042, 0x15)
truncate(&(0x7f0000000080)='./file1\x00', 0x20020fffffffb)

8m37.375676216s ago: executing program 1 (id=437):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r0, 0xc400941d, &(0x7f0000000380)={0x0, 0x3ff, 0x5})

8m37.217671155s ago: executing program 1 (id=439):
syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file1\x00', 0x2200050, &(0x7f00000000c0)=ANY=[], 0xfe, 0x1af, &(0x7f0000000580)="$eJzs282O0lAYxvGnlALi99fGlYkL3QiKbtzJBXgD7ghUQixqxA3ExHgpcyfcydwAJDO7WU0nLWUCpMBpOzOF4f9LgDc5fc45JD1wzqICcLAehe+WLDlh5fv+v5eSvn6RVMx5cgCula9zH8Chsk/yngGAfEybdrgPGFvS8enf9iR6OYb7h2mzMCsqkhbyJdP8fyv8fFGUJgv5ctTl1v3L0Sz/Wsv5OwnHr67kq1ty1mV+9v3fvFrO35V0T9J9SQ8kPYzOWo8lPYkZv7My/nPD+QNZBHdfLWs+QwfB6vnW89x3cY329rwT5d/HNy/8hIxjLyhF+YbhfNflP6TMl6N8rf3T68S0F1L2C5go5Lz+benMX13/n83zxc3rH8AGg+Hoe8vz3N8JCicsylEPCeLB5QnHosijqMQ0OSnvlp0ugr+vHZiGaTFftTc5FoDbqv6n/6s+GI7e9vqtrtt1fzQ+fpofu8NzeX3t6RzAnlvenAMAAAAAAAAAAAAAgH30VNKzNEHTB/wAAAAA7IyrfWbIkRT/2B8AAAAAAAAAAAAAAAAAAACA7C4CAAD//3Y4Qng=")
syz_mount_image$fuse(0x0, &(0x7f0000000400)='./file4\x00', 0x1018000, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file4'}}], [], 0x2c})

8m36.938509331s ago: executing program 1 (id=440):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000980)={0x802}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001e00)=ANY=[@ANYBLOB="18000000520001002abd5000000000020a000000040006"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000)

8m36.531271974s ago: executing program 1 (id=443):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
rename(0x0, &(0x7f00000000c0)='./file0/../file0/file0\x00')
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'netdevsim0\x00', &(0x7f00000000c0)=@ethtool_gfeatures={0x33}})

8m36.10103912s ago: executing program 33 (id=443):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
rename(0x0, &(0x7f00000000c0)='./file0/../file0/file0\x00')
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'netdevsim0\x00', &(0x7f00000000c0)=@ethtool_gfeatures={0x33}})

7m53.83623626s ago: executing program 2 (id=784):
r0 = syz_open_dev$ttys(0xc, 0x2, 0x1)
io_setup(0x7, &(0x7f00000005c0))
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000000))

7m53.513115189s ago: executing program 2 (id=788):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7ffc0002}]})
io_setup(0x6, &(0x7f0000001000)=<r0=>0x0)
io_getevents(r0, 0x3, 0x3, &(0x7f00000010c0)=[{}, {}, {}], &(0x7f0000001140)={0x0, 0x989680})

7m53.172579768s ago: executing program 2 (id=790):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000100)={0x0, &(0x7f0000000300)=[0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c643c, &(0x7f0000000300)={0x0, 0x300})

7m53.022449007s ago: executing program 2 (id=791):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f0000000240)=ANY=[], 0x8, 0x1cc, &(0x7f00000006c0)="$eJzsmD/v0kAYx793LeVPjImLg4smkogJlLaocXHAV2AC/tskUglawEAHIHEgLi6+DN+CA5ODm5urDmpi4iCjk8OZa4/25J8yEIm/55Pw9Nu7567PPTTfoSAI4sTy5fOPTy9vXm+WAZxCEVk1/s1Ic7iW/zGnxIdXb/unn81X92N7Pt8E8KZuIFT3QgihzxfVtQme6NvguKz0XTDYSj8Axx2lfTDcV/qxpgd5JQLffjgI2o+6ge/I4MrgyVBbrW8xY2gDkEcXxu/1jybTJ60g8IerIiOWz1mb2lf8oX/mos5xQ+uf/L/uvXg+k/fL3jha/1xwuErXwNBY9gRZ2LadtkQ7/zkz3d/4m/MfgzhT2ZVT3r3857+p2VKNPZYe/oeCaSN5KaRpJSNnF/N366u+HrKwC4c9MpRnr029LxzwXU39U9rLJc2fTJiJf1TD3tPqaDKtdHutjt/x+55Xu+ZccZyrXjUyojju8L9c5E8Fbf/MllyLWRi3wnDojoFw6Cb3Xhw1x228HnyP1vDI/zhKF+M95KtixVa5EaZ+PLpKVTK2Fk8QBEEQBEEQBEEQBEEQBLEX58Gir6BCCKY+iG7CuxVl/woAAP//vphcsA==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
listxattr(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)

7m52.912907573s ago: executing program 2 (id=792):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x1018e58, &(0x7f00000005c0)={[{@nodioread_nolock}, {@noblock_validity}, {@data_err_ignore}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}, {@nodiscard}, {@stripe={'stripe', 0x3d, 0x4}}, {@noauto_da_alloc}]}, 0x6, 0x61f, &(0x7f0000000b00)="$eJzs3c9rXNUeAPDvncmkSZv30j4ej9fyHi/wFi1I00wtVt3Y1oVdFCzYhYiLhiapodMfNCmYWGgKLhQURNyKdOM/4F66dyeCunMtVJGKikpH7syddDKZSdIkM9Pmfj5wM/ece2fO+c6dM/fce3PmBpBbY+mfQsT+iAfnk4jRpmUjUV84lq13/6ebF9IpiWr1lR+TSLK8xvpJ9rgnSwxFxJenIv5RXF3u3MLipclKte5WxJH5y9eOzC0sHp69PHlx+uL0lfLRZ48dn3iufKy8LXHuyR5Pn3n5P++//cYzM19VDidxIs6V3pqKlji2y1iMxYMsxOb8gYg4ns60eV+eNDsghFwrZp/HUkT8K0ajWEvVjcbse32tHNBV1WJEFcipRPuHnGr0AxrH9hs7Dj7X5V5J79w7WT8AWh3/QP3cSAzVjo1230+ajowGauc29m5D+WkZf9488HE6xYrzEL8ub52BbSink6XbEfHvdvEntbrtrUWaxl9YUY8kIiYiYjCr34tbqEPSNN+N8zBr2Wz8hYg4kT2m+ac2Wf5YS7rX8QOQT3dPZjvypTT1cP+X9j0a/Z9Y1f+pXxtq3XdtRr/3f537f439/VDtHHmhpR+W9lnOtn/JUmvGd++e/rBT+c39v3RKy2/0BXvh3u2IAy3xv5MGm/V/0viTNts/XeX8iY2V8dLXP5zutKzf8VfvRBxse/zzsFeazrVenxzOlpWPlY/MzFamJ+p/25bx+Revf9qp/H7Hn27/3R3ib9r+hdbnpe/JtQ2W8dnZO5c7LRtZN/7C94NJ/XhzMMt5c3J+/no5YjA5k61Sv5BVyz+6dl0a6zReI43/0P/bt/8Vn//bK19nuPGVuQHXXr10v9OyzWz/povJD6obrEMnafxT62//Ve0/zftgOXVrzTJ+ee3GfzstWyv+4S3GBgAAAAAAAHlTqF2DTQrjy/OFwvh4fbzsP2N3oXJ1bv6pmas3rkxFHKr9P2Sp0LjSPVpPJ2m6nP0/bCN9tCX9dETsi4iPisO19PiFq5WpfgcPAAAAAAAAAAAAAAAAAAAAj4k92fj/xn2qfy7Wx/8DOdHNG8wBjzftH/Kr1v5X3eIJyAP7f8gv7R/yS/uH/NL+Ib+0f8gv7R/yS/uH/NL+AQAAAGBH2ve/u98mEbH0/HBtSg1my4wIgp2t1O8KAH1T7HcFgL5ZvvSvsw+5s6H+/+/ZjwN2vzpAHyTtMmudg+rajf9u22cCAAAAAAAAAAAAAF1wcH/78f+JscGw4xn2B/m1hfH/fjoAnnB++h/yyzE+sN4o/qFOC4z/BwAAAAAAAAAAAICeGalNSWE8Gws8EoXC+HjE3yJib5SSmdnK9ERE/D0ivimWdqXpcr8rDQAAAAAAAAAAAAAAAAAAADvM3MLipclKZfp688wfq3J29kzjLqg9KOuFeMRnRdL7t2U4IpZzShGPWufuzezKPrZbeZ2BuYXF5LdqTRKxFI9PgFuKa5tn1v3qGOzqFxMAAAAAAAAAAAAAAAAAAORQ09jj9g580uMaAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDvPbz/f/dm+h0jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBk+isAAP//GjM9YA==")
creat(&(0x7f00000000c0)='./bus\x00', 0x182)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)

7m51.842107185s ago: executing program 5 (id=797):
r0 = openat$damon_mk_contexts(0xffffffffffffff9c, &(0x7f0000001100), 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
write$damon_contexts(r0, 0x0, 0x2)

7m51.529507913s ago: executing program 5 (id=800):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = getpid()
kcmp(r1, r0, 0x3, 0xffffffffffffffff, 0xffffffffffffffff)

7m51.006454533s ago: executing program 5 (id=804):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x400, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x420, 0x0)

7m50.816863364s ago: executing program 5 (id=806):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f0000000240)=ANY=[], 0x8, 0x1cc, &(0x7f00000006c0)="$eJzsmD/v0kAYx793LeVPjImLg4smkogJlLaocXHAV2AC/tskUglawEAHIHEgLi6+DN+CA5ODm5urDmpi4iCjk8OZa4/25J8yEIm/55Pw9Nu7567PPTTfoSAI4sTy5fOPTy9vXm+WAZxCEVk1/s1Ic7iW/zGnxIdXb/unn81X92N7Pt8E8KZuIFT3QgihzxfVtQme6NvguKz0XTDYSj8Axx2lfTDcV/qxpgd5JQLffjgI2o+6ge/I4MrgyVBbrW8xY2gDkEcXxu/1jybTJ60g8IerIiOWz1mb2lf8oX/mos5xQ+uf/L/uvXg+k/fL3jha/1xwuErXwNBY9gRZ2LadtkQ7/zkz3d/4m/MfgzhT2ZVT3r3857+p2VKNPZYe/oeCaSN5KaRpJSNnF/N366u+HrKwC4c9MpRnr029LxzwXU39U9rLJc2fTJiJf1TD3tPqaDKtdHutjt/x+55Xu+ZccZyrXjUyojju8L9c5E8Fbf/MllyLWRi3wnDojoFw6Cb3Xhw1x228HnyP1vDI/zhKF+M95KtixVa5EaZ+PLpKVTK2Fk8QBEEQBEEQBEEQBEEQBLEX58Gir6BCCKY+iG7CuxVl/woAAP//vphcsA==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
listxattr(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)

7m50.503551362s ago: executing program 5 (id=808):
syz_mount_image$hfsplus(&(0x7f00000001c0), &(0x7f0000000280)='./file0\x00', 0x4000, &(0x7f00000004c0)={[{@uid}, {@type={'type', 0x3d, "a5efd8b9"}}, {@nls={'nls', 0x3d, 'ascii'}}, {@part={'part', 0x3d, 0x2}}, {@part={'part', 0x3d, 0xb}}, {@part={'part', 0x3d, 0x4}}]}, 0x20, 0x70c, &(0x7f0000003800)="$eJzs3U+IHGndB/Bv9fR0prMwb+++m90oQoYNBt1oMsmwGEEwikgOiwa87HVMJpshk0mYmZUkiJl1XfWmJ4mwhxWJhz2JB2HFg7jeBEHwnnvAg7fFgy1VXT3TPf8nmclk4+cD1fVU1VPP83t+Xf10d01CB/ifdeGNjC6nyIWTr98qtx/cn5p7cH/qer+c5FCSRtLsrVLMJ8VHyfn0lnyq3Fk3V2zWz2sPP3zvxL0PpnpbzXqp6je2Om9Vd4seluslE0lG6vUuNTdr79IG7d3dVdPFStxlwo73EwcHrbvO8m5O38HrFnja3U1GRjfY30kOJxmrPweknh0aTzi8PberWQ4AAACeTiPbVai+wN/K+BOJBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4RRe83A4t6afTLEynq3///dl2t0modbLjb+MI2x9+98oQCAQAAAAAAAIC9N7paPPZxPs6tjPe3u0X1N/9Xqo0Xq8fn8lYWM5OFnMqtTGcpS1nImWR0fKDN1q3ppaWFM+vP/EXKM7vd7t36zLNJOuvOPLvPYwYAAAAAAACAT7q7Wx79YS5k/InFAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO1AkI71VtbzYL3fSaCYZS9Iq6y0nf+yXnwadRzzvT3scBwAAADyF2vV6vPhPr9Atqu/8L1Xf+8fyVuazlNksZS4zuVzdC+h962/8fXlq7sH9qevlsr7hr/2zaq27wziqFpOM5O1Nep6sahyp70EkF/LNfCcnM5GLWchsvpfpLGUmE2mXg8h0inTavbsXnX6cw/GO1J2fHwrl4trYjq3ZPlpF0s6VzFaxncqlVr+1RlWjyNGB3n7fStZk6O0yO8VXazvM0eWB5+vn9X2ZWvf/dtjG/uhUIx9dychkmfs6G89vnPu+3nXyyD2dSWPlHtSLq72Um2t76uf8u7vJ+eF6Xeb6x8M532u7vJW2NhNn06ivvuSl4Zzf/Oy9F4ZP/vw//nzxamP+2tUriyf3cUh7pLnh3tF+YW0mpgYy8fLWV1+dibkyE8s7z8To2h1jOx7LvmrV2ehNbL3Zsmfz2fIbVWk6rwxcgjfmy8cvZTJnci6T+XLOZmroCjsylNfm1PXhnFSvtcb6+a29RfDHPzdQ6SfbVN4Pm/dX5uX5gbwOznSd6li95/zPMjmQpRe2vvoe5V2g+em6UPbxzso7ztNgKBP13NyPrv8GtUkmflV9Tlicm7+2cHX65g77O1Gvy5ftu8Nz868fezCPpZW8M76yVeWk3b9eymvp/1eiHc5Xq/6LS2/Ca6w7dmTlWCfjmc23ciOXM7PBK7VVf4Zb31Lv2MsbHpuqjh0dODb0KSc3Mld9ClljYv8zCsCuHH71cKv9sP239vvtH7Wvtl8f+/qhc4c+08roX5p/GPlt4zeNrxSv5v38IOMHHSkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwLFm/fuTY9NzezsI+F1iP2lca2de4/t7MG00m27quoC639zsauCz+tf69w71r+19im2fjl4aSdfRrO77YeReuxuyhSLO/zk1I+E3vSYP+H06o93ZFtz/rr6aS3p5lut3t35dDap7KZxbHNnsFDq5XTuTY99+/uUJ12Bl4ywDPu9NL1m6cXb9/54uz16Tdn3pyZP3uu//O4V2bnZiZPV48HHCSwLxZv3xk56BgAAAAAAAAAAACA3an/9f/SQqMsFLv/XzrNbeq0FhY37vnYkx4qAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Al14Y2MLqfImclTk+X2g/tTc+XSL6/WbCZpJCm+nxQfJefTW9IZaK7YrJ/XHn743ol7H0ytttXs129sdd7OLNdLJpKM1OvtHdqgmfXtXRpob/mRwitWRlgm7Hg/cXDQ/hsAAP//g+DvoA==")
r0 = open(&(0x7f00000000c0)='.\x00', 0x10000, 0x0)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

7m46.988295695s ago: executing program 2 (id=819):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)

7m46.5602317s ago: executing program 34 (id=819):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)

7m44.198392816s ago: executing program 5 (id=827):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x2c240, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000080), 0x8000000000000001, 0x1c1280)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000000440)={r0, 0x0, {0x0, 0x0, 0x0, 0x400, 0xfff, 0x0, 0x0, 0x0, 0xc, "339f020bbe78b39843d601010000000000080d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c18e8438ef2a565ef1e83323695c58d66500", "a1163939c787a16c1ca43f8539f3d3289737f0374c72a964a0193b3e8772fd29f35239d2000000000000004db5ca3000", "24431a1e77a68e174b0000000000000c0010e200000000000000000200000200", [0x0, 0xfffffffffffffffe]}})

7m43.678033927s ago: executing program 35 (id=827):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x2c240, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000080), 0x8000000000000001, 0x1c1280)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000000440)={r0, 0x0, {0x0, 0x0, 0x0, 0x400, 0xfff, 0x0, 0x0, 0x0, 0xc, "339f020bbe78b39843d601010000000000080d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c18e8438ef2a565ef1e83323695c58d66500", "a1163939c787a16c1ca43f8539f3d3289737f0374c72a964a0193b3e8772fd29f35239d2000000000000004db5ca3000", "24431a1e77a68e174b0000000000000c0010e200000000000000000200000200", [0x0, 0xfffffffffffffffe]}})

5m8.633971459s ago: executing program 7 (id=2384):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000340), 0x6)
write(r0, &(0x7f0000000080)="028f8b0b", 0x4)

5m8.467316079s ago: executing program 7 (id=2386):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0)
connect$pppl2tp(r0, &(0x7f00000001c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x3, 0x2, 0x0, 0x0, {0xa, 0x4e22, 0x1, @mcast1, 0x400}}}, 0x3a)

5m8.301319428s ago: executing program 7 (id=2388):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x3, &(0x7f0000000080)=[{0x50, 0x5, 0xa}, {0x20, 0xfe, 0x20, 0xfffff034}, {0x6, 0xfc, 0x40, 0x2}]}, 0x10)
write$binfmt_aout(r0, &(0x7f0000000000)=ANY=[], 0xfdef)

