last executing test programs:

1m1.032477309s ago: executing program 0 (id=1065):
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f00000000c0)={0x80000043, 0x0, 0x0, 0x3}, 0x10)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88)
recvmmsg(r0, &(0x7f0000002a80)=[{{0x0, 0xfffffffffffffd7a, &(0x7f0000000000)=[{&(0x7f00000002c0)=""/65, 0x4f}], 0x1}, 0x38000}], 0x1, 0x40010000, 0x0)

1m0.823096044s ago: executing program 0 (id=1068):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x4008132, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mq_unlink(&(0x7f0000000280)='fd/3\x00')
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)

1m0.622248634s ago: executing program 0 (id=1071):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x901800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x18)

1m0.284861673s ago: executing program 0 (id=1074):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x400e, &(0x7f0000000640), 0x1, 0x451, &(0x7f00000001c0)="$eJzs28tvG0UYAPBv7SQlfZBQlUcfQKAgyitp0lJ64AICiQNISHAox5CkVanboCZItKqgRagcUSVOvSAuSEj8BZzggoATEle4I6QK5dLCyWhtb2O7thOnjhfq30/adGZ30vk+7449uxMHMLAm0h9JxPaI+C0ixqrVxgYT1X9urFyY+3vlwlwS5fKbfyWVdtdXLsxlTbPf25ZVhiIKnySxt0W/S+fOn5otlRbO1upTy6ffm1o6d/7Zk6dnTyycWDgzc/To4UPTzx+Zea4neaZ5Xd/z4eK+3a++feX1uWNX3vnpmyTLvymPHpnodPDxcrnH3eVrR105GcoxELpSrA7TGK6M/7EoxurJG4tXPs41OGBTlcvl8n3tD18sA3ewJPKOAMhH9kGf3v9mW5+mHv8J116s3gCled+obdUjQ1GotRluur/tpYmIOHbxny/SLTbnOQQAQIPv0vnPM63mf4Wofy50d20NZTwi7omInRFxJCJ2RcS9EZW290fEA13237xIcuv8pzC8ocTWKZ3/vVBb22qc/2Wzvxgv1mo7KvkPJ8dPlhYO1l6TAzG8Ja1Pd+jj+5d//azdsfr5X7ql/WdzwUvVOP4c2tL4O/Ozy7O3m3fm2qWIPUOt8k9urgQkEbE7IvZssI+TT329r92xTvmvqQfrTOUvI56onv+L0ZR/Jum8Pjl1V5QWDk5lV8Wtfv7l8hvt+r+t/HsgPf9bW17/N/MfT+rXa5e6+d+vPpn+vPz7p23vadbOv/X1P5K81bDvg9nl5bPTESPJa9Wg6/fPNLWbWW2f5n9gf+vxvzNWX4m9EZFexA9GxEMR8XAt9kci4tGI2N/hVfjxpcfe3Xj+myvNf76r879aGInmPa0LxVM/fNvQ6Xg3+afn/3CldKC2Zz3vf+uJq9urGQAAAP6vChGxPZLC5M1yoTA5Wf0b/l2xtVBaXFp++vji+2fmq98RGI/hQvaka6zueeh07bY+q8801Q/Vnht/Xhyt1CfnFkvzeScPA25bm/Gf+qOYtbqaY4TApvJ9LRhcxj8MLuMfBtZXC3lHAORkZbTF5/9oHpEA/ddq/v9RDnEA/dc0/ot5xQH0n+d/MLg2Mv69Z8CdoeNYHulfHEBfLY3G2l+SVxigwmjEui6JKOQeqsImFvJ+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiNfwMAAP//0YXoCg==")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x4008, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
listxattr(&(0x7f0000000240)='./file0\x00', 0x0, 0xf)

59.73733061s ago: executing program 0 (id=1080):
rt_sigprocmask(0x2, &(0x7f0000000040)={[0x6d285c1d]}, 0x0, 0x8)
r0 = gettid()
tkill(r0, 0x14)
rt_sigprocmask(0x2, &(0x7f00000001c0)={[0x7]}, 0x0, 0x8)

58.137057583s ago: executing program 0 (id=1093):
r0 = socket$inet6(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r1}, 0x18)
sendto$inet6(r0, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)

57.72243101s ago: executing program 32 (id=1093):
r0 = socket$inet6(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r1}, 0x18)
sendto$inet6(r0, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)

41.921316383s ago: executing program 5 (id=1247):
r0 = syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0xe47, 0x80, 0x0, 0x21e}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x2000000000000002, 0x0, 0x2, 0x0, 0x1})
io_uring_enter(r0, 0x47fa, 0x0, 0x0, 0x0, 0x0)

41.765697995s ago: executing program 3 (id=1248):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x42, 0x0)
r0 = add_key$user(&(0x7f0000000380), &(0x7f0000000000), &(0x7f00000003c0)='X', 0x1, 0xfffffffffffffffe)
r1 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r0, r1, r1}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'streebog512-generic\x00'}})

41.409664926s ago: executing program 3 (id=1251):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000ffed000005"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r1}, 0x18)
lsm_get_self_attr(0x64, 0x0, &(0x7f0000001280)=0x38, 0x0)

41.124112216s ago: executing program 3 (id=1253):
socket$packet(0x11, 0xa, 0x300)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x20004088}, 0x10)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

40.828610942s ago: executing program 5 (id=1256):
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r0 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000000)=0x5, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0xa, 0x4e1f, 0x3, @mcast2={0xff, 0x5}, 0xfffffffc}, 0x1c)

40.542606505s ago: executing program 5 (id=1257):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000002380)='./file0\x00', 0x80000c, &(0x7f0000000040)=ANY=[@ANYRES8=0x0, @ANYRESHEX=0x0, @ANYRES16, @ANYRESHEX=0x0, @ANYBLOB="2c756d61736b3d30303030303030303030303030303030303030303030302c6465636f6d706f73652c666f7263652c6e6f6465636f6d706f73652c626172726965722c6e6f6465636f6d706f73652c747970653db029e1c02c7569643d", @ANYRESHEX=0x0, @ANYBLOB="2c747970653dd2100d1b2c7529643dd4f81c66210bbcbf82440a104ab956f2ba5e36e41ccb1b040fa8b829b0b87078de654c66ac22aebaa2c653ef127e38e0aa2229f9cf6a8503", @ANYRESDEC, @ANYBLOB='\x00\x00\x00\x00\x00', @ANYRESHEX=0x0, @ANYRES8=0x0], 0x2, 0x6ee, &(0x7f0000032440)="$eJzs3UtoHOcdAPD/rFYrrQqOnPiRlkCWGNJSUVuyUFr1UreUokMoIT30vNhyLLyWg6QU2ZRG6ePeQ049pQfdQg8lvRvac0NKyVXHQCGXnHSqyszO7EMa7a5s2do6v5+YnW/me8w3/3nt7CAmgK+tlbmoPookVube3E6n93YXWxO7i1N5disiahFRiai2R5GsR5Z7Ix/im+nMvHzSafhf/cv5cG357c+/2vuiPVXNh6x80ldvuNrRWTv5EI2ImMjHR00e0+Inhxff197NY9sbVXcN04BdKQIXf3qiVuGJHRyx08n7+N/Z56DqJzlugTGVtK+bR8xGzETEdET7qp+fHSrPtnenb+esOwAAAAAnVT95lRf2Yz+249zT6A4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8r/L3/yf5UCnSjUiK9//X8nmRp9tzx8rwFyF+NtUeP3r6nQEAAAAAAACAp+7V/diP7ThXTB8k2TP/13qe8X8j3ovNWI2NuBrb0Yyt2IqNWIiI2Z6GatvNra2NhaxmxIUBNa/HpyU1rx/fxxunvM4AAAAAAAAAMOaG/Sf+3clOcqdI/DZWus//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgHCQRE+1RNlwo0rNRqUbEdFFuJ+LTiKidbW9PJCmb+ejZ9wMAAACeyHT/ZDI9Qp0X3o/92I5zxfRBkt3zX8rul6fjvViPrViLrWjFatzK76HTu/7K3u5ia2938V46HG33x1+eqOtZi9H+7aF8yS9nJepxO9ayOVfjZiRxkKnkrby8t7uYju+V9+uDtE/Jj3IDejPRk76Vflz+JEv/sf9XhGp79N8TrelJVY7Nmc1yJzsRmc/7ltY4X0SgPBJ9W6dsN6kOXNJCVDq//FwYvKTymH8weJ1nDpUq/eXmTByOxPWodLbQpcGRiPj23z7+5Z3W+t07tzfnxmeVSr0/tMThSCz2ROLycxSJ4eazSFzsTK/Ez+IXMRdfTr0VG7EWv4pmbMVqo8hv5vtz+jk7OFKfzfROvTWsJ+kx2eicv8r61Ii+PkUjfpqlmvFatk3PxVokcT8iVuON7O96LHTOBt0tfHGEo74ywpm2x5XvZKNOmKJ+fNm/jNbkaUnjer4nrr3n3Nksr3dON0ovlkapuNaNfj3qUf1Wnkhb+N3A68OzdjgSCz2ReOm4/aUd0j9nV5PN1vrdjTvNd0dc3uv5OD2O/jBWV4l0bV6M6XzlzmefSXZMzWd5L3WusP3xquVPXNoqR/Iuduq1j9Sfx/241Xekfj+WYimWs9KXstKTR65Yad7lTkv95/A0L/2mVe082On9vnU/Wu3vQwCMt5nvztTq/6n/s/5R/ff1O/U3p38y9YOpV2ox+Y/JH1bnJ16vvJL8NT6K33Tv/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMe3+eDh3WartbpRnqiUZyWDazVbB8WLxAaU6Usk+atyRiicbD54eDC0wcGJqbx7j1n9NBPFa/iGF24MbKf6RN1Idg5vr+nh26J4y9MIi0iOBDyt/NihK5bcnTM5BpvycKJxeg0WO2xP1sn33nrZ9pqIiLLCQ04cE6dx9gHO0rWte+9e23zw8Htr95rvrL6zuj65tLQ8v7z0xuK122ut1fn2Z0+F6hl2FjhVvV8nOmoR8erwugNe1AoAAAAAAAAAAAA8Rc/ifyHOeh0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/28rc1F9FEkszF+dT6f3dhdb6VCkuyWrEVGJiOTXEcnfI25Ee4jZnuaS45bz4dry259/tfdFt61qUb4SsXNsvdHs5EM0ImIiH59WezeHt1frJqdKspNOZNKAXSkCB2ftfwEAAP//jLTthw==")
r0 = landlock_create_ruleset(&(0x7f00000000c0)={0x100}, 0x18, 0x0)
landlock_restrict_self(r0, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x10507e, 0x0)

40.265307246s ago: executing program 5 (id=1260):
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil)
pipe2(&(0x7f00000000c0), 0x0)
unshare(0x24020400)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="183f0000000000000000000003000000950000000000000095"], &(0x7f00000003c0)='GPL\x00', 0x1, 0xff9, &(0x7f0000001840)=""/4089, 0x0, 0x6, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)

39.829354439s ago: executing program 3 (id=1264):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0xffffffffffffffb0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000002b0009ef"], 0x14}}, 0x84)

39.747205637s ago: executing program 5 (id=1265):
sendmsg$IEEE802154_LLSEC_ADD_DEV(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x48}, 0x4, 0x700000000000000}, 0x0)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r0, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x4})
ioctl$sock_netdev_private(r0, 0x89f5, &(0x7f0000000000))