5m8.035314214s ago: executing program 7 (id=2390):
syz_mount_image$jfs(&(0x7f00000001c0), &(0x7f0000000180)='./file0\x00', 0x2, &(0x7f0000000600)=ANY=[@ANYBLOB="6e6f71756f74612c6e6f696e746567726974792c6e6f646973636172642c67727071756f74612c696f636861727365743d63703933322c6e6f646973636172642c71756f74612c6e6f71756f74612c6e6f696e746567726974792c004d5afe2de1b3a136431fa8ea7b501ecb08f40540fff494c16f9b0781a740588d55fa"], 0x1, 0x614f, &(0x7f000000ccc0)="$eJzs3c1vHGcdB/Df7JtfSlOrh6pECLlteCmleS0hUKDpAQ5cOKBcUSLXrSJSQElAaRURV75w4I8AIXFEiCMn/oAeuHLjDyBSAgL11EFjP48znq69dt3dWXs+H8mZ+e0z430m35198czsEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/PAHP75QRMT1X6UbViI+F/2IXsRSVa9GxNLqSl5+EBHPx1ZzPBcRw4WIav2tf56JeC0iPjwV8ejx/bXq5osH7Mf3//yPP/zkqR/9/U/Dc//7y93+63std+/eb//71wdH22YAAADomrIsyyJ9zD+dPt/32u4UADAT+fW/TPLt6rmrN+asP2q1Wq0+hnVdOd6DehERG/V1qvcMDscDwDGzER+13QVaJP9OG0TEU213AphrRdsdYCoePb6/VqR8i/rrwep2ez4XZFf+G8XO9R17TSdpnmMyq8fXZvTj2T36szSjPsyTnH+vmf/17fZRWm7a+c/KXvmPti996pycf7+Zf8PJyb83Nv+uyvkPDpV/X/4AAAAAADDH8t//V1o+/rtw9E05kP2O/67OqA8AAAAAAAAA8Fk76vh/O4z/BwAAAHOr+qxe+d2pJ7ft9V1s1e3XioinG8sDHZMullluux8AAAAAAAAAAAAA0CWD7XN4rxURw4h4enm5LMvqp65ZH9ZR1z/uur790GVtP8kDAMC2D081ruUvIhYj4lr6rr/h8vJyWS4uLZfL5dJCfj87Wlgsl2qfa/O0um1hdIA3xINRWf2yxdp6dZM+L09qb/6+6r5GZf8AHZuNFgMHgIjYfjV65BXphCnLZ6LtdzkcD/b/k8f+z0G0/TgFAAAApq8sy7JIX+d9Oh3z77XdKQBgJvLrf/O4gFqtVqvV6pNX15XjPagXEbFRX6d6z2A4fgA4Zjbio7a7QIvk32mDiHi+7U4Ac61ouwNMxaPH99eKlG9Rfz1I47vnc0F25b9RbK2X1x83naR5jsmsHl+b0Y9n9+jPczPqwzzJ+fea+V/fbh+l5aad/6zslX+1nSst9KdtOf9+M/+Gk5N/b2z+XZXzHxwq/778AQAAAABgjuW//6/M1fHf0afdnIn2O/67OrV7BQAAAAAAAIDpevT4/lq+7jUf///CmOVc/3ky5fwL+XdSzr/XyP+rjeX6tfmHbz7J/9+P76/98e6/Pp+nB81/Ic8U6ZFVpEdEke6pGKTpUbbukzaH/VF1T8Oi1x+kc37K4dtxM27FepzftWwv/X88ab+wq73q6XCrvexvt1/c1T7Yac/rX9rVPkxnOpVLuf1srMXP41a8tdVetS1M2P7FCe3lhPacfz/+s9Nn+3935PwHtZ8q/+XUXjSmlYcf9D6x39en4+7n6s0v/ub89Ddnos3o72xbXbV9L7bQn63/k6dG8cs767fP3rtx9+7tC5Emu269GGnyGcv5D9PPzvP/S9vt+Xm/vr8+/GB06PznxWYM9sz/pdp8tb0vz7hvbcj5j9JPzv+t1D5+/z+W+VcP7333/1dm3ycAAAAAAAAAAAAAAADYV1mWW5eIXo2Iy+n6n7auzQQAZutq+sqNMsm3z6ruz/j+1OpjXhdz1p+Z1h+X89Uftfo41nXleG/Ui4j4W32dyxHx63G/DACYZx9HxD/b7gStkX+H5e/7q6Zn2u4MMFN33nv/pzdu3Vq/faftngAAAAAAAAAAn1Ye/3O1Nv73mbIsHzSW2zX+65uxetTxPwd5ZmeA0T0Gqu4ffpv2s9kb9Xu14cZfiL3G/x7uzO03/vdgwv0NJ7SPJrQvTGhfnNA+9kKPmpz/C7Xxzs9ExOnG8OsnYPzXLfuN/9oc874Lcv4v1h7PVf5faSxXz7/8/XHOv7cr/3N33/3FuTvvvf/qzXdvvLP+zvrPLl24cP7S5ctXrlw59/bNW+vnt/9tscfTlfPPY187D7Rbcv45c/l3S87/S6mWf7fk/L+cavl3S84/v9+Tf7fk/PNnH/l3S87/5VTLv1ty/l9Ltfy7Jef/Sqrl3y05/6+nWv7dkvN/NdXy75ac/9lUy79bcv7nUn3A/Jem3S9mI+efj3DZ/7sl55/PbJB/t+T8L6Za/t2S87+Uavl3S87/tVTLv1ty/t9Itfy7Jed/OdXy75ac/zdTLf9uyflfSbX8uyXn/61Uy79bcv7fTvWh8l+ZXr+YjZz/66m2/3dLzv87qZZ/t+T8v5tq+XdLzv97qZZ/t+T830i1/Lvlyff/mzFjxkyeafuZCQAAAAAAAAAAAABomsXpxG1vIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPB/duBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFvXuLkeuu7wB+9uq1czMQUic1sHaMMc4mu77EF1oXE64NtxIIhZZiu961WfANr11CGsmOAiUSRo0q2oaHtoCiNi8VVpUHWgWUB9SqUiXSPtAXRIXKQ1QFFJAqtVXIVnPm///vzOzZmV3v2J455/OR4p935sycM2fOnN3vOt8ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAabXr7zJcGsiyr/Zf/sT7Lbqz9fe34+vyyt1zvLQQAAABW65f5ny/dki44uIwbNSzzT6///jPz8/Pz2ceG/nTkq/Pz6YrxLBtZk2X5ddHlH398oHGZ4LFsbGCw4evBDqsf6nD9cIfrRzpcP9rh+jUdrh/rcP2iHbDI2vrvY/I725L/dX19l2a3ZiP5dVsKbvXYwJrBwfi7nNxAfpv5kWPZbHYim8mmmpavLzuQL//sptq63pPFdQ02rGtj7Qj5+SNH4zYMhH28pWldC/cZ/fRt2fgvfv7I0b8+9+LtRbPjbmi6v/p2bttc284vhEvq2zqQrUn7JG7nYMN2bix4ToaatnMgv13t763b+dIyt3NoYTOvqdbnfCwbzP/+fL6fhht/rZf208Zw2f/cmWXZxYXNbl1m0bqywWxd0yWDC8/PWP2IrN1H7VB6dTa8ouN00zKO09qc3tJ8nLa+JuLzvyncbniJbWh8mn766GjD8/7y/JUcp1HtUS/1Wmk9Brv9WumVYzAeF8/nD/rxwmNwS3j8j2xd+hgsPHYKjsH0uBuOwc2djsHB0aF8m9OTMJDfZuEY3NG0/FC+poF8vrC1/TE4ee7kmcm5zz989+zJI8dnjs+c2rVjx9SuPXv27ds3eWz2xMxU/c8r3Nu9b102mF4Dm8O+i6+BN7Us23iozn9jdNH590pfh2NtXofrW5bt9utwuPXBDVybF+TiY7r+2vhIbaePXRrMlniN5c/P9tW/DtPjbngdDje8Dgu/pxS8DoeX8TqsLXNm+/J+Zhlu+K9oG5b+XrC6Y3B9wzHY+vNI6zHY7Z9HeuUYHAvHxQ+3L/29YGPY3scnVvrzyNCiYzA93HDuqV2Sft4f25ePouPyjtoVN4xm5+dmzt7z0JFz587uyMK4Jl7TcKy0Hq/rGh5Ttuh4HVzx8Xpw9vWP31Fw+fqwr8burv0xtuRzVVtm9z3tn6v8u1vx/my6dGcWRpdd6/1Z9N28tj9Hs+xr33v0ge888rW3L7k/a3nzC5Or/1k85dKG8+/IEuffmPtfqa8v3dVjQyPD9dfvUNo7I03n4+anajg/dw3k635pcnnn45Hw37U+H9/a5ny8oWXZbp+PR1ofXDwfD3T6bcfqtD6fY+E4OTHV/nxcW2bDzpUek8Ntz8d3hjkQ9v+bQ1JIuajh2FnquE3rGh4eCY9rOK6h+Tjd1bT8SMhmtXU9vfPKjtNtd9bvayg9ugXX6jgdb1m228dp+t3XUsfpQKffvl2Z1udzLBwXt+5qf5zWlnlu9+rPnWvjXxvOnaOdjsGRodHaNo+kgzA/32fza+MxeE92NDudncim82tH8+NpIF/XxL3LOwZHw3/X+ly5oc0xuK1l2W4fg+n72FLH3sDw4gffBa3P51g4Lp68t/0xWFvmHXu7+7PrtnBJWqbhZ9fW368t9TuvO1p209U6VobDdn5vb/vfzdaWObFvpTmz/X66K1xyQ8F+an39LvWams6uzX7aELbzxX1L76fa9tSW+er+ZR5PB7Msu/DZ+/Lf94Z/X/m78z94punfXYr+TefCZ+/72U3H/nEl2w9A/3ulPtbVv9c1/MvUcv79HwAAAOgLMfcPhpnI/wAAAFAaMffH/ys8kf8BAACgNGLuHw4zqUj+3/COF2dfuZClZv58EK9Pu+H++nKx4zoVvh6fX1C7/L6nZv77Hy4sb92DWZa9fP8fFi6/4f64XXXjYTsvv7P58kWeuXtZ6z784IW03sb++tfD/cfHs9zDoKiCO5Vl2bO3fCVfz/jHL+XzufsP5/OBi48/Vlvmpf31r+PtX3hNffm/COXfg8eONN3+hbAffhLm1HuL90e83bcuvXnj3o8urC/ebmDzzfnDfvKT9fuN75PzxGP15eN+Xmr7v/Plp79VW/6hNxZv/4XB4u1/OtzvU2H+7+vqyzc+B7Wv4+2+GLY/ri/e7p5vfrdw+y9/qb78mXfVlzscZlz/tvD1lne9ONu4vx4aONL0uLJ315eL65/6wR/n18f7i/ffuv1jhy417Y/W4+O5f6vfz2TL8vHyuJ7o71vWX7ufxuMzrv/pPzrctJ87rf/yAy+8rna/reu/q2W5M5/dnq9/4f6a37HpL7/4lcL1xe05+Ldnmh7PwQ+F13FY/5OfDMdjuP7/Ltfvr/XdFQ5/qPn8E5f/+voLTY8nes8v6uu//Nbj+VwztnbdDTfedPPFN9T2XZY9v6Z+f53Wf/yvTjdt/zduq++PeH3s6Leufylx/Wc/N3Hq9Nz52em0Vx+5JX/vnPfVtydu7y3h3Nr69aHT5z41c3Z8anwqy8bL+xZ6V+ybYf6sPi62X3p+0Rl0+4Ph+bzjz59dt/Vfvxwv//eP1C+/9N769603heWeCJevD8/fyta/2JObbstf3wPPhS2cX/x+wauxcct/7VvWguHxt/5cEI/3M6/9VL4fatfl3zfi63qV2/+j6fr9fDvs1/nwzsybb1tYX+Py8b0RLn24/npf9f4Lp7n4vP5NeL7f/5P6/cftio/3R+HnmO9uaD7fxePj2xcGW+8/fxePi+F8kl2sXx+Xivv70ku3FW5efB+S7OLt+dd/ku7n9hU9zKXMfX5u8sTsqfMPTZ6bmTs3Off5hw+dPH3+1LlD+Xt5Hvp0p9svnJ/W5een6Zk9u7P8bHW6Pq6y6739Zx48Or13auv0zLEj54+de/DMzNnjR+fmjs5Mz209cuzYzOc63X52+sCOnft37d05cXx2+sC+/ft37Z+YPXW6thn1jepgz9RnJk6dPZTfZO7A7v077r1399TEydPTMwf2Tk1NnO90+/x700Tt1n8wcXbmxJFzsydnJuZmH545sGP/nj07O74b4Mkzx+bGJ8+ePzV5fm7m7GT9sYyfyy+ufe/rdHvKae4/6j/PthqovxFf9sG79qT3Z6156tEl76q+SMsbiL4Y3ovmn191Zt9yvo65fyTMpCL5HwAAAKog5v7RMBP5HwAAAEoj5v41YSbyPwAAAJRGzP1jYSYVyf+l6/9vuLCs9ev/6/837i/9/4r1/z/ca/3/+vlC/787Vtu/1/8P9P/1//X/9f/1/+mCXuv/x9y/Nssqmf8BAACgCmLuXxdmIv8DAABAacTcf0OYifwPAAAApRFz/41hJhXJ//r/+v/6//r/+v/F69f/70/6/+3p/3eg/z+ZVav/f7Gb26//r//PYr3W/4+5/6Ywk4rkfwAAAKiCmPtvDjOR/wEAAKA0Yu6/JcxE/gcAAID+tHbxRTH3rw8zqUj+1//X/9f/1//X/y9ev/5/f9L/b0//vwP9f5//r/+v/09X9Vr/P+b+V4WZVCT/AwAAQBXE3P/qMBP5HwAAAHrP8JXdLOb+14SZLMr/V7gCAAAA4LqLuf/WrKUIXpF//9f/1//X/9f/1/8vXv/y+/9Dmf5/79D/b0//vwP9f/1//X/9f7qq1/r/ee7PxrLXhplUJP8DAABAFcTcf1uYifwPAAAAvW1s+YvG3P8rrTeU/wEAAKA0Yu7fEGZSkfyv/6//r/+v/6//X7x+n//fn/T/29P/76DX+v8tR5D+f29vv/6//j+L9Vr/P+b+28NMKpL/AQAAoApi7r8jzET+BwAAgNKIuf9Xw0zkfwAAACiNmPs3hplUJP/r//d4/z/2/vT/9f/1//X/9f+XRf+/Pf3/Dnqt/99C/7+3t1//X/+fxXqt/x9z/+vCTCqS/wEAAKAKYu5/fZiJ/A8AAAClEXP/G8JM5H8AAAAojZj7x8NMKpL/9f97vP/v8//1//X/9f/1/1dE/789/f8O9P/1//X/9f/pql7r/8fcvynMpCL5HwAAAKog5v7NYSbyPwAAAJRGzP13hpnI/wAAAFAaMfdvCTOpSP7X/9f/1//X/9f/L16//n9/0v9vbzn9//ycpv+v/6//r/+v/08X9Fr/P+b+N4aZVCT/AwAAQBXE3L81zET+BwAAgNKIuf9NYSbyPwAAAJRGzP3bwkwqkv/1//X/9f/1//X/i9ev/9+f9P/b8/n/Hej/6//r/+v/01W91v+Puf/NYSYVyf8AAABQBTH3bw8zkf8BAACgNGLuvyvMRP4HAACA0oi5fyLMpCL5X/9f/1//X/9f/794/fr//akK/f9PrPROG+j/d6D/r/+v/6//T1f1Wv8/5v67w0wqkv8BAACgCmLuvyfMRP4HAACA0oi5fzLMRP4HAACA0oi5fyrMpCL5X/9f/1//X/9/Rf3/Nyzcr/5/nf5/b6lC/3819P870P/X/7/u/f8R/X9Kpdf6/zH37wgzqUj+BwAAgCqIuX9nmIn8DwAAAKURc/+uMBP5HwAAAEoj5v7dYSYVyf/6//r/+v/6/z7/v3j9+v/9Sf+/ve73/+ND1P/X/9f/9/n/+v8s1mv9/5j77w0zqUj+BwAAgCqIuX9PmIn8DwAAAKURc//eMBP5HwAAAEoj5v59YSYVyf/6//r/+v/6//r/xevX/+9P+v/t+fz/DvT/9f/1//X/6ape6//H3L8/zKQi+R8AAACqIOb+t4SZyP8AAABQGjH3/1qYifwPAAAApRFz/6+HmVQk/+v/6//r/+v/6/8Xr1//vz/p/7en/9+B/r/+v/6//j9d1Wv9/5j7D4SZVCT/AwAAQBXE3P8bYSbyPwAAAJRGzP1vDTOR/wEAAKA0Yu4/GGZSkfyv/6//r/+v/6//X7x+/f/+pP/fnv5/B/r/+v/6//r/dFWv9f9j7n9bmElF8j8AAABUQcz994WZyP8AAABQGjH3vz3MRP4HAACA0oi5/x1hJhXJ//r/+v/6//r/+v/F69f/70/6/+3p/3eg/6//r/+v/09X9Vr/P+b+d4aZVCT/AwAAQBXE3P+uMBP5HwAAAEoj5v53h5nI/wAAAFAaMfe/J8ykIvlf/1//X/9f/1//v3j9+v/9Sf+/Pf3/DvT/S9b/H79J/1//n6ulKAEtdmX9/xtfXnKFq+z/x9z/m2EmFcn/AAAAUAUx998fZiL/AwAAQGnE3P/eMBP5HwAAAEoj5v73hZlUJP/r/+v/6//r/+v/F69f/78/6f+312f9/1/eHC7X/6/T/+/t7e/J/v+Pl+r/z69pvb3+P1fDlfX/C3Wl/x9z//vDTCqS/wEAAKAKYu7/QJiJ/A8AAAClEXP/B8NM5H8AAAAojZj7fyvMpCL5X/+/th0L7WX9f/3//AL9f/1//f++pf/fXp/1/33+fwv9/97e/p7s//v8f66zXuv/x9z/oTCTiuR/AAAAqIKY+x8IM5H/AQAAoDRi7v9wmIn8DwAAAKURc/9Hwkwqkv/1/33+v/6//r/+f/H69f/7k/5/e/r/Hej/6//3Wv//P/X/6W+91v+Puf/BMJOK5H8AAACogpj7PxpmIv8DAABAacTc/9thJvI/AAAAlEbM/R8LM6lI/tf/75f+/7j+v/6//n/L49H/1/8vov/fnv5/B/r/+v+91v/3+f/0uV7r/8fc//Ewk+Xn/7FlLwkAAABcFzH3/06YSUX+/R8AAACqIOb+3w0zkf8BAACgNGLu/0SYSUXyv/5/v/T/ff5/pv+v/9/yePT/9f+LXLv+fzzz6P/r/+v/R/r/+v/6/7Tqtf5/zP2/F2ZSkfwPAAAAVRBz/yfDTOR/AAAA6AtF/092q5j7D4WZyP8AAABQGjH3Hw4zqUj+1//X/9f/79H+/59t/pcffv8Dh3fo/+v/6/+vyFXt/8eTTfz8/9qL3+f/6//r/yf6//r/+v+06rX+f8z9R8JMKpL/AQAAoApi7v/9MBP5HwAAAEoj5v6jYSbyPwAAAJRGzP3TYSYVyf/6//r/+v892v/v48//j/tD/79Z1/r/8aSr/1/o2n3+f/3rJ/T/r7D/P1p4qf6//n8/b7/+v/4/i12V/v/8mnThSvv/MffPhJlUJP8DAABAFYTcP3isPheukP8BAACgNGLuPx5mIv8DAABAacTc/6kwk4rkf/1//X/9f/1/n/9fvP6e7f/7/P+29P/b653+fzH9f/3/ft5+/X/9fxbrtc//j7l/NsykIvkfAAAAqiDm/k+Hmcj/AAAAUBox938mzET+BwAAgNKIuf9EmElF8r/+v/6//r/+v/5/8fr1//uT/n97+v8d6P/r/+v/6//TVb3W/4+5/2SYSUXyPwAAAFRBzP2nwkzkfwAAAPh/9u6j2dK62uP4bmzK7uIFOHBClUNfAgMd6wtw4MSBVlkORMWcaMwRcw6YMwZQxISKYgATilnMWTFgRq22tNdafU6ffZ59ut3nnGf/1+czWfe2t937KgX86P7Wfxi5+y+OW+x/AAAAGEbu/ofELU32v/5f/z9s/38P/f9un6//1/+PTP8/7XD7/92jzqT/1/9v8vfX/+v/2Wlu/X/u/ofGLU32PwAAAHSQu/9hcYv9DwAAAMPI3X9J3GL/AwAAwDBy9z88bmmy/8/o/48sevb/mfHq//ez/z/P+//6f/2//n//HWz/f9l//8yn//f+v/4/6P/1//p/zjS3/j93/yPilib7HwAAADrI3f/IuMX+BwAAgGHk7n9U3GL/AwAAwDBy9z86bmmy/73/7/3/Yd//1//v+vn6f/3/yLz/P61T/3/JLRc8+PZr7nrt2Xy+/r9D/3/Dvn1//b/+n53m1v/n7n9M3NJk/wMAAEAHufsfG7fY/wAAADCM3P2Pi1vsfwAAABhG7v7Hxy1N9r/+X/+v/9f/6/+Xf77+fzPp/6d16v/P5fP1/x36//37/vp//T87za3/z93/hLilyf4HAACADnL3PzFusf8BAABgGLn7L41b7H8AAAAYRu7+E3FLk/2v/9///v/f+n/9f1z9v/5f/7//9P/T9P8r6P/1//p//T9rNbf+P3f/ZXFLk/0PAAAAHeTuf1LcYv8DAADAMHL3Pzlusf8BAABgGLn7nxK3NNn/+n/v/+v/9f/6/+Wfr//fTPr/aQff/y/7K+Tu9P8b3/+fr//X/+v/2eos+/87Jv60vZb+P3f/U+OWJvsfAAAAOsjd/7S4xf4HAACAYeTuf3rcYv8DAADAMHL3PyNuabL/9f/6/z31//Hf8aX6f/3/Fvr/U/T/86L/nzab9/+PHF36w/r/je//vf+v/9f/s83c3v/P3f/MuKXJ/gcAAIAOcvc/K26x/wEAAGAYufufHbfY/wAAADCM3P3PiVua7H/9v/7f+//6f/3/8s+f6v+v3fL99P/zov+fNpv+fxf6f/3/Jn9//b/+n53m1v/n7n9u3NJk/wMAAEAHufsvj1vsfwAAABhG7v7nxS32PwAAAAwjd//z45Ym+395/3/6X9f/743+f/v31/8v/+NjXf1//jvq/yf7/3t6/78n/f80/f8K+n/9v/5/t/7/+Kqfr/9nmbn1/7n7XxC3NNn/AAAA0EHu/hfGLfY/AAAADCN3/4viFvsfAAAAhpG7/8VxS5P97/1//b/+f/P6f+//n3KY7/8vDrz/P6r/3yP9/zT9/wr6f/2//t/7/6zV3Pr/3P0viVua7H8AAADoIHf/S+MW+x8AAAA2w9bfO3DmbygNuftfFrfY/wAAADCM3P0vj1ua7H/9v/5f/6//793/H9uQ/t/7/3ul/5+m/1/hcPv/I4P2/0cH6/+v2O3nz6H/v1T/z8xs6/+vO/3jh9X/5+5/RdzSZP8DAABAB7n7Xxm32P8AAAAwjNz9r4pb7H8AAAAYRu7+V8ctTfb/vvf/x3f/bP2//l//r/8//P5/U97/1//vlf5/mv5/Be//e//f+//6f9ZqW/+/xWH1/7n7XxO3/hFAk/0PAAAAHeTuf23cYv8DAADAMHL3XxG32P8AAAAwjNz9r4tbmux/7//r//X/+n/9//LP1/9vJv3/NP3/Cvp//b/+X//PWs2t/8/d//q4pcn+BwAAgA5y978hbrH/AQAAYBi5+98Yt9j/AAAAMIzc/W+KW5rsf/3//vb/+eP6f/3/Qv+v/9f/H4i2/f+RZX8l2mmX/v+mB5649/Yf0f/r//X/+n/9P2swi/7/5Om/u8zd/+a4pcn+BwAAgA5y978lbrH/AQAAYBi5+98at9j/AAAAMIzc/W+LW/63/8+sUDfPsRX/uv7f+//6f/2//n/55+v/N1Pb/n+PvP+/gv5f/6//1/+zVrPo/7f877n73x63+PV/AAAAGEbu/nfELfY/AAAADCN3/zvjFvsfAAAAhpG7/11xS5P9r//X/+v/9f/6/+Wfr//fTPr/afr/FfT/+n/9v/6ftZpb/5+7/8q4pcn+BwAAgA5y9787brH/AQAAYBi5+98Tt9j/AAAAMIzc/e+NW5rsf/2//l//r//X/y//fP3/ZtL/T9P/LxaLqya+wLL+/+Sd9f/6f/2//p9zNLf+P3f/++KWJvsfAAAAOsjdf1XcYv8DAADAMHL3Xx232P8AAAAwjNz9749bmux//b/+X/+v/2/U/x/R/49P/z9N/7+C9//1//p//T9rNbf+P3f/B+KWJvsfAAAAOsjdf03cYv8DAADAMHL3fzBusf8BAABgGLn7r41bdt3/5x3Atzo4+n/9v/5f/9+o/x/w/f9jqz+4mf3r/xf6f/2//n8F/b/+X//PmebW/+fu/1Dc4tf/AQAAYBi5+z8ct9j/AAAAMIzc/R+JW+x/AAAAGEbu/o/GLU32v/5f/6//1//r/5d//mb0/6s/txvv/0/T/6+g/9f/6//1/6zV3Pr/3P0fi1ua7H8AAADoIHf/dXGL/Q8AAADDyN3/8bjF/gcAAIBh5O7/RNzSZP/r//X/2/v/xUL/r//X/59yAP3/sYX+f+30/9P0/yvo/8fs/89bDNT/H9/15+v/maO59f+5+z8ZtzTZ/wAAANBB7v7r4xb7HwAAAIaRu/9TcYv9DwAAAMPI3f/puKXJ/tf/6/839v3/8+Mn6P/1/5vb/9d/qvr/9dH/T9P/r6D/H7P/9/6//p9DM7f+P3f/DXFLk/0PAAAAHeTu/0zcYv8DAADAMHL3fzZusf8BAABgGLn7Pxe3NNn/+n/9/8b2/97/1//r//X/S+j/p+n/V9D/6//1//p/1mpu/X/u/s/HLU32PwAAAHSQu//GuMX+BwAAgGHk7r8pbrH/AQAAYBi5+78QtzTZ//p//b/+fzP7/2P6f/2//n+pufT/F110r5v1//p//b/+X/+v/+9ubv1/7v4vxi1N9j8AAAB0kLv/S3GL/Q8AAADDyN3/5bjF/gcAAIBh5O7/StzSZP/v7P/PX5wqVE9Z1v9Ho6b/30L/v/376/+X//Hh/X/9v/5//82l//f+/7l9f/2//n+Tv/9Z9f8X7vz5+n9GNLf+P3f/zXFLk/0PAAAAHeTu/2rcYv8DAADAMHL3fy1usf8BAABgGLn7b4lbmux/7//r//X/+n/9//LP1/9vJv3/NP3/Cvp//b/3/y++/530/6zP3Pr/3P1fj1ua7H8AAADoIHf/N+IW+x8AAACGkbv/m3GL/Q8AAADDyN3/rbilyf7X/+v/9f/6f/3/8s/X/28m/f80/f8KM+3/8+9Q9f/z/v7D9P/e/2eN5tb/5+7/dtzSZP8DAABAB7n7vxO32P8AAAAwjNz9341b7H8AAAAYRu7+78UtTfb/+vv/C/X/Qf8/l/7/fvr/Mz5f/6//H5n+P/+Kvpz+f4WZ9v9J/z/v76//1/+z09z6/9z9t8YtTfY/AAAAdJC7//txi/0PAAAAw8jd/4O4xf4HAACAYeTu/2Hc0mT/e/+/V/9/ZNGx//f+v/5f/9+J/n+a/n8F/b/+X/+v/2et5tb/5+7/UdzSZP8DAADAprrP3R90617/b3P3/zhusf8BAABgGLn7fxK32P8AAAAwjNz9P41bmux//X+v/r/n+//6f/2//r8T/f80/f8K+n/9v/5f/89aza3/z93/s7hly/A7etb/XwIAAABzkrv/53FLk1//BwAAgA5y9/8ibtmx/0/u8Xe1AwAAAHOTu/+Xccsefv3/bvv2rQ6O/n/m/f9i/P7/toX+X/9/iv5f/78O+v9p/2f/f/KI/l//P0H/r//X/3OmufX/uft/Fbf4/f8AAACwybb9E4Xc/b+OW+x/AAAAGEbu/t/ELfY/AAAADCN3/2/jlib7X/8/8/7/nN7/P17/0yb0/97/38f+//JjSz9f/6//H5n+f5r3/1fQ/+v/9f/6f9Zqbv1/7v7b4pYm+x8AAAA6yN3/u7jF/gcAAIBh5O7/fdxi/wMAAMAwcvf/IW5psv/1/yP2/5v1/r/+3/v/597/3+WCEzfe9wFXX6n/57SD7P/zjwX9/4H0/9cv+/fT/+v/5/T99f/6f3aaW/+fu/+PcUuT/Q8AAAAd5O6/PW6x/wEAAGAYufv/FLfY/wAAADCM3P1/jlua7H/9v/5/Lv1//md9CP3/ic3r/7Mp7t7/e/9f/7+T9/+nbXD/7/1//f/sv7/+X//PTnPr/3P3/yVuabL/AQAAoIPc/X+NW+x/AAAAGEbu/r/FLfY/AAAADCN3/9/jlib7X/+v/59L/5+8/3/653n//xT9v/7/bOj/p+n/V9D/6//1//p/1mpu/X/u/n/ELU32PwAAAHSQu/+OuMX+BwAAgGHk7v9n3GL/AwAAwDBy9/8rbmmy//X/+n/9v/5f/7/88/X/m0n/P03/v4L+X/+v/9f/s1Zz6/9z9/8nAAD//1XOc+E=")
mount$overlay(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
mkdirat(0xffffffffffffff9c, &(0x7f0000001080)='./file0/file0\x00', 0x19a)

5m6.946179206s ago: executing program 7 (id=2395):
r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x3000001, 0x32, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000440)=0x6b1)

5m6.074393067s ago: executing program 7 (id=2405):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(r1, 0x8982, &(0x7f0000000100)={0x6, 'team_slave_1\x00', {}, 0x3ff})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r0, 0x8983, &(0x7f0000000140)={0x0, 'dummy0\x00', {0x2}, 0x81})

5m5.720955797s ago: executing program 36 (id=2405):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(r1, 0x8982, &(0x7f0000000100)={0x6, 'team_slave_1\x00', {}, 0x3ff})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r0, 0x8983, &(0x7f0000000140)={0x0, 'dummy0\x00', {0x2}, 0x81})

2m40.327785012s ago: executing program 6 (id=3831):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0xc453, &(0x7f00000000c0), 0x4, 0x55f, &(0x7f00000001c0)="$eJzs3c9vHFcdAPDvTLz56WRd4ACVaAtplUSQ3RirrcWhFAnBqRKo3IOx15aVtTfyrtvYqqgj/gAkhACJE1x6QeIPQEKVuHCskCrBGQQIhCAFIZAgg3Z31nHs/eE4zo5rfz7SZN68NzPf9zaZH29mMhPAifVqPtzPsuxaRJTz/DQfLrcntiKei4gP7r013x6SyLLX/5ZEkuf11pV1nIkL3UU6K5j4SsQ3k71xmxubt+bq9dpaPl1trdyuNjc2ry+vzC3VlmqrMzPTL82+PPvi7I3Had7ihTxxMSJe+dKfvv+dd778yi8+++bvb/7l6reSbp3fjl3teMi5kTEmhhV2m16Kszvy2r/l2iM04qibyFvXaevo36vjbv5PBACA8XohIj4SEZ+OiGtRjlPDT2cfSKLPWT0AAABwFGVfmIz/Jr17d3uc7pNXHjAvAAAAcESlETEZSVrJn/edjDStVKLzDO/H4nxabzRbn1lsrK8utMsipqKULi7XazfyZ4WnopS0p6c76Xz6X1mW7ZxertdmIuKpiPhe+VxnujLfqC8UffEDAAAATogLu/r//yx3+/8AAADAMTNVdAUAAACAJ07/HwAAAI4//X8AAAA41r762mvtIet9/3rhjY31W403ri/UmrcqK+vzlfnG2u3KUqOx1Hln38rQlW1/OnB1/U61VWu2qs2NzZsrjfXV1s3lhz6BDQAAAIzRU8+++9skIrY+f64ztJ3eUf6f/DsBhVUQeGK2L9lFko9P753pd5e64z+OqVLAWJwqugJAYSaKrgBQmFLRFQAKl4woH/jwznv5+FMDyu1gAADgyLjyicH3/9OhS24NLwaOvAcb8aVC6wGMX37/f8exfJ+Hddf14EOvc/+/zyN/fTnjh2Ol5AlAOPFG3v8fdI7w3n4j+D9EAABQtMnOkKSV/PLeZKRppRJxsfNZgFKyuFyv3cjvDv6mXDrTnp7uLJmM7DMAAAAAAAAAAAAAAAAAAAAAAAAAAF1ZlkQGAAAAHGsR6Z+TX3bf5X+l/Pzk7usDp5N/lyP/ROibP3r9B3fmWq216Xb+37fzWz/M8z9XxBUMAAAAYLdeP73XjwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAw/TBvbfme8M44/71ixEx1S/+RJztjM9GKSLO/yOJiR3LJRFx6hDib92NiI/3i5+0q7Udckf8Ui/v3JOPH1P5r7C3/ffjwiHEh5Ps3fb+59V+218az3XG/be/iYiHpg9q8P4vtvd/pwbs/y7uWVvaN8bT7/+sOjD+3YinJ/rvf3rxkwHxL3eTI3+Gb3x9c3NQWfbjiCu948876a4ID1LV1srtanNj8/ryytxSbam2OjMz/dLsy7Mvzt6oLi7Xa/mffWN895M/vz+s/ef7Hv+6+99h7X9+VMNz/3v/zr2PdpOlfvGvXu4T/1c/yefYGz/Nj30v5Ol2+ZVeequb3umZn/76mWHtXxjQ/lF//1f32f5rX/v2H/Y5KwAwBs2NzVtz9Xpt7SCJckQ8xuLjSbR76UegGkUm6pci9jnzzJniqno2xh307b1Fz8aBV5hlWdbeph6jYsnBox9OItnOKXrPBAAAHLYHZ/9F1wQAAAAAAAAAAAAAAAAAAABOrkd8Q9j5g7yfbHfMre1Uchiv0AYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBT/DwAA//+Om+LF")
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x40000f, 0x8041)
ioctl$USBDEVFS_BULK(r0, 0xc0185502, &(0x7f00000001c0)={{{0x1, 0x1}}, 0x0, 0x101, 0x0})

2m39.67833532s ago: executing program 6 (id=3841):
r0 = epoll_create1(0x0)
unshare(0x4000400)
fgetxattr(r0, &(0x7f0000000040)=@known='user.incfs.metadata\x00', &(0x7f0000000340)=""/4096, 0x1000)

2m39.438256803s ago: executing program 6 (id=3844):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f00000000c0)={0x1f, 0x3}, 0x6)
write$bt_hci(r0, &(0x7f0000000200)={0x1, @role_discovery={{0x809, 0x2}, {0xc8}}}, 0x6)

2m39.340982629s ago: executing program 6 (id=3846):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000540)='./bus\x00', 0x8800, &(0x7f0000000280)={[{@errors_remount}, {@usrquota}, {@minixdf}, {@nombcache}]}, 0x1, 0x51a, &(0x7f0000000f00)="$eJzs3c9vI1cdAPCvnThxfnSTlh4AQbu0hQWt1km8bVT1AOWIUCVEjyBtQ+KNothxFDulCXtIz1yRqMSJHvkDOPfEgRsXBDcuywGJHxFog8TBaMaTrDdrb6xNYqfx5yON5r2ZWX+/L868t36O/QIYWTcj4iAiJiLig4iYy47nsi3ebW/JdY8OH6weHT5YzUWr9f4/c+n55Fh0/JvETPaYxYj44acRP8k9Hbext7+5Uq1WdrL6QrO2vdDY27+zUVtZr6xXtsrl5aXlxbfvvlW+sLa+WpvISl99+IeDb/0sSWs2O9LZjovUbnrhJE5iPCK+fxnBhmAsa8/EsBPhueQj4qWIeC29/+diLH02AYDrrNWai9ZcZx0AuO7y6RxYLl/K5gJmI58vldpzeC/HdL5abzRv36/vbq2158rmo5C/v1GtLGZzhfNRyCX1pbT8uF4+Vb8bES9GxC8mp9J6abVeXRvmf3wAYITNnBr//zPZHv8BgGuuOOwEAICB6zH+Hww6DwBgcLz+B4DRY/wHgNFTTL/DYWrYaQAAA+T1PwCMHuM/AIyUH7z3XrK1jrLvv177cG93s/7hnbVKY7NU210trdZ3tkvr9fp6+p09tbMer1qvby+9GbsfzX97u9FcaOzt36vVd7ea99Lv9b5XKaRX+WQBAAzTi69+9udcMiK/M5Vu0bGWQ2GomQGXLT/sBIChGetRBq4/q33B6DrHa3zTA3BNdFmi9wnF6PIBoVar1bq8lIBLdutL5v9hVHXM//srYBgx5vxhdJn/h9HVauX6XfM/+r0QALjazPEDPd7/fynb/yZ7c+DHa6ev+OQyswIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICr7Xj931K2Fvhs5POlUsQLETEfhdz9jWplMSJuRMSfJguTSX1pyDkDAOeV/1suW//r1twbs0+cemXmpDgRET/91fu//Gil2dz5Y8RE7l+Tx8ebn2THy4PPHgA42/E4ne47Xsg/OnywerwNMp+/fzciiu34R4cTcXQSfzzG030xChEx/e9cVm/LdcxdnMfBxxHxxW7tz8VsOgfSXvn0dPwk9gsDjZ9/In4+PdfeJz+LL1xALjBqPkv6n3e73X/5uJnuu9//xbSHOr+s/0seavUo7QMfxz/u/8Z69H83+43x5u++1y5NPX3u44gvj0ccxz7q6H+O4+d6xH+jz/h/+corr/U61/p1xK3oHr8z1kKztr3Q2Nu/s1FbWa+sV7bK5eWl5cW3775VXkjnqBd6jwb/eOf2jV7nkvZP94hfPKP9X++z/Z/+74Mffe0Z8b/5erf4+Xj5GfGTMfEbfcZfmf5tsde5JP5aj/af9fzf7jP+w7/uP7VsOAAwPI29/c2VarWy86zCjaOIs675XBaiv4t/n/2wrkTOI11InoUrkEbXwnc6jszEJcaa6HEz/vz19q/pZETnL3ar9VyxevUYFzHrBlwFJzd9RPx32MkAAAAAAAAAAAAAAABdDeLTUcNuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANfX/wMAAP//jMfJaQ==")
syz_mount_image$fuse(0x0, &(0x7f0000000100)='./bus\x00', 0x20020, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

2m38.818630179s ago: executing program 6 (id=3852):
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x56a, 0x116, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x8, [{{0x9, 0x4, 0x0, 0xfe, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0xffff, 0x8, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x0, 0x1}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000040)={0x2c, &(0x7f00000012c0)={0x40, 0x3, 0x5, {0x5, 0x4, "26ed60"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

2m38.031143575s ago: executing program 6 (id=3860):
r0 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x1, 0x0)
write$proc_mixer(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB='LINE1 \aMaster Capture!Switch\' '], 0x33)
close(r0)

2m37.704596494s ago: executing program 37 (id=3860):
r0 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x1, 0x0)
write$proc_mixer(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB='LINE1 \aMaster Capture!Switch\' '], 0x33)
close(r0)

5.324231712s ago: executing program 0 (id=5196):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$inet6(r0, &(0x7f0000000600)={&(0x7f0000000100)={0xa, 0x4e22, 0x81, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0xffffa4dd}, 0x1c, &(0x7f00000000c0)=[{&(0x7f00000002c0)='7', 0x1}], 0x1}, 0x24078880)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000900)={0x0, @in6={{0xa, 0x4e22, 0x81, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x3}}, 0x8, 0x10000, 0x8, 0xc000000, 0x40}, &(0x7f0000000700)=0x98)

4.943172624s ago: executing program 4 (id=5199):
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x380000, @loopback}, 0x1c)

4.273576313s ago: executing program 0 (id=5209):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000180)={{0x12, 0x1, 0x0, 0xb5, 0x10, 0xf2, 0x10, 0xb95, 0x772a, 0x8273, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x22, 0x0, 0x2, 0x89, 0x53, 0x95, 0x0, [], [{{0x9, 0x5, 0xa, 0x2, 0x3ff, 0x0, 0xfa}}, {{0x9, 0x5, 0x82, 0x2, 0x450}}]}}]}}]}}, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000000)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)={0x40, 0x13, 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

3.849664608s ago: executing program 4 (id=5215):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_int(r0, 0x6, 0x18, &(0x7f0000000100)=0x10000, 0x4)

3.689583057s ago: executing program 4 (id=5217):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="16000000000000000000030001"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000440)={r0, 0x0, 0x0}, 0x20)

3.523581456s ago: executing program 4 (id=5220):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a010400000000000000000a0000010900010073797a31000000002c0004802800018007000100637400001c0002800500030081000000080002400000000908000140000000090900020073797a32"], 0x80}, 0x1, 0x0, 0x0, 0x4008091}, 0x24000000)

3.27995649s ago: executing program 4 (id=5224):
r0 = syz_clone(0x900000, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(r0, 0x0, 0x80000000, &(0x7f0000001c00))
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x200000b, 0x204031, 0xffffffffffffffff, 0xffffd000)

2.869449314s ago: executing program 4 (id=5232):
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x1e, 0x0, 0x0)
move_pages(0x0, 0x2000000000000007, &(0x7f0000000080)=[&(0x7f0000004000/0x3000)=nil], 0x0, &(0x7f0000000540), 0x0)
shmdt(0x0)

2.561022692s ago: executing program 8 (id=5236):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
setresuid(0x0, 0xee01, 0x0)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f00000003c0)={0x1, 0x1, 0x7, 0x11, 0x72, 0x0})

2.390391812s ago: executing program 8 (id=5238):
syz_usb_connect(0x2, 0x9a2, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d0241710d8050a81b892000000010902900902000000000904"], 0x0)
r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000200)={&(0x7f0000001480)=[{0x50, 0x8001, 0x0, 0x0}, {0x8, 0x11, 0x0, 0x0}], 0x2})

1.928731188s ago: executing program 9 (id=5242):
r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0x94, 0x2)
io_setup(0x202, &(0x7f0000000200)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000780)=[&(0x7f0000000340)={0xfffffffe, 0x20011004, 0x4, 0x1, 0x21, r0, 0x0, 0x0, 0x407f0b00}])

1.683177533s ago: executing program 9 (id=5243):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000080)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, &(0x7f00000000c0)={0x18, r1, 0x0, 0x0, 0x0})

1.498137553s ago: executing program 9 (id=5244):
syz_mount_image$fuse(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x1, 0x0, 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000200)='devpts\x00', 0x4, 0x0)
mount$bpf(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x3182022, &(0x7f0000000280)=ANY=[@ANYBLOB='mode=0'])

1.314109693s ago: executing program 9 (id=5245):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000240), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSNPMODE(r0, 0x4008744b, &(0x7f0000000200)={0x2b, 0x3})

1.098437256s ago: executing program 9 (id=5246):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000100)={0x0, 0x4100, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r1, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8}}]}, 0x3c}}, 0x0)

1.036030339s ago: executing program 9 (id=5247):
syz_mount_image$btrfs(&(0x7f0000000100), &(0x7f0000000040)='./file1\x00', 0x800810, &(0x7f0000000340)={[{}, {@subvol={'subvol', 0x3d, '.'}}, {@space_cache_v2}, {@skip_balance}, {@ssd}, {@datacow}, {}, {@nodiscard}, {@enospc_debug}]}, 0xfb, 0x50f9, &(0x7f0000005140)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734d2FpAqhUbJJahw38Xptk4daqqwpVSPSNOuGBlURxcZek8ULdmxTYhQiYxPRCEFpg5R8KMIoimo+QK1ARFJAuEhxhMojoioKIFBoDVEQKSWJSBOkUM3ee2bvnLvz8GONl/5+knfOzP887zw859475wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP8Ph75y1d82iz/82/Oefu7Cicv2rrvw5WvOO/3xECZnH+/Iwh3919868fM7z71r731rbrvnyPkf7M3L5fEwUP3Tmd+5LtZ6ZGkI93aE0J0GVg5mgZ78/mCs712DIZwW5gK1ElP9WYm04fD9vhD2h7lArarv9YUwWAhc8MRDD95YTdzSF8KyEEIlbePZStZGXxo4qzcL9KeBbd1Z4FdvZGqB73ZmAThu8c1Qe9EfnKzPMDJ/uQavv54T1rE3Vzq8rpgYaZzvZ+sWuFMFvekDk8f1tJWqY0GU3h6HvNsWwbuttJ1v9rQVv0jl31DemAtVQufmqS0br5zZFR/pDGNjXY1qWqDn+alXv7TpaNKL5nUYOzByQl6HNz227M6uFZ969J6Vy1488KF9Lx1vN39U2KTF9EKrhPw1t2iex2jC58kiePuVviWN+tIVQtjy+d/7dLN4af4/0nz+H1/O8bazLnes9fWhbG4eHxmMiVeGsrk5AAAALBqLYa/ptrEHPlYoPlxJ6ivN/0fbO/4fD/nnk/lstIdCmJhN7BsO4YzZx7PAHbG5S4ZDeO9sarI+sC4JHArhnbOJFbWqkhJLYonRJPCToTwwkQQOx8BkEvhWDNycBK6LgYNJYFMMHEoC58ZAmK4fx+8P5eNoO9AXAxuyjXgwnoXwi6HYWrKtnqlVBQAAcILks8Oe+ruFcx2ON0OcXh7sa5UhnoHdMEMlqSGdwdamVQ1r6G5VQ2erGmrj3tN8+KWaO1rVXDoNo6M+w62//JvPhCZK8//x5vP/yjwd6Sgd/w9h/ezfmLszj8zU4hsm6zIAAAAAx2Hgf5//ZrN4af4/0d75/3GfSFchc3gk7obYOhzCeH0gq/YPy4HsqPdAHgAAAIDFoHY8vnYsfDq/zU7RTufT5fyTR5k/HvifmDd/76H7NzTrb2n+P9ne+f/99bdZJw7HXnxtOIQlhcAPYi+rgVmjMfDjj9cH8vEfjhvghlhVfmJCraobYokNMTCeBPY3KvHDWokz6gP5k1VrfF9tHNN5iUIAAAAATrq4OyAel4/n/7/vN2uualauNP/fcHTn/8/Og0un988MhLCqO4Su9IcBj/RnCwPGwGBHnnigP6urK63q2v4QzqkOLK3q+Xz9/+50jcEn+rKqYuCM9x149axq4pt9IawqBp783O0friZ2JYFa43/ZF8J7qqNNG//OkqzxnrTxry8J4d2FQK2qS5aEUG2sN63qoUp+HYO0qn+uhPC2QqBW1UcqIewOACxS8b/SzcUHd+6+euvGmZmpHQuYiPvw+8KW6ZmpsU3bZjZXGvRpc9LnumWMri2Pqd0r3zyTL1H02bvXD7aTrv1OcLzYVr4fv3TiYH4/fhfqmR3nmp66u2vTIX/g/eUmQuGbVKMhdy7wkPuLlcw9iaX6Y/7eMBCWXLlzasfYFzfu2rVjdfa33exrsr/xMFO2rVan26p/vr618fJouFpW4li31fJiJat2Xb591c7dV6+cvnzjpVOXTl2x+iNrxs8eXzv+0bNXVUc1nv1tMdTl81WdDPWN29sc1wkc6pndhUpOxqeGhITEYktsG1je9P/k0vx/e/P5f/zUiZ/8+foMjY7/j8TD/Nnjc4f5N8TA/naP/480OppfOzFgNAnsiYE9DvMDAADw1hAn+XFvZtwr/dMV33mxWbnS/H9Pe7//P0Hr/9eWrj+/0TL/K2KJ8Ubr/6fL/NfW/9/TaP3/dJn/2vr/+9+E9f+vrAWSTfIL6/8DAABvBSdv/f+Wy/unFwgoZWi5vH96gYBShpbL+Ld7gYCjXv//2f/8q/8OTZTm/ze3N/+3cD8AAACcOr78Z1f9TrN4af6/v735/8lf/y80Ov9/tFFgstHCgNb/AwAAYJFqtP7fyPX9FzcrV5r/H2xv/h9Pu+isyx1rfX0oW9MupGvavTJU+8kAAAAALA6dYWysp828dSujrjv2Np/KlwJtli56/k+OHN35/4fam//X/S7jpseW3dm14lOPvn7PymUvHvjQvpfmjv8DAAAAC6fd/RIAAAAAAAAAAAAAAMCb7/n/2Lu2Wbz0+/+wfvbxRr//j9f9i78veHtd7lhr6/X/8vsXfPKu3bNLFj4yFML7i4Gte7eeFvJr8y8vBh68aMU7qom9aYn7nzv3hWri4jTwiZWnv1ZNnJMENsRFEt+ZBuJVFV9bmgTi8or/ngbi9jiYBnrzwFeXZuPoSLfVTwezbdWRbqunB0MYLgRq2+rewayNjnSAtySB2gC/kAbiAP88D3SmvbprIOtVDAzGorcNZL0CAOCUFb8F9oQt0zNT4/ErfLw9s7v+NqpbsuzacrUdbTb/TL402WfvXj/YTror/S46d63xnlCpDmF16etqMUvH7ChPTC0tNt3bGwy51WpvnQ3KpY520/U2HlFfNqKxTdtmNve0HPja1lnWdLfMsro02Slm6ZzdpG3U0kZf2hhRm9umjS7H+51hbKwryfUHMTgS6rR6RbT7e/3iOn+NXgXFPFcc2ferZvWV5v8j7c3/K8VxvZZfDGBPvLLe3w1b5h8AAAAW1lfX/fob8d9nrn/4yWZ5S/P/0fbm/3EPVn4oONvbcShe/3/fcAizl9YfyQJ3xOYuGQ7hvbOpyVgiu6D++bHEeBa4I+4wWRFLbJisr2pJDBxMAj8ZygOHksDhGMj3UhwI+a6cvx8K4cOzqfX1JbbHEiNJ4NMxMJoExmJgPAksjYGJJPDy0jwwmQT+LQbCdP22untpvq0AAACORj7P6qm/G9J53sHuVhk6WmXob5Whs1WGSqsMjUYR7387ZuhJTl7pKGTqSWvtS2opZYgXwz/qfpUyhB/W50wLlpqO5x/UzjfoqM9w38e6K6GJ0vx/vL35f3/9bdb64Tj/n7v+Xxb4Qeze1+Kp46Mx8OOP1wfyHQOH42T3hlpVk3mJfNJ+QywxEQOjSWB7DEwkgQ3r88D+d9QH8pl2rfF9tcan8xKFAAAAAJx0cQdB3E0T5/+37fzKQLNypfn/RHvz/9jeQLGx62KtR5aGcG/HXG9qgZWDWSDuxxiMP49/12AIpxV2cNRKTPVnJXqThsP3+7JfqPemVX2vL/vxQbx/wRMPPXhjNXFLXwjLCntfam08W8na6EsDZ/Vmgf40sK07C8Q9P7XAdzuzABy32l7B+ILKT3WpGZm/XIPX31vlmqDp8Er7QOfJN99vrhZKaYdrvk+15uietqb7bzlhSm+PQ95ti/HdNuLdVvwilX9DeWMuVAmdm6e2bLxyZld8pPhL1pIFep6Lv1JtJ30CXod7jr23rVXSDownHx/j85eb/3XYEau76bFld3at+NSj96xc9uKBD+17qe1uNBB/KPzQNf86+KPC5l1olZC/5hbd58mkz5NF8d9A8u4e9bSFENa//PUbmsVL8//J9ub/3cntrF/HjblzOIQPFDbuI3Hz//Fw9jlYCGSfkm8rB7JD7v811PCTEwAAAE602u6O2v6C6fw2OyE8nSeX808eZf64v2Ji3vzt9rv/ry9a1ixemv9vaD7/X5J00/F/x/9ZII7/z+tU3xW9JH1gz3Htii5Vx4Jw/H9ep/q7zfH/eTn+7/j/fBz/b8Hx/3md6k9b6VvSdl+6Qggv/tEDTzeLl+b/29ub/1v/b/5F+2rr/21otP7f9kbr/+2x/h8AALCgGiw0l87zSqv3lTKkq/eVMrRcILDlEoPW/zvq9f9eOPPZ34QmSvP/Pe3N/+PLYaDY+mJZ/290fYOqbo6B7RYGBAAA4FTUaAcBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb677/uF/NjeLP/zb855+7sKJy/auu/Dla847/fEQpmcf78jCHf3X3zrx8zvPvWvvfWtuu+fI+R+s5OV68tvfrcsda319KIT9hUcGY+KVoeqducAFn7xrd3c18chQCO8vBrbu3XpaNfGtoRCWFwMPXrTiHdXE3rTE/c+d+0I1cXEa+MTK01+rJs7JAx1pd/9xadbdjrS7Ny4NYbgQqHX3sqX1VdXa+NM80Jm28U+DWRsxMBiLfmMwayMGZmKJ6SUhrOoOoSut6uFKVlVXWtW/VLKqutKqvlwJ4ZwQQnda1XO9WVXd6cgf782qioEz3nfg1bOqif29IawqBp783O0fria+kARqjf9Fbwjvqb5k0sa/3ZM13pM2fktPCO8OIfSmJX7ZnZXoTUs83x3C2wqBWuOf7w5hd+AtIX741H2i7dx99daNMzNTOxYw0Zu31Re2TM9MjW3aNrO5kvSpkY5C+o1rj33sz7z6pU3V28/evX6wnXR3Xq5ntstreururj3Vex/71V+sZO75KNUf8/eGgbDkyp1TO8a+uHHXrh2rs7/tZl+T/e3Ko9m2Wr1YttXyYiWrdl2+fdXO3VevnL5846VTl05dsfoja8bPHl87/tGzV1VHNZ79PRFDvf3kD/XM7kIlJ+MDQEJCYrElOus+3cZP9Q/y0hf9uY72hMrsB3RpWlHM0jE7yhMx6HXHOOJj+Z7SckSrSxOHUpY182S5tj7L2tJkYq6WvizL7Pe60uSw2Fjn7CaN9zvD2FhXo+0wUn+3uHl/dhyb96l807WbBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRg9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHApAAD//7IeJCA=")
r0 = syz_open_procfs(0x0, &(0x7f0000000540)='mounts\x00')
read$FUSE(r0, &(0x7f0000002c00)={0x2020}, 0x2020)