39.666819724s ago: executing program 3 (id=1266):
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000000)='./file1\x00', 0x810, &(0x7f00000001c0)={[{@treelog}, {@nodatacow}, {@max_inline={'max_inline', 0x3d, [0x6d, 0x33, 0x78, 0x39, 0x65, 0x36]}}, {@space_cache}, {@nodatasum}, {@nobarrier}, {@flushoncommit}, {@noautodefrag}, {@ref_verify}, {@noenospc_debug}, {@clear_cache}, {@commit={'commit', 0x3d, 0x3}}, {@ssd}, {@nobarrier}, {@max_inline={'max_inline', 0x3d, [0x38, 0x36, 0x38, 0x35, 0x32, 0x25]}}]}, 0x1, 0x50f3, &(0x7f000000a2c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734fVCUoXQKNkkNY6beL22gUQtVdaUqhEpzbqhoCqi2NhrsnjBjm1KjEJkbCIaIShtkJIPRRhFUc0HqBWISAoIFymOUHlEVEUBBAqtIQoipSQRaYIUqtl7z+ydc3cefqzx0t9P8s6Z+Z/nnYfn3HvnXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/h4Feu+dtm8Ud/e96zL1w8fsWetRe/et15pz4ZwsTM4x1ZuKP/xtvHf373uffseWD1HfcdPv+jvXm5PB4Gqn868zs3xFoPLw7h/o4QutPAisEs0JPfH4z1vW8whFPCbKBWYrI/K5E2HL7fF8K+MBuoVfW9vhAGC4ELn3rk4Zuridv6QlgaQqikbTxfydroSwNn9GaB/jSwtTsL/OqtTC3w3c4sAMcsvhlqL/oDE/UZhucu1+D113PcOvb2SofXFRPDjfP9bO08d6qgN31g4pietlJ1zIvS2+Ogd9sCeLeVtvOtnrbiF6n8G8pbs6FK6Nw0uXnD1dM74yOdYXS0q1FN8/Q8P/P6lzYeSXrBvA5jB4aPy+vwlieW3t21/ILH71ux9OX9H9v7yrF280eFTVpMz7dKyF9zC+Z5jMZ9niyAt1/pW9KIL10hhM2f/73PNIuX5v/Dzef/8eUcbzvrcsda3xzK5ubxkcGYeG0om5sDAADAgrEQ9ppuHX3oE83qK83/R9o7/h8P+eeT+Wy0B0MYn0nsXRLCaTOPZ4G7YnOXLQnhgzOpifrA2iRwMIT3ziSW16pKSiyKJUaSwE+G8sB4EjgUAxNJ4FsxcGsSuCEGDiSBjTFwMAmcGwNhqn4cvz+Uj6PtQF8MrM824oF4FsIvhmJrybZ6rlYVAADAcZLPDnvq7xbOdTjWDHF6eaCvVYZ4BnbDDJWkhnQGW5tWNayhu1UNna1qqI17d/Phl2ruaFVz6TSMjvoMt//ybz4bmijN/8eaz/8rc3Sko3T8P4R1M39j7s48Ml2Lr5+oywAAAAAcg4H/ffGbzeKl+f94e+f/x30iXYXM4bG4G2LLkhDG6gNZtX9YDmRHvQfyAAAAACwEtePxtWPhU/ltdop2Op8u5584wvzxwP/4nPl7Dz64vll/S/P/ifbO/++vv806cSj24mtLQlhUCPwg9rIamDESAz/+ZH0gH/+huAFuilXlJybUqropllgfA2NJYF+jEj+slTitPpA/WbXG99bGMZWXKAQAAADghIu7A+Jx+Xj+/4d+s/qaZuVK8//1R3b+/8w8uHR6//RACCu7Q+hKfxjwWH+2MGAMDHbkiYf6s7q60qqu7w/hnOrA0qpezNf/707XGHyqL6sqBk770P7Xz6gmvtkXwspi4OnP3XlWNbEzCdQa/8u+ED5QHW3a+HcWZY33pI1/fVEI7y8EalVdtiiEamO9aVWPVPLrGKRV/XMlhHcVArWqzq6EsCsAsEDF/0o3FR/csevaLRumpye3z2Mi7sPvC5unpidHN26d3lRp0KdNSZ/rljG6vjymdq9881y+RNFF964bbCdd+53gWLGtfD9+6cTB/H78LtQzM87VPXV316RD/siHy02EwjepRkPunOch9xcrmX0SS/XH/L1hICy6esfk9tEvbti5c/uq7G+72Vdnf+NhpmxbrUq3Vf9cfWvj5dFwtazE0W6rZcVKVu68ctvKHbuuXTF15YbLJy+fvGrV2avHzhxbM/bxM1dWRzWW/W0x1GVzVZ0M9a072xzXcRzq6d2FSk7Ep4aEhMRCS2wdWNb0/+TS/H9b8/l//NSJn/z5+gyNjv8Px8P82eOzh/nXx8C+do//Dzc6ml87MWAkCeyOgd0O8wMAAPDOECf5cW9m3Cv90+XfeblZudL8f3d7v/8/Tuv/15auP7/RMv/LY4mxRuv/p8v819b/391o/f90mf/a+v/73ob1/6+uBZJN8gvr/wMAAO8EJ279/5bL+6cXCChlaLm8f3qBgFKGlsv4t3uBgCNe///5//yr/w5NlOb/t7Y3/7dwPwAAAJw8vvxn1/xOs3hp/r+vvfn/iV//LzQ6/3+kUWCi0cKA1v8DAABggWq0/t/wjf2XNitXmv8faG/+H0+76KzLHWt9cyhb0y6ka9q9NlT7yQAAAAAsDJ1hdLSnzbx1K6OuPfo2n8mXAm2WLnrxTw4f2fn/B9ub/9f9LuOWJ5be3bX8gsffvG/F0pf3f2zvK7PH/wEAAID50+5+CQAAAAAAAAAAAAAA4O334n/sWdMsXvr9f1g383ij3//H6/7F3xe8uy53rLX1+n/5/Qs/fc+umSULHxsK4cPFwJY9W04J+bX5lxUDD1+y/D3VxJ60xIMvnPtSNXFpGvjUilPfqCbOSQLr4yKJ700D8aqKbyxOAnF5xX9PA3F7HEgDvXngq4uzcXSk2+qng9m26ki31bODISwpBGrb6v7BrI2OdIC3JYHaAL+QBuIA/zwPdKa9umcg61UMDMaidwxkvQIA4KQVvwX2hM1T05Nj8St8vD29u/42qluy7PpytR1tNv9cvjTZRfeuG2wn3ZV+F5291nhPqFSHsKr0dbWYpWNmlMenlhab7t0NhtxqtbfOBuVSR7rpehuPqC8b0ejGrdObeloOfE3rLKu7W2ZZVZrsFLN0zmzSNmppoy9tjKjNbdNGl+P9zjA62pXk+oMYHA51Wr0i2v29fnGdv0avgmKeqw7v/VWz+krz/+H25v+V4rjeyC8GsDteWe/vlljmHwAAAObXV9f++hvx32dvfPTpZnlL8/+R9ub/cQ9Wfig429txMF7/f++SEGYurT+cBe6KzV22JIQPzqQmYonsgvrnxxJjWeCuuMNkeSyxfqK+qkUxcCAJ/GQoDxxMAodiIN9LsT/ku3L+fiiEs2ZS6+pLbIslhpPAZ2JgJAmMxsBYElgcA+NJ4NXFeWAiCfxbDISp+m117+J8WwEAAByJfJ7VU383pPO8A92tMnS0ytDfKkNnqwyVVhkajSLe/3bM0JOcvNJRyNST1tqX1FLKEC+Gf8T9KmUIP6zPmRYsNR3PP6idb9BRn+GBT3RXQhOl+f9Ye/P//vrbrPVDcf4/e/2/LPCD2L2vxVPHR2Lgx5+sD+Q7Bg7Fye5Ntaom8hL5pP2mWGI8BkaSwLYYGE8C69flgX3vqQ/kM+1a43trjU/lJQoBAAAAOOHiDoK4mybO/+/Y8ZWBZuVK8//x9ub/sb2BYmM3xFoPLw7h/o7Z3tQCKwazQNyPMRh/Hv++wRBOKezgqJWY7M9K9CYNh+/3Zb9Q702r+l5f9uODeP/Cpx55+OZq4ra+EJYW9r7U2ni+krXRlwbO6M0C/Wlga3cWiHt+aoHvdmYBOGa1vYLxBZWf6lIzPHe5Bq+/d8o1QdPhlfaBzpFvrt9czZfSDtd8n2rNkT1tTfffctyU3h4HvdsW4rtt2Lut+EUq/4by1myoEjo3TW7ecPX0zvhI8ZesJfP0PBd/pdpO+ji8DncffW9bq6QdGEs+PsbmLjf367AjVnfLE0vv7lp+weP3rVj68v6P7X2l7W40EH8o/Mh1/zr4o8LmnW+VkL/mFtznyYTPk4X438CIpy2EsO7Vr9/ULF6a/0+0N//vTm5n/DpuzB1LQvhIYeM+Fjf/Hy/JPgcLgexT8l3lQHbI/b+GGn5yAgAAwPFW291R218wld9mJ4Sn8+Ry/okjzB/3V4zPmb/dfvf/9SVLm8VL8//1zef/i5JuOv7v+D/zxPH/OZ3su6IXpQ/sPqZd0aXqmBeO/8/pZH+3Of4/J8f/Hf+fi+P/LTj+P6eT/WkrfUva5ktXCOHlP3ro2Wbx0vx/W3vzf+v/zb1oX239v/WN1v/b1mj9v93W/wMAAOZVg4Xm0nleafW+UoZ09b5ShpYLBLZcYtD6f0e8/t9Lpz//m9BEaf6/u735f3w5DBRbXyjr/42sa1DVrTGwzcKAAAAAnIwa7SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg7fXAP/zPpmbxR3973rMvXDx+xZ61F7963XmnPhnC1MzjHVm4o//G28d/fve59+x5YPUd9x0+/6OVvFxPfvu7dbljrW8OhbCv8MhgTLw2VL0zG7jw0/fs6q4mHhsK4cPFwJY9W06pJr41FMKyYuDhS5a/p5rYk5Z48IVzX6omLk0Dn1px6hvVxDl5oCPt7j8uzrrbkXb35sUhLCkEat29YnF9VbU2/jQPdKZt/NNg1kYMDMai3xjM2oiB6VhialEIK7tD6EqrerSSVdWVVvUvlayqrrSqL1dCOCeE0J1W9UJvVlV3OvIne7OqYuC0D+1//YxqYl9vCCuLgac/d+dZ1cQXkkCt8b/oDeED1ZdM2vi3e7LGe9LGb+sJ4f0hhN60xC+7sxK9aYkXu0N4VyFQa/zz3SHsCrwjxA+fuk+0Hbuu3bJhenpy+zwmevO2+sLmqenJ0Y1bpzdVkj410lFIv3X90Y/9ude/tLF6e9G96wbbSXfn5Xpmury6p+7umpO997Ff/cVKZp+PUv0xf28YCIuu3jG5ffSLG3bu3L4q+9tu9tXZ3648mm2rVQtlWy0rVrJy55XbVu7Yde2KqSs3XD55+eRVq85ePXbm2Jqxj5+5sjqqsezv8RjqnSd+qKd3Fyo5ER8AEhISCy3RWffpNnayf5CXvujPdrQnVGY+oEvTimKWjplRHo9Brz3KER/N95SWI1pVmjiUsqyeI8v19VnWlCYTs7X0ZVlmvteVJofFxjpnNmm83xlGR7sabYfh+rvFzfuzY9i8z+Sbrt00AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/HDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8rcPo2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEsBAAD//+erI4o=")
chdir(&(0x7f0000000080)='./file0\x00')
rename(&(0x7f0000000300)='./file0\x00', &(0x7f00000000c0)='./file1\x00')
unlink(&(0x7f0000000300)='./file1\x00')

39.350475906s ago: executing program 5 (id=1267):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000400), 0xffffffffffffffff)
r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000600)='ns/pid\x00')
sendmsg$GTP_CMD_GETPDP(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x2c, r1, 0x1, 0x0, 0x0, {}, [@GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r2}, @GTPA_LINK={0x8}]}, 0x2c}}, 0x0)

38.827464966s ago: executing program 33 (id=1267):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000400), 0xffffffffffffffff)
r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000600)='ns/pid\x00')
sendmsg$GTP_CMD_GETPDP(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x2c, r1, 0x1, 0x0, 0x0, {}, [@GTPA_VERSION={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r2}, @GTPA_LINK={0x8}]}, 0x2c}}, 0x0)

38.713342285s ago: executing program 3 (id=1270):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x4f, &(0x7f0000000500)={&(0x7f0000000140)=@newqdisc={0x64, 0x24, 0x4ee4e6a52ff56561, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x2}, {0xffff, 0xffff}, {0x8, 0x8}}, [@qdisc_kind_options=@q_etf={{0x8}, {0x2f, 0x2, @TCA_ETF_PARMS={0xd, 0x1, {0x1008, 0x0, 0x1}}}}, @TCA_RATE={0x0, 0x5, {0xdd, 0xbe}}, @qdisc_kind_options=@q_qfg]}, 0x64}, 0x1, 0x0, 0x0, 0x40000}, 0x4040002)

38.177649157s ago: executing program 34 (id=1270):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x4f, &(0x7f0000000500)={&(0x7f0000000140)=@newqdisc={0x64, 0x24, 0x4ee4e6a52ff56561, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x2}, {0xffff, 0xffff}, {0x8, 0x8}}, [@qdisc_kind_options=@q_etf={{0x8}, {0x2f, 0x2, @TCA_ETF_PARMS={0xd, 0x1, {0x1008, 0x0, 0x1}}}}, @TCA_RATE={0x0, 0x5, {0xdd, 0xbe}}, @qdisc_kind_options=@q_qfg]}, 0x64}, 0x1, 0x0, 0x0, 0x40000}, 0x4040002)

15.755889563s ago: executing program 7 (id=1435):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x200008, &(0x7f0000000340)={[{@grpquota}, {@nombcache}, {@init_itable_val={'init_itable', 0x3d, 0x5}}, {@oldalloc}]}, 0x1, 0x504, &(0x7f0000001000)="$eJzs3c9vI1cdAPDveOPEyaZNWnoABO3SFha0WifxtlHVA5QTQqgSokeQtiHxRlHsOIqd0oQ9pGckTkhU4gRH/gDOPXHnguDGpRyQ+BGBGiQORjMep07W3gSS2FH8+UijeW/erL/vbXbei7/Z+AUwtu5ExEFETEbEuxExl19P8iPe6hzpfZ8cPl49Ony8mkS7/c7fk6w9vRY9fyZ1O3/NUkR871sRP0yejNvc299cqdWqO3l9oVXfXmju7d/fqK+sV9erW5XK8tLy4hsPXq9c2lhfqk/mpS9+/LuDr/047dZsfqV3HJepM/TicZzURER85yqCjcCtfDyTo+4I/5dCRDwfES9nz/9c3Mq+mgDATdZuz0V7rrd+LDlZBQBuikKWA0sK5TwXMBuFQrncyeG9EDOFWqPZuveosbu11smVzUex8GijVl3Mc4XzUUzS+lJW/rReOVV/EBHPRcTPpqazenm1UVsb5Tc+ADDGbp9a//811Vn/AYAbrjTqDgAAQ2f9B4DxY/0HgPFj/QeA8dNZ/6dH3Q0AYIi8/weA8WP9B4Cx8t23306P9lH++ddr7+3tbjbeu79WbW6W67ur5dXGznZ5vdFYzz6zp37W69Uaje2l12L3/fmvbzdbC829/Yf1xu5W62H2ud4Pq8XsroMhjAwAGOS5lz76Y5KuyG9OZ0f07OVQHGnPgKtWGHUHgJG5NeoOACNjty8YXxd4j1+M+KkUAdwAfbboPaHU7xeE2u12++q6BFyxu5+T/4dx1ZP/97+AYczI/8P4kv+H8dVuJ+fd5D/OeyMAcL3J8QMDfv7/fH7+df7DgR+snb7jw6vsFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFxv3f1/y/le4LNRKJTLEc9ExHwUk0cbtepiRDwbEX+YKk6l9aUR9xkAuKjCX5J8/6+7c6/Onmh68fZxcTIifvSLd37+/kqrtfP7iMnkH1Pd660P8+uV4fceADhbd53Ozj1v5D85fLzaPYbZn79+MyJKnfhHh5NxdBx/IiaycymKETHzzySvdyQ9uYuLOPggIj7bb/xJzGY5kM7Op6fjp7GfGWr8won4haytc07/Lj5zCX2BcfNROv+81e/5K8Sd7Nz/+S9lM9TF5fNf+lKrR9kc+Gn87vx3a8D8d+e8MV777bc7pekn2z6I+PxERDf2Uc/8042fDIj/6jnj/+kLL748qK39y4i70T9+b6yFVn17obm3f3+jvrJeXa9uVSrLS8uLbzx4vbKQ5agXBq8Gf3vz3rOD2tLxzwyIXzpj/F8+5/h/9Z93v/+lp8T/6iv94hfihafET9fEr5wz/srMb0qD2tL4awPGf9bX/94543/85/0ntg0HAEanube/uVKrVXcUFK5/If0new260bfwjWHFmoz+TT95pfNMn2rqfu//P8YaNGNcRtYNuA6OH/qI+PeoOwMAAAAAAAAAAAAAAPQ1jN9YGvUYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLn+GwAA//+hm8cd")
creat(0x0, 0x182)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x40, &(0x7f0000000040)={[{@errors_remount}, {@grpquota}, {@dioread_nolock}]}, 0x1, 0x573, &(0x7f0000000ec0)="$eJzs3T1sG+UbAPDnzvG/X/mTIoEEqEMFSEWq6iT9gMLUrohKlTogsUDkuFEVJ47iBJooQ7pXiA4IUJeywcAIYmBALIysLCBmpIpGIDUdwMhfaZo4wSl1XHK/n3T2vfee/bzvnZ/XvtOdHEBmHa0/pBHPRsTFJGJoXd1AtCqPNtdbXVkq3ltZKiZRq136LYkkIu6uLBXb6yet50MRsRwRz0TEd/mI4+nmuNWFxcmxcrk02yoPz03NDFcXFk9cmRqbKE2Upk+98uqZs6fPjJ4cXf+ye7X1pfzO+nr95xvvX//h9Vs3Pv/iyHLxw7EkzsVgq259Px6l5jbJx7kNy0/3IlgfJf1uAA8l18rzeio9HUORa2V9J7WhXW0a0GO1fRE1IKMS+Q8Z1f4dUD/+bU+7+fvj9vnmAUg97mpratYMNM9NxP7GscnB35MHjkzqx5uHd7Oh7EnL1yJiZGBg8+c/aX3+Ht7Io2ggPfXt+eaO2rz/07XxJzqMP4Ptc6f/Unv8W900/t2Pn9ti/LvYZYw/3/rlky3jX4t4rmP8ZC1+0iF+GhHvdBn/5ptfn92qrvZpxLHoHL8t2f788PDlK+XSSPOxY4xvjh15bbv+H9wifvOc7f7G10yn7T/TZf+/+v7L55e3if/SC9vv/07b/0BEfNBl/CfvfvbGVnW3ryV36r8Cdrr/68tudRn/5XNHf+pyVQAAAAAAAAAAYAfSxrVsSVpYm0/TQqF5D+9TcTAtV6pzxy9X5qfHm9e8HY582r7SaqhZTurl0db1uO3yyQ3lU7lWwNyBRrlQrJTH+9x3AAAAAAAAAAAAAAAAAAAAeFwc2nD//x+5xv3/G/+uGtirtv7Lb2Cvk/+QXQ/mf9K3dgC7z/c/ZFZN/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv8AAAAAAAAAAAAAAAAAAAAAAAAAANATFy9cqE+1eytLxXp5fGBhfrLy7onxUnWyMDVfLBQrszOFiUplolwqFCtT//R+SaUyMxLT81eH50rVueHqwuLbU5X56fZ/ipbyPe8RAAAAAAAAAAAAAAAAAAAA/PcMNqYkLURE2phP00Ih4v8RcTjyyeUr5dJIRDwRET/m8vvq5dF+NxoAAAAAAAAAAAAAAAAAAAD2mOrC4uRYuVyazcjMwE5WjojlR9uM+jvu+FX51r56XLahmSzM9HlgAgAAAAAAAAAAAAAAAACADLp/02+3r/irtw0CAAAAAAAAAAAAAAAAAACATEp/TSKiPh0benFwY+3/ktVc4zki3rt56aOrY3Nzs6P15XfWls993Fp+sh/tB7rVztN2HgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3VRcWJ8fK5dJsD2f63UcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh/F3AAAA///pCdd8")
open$dir(&(0x7f0000000240)='./file1\x00', 0x2200, 0x1d)

14.958734169s ago: executing program 7 (id=1445):
socket$kcm(0x2, 0xa, 0x73)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
socket$kcm(0x2, 0xa, 0x73)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2673004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