960.443334ms ago: executing program 0 (id=5248):
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x481, 0x0)
r1 = dup(r0)
ioctl$PTP_EXTTS_REQUEST2(r1, 0x40043d0d, 0x0)

751.355976ms ago: executing program 0 (id=5249):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000001a0001002bbd7000fbdbdf250a8080000000000000000002"], 0x24}}, 0x0)

749.876866ms ago: executing program 8 (id=5250):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000040)=0x16)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f000000a040)=0x3)

588.196886ms ago: executing program 8 (id=5251):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0x3, 0x8, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r1, 0x27, 0xe, 0x0, &(0x7f0000000040)="52e1119c000000002bf0543788a8", 0x0, 0x4007, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50)

490.443291ms ago: executing program 0 (id=5252):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0106000000000000000009000000240004801300010062726f616463617336af1e4deaf374"], 0x38}, 0x1, 0x0, 0x0, 0x24008001}, 0x0)

279.472413ms ago: executing program 8 (id=5253):
sched_setscheduler(0x0, 0x1, 0x0)
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000080)='./file1\x00', 0x84, &(0x7f00000000c0)=ANY=[], 0x8b, 0x2d5, &(0x7f0000025dc0)="$eJzs3c9OE10Yx/HfmSlteeHFUTAmxoVBia4M4Ma4aWKI1+BGI9KaEBqIiImysXFtvAD3bLwAL8KVMXGNK1deALsxZ3pKz7QzbYHQAfl+ktrO9Px5zsy0c56RZgTgwnq0sr93/7d9GClUKOmhFNi3bqok6aquVd9s7qzvNBv1QQ2FUlXJw0hJTdNXZm2zkVXV1ktqOJFdKmnaX4fTEcdx/KvoIFCkqnsOs94MpIr7dIZ+4bOs0rM80bPcCqXWGOM5i8yBDvRWM0XHAQAolmmf3wN3np928/cgkBbcad8////8v+B4T+aODooOoWDe+T/JsmJj9++l5K1uvmc06cp3ssSj9mPnYmW1j6zUBNOks8r+ZDGJJZh8ud5s3FvbatYDfVAtYfy8cE5STXWXs2ZF29/0fMa6tLK/sD+sdK6pZAwTdgzL3fhrNa/IbFanx93aozDfzHfzzET6rPrh/K8UG3/Mbk89nujGv5jX3Narp/Y5apfKGeVluxtK19MbduAow7yMRG5LxaHSFwiidJzlzFpl9dRqj24pryfXzmxmreUhteZsrS9ere7RnF/ztJlP5omZ1x991Yo3/w/s1l5Q/yczu5GkpDsyBo6nlJSM/FWtG5klg6OPBUfU3cYf9UIPNPP63e7GarPZ2B73CxvD2Du9mC8i9a7pHARnJcLjvbDfsf4aRY3t0nh6L59401XdTrGTmf4yld2N1YpfuD3Szgmxt8HOx3qE3jsX8IZGOMZvJRSmu9Pzy7wX/xPzD7NfHqad/3n5ymKS9Nh/ogHz9HjYtM1rcSkjN+heqv/Pa8m46/P5GdBUZgbX0mg5V1L31l3ptrdyf68yKOeKdEWH2fD5Z1b0Q8+5/g8AAAAAAAAAAAAAAAAAAHDejOPXGl53/B05AAAAAAAAAAAAAAAAAAAAAADHkH//36pO8f6/qd8BjHz/394bewI4kb8BAAD//+jIZ98=")
syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000001080)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x1021408, 0x0, 0x1, 0x0, &(0x7f0000006380))

271.704314ms ago: executing program 0 (id=5254):
r0 = socket$kcm(0x2b, 0x1, 0x0)
setsockopt$sock_attach_bpf(r0, 0x6, 0xd, &(0x7f0000000040), 0x3)
sendmsg$inet(r0, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x20000014)

0s ago: executing program 8 (id=5255):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="50000000000101040000000000000000020000000800154000000064240001801400018008000100e000000108000200e00000010c0002800500010000000000080008"], 0x50}, 0x1, 0x0, 0x0, 0x8014}, 0x40c0)

kernel console output (not intermixed with test programs):

] Bluetooth: hci1: command tx timeout
[  494.699418][T16963] team0: Port device team_slave_0 added
[  494.932362][T16963] team0: Port device team_slave_1 added
[  495.250826][T16963] batman_adv: batadv0: Adding interface: batadv_slave_0
[  495.277424][T16963] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  495.337404][T17076] netlink: 'syz.0.3897': attribute type 4 has an invalid length.
[  495.368677][T16963] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  495.441368][T16963] batman_adv: batadv0: Adding interface: batadv_slave_1
[  495.509057][T16963] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  495.596863][T16963] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  495.693363][T17068] loop4: detected capacity change from 0 to 32768
[  495.713207][T17080] dccp_invalid_packet: P.Data Offset(4) too small
[  495.843560][T17068] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  495.921610][T17072] loop8: detected capacity change from 0 to 32768
[  495.951653][T17072] XFS: ikeep mount option is deprecated.
[  496.020197][T17068] XFS (loop4): Ending clean mount
[  496.038704][T16963] hsr_slave_0: entered promiscuous mode
[  496.060668][T17068] XFS (loop4): Quotacheck needed: Please wait.
[  496.162683][T16963] hsr_slave_1: entered promiscuous mode
[  496.190405][T16963] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  496.228664][T17072] XFS (loop8): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  496.263218][T16963] Cannot create hsr debugfs directory
[  496.291207][T17068] XFS (loop4): Quotacheck: Done.
[  496.440576][T17072] XFS (loop8): Ending clean mount
[  496.510588][T17072] XFS (loop8): Quotacheck needed: Please wait.
[  496.536352][T15307] Bluetooth: hci1: command tx timeout
[  496.691263][T17072] XFS (loop8): Quotacheck: Done.
[  496.785473][ T6125] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  496.837682][ T1028] IPVS: stop unused estimator thread 0...
[  496.875456][T13162] XFS (loop8): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  497.264707][T16963] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  497.329693][T16963] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  497.416002][T16963] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  497.518551][T16963] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  497.622337][T17124] netlink: 6 bytes leftover after parsing attributes in process `syz.4.3902'.
[  497.977523][T16963] 8021q: adding VLAN 0 to HW filter on device bond0
[  498.087405][T16963] 8021q: adding VLAN 0 to HW filter on device team0
[  498.190055][T13233] bridge0: port 1(bridge_slave_0) entered blocking state
[  498.197282][T13233] bridge0: port 1(bridge_slave_0) entered forwarding state
[  498.234399][T13233] bridge0: port 2(bridge_slave_1) entered blocking state
[  498.241666][T13233] bridge0: port 2(bridge_slave_1) entered forwarding state
[  498.892796][T17166] loop8: detected capacity change from 0 to 128
[  499.140485][T16963] 8021q: adding VLAN 0 to HW filter on device batadv0
[  499.186824][T17173] loop8: detected capacity change from 0 to 64
[  499.309813][T17148] loop4: detected capacity change from 0 to 32768
[  499.485859][T17148] XFS (loop4): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  499.770206][T17148] XFS (loop4): Ending clean mount
[  499.982863][ T6125] XFS (loop4): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  500.281195][T16963] veth0_vlan: entered promiscuous mode
[  500.365187][T16963] veth1_vlan: entered promiscuous mode
[  500.466509][T16963] veth0_macvtap: entered promiscuous mode
[  500.518930][T16963] veth1_macvtap: entered promiscuous mode
[  500.616550][T16963] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  500.683823][T16963] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.704053][T16963] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  500.730771][T16963] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.768094][T16963] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  500.778603][T16963] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.814476][T16963] batman_adv: batadv0: Interface activated: batadv_slave_0
[  500.846335][T16963] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  500.886740][T16963] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.921543][T16963] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  500.949865][T16963] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.985593][T16963] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  501.018190][T16963] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  501.058372][T16963] batman_adv: batadv0: Interface activated: batadv_slave_1
[  501.096200][T16963] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  501.143864][T16963] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  501.152659][T16963] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  501.195756][T16963] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  501.306869][T17226] loop4: detected capacity change from 0 to 164
[  501.428242][ T1028] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  501.477274][ T1028] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  501.496403][T17226] iso9660: Corrupted directory entry in block 2 of inode 1792
[  501.603492][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  501.628144][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  501.842941][T17212] loop8: detected capacity change from 0 to 32768
[  501.870150][T17212] XFS: ikeep mount option is deprecated.
[  501.897318][T17212] XFS: ikeep mount option is deprecated.
[  501.934874][T17234] loop9: detected capacity change from 0 to 16
[  501.951545][T17234] MTD: Attempt to mount non-MTD device "/dev/loop9"
[  501.956839][T17236] netlink: 'syz.4.3937': attribute type 11 has an invalid length.
[  501.992611][T17236] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3937'.
[  502.017061][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  502.024159][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  502.063513][T17212] XFS (loop8): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  502.453136][T17212] XFS (loop8): Ending clean mount
[  502.629692][T17212] XFS: ikeep mount option is deprecated.
[  502.635398][T17212] XFS: ikeep mount option is deprecated.
[  502.843951][T13162] XFS (loop8): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  503.493423][T17249] loop9: detected capacity change from 0 to 32768
[  503.622567][T17249] XFS (loop9): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  503.912808][T17249] XFS (loop9): Ending clean mount
[  504.233038][T16963] XFS (loop9): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  504.955675][T17270] loop4: detected capacity change from 0 to 32768
[  504.999984][T17270] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  505.140227][T17270] XFS (loop4): Ending clean mount
[  505.153540][T17270] XFS (loop4): Quotacheck needed: Please wait.
[  505.233431][T17270] XFS (loop4): Quotacheck: Done.
[  505.599929][ T6125] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  505.628815][T17322] loop8: detected capacity change from 0 to 1024
[  505.764366][T17322] hfsplus: bad catalog entry type
[  506.223440][T17337] loop9: detected capacity change from 0 to 8
[  506.265703][T17337] SQUASHFS error: Failed to read block 0x6e6: -5
[  506.272890][T17337] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  506.280826][T17337] SQUASHFS error: Unable to read directory block [631:26]
[  507.028815][T17363] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  507.056891][T17361] IPVS: stopping master sync thread 17363 ...
[  507.690671][T17383] netlink: 'syz.8.3968': attribute type 3 has an invalid length.
[  508.369162][T17391] loop9: detected capacity change from 0 to 32768
[  508.437550][T17392] loop8: detected capacity change from 0 to 32768
[  508.479703][T17392] (syz.8.3970,17392,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  508.511876][T17392] (syz.8.3970,17392,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  508.536074][T17392] (syz.8.3970,17392,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xcfdff595, computed 0xefed4a20. Applying ECC.
[  508.568767][T17392] JBD2: Ignoring recovery information on journal
[  508.620324][T17392] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode.
[  508.770480][T17392] (syz.8.3970,17392,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x2c7b5077, computed 0x28030c75. Applying ECC.
[  508.812745][T17392] (syz.8.3970,17392,1):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x2c7b5077, computed 0x28d1d8ae
[  508.838208][T17392] (syz.8.3970,17392,0):ocfs2_read_quota_phys_block:160 ERROR: status = -5
[  508.868346][T17392] (syz.8.3970,17392,0):ocfs2_quota_read:201 ERROR: status = -5
[  508.892185][T17392] __quota_error: 25 callbacks suppressed
[  508.892199][T17392] Quota error (device loop8): find_tree_dqentry: Can't read quota tree block 5
[  508.908158][T17392] Quota error (device loop8): qtree_read_dquot: Can't read quota structure for id 0
[  508.920753][T17392] (syz.8.3970,17392,1):ocfs2_acquire_dquot:878 ERROR: status = -5
[  508.936446][T17403] (syz.8.3970,17403,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x2c7b5077, computed 0x28030c75. Applying ECC.
[  508.953620][T17392] (syz.8.3970,17392,1):ocfs2_mknod:314 ERROR: status = -5
[  508.964524][T17392] (syz.8.3970,17392,1):ocfs2_mknod:502 ERROR: status = -5
[  508.976895][T17403] (syz.8.3970,17403,1):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x2c7b5077, computed 0x28d1d8ae
[  508.998269][T17392] (syz.8.3970,17392,1):ocfs2_create:676 ERROR: status = -5
[  509.006024][T17403] (syz.8.3970,17403,1):ocfs2_read_quota_phys_block:160 ERROR: status = -5
[  509.016084][T17403] (syz.8.3970,17403,1):ocfs2_quota_read:201 ERROR: status = -5
[  509.024341][T17403] Quota error (device loop8): find_next_id: Can't read quota tree block 5
[  509.033693][T17403] (syz.8.3970,17403,1):ocfs2_get_next_id:909 ERROR: status = -5
[  509.167583][T13162] ocfs2: Unmounting device (7,8) on (node local)
[  509.331024][T17409] loop9: detected capacity change from 0 to 2048
[  509.353586][T17409] UDF-fs: error (device loop9): udf_read_tagged: read failed, block=3932051, location=3932051
[  509.431378][T17409] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  509.778547][T17421] loop8: detected capacity change from 0 to 512
[  509.802169][T17421] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  509.837447][T17421] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e12c, mo2=0082]
[  509.864827][T17421] System zones: 1-12
[  509.887338][T17421] EXT4-fs (loop8): orphan cleanup on readonly fs
[  509.907980][T17421] EXT4-fs error (device loop8): ext4_validate_block_bitmap:439: comm syz.8.3978: bg 0: block 361: padding at end of block bitmap is not set
[  509.937549][T17421] EXT4-fs (loop8): Remounting filesystem read-only
[  509.944945][T17421] EXT4-fs (loop8): 1 truncate cleaned up
[  509.952434][T17421] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  510.097720][T13162] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  510.263331][T17433] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3983'.
[  510.273081][T17435] delete_channel: no stack
[  510.424591][T17439] loop8: detected capacity change from 0 to 1024
[  510.458959][T17439] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=802c018, mo2=0002]
[  510.513186][T17439] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  510.565624][   T28] audit: type=1800 audit(1770859580.060:250): pid=17439 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.3987" name="file1" dev="loop8" ino=15 res=0 errno=0
[  510.718367][T13162] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  511.032688][T17461] loop4: detected capacity change from 0 to 64
[  511.382907][T17467] netlink: 'syz.0.3998': attribute type 1 has an invalid length.
[  511.566552][T17472] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4001'.
[  511.751541][T17458] loop9: detected capacity change from 0 to 32768
[  512.462410][ T7678] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  512.672027][ T7678] usb 10-1: unable to get BOS descriptor or descriptor too short
[  512.692852][ T7678] usb 10-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  512.726215][ T7678] usb 10-1: New USB device found, idVendor=0cf3, idProduct=1010, bcdDevice=26.db
[  512.747599][ T7678] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  512.766820][ T7678] usb 10-1: Product: syz
[  512.779118][ T7678] usb 10-1: Manufacturer: syz
[  512.790222][ T7678] usb 10-1: SerialNumber: syz
[  513.298244][T17501] loop4: detected capacity change from 0 to 32768
[  513.325131][T17501] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 ./bus scanned by syz.4.4015 (17501)
[  513.379037][T17501] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  513.414142][T17501] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  513.435168][T17501] BTRFS error (device loop4): superblock checksum mismatch
[  513.454268][T17501] BTRFS error (device loop4): open_ctree failed: -22
[  513.565442][ T8610] udevd[8610]: incorrect btrfs checksum on /dev/loop4
[  513.661256][ T7678] usb 10-1: reset high-speed USB device number 2 using dummy_hcd
[  513.770021][T17523] loop4: detected capacity change from 0 to 16
[  513.803445][T17523] erofs: (device loop4): mounted with root inode @ nid 36.
[  513.873720][T17523] erofs: (device loop4): z_erofs_readahead: readahead error at folio 2 @ nid 89
[  513.910498][ T7678] usb 10-1: unable to get BOS descriptor or descriptor too short
[  513.951492][T15307] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress 7514 in[4096, 0] out[8192]
[  513.966459][T17523] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress 7514 in[4096, 0] out[8192]
[  513.991219][   T28] audit: type=1800 audit(1770859583.269:251): pid=17523 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.4024" name="file3" dev="loop4" ino=89 res=0 errno=0
[  514.297064][  T787] usb 10-1: USB disconnect, device number 2
[  514.311535][ T5854] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  514.396162][T17534] loop4: detected capacity change from 0 to 4096
[  514.405383][T17534] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[  514.468898][T17534] ntfs3: loop4: Inode r=19 is not in use!
[  514.489054][T17534] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  514.525330][ T5854] usb 9-1: Using ep0 maxpacket: 16
[  514.539215][T17534] ntfs3: loop4: ino=1d, "file1" attr_set_size
[  514.559600][ T5854] usb 9-1: config 0 has an invalid interface number: 217 but max is 0
[  514.572717][ T5854] usb 9-1: config 0 has no interface number 0
[  514.581708][ T5854] usb 9-1: config 0 interface 217 has no altsetting 0
[  514.594169][ T5854] usb 9-1: New USB device found, idVendor=1604, idProduct=8005, bcdDevice=ce.a8
[  514.626693][ T5854] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  514.649644][ T5854] usb 9-1: Product: syz
[  514.657669][ T5854] usb 9-1: Manufacturer: syz
[  514.662386][ T5854] usb 9-1: SerialNumber: syz
[  514.671493][ T5854] usb 9-1: config 0 descriptor??
[  514.953676][T17542] loop9: detected capacity change from 0 to 1024
[  514.997914][T17542] hfsplus: small file entry
[  515.065159][   T27] usb 9-1: USB disconnect, device number 11
[  515.137929][   T48] hfsplus: b-tree write err: -5, ino 4
[  515.147267][T17545] loop4: detected capacity change from 0 to 512
[  515.233646][T17545] EXT4-fs warning (device loop4): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  515.304914][T17545] EXT4-fs warning (device loop4): dx_probe:881: Enable large directory feature to access it
[  515.318196][T17545] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.4031: Corrupt directory, running e2fsck is recommended
[  515.338274][T17545] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  515.347410][T17545] EXT4-fs error (device loop4): ext4_iget_extra_inode:4732: inode #15: comm syz.4.4031: corrupted in-inode xattr: e_name out of bounds
[  515.362887][T17545] EXT4-fs (loop4): Remounting filesystem read-only
[  515.388662][T17545] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  515.504720][T17545] EXT4-fs warning (device loop4): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  515.562139][T17545] EXT4-fs warning (device loop4): dx_probe:881: Enable large directory feature to access it
[  515.582136][T17545] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.4031: Corrupt directory, running e2fsck is recommended
[  515.632314][ T6125] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  515.838492][T17559] loop8: detected capacity change from 0 to 164
[  515.860974][T17559] rock: corrupted directory entry. extent=32, offset=131072, size=237
[  515.956178][T17561] loop4: detected capacity change from 0 to 256
[  516.016139][T17561] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d)
[  516.135584][T17563] loop8: detected capacity change from 0 to 1024
[  516.574345][T17555] loop9: detected capacity change from 0 to 40427
[  516.656273][T17555] F2FS-fs (loop9): invalid crc value
[  516.697512][T17555] F2FS-fs (loop9): Found nat_bits in checkpoint
[  516.882531][T17555] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  517.087034][T16963] syz-executor: attempt to access beyond end of device
[  517.087034][T16963] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  517.139694][T16963] F2FS-fs (loop9): Stopped filesystem due to reason: 3
[  518.274186][T17621] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4065'.
[  518.293490][T17623] openvswitch: netlink: Actions may not be safe on all matching packets
[  518.899838][T17641] loop4: detected capacity change from 0 to 4096
[  518.945532][T17641] ntfs: (device loop4): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk.
[  518.988211][T17641] ntfs: (device loop4): ntfs_read_locked_inode(): $DATA attribute is missing.
[  519.043870][T17641] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0x1 as bad.  Run chkdsk.
[  519.104679][T17641] ntfs: (device loop4): load_system_files(): Failed to load $MFTMirr.  Will not be able to remount read-write.  Run ntfsfix and/or chkdsk.
[  519.222491][T17641] ntfs: volume version 3.1.
[  519.328539][T17656] loop9: detected capacity change from 0 to 64
[  520.183260][T17687] loop8: detected capacity change from 0 to 64
[  520.474819][T17694] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4093'.
[  520.552151][T17690] loop9: detected capacity change from 0 to 4096
[  520.599625][T17697] ipvlan2: entered promiscuous mode
[  521.546890][T17733] loop9: detected capacity change from 0 to 256
[  522.097133][T17747] vlan2: entered allmulticast mode
[  522.102638][T17747] mac80211_hwsim hwsim19 wlan1: entered allmulticast mode
[  522.181770][T17754] loop4: detected capacity change from 0 to 8
[  522.806875][T17775] loop4: detected capacity change from 0 to 256
[  523.035484][T17774] loop9: detected capacity change from 0 to 8192
[  523.107901][T17774] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  523.233037][T17774] REISERFS (device loop9): found reiserfs format "3.5" with non-standard journal
[  523.268774][T17774] REISERFS (device loop9): using ordered data mode
[  523.290286][T17774] reiserfs: using flush barriers
[  523.312705][T17774] REISERFS (device loop9): journal params: device loop9, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  523.376375][T17774] REISERFS (device loop9): checking transaction log (loop9)
[  523.410495][T17790] loop4: detected capacity change from 0 to 1024
[  523.419305][T17774] REISERFS (device loop9): Using r5 hash to sort names
[  523.438143][T17774] REISERFS (device loop9): Created .reiserfs_priv - reserved for xattr storage.
[  523.449299][T17790] hfsplus: gid requires an argument
[  523.488706][T17790] hfsplus: unable to parse mount options
[  523.636699][T17760] loop8: detected capacity change from 0 to 32768
[  523.740574][T17760] (syz.8.4119,17760,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  523.793654][T17760] (syz.8.4119,17760,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  523.797289][T17798] netlink: 'syz.4.4129': attribute type 62 has an invalid length.
[  523.961389][T17760] JBD2: Ignoring recovery information on journal
[  524.045126][T17760] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode.
[  524.635960][T13162] ocfs2: Unmounting device (7,8) on (node local)
[  524.700617][T17823] [U] �
[  524.923710][T17831] loop4: detected capacity change from 0 to 64
[  524.938164][T17817] usb 10-1: new full-speed USB device number 3 using dummy_hcd
[  525.202937][T17817] usb 10-1: config 0 has an invalid interface number: 186 but max is 0
[  525.222432][T17817] usb 10-1: config 0 has no interface number 0
[  525.239343][T17817] usb 10-1: New USB device found, idVendor=0856, idProduct=ac44, bcdDevice=fd.9e
[  525.264377][T17817] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  525.296239][T17817] usb 10-1: Product: syz
[  525.310380][T17817] usb 10-1: Manufacturer: syz
[  525.329629][T17817] usb 10-1: SerialNumber: syz
[  525.351379][T17817] usb 10-1: config 0 descriptor??
[  525.845506][T17817] mos7840 10-1:0.186: required endpoints missing
[  525.859979][T17817] usb 10-1: USB disconnect, device number 3
[  526.414964][T17877] loop8: detected capacity change from 0 to 4096
[  526.507785][T17882] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  526.640884][T17877] NILFS error (device loop8): nilfs_dotdot: directory #12 missing '.'
[  526.706343][T17877] Remounting filesystem read-only
[  527.219101][T17866] loop4: detected capacity change from 0 to 32768
[  527.329117][T17895] loop9: detected capacity change from 0 to 8192
[  527.359926][T17895] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  527.377619][T17866] ERROR: (device loop4): dbDiscardAG: -EIO
[  527.377619][T17866] 
[  527.423324][T17895] REISERFS (device loop9): found reiserfs format "3.6" with non-standard journal
[  527.463265][T17866] ERROR: (device loop4): remounting filesystem as read-only
[  527.502689][T17895] REISERFS (device loop9): using ordered data mode
[  527.509271][T17895] reiserfs: using flush barriers
[  527.642273][T17895] REISERFS (device loop9): journal params: device loop9, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  527.779381][T17895] REISERFS (device loop9): checking transaction log (loop9)
[  527.827030][T17895] REISERFS (device loop9): Using r5 hash to sort names
[  527.870617][T17895] REISERFS warning (device loop9): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  527.915837][T17895] REISERFS (device loop9): Created .reiserfs_priv - reserved for xattr storage.
[  528.120477][T17895] REISERFS warning (device loop9): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  528.276093][T17921] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4169'.
[  529.104700][T17919] loop4: detected capacity change from 0 to 32768
[  529.237304][T17919] JBD2: Ignoring recovery information on journal
[  529.325756][T17953] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4180'.
[  529.346953][T17953] netlink: 4 bytes leftover after parsing attributes in process `syz.9.4180'.
[  529.372238][T17953] netlink: 'syz.9.4180': attribute type 7 has an invalid length.
[  529.416421][T17919] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  529.555730][T17919] (syz.4.4165,17919,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry too close to end - offset=32, inode=17057, rec_len=280, name_len=10
[  529.801734][ T6125] ocfs2: Unmounting device (7,4) on (node local)
[  529.950308][T17933] loop8: detected capacity change from 0 to 32768
[  530.115577][T17933] ERROR: (device loop8): dbAdjCtl: the maximum free buddy is not the old root
[  530.115577][T17933] 
[  530.142543][T17933] ERROR: (device loop8): remounting filesystem as read-only
[  530.190232][T17968] loop9: detected capacity change from 0 to 256
[  530.322869][T17968] FAT-fs (loop9): Directory bread(block 64) failed
[  530.345284][T17968] FAT-fs (loop9): Directory bread(block 65) failed
[  530.377972][T17968] FAT-fs (loop9): Directory bread(block 66) failed
[  530.384687][T17968] FAT-fs (loop9): Directory bread(block 67) failed
[  530.433337][T17968] FAT-fs (loop9): Directory bread(block 68) failed
[  530.462802][T17968] FAT-fs (loop9): Directory bread(block 69) failed
[  530.484551][T17968] FAT-fs (loop9): Directory bread(block 70) failed
[  530.516311][T17968] FAT-fs (loop9): Directory bread(block 71) failed
[  530.523470][T17968] FAT-fs (loop9): Directory bread(block 72) failed
[  530.623519][T17968] FAT-fs (loop9): Directory bread(block 73) failed
[  530.842761][T17980] tipc: Bearer <udp:s>: already 2 bearers with priority 10
[  530.874817][T17980] tipc: Bearer <udp:s>: trying with adjusted priority
[  530.911899][T17980] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4190'.
[  530.961950][T17980] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  531.422762][T18000] loop8: detected capacity change from 0 to 1024
[  531.540655][T18000] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  531.622533][T18000] EXT4-fs error (device loop8): __ext4_new_inode:1075: comm syz.8.4196: reserved inode found cleared - inode=2
[  531.675255][T18000] EXT4-fs (loop8): Remounting filesystem read-only
[  531.823111][T13162] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  532.220180][T18029] loop9: detected capacity change from 0 to 256
[  532.477781][T18029] FAT-fs (loop9): Directory bread(block 64) failed
[  532.516651][T18029] FAT-fs (loop9): Directory bread(block 65) failed
[  532.523403][T18029] FAT-fs (loop9): Directory bread(block 66) failed
[  532.551748][T18029] FAT-fs (loop9): Directory bread(block 67) failed
[  532.591164][T18029] FAT-fs (loop9): Directory bread(block 68) failed
[  532.598949][T18039] netlink: 16 bytes leftover after parsing attributes in process `syz.8.4209'.
[  532.632860][T18029] FAT-fs (loop9): Directory bread(block 69) failed
[  532.654236][T18029] FAT-fs (loop9): Directory bread(block 70) failed
[  532.660845][T18029] FAT-fs (loop9): Directory bread(block 71) failed
[  532.707698][T18029] FAT-fs (loop9): Directory bread(block 72) failed
[  532.736053][T18029] FAT-fs (loop9): Directory bread(block 73) failed
[  533.161593][T18016] loop4: detected capacity change from 0 to 40427
[  533.189013][T18016] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  533.251966][T18016] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  533.383319][T18016] F2FS-fs (loop4): Found nat_bits in checkpoint
[  533.598804][T18016] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  533.630968][T18016] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  533.704399][T18075] netlink: 'syz.0.4220': attribute type 18 has an invalid length.
[  533.979997][ T6616] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[  534.251543][ T6616] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  534.293797][ T6616] usb 9-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  534.321534][ T6616] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  534.334072][ T6616] usb 9-1: config 0 descriptor??
[  534.839931][ T6616] pyra 0003:1E7D:2CF6.001A: unknown main item tag 0x1
[  534.883908][ T6616] pyra 0003:1E7D:2CF6.001A: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.8-1/input0
[  534.999638][T18108] loop4: detected capacity change from 0 to 64
[  535.139649][T18108] minix_free_block (loop4:21): bit already cleared
[  535.139906][ T5817] usb 9-1: USB disconnect, device number 12
[  535.175632][T18108] Trying to free block not in datazone
[  535.990137][T18136] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  536.432480][T18144] IPVS: persistence engine module ip_vs_pe_s not found
[  536.740178][T18131] loop4: detected capacity change from 0 to 32768
[  536.748274][T18155] netlink: 100 bytes leftover after parsing attributes in process `syz.9.4253'.
[  536.815529][T18157] loop8: detected capacity change from 0 to 512
[  536.889562][T18157] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  536.951259][T18157] ext4 filesystem being mounted at /458/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  537.106761][T13162] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  537.704080][T18185] loop9: detected capacity change from 0 to 1024
[  537.780895][T18185] hfsplus: invalid catalog entry type in lookup
[  537.946759][T18191] sctp: [Deprecated]: syz.4.4269 (pid 18191) Use of int in max_burst socket option.
[  537.946759][T18191] Use struct sctp_assoc_value instead
[  538.214030][T18199] netlink: 52 bytes leftover after parsing attributes in process `syz.0.4272'.
[  538.255478][T18199] netlink: 'syz.0.4272': attribute type 1 has an invalid length.
[  538.284013][T18202] loop9: detected capacity change from 0 to 256
[  538.823931][T15307] Bluetooth: hci2: unknown advertising packet type: 0x61
[  538.824061][T15307] Bluetooth: hci2: unknown advertising packet type: 0x61
[  538.831935][T15307] Bluetooth: hci2: unknown advertising packet type: 0x61
[  538.839087][T15307] Bluetooth: hci2: unknown advertising packet type: 0x61
[  538.847620][T15307] Bluetooth: hci2: unknown advertising packet type: 0x61
[  538.854798][T15307] Bluetooth: hci2: unknown advertising packet type: 0x61
[  538.861871][T15307] Bluetooth: hci2: unknown advertising packet type: 0x61
[  539.194801][T18231] loop4: detected capacity change from 0 to 1024
[  539.230117][T18231] EXT4-fs: Ignoring removed bh option
[  539.235625][T18231] EXT4-fs: inline encryption not supported
[  539.261142][T18231] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  539.318803][T18231] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000]
[  539.375907][T18231] EXT4-fs error (device loop4): ext4_map_blocks:608: inode #3: block 2: comm syz.4.4287: lblock 2 mapped to illegal pblock 2 (length 1)
[  539.434477][T18231] Quota error (device loop4): qtree_write_dquot: dquota write failed
[  539.515620][T18231] EXT4-fs error (device loop4): ext4_map_blocks:608: inode #3: block 48: comm syz.4.4287: lblock 0 mapped to illegal pblock 48 (length 1)
[  539.575738][T18231] Quota error (device loop4): v2_write_file_info: Can't write info structure
[  539.590026][T18231] EXT4-fs error (device loop4): ext4_acquire_dquot:6949: comm syz.4.4287: Failed to acquire dquot type 0
[  539.607749][T18231] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5920: Corrupt filesystem
[  539.630437][T18231] EXT4-fs error (device loop4): ext4_evict_inode:252: inode #11: comm syz.4.4287: mark_inode_dirty error