14.237600339s ago: executing program 7 (id=1452):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000010c0)={0x44, &(0x7f0000000080)=ANY=[@ANYBLOB="00000100000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f00000006c0)={0x2c, &(0x7f0000000200)=ANY=[@ANYBLOB="000149000000210e6e7adefdbb98a6817d46fdc00004684df126bafdad0000002d5279ed005a0a7e0b983cbdd419d9e99062c937725afc1391c20e8ce09d478441c5181946856e"], 0x0, 0x0, 0x0, 0x0})

12.481125697s ago: executing program 7 (id=1472):
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000080)='./file0\x00', 0x80, &(0x7f0000000240)={[{@umask={'umask', 0x3d, 0xe}}, {@nodecompose}, {}, {@nobarrier}, {@nobarrier}, {@umask={'umask', 0x3d, 0x3}}, {@nls={'nls', 0x3d, 'iso8859-13'}}]}, 0x44, 0x708, &(0x7f0000001f80)="$eJzs3U1sHGf5APBn1uu1N5XcbZu0/f+FFKsRETSQ2FlKgoSEqRDyoUKRuPS6JE5jee1GtoucCBEXKBzhhHLooQiZQ0+oB6QiDgg4IyFxRblH4kzEgUUzO7PeD3u92/gjCb+fNDvvzLwfzzydeb0722gD+J+1+HZMbkcSixfe2kq3H+zUmw926qtFOSKmIqIUUW6vIlmLSP4csRDtJf4v3Zl3l+w3zhsPP/3w/P2P6+2tcr5k9UvD2u1qDRlhO19iNiIm8vWYyvv1dz3eHOjv3lhdJ52404SdKxIHJ601YHuc5iPct8CT7l7ExOQe+2sRpyJiOn8fEPnsUDrm8A7dWLMcAAAAPJkmDqrw/KN4FFsxczzhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwLMhaf9mYJIvpaI8G0nx+/+VfF+qUjnheIf70gHHP7h5TIEAAAAAAAAAwJH4JP/i/uyjeBRbMVPsbyXZd/6vZRuns9fn4r3YiKVYj4uxFY3YjM1Yj/mIyZmuDitbjc3N9fnBlr+MtGWr1bqXt7wcEbWBlpf3CbR0yCcOAAAAAAAAAM+mH8VizJx0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0C2JmGivsuV0Ua5FqRwR0xFRSettR/yhKD/N/njSAQAAAMDRq+brmeQ/7UIryT7zv5x97p+O92ItNmM5NqMZS3EjexbQ/tRf+tt2vflgp76aLoMdf/OfY8WR9RgRE/H+PiPPZTXOdFosxrfju3EhZuNarMdyfD8asRlLMRvV9CSiEUnUqu2nF7Uizr3jXejZutYf29m+7VezSKpxM5az2C7G9Uq0H5tk55CO+WrXaL+rRPSN+H6aneQbuRFzdKPrv9cv8ucyudbzI/ZxNGrZmU92MjKX5j7PxgvDcz/mddI/0nyUOs+gTu+Okm72j1Tk/Hvj5PxUezWdvvy0N+eHbcxHaf2ZuByl/OqLeLk357c/f//F3sZf/Pufrt0qra3curlx4QhP6XHMHlRhsij0Z6LelYlXhl99eSaaaSa2R8/EZP+O6VFbHq1Kno1sKhpxtvxWVmrEa12X4LtxI5biSszFfFyNufhaXI565wpLlzM9eS3XV3tzkt1rpcH5rTok+HNf6Kr0swMqH680Ly905bV7pqtlx/I9Cz+Pua6r78XhV9/YfwXS8f8/L6dj/LjzF+dJ0JOJfG4uontpeCZ+1UpfN5prK+u3GrdHHO98vk5v2w965+Zfjx51/1/3w5BeL+mMW862spxUi+slPfZSJ9refFXyb1za7UoDx850jtViJpbjO/veqZX8PdxgT+1jr3Qf+8fuzFnJ398Ux3re5cS70czehfQ5cKoG4Jidev1Upfqw+tfqR9WfVG9V35p+c+rq1OcqMfmX8u8nflv6TenryevxUfwwZk46UgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBZs3Lm70mg2l9Y7hZju3/O4hcq+Yw0vROnAOjvPjdZh1CKGj5XkhcrhnvvTWKhG357iF5bWFyLiMXr+ZHjzymMHn4x9jY1dSPNwKB22Wu2kZntaE2M0Lxet9q5Tjo3pWGkk5T3uuKnduyBqK43mv1s9zavRdcsAz7hLm6u3L23cufvl5dXGO0vvLK1dvnrl6pX6V+e/cunmcnNprv26d9vW1HFHCxymjTt3J/bYPfBLtwAAAAAAAAAAAMCTI/+//zc/8z9mKO996F9FobK+sffIZ4/7VAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICn1OLbMbkdSczPXZxLtx/s1JvpUpR3a5YjohQRyQ8ikkrEQrSXqHV1l+w3zhsPP/3w/P2P67t9lYv6pWHtRrOdLzEbERP5+mBTe3Qz2N/1rv62P1N4SecM04SdKxIHJ+2/AQAA//908/ZL")
mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='debugfs\x00', 0x0, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents(r0, &(0x7f0000000440)=""/170, 0xaa)

12.122370201s ago: executing program 7 (id=1478):
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005940)=[{{&(0x7f0000001940)={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000002b00)=[{&(0x7f0000001980)="e3c5", 0x2}], 0x1}}, {{&(0x7f0000002b80)={0x2, 0x4e21, @loopback}, 0x10, &(0x7f00000031c0)=[{&(0x7f0000002bc0)="f8d2", 0xffffff8f}], 0x1}}], 0x2, 0x50)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x679, @dev={0xfe, 0x80, '\x00', 0x27}, 0x2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000005400)=[{{&(0x7f0000000040)={0xa, 0x4e27, 0xfff, @remote, 0x2}, 0x1c, 0x0}}], 0x40000000000016d, 0x1000)

11.651625509s ago: executing program 7 (id=1483):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x7a000}], 0x1, 0x33000, 0x0, 0x3f)

11.354755551s ago: executing program 35 (id=1483):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x7a000}], 0x1, 0x33000, 0x0, 0x3f)

3.518133849s ago: executing program 6 (id=1532):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000380)={<r1=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000240)={r1, 0x1, r0, 0x6})

3.495097597s ago: executing program 1 (id=1533):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0x4008ae48, 0x0)

3.121305358s ago: executing program 1 (id=1535):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'bond0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0003000000320001140012800b0001006c6f7770616e00000400028008000500", @ANYRES32=r1], 0x44}}, 0x0)

2.954514248s ago: executing program 1 (id=1537):
pipe(&(0x7f0000000080))
r0 = syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0xc4bc, 0x10100, 0x0, 0xbe}, &(0x7f0000002000)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(r0, 0x48eb, 0x1158, 0x2, 0x0, 0x0)

2.720545601s ago: executing program 1 (id=1538):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)=0xdf)

2.449289482s ago: executing program 6 (id=1540):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a50000000060a010400000000000000000a0000030900010073797a31000000002400048020000180070001006374000014000280080002400000000108000140000000090900020073797a320000000014000000110001"], 0x78}, 0x1, 0x0, 0x0, 0x4008091}, 0x24000000)
syz_emit_ethernet(0xfc0, &(0x7f0000002700)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd606410a60f8a00000000000000000000e0ff000012000000fe8000000000000000000000000000aa84"], 0x0)

2.237483044s ago: executing program 6 (id=1541):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x400, &(0x7f0000000140)=ANY=[], 0x1, 0x68b, &(0x7f0000000a40)="$eJzs3U1sHGf9B/DvbnbX3vz/Sp02SQOqRNRIBRGROLGSYi4NCKFIVKgqB8TRSpzGyiatHBc5EYLwfuDCoXeKRG5cQOIeVM7AqVcfKyFx6SmAxKKZnbXXL7F3ndhri88nmp3nmedlnuc3Mzu7s4oc4H/WtXNpPE4t1869uVzkVx7NdFYezdzpp5NMJKknjd4qtbtJ7aPkanpLPlNsrLqrPW0/HyzMvv3xpyuf9HKNainr17drt8mV+hYbH1ZLziQ5Uq2fwbr+rm/orzVyd7XVGRYBO9sPHIxbM0l3ne+eWivZ0fDXLXBg1Xr3zU0X9FRyNMlk9Tmgd1fs3bMPtYfjHgAAAADsgxd+WX6FPzbucQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBhUv39/1q11PvpM6n1//5/q9qWKn2oPR73AAAAAAAAAABgdN/8/w0bPvckT7KcY/18t1b+5v9qmTlRvv5f3s+9zGcx57OcuSxlKYu5mGSqLG+Wr63luaWlxYtDtLy02jIDLS8NOYP27icPAAAAAAAAAIdFY/QmP861td//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgIKglR3qrcjnRT0+l3kgymaRV1HuY/LWfPpB+/afBXPff3dKmao/3c0wAAAAwJi88yZMs51g/362V3/lPld/7J/N+7mYpC1lKJ/O5UT4L6H3rr688mumsPJq5Uyyb+/3qP0YaRtljes8ett7z6bJGOzezUG45n+t5N53cSL1sWTjdH8/W4/pRMabaG5UhR3ajWhcz/1WaI81qN2pD15wqI1KMqBeR6aptEY3j20dixKPT31M/9hdTX33yc+J5xny5t3r9t711MZ+fjxSTvbYxEpcGzr5T20ci+fwff/edW527tydu3jt3cKY0gomBJ2gbIzEzEImXh43ErcMaiUHTZSROruav5Rv5ds7lTN7KYhbyvcxlKfM5k69nLkcyV53PxevU9pG6ui731k4jaZXHpVm9iw4/pqXM5dWy7bEs5Ft5Nzcynyvlv0u5mNdzOZczO3CETw5x1ddHe6c9+4WBh8m/SNIert0+KAZ2fPXuNHjWT5fXwfF1W9ai9OLzvx81Plslin38pFofDBsjcXEgEi9tH4nflG8r9zp3by/emntvyP29Vq2L6+hnB+ouUZwvLxYHq8ytPzuKspc2lk324tWqfnHpla2/4xZlJ1fLdrpSW9VnuM09XSrLXt6ybKYsOz1Qtu7z1tXe5y0ADryjXzzaav+9/Zf2h+2ftm+135z82sSXJ15ppfnn5lca00deq79S+0M+zA/Wvv8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC7d+/+g9tznc784oZEt9v94VOK9jDRTtLfkuzUqpmd6+xNopWkTDT6idH6mRiqcmvt6Lzx+2cZc3PUVslzCVSjOsnuP7j9z263u++HaYtEc5tzfi3RrWwq6g7VfGyJf3WfX4djfmMC9tyFpTvvXbh3/8GXFu7MvTP/zvzd2cuXZ6dnL1/524WbC5356d7ruEcJ7IW1m/64RwIAAAAAAAAAAAAMaz/+W8JTdv2ffZ4qAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcEhdOzdRpc5PF68rj2Y6xdJPr1Ysq9WT1L6f1D5Krqa3ZGqgu9rT9vPBwuzbH3+68kkv16iWsn59XbvmbmbxsFpyJsmRaj1o8hn6u16tdzWyUm11hkXAzvYDB+P23wAAAP//+B8RmQ==")
r0 = open(&(0x7f0000000100)='./file1\x00', 0x147842, 0x88)
preadv2(r0, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0xfffffdef}], 0x1, 0x0, 0x0, 0x7)

1.72529446s ago: executing program 2 (id=1546):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@ipv6_newrule={0x40, 0x20, 0x1, 0x70bd27, 0x0, {0xa, 0x0, 0x20, 0x40, 0x0, 0x0, 0x0, 0x7}, [@FRA_SRC={0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @FIB_RULE_POLICY=@FRA_SUPPRESS_IFGROUP={0x8, 0xd, 0x8}, @FIB_RULE_POLICY=@FRA_SUPPRESS_PREFIXLEN={0x8, 0xe, 0x3800}]}, 0x40}, 0x1, 0x0, 0x0, 0x24048844}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='\\\x00\x00\x00!'], 0x5c}}, 0x0)

1.52431102s ago: executing program 2 (id=1548):
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

1.381165008s ago: executing program 4 (id=1549):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(0xffffffffffffffff, 0x50009418, &(0x7f0000001280)={{}, 0x0, 0x2, @inherit={0x48, &(0x7f00000002c0)={0x1, 0x0, 0x9, 0x4ff1, {0x2, 0x6, 0x4cd5, 0x1, 0x6}}}, @subvolid=0x4})
r0 = io_uring_setup(0x5d1c, &(0x7f0000000080)={0x0, 0x4075, 0x18, 0x3})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

1.180375424s ago: executing program 6 (id=1550):
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x25dfdbfe, 0x80201469}, 0xc)
r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/netlink\x00')
read$msr(r1, &(0x7f0000000040)=""/59, 0xffb5)

1.045014158s ago: executing program 4 (id=1551):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000000)={'team0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=@newlink={0x58, 0x10, 0xffffffffffffffff, 0x70bd28, 0x25dfdc01, {0x0, 0x0, 0x0, 0x0, 0x0, 0x823}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x3}, @IFLA_VLAN_PROTOCOL={0x6, 0x5, 0x88a8}]}}}, @IFLA_BROADCAST={0xa, 0x2, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x58}, 0x1, 0x0, 0x0, 0x4044064}, 0x40000)