[  539.652419][T18231] EXT4-fs warning (device loop4): ext4_evict_inode:255: couldn't mark inode dirty (err -117)
[  539.664580][T18231] EXT4-fs (loop4): 1 orphan inode deleted
[  539.680304][T18231] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  539.728101][   T11] EXT4-fs error (device loop4): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:0: lblock 1 mapped to illegal pblock 1 (length 1)
[  539.779462][   T11] Quota error (device loop4): remove_tree: Can't read quota data block 1
[  539.802893][   T11] EXT4-fs error (device loop4): ext4_release_dquot:6985: comm kworker/u4:0: Failed to release dquot type 0
[  539.830083][T18231] EXT4-fs error (device loop4): __ext4_get_inode_loc:4489: comm syz.4.4287: Invalid inode table block 1 in block_group 0
[  539.849225][T18231] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5920: Corrupt filesystem
[  539.890142][T18231] EXT4-fs error (device loop4): ext4_setattr:5506: inode #2: comm syz.4.4287: mark_inode_dirty error
[  540.010148][ T6125] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  540.021064][ T2884] EXT4-fs error (device loop4): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:7: lblock 1 mapped to illegal pblock 1 (length 1)
[  540.054303][ T2884] Quota error (device loop4): remove_tree: Can't read quota data block 1
[  540.080125][ T2884] EXT4-fs error (device loop4): ext4_release_dquot:6985: comm kworker/u4:7: Failed to release dquot type 0
[  540.135549][ T6125] EXT4-fs error (device loop4): __ext4_get_inode_loc:4489: comm syz-executor: Invalid inode table block 1 in block_group 0
[  540.179766][ T6125] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5920: Corrupt filesystem
[  540.191585][T18252] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4297'.
[  540.205682][T18254] netlink: 104 bytes leftover after parsing attributes in process `syz.8.4298'.
[  540.219761][ T6125] EXT4-fs error (device loop4): ext4_quota_off:7233: inode #3: comm syz-executor: mark_inode_dirty error
[  540.422630][T18261] comedi comedi3: 8255: I/O port conflict (0x40404f26,4)
[  540.439059][T18263] netlink: 36 bytes leftover after parsing attributes in process `syz.9.4300'.
[  540.463189][T18261] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  540.486655][T18261] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  540.505382][T18261] comedi comedi3: 8255: I/O port conflict (0xc,4)
[  540.517630][T18261] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  540.728881][T18270] loop8: detected capacity change from 0 to 256
[  540.885162][T18270] syz.8.4303: attempt to access beyond end of device
[  540.885162][T18270] loop8: rw=0, sector=272, nr_sectors = 4 limit=256
[  540.945952][T18270] FAT-fs (loop8): error, fat_free: invalid cluster chain (i_pos 198)
[  540.973073][T18270] FAT-fs (loop8): error, fat_free: invalid cluster chain (i_pos 198)
[  541.089975][T18280] gretap0: entered promiscuous mode
[  541.095707][T18280] vlan2: entered promiscuous mode
[  541.299262][T18283] loop8: detected capacity change from 0 to 4096
[  541.308015][T18283] ntfs: (device loop8): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  541.410827][T18283] ntfs: volume version 3.1.
[  541.525227][T18283] ntfs: (device loop8): ntfs_ucstonls(): Unicode name contains characters that cannot be converted to character set iso8859-6.  You might want to try to use the mount option nls=utf8.
[  541.574619][T18283] ntfs: (device loop8): ntfs_filldir(): Skipping unrepresentable inode 0x4.
[  541.883665][T18300] loop4: detected capacity change from 0 to 1764
[  542.835208][T18302] loop8: detected capacity change from 0 to 32768
[  542.936757][T18325] loop4: detected capacity change from 0 to 256
[  542.993633][T18325] exfat: Deprecated parameter 'utf8'
[  543.002495][T18325] exfat: Deprecated parameter 'namecase'
[  543.067238][T18325] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x8b6193f0, utbl_chksum : 0xe619d30d)
[  543.668211][T18327] loop9: detected capacity change from 0 to 32768
[  543.691303][T18327] non-latin1 character 0xffff found in JFS file name
[  543.706293][T18327] mount with iocharset=utf8 to access
[  543.865663][T18339] loop4: detected capacity change from 0 to 4096
[  543.907750][T18339] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[  544.356541][T18351] netlink: 36 bytes leftover after parsing attributes in process `syz.8.4343'.
[  544.380168][T18351] netlink: 36 bytes leftover after parsing attributes in process `syz.8.4343'.
[  544.688791][T18363] loop9: detected capacity change from 0 to 2048
[  544.713644][T18363] UDF-fs: error (device loop9): udf_read_tagged: tag checksum failed, block 129: 0x80 != 0x7e
[  544.733437][T18363] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  544.784500][   T28] audit: type=1800 audit(1770859612.074:252): pid=18363 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.4347" name="file2" dev="loop9" ino=1416 res=0 errno=0
[  545.183710][T18375] loop8: detected capacity change from 0 to 736
[  545.192081][T18376] loop4: detected capacity change from 0 to 512
[  545.266667][T18376] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[  545.395665][T18375] rock: directory entry would overflow storage
[  545.406165][T18375] rock: sig=0x3b10, size=4, remaining=3
[  545.661581][T18386] netlink: 4 bytes leftover after parsing attributes in process `syz.9.4359'.
[  546.172952][T18400] program syz.8.4366 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  546.301461][   T28] audit: type=1326 audit(1770859613.496:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18401 comm="syz.0.4367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1ccd9bf79 code=0x7ffc0000
[  546.361021][   T28] audit: type=1326 audit(1770859613.496:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18401 comm="syz.0.4367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1ccd9bf79 code=0x7ffc0000
[  546.382504][T18388] loop4: detected capacity change from 0 to 32768
[  546.388384][   T28] audit: type=1326 audit(1770859613.496:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18401 comm="syz.0.4367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fc1ccd9bf79 code=0x7ffc0000
[  546.415982][   T28] audit: type=1326 audit(1770859613.524:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18401 comm="syz.0.4367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc1ccd9bce2 code=0x7ffc0000
[  546.438897][   T28] audit: type=1326 audit(1770859613.524:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18401 comm="syz.0.4367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc1ccd9bce2 code=0x7ffc0000
[  546.444133][T18388] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 scanned by syz.4.4360 (18388)
[  546.497605][T18404] loop8: detected capacity change from 0 to 1024
[  546.526215][   T28] audit: type=1326 audit(1770859613.542:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18401 comm="syz.0.4367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1ccd9bf79 code=0x7ffc0000
[  546.560060][   T28] audit: type=1326 audit(1770859613.542:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18401 comm="syz.0.4367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1ccd9bf79 code=0x7ffc0000
[  546.604984][T18388] BTRFS info (device loop4): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  546.625316][T18388] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  546.634917][T18388] BTRFS info (device loop4): using free space tree
[  546.664605][   T28] audit: type=1326 audit(1770859613.598:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18401 comm="syz.0.4367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7fc1ccd9bf79 code=0x7ffc0000
[  546.695260][T18404] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  546.725850][   T28] audit: type=1326 audit(1770859613.598:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18401 comm="syz.0.4367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=219 compat=0 ip=0x7fc1ccd9bf79 code=0x7ffc0000
[  546.896463][   T28] audit: type=1326 audit(1770859613.598:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18401 comm="syz.0.4367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1ccd9bf79 code=0x7ffc0000
[  547.065724][T18388] BTRFS info (device loop4): enabling ssd optimizations
[  547.081008][T18388] BTRFS info (device loop4): auto enabling async discard
[  547.334028][T18388] BTRFS warning (device loop4): failed to trim 1 device(s), last error -512
[  547.439124][ T6125] BTRFS info (device loop4): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  547.841811][T18437] loop9: detected capacity change from 0 to 4096
[  547.894617][T18437] ntfs3: loop9: Different NTFS sector size (1024) and media sector size (512).
[  548.016832][T13162] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  548.928677][T18457] loop4: detected capacity change from 0 to 1764
[  548.939334][T18460] netlink: 'syz.8.4386': attribute type 10 has an invalid length.
[  549.011360][T18457] iso9660: Corrupted directory entry in block 2 of inode 1920
[  549.088338][T18460] 8021q: adding VLAN 0 to HW filter on device batadv0
[  549.124436][T18460] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  549.245852][T18467] loop4: detected capacity change from 0 to 512
[  549.312504][T18469] cifs: Bad value for 'port'
[  549.345332][T18467] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0007-000000000000 r/w without journal. Quota mode: writeback.
[  549.375702][T18467] ext4 filesystem being mounted at /932/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  549.574519][ T6125] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0007-000000000000.
[  549.666516][T18483] netlink: 'syz.8.4395': attribute type 1 has an invalid length.
[  549.776061][T18485] loop8: detected capacity change from 0 to 256
[  549.808057][T18485] FAT-fs (loop8): Directory bread(block 64) failed
[  549.822694][T18485] FAT-fs (loop8): Directory bread(block 65) failed
[  549.835821][T18485] FAT-fs (loop8): Directory bread(block 66) failed
[  549.845339][T18485] FAT-fs (loop8): Directory bread(block 67) failed
[  549.852145][T18485] FAT-fs (loop8): Directory bread(block 68) failed
[  549.880713][T18485] FAT-fs (loop8): Directory bread(block 69) failed
[  549.891512][T18485] FAT-fs (loop8): Directory bread(block 70) failed
[  549.899171][T18485] FAT-fs (loop8): Directory bread(block 71) failed
[  549.919188][T18485] FAT-fs (loop8): Directory bread(block 72) failed
[  549.925835][T18485] FAT-fs (loop8): Directory bread(block 73) failed
[  550.216953][T18491] netlink: 16 bytes leftover after parsing attributes in process `syz.9.4397'.
[  550.285732][T18495] loop4: detected capacity change from 0 to 512
[  550.310484][T18495] EXT4-fs: Ignoring removed nobh option
[  550.365321][T18495] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  550.445547][T18495] EXT4-fs error (device loop4): ext4_orphan_get:1398: inode #15: comm syz.4.4400: iget: bad i_size value: 38620345925642
[  550.527146][T18495] EXT4-fs error (device loop4): ext4_orphan_get:1403: comm syz.4.4400: couldn't read orphan inode 15 (err -117)
[  550.566355][T18505] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4403'.
[  550.588171][T18495] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  550.667876][T18495] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #16: comm syz.4.4400: invalid indirect mapped block 3973251072 (level 0)
[  550.698991][T18495] EXT4-fs error (device loop4): ext4_validate_block_bitmap:430: comm syz.4.4400: bg 0: block 5: invalid block bitmap
[  550.719670][T18495] EXT4-fs (loop4): Delayed block allocation failed for inode 16 at logical offset 9 with max blocks 3 with error 28
[  550.733832][T18495] EXT4-fs (loop4): This should not happen!! Data will be lost
[  550.733832][T18495] 
[  550.744904][T18495] EXT4-fs (loop4): Total free blocks count 0
[  550.751777][T18495] EXT4-fs (loop4): Free/Dirty block details
[  550.758277][T18495] EXT4-fs (loop4): free_blocks=0
[  550.763921][T18495] EXT4-fs (loop4): dirty_blocks=3
[  550.769132][T18495] EXT4-fs (loop4): Block reservation details
[  550.795984][T18495] EXT4-fs (loop4): i_reserved_data_blocks=3
[  550.842297][T18507] loop8: detected capacity change from 0 to 4096
[  550.890048][T18507] ntfs: volume version 3.1.
[  550.968678][ T6125] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  551.360169][T18523] netlink: 128 bytes leftover after parsing attributes in process `syz.4.4411'.
[  551.401782][T18523] netlink: 'syz.4.4411': attribute type 5 has an invalid length.
[  551.540576][T18529] loop4: detected capacity change from 0 to 256
[  551.665798][T18529] FAT-fs (loop4): Directory bread(block 64) failed
[  551.676354][T18529] FAT-fs (loop4): Directory bread(block 65) failed
[  551.688800][T18529] FAT-fs (loop4): Directory bread(block 66) failed
[  551.695756][T18529] FAT-fs (loop4): Directory bread(block 67) failed
[  551.703619][T18529] FAT-fs (loop4): Directory bread(block 68) failed
[  551.710670][T18529] FAT-fs (loop4): Directory bread(block 69) failed
[  551.717886][T18529] FAT-fs (loop4): Directory bread(block 70) failed
[  551.724845][T18529] FAT-fs (loop4): Directory bread(block 71) failed
[  551.731604][T18529] FAT-fs (loop4): Directory bread(block 72) failed
[  551.761214][T18529] FAT-fs (loop4): Directory bread(block 73) failed
[  551.943449][T18537] netlink: 36 bytes leftover after parsing attributes in process `syz.9.4418'.
[  551.963829][T18535] loop8: detected capacity change from 0 to 4096
[  552.010433][T18535] ntfs: (device loop8): ntfs_read_locked_inode(): $DATA attribute is missing.
[  552.044377][T18535] ntfs: (device loop8): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  552.064981][T18535] ntfs: (device loop8): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  552.083966][T18535] ntfs: volume version 3.1.
[  552.285567][T13162] ntfs: (device loop8): ntfs_put_super(): Volume has errors.  Leaving volume marked dirty.  Run chkdsk.
[  552.480117][T18547] loop9: detected capacity change from 0 to 1024
[  552.508744][T15307] Bluetooth: hci0: unexpected event for opcode 0x042c
[  552.712564][ T3445] hfsplus: b-tree write err: -5, ino 4
[  553.078980][T18567] loop8: detected capacity change from 0 to 1024
[  553.211049][T18572] loop9: detected capacity change from 0 to 512
[  553.244588][T18572] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  553.256664][T18567] hfsplus: invalid length 256 has been corrected to 255
[  553.288689][T18567] fuse: Invalid rootmode
[  553.354729][T18572] EXT4-fs error (device loop9): ext4_free_branches:1030: inode #11: comm syz.9.4435: invalid indirect mapped block 4294967295 (level 1)
[  553.443467][T18579] netlink: 'syz.4.4438': attribute type 10 has an invalid length.
[  553.453596][T18572] EXT4-fs error (device loop9): ext4_free_branches:1030: inode #11: comm syz.9.4435: invalid indirect mapped block 4294967295 (level 1)
[  553.498554][ T1028] hfsplus: b-tree write err: -5, ino 4
[  553.502518][T18572] EXT4-fs (loop9): 2 truncates cleaned up
[  553.528290][T18572] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  553.571785][T18579] 8021q: adding VLAN 0 to HW filter on device batadv0
[  553.585491][T18579] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  553.805640][T16963] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  553.817058][T18581] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  554.218642][T13162] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  554.436653][T18600] netlink: 36 bytes leftover after parsing attributes in process `syz.9.4449'.
[  554.801578][T18612] set_capacity_and_notify: 1 callbacks suppressed
[  554.801595][T18612] loop8: detected capacity change from 0 to 1024
[  554.846840][T18612] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  554.890346][T18617] netlink: 212912 bytes leftover after parsing attributes in process `syz.9.4455'.
[  554.903246][T18612] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  554.923716][T18612] EXT4-fs (loop8): orphan cleanup on readonly fs
[  554.968182][T18612] Quota error (device loop8): do_check_range: Getting dqdh_entries 512 out of range 0-14
[  555.017239][T18612] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota
[  555.027919][T18612] EXT4-fs error (device loop8): ext4_acquire_dquot:6949: comm syz.8.4456: Failed to acquire dquot type 0
[  555.045806][T18612] Quota error (device loop8): do_check_range: Getting dqdh_entries 512 out of range 0-14
[  555.056243][T18612] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota
[  555.093375][T18612] EXT4-fs error (device loop8): ext4_acquire_dquot:6949: comm syz.8.4456: Failed to acquire dquot type 0
[  555.117987][T18612] EXT4-fs error (device loop8): ext4_free_blocks:6692: comm syz.8.4456: Freeing blocks not in datazone - block = 0, count = 4096
[  555.179690][T18612] Quota error (device loop8): do_check_range: Getting dqdh_entries 512 out of range 0-14
[  555.208486][T18612] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota
[  555.218515][T18612] EXT4-fs error (device loop8): ext4_acquire_dquot:6949: comm syz.8.4456: Failed to acquire dquot type 0
[  555.250626][T18612] EXT4-fs (loop8): 1 orphan inode deleted
[  555.266424][T18612] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  555.389353][T18612] EXT4-fs error (device loop8): ext4_lookup:1858: inode #15: comm syz.8.4456: iget: bad extended attribute block 6
[  555.503972][T13162] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  556.456883][T18654] netlink: 'syz.9.4473': attribute type 8 has an invalid length.
[  556.608346][T18634] loop4: detected capacity change from 0 to 40427
[  556.667703][T18634] F2FS-fs (loop4): invalid crc value
[  556.713357][T18634] F2FS-fs (loop4): Found nat_bits in checkpoint
[  556.876535][T18634] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  557.105624][ T6125] syz-executor: attempt to access beyond end of device
[  557.105624][ T6125] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  557.149234][ T6125] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  557.170450][T18673] ip6tnl2: entered allmulticast mode
[  557.256345][T18675] netlink: 64 bytes leftover after parsing attributes in process `syz.9.4482'.
[  557.289301][T18677] 9pnet_rdma: rdma_create_trans (18677): problem binding to privport: 13
[  557.806834][T18687] loop8: detected capacity change from 0 to 4096
[  557.976895][T18692] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  558.792173][T18718] loop4: detected capacity change from 0 to 16
[  558.814942][T18718] erofs: (device loop4): mounted with root inode @ nid 36.
[  558.875495][   T28] kauditd_printk_skb: 1 callbacks suppressed
[  558.875512][   T28] audit: type=1800 audit(1770859625.264:264): pid=18718 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4503" name="file1" dev="loop4" ino=86 res=0 errno=0
[  559.025843][ T5817] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[  559.240714][ T5817] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  559.252748][T18732] loop4: detected capacity change from 0 to 16
[  559.259699][ T5817] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  559.289831][T18732] erofs: (device loop4): mounted with root inode @ nid 36.
[  559.298454][ T5817] usb 9-1: New USB device found, idVendor=0458, idProduct=501a, bcdDevice= 0.00
[  559.332149][ T5817] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  559.353815][T18732] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36
[  559.367523][ T5817] usb 9-1: config 0 descriptor??
[  559.439999][T18732] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -44 in[46, 4050] out[1851]
[  559.448088][T18735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  559.492710][T18735] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  559.509918][T18732] erofs: (device loop4): z_erofs_read_folio: read error -117 @ 43 of nid 36
[  559.522958][T18735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  559.534850][T18735] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  559.545343][T18735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  559.565115][T18735] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  559.575547][T18735] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  559.586550][T18735] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  559.608770][T18735] batadv_slave_1: entered promiscuous mode
[  559.807767][   T28] audit: type=1326 audit(1770859626.134:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18740 comm="syz.9.4513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f143299bf79 code=0x7ffc0000
[  559.863434][ T5817] kye 0003:0458:501A.001B: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[  559.867768][   T28] audit: type=1326 audit(1770859626.163:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18740 comm="syz.9.4513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f143299bf79 code=0x7ffc0000
[  559.897171][   T28] audit: type=1326 audit(1770859626.172:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18740 comm="syz.9.4513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f143299bf79 code=0x7ffc0000
[  559.920840][   T28] audit: type=1326 audit(1770859626.172:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18740 comm="syz.9.4513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f143299bf79 code=0x7ffc0000
[  559.944369][ T5817] kye 0003:0458:501A.001B: hidraw0: USB HID v0.04 Device [HID 0458:501a] on usb-dummy_hcd.8-1/input0
[  559.972526][ T5817] kye 0003:0458:501A.001B: tablet-enabling feature report not found
[  559.975540][   T28] audit: type=1326 audit(1770859626.172:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18740 comm="syz.9.4513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f143299bf79 code=0x7ffc0000
[  559.992514][ T5817] kye 0003:0458:501A.001B: tablet enabling failed
[  560.039997][   T28] audit: type=1326 audit(1770859626.181:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18740 comm="syz.9.4513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=18 compat=0 ip=0x7f143299bf79 code=0x7ffc0000
[  560.117267][   T28] audit: type=1326 audit(1770859626.181:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18740 comm="syz.9.4513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f143299bf79 code=0x7ffc0000
[  560.174645][   T28] audit: type=1326 audit(1770859626.181:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18740 comm="syz.9.4513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f143299bf79 code=0x7ffc0000
[  560.213756][    T9] usb 9-1: USB disconnect, device number 13
[  560.266455][T18744] fido_id[18744]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.8/usb9/report_descriptor': No such file or directory
[  560.519039][T18759] loop9: detected capacity change from 0 to 512
[  560.532663][T18759] EXT4-fs: Ignoring removed mblk_io_submit option
[  560.561465][T18759] EXT4-fs (loop9): Cannot turn on journaled quota: type 0: error -13
[  560.607447][T18759] EXT4-fs error (device loop9): ext4_clear_blocks:883: inode #13: comm syz.9.4519: attempt to clear invalid blocks 2 len 1
[  560.658100][T18759] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  560.747625][T18759] EXT4-fs error (device loop9): ext4_free_branches:1030: inode #13: comm syz.9.4519: invalid indirect mapped block 1819239214 (level 0)
[  560.799145][T18759] EXT4-fs error (device loop9): ext4_free_branches:1030: inode #13: comm syz.9.4519: invalid indirect mapped block 1819239214 (level 1)
[  560.855394][T18759] EXT4-fs (loop9): 1 truncate cleaned up
[  560.873413][T18759] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  561.038496][T16963] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  561.276438][T18777] loop9: detected capacity change from 0 to 512
[  561.326336][T18777] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  561.396185][T18777] ext4 filesystem being mounted at /167/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  561.645701][T16963] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  561.894528][T18790] loop8: detected capacity change from 0 to 8192
[  561.954950][T18790] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  562.025752][T18790] REISERFS (device loop8): found reiserfs format "3.6" with non-standard journal
[  562.082602][T18790] REISERFS (device loop8): using journaled data mode
[  562.089544][T18790] reiserfs: using flush barriers
[  562.154006][T18790] REISERFS (device loop8): journal params: device loop8, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  562.185177][T18790] REISERFS (device loop8): checking transaction log (loop8)
[  562.220686][T18790] REISERFS (device loop8): Using r5 hash to sort names
[  562.321365][T18790] reiserfs: enabling write barrier flush mode
[  562.367699][T18790] REISERFS warning (device loop8): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  562.392816][T18805] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4537'.
[  562.411017][T18790] REISERFS (device loop8): Created .reiserfs_priv - reserved for xattr storage.
[  562.769457][T18807] loop9: detected capacity change from 0 to 8192
[  562.795551][T18807] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  562.814749][T18807] REISERFS (device loop9): found reiserfs format "3.5" with non-standard journal
[  562.826072][T18807] REISERFS (device loop9): using ordered data mode
[  562.832985][T18807] reiserfs: using flush barriers
[  562.844847][T18807] REISERFS (device loop9): journal params: device loop9, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  562.861990][T18807] REISERFS (device loop9): checking transaction log (loop9)
[  562.878563][T18807] REISERFS (device loop9): Using r5 hash to sort names
[  562.887038][T18807] REISERFS (device loop9): Created .reiserfs_priv - reserved for xattr storage.
[  563.057493][  T970] kernel write not supported for file /media2 (pid: 970 comm: kworker/1:3)
[  563.216467][T18825] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.4547'.
[  563.311277][T18823] sp0: Synchronizing with TNC
[  563.356501][T18823] sp0: Found TNC
[  563.783928][T18836] loop9: detected capacity change from 0 to 1024
[  563.803665][T18836] EXT4-fs: Ignoring removed orlov option
[  563.821651][T18836] EXT4-fs (loop9): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  563.902836][T18836] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  564.179978][T16963] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  564.733086][T18829] loop4: detected capacity change from 0 to 40427
[  564.775046][T18829] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x7ffff
[  564.808850][T18829] F2FS-fs (loop4): invalid crc value
[  564.871789][T18829] F2FS-fs (loop4): Found nat_bits in checkpoint
[  565.123387][T18829] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  565.406713][ T6125] syz-executor: attempt to access beyond end of device
[  565.406713][ T6125] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  565.443185][ T6125] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  565.530764][T18853] loop9: detected capacity change from 0 to 32768
[  565.586895][T18853] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop9 scanned by syz.9.4558 (18853)
[  565.685971][T18853] BTRFS info (device loop9): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  565.713261][T18853] BTRFS info (device loop9): using blake2b (blake2b-256-generic) checksum algorithm
[  565.745366][T18853] BTRFS info (device loop9): using free space tree
[  565.838050][T18859] loop8: detected capacity change from 0 to 32768
[  565.950188][T18859] XFS (loop8): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  565.997151][T18853] BTRFS info (device loop9): enabling ssd optimizations
[  566.004211][T18853] BTRFS info (device loop9): auto enabling async discard
[  566.235746][T18859] XFS (loop8): Ending clean mount
[  566.441355][T18853] BTRFS warning (device loop9): failed to trim 1 device(s), last error -512
[  566.614343][T16963] BTRFS info (device loop9): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  566.748409][T13162] XFS (loop8): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  567.243169][T18919] loop4: detected capacity change from 0 to 4096
[  567.352872][T18919] ntfs: (device loop4): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk.
[  567.415629][T18919] ntfs: (device loop4): ntfs_read_locked_inode(): $DATA attribute is missing.
[  567.424584][T18919] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0x1 as bad.  Run chkdsk.
[  567.518076][T18919] ntfs: (device loop4): load_system_files(): Failed to load $MFTMirr.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  567.638639][T18923] loop9: detected capacity change from 0 to 4096
[  567.693535][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  567.714089][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  567.721263][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  567.801535][T18934] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  567.851741][T18919] ntfs: volume version 3.1.
[  568.100651][T18919] ntfs: (device loop4): ntfs_ucstonls(): Unicode name contains characters that cannot be converted to character set macgreek.  You might want to try to use the mount option nls=utf8.
[  568.191846][T18919] ntfs: (device loop4): ntfs_filldir(): Skipping unrepresentable inode 0x4.
[  568.234946][T18919] ntfs: (device loop4): ntfs_ucstonls(): Unicode name contains characters that cannot be converted to character set macgreek.  You might want to try to use the mount option nls=utf8.
[  568.313503][T18919] ntfs: (device loop4): ntfs_filldir(): Skipping unrepresentable inode 0x45.
[  569.379770][T18975] sp0: Synchronizing with TNC
[  569.396710][T18976] sp0: Found TNC
[  569.475029][T18970] loop4: detected capacity change from 0 to 4096
[  569.510644][T18970] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512).
[  569.612553][T18970] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  570.152548][ T1028] ntfs3: loop4: ino=5, ntfs3_write_inode failed, -22.
[  570.191984][T18993] loop9: detected capacity change from 0 to 64
[  570.581438][T18998] loop4: detected capacity change from 0 to 8192
[  571.216334][T19016] loop8: detected capacity change from 0 to 128
[  571.246860][T19016] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; going on - but anything won't be destroyed because it's read-only
[  571.289599][T19016] hpfs: filesystem error: improperly stopped