992.867094ms ago: executing program 6 (id=1552):
syz_mount_image$jfs(&(0x7f0000000080), &(0x7f0000000100)='./file1\x00', 0x1000000, &(0x7f00000002c0)=ANY=[], 0x1, 0x6229, &(0x7f0000001080)="$eJzs3c1vHGcdB/Df7JtfStOoh6pECLlteCmleS0hUKDtAQ5cOKBcUSLXrSJSQElAaRURV75w4I8AIXFBQogjJ/6AHrhy4w8gUoIE6qmD1n4eZzxde+2k3ln7+XwkZ+Y3z4z3mXx3vLueGT8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMQPf/Dj81VEXP1VWnAy4nPRj+hFLI3rlYhYWjmZ1x9ExPOx2RzPRcRwIaLKjc9EvBYRH52IePDw7up40YV99uP7f/nnH37y1I/+8efh2f/99Xb/9d3Wu3Pnt//9273H318AAAAoUV3XdZU+5p9Kn+97XXcKAJiJ/PpfJ3m5eu7q9Tnrj1qtVquPYN1UT3avWUTEenOb8XsGp+MB4IhZj4+77gIdkn/RBhHxVNedAOZa1XUHOBQPHt5drVK+VfP1YGWrPV8LsiP/9Wr7/o7dptO0rzGZ1fNrI/rx7C79WZpRH+ZJzr/Xzv/qVvsorXfY+c/KbvmPtm59Kk7Ov9/Ov+X45N+bmH+pcv6DA+Xflz8AAAAAAMyx/Pv/kx2f/1148l3Zl73O/67MqA8AAAAAAAAA8Fl70vH/tlXG/wMAAIB5Nf6sPva7E4+WNa/1H8XO5VeqiKdb6wOFSTfLLHfdDwAAAAAAAAAAAAAoyWDrGt4rVcQwIp5eXq7revzV1K4P6km3P+pK338oWdc/5AEAYMtHJ1r38lcRixFxJf2tv+Hy8nJdLy4t18v10kJ+PztaWKyXGp9r83S8bGG0jzfEg1E9/maLje2apn1entbe/n7jxxrV/X10bDY6DBwAImLr1eiBV6Rjpq6fia7f5XA0OP6PH8c/+9H18xQAAAA4fHVd11X6c96n0jn/XtedAgBmIr/+t88LqNVqtVqtPn51Uz3ZvWYREevNbcbvGQzHDwBHzHp83HUX6JD8izaIiOe77gQw16quO8ChePDw7mqV8q2arwdpfPd8LciO/Nerze3y9pOm07SvMZnV82sj+vHsLv15bkZ9mCc5/147/6tb7aO03mHnPyu75T/ez5Md9KdrOf9+O/+W45N/b2L+pcr5Dw6Uf1/+AAAAAAAwx/Lv/0/O1fnf0ePuzlR7nf9dObRHBQAAAAAAAIDD9eDh3dV832s+//+FCeu5//N4yvlX8i9Szr/Xyv+rrfX6jfn7bz3K/z8P767+8fa/P5+n+81/Ic9U6ZlVpWdElR6pGqTpk+zdp20M+6PxIw2rXn+Qrvmph+/E9bgRa3Fux7q99P/xqP38jvZxT4eb7XV/q/3CjvbBdnve/uKO9mG60qleyu1nYjV+Hjfi7c32cdvClP1fnNJeT2nP+fcd/0XK+Q8aX+P8l1N71ZqO3f+w96njvjmd9DhvXv/ib84d/u5MtRH97X1rGu/fix30Z/P/5KlR/PLW2s0zd67dvn3zfKTJjqUXIk0+Yzn/Yfra/vn/0lZ7/rnfPF7vfzg6cP7zYiMGu+b/UmN+vL8vz7hvXcj5j9JXzv/t1D75+D9A/r0/zWxf9mOv4/+VDvoDAAAAAAAAAAAAAAAAe6nrevMW0Tcj4lK6/6erezMBgNnKr/91kpfPqu7P+PHU6iNeV3PWn5nWn9Tz1R+1+ijWTfVkbzSLiPh7c5vxe4ZfT/pmAMA8+yQi/tV1J+iM/AuW/97feHq6684AM3Xr/Q9+eu3GjbWbt7ruCQAAAAAAAADwuPL4nyuN8Z9P13V9r7XejvFf34qVJx3/dZBntgcY3WWg6v7B92kvG71Rv9cYbvyF2G387+H23F7jfw+mPN5wSvtoSvvClPbFKe0Tb/RoyPm/0Bjv/HREnGoNv/7Y47/Omb3Gf22PeV+CnP+LjefzOP+vtNZr5l///ijn39uR/9nb7/3i7K33P3j1+nvX3l17d+1nF8+fP3fx0qXLly+ffef6jbVzW/922OPDlfPPY1+7DrQsOf+cufzLkvP/UqrlX5ac/5dTLf+y5Pzz+z35lyXnnz/7yL8sOf+XUy3/suT8v5Zq+Zcl5/9KquVflpz/11Mt/7Lk/F9NtfzLkvM/k2r5lyXnfzbV+8x/6bD7xWzk/PMZLsd/WXL++coG+Zcl538h1fIvS87/YqrlX5ac/2upln9Zcv7fSLX8y5Lzv5Rq+Zcl5//NVMu/LDn/y6mWf1ly/t9KtfzLkvP/dqrlX5ac/+upln9Zcv7fSbX8y5Lz/26q5V+WnP/3Ui3/suT830i1/Mvy6O//mzFjxkye6fonEwAAAAAAAAAAAADQNovLibveRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCnv3FiPXXd8B/MzevHEgMRBSJzVh7RhjnE12fYkvtC4mXBtuJSEUesF2vWuz4BteuwQa1Y4CJRJGRRVtw0NbQKjNS4VV8UArQHlArSpVgvaBviAqVB6iKqCAVKmtgK1mzv//35nZ2Zld73hz5pzPR0p+2Zkzc86cOXN2v7v5zgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQbOsbZj9Vy7KsVqvlF2zKshfV500TmxqXvPaF3T4AAABg7X7e+Pfzt6YLjqzgRk3L/NNd3/7qwsLCQva+4T8d/dzCQrpiIstGN2RZ47ro2g/eX2teJngiG68NNX091GP1wz2uH+lx/WiP68d6XL+hx/XjPa5fsgOWuCmrpTvb3vjPTfkuzW7LRhvXbe9wqydqG4bq+y7dNqs1brMwejKby05ns9l0y/L5srXG8l/fWl/XW7O4rqGmdW2pHyE/eexE3IZa2MfbW9a1eJ/Rj16fTfz0J4+d+OuLz93RafbcDS33l2/nzm317fxEuCTf1lq2Ie2TuJ1DTdu5pcNzMtyynbXG7er/3b6dz69wO4cXN3NdtT/n49lQ47+/09hPI7Wsw37aEi77n7uzLLuyuNntyyxZVzaUbWy5ZGjx+RnPj8j6fdQPpZdmI92P04Vay3G6dQXHaX3ObG89TttfE/H53xpuN7LMNjQ/TT96fKzpef/ZwvUcp1H9US/3Wmk/Bvv9WinKMRiPi+80HvSTHY/B7eHxP7Zj+WOw47HT4RhMj7vpGNzW6xgcGhtubHN6EmqN2yweg7tblh9urKnWmM/u6H4MTl08c35q/mMfv3fuzPFTs6dmz+7dvXt67/79Bw8enDo5d3p2Ov/3de7t4tuYDaXXwLaw7+Jr4NVtyzYfqgtfHFty/r3e1+F4l9fhprZl+/06HGl/cLX1eUEuPabz18Z76jt9/OpQtsxrrPH87Fr76zA97qbX4UjT67Dj95QOr8ORFbwO68uc37Wyn1lGmv7ptA3Lfy9Y2zG4qekYbP95pP0Y7PfPI0U5BsfDcfG9Xct/L9gStvfJydX+PDK85BhMDzece+qXpJ/3xw82Rqfj8s76FTePZZfmZy/c9+jxixcv7M7CWBcvazpW2o/XjU2PKVtyvA6t+ng9MnfXk3d2uHxT2Ffj99b/Nb7sc1VfZt993Z+rxne3zvuz5dI9WRh9tt77s9N38/r+HMuyz3/r8Ye+8djn37Ds/qznzU9Mrf1n8ZRLm86/o8ucf2Pu/0W+vnRXTwyPjuSv3+G0d0ZbzsetT9VI49xVa6z7+amVnY9Hwz/rfT6+rcv5eHPbsv0+H4+2P7h4Pq71+m3H2rQ/n+PhODk93f18XF9m857VHpMjXc/Hd4dZC/v/NSEppFzUdOwsd9ymdY2MjIbHNRLX0Hqc7m1ZfjRks/q6nt5zfcfpzrvz+xpOj27Reh2nE23L9vs4Tb/7Wu44rfX67dv1aX8+x8Nxcdve7sdpfZln9q393HlT/M+mc+dYr2NwdHisvs2j6SBsnO+zhZviMXhfdiI7l53OZhrXjjWOp1pjXZP3r+wYHAv/rPe5cnOXY3Bn27L9PgbT97Hljr3ayNIH3wftz+d4OC6eur/7MVhf5o0H+vuz685wSVqm6WfX9t+vLfc7rzvbdtONOlZGwnZ+60D3383Wlzl9cLU5s/t+uidccnOH/dT++l3uNTWTrc9+2hy287mDy++n+vbUl/ncoRUeT0eyLLv8kQcav+8Nf1/5u0vf/WrL3106/U3n8kce+PGLT/7jarYfgMH3i3xszL/XNf1laiV//wcAAAAGQsz9Q2Em8j8AAACURsz98f8KT+R/AAAAKI2Y+0fCTCqS/ze/8bm5X1zOUjN/IYjXp93wYL5c7LhOh68nFhbVL3/gy7P//Q+XV7buoSzLfvbgH3RcfvODcbtyE2E7r72p9fIlvnrvitZ97JHLab3N/fUvhPuPj2elh0GnCu50lmVfv/UzjfVMvP9qYz7z4LHGfOjKk0/Ul3n+UP51vP2zL8uX/4tQ/j1y8njL7Z8N++GHYU6/rfP+iLf7ytXXbDnw3sX1xdvVtt3SeNhPfSC/3/g+OZ99Il8+7ufltv8bn376K/XlH31V5+2/PNR5+58O9/vlMP/3Ffnyzc9B/et4u0+G7Y/ri7e770vf7Lj91z6VL3/+zflyx8KM698Zvt7+5ufmmvfXo7XjLY8re0u+XFz/9Hf/uHF9vL94/+3bP370asv+aD8+nvm3/H6m2paPl8f1RH/ftv76/TQfn3H9T//RsZb93Gv91x569hX1+21f/z1ty53/yK7G+hfvr/Udm/7yk5/puL64PUf+9nzL4zny7vA6Dut/6gPheAzX/9+1/P7a313h2Ltbzz9x+S9sutzyeKK3/jRf/7XXnWrMDeM3bbz5RS++5cor6/suy76zIb+/Xus/9VfnWrb/i7fn+yNeHzv67etfTlz/hY9Onj03f2luJu3Vx25tvHfO2/Ptidt7azi3tn999NzFD85emJiemM6yifK+hd51+1KYP87Hle5LLyw5g+56JDyfd/751zfu+NdPx8v//T355Vffln/fenVY7rPh8k3h+Vvd+pd6auvtjdd37ZmwhQtL3y94LbZs/6+DK1owPP72nwvi8X7+5R9s7If6dY3vG/F1vcbt//5Mfj9fC/t1Ibwz87bbF9fXvHx8b4SrD+ev9zXvv3Cai8/r34Tn+x0/zO8/bld8vN8PP8d8c3Pr+S4eH1+7PNR+/4138bgSzifZlfz6uFTc31efv73j5sX3Icmu3NH4+k/S/dyxqoe5nPmPzU+dnjt76dGpi7PzF6fmP/bxo2fOXTp78WjjvTyPfqjX7RfPTxsb56eZ2f37ssbZ6lw+brAXevvPP3Ji5sD0jpnZk8cvnbz4yPnZC6dOzM+fmJ2Z33H85MnZj/a6/dzM4d17Du09sGfy1NzM4YOHDu09NDl39lx9M/KN6mH/9Icnz1442rjJ/OF9h3bff/++6ckz52ZmDx+Ynp681Ov2je9Nk/Vb//7khdnTxy/OnZmdnJ/7+Ozh3Yf279/T890Az5w/OT8xdeHS2alL87MXpvLHMnGxcXH9e1+v21NO8/+R/zzbrpa/EV/2rnv2p/dnrfvy48veVb5I2xuIPhfei+afX3L+4Eq+jrl/NMykIvkfAAAAqiDm/rEwE/kfAAAASiPm/g1hJvI/AAAAlEbM/eNhJhXJ/6Xr/2++vKL16//r/zfvL/3/ivX/Hy5a/z8/X+j/98da+/f6/4H+v/6//v/A9P8Xwjck/X+KqGj9/5j7b8qySuZ/AAAAqIKY+zeGmcj/AAAAUBox998cZiL/AwAAQGnE3P+iMJOK5H/9f/1//X/9f/3/zuvX/x9M+v/d6f/3oP8/lVWr/3+ln9vv8//1/1mqaP3/mPtfHGZSkfwPAAAAVRBz/y1hJvI/AAAAlEbM/beGmcj/AAAAUBox928KM6lI/tf/1//X/9f/1//vvH79/8Gk/9+d/n8P+v8+/1//X/+fvipa/z/m/peEmVQk/wMAAEAVxNz/0jAT+R8AAACKZ+T6bhZz/8vCTJbk/+tcAQAAAPCCi7n/tqytCF6Rv//r/+v/F7//vyFdp/+v/58Vsv8/nOn/F4f+f3f6/z3o/+v/6//r/9NXRev/N3J/Np69PMykIvkfAAAAqiDm/tvDTOR/AAAAKI2Y+38pzET+BwAAgNKIuX9zmElF8r/+v/5/8fv/Pv9f/7/o/X+f/18k+v/d6f/3oP+v/6//r/9PXxWt/x9z/x1hJhXJ/wAAAFAFMfffGWYi/wMAAEBpxNz/y2Em8j8AAACURsz9W8JMKpL/9f8L3v+PzVH9f/1//X/9f/3/FdH/707/vwf9f/1//X/9f/qqaP3/mPtfEWZSkfwPAAAAVRBz/11hJvI/AAAAlEbM/a8MM5H/AQAAoDRi7p8IM6lI/tf/L3j/P+/Bj/n8f/1//X/9f/3/ldH/707/v4dwmvtRlmX6//r/+v/6/6xd0fr/MfdvDTOpSP4HAACAKoi5f1uYifwPAAAApRFz/91hJvI/AAAAlEbM/dvDTCqS//X/B6L/n+n/6//r/+v/6/+vjP5/d/r/Pfj8f/1//X/9f/qqaP3/mPtfFWZSkfwPAAAAVRBz/44wE/kfAAAASiPm/leHmcj/AAAAUBox9+8MM6lI/tf/1//X/9f/1//vvH79/8Gk/9+d/n8P+v/6//r/+v/0VdH6/zH3vybMpCL5HwAAAKog5v5dYSbyPwAAAJRGzP33hJnI/wAAAFAaMfdPhplUJP/r/+v/6//r/+v/d16//v9g0v/vTv+/B/1//X/9f/1/+qpo/f+Y++8NM6lI/gcAAIAqiLn/vjAT+R8AAABKI+b+qTAT+R8AAABKI+b+6TCTiuR//X/9f/1//f9V9f9fuXi/+v85/f9i0f/vTv+/B/1//f8XvP8/qv9PqRSt/x9z/+4wk4rkfwAAAKiCmPv3hJnI/wAAAFAaMffvDTOR/wEAAKA0Yu7fF2ZSkfyv/6//r/+v/+/z/zuvX/9/MOn/d9f//n98iPr/+v/6/z7/X/+fpYrW/4+5//4wk4rkfwAAAKiCmPv3h5nI/wAAAFAaMfcfCDOR/wEAAKA0Yu4/GGZSkfyv/6//r/+v/6//33n9+v+DSf+/O5//30Px+v+va775evb/6+vS/9f/1/9n9R7+w+avitb/j7n/UJhJRfI/AAAAVEHM/a8NM5H/AQAAoDRi7v+VMJPu+X/Djd0qAAAAoJ9i7v/VMJOK/P1f/1//X/9f/1//v/P69f8Hk/5/d/r/PRSv/9/C5/8Xe/v1//X/Wapo/f+Y+w+HmVQk/wMAAEAVxNz/a2Em8j8AAACURsz9rwszkf8BAACgNGLuPxJm0KnOXUr6//r/+v/6//r/nde/3v3/sXi/+v9rov/fnf5/D/r/+v/6//r/9FXR+v8x978+zMTf/wEAAKA0Yu5/IMxE/gcAAIDSiLn/DWEm8j8AAACURsz9bwwzqUj+1//X/9f/1//X/++8fp//P5j0/7vT/+9B/1//X/9f/5++Klr/P+b+N4WZVCT/AwAAQBXE3P/mMBP5HwAAAEoj5v63hJnI/wAAAFAaMfe/NcykIvlf/1//X/9f/1//v/P69f8Hk/5/d/r/Pej/6//r/+v/01dF6//H3P/rYSYVyf8AAABQBTH3PxhmIv8DAABAacTc/7YwE/kfAAAASiPm/reHmVQk/+v/6//r/+v/6/93Xr/+/2DS/+9uwPr/P78lXK7/n9P/L/b2r7b/P9L29Q3p//9guf7/wob22+v/cyMUrf8fc/87wkwqkv8BAACgCmLuf2eYifwPAAAApRFz/7vCTJryf1//xzsAAABg3cXc/xthJhX5+7/+f307FtvL+v/6/40L9P/1//X/B5b+f3cD1v/3+f9t9P+Lvf0+/1//n6WK1v+Puf/dYSYVyf8AAABQBTH3PxRmIv8DAABAacTc/3CYifwPAAAApRFz/3vCTCqS//X/ff6//r/+v/5/5/Xr/w8m/f/u9P970P/X/y9a//8/9f8ZbEXr/8fc/0iYSUXyPwAAAFRBzP3vDTOR/wEAAKA0Yu7/zTAT+R8AAABKI+b+94WZVCT/6/8PSv9/YkD7/4/r/9/A/v9dt+TL6f/r/7NI/787/f8e9P/1/4vW//f5/wy4ovX/Y+5/f5jJyvP/+IqXBAAAAG6gkWWvibn/t8JMKvL3fwAAAKiCmPt/O8xE/gcAAIDSiLn/d8JMKpL/9f8Hpf/v8/8z/X+f/9/2ePT/9f87Wb/+fzzz6P/r/+v/R/r/Ve3/598Z9f/ppGj9/5j7fzfMpCL5HwAAAKog5v4PhJnI/wAAADAQOv0/2e1i7j8aZiL/AwAAQGnE3H8szKQi+V//X/9f/7+g/f8/2/Yv3/v2O4/t1v/X/9f/X5V1/fz/+ovf5//r/+v/J4PS/68t89Fg+v8+/5/+K1r/P+b+42EmFcn/AAAAUAUx9/9emIn8DwAAAKURc/+JMBP5HwAAAEoj5v6ZMJOK5H/9f/1//f+C9v8H+PP/4/7Q/2/Vt/5/POnq/3e0rv3/9y72xPX/V9v/H+t4qf6//v8gb7/+v/4/SxWt/x9z/2yYSUXyPwAAAFRByP1DJ/O5eIX8DwAAAKURc/+pMBP5HwAAAEoj5v4PhplUJP/r/+v/6//r//v8/87r79b/r434/P+i0v/vrjj9/870//X/B3n79f/1/1mqaP3/mPvnwkwqkv8BAACgCmLu/1CYifwPAAAApRFz/4fDTOR/AAAAKI2Y+0+HmVQk/+v/6//r/+v/6/93Xn9hP/9f/78r/f/u9P970P/X/9f/1/+nr4rW/4+5/0yYSUXyPwAAwP+zdydPlpVlHsdvQkFlBb3oXS960xG97D+BRbPu3ncvetOL7gjDBaioOFM4jygqzoriPOAAgoiK8wROKM6gouI84oSoUQaZz/NUDifvzcy6t/Kc9/18Fjxd2WTda0UJ9ausrwd6kLv/4rjF/gcAAIBm5O6/JG6x/wEAAKAZufsfFrd0sv/1//r/Zvv/f9f/7/X6+n/9f8v0//Pp/xfQ/+v/9f/6f5ZqbP1/7v6Hxy2d7H8AAADoQe7+R8Qt9j8AAAA0I3f/pXGL/Q8AAADNyN3/yLilk/2/o/9fm/XZ/2fGq/9vqf/3/P89X1//fwb9/7n6/7E7u/3/FQ/+k0//r//X/wf9/776/+N7fb7+nxaNrf/P3f+ouKWT/Q8AAAA9yN3/6LjF/gcAAIBm5O6/LG6x/wEAAKAZufsfE7d0sv+X9/z/Exsfn2j/X/T/+v+ND+j/9f979f/HTn9b/z9Onv8/X0/9/6V3XnDxfTf9880HeX39v/7f8//1/yzX2Pr/3P2PjVs62f8AAADQg9z9j4tb7H8AAABoRu7+x8ct9j8AAAA0I3f/E+KWTvb/8vr/ST//v+j/9f8bH9D/6//36v//y/P/x07/P19P/f9hXl//r//X/+v/Wa6j7v/zO85v5+5/YtzSyf4HAACAHuTuf1LcYv8DAABAM3L3Xx632P8AAADQjNz9J+OWTva//n/1/f/f9P/6/7j6f/2//n/19P/z6f8X0P/r//X/+n+W6qj7/53fzt1/RdzSyf4HAACAHuTuf3LcYv8DAABAM3L3PyVusf8BAACgGbn7nxq3dLL/9f+e/6//1//r/4dfX/8/Tfr/+fT/C+j/z7SfP0//P8H+P34hpf9nFQ7Y/z8w5x/bS+n/c/c/LW7pZP8DAABAD3L3Pz1usf8BAACgGbn7nxG32P8AAADQjNz9z4xbOtn/+n/9v/5f/3/o/n/3T70N+v9h+v+zQ/8/32j6/7Vjgx/W/0++//f8/yn2/0H/zyqM7fn/ufufFbd0sv8BAACgB7n7nx23zNn/B/7NfAAAAOBI5e5/Ttzi6/8AAAAweVmd5e5/btzSyf7X/+v/9f/6f8//H379ef3/zVven/5/XPT/842m/9+D/l//P+X3r//X/7Pb2Pr/3P3Pi1s62f8AAADQg9z9V8Yt9j8AAAA0I3f/8+MW+x8AAACakbv/BXFLJ/t/uP8//f/X/++P/n/7+9f/D//8WFb/n9+j/n9u/3+R5//3Sf8/39nv/4/r/7d///r/FTrq9994/39i0efr/xkytv4/d/9VcUsn+x8AAAB6kLv/hXGL/Q8AAADNyN3/orjF/gcAAIBm5O5/cdzSyf4/4uf/X3H+Xu9L/79B/6//9/z/cT7/f3bW+/9j+v990v/P5/n/C+j/9f/6f8//Z6nG1v/n7r86bulk/wMAAEAPrr5/trH7XzKb2f8AAAAwRVv/7MDOP1Aacve/NG6x/wEAAKAZuftfFrd0sv+PuP9f1fP/z1v02vp//f/WHy/9v/5/6PXH1f97/v9+6f/n0/8voP9fRT9/rLH+/5q9Pn8M/f/l+n9GZlv/f+vpjx9V/5+7/+VxSyf7HwAAAHqQu/8VcYv9DwAAAM3I3f/KuMX+BwAAgGbk7n9V3NLJ/l95/39i79deYf+/kP5f/7/1x0v/r/8fen39/zTp/+fT/y+g//f8f8//1/+zVNv6/y2Oqv/P3f/quKWT/Q8AAAA9yN3/mrjF/gcAAIBm5O6/Jm6x/wEAAKAZuftfG7d0sv8bff7/Qvp//f/WHy/9v/5/6PX1/9Ok/59P/7+A/l//r/9f3P/v/Bd10P8zZGz9f+7+18Utnex/AAAA6EHu/mvjFvsfAAAAmpG7//Vxi/0PAAAAzcjd/4a4pZP9r/9fbf+fH9f/6/9nB+n/4xP0/5v0//r/g5ha/7/zvz+H7tfXhv5NtNse/f/tDzn5n9s/ov/X/+v/9f+e/88SjKL/P3X6V5e5+98Yt3Sy/wEAAKAHufvfFLfY/wAAANCM3P1vjlvsfwAAAGhG7v63xC0H3P//uNR3dfbo/z3/X/8/wv4/6P836f/1/wcxtf5/J8//1//r/6f7/vX/+n92G0X/v+XbufvfGrf4+j8AAAA0I3f/2+IW+x8AAACakbv/7XGL/Q8AAADNyN3/jrilk/2v/9f/6//1//r/4dc/bP+/Phum/z879P/z6f8X0P/r//X/+n+Wamz9f+7+6+KWTvY/AAAA9CB3/zvjFvsfAAAAmpG7/11xi/0PAAAAzcjd/+64pZP9r//X/+v/9f/6/+HX9/z/adL/z7eq/v/cKfX/1895A0P9/6nj+n/9v/5f/88hja3/z93/nrilk/0PAAAAPcjdf33cYv8DAABAM3L33xC32P8AAADQjNz9741bOtn/+n/9v/5f/6//H359/f806f/n8/z/BTz/X/+v/9f/s1Rj6/9z998Yt3Sy/wEAAKAHuftvilvsfwAAAGhG7v73xS32PwAAADQjd//NcUsn+1//r//X/+v/9f/Dr6//n6bV9f+zo+v/7z3noN/NnvT/C+j/9f/6f/0/SzW2/j93//vjlk72PwAAAPQgd/8tcYv9DwAAAM3I3f+BuMX+BwAAgGbk7v9g3NLJ/tf/6/+n2f9ftT70/vX/+v+Z/r97nv8/n/5/Af2//l//r/9nqcbW/+fu/1Dc0sn+BwAAgB7k7r81brH/AQAAoBm5+z8ct9j/AAAA0Izc/R+JWzrZ//p//f/2/n82m0b/7/n/M/1/C/3/+kz/v3T6//n21/9fpP/X/7fV/58za6j/P7Hn5+v/GaOx9f+5+z8at3Sy/wEAAKAHufs/FrfY/wAAANCAzT87k7v/43GL/Q8AAADNyN3/ibilk/0//f7/+I5P1P/PZrO7Lmv++f/6/5n+v4X+v35U9f/Lo/+fz/P/F9D/t9n/e/6//p8jM7b+P3f/J+OWTvY/AAAA9CB3/6fiFvsfAAAAmpG7/9Nxi/0PAAAAzcjd/5m4pZP9P/3+f+cn6v9nZ/T8f/3/xgf0//p//f9k6f/n0/8voP9f2M+v7fHrnpn+X/+v/2fA2Pr/3P2fjVs62f8AAADQg9z9t8Ut9j8AAAA0I3f/7XGL/Q8AAADNyN3/ubilk/2v/9f/6/+n2f+v6//1//r/QWPp/y+88D/u0P/r/1vs/+fR/+v/9f/sNLb+P3f/5+OWTvY/AAAA9CB3/xfiFvsfAAAAmpG7/4txi/0PAAAAzcjd/6W4pZP9v7v/P2+2WahuGur/o1HT/2+h/9/+/vX/wz8/PP9f/6//X72x9P+e/3+496//1/9P+f0fqP//l92fr/+nRWPr/3P33xG3dLL/AQAAoAe5+78ct9j/AAAA0Izc/V+JW+x/AAAAaEbu/jvjlk72v+f/6//1//p//f/w6+v/p0n/P5/+fwH9v/7f8/8v+b9z9f8sz9j6/9z9X41bNobfv/7DIf9jAgAAACOSu/9rcUsnX/8HAACAHuTu/3rcYv8DAABAM3L3fyNu6WT/6//1//p//b/+f/j19f/TpP+fT/+/QD/9//rQB4+6nz9TR/3+m+n/Pf+fJRpb/5+7/5txSyf7HwAAAHqQu/9bcYv9DwAAAM3I3f/tuMX+BwAAgGbk7r8rbulk/+v/9f/t9///q//f8fr6f/1/y/T/+W/0Yfr/Bfrp/wcddT8/9fev/9f/s9vY+v/c/XfHLZ3sfwAAAOhB7v7vxC32PwAAADQjd/934xb7HwAAAJqRu/97cUsn+1//31f/vzbrsf/3/H/9v/6/J9Pp/689NvRRz//X/+v/p/v+9f/6f3YbW/+fu/+etWNd7n8AAACYqv/+t4fevd+/956Nv67Pvh+32P8AAADQjNz9P4hb7H8AAABoRu7+H8Ytnex//X9f/X+fz//X/+v/9f89mU7/P0z/r//X/0/3/ev/9f/sNrb+P3f/vXHLluE3+D/QAwAAAExG7v4fxS2dfP0fAAAAepC7/8dxy679f2qff6odAAAAGJvc/T+JWzr5+r/+f+T9/2xF/X/8ffr/Tfp//f/Q6+v/p6m1/v/4bFT9/6k1/b/+fw79v/5f/89OY+v/c/ffcuOsy/0PAAAAjdr2Owo/3fjr+uxncYv9DwAAAM3I3f/zuMX+BwAAgGbk7v9F3NLJ/tf/j7z/P9Tz/0/U/+X5/533/1euD76+/l//37LW+n/P/9/8uP5/k/5/3O9f/6//Z7cD9P8bg3TV/X/u/l/GLZ3sfwAAAOhB7v5fxS32PwAAADQjd/+v4xb7HwAAAJqRu/83cUsn+1//fwT9/1XHZ7OV9v/7eP6//r+P/n+P12+n//+nC07e9j//f8N1+n9OO5v9f/5c0P/r//X/m/T/+n/9PzuN7fn/uft/G7d0sv8BAACgB7n774tb7H8AAABoRu7+38Ut9j8AAAA0I3f/7+OWTva//r/F5/9Ps//PH+sj6P9PTq//z6a49/7f8//1/7t5/v98+v8F9P/6f/2//p+lGlv/n7v/D3FLJ/sfAAAAepC7/49xS+7/tQP/1j0AAAAwMrn7/xS3+Po/AAAANCN3//1xSyf7X/+v/x9L/588///053n+/yb9v/7/IPT/8+n/F9D/6//1//p/lmps/X/u/j/HLZ3sfwAAAOhB7v4H4hb7HwAAAJqRu/8vcYv9DwAAAM3I3f/XuKWT/a//1//r//X/+v/h19f/T5P+fz79/4PO3/sN6P/1//p//T9LNbb+P3f/3wMAAP//80tlEQ==")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f00000000c0)=""/85, 0x55)
getdents(r0, 0xfffffffffffffffd, 0x58)