[  571.304929][T19016] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  571.334157][T19016] hpfs: Proceeding, but your filesystem could be corrupted if you delete files or directories
[  571.378098][T19016] hpfs: You really don't want any checks? You are crazy...
[  571.390371][T19016] hpfs: hpfs_map_sector(): read error
[  571.401073][T19016] hpfs: code page support is disabled
[  571.407180][T19016] hpfs: hpfs_map_4sectors(): unaligned read
[  571.431780][T19016] hpfs: hpfs_map_4sectors(): unaligned read
[  571.442474][T19016] hpfs: filesystem error: unable to find root dir
[  572.103149][T19034] loop9: detected capacity change from 0 to 512
[  572.143078][T19034] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  572.239121][T19034] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a000c018, mo2=0002]
[  572.262445][T19034] System zones: 0-2, 18-18, 34-35
[  572.284850][T19034] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  572.301165][T19034] ext4 filesystem being mounted at /188/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  572.359713][T19043] loop8: detected capacity change from 0 to 128
[  572.408763][T19043] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  572.449167][T19043] hpfs: filesystem error: improperly stopped
[  572.460093][T19043] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  572.470118][T19043] hpfs: You really don't want any checks? You are crazy...
[  572.473347][T19034] EXT4-fs error (device loop9): ext4_empty_dir:3136: inode #12: comm syz.9.4619: invalid size
[  572.492374][T19043] hpfs: hpfs_map_sector(): read error
[  572.498278][T19043] hpfs: code page support is disabled
[  572.504730][T19043] hpfs: hpfs_map_4sectors(): unaligned read
[  572.510812][T19043] hpfs: hpfs_map_4sectors(): unaligned read
[  572.518823][T19043] hpfs: filesystem error: unable to find root dir
[  572.648215][T16963] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  573.254138][T19061] netlink: 20 bytes leftover after parsing attributes in process `syz.8.4630'.
[  574.116570][T19067] loop8: detected capacity change from 0 to 40427
[  574.157886][T19067] F2FS-fs (loop8): Wrong segment_count / block_count (31 > 0)
[  574.168120][T19067] F2FS-fs (loop8): Can't find valid F2FS filesystem in 2th superblock
[  574.201736][T19067] F2FS-fs (loop8): invalid crc value
[  574.231250][T19067] F2FS-fs (loop8): Found nat_bits in checkpoint
[  574.417389][T19067] F2FS-fs (loop8): Try to recover 2th superblock, ret: 0
[  574.424767][T19067] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  575.032443][T19078] loop4: detected capacity change from 0 to 32768
[  575.517755][T19089] loop9: detected capacity change from 0 to 4096
[  575.661342][T19095] loop8: detected capacity change from 0 to 4096
[  575.712706][T19096] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  576.105388][T19104] loop8: detected capacity change from 0 to 4096
[  576.134100][T19104] ntfs3: loop8: Different NTFS sector size (1024) and media sector size (512).
[  577.050819][T19112] loop9: detected capacity change from 0 to 65536
[  577.108824][T19112] XFS (loop9): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  577.183246][T19112] XFS (loop9): Internal error !xlog_verify_bno(log, 0, nbblks) at line 81 of file fs/xfs/xfs_log_recover.c.  Caller xlog_alloc_buffer+0x118/0x200
[  577.198399][T19112] CPU: 0 PID: 19112 Comm: syz.9.4653 Not tainted syzkaller #0
[  577.205908][T19112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  577.216028][T19112] Call Trace:
[  577.219372][T19112]  <TASK>
[  577.222352][T19112]  dump_stack_lvl+0x18c/0x250
[  577.227095][T19112]  ? show_regs_print_info+0x20/0x20
[  577.232362][T19112]  ? __phys_addr+0xba/0x170
[  577.236930][T19112]  ? __kasan_kmalloc_large+0x8b/0xa0
[  577.242382][T19112]  xfs_corruption_error+0x122/0x170
[  577.247650][T19112]  ? xlog_alloc_buffer+0x118/0x200
[  577.252831][T19112]  xlog_alloc_buffer+0x159/0x200
[  577.257844][T19112]  ? xlog_alloc_buffer+0x118/0x200
[  577.263026][T19112]  xlog_do_recovery_pass+0x1de/0xdb0
[  577.268389][T19112]  ? lock_chain_count+0x20/0x20
[  577.273304][T19112]  ? xlog_do_io+0x360/0x360
[  577.277885][T19112]  ? xlog_verify_head+0xea/0x430
[  577.282886][T19112]  ? __kmem_cache_free+0xba/0x1e0
[  577.287987][T19112]  xlog_verify_head+0x137/0x430
[  577.292929][T19112]  xlog_find_tail+0x6c4/0xa00
[  577.297677][T19112]  xlog_recover+0x4c/0x440
[  577.302157][T19112]  xfs_log_mount+0x2c2/0x470
[  577.306829][T19112]  xfs_mountfs+0xc58/0x1d40
[  577.311393][T19112]  ? lockdep_softirqs_off+0x430/0x430
[  577.316840][T19112]  ? xfs_default_resblks+0x70/0x70
[  577.322018][T19112]  ? init_timer_key+0x161/0x2a0
[  577.326935][T19112]  ? rcu_is_watching+0x15/0xb0
[  577.331761][T19112]  ? trace_xfs_inode_timestamp_range+0x84/0x1d0
[  577.338074][T19112]  xfs_fs_fill_super+0x112f/0x13a0
[  577.343247][T19112]  get_tree_bdev+0x3f3/0x520
[  577.347888][T19112]  ? vfs_parse_fs_string+0x170/0x170
[  577.353232][T19112]  ? xfs_mount_set_dax_mode+0x100/0x100
[  577.358828][T19112]  ? setup_bdev_super+0x660/0x660
[  577.363905][T19112]  ? apparmor_capable+0x137/0x1a0
[  577.368984][T19112]  ? bpf_lsm_capable+0x9/0x10
[  577.373732][T19112]  ? security_capable+0x89/0xb0
[  577.378638][T19112]  vfs_get_tree+0x8c/0x280
[  577.383110][T19112]  do_new_mount+0x24b/0xa40
[  577.387671][T19112]  __se_sys_mount+0x2e7/0x3d0
[  577.392409][T19112]  ? __x64_sys_mount+0xc0/0xc0
[  577.397225][T19112]  ? lockdep_hardirqs_on+0x98/0x150
[  577.402474][T19112]  ? __x64_sys_mount+0x20/0xc0
[  577.407291][T19112]  do_syscall_64+0x55/0xa0
[  577.411762][T19112]  ? clear_bhb_loop+0x40/0x90
[  577.416490][T19112]  ? clear_bhb_loop+0x40/0x90
[  577.421218][T19112]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  577.427163][T19112] RIP: 0033:0x7f143299d20a
[  577.431634][T19112] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  577.451293][T19112] RSP: 002b:00007f14338bbe58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  577.459768][T19112] RAX: ffffffffffffffda RBX: 00007f14338bbee0 RCX: 00007f143299d20a
[  577.467795][T19112] RDX: 0000200000000800 RSI: 0000200000000000 RDI: 00007f14338bbea0
[  577.475818][T19112] RBP: 0000200000000800 R08: 00007f14338bbee0 R09: 0000000003000010
[  577.483840][T19112] R10: 0000000003000010 R11: 0000000000000246 R12: 0000200000000000
[  577.491860][T19112] R13: 00007f14338bbea0 R14: 000000000000b9aa R15: 0000200000000040
[  577.499901][T19112]  </TASK>
[  577.505286][T19112] XFS (loop9): Corruption detected. Unmount and run xfs_repair
[  577.513515][T19112] XFS (loop9): Invalid block length (0x20040) for buffer
[  577.521624][T19112] XFS (loop9): failed to locate log tail
[  577.527330][T19112] XFS (loop9): log mount/recovery failed: error -12
[  577.559684][T19112] XFS (loop9): log mount failed
[  577.918305][T19135] loop4: detected capacity change from 0 to 512
[  577.966842][T19135] EXT4-fs: Ignoring removed oldalloc option
[  578.073617][T19135] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: comm syz.4.4660: Parent and EA inode have the same ino 15
[  578.115591][T19135] EXT4-fs (loop4): 1 orphan inode deleted
[  578.129332][T19135] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  578.412378][ T6125] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  578.970556][   T28] audit: type=1326 audit(1770859644.040:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19158 comm="syz.4.4671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb4539bf79 code=0x7ffc0000
[  579.062237][   T28] audit: type=1326 audit(1770859644.040:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19158 comm="syz.4.4671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb4539bf79 code=0x7ffc0000
[  579.144387][   T28] audit: type=1326 audit(1770859644.087:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19158 comm="syz.4.4671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffb4539bf79 code=0x7ffc0000
[  579.205473][   T28] audit: type=1326 audit(1770859644.087:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19158 comm="syz.4.4671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb4539bf79 code=0x7ffc0000
[  579.303366][   T28] audit: type=1326 audit(1770859644.106:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19158 comm="syz.4.4671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb4539bf79 code=0x7ffc0000
[  579.383305][   T28] audit: type=1326 audit(1770859644.106:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19158 comm="syz.4.4671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=5 compat=0 ip=0x7ffb4539bf79 code=0x7ffc0000
[  579.457769][   T28] audit: type=1326 audit(1770859644.106:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19158 comm="syz.4.4671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb4539bf79 code=0x7ffc0000
[  580.063002][   T28] audit: type=1326 audit(1770859645.079:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19189 comm="syz.0.4686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1ccd9bf79 code=0x7ffc0000
[  580.142756][   T28] audit: type=1326 audit(1770859645.107:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19189 comm="syz.0.4686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1ccd9bf79 code=0x7ffc0000
[  580.246450][   T28] audit: type=1326 audit(1770859645.107:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19189 comm="syz.0.4686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1ccd9bf79 code=0x7ffc0000
[  581.024250][T19207] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4694'.
[  581.091532][T19211] loop4: detected capacity change from 0 to 256
[  581.235044][T19211] FAT-fs (loop4): Directory bread(block 64) failed
[  581.244132][T19211] FAT-fs (loop4): Directory bread(block 65) failed
[  581.257532][T19211] FAT-fs (loop4): Directory bread(block 66) failed
[  581.266153][T19211] FAT-fs (loop4): Directory bread(block 67) failed
[  581.277833][T19211] FAT-fs (loop4): Directory bread(block 68) failed
[  581.285602][T19211] FAT-fs (loop4): Directory bread(block 69) failed
[  581.292810][T19211] FAT-fs (loop4): Directory bread(block 70) failed
[  581.299599][T19211] FAT-fs (loop4): Directory bread(block 71) failed
[  581.317090][T19211] FAT-fs (loop4): Directory bread(block 72) failed
[  581.324118][T19211] FAT-fs (loop4): Directory bread(block 73) failed
[  581.696562][T19209] loop8: detected capacity change from 0 to 32768
[  581.757408][T19209] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode.
[  582.176570][T19219] loop4: detected capacity change from 0 to 32768
[  582.184236][T13162] ocfs2: Unmounting device (7,8) on (node local)
[  582.206881][T19219] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 scanned by syz.4.4701 (19219)
[  582.274698][T19219] BTRFS info (device loop4): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  582.305728][T19219] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  582.315224][T19219] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  582.365785][T19219] BTRFS info (device loop4): use zstd compression, level 3
[  582.392827][T19219] BTRFS info (device loop4): using free space tree
[  582.573049][T19219] BTRFS info (device loop4): enabling ssd optimizations
[  582.580089][T19219] BTRFS info (device loop4): auto enabling async discard
[  582.680407][T19248] netlink: 24 bytes leftover after parsing attributes in process `syz.8.4704'.
[  582.815024][T19250] loop8: detected capacity change from 0 to 512
[  582.833883][T19250] EXT4-fs: Ignoring removed nobh option
[  582.910274][ T6125] BTRFS info (device loop4): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  582.948436][T19250] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  583.011155][T19250] ext4 filesystem being mounted at /572/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  583.195856][T13162] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  583.380905][T19235] loop9: detected capacity change from 0 to 32768
[  583.758291][T19262] loop8: detected capacity change from 0 to 8
[  583.835512][T19262] MTD: Attempt to mount non-MTD device "/dev/loop8"
[  583.919317][ T6027] udevd[6027]: incorrect cramfs checksum on /dev/loop8
[  583.933589][T19266] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4712'.
[  584.061998][ T5774] udevd[5774]: incorrect cramfs checksum on /dev/loop8
[  584.717380][T19260] loop4: detected capacity change from 0 to 32768
[  584.754241][T19260] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 scanned by syz.4.4709 (19260)
[  584.857853][T19260] BTRFS info (device loop4): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  584.882068][T19260] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  584.910659][T19260] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  584.938978][T19260] BTRFS info (device loop4): use zstd compression, level 3
[  584.955717][T19260] BTRFS info (device loop4): using free space tree
[  585.212837][T19260] BTRFS info (device loop4): enabling ssd optimizations
[  585.234113][T19260] BTRFS info (device loop4): auto enabling async discard
[  585.589606][ T6125] BTRFS info (device loop4): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  585.948124][T19313] tipc: Bearer <udp:s>: already 2 bearers with priority 10
[  585.960067][ T5774] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 10 /dev/loop4 scanned by udevd (5774)
[  585.981894][T19313] tipc: Bearer <udp:s>: trying with adjusted priority
[  585.997416][T19313] tipc: Invalid UDP bearer configuration
[  585.997475][T19313] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  586.598931][T19323] loop9: detected capacity change from 0 to 128
[  586.677620][T19323] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  586.714324][T19323] hpfs: filesystem error: improperly stopped
[  586.752095][T19285] loop8: detected capacity change from 0 to 32768
[  586.761626][T19323] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  586.793563][T19323] hpfs: You really don't want any checks? You are crazy...
[  586.827876][T19323] hpfs: hpfs_map_sector(): read error
[  586.833325][T19323] hpfs: code page support is disabled
[  586.840589][T19285] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  586.880709][T19323] hpfs: hpfs_map_4sectors(): unaligned read
[  586.884613][T19285] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  586.886975][T19323] hpfs: hpfs_map_4sectors(): unaligned read
[  586.900373][T19323] hpfs: filesystem error: unable to find root dir
[  586.924900][T19323] hpfs: hpfs_map_4sectors(): unaligned read
[  586.934126][T19323] hpfs: hpfs_map_sector(): read error
[  586.997684][T19285] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms
[  587.122320][T19285] gfs2: fsid=syz:syz.s: first mount done, others may mount
[  588.220710][T19344] loop8: detected capacity change from 0 to 32768
[  588.229462][T19344] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop8 scanned by syz.8.4740 (19344)
[  588.284621][T19344] BTRFS info (device loop8): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  588.306244][T19344] BTRFS info (device loop8): using sha256 (sha256-avx2) checksum algorithm
[  588.330711][T19344] BTRFS info (device loop8): setting nodatacow, compression disabled
[  588.344756][T19344] BTRFS info (device loop8): force clearing of disk cache
[  588.363839][T19344] BTRFS info (device loop8): enabling ssd optimizations
[  588.384776][T19344] BTRFS info (device loop8): using spread ssd allocation scheme
[  588.398666][T19344] BTRFS info (device loop8): turning off barriers
[  588.417300][T19344] BTRFS info (device loop8): disabling free space tree
[  588.441512][T19344] BTRFS info (device loop8): not using ssd optimizations
[  588.448717][T19344] BTRFS info (device loop8): not using spread ssd allocation scheme
[  588.521344][T19342] loop4: detected capacity change from 0 to 32768
[  588.632284][T19342] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[  588.640615][T19344] BTRFS info (device loop8): rebuilding free space tree
[  588.693548][T19342] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  588.704934][T19344] BTRFS info (device loop8): disabling free space tree
[  588.752275][T19344] BTRFS info (device loop8): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  588.804919][T19344] BTRFS info (device loop8): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  588.856530][T19342] XFS (loop4): Ending clean mount
[  588.885677][T19342] XFS (loop4): Quotacheck needed: Please wait.
[  589.007450][T19342] XFS (loop4): Quotacheck: Done.
[  589.281157][T13162] BTRFS info (device loop8): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  589.313643][ T6125] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  589.570216][T19390] netlink: 4 bytes leftover after parsing attributes in process `syz.9.4752'.
[  589.602425][T19391] loop8: detected capacity change from 0 to 512
[  589.638841][T19391] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  589.765521][T19391] EXT4-fs (loop8): 1 orphan inode deleted
[  589.802251][T19391] EXT4-fs (loop8): 1 truncate cleaned up
[  589.844298][T19391] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  589.924781][T19391] EXT4-fs error (device loop8): htree_dirblock_to_tree:1112: inode #2: block 255: comm syz.8.4749: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  589.951215][T19391] EXT4-fs (loop8): Remounting filesystem read-only
[  590.071628][T13162] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  590.105836][T19401] loop9: detected capacity change from 0 to 16
[  590.153231][T19401] erofs: (device loop9): mounted with root inode @ nid 36.
[  590.215366][T19401] erofs: (device loop9): erofs_init_inode_xattrs: xattr_isize 12 of nid 46 is not supported yet
[  590.568524][  T970] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[  590.786684][  T970] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  590.806381][  T970] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  590.820709][  T970] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  590.835334][  T970] usb 9-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  590.853960][  T970] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  590.885971][  T970] usb 9-1: config 0 descriptor??
[  591.021979][T19420] deleting an unspecified loop device is not supported.
[  591.215804][T19409] loop4: detected capacity change from 0 to 40427
[  591.228630][T19409] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  591.238730][T19409] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  591.267556][T19409] F2FS-fs (loop4): Found nat_bits in checkpoint
[  591.325244][T19427] vivid-000: =================  START STATUS  =================
[  591.350081][  T970] acrux 0003:1A34:0802.001C: collection stack underflow
[  591.366592][T19427] vivid-000: Radio HW Seek Mode: Bounded
[  591.367031][  T970] acrux 0003:1A34:0802.001C: item 0 4 0 12 parsing failed
[  591.386205][  T970] acrux 0003:1A34:0802.001C: parse failed
[  591.392450][  T970] acrux: probe of 0003:1A34:0802.001C failed with error -22
[  591.403892][T19427] vivid-000: Radio Programmable HW Seek: false
[  591.420145][T19427] vivid-000: RDS Rx I/O Mode: Block I/O
[  591.438793][T19427] vivid-000: Generate RBDS Instead of RDS: false
[  591.449153][T19409] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  591.452836][T19427] vivid-000: RDS Reception: 
[  591.457274][T19409] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  591.469726][T19427] true
[  591.472684][T19427] vivid-000: RDS Program Type: 0 inactive
[  591.487619][T19427] vivid-000: RDS PS Name:  inactive
[  591.493223][T19427] vivid-000: RDS Radio Text:  inactive
[  591.521947][T19427] vivid-000: RDS Traffic Announcement: false inactive
[  591.539903][T19427] vivid-000: RDS Traffic Program: false inactive
[  591.586203][T19427] vivid-000: RDS Music: false inactive
[  591.650056][T19427] vivid-000: ==================  END STATUS  ==================
[  591.678270][  T970] usb 9-1: USB disconnect, device number 14
[  592.959105][T19463] netlink: 40 bytes leftover after parsing attributes in process `syz.9.4783'.
[  592.970451][T19439] loop4: detected capacity change from 0 to 32768
[  592.994974][T19463] tipc: Invalid UDP bearer configuration
[  592.995039][T19463] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  593.074073][T19439] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  593.574544][T19474] loop9: detected capacity change from 0 to 4096
[  593.699141][T19477] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  593.713130][ T6125] ocfs2: Unmounting device (7,4) on (node local)
[  593.826596][T19459] loop8: detected capacity change from 0 to 32768
[  593.877227][T19459] JBD2: Ignoring recovery information on journal
[  594.032959][T19459] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode.
[  594.405172][T13162] ocfs2: Unmounting device (7,8) on (node local)
[  594.941251][T19502] loop9: detected capacity change from 0 to 256
[  594.964412][T19502] exfat: Deprecated parameter 'namecase'
[  594.980003][T19502] exfat: Deprecated parameter 'namecase'
[  595.058022][T19502] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e0d861, utbl_chksum : 0xe619d30d)
[  595.724638][T19520] loop8: detected capacity change from 0 to 64
[  595.861727][T19520] hfs: keylen 1794 too large
[  595.903139][T19520] hfs: keylen 1794 too large
[  596.132866][T19529] loop4: detected capacity change from 0 to 128
[  596.195821][T19529] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  596.248610][T19529] hpfs: filesystem error: improperly stopped
[  596.254702][T19529] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  596.334469][T19529] hpfs: You really don't want any checks? You are crazy...
[  596.361538][T19529] hpfs: hpfs_map_sector(): read error
[  596.383269][T19529] hpfs: code page support is disabled
[  596.397770][T19529] hpfs: hpfs_map_4sectors(): unaligned read
[  596.447605][T19529] hpfs: hpfs_map_4sectors(): unaligned read
[  596.453585][T19529] hpfs: filesystem error: unable to find root dir
[  596.786401][T19546] netlink: 'syz.4.4821': attribute type 322 has an invalid length.
[  597.235141][T19560] loop9: detected capacity change from 0 to 128
[  597.284584][T19558] loop4: detected capacity change from 0 to 2048
[  597.317984][T19558] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  597.338302][T19558] NILFS (loop4): mounting unchecked fs
[  597.383895][T19558] NILFS (loop4): recovery complete
[  597.403595][T19563] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  597.602891][T19568] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4831'.
[  597.783892][  T967] usb 9-1: new full-speed USB device number 15 using dummy_hcd
[  598.003486][  T967] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  598.023500][  T967] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  598.069181][  T967] usb 9-1: New USB device found, idVendor=5543, idProduct=0064, bcdDevice= 0.00
[  598.083172][  T967] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  598.116114][  T967] usb 9-1: config 0 descriptor??
[  598.175173][T19582] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4838'.
[  598.451164][T19592] loop4: detected capacity change from 0 to 512
[  598.464446][T19592] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  598.501880][T19592] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  598.561198][T19592] EXT4-fs error (device loop4): __ext4_iget:5071: inode #15: block 1803188595: comm syz.4.4844: invalid block
[  598.582367][T19592] EXT4-fs error (device loop4): ext4_orphan_get:1403: comm syz.4.4844: couldn't read orphan inode 15 (err -117)
[  598.602334][T19592] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  598.646329][  T967] uclogic 0003:5543:0064.001D: item fetching failed at offset 0/1
[  598.687033][  T967] uclogic 0003:5543:0064.001D: parse failed
[  598.701465][T19592] EXT4-fs error (device loop4): ext4_get_parent:1910: comm syz.4.4844: inode #2: comm syz.4.4844: iget: illegal inode #
[  598.729793][  T967] uclogic: probe of 0003:5543:0064.001D failed with error -22
[  598.864326][ T6125] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  598.877143][ T5854] usb 9-1: USB disconnect, device number 15
[  600.069815][T19635] loop8: detected capacity change from 0 to 1024
[  600.094802][T19635] EXT4-fs: Ignoring removed mblk_io_submit option
[  600.128106][T19635] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  600.175551][T19635] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  600.266955][T13162] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  600.327786][  T970] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  600.446992][T19644] loop8: detected capacity change from 0 to 1764
[  600.490312][T19644] iso9660: Corrupted directory entry in block 2 of inode 1920
[  600.539769][  T970] usb 10-1: Using ep0 maxpacket: 32
[  600.566178][  T970] usb 10-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  600.582402][  T970] usb 10-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  600.612146][  T970] usb 10-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  600.640986][  T970] usb 10-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  600.672378][  T970] usb 10-1: Product: syz
[  600.692591][  T970] usb 10-1: Manufacturer: syz
[  600.714902][  T970] hub 10-1:4.0: USB hub found
[  600.942470][  T970] hub 10-1:4.0: 5 ports detected
[  600.957303][  T970] hub 10-1:4.0: insufficient power available to use all downstream ports
[  601.004219][T19652] loop4: detected capacity change from 0 to 8192
[  601.046482][T19652] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  601.080570][   T28] kauditd_printk_skb: 11 callbacks suppressed
[  601.080588][   T28] audit: type=1800 audit(1770859664.743:294): pid=19652 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4870" name="file2" dev="loop4" ino=1048911 res=0 errno=0
[  601.109962][T19652] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  601.126416][T19652] FAT-fs (loop4): Filesystem has been set read-only
[  601.354188][  T967] usb 9-1: new full-speed USB device number 16 using dummy_hcd
[  601.379339][  T970] hub 10-1:4.0: set hub depth failed
[  601.417274][  T970] usb 10-1: USB disconnect, device number 4
[  601.437905][T19663] loop4: detected capacity change from 0 to 1024
[  601.457354][T19663] EXT4-fs: Invalid want_extra_isize 6
[  601.490273][T19663] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4876'.
[  601.603118][  T967] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 61, changing to 4
[  601.632267][  T967] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 8245, setting to 1023
[  601.672233][T19667] netlink: 'syz.4.4878': attribute type 3 has an invalid length.
[  601.681512][  T967] usb 9-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  601.705047][  T967] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  601.728419][  T967] usb 9-1: Product: syz
[  601.732671][  T967] usb 9-1: Manufacturer: syz
[  601.760929][  T967] usb 9-1: SerialNumber: syz
[  601.806370][  T967] usb 9-1: config 0 descriptor??
[  601.818702][  T967] hub 9-1:0.0: bad descriptor, ignoring hub
[  601.841487][  T967] hub: probe of 9-1:0.0 failed with error -5
[  601.865135][  T967] input: syz syz as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/input/input20
[  602.515568][  T970] usb 9-1: USB disconnect, device number 16
[  602.723039][T19676] loop4: detected capacity change from 0 to 32768
[  602.743952][T19676] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.4881 (19676)
[  602.773868][T19676] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  602.788148][T19676] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  602.799529][T19676] BTRFS info (device loop4): setting nodatacow, compression disabled
[  602.808713][T19676] BTRFS info (device loop4): force clearing of disk cache
[  602.816855][T19676] BTRFS info (device loop4): enabling ssd optimizations
[  602.825875][T19676] BTRFS info (device loop4): using spread ssd allocation scheme
[  602.846446][T19676] BTRFS info (device loop4): turning off barriers
[  602.853937][T19676] BTRFS info (device loop4): disabling free space tree
[  602.863886][T19676] BTRFS info (device loop4): not using ssd optimizations
[  602.871978][T19676] BTRFS info (device loop4): not using spread ssd allocation scheme
[  602.980856][T19676] BTRFS info (device loop4): rebuilding free space tree
[  603.041691][T19676] BTRFS info (device loop4): disabling free space tree
[  603.073210][T19676] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  603.097758][T19676] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  603.421416][ T6125] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  603.488342][T19689] loop9: detected capacity change from 0 to 32768
[  603.638640][T19689] XFS (loop9): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  603.663689][  T967] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[  603.866036][  T967] usb 9-1: Using ep0 maxpacket: 8
[  603.897369][  T967] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 13
[  603.931769][  T967] usb 9-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[  603.949295][  T967] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  603.976852][  T967] usb 9-1: Product: syz
[  603.992059][T19689] XFS (loop9): Ending clean mount
[  604.003809][  T967] usb 9-1: Manufacturer: syz
[  604.018189][  T967] usb 9-1: SerialNumber: syz
[  604.039518][  T967] usb 9-1: config 0 descriptor??
[  604.060413][  T967] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[  604.168392][T16963] XFS (loop9): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  604.316294][T19712] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  604.370180][T19712] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  604.396432][T15307] Bluetooth: hci2: Unknown advertising packet type: 0x33
[  604.396486][T15307] Bluetooth: hci2: Malformed LE Event: 0x0d
[  604.423735][  T967] gspca_zc3xx: reg_w_i err -71
[  604.574657][T19730] loop9: detected capacity change from 0 to 512
[  604.593278][T19730] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  604.661939][T19730] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  604.686697][T19730] ext4 filesystem being mounted at /277/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  604.782418][T19730] Quota error (device loop9): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  604.804719][T19737] loop4: detected capacity change from 0 to 256
[  604.818525][T19730] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[  604.829676][T19730] EXT4-fs error (device loop9): ext4_acquire_dquot:6949: comm syz.9.4894: Failed to acquire dquot type 0