841.110714ms ago: executing program 4 (id=1553):
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000006c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40015)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00003, 0x8)

789.336606ms ago: executing program 2 (id=1554):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x38, &(0x7f0000000040)=[@in6={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @in6={0xa, 0x4e20, 0x0, @loopback, 0x3}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f00000000c0)={r1, 0x10, 0x9, 0xd5, 0x1}, 0x14)

652.475792ms ago: executing program 2 (id=1555):
r0 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f000055e000/0x3000)=nil, &(0x7f0000780000/0x4000)=nil, 0x3000})

628.295404ms ago: executing program 4 (id=1556):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
ioprio_get$pid(0x3, 0x0)

453.301626ms ago: executing program 2 (id=1557):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file1\x00', 0x414, &(0x7f0000000000)=ANY=[], 0x1, 0x2bb, &(0x7f0000000440)="$eJzs3UFrE1sYxvGnTW+TprTJhcuFe0E96EY3oY0fQIO0IAaU2hR1IUztREPGpMyESkRsNuLWD+Gq6M6doC7ddCNu3LsrguCmC3HETNImbVrTNklj+/9BmTd5z8OcttPyptDJ2o1n9/NZL5G1ShqMGA1KFa1L8V9VzUDtOFith9WoonOj3z6duH7z1pVUOj01Y8x0avZ80hgzfurNg0cvTr8rjc69Gn8d1mr89trX5OfVf1f/W/sxey/nmZxnCsWSscx8sViy5h3bLOS8fMKYa45tebbJFTzbbepnneLiYtlYhYWx6KJre56xCmWTt8umVDQlt2ysu1auYBKJhBmL6ngbamNNZmVmxkrt2PZDHd0Rum6k1ZOum6q0bmZWerAnAADQZ3af/4NZf+f5Pz0XHNua/18+l9qb/6VOzv8DPf2C9rlK06PfzP84Elw3ZUVrP7/NmP8BAAAAAAAAAAAAAAAAAAAAAPgTrPt+zPf9WP1Y/whLikiqPz7sfaI79vn9v3BI20WHNfzjXkRyni5lljLBMeinssrJka0JxfS9ej3UBPX05fTUhKmK662zXMsvL2VCCtfzdfFW+ZN/TwZ505z/S9HG8ycV0z+tz59smR/W2TMN+YRi+nBHRTlaqF7Xm/nHk8Zcuprekh+prgMAAAAA4ChImA3bXr9X+9UFEW3vB/k9/H1gy+vrIf3fzi0qAQAAAADAgXnlh3nLcWx3H0VY0gHieyj8ga6fonNFSH2xjS3FRUl9sI1eFRFJwTNmP/EvG/G2Un4ba4YkHfTzivTw0jrs30wAAAAAOm1z6N9D6OOTLu4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDjp937gdXXb2vVG7vEG04X0vuNtwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjp2fAQAA//91iCZA")
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000000), 0x0)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0)

328.827288ms ago: executing program 1 (id=1558):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x3d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r1, 0x2000300, 0xe, 0x0, &(0x7f0000000600)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

213.83585ms ago: executing program 4 (id=1559):
r0 = socket(0x1, 0x2, 0x0)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x23, &(0x7f0000000080)=0x6, 0x4)
bind$unix(r0, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(r0, &(0x7f0000001680)=[{{&(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x1, 0x0)

114.420473ms ago: executing program 1 (id=1560):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x40, &(0x7f0000000340), 0x1, 0x573, &(0x7f0000000ec0)="$eJzs3T1sG+UbAPDnzvG/X/mTIoEEqEMFSEWq6iT9gMLUrohKlTogsUDkuFEVJ47iBJooQ7pXiA4IUJeywcAIYmBALIysLCBmpIpGIDUdwMhfaZo4wSl1XHK/n3T2vfee/bzvnZ/XvtOdHEBmHa0/pBHPRsTFJGJoXd1AtCqPNtdbXVkq3ltZKiZRq136LYkkIu6uLBXb6yet50MRsRwRz0TEd/mI4+nmuNWFxcmxcrk02yoPz03NDFcXFk9cmRqbKE2Upk+98uqZs6fPjJ4cXf+ye7X1pfzO+nr95xvvX//h9Vs3Pv/iyHLxw7EkzsVgq259Px6l5jbJx7kNy0/3IlgfJf1uAA8l18rzeio9HUORa2V9J7WhXW0a0GO1fRE1IKMS+Q8Z1f4dUD/+bU+7+fvj9vnmAUg97mpratYMNM9NxP7GscnB35MHjkzqx5uHd7Oh7EnL1yJiZGBg8+c/aX3+Ht7Io2ggPfXt+eaO2rz/07XxJzqMP4Ptc6f/Unv8W900/t2Pn9ti/LvYZYw/3/rlky3jX4t4rmP8ZC1+0iF+GhHvdBn/5ptfn92qrvZpxLHoHL8t2f788PDlK+XSSPOxY4xvjh15bbv+H9wifvOc7f7G10yn7T/TZf+/+v7L55e3if/SC9vv/07b/0BEfNBl/CfvfvbGVnW3ryV36r8Cdrr/68tudRn/5XNHf+pyVQAAAAAAAAAAYAfSxrVsSVpYm0/TQqF5D+9TcTAtV6pzxy9X5qfHm9e8HY582r7SaqhZTurl0db1uO3yyQ3lU7lWwNyBRrlQrJTH+9x3AAAAAAAAAAAAAAAAAAAAeFwc2nD//x+5xv3/G/+uGtirtv7Lb2Cvk/+QXQ/mf9K3dgC7z/c/ZFZN/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv8AAAAAAAAAAAAAAAAAAAAAAAAAANATFy9cqE+1eytLxXp5fGBhfrLy7onxUnWyMDVfLBQrszOFiUplolwqFCtT//R+SaUyMxLT81eH50rVueHqwuLbU5X56fZ/ipbyPe8RAAAAAAAAAAAAAAAAAAAA/PcMNqYkLURE2phP00Ih4v8RcTjyyeUr5dJIRDwRET/m8vvq5dF+NxoAAAAAAAAAAAAAAAAAAAD2mOrC4uRYuVyazcjMwE5WjojlR9uM+jvu+FX51r56XLahmSzM9HlgAgAAAAAAAAAAAAAAAACADLp/02+3r/irtw0CAAAAAAAAAAAAAAAAAACATEp/TSKiPh0benFwY+3/ktVc4zki3rt56aOrY3Nzs6P15XfWls993Fp+sh/tB7rVztN2HgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3VRcWJ8fK5dJsD2f63UcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh/F3AAAA///pCdd8")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000280)=0x10)
statx(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0xffff4a9c0080ffff, 0x0)

68.393041ms ago: executing program 4 (id=1561):
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0/../file0\x00', 0x0, 0x0)

66.654861ms ago: executing program 6 (id=1562):
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000100)={0x2ffc, 0x4000006, 0xfffffefc, 0x6}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000160001f47efde4be701161000a000000040000800400", @ANYRES32=r0], 0x1c}}, 0x804)

0s ago: executing program 2 (id=1563):
r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f00000002c0)={0x1, 0x6}, 0x2)
write$USERIO_CMD_REGISTER(r0, &(0x7f0000000340)={0x0, 0x3}, 0x2)
close_range(r0, r0, 0x0)

kernel console output (not intermixed with test programs):