[  604.976762][T16963] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  605.116492][  T967] gspca_zc3xx: Unknown sensor - set to TAS5130C
[  605.122961][  T967] gspca_zc3xx: probe of 9-1:0.0 failed with error -71
[  605.158415][  T967] usb 9-1: USB disconnect, device number 17
[  605.381804][T19750] veth1_to_bridge: entered promiscuous mode
[  605.401460][T19750] veth1_to_bridge: left promiscuous mode
[  605.918824][T19765] netlink: 'syz.9.4911': attribute type 30 has an invalid length.
[  606.660581][T19787] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4920'.
[  606.696515][T19787] netlink: 'syz.9.4920': attribute type 30 has an invalid length.
[  606.741560][T19787] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4920'.
[  606.908436][T19795] loop9: detected capacity change from 0 to 16
[  606.921334][T19795] erofs: (device loop9): mounted with root inode @ nid 36.
[  607.545694][T19791] loop8: detected capacity change from 0 to 32768
[  607.648107][T19791] XFS (loop8): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  607.776367][T19791] XFS (loop8): Ending clean mount
[  607.813197][T19791] XFS (loop8): Quotacheck needed: Please wait.
[  607.977663][T19791] XFS (loop8): Quotacheck: Done.
[  608.023934][  T967] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  608.149163][T13162] XFS (loop8): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  608.192153][T19808] loop4: detected capacity change from 0 to 32768
[  608.251267][  T967] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  608.272292][  T967] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  608.313201][T19808] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  608.330576][  T967] usb 10-1: New USB device found, idVendor=1020, idProduct=0006, bcdDevice= 0.00
[  608.371687][  T967] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  608.402944][  T967] usb 10-1: config 0 descriptor??
[  608.644962][T19808] XFS (loop4): Ending clean mount
[  608.676617][T19808] XFS (loop4): Quotacheck needed: Please wait.
[  608.872115][  T967] belkin 0003:1020:0006.001E: item fetching failed at offset 1/3
[  608.888942][T19808] XFS (loop4): Quotacheck: Done.
[  608.894067][  T967] belkin 0003:1020:0006.001E: parse failed
[  608.894146][  T967] belkin: probe of 0003:1020:0006.001E failed with error -22
[  609.125201][  T967] usb 10-1: USB disconnect, device number 5
[  609.199059][T19846] loop8: detected capacity change from 0 to 512
[  609.261024][T19846] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  609.275923][T19846] ext4 filesystem being mounted at /611/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  609.352982][ T6125] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  609.416968][T13162] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  610.255143][T19867] trusted_key: encrypted_key: key trusted:syz not found
[  610.474063][T19873] netlink: 184 bytes leftover after parsing attributes in process `syz.0.4950'.
[  610.557947][T19878] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4952'.
[  610.849233][T19886] team_slave_0: entered promiscuous mode
[  610.855068][T19886] team_slave_1: entered promiscuous mode
[  610.896892][T19886] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  610.925287][T19886] team0: Device macvtap1 is already an upper device of the team interface
[  610.941648][T19886] team_slave_0: left promiscuous mode
[  610.947269][T19886] team_slave_1: left promiscuous mode
[  611.158746][T19896] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  611.413096][T19905] IPVS: sync thread started: state = MASTER, mcast_ifn = team_slave_0, syncid = 4, id = 0
[  611.604820][ T2198] usb 9-1: new high-speed USB device number 18 using dummy_hcd
[  611.845293][ T2198] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  611.867906][ T2198] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  611.888720][ T2198] usb 9-1: New USB device found, idVendor=046d, idProduct=c52f, bcdDevice= 0.00
[  611.898851][ T2198] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  611.909989][ T2198] usb 9-1: config 0 descriptor??
[  612.255603][T19914] loop4: detected capacity change from 0 to 32768
[  612.292444][T19914] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[  612.330806][T19914] JBD2: Ignoring recovery information on journal
[  612.391447][ T2198] logitech-djreceiver 0003:046D:C52F.001F: unknown main item tag 0x0
[  612.406451][ T2198] logitech-djreceiver 0003:046D:C52F.001F: unknown main item tag 0x0
[  612.425556][ T2198] logitech-djreceiver 0003:046D:C52F.001F: unknown main item tag 0x0
[  612.444921][ T2198] logitech-djreceiver 0003:046D:C52F.001F: unknown main item tag 0x0
[  612.456618][ T2198] logitech-djreceiver 0003:046D:C52F.001F: unknown main item tag 0x0
[  612.471186][T19914] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  612.476016][ T2198] logitech-djreceiver 0003:046D:C52F.001F: unknown main item tag 0x0
[  612.502658][ T2198] logitech-djreceiver 0003:046D:C52F.001F: unknown main item tag 0x0
[  612.626252][ T2198] usb 9-1: USB disconnect, device number 18
[  612.766646][ T6125] ocfs2: Unmounting device (7,4) on (node local)
[  613.279310][T19938] loop4: detected capacity change from 0 to 64
[  613.372140][T19942] loop9: detected capacity change from 0 to 128
[  613.388800][T19942] affs: Error parsing options
[  613.565733][T19946] loop9: detected capacity change from 0 to 512
[  613.586748][T19946] FAT-fs (loop9): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  613.920279][T19954] loop9: detected capacity change from 0 to 256
[  613.932331][T19954] exfat: Deprecated parameter 'namecase'
[  613.952633][T19954] exfat: Deprecated parameter 'namecase'
[  614.033451][T19954] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d)
[  614.149778][T19954] syz.9.4988: attempt to access beyond end of device
[  614.149778][T19954] loop9: rw=524288, sector=34225520824, nr_sectors = 1 limit=256
[  614.205917][T19954] syz.9.4988: attempt to access beyond end of device
[  614.205917][T19954] loop9: rw=0, sector=34225520824, nr_sectors = 1 limit=256
[  614.255510][   T28] audit: type=1800 audit(1770859677.064:295): pid=19954 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.4988" name="file1" dev="loop9" ino=1048916 res=0 errno=0
[  614.286278][T19953] exFAT-fs (loop9): invalid start cluster (4278190088)
[  614.566549][T19974] netlink: 10 bytes leftover after parsing attributes in process `syz.9.5004'.
[  614.677653][T19972] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  615.717877][T19984] loop4: detected capacity change from 0 to 32768
[  615.743432][T19984] (syz.4.5001,19984,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  615.798270][T19984] (syz.4.5001,19984,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  615.884264][T19984] JBD2: Ignoring recovery information on journal
[  616.069621][T19984] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  616.105121][  T970] usb 9-1: new high-speed USB device number 19 using dummy_hcd
[  616.329892][  T970] usb 9-1: Using ep0 maxpacket: 8
[  616.353149][  T970] usb 9-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77
[  616.367278][T20018] loop9: detected capacity change from 0 to 64
[  616.375422][  T970] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=239
[  616.393635][  T970] usb 9-1: Product: syz
[  616.398960][  T970] usb 9-1: Manufacturer: syz
[  616.409060][T20018] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended.  mounting read-only.
[  616.428621][  T970] usb 9-1: SerialNumber: syz
[  616.444391][ T6125] ocfs2: Unmounting device (7,4) on (node local)
[  616.457907][  T970] usb 9-1: config 0 descriptor??
[  616.463158][T20018] hfs: filesystem is marked locked, mounting read-only.
[  616.481771][  T970] gspca_main: sq905-2.14.0 probing 2770:9120
[  617.145721][  T970] gspca_sq905: sq905_command: usb_control_msg failed (-71)
[  617.164854][  T970] sq905: probe of 9-1:0.0 failed with error -71
[  617.173512][  T970] usb 9-1: USB disconnect, device number 19
[  617.670795][T20027] loop9: detected capacity change from 0 to 32768
[  617.772820][T20027] XFS (loop9): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  617.963477][T20027] XFS (loop9): Ending clean mount
[  618.132532][T20050] loop4: detected capacity change from 0 to 4096
[  618.155177][T16963] XFS (loop9): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  618.276640][T20056] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  618.682291][T20061] kAFS: unable to lookup cell 's
էK��yy��
[  618.682291][T20061] 
[  618.682291][T20061] =6%�*�;�e�ܲ5�;Z�*��d{���iEl�ZS�j��UF
/���k!��b��tF\_��vf�Vn�D��P�����P�B1�%�A)X��\YT"8ώ��d�J_��.�����5d�#�ۜ�h�Gp6�"�5ͺ��*��
�,����I���m��I�-(W
�A�?���W��Z)n�[��qGjnڇ%(�J-�%�ؘccʵ���{|�6Z�����A�5�k�@�a���+o��S�T;���]5��!�G3�{��K���,'
[  619.162725][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  619.418815][T20057] loop8: detected capacity change from 0 to 32768
[  619.431313][T20081] sp0: Synchronizing with TNC
[  619.446568][T20081] sp0: Found TNC
[  619.473641][T20057] JBD2: Ignoring recovery information on journal
[  619.639806][T20057] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode.
[  619.860151][T13162] ocfs2: Unmounting device (7,8) on (node local)
[  619.935404][ T5780] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  620.165329][ T5780] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 229, changing to 11
[  620.191606][ T5780] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  620.212551][ T5780] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  620.263153][ T5780] usb 10-1: New USB device found, idVendor=5543, idProduct=3031, bcdDevice= 0.00
[  620.272365][ T5780] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  620.339243][ T5780] usb 10-1: config 0 descriptor??
[  620.508488][T20100] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5051'.
[  620.769833][T20106] loop8: detected capacity change from 0 to 64
[  620.789993][T20106] BFS-fs: bfs_fill_super(): loop8 is unclean, continuing
[  621.028346][ T5780] usb 10-1: string descriptor 0 read error: -71
[  621.051152][ T5780] uclogic 0003:5543:3031.0020: failed retrieving string descriptor #200: -71
[  621.083093][ T5780] uclogic 0003:5543:3031.0020: failed retrieving pen parameters: -71
[  621.100590][ T5780] uclogic 0003:5543:3031.0020: failed probing pen v2 parameters: -71
[  621.109843][ T5780] uclogic 0003:5543:3031.0020: failed probing parameters: -71
[  621.118278][ T5780] uclogic: probe of 0003:5543:3031.0020 failed with error -71
[  621.154023][ T5780] usb 10-1: USB disconnect, device number 6
[  621.423433][T20116] sctp: [Deprecated]: syz.4.5059 (pid 20116) Use of int in max_burst socket option.
[  621.423433][T20116] Use struct sctp_assoc_value instead
[  621.621572][T20110] loop8: detected capacity change from 0 to 32768
[  621.650068][T20110] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop8 scanned by syz.8.5056 (20110)
[  621.702136][T20110] BTRFS info (device loop8): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  621.723144][T20110] BTRFS info (device loop8): using crc32c (crc32c-intel) checksum algorithm
[  621.743494][T20110] BTRFS info (device loop8): setting nodatasum
[  621.775753][T20110] BTRFS info (device loop8): force zlib compression, level 3
[  621.802967][T20110] BTRFS info (device loop8): setting incompat feature flag for COMPRESS_LZO (0x8)
[  621.816470][T20110] BTRFS info (device loop8): use lzo compression, level 0
[  621.824763][T20110] BTRFS info (device loop8): turning on flush-on-commit
[  621.831905][T20110] BTRFS info (device loop8): enabling auto defrag
[  621.842757][T20110] BTRFS info (device loop8): max_inline at 4096
[  621.853121][T20110] BTRFS info (device loop8): using free space tree
[  622.052377][T20110] BTRFS info (device loop8): enabling ssd optimizations
[  622.243922][   T28] audit: type=1326 audit(1770859684.530:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20143 comm="syz.9.5065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f143299bf79 code=0x7fc00000
[  622.324191][   T28] audit: type=1326 audit(1770859684.530:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20143 comm="syz.9.5065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f143299bf79 code=0x7fc00000
[  622.369952][T13162] BTRFS info (device loop8): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  622.381024][   T28] audit: type=1326 audit(1770859684.530:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20143 comm="syz.9.5065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f143299bf79 code=0x7fc00000
[  622.411458][   T28] audit: type=1326 audit(1770859684.530:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20143 comm="syz.9.5065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f143299bf79 code=0x7fc00000
[  622.468922][   T28] audit: type=1326 audit(1770859684.530:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20143 comm="syz.9.5065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f143299bf79 code=0x7fc00000
[  622.500784][T20149] loop4: detected capacity change from 0 to 512
[  622.561533][T20149] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  622.576369][   T28] audit: type=1326 audit(1770859684.530:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20143 comm="syz.9.5065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f143299bf79 code=0x7fc00000
[  622.632485][   T28] audit: type=1326 audit(1770859684.530:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20143 comm="syz.9.5065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f143299bf79 code=0x7fc00000
[  622.671993][   T28] audit: type=1326 audit(1770859684.530:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20143 comm="syz.9.5065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f143299bf79 code=0x7fc00000
[  622.696523][   T28] audit: type=1326 audit(1770859684.530:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20143 comm="syz.9.5065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f143299bf79 code=0x7fc00000
[  622.719333][   T28] audit: type=1326 audit(1770859684.530:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20143 comm="syz.9.5065" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f143299bf79 code=0x7fc00000
[  622.765686][T20149] EXT4-fs (loop4): 1 orphan inode deleted
[  622.771505][T20149] EXT4-fs (loop4): 1 truncate cleaned up
[  622.820519][T20149] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  622.997643][ T6125] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  623.435882][T20159] loop4: detected capacity change from 0 to 512
[  623.534507][T20159] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  623.558291][T20159] ext4 filesystem being mounted at /1090/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  623.707878][ T6125] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  624.126790][T20157] loop8: detected capacity change from 0 to 40427
[  624.138929][T20157] F2FS-fs (loop8): Small segment_count (9 < 1 * 24)
[  624.138955][T20157] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  624.170223][T20157] F2FS-fs (loop8): Found nat_bits in checkpoint
[  624.334525][T20157] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  624.334556][T20157] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  624.537090][T13162] syz-executor: attempt to access beyond end of device
[  624.537090][T13162] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  624.597712][T13162] F2FS-fs (loop8): Stopped filesystem due to reason: 3
[  624.874887][T20171] loop4: detected capacity change from 0 to 256
[  624.907981][T20171] exfat: Deprecated parameter 'namecase'
[  624.994225][T20171] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  625.455968][T20174] loop4: detected capacity change from 0 to 4096
[  626.441256][T20198] loop9: detected capacity change from 0 to 4096
[  626.453277][T20178] loop8: detected capacity change from 0 to 32768
[  626.494938][T20178] (syz.8.5073,20178,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  626.517779][T20198] ntfs: volume version 3.1.
[  626.539205][T20178] (syz.8.5073,20178,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  626.661685][T20178] JBD2: Ignoring recovery information on journal
[  626.689422][T20204] ptrace attach of "./syz-executor exec"[5770] was attempted by ""[20204]
[  626.806301][T20178] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode.
[  627.048307][T13162] ocfs2: Unmounting device (7,8) on (node local)
[  627.442773][T20220] loop4: detected capacity change from 0 to 256
[  627.461695][T20220] exfat: Deprecated parameter 'namecase'
[  627.487852][T20220] exfat: Deprecated parameter 'namecase'
[  627.569142][T20220] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e0d861, utbl_chksum : 0xe619d30d)
[  627.997208][T20228] loop8: detected capacity change from 0 to 1024
[  628.060450][T20228] hfsplus: bad catalog entry type
[  628.218183][T20232] loop9: detected capacity change from 0 to 4096
[  628.999029][T20231] loop4: detected capacity change from 0 to 32768
[  629.035366][T20231] (syz.4.5100,20231,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  629.064563][T20242] loop9: detected capacity change from 0 to 4096
[  629.073242][T20231] (syz.4.5100,20231,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  629.171762][T20231] JBD2: Ignoring recovery information on journal
[  629.263564][T20231] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  629.306895][T20242] ntfs3: loop9: ino=3, ntfs_set_state failed, -22.
[  629.313584][T20242] ntfs3: loop9: Failed to initialize $Extend/$ObjId.
[  629.449155][   T28] kauditd_printk_skb: 2941 callbacks suppressed
[  629.449171][   T28] audit: type=1800 audit(1770859691.284:3247): pid=20242 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.5105" name="file1" dev="loop9" ino=30 res=0 errno=0
[  629.479174][T20241] ntfs3: loop9: ino=1e, "file1" attr_set_size
[  629.568682][   T48] ntfs3: loop9: ino=3, ntfs3_write_inode failed, -22.
[  629.592758][T16963] ntfs3: loop9: ino=3, ntfs_set_state failed, -22.
[  629.615795][T20236] loop8: detected capacity change from 0 to 32768
[  629.622974][T16963] ntfs3: loop9: Mark volume as dirty due to NTFS errors
[  629.634059][T16963] ntfs3: loop9: ino=3, ntfs_set_state failed, -22.
[  629.690199][ T2884] ntfs3: loop9: ino=3, ntfs3_write_inode failed, -22.
[  629.702029][ T6125] ocfs2: Unmounting device (7,4) on (node local)
[  629.771851][T20236] XFS (loop8): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  630.060006][T20236] XFS (loop8): Ending clean mount
[  630.105423][T20236] XFS (loop8): Quotacheck needed: Please wait.
[  630.288847][T20236] XFS (loop8): Quotacheck: Done.
[  630.539616][T13162] XFS (loop8): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  630.703176][T20272] loop9: detected capacity change from 0 to 512
[  630.736534][T20274] loop4: detected capacity change from 0 to 256
[  630.787340][T20272] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  630.870261][T20272] ext4 filesystem being mounted at /345/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  630.983823][T16963] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  632.817389][T20318] netlink: 'syz.4.5133': attribute type 3 has an invalid length.
[  632.852478][T20318] netlink: 666 bytes leftover after parsing attributes in process `syz.4.5133'.
[  632.935308][T20308] loop9: detected capacity change from 0 to 40427
[  632.975992][T20308] F2FS-fs (loop9): build fault injection attr: rate: 690, type: 0x7ffff
[  633.018461][T20308] F2FS-fs (loop9): build fault injection attr: rate: 0, type: 0x2
[  633.039271][T20308] F2FS-fs (loop9): Image doesn't support compression
[  633.078571][T20308] F2FS-fs (loop9): Image doesn't support compression
[  633.101144][T20308] F2FS-fs (loop9): invalid crc value
[  633.137916][T20308] F2FS-fs (loop9): Found nat_bits in checkpoint
[  633.304044][T20308] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  633.366026][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  633.372469][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  633.505154][T16963] syz-executor: attempt to access beyond end of device
[  633.505154][T16963] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  633.552835][T16963] F2FS-fs (loop9): Stopped filesystem due to reason: 3
[  633.692719][T20337] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  634.134499][   T28] audit: type=1326 audit(1770859695.662:3248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20345 comm="syz.8.5145" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff0e219bf79 code=0x0
[  634.234754][T20333] loop4: detected capacity change from 0 to 32768
[  634.313216][T20333] JBD2: Ignoring recovery information on journal
[  634.371452][T20333] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  634.661204][ T6125] ocfs2: Unmounting device (7,4) on (node local)
[  635.133180][T20359] loop9: detected capacity change from 0 to 32768
[  635.649894][T20376] loop8: detected capacity change from 0 to 1024
[  635.745190][T20378] openvswitch: netlink: Actions may not be safe on all matching packets
[  635.798328][   T59] hfsplus: b-tree write err: -5, ino 4
[  636.004255][T20383] loop8: detected capacity change from 0 to 512
[  636.072995][T20383] EXT4-fs error (device loop8): ext4_validate_block_bitmap:439: comm syz.8.5159: bg 0: block 255: padding at end of block bitmap is not set
[  636.136138][T20383] EXT4-fs error (device loop8) in ext4_mb_clear_bb:6653: Corrupt filesystem
[  636.170069][T20383] EXT4-fs error (device loop8): ext4_free_branches:1030: inode #11: comm syz.8.5159: invalid indirect mapped block 1 (level 1)
[  636.235701][T20383] EXT4-fs (loop8): 1 truncate cleaned up
[  636.242915][T20383] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  636.474425][T13162] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  636.623517][T20368] loop4: detected capacity change from 0 to 32768
[  636.669625][T20368] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  636.684703][T20368] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  636.844188][T20368] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms
[  636.871036][T20402] loop9: detected capacity change from 0 to 256
[  636.978186][T20402] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[  637.023450][T20368] gfs2: fsid=syz:syz.s: first mount done, others may mount
[  638.043403][T20421] loop8: detected capacity change from 0 to 4096
[  638.058513][T20421] ntfs3: loop8: Different NTFS sector size (1024) and media sector size (512).
[  638.217142][T20421] ntfs3: loop8: Mark volume as dirty due to NTFS errors
[  639.779882][T20463] loop9: detected capacity change from 0 to 128
[  639.800771][T20463] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  639.842320][T20463] hpfs: filesystem error: improperly stopped
[  639.867164][T20463] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  639.912685][T20463] hpfs: You really don't want any checks? You are crazy...
[  639.921967][T20463] hpfs: hpfs_map_sector(): read error
[  639.939066][T20463] hpfs: code page support is disabled
[  639.955749][T20463] hpfs: hpfs_map_4sectors(): unaligned read
[  639.966177][T20468] netlink: 12 bytes leftover after parsing attributes in process `syz.8.5194'.
[  639.973091][T20463] hpfs: hpfs_map_4sectors(): unaligned read
[  639.992144][T20463] hpfs: filesystem error: unable to find root dir
[  640.236001][ T5780] IPVS: starting estimator thread 0...
[  640.359122][T20475] IPVS: using max 22 ests per chain, 52800 per kthread
[  642.225815][T20543] netlink: 52 bytes leftover after parsing attributes in process `syz.9.5233'.
[  642.241486][T20543] netlink: 48 bytes leftover after parsing attributes in process `syz.9.5233'.
[  642.903068][  T967] usb 9-1: new full-speed USB device number 20 using dummy_hcd
[  643.108424][  T967] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  643.127556][  T967] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 2
[  643.136663][  T967] usb 9-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  643.146402][  T967] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  643.160916][  T967] usb 9-1: config 0 descriptor??
[  643.174549][  T967] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  643.190156][  T967] dvb-usb: bulk message failed: -22 (3/0)
[  643.219192][  T967] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  643.229791][  T967] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  643.238162][  T967] usb 9-1: media controller created
[  643.245868][  T967] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  643.306377][  T967] dvb-usb: bulk message failed: -22 (6/0)
[  643.321855][  T967] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  643.342937][  T967] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.8/usb9/9-1/input/input21
[  643.369608][  T967] dvb-usb: schedule remote query interval to 150 msecs.
[  643.390860][  T967] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  643.522661][T20554] dvb-usb: bulk message failed: -22 (2/0)
[  643.545007][ T2198] usb 9-1: USB disconnect, device number 20
[  643.609832][ T2198] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  644.828869][T20587] loop8: detected capacity change from 0 to 64
[  644.912215][T20573] loop9: detected capacity change from 0 to 32768
[  644.969917][   T48] ------------[ cut here ]------------
[  644.975566][   T48] kernel BUG at fs/hfs/inode.c:449!
[  644.982003][T20573] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop9 scanned by syz.9.5247 (20573)
[  645.009839][   T48] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[  645.015998][   T48] CPU: 0 PID: 48 Comm: kworker/u4:3 Not tainted syzkaller #0
[  645.023408][   T48] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  645.033507][   T48] Workqueue: writeback wb_workfn (flush-7:8)
[  645.039542][   T48] RIP: 0010:hfs_write_inode+0x87a/0x880
[  645.045130][   T48] Code: c7 c1 00 93 30 97 80 e1 07 80 c1 03 38 c1 0f 8c 73 fe ff ff 48 c7 c7 00 93 30 97 e8 b0 0f 84 ff e9 62 fe ff ff e8 b6 e6 2b ff <0f> 0b 0f 1f 40 00 f3 0f 1e fa 55 41 57 41 56 41 54 53 48 89 fb 49
[  645.064793][   T48] RSP: 0018:ffffc90000b97340 EFLAGS: 00010293
[  645.070900][   T48] RAX: ffffffff825b2cea RBX: ffff888025c67028 RCX: ffff888018ee5a00
[  645.078928][   T48] RDX: 0000000000000000 RSI: ffffffff8d339760 RDI: 0000000000000000
[  645.086938][   T48] RBP: ffffc90000b974d0 R08: ffff888018ee5a00 R09: 0000000000000003
[  645.094957][   T48] R10: 0000000000000004 R11: 0000000000000000 R12: dffffc0000000000
[  645.102977][   T48] R13: 1ffff92000172e6c R14: ffff888025c66fd8 R15: 0000000000000000
[  645.110973][   T48] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  645.119928][   T48] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  645.126540][   T48] CR2: 00007f49c977f000 CR3: 000000006133a000 CR4: 00000000003506f0
[  645.134542][   T48] Call Trace:
[  645.137840][   T48]  <TASK>
[  645.140795][   T48]  ? hfs_inode_write_fork+0x1a0/0x1a0
[  645.146208][   T48]  ? __rwlock_init+0x150/0x150
[  645.151032][   T48]  __writeback_single_inode+0x705/0xec0
[  645.156608][   T48]  writeback_sb_inodes+0x7cd/0xf50
[  645.161760][   T48]  ? queue_io+0x550/0x550
[  645.166128][   T48]  ? rcu_is_watching+0x15/0xb0
[  645.170925][   T48]  wb_writeback+0x46a/0xbf0
[  645.175457][   T48]  ? queue_io+0x351/0x550
[  645.179820][   T48]  ? percpu_ref_tryget+0x250/0x250
[  645.184962][   T48]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  645.190971][   T48]  ? _raw_spin_unlock_irq+0x23/0x50
[  645.196190][   T48]  wb_workfn+0x400/0xe60
[  645.200457][   T48]  ? try_to_wake_up+0x70a/0x1190
[  645.205433][   T48]  ? inode_wait_for_writeback+0x230/0x230
[  645.211278][   T48]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  645.217291][   T48]  ? read_lock_is_recursive+0x20/0x20
[  645.222698][   T48]  ? _raw_spin_unlock_irq+0x23/0x50
[  645.227918][   T48]  ? process_scheduled_works+0x96f/0x15d0
[  645.233663][   T48]  ? process_scheduled_works+0x96f/0x15d0
[  645.239431][   T48]  process_scheduled_works+0xa5d/0x15d0
[  645.245017][   T48]  ? assign_work+0x430/0x430
[  645.249644][   T48]  ? assign_work+0x3d0/0x430
[  645.254299][   T48]  worker_thread+0xa55/0xfc0
[  645.258929][   T48]  kthread+0x2fa/0x390
[  645.263027][   T48]  ? pr_cont_work+0x560/0x560
[  645.267728][   T48]  ? kthread_blkcg+0xd0/0xd0
[  645.272342][   T48]  ret_from_fork+0x48/0x80
[  645.276782][   T48]  ? kthread_blkcg+0xd0/0xd0
[  645.281396][   T48]  ret_from_fork_asm+0x11/0x20
[  645.286190][   T48]  </TASK>
[  645.289326][   T48] Modules linked in:
[  645.293503][    C0] vkms_vblank_simulate: vblank timer overrun
[  645.394210][T20573] BTRFS info (device loop9): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  645.405106][T20573] BTRFS info (device loop9): using crc32c (crc32c-intel) checksum algorithm
[  645.411569][   T48] ---[ end trace 0000000000000000 ]---
[  645.413894][T20573] BTRFS info (device loop9): allowing degraded mounts
[  645.456794][   T48] RIP: 0010:hfs_write_inode+0x87a/0x880
[  645.469765][T20573] BTRFS info (device loop9): enabling ssd optimizations
[  645.473529][   T48] Code: c7 c1 00 93 30 97 80 e1 07 80 c1 03 38 c1 0f 8c 73 fe ff ff 48 c7 c7 00 93 30 97 e8 b0 0f 84 ff e9 62 fe ff ff e8 b6 e6 2b ff <0f> 0b 0f 1f 40 00 f3 0f 1e fa 55 41 57 41 56 41 54 53 48 89 fb 49
[  645.476944][T20573] BTRFS info (device loop9): allowing degraded mounts
[  645.527147][   T48] RSP: 0018:ffffc90000b97340 EFLAGS: 00010293
[  645.540634][   T48] RAX: ffffffff825b2cea RBX: ffff888025c67028 RCX: ffff888018ee5a00
[  645.548994][T20573] BTRFS info (device loop9): using free space tree
[  645.583466][   T48] RDX: 0000000000000000 RSI: ffffffff8d339760 RDI: 0000000000000000
[  645.604761][   T48] RBP: ffffc90000b974d0 R08: ffff888018ee5a00 R09: 0000000000000003
[  645.624976][   T48] R10: 0000000000000004 R11: 0000000000000000 R12: dffffc0000000000
[  645.648035][   T48] R13: 1ffff92000172e6c R14: ffff888025c66fd8 R15: 0000000000000000
[  645.660824][   T48] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  645.669947][   T48] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  645.678242][   T48] CR2: 00002000007b4000 CR3: 000000005ee17000 CR4: 00000000003506f0
[  645.686478][   T48] Kernel panic - not syncing: Fatal exception
[  645.692886][   T48] Kernel Offset: disabled
[  645.697676][   T48] Rebooting in 86400 seconds..