7] usb 4-1: config 0 descriptor??
[  215.117429][ T8477] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  215.148209][ T8477] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  215.265802][ T8508] loop2: detected capacity change from 0 to 256
[  215.334826][ T5873] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  215.360445][ T8508] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x09066d1f, utbl_chksum : 0xe619d30d)
[  215.401559][ T8477] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  215.421319][ T8477] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  215.514302][ T8512] netlink: 8 bytes leftover after parsing attributes in process `syz.0.865'.
[  215.598459][ T8512] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  215.721139][ T8515] netlink: 8 bytes leftover after parsing attributes in process `syz.4.864'.
[  215.877285][ T5957] dm9601: No valid MAC address in EEPROM, using 00:00:00:00:00:00
[  216.072421][ T5957] dm9601 4-1:0.0 (unnamed net_device) (uninitialized): Error reading chip ID
[  216.082425][ T8524] netlink: 60 bytes leftover after parsing attributes in process `syz.2.871'.
[  216.145607][ T5957] usb 4-1: USB disconnect, device number 5
[  216.506114][ T8536] loop2: detected capacity change from 0 to 1024
[  216.535971][ T8536] hfsplus: Unknown parameter 'ÿÿÿÿ00000000000000000000000'
[  216.582674][ T8536] netlink: 8 bytes leftover after parsing attributes in process `syz.2.876'.
[  216.620322][ T8536] openvswitch: netlink: nsh attr 12281 is out of range max 3
[  216.657035][ T8536] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  217.061098][ T5878] Bluetooth: hci2: command 0x0406 tx timeout
[  217.067294][ T5874] Bluetooth: hci3: command 0x0406 tx timeout
[  217.345551][ T8538] loop4: detected capacity change from 0 to 40427
[  217.368600][ T8538] F2FS-fs: heap/no_heap options were deprecated
[  217.393961][ T8538] F2FS-fs (loop4): invalid crc value
[  217.648970][ T8538] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  217.704851][ T8538] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  217.907069][ T5873] syz-executor: attempt to access beyond end of device
[  217.907069][ T5873] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  217.919732][ T8574] loop1: detected capacity change from 0 to 16
[  217.939497][ T5873] CPU: 0 UID: 0 PID: 5873 Comm: syz-executor Not tainted 6.16.0-next-20250808-syzkaller #0 PREEMPT(full) 
[  217.939524][ T5873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  217.939537][ T5873] Call Trace:
[  217.939546][ T5873]  <TASK>
[  217.939555][ T5873]  dump_stack_lvl+0x189/0x250
[  217.939600][ T5873]  ? __pfx_dump_stack_lvl+0x10/0x10
[  217.939626][ T5873]  ? __pfx_queue_work_on+0x10/0x10
[  217.939646][ T5873]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  217.939672][ T5873]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  217.939714][ T5873]  f2fs_handle_critical_error+0x37c/0x540
[  217.939749][ T5873]  f2fs_write_end_io+0x886/0xb60
[  217.939791][ T5873]  __submit_merged_bio+0x27a/0x6a0
[  217.939827][ T5873]  __submit_merged_write_cond+0x255/0x530
[  217.939875][ T5873]  f2fs_write_data_pages+0x261d/0x3000
[  217.939946][ T5873]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  217.939991][ T5873]  ? arch_stack_walk+0xfc/0x150
[  217.940048][ T5873]  ? __mod_zone_page_state+0xd7/0x140
[  217.940087][ T5873]  ? folios_put_refs+0x560/0x640
[  217.940125][ T5873]  ? __lock_acquire+0xab9/0xd20
[  217.940164][ T5873]  ? do_raw_spin_lock+0x121/0x290
[  217.940201][ T5873]  ? do_raw_spin_unlock+0x122/0x240
[  217.940226][ T5873]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  217.940257][ T5873]  do_writepages+0x32b/0x550
[  217.940297][ T5873]  ? do_raw_spin_unlock+0x122/0x240
[  217.940326][ T5873]  filemap_fdatawrite+0x199/0x240
[  217.940371][ T5873]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  217.940469][ T5873]  ? do_raw_spin_unlock+0x122/0x240
[  217.940499][ T5873]  f2fs_sync_dirty_inodes+0x31f/0x830
[  217.940537][ T5873]  f2fs_write_checkpoint+0x95a/0x1df0
[  217.940595][ T5873]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  217.940664][ T5873]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  217.940685][ T5873]  ? kfree+0x18e/0x440
[  217.940710][ T5873]  ? kill_f2fs_super+0x298/0x6c0
[  217.940755][ T5873]  kill_f2fs_super+0x2c3/0x6c0
[  217.940785][ T5873]  ? __pfx_kill_f2fs_super+0x10/0x10
[  217.940804][ T5873]  ? radix_tree_delete_item+0x2b6/0x400
[  217.940840][ T5873]  ? shrinker_free+0x2ce/0x3e0
[  217.940868][ T5873]  deactivate_locked_super+0xb9/0x130
[  217.940896][ T5873]  cleanup_mnt+0x425/0x4c0
[  217.940920][ T5873]  ? lockdep_hardirqs_on+0x9c/0x150
[  217.940952][ T5873]  task_work_run+0x1d1/0x260
[  217.940984][ T5873]  ? __pfx_task_work_run+0x10/0x10
[  217.941010][ T5873]  ? __x64_sys_umount+0x122/0x160
[  217.941044][ T5873]  ? exit_to_user_mode_loop+0x40/0x110
[  217.941080][ T5873]  exit_to_user_mode_loop+0xec/0x110
[  217.941112][ T5873]  do_syscall_64+0x2bd/0x3b0
[  217.941140][ T5873]  ? lockdep_hardirqs_on+0x9c/0x150
[  217.941174][ T5873]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.941194][ T5873]  ? clear_bhb_loop+0x60/0xb0
[  217.941220][ T5873]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.941240][ T5873] RIP: 0033:0x7f207478ff17
[  217.941262][ T5873] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  217.941279][ T5873] RSP: 002b:00007ffead8e1b48 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  217.941300][ T5873] RAX: 0000000000000000 RBX: 00007f2074811c05 RCX: 00007f207478ff17
[  217.941314][ T5873] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffead8e1c00
[  217.941327][ T5873] RBP: 00007ffead8e1c00 R08: 0000000000000000 R09: 0000000000000000
[  217.941339][ T5873] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffead8e2c90
[  217.941352][ T5873] R13: 00007f2074811c05 R14: 0000000000035280 R15: 00007ffead8e2cd0
[  217.941389][ T5873]  </TASK>
[  217.941397][ T5873] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  218.310214][ T8574] erofs (device loop1): mounted with root inode @ nid 36.
[  218.769638][ T8566] loop2: detected capacity change from 0 to 32768
[  218.917856][ T8585] IPVS: sed: FWM 4 0x00000004 - no destination available
[  218.936261][ T5957] IPVS: starting estimator thread 0...
[  219.026239][ T8586] IPVS: using max 33 ests per chain, 79200 per kthread
[  219.183746][ T8590] netlink: 'syz.0.900': attribute type 83 has an invalid length.
[  219.826725][ T8608] veth0_to_team: entered promiscuous mode
[  219.833907][ T8608] veth0_to_team: entered allmulticast mode
[  220.064491][ T8612] loop1: detected capacity change from 0 to 4096
[  220.125127][ T8612] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  220.257971][ T8618] loop0: detected capacity change from 0 to 4096
[  220.300549][ T8618] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512).
[  220.450369][ T8618] ntfs3(loop0): ino=1a, mi_enum_attr
[  220.466147][ T8618] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  220.523057][   T30] audit: type=1800 audit(1754647263.663:51): pid=8618 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.913" name="file1" dev="loop0" ino=30 res=0 errno=0
[  220.526854][ T8618] ntfs3(loop0): ino=1e, "file1" ntfs3_write_inode failed, -22.
[  221.115176][ T5994] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  221.162372][ T8646] netlink: 'syz.3.925': attribute type 9 has an invalid length.
[  221.224377][ T8648] loop0: detected capacity change from 0 to 512
[  221.258577][ T8648] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  221.272052][ T5994] usb 3-1: Using ep0 maxpacket: 8
[  221.292168][ T5994] usb 3-1: unable to get BOS descriptor or descriptor too short
[  221.302006][ T5994] usb 3-1: config 7 has an invalid interface number: 208 but max is 0
[  221.314710][ T5994] usb 3-1: config 7 has no interface number 0
[  221.326296][ T5994] usb 3-1: No eUSB2 isoc ep 7 companion for config 7 interface 208 altsetting 4
[  221.336939][ T5994] usb 3-1: config 7 interface 208 has no altsetting 0
[  221.346471][ T8648] EXT4-fs (loop0): 1 truncate cleaned up
[  221.354428][ T8648] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.372695][ T5994] usb 3-1: New USB device found, idVendor=5050, idProduct=0900, bcdDevice=b3.ef
[  221.394792][ T5994] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  221.409357][ T5994] usb 3-1: Product: syz
[  221.416407][ T5994] usb 3-1: Manufacturer: syz
[  221.421042][ T5994] usb 3-1: SerialNumber: syz
[  221.480485][ T7624] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.675226][ T5994] ftdi_sio 3-1:7.208: FTDI USB Serial Device converter detected
[  221.690418][ T5994] ftdi_sio ttyUSB0: unknown device type: 0xb3ef
[  221.719504][ T5994] usb 3-1: USB disconnect, device number 8
[  221.737585][ T5994] ftdi_sio 3-1:7.208: device disconnected
[  222.479181][ T8657] loop0: detected capacity change from 0 to 32768
[  222.627164][ T8657] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  222.716375][ T8676] netlink: 4 bytes leftover after parsing attributes in process `syz.1.938'.
[  222.761864][ T8678] loop2: detected capacity change from 0 to 64
[  222.766221][ T7624] ocfs2: Unmounting device (7,0) on (node local)
[  223.145942][ T8687] random: crng reseeded on system resumption
[  223.303745][ T8691] loop1: detected capacity change from 0 to 512
[  223.369004][ T8691] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  223.450206][ T8691] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.638686][ T8691] EXT4-fs (loop1): shut down requested (1)
[  223.726889][ T8704] loop0: detected capacity change from 0 to 2048
[  223.748228][ T5879] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.836191][ T8704] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.873115][ T8704] ext4 filesystem being mounted at /59/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  223.918331][ T8708] netlink: 'syz.3.952': attribute type 43 has an invalid length.
[  223.951062][ T8704] fs-verity (loop0, inode 13): Unknown hash algorithm number: 0
[  224.112216][ T8716] erspan0: Device is already in use.
[  224.122068][ T7624] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.677991][ T8702] loop2: detected capacity change from 0 to 32768
[  224.900255][ T8713] loop1: detected capacity change from 0 to 32768
[  224.929602][   T30] audit: type=1326 audit(1754647268.076:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8730 comm="syz.0.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3ef18ebe9 code=0x7ffc0000
[  225.063126][   T30] audit: type=1326 audit(1754647268.116:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8730 comm="syz.0.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7fa3ef18ebe9 code=0x7ffc0000
[  225.151895][   T30] audit: type=1326 audit(1754647268.116:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8730 comm="syz.0.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3ef18ebe9 code=0x7ffc0000
[  225.259389][   T30] audit: type=1326 audit(1754647268.116:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8730 comm="syz.0.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3ef18ebe9 code=0x7ffc0000
[  225.297926][   T30] audit: type=1326 audit(1754647268.116:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8730 comm="syz.0.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7fa3ef18ebe9 code=0x7ffc0000
[  225.363281][   T30] audit: type=1326 audit(1754647268.116:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8730 comm="syz.0.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3ef18ebe9 code=0x7ffc0000
[  225.420990][   T30] audit: type=1326 audit(1754647268.116:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8730 comm="syz.0.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3ef18ebe9 code=0x7ffc0000
[  225.531707][   T30] audit: type=1326 audit(1754647268.116:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8730 comm="syz.0.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=312 compat=0 ip=0x7fa3ef18ebe9 code=0x7ffc0000
[  225.632805][   T30] audit: type=1326 audit(1754647268.116:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8730 comm="syz.0.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3ef18ebe9 code=0x7ffc0000
[  225.722896][   T30] audit: type=1326 audit(1754647268.116:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8730 comm="syz.0.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3ef18ebe9 code=0x7ffc0000
[  225.837102][ T8742] loop2: detected capacity change from 0 to 1024
[  226.070735][   T61] hfsplus: b-tree write err: -5, ino 4
[  226.869830][ T8765] netlink: 'syz.1.978': attribute type 4 has an invalid length.
[  226.888868][ T8767] loop2: detected capacity change from 0 to 164
[  227.109119][ T8767] iso9660: Corrupted directory entry in block 2 of inode 1920
[  227.285112][ T8752] loop4: detected capacity change from 0 to 32768
[  227.399448][ T8752] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  227.540496][ T8783] program syz.1.982 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  227.557167][ T8773] loop2: detected capacity change from 0 to 4096
[  227.669996][ T8752] XFS (loop4): Ending clean mount
[  227.958294][ T5873] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  228.449288][ T8769] loop0: detected capacity change from 0 to 40427
[  228.464802][ T8769] F2FS-fs (loop0): Image doesn't support compression
[  228.475808][ T8769] F2FS-fs (loop0): build fault injection rate: 690
[  228.489248][ T8799] program syz.3.991 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  228.515869][ T8769] F2FS-fs (loop0): invalid crc value
[  228.729199][ T8769] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  228.766585][ T8769] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  229.012362][ T7624] syz-executor: attempt to access beyond end of device
[  229.012362][ T7624] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  229.040427][ T7624] CPU: 0 UID: 0 PID: 7624 Comm: syz-executor Not tainted 6.16.0-next-20250808-syzkaller #0 PREEMPT(full) 
[  229.040458][ T7624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  229.040472][ T7624] Call Trace:
[  229.040481][ T7624]  <TASK>
[  229.040492][ T7624]  dump_stack_lvl+0x189/0x250
[  229.040530][ T7624]  ? __pfx_dump_stack_lvl+0x10/0x10
[  229.040557][ T7624]  ? __pfx_queue_work_on+0x10/0x10
[  229.040580][ T7624]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  229.040610][ T7624]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  229.040654][ T7624]  f2fs_handle_critical_error+0x37c/0x540
[  229.040695][ T7624]  f2fs_write_end_io+0x886/0xb60
[  229.040760][ T7624]  __submit_merged_bio+0x27a/0x6a0
[  229.040801][ T7624]  __submit_merged_write_cond+0x255/0x530
[  229.040845][ T7624]  f2fs_write_data_pages+0x261d/0x3000
[  229.040929][ T7624]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  229.041052][ T7624]  ? folios_put_refs+0x559/0x640
[  229.041097][ T7624]  ? __lock_acquire+0xab9/0xd20
[  229.041143][ T7624]  ? do_raw_spin_lock+0x121/0x290
[  229.041187][ T7624]  ? do_raw_spin_unlock+0x122/0x240
[  229.041215][ T7624]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  229.041252][ T7624]  do_writepages+0x32b/0x550
[  229.041301][ T7624]  ? do_raw_spin_unlock+0x122/0x240
[  229.041336][ T7624]  filemap_fdatawrite+0x199/0x240
[  229.041387][ T7624]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  229.041487][ T7624]  ? do_raw_spin_unlock+0x122/0x240
[  229.041522][ T7624]  f2fs_sync_dirty_inodes+0x31f/0x830
[  229.041569][ T7624]  f2fs_write_checkpoint+0x95a/0x1df0
[  229.041628][ T7624]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  229.041726][ T7624]  ? kill_f2fs_super+0x298/0x6c0
[  229.041756][ T7624]  kill_f2fs_super+0x2c3/0x6c0
[  229.041788][ T7624]  ? __pfx_kill_f2fs_super+0x10/0x10
[  229.041807][ T7624]  ? radix_tree_delete_item+0x2b6/0x400
[  229.041846][ T7624]  ? shrinker_free+0x2ce/0x3e0
[  229.041893][ T7624]  deactivate_locked_super+0xb9/0x130
[  229.041925][ T7624]  cleanup_mnt+0x425/0x4c0
[  229.041950][ T7624]  ? lockdep_hardirqs_on+0x9c/0x150
[  229.041986][ T7624]  task_work_run+0x1d1/0x260
[  229.042029][ T7624]  ? __pfx_task_work_run+0x10/0x10
[  229.042058][ T7624]  ? __x64_sys_umount+0x122/0x160
[  229.042097][ T7624]  ? exit_to_user_mode_loop+0x40/0x110
[  229.042135][ T7624]  exit_to_user_mode_loop+0xec/0x110
[  229.042170][ T7624]  do_syscall_64+0x2bd/0x3b0
[  229.042201][ T7624]  ? lockdep_hardirqs_on+0x9c/0x150
[  229.042231][ T7624]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.042254][ T7624]  ? clear_bhb_loop+0x60/0xb0
[  229.042283][ T7624]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.042305][ T7624] RIP: 0033:0x7fa3ef18ff17
[  229.042325][ T7624] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  229.042345][ T7624] RSP: 002b:00007ffc2de00258 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  229.042368][ T7624] RAX: 0000000000000000 RBX: 00007fa3ef211c05 RCX: 00007fa3ef18ff17
[  229.042383][ T7624] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc2de00310
[  229.042397][ T7624] RBP: 00007ffc2de00310 R08: 0000000000000000 R09: 0000000000000000
[  229.042411][ T7624] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc2de013a0
[  229.042426][ T7624] R13: 00007fa3ef211c05 R14: 0000000000037df8 R15: 00007ffc2de013e0
[  229.042466][ T7624]  </TASK>
[  229.388784][ T7624] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  229.415503][ T8795] loop1: detected capacity change from 0 to 32768
[  229.430417][ T8813] loop4: detected capacity change from 0 to 1024
[  229.440063][ T8813] EXT4-fs: Ignoring removed oldalloc option
[  229.465864][ T8813] EXT4-fs: Ignoring removed bh option
[  229.584911][ T8795] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  229.596054][ T8813] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  229.769633][ T8813] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.995: Allocating blocks 497-513 which overlap fs metadata
[  229.920912][ T5879] ocfs2: Unmounting device (7,1) on (node local)
[  230.035779][ T5873] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.324587][ T8838] loop4: detected capacity change from 0 to 32768
[  231.361923][ T8838] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1004 (8838)
[  231.404048][ T8838] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  231.469912][ T8838] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  231.497922][ T8838] BTRFS info (device loop4): using free-space-tree
[  231.719928][ T8866] loop0: detected capacity change from 0 to 47
[  231.988335][ T8870] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1011'.
[  232.027647][ T8872] Bluetooth: MGMT ver 1.23
[  232.122289][ T5873] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  232.289625][ T8877] tipc: Started in network mode
[  232.294546][ T8877] tipc: Node identity ac1414aa, cluster identity 4711
[  232.323354][ T8877] tipc: Enabled bearer <udp:s>, priority 10
[  232.622330][ T8888] loop0: detected capacity change from 0 to 256
[  232.907143][ T8888] FAT-fs (loop0): Directory bread(block 64) failed
[  232.939335][ T8888] FAT-fs (loop0): Directory bread(block 65) failed
[  232.955760][ T8888] FAT-fs (loop0): Directory bread(block 66) failed
[  232.980962][ T8888] FAT-fs (loop0): Directory bread(block 67) failed
[  232.987628][ T8888] FAT-fs (loop0): Directory bread(block 68) failed
[  232.999158][ T8848] loop1: detected capacity change from 0 to 40427
[  233.040027][ T8888] FAT-fs (loop0): Directory bread(block 69) failed
[  233.046780][ T8888] FAT-fs (loop0): Directory bread(block 70) failed
[  233.056869][ T8848] F2FS-fs (loop1): Image doesn't support compression
[  233.089625][ T8848] F2FS-fs (loop1): build fault injection rate: 690
[  233.094150][ T8888] FAT-fs (loop0): Directory bread(block 71) failed
[  233.113888][ T8888] FAT-fs (loop0): Directory bread(block 72) failed
[  233.128158][ T8888] FAT-fs (loop0): Directory bread(block 73) failed
[  233.139441][ T8848] F2FS-fs (loop1): invalid crc value
[  233.371003][ T8848] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  233.407841][ T8848] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  233.441609][ T5870] tipc: Node number set to 2886997162
[  233.490772][ T8908] loop0: detected capacity change from 0 to 2048
[  233.583640][ T8908] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  233.639910][ T5879] syz-executor: attempt to access beyond end of device
[  233.639910][ T5879] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  233.709963][ T8908] EXT4-fs (loop0): Online resizing not supported with bigalloc
[  233.736543][ T5879] CPU: 0 UID: 0 PID: 5879 Comm: syz-executor Not tainted 6.16.0-next-20250808-syzkaller #0 PREEMPT(full) 
[  233.736577][ T5879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  233.736591][ T5879] Call Trace:
[  233.736601][ T5879]  <TASK>
[  233.736610][ T5879]  dump_stack_lvl+0x189/0x250
[  233.736648][ T5879]  ? __pfx_dump_stack_lvl+0x10/0x10
[  233.736675][ T5879]  ? __pfx_queue_work_on+0x10/0x10
[  233.736698][ T5879]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  233.736729][ T5879]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  233.736771][ T5879]  f2fs_handle_critical_error+0x37c/0x540
[  233.736813][ T5879]  f2fs_write_end_io+0x886/0xb60
[  233.736856][ T5879]  __submit_merged_bio+0x27a/0x6a0
[  233.736896][ T5879]  __submit_merged_write_cond+0x255/0x530
[  233.736937][ T5879]  f2fs_write_data_pages+0x261d/0x3000
[  233.737011][ T5879]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  233.737096][ T5879]  ? __mod_zone_page_state+0xd7/0x140
[  233.737140][ T5879]  ? folios_put_refs+0x560/0x640
[  233.737181][ T5879]  ? __lock_acquire+0xab9/0xd20
[  233.737224][ T5879]  ? do_raw_spin_lock+0x121/0x290
[  233.737265][ T5879]  ? do_raw_spin_unlock+0x122/0x240
[  233.737293][ T5879]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  233.737330][ T5879]  do_writepages+0x32b/0x550
[  233.737371][ T5879]  ? do_raw_spin_unlock+0x122/0x240
[  233.737404][ T5879]  filemap_fdatawrite+0x199/0x240
[  233.737437][ T5879]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  233.737522][ T5879]  ? do_raw_spin_unlock+0x122/0x240
[  233.737564][ T5879]  f2fs_sync_dirty_inodes+0x31f/0x830
[  233.737606][ T5879]  f2fs_write_checkpoint+0x95a/0x1df0
[  233.737657][ T5879]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  233.737736][ T5879]  ? kill_f2fs_super+0x298/0x6c0
[  233.737766][ T5879]  kill_f2fs_super+0x2c3/0x6c0
[  233.737797][ T5879]  ? __pfx_kill_f2fs_super+0x10/0x10
[  233.737817][ T5879]  ? radix_tree_delete_item+0x2b6/0x400
[  233.737856][ T5879]  ? shrinker_free+0x2ce/0x3e0
[  233.737884][ T5879]  deactivate_locked_super+0xb9/0x130
[  233.737915][ T5879]  cleanup_mnt+0x425/0x4c0
[  233.737941][ T5879]  ? lockdep_hardirqs_on+0x9c/0x150
[  233.737975][ T5879]  task_work_run+0x1d1/0x260
[  233.738009][ T5879]  ? __pfx_task_work_run+0x10/0x10
[  233.738038][ T5879]  ? __x64_sys_umount+0x122/0x160
[  233.738074][ T5879]  ? exit_to_user_mode_loop+0x40/0x110
[  233.738112][ T5879]  exit_to_user_mode_loop+0xec/0x110
[  233.738146][ T5879]  do_syscall_64+0x2bd/0x3b0
[  233.738177][ T5879]  ? lockdep_hardirqs_on+0x9c/0x150
[  233.738208][ T5879]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.738230][ T5879]  ? clear_bhb_loop+0x60/0xb0
[  233.738258][ T5879]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.738279][ T5879] RIP: 0033:0x7f2f5458ff17
[  233.738296][ T5879] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  233.738313][ T5879] RSP: 002b:00007ffe5965fbf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  233.738333][ T5879] RAX: 0000000000000000 RBX: 00007f2f54611c05 RCX: 00007f2f5458ff17
[  233.738348][ T5879] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe5965fcb0
[  233.738362][ T5879] RBP: 00007ffe5965fcb0 R08: 0000000000000000 R09: 0000000000000000
[  233.738375][ T5879] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe59660d40
[  233.738390][ T5879] R13: 00007f2f54611c05 R14: 0000000000039045 R15: 00007ffe59660d80
[  233.738425][ T5879]  </TASK>
[  233.738434][ T5879] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  233.825976][ T8902] loop2: detected capacity change from 0 to 32768
[  234.101820][ T7624] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.173531][ T8902] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  234.395112][ T8902] XFS (loop2): Ending clean mount
[  234.432156][ T8902] XFS (loop2): Quotacheck needed: Please wait.
[  234.489547][   T49] XFS (loop2): Metadata corruption detected at xfs_dinode_verify+0x1a6/0x1570, inode 0x2443 dinode
[  234.525860][   T49] XFS (loop2): Unmount and run xfs_repair
[  234.555168][   T49] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  234.574735][   T49] 00000000: 49 4e 41 ed 03 01 00 00 00 00 00 00 00 00 00 00  INA.............
[  234.589483][   T49] 00000010: 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  234.606662][   T49] 00000020: 34 f7 58 68 a5 e2 bf 3d 34 f7 58 68 a5 e2 bf 3d  4.Xh...=4.Xh...=
[  234.626899][   T49] 00000030: 34 f7 58 68 a5 e2 bf 3d 00 00 00 00 00 00 00 20  4.Xh...=....... 
[  234.645979][   T49] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  234.685525][   T49] 00000050: 00 00 00 02 00 00 00 00 00 00 00 00 54 01 7a fc  ............T.z.
[  234.717007][   T49] 00000060: ff ff ff ff 4c 7b c2 21 00 00 00 00 00 00 00 04  ....L{.!........
[  234.738206][   T49] 00000070: 00 00 00 01 00 00 00 80 00 00 00 00 00 00 00 08  ................
[  234.839950][ T8902] XFS (loop2): Quotacheck: Unsuccessful (Error -117): Disabling quotas.
[  235.012648][ T5866] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  235.032817][ T5866] XFS (loop2): Uncorrected metadata errors detected; please run xfs_repair.
[  235.169702][ T8935] loop0: detected capacity change from 0 to 32768
[  235.252998][ T8935] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  235.515835][ T8945] loop1: detected capacity change from 0 to 32768
[  235.558458][ T8945] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1032 (8945)
[  235.592712][ T8945] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  235.607995][ T8945] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  235.623530][ T8945] BTRFS info (device loop1): using free-space-tree
[  235.654802][ T8935] XFS (loop0): Ending clean mount
[  235.666046][ T8935] XFS (loop0): Quotacheck needed: Please wait.
[  235.708040][ T8967] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1046'.
[  235.753618][ T8967] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1046'.
[  235.824412][ T8935] XFS (loop0): Quotacheck: Done.
[  235.864709][ T8986] loop2: detected capacity change from 0 to 256
[  235.932246][ T8986] FAT-fs (loop2): Directory bread(block 64) failed
[  235.942232][ T8986] FAT-fs (loop2): Directory bread(block 65) failed
[  235.950843][ T5879] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  235.950962][ T8986] FAT-fs (loop2): Directory bread(block 66) failed
[  235.979678][ T8986] FAT-fs (loop2): Directory bread(block 67) failed
[  235.986877][ T8986] FAT-fs (loop2): Directory bread(block 68) failed
[  236.004285][ T8986] FAT-fs (loop2): Directory bread(block 69) failed
[  236.011156][ T8986] FAT-fs (loop2): Directory bread(block 70) failed
[  236.020747][ T8986] FAT-fs (loop2): Directory bread(block 71) failed
[  236.027826][ T8986] FAT-fs (loop2): Directory bread(block 72) failed
[  236.034485][ T8986] FAT-fs (loop2): Directory bread(block 73) failed
[  236.058340][   T43] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  236.124141][ T7624] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  236.217694][   T43] usb 4-1: Using ep0 maxpacket: 16
[  236.236873][   T43] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  236.264396][   T43] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  236.297767][   T43] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  236.306755][ T8990] loop4: detected capacity change from 0 to 4096
[  236.327701][   T43] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  236.347507][   T43] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  236.394164][   T43] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  236.432526][ T8990] ntfs3(loop4): failed to convert "0080" to cp775
[  236.701659][ T8998] loop2: detected capacity change from 0 to 512
[  236.781017][ T8998] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  236.828698][   T30] audit: type=1800 audit(1754647279.982:62): pid=8998 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1056" name="file1" dev="loop2" ino=15 res=0 errno=0
[  237.123319][ T5866] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.371409][ T9009] loop0: detected capacity change from 0 to 1024
[  237.376930][   T43] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  237.387472][   T43] usb 4-1: Manufacturer: syz
[  237.394864][   T43] usb 4-1: config 0 descriptor??
[  237.798944][ T9011] loop2: detected capacity change from 0 to 32768
[  237.827088][ T9011] (syz.2.1059,9011,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  237.841130][ T9011] (syz.2.1059,9011,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  237.872744][ T9011] JBD2: Ignoring recovery information on journal
[  237.920318][ T9011] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  237.998023][   T61] hfsplus: b-tree write err: -5, ino 4
[  238.159312][ T5866] ocfs2: Unmounting device (7,2) on (node local)
[  238.265180][ T9015] loop0: detected capacity change from 0 to 2048
[  238.359831][ T9019] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  238.483249][ T9015] NILFS error (device loop0): nilfs_check_folio: bad entry in directory #12: rec_len is smaller than minimal - offset=1024, inode=0, rec_len=0, name_len=0
[  238.581350][ T9015] Remounting filesystem read-only
[  238.641320][ T8992] loop1: detected capacity change from 0 to 262144
[  238.667422][ T8992] F2FS-fs (loop1): invalid crc value
[  238.752466][ T7624] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer
[  238.768669][ T8992] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  238.786350][ T8992] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  238.846490][   T43] rc_core: IR keymap rc-hauppauge not found
[  238.852463][   T43] Registered IR keymap rc-empty
[  238.867538][   T43] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  238.906386][   T43] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  238.912132][ T9028] loop2: detected capacity change from 0 to 64
[  238.957940][   T43] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  239.008393][   T43] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input16
[  239.054089][   T43] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  239.090046][   T43] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  239.131017][   T43] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  239.171465][   T43] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  239.235973][   T43] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  239.261566][   T43] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  239.318977][   T43] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  239.357732][   T43] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  239.366162][ T5886] Bluetooth: hci4: command tx timeout
[  239.435995][   T43] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  239.472641][   T43] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  239.529707][   T43] mceusb 4-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  239.575810][   T43] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  239.612759][ T9050] loop0: detected capacity change from 0 to 512
[  239.624269][   T43] usb 4-1: USB disconnect, device number 6
[  239.725584][ T9050] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  239.738872][ T9052] netlink: 92 bytes leftover after parsing attributes in process `syz.2.1076'.
[  239.797918][ T9050] EXT4-fs (loop0): 1 truncate cleaned up
[  239.817743][ T9050] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  240.070513][ T7624] EXT4-fs error (device loop0): ext4_readdir:264: inode #11: block 18: comm syz-executor: path /83/file0/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=26022, size=1024 fake=0
[  240.109262][ T7624] EXT4-fs error (device loop0): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /83/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  240.147834][ T7624] EXT4-fs error (device loop0): ext4_empty_dir:3122: inode #11: block 18: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=4096, inode=0, rec_len=26022, size=1024 fake=0
[  240.180686][ T7624] EXT4-fs error (device loop0): ext4_readdir:264: inode #11: block 18: comm syz-executor: path /83/file0/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=26022, size=1024 fake=0
[  240.240355][ T7624] EXT4-fs error (device loop0): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /83/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  240.272710][ T7624] EXT4-fs error (device loop0): ext4_empty_dir:3122: inode #11: block 18: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=4096, inode=0, rec_len=26022, size=1024 fake=0
[  240.308918][ T7624] EXT4-fs error (device loop0): ext4_readdir:264: inode #11: block 18: comm syz-executor: path /83/file0/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=26022, size=1024 fake=0
[  240.330739][ T9065] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  240.368603][ T7624] EXT4-fs error (device loop0): ext4_readdir:264: inode #11: block 54: comm syz-executor: path /83/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  240.416650][ T7624] EXT4-fs error (device loop0): ext4_empty_dir:3122: inode #11: block 18: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=4096, inode=0, rec_len=26022, size=1024 fake=0
[  240.471531][ T7624] EXT4-fs error (device loop0): ext4_readdir:264: inode #11: block 18: comm syz-executor: path /83/file0/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=26022, size=1024 fake=0
[  240.937129][ T9063] loop2: detected capacity change from 0 to 32768
[  240.964672][ T9063] 
[  240.964672][ T9063]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  240.964672][ T9063] 
[  241.065204][ T9063] 
[  241.065204][ T9063]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  241.065204][ T9063] 
[  241.095242][ T9063] 
[  241.095242][ T9063]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  241.095242][ T9063] 
[  241.146883][ T9063] 
[  241.146883][ T9063]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  241.146883][ T9063] 
[  241.178132][ T9063] 
[  241.178132][ T9063]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  241.178132][ T9063] 
[  241.209220][ T9063] 
[  241.209220][ T9063]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  241.209220][ T9063] 
[  241.228624][ T9063] 
[  241.228624][ T9063]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  241.228624][ T9063] 
[  241.264057][  T113] 
[  241.264057][  T113]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  241.264057][  T113] 
[  241.358280][ T3013] 
[  241.358280][ T3013]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  241.358280][ T3013] 
[  241.389536][ T3013] 
[  241.389536][ T3013]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  241.389536][ T3013] 
[  241.409934][ T5866] 
[  241.409934][ T5866]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  241.409934][ T5866] 
[  241.458446][  T112] 
[  241.458446][  T112]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  241.458446][  T112] 
[  241.483329][ T5866] 
[  241.483329][ T5866]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  241.483329][ T5866] 
[  241.487597][ T7624] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.609004][ T3025] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.826948][ T3025] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.863298][ T9087] loop1: detected capacity change from 0 to 4096
[  241.927650][ T9087] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512).
[  242.016979][ T3025] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.114386][ T9089] loop2: detected capacity change from 0 to 4096
[  242.186933][ T3025] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.261980][ T9092] netlink: 'syz.4.1095': attribute type 1 has an invalid length.
[  242.274714][ T9092] netlink: 'syz.4.1095': attribute type 2 has an invalid length.
[  242.551919][ T3025] bridge_slave_1: left allmulticast mode
[  242.558000][ T3025] bridge_slave_1: left promiscuous mode
[  242.564781][ T3025] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.641007][ T3025] bridge_slave_0: left allmulticast mode
[  242.667441][ T3025] bridge_slave_0: left promiscuous mode
[  242.667711][ T3025] bridge0: port 1(bridge_slave_0) entered disabled state
[  242.724349][   T43] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  242.915355][   T43] usb 5-1: Using ep0 maxpacket: 32
[  242.923705][   T43] usb 5-1: config 0 interface 0 has no altsetting 0
[  242.935495][   T43] usb 5-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  242.964559][   T43] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  242.975448][ T5871] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  242.989422][ T5871] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  242.996151][ T5871] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  243.022408][   T43] usb 5-1: Product: syz
[  243.022466][ T5871] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  243.046875][   T43] usb 5-1: Manufacturer: syz
[  243.046924][ T5871] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  243.051590][   T43] usb 5-1: SerialNumber: syz
[  243.093098][   T43] usb 5-1: config 0 descriptor??
[  243.256292][   T30] audit: type=1326 audit(1754647286.415:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9114 comm="syz.3.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18fff8ebe9 code=0x7ffc0000
[  243.312856][   T30] audit: type=1326 audit(1754647286.435:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9114 comm="syz.3.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f18fff8ebe9 code=0x7ffc0000
[  243.363014][   T30] audit: type=1326 audit(1754647286.435:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9114 comm="syz.3.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18fff8ebe9 code=0x7ffc0000
[  243.392258][   T30] audit: type=1326 audit(1754647286.435:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9114 comm="syz.3.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18fff8ebe9 code=0x7ffc0000
[  243.474674][   T30] audit: type=1326 audit(1754647286.435:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9114 comm="syz.3.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f18fff8ebe9 code=0x7ffc0000
[  243.520494][   T30] audit: type=1326 audit(1754647286.435:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9114 comm="syz.3.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18fff8ebe9 code=0x7ffc0000
[  243.552380][   T30] audit: type=1326 audit(1754647286.445:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9114 comm="syz.3.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18fff8ebe9 code=0x7ffc0000
[  243.575093][   T43] gs_usb 5-1:0.0: Configuring for 1 interfaces
[  243.587880][   T30] audit: type=1326 audit(1754647286.445:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9114 comm="syz.3.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f18fff8ebe9 code=0x7ffc0000
[  243.615480][   T30] audit: type=1326 audit(1754647286.445:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9114 comm="syz.3.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18fff8ebe9 code=0x7ffc0000
[  243.639740][   T30] audit: type=1326 audit(1754647286.445:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9114 comm="syz.3.1106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f18fff8ebe9 code=0x7ffc0000
[  243.977295][   T43] gs_usb 5-1:0.0: Couldn't get extended bit timing const for channel 0 (-EPROTO)
[  244.002899][   T43] gs_usb 5-1:0.0: probe with driver gs_usb failed with error -71
[  244.029822][   T43] usb 5-1: USB disconnect, device number 5
[  244.175005][ T9124] loop1: detected capacity change from 0 to 32768
[  244.258638][ T9124] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  244.295731][ T3025] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  244.327100][ T3025] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  244.342311][ T9124] (syz.1.1109,9124,0):ocfs2_verify_group_and_input:433 ERROR: the add group should be in chain 1
[  244.345771][ T3025] bond0 (unregistering): Released all slaves
[  244.374618][ T9124] (syz.1.1109,9124,0):ocfs2_group_add:511 ERROR: status = -22
[  244.385982][ T9140] loop2: detected capacity change from 0 to 2048
[  244.427980][ T9140] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  244.558453][ T5879] ocfs2: Unmounting device (7,1) on (node local)
[  244.650358][ T9144] loop4: detected capacity change from 0 to 512
[  244.720065][ T9144] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.1119: casefold flag without casefold feature
[  244.762892][ T9144] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1119: couldn't read orphan inode 15 (err -117)
[  244.818666][ T9144] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  244.967000][ T5873] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.993150][ T5994] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  245.087302][ T3025] hsr_slave_0: left promiscuous mode
[  245.105179][ T3025] hsr_slave_1: left promiscuous mode
[  245.112140][ T9162] loop1: detected capacity change from 0 to 128
[  245.127783][ T3025] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  245.135908][ T5871] Bluetooth: hci0: command tx timeout
[  245.139443][ T3025] batman_adv: batadv0: Removing interface: batadv_slave_0
[  245.153833][ T5994] usb 3-1: Using ep0 maxpacket: 8
[  245.162725][ T3025] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  245.172450][ T9162] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  245.188867][ T3025] batman_adv: batadv0: Removing interface: batadv_slave_1
[  245.203940][ T9162] ext4 filesystem being mounted at /231/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  245.218372][ T5994] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  245.260700][ T3025] veth1_macvtap: left promiscuous mode
[  245.266299][ T5994] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  245.274459][ T3025] veth0_macvtap: left promiscuous mode
[  245.280133][ T3025] veth1_vlan: left promiscuous mode
[  245.285414][ T5994] usb 3-1: Product: syz
[  245.289599][ T5994] usb 3-1: Manufacturer: syz
[  245.294415][ T3025] veth0_vlan: left promiscuous mode
[  245.300352][ T5994] usb 3-1: SerialNumber: syz
[  245.308062][ T5994] usb 3-1: config 0 descriptor??
[  245.372063][ T5879] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  245.405950][ T9168] loop4: detected capacity change from 0 to 2048
[  245.451988][ T9168] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  245.526952][ T5994] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  246.152805][ T5994] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  246.178016][ T5994] usb 3-1: USB disconnect, device number 9
[  246.217022][ T9170] loop1: detected capacity change from 0 to 32768
[  246.293053][ T9170] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  246.341877][ T9170] XFS (loop1): Ending clean mount
[  246.367024][ T9170] XFS (loop1): Quotacheck needed: Please wait.
[  246.441864][ T9170] XFS (loop1): Quotacheck: Done.
[  246.515626][ T5879] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  246.725070][ T3025] team0 (unregistering): Port device team_slave_1 removed
[  246.843050][ T3025] team0 (unregistering): Port device team_slave_0 removed
[  247.207881][ T5871] Bluetooth: hci0: command tx timeout
[  247.741815][ T9106] chnl_net:caif_netlink_parms(): no params data found
[  247.900353][ T9216] kvm: kvm [9214]: vcpu0, guest rIP: 0xfff0 Unhandled RDMSR(0x4000005d)
[  248.123223][ T9106] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.147905][ T9106] bridge0: port 1(bridge_slave_0) entered disabled state
[  248.156116][ T9106] bridge_slave_0: entered allmulticast mode
[  248.171799][ T9106] bridge_slave_0: entered promiscuous mode
[  248.193841][ T9228] tipc: Started in network mode
[  248.198846][ T9228] tipc: Node identity ff, cluster identity 4711
[  248.216826][ T9228] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  248.237406][ T9106] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.259082][ T9106] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.295095][ T9106] bridge_slave_1: entered allmulticast mode
[  248.316166][ T9106] bridge_slave_1: entered promiscuous mode
[  248.557529][ T9106] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  248.567122][ T9244] loop1: detected capacity change from 0 to 256
[  248.582885][ T9246] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1158'.
[  248.586843][ T9106] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  248.773011][ T9106] team0: Port device team_slave_0 added
[  248.791995][ T9106] team0: Port device team_slave_1 added
[  248.933295][ T9106] batman_adv: batadv0: Adding interface: batadv_slave_0
[  248.955964][ T5993] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  248.974324][ T9106] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  249.034082][ T9106] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  249.046840][ T9236] loop4: detected capacity change from 0 to 32768
[  249.065498][ T9106] batman_adv: batadv0: Adding interface: batadv_slave_1
[  249.080128][ T9106] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  249.112578][ T9106] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  249.125834][ T9236] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  249.169468][ T5993] usb 2-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[  249.188588][ T5993] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  249.193808][ T9236] XFS (loop4): Ending clean mount
[  249.219019][ T5993] usb 2-1: Product: syz
[  249.223733][ T9266] netlink: 'syz.2.1164': attribute type 3 has an invalid length.
[  249.235809][ T9236] XFS (loop4): Quotacheck needed: Please wait.
[  249.237224][ T5993] usb 2-1: Manufacturer: syz
[  249.259723][ T5993] usb 2-1: SerialNumber: syz
[  249.281073][ T5871] Bluetooth: hci0: command tx timeout
[  249.307332][ T5993] usb 2-1: config 0 descriptor??
[  249.311468][ T9236] XFS (loop4): Quotacheck: Done.
[  249.336869][ T9106] hsr_slave_0: entered promiscuous mode
[  249.350159][ T9106] hsr_slave_1: entered promiscuous mode
[  249.357578][ T9106] debugfs: 'hsr0' already exists in 'hsr'
[  249.363961][ T9106] Cannot create hsr debugfs directory
[  249.451187][ T5873] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  249.536408][ T5993] cx82310_eth 2-1:0.0: probe with driver cx82310_eth failed with error -22
[  249.865255][ T9275] loop4: detected capacity change from 0 to 64
[  249.951514][ T5993] cxacru 2-1:0.0: usbatm_usb_probe: bind failed: -19!
[  249.978070][ T9106] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  250.007642][ T9106] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  250.036313][ T9106] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  250.072377][ T9106] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  250.180056][ T5994] usb 2-1: USB disconnect, device number 11
[  250.263534][ T9291] loop2: detected capacity change from 0 to 2048
[  250.299540][ T9292] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  250.317852][ T9106] 8021q: adding VLAN 0 to HW filter on device bond0
[  250.379096][ T9106] 8021q: adding VLAN 0 to HW filter on device team0
[  250.399664][ T3013] bridge0: port 1(bridge_slave_0) entered blocking state
[  250.406886][ T3013] bridge0: port 1(bridge_slave_0) entered forwarding state
[  250.453094][ T3013] bridge0: port 2(bridge_slave_1) entered blocking state
[  250.460416][ T3013] bridge0: port 2(bridge_slave_1) entered forwarding state
[  250.930502][ T3013] kworker/u8:9: attempt to access beyond end of device
[  250.930502][ T3013] loop4: rw=1, sector=233, nr_sectors = 1 limit=64
[  250.972020][ T3013] Buffer I/O error on dev loop4, logical block 233, lost async page write
[  251.016063][ T3013] kworker/u8:9: attempt to access beyond end of device
[  251.016063][ T3013] loop4: rw=1, sector=235, nr_sectors = 1 limit=64
[  251.055254][ T3013] Buffer I/O error on dev loop4, logical block 235, lost async page write
[  251.076421][ T3013] kworker/u8:9: attempt to access beyond end of device
[  251.076421][ T3013] loop4: rw=1, sector=236, nr_sectors = 1 limit=64
[  251.113030][ T3013] Buffer I/O error on dev loop4, logical block 236, lost async page write
[  251.135907][ T3013] kworker/u8:9: attempt to access beyond end of device
[  251.135907][ T3013] loop4: rw=1, sector=237, nr_sectors = 1 limit=64
[  251.175963][ T3013] Buffer I/O error on dev loop4, logical block 237, lost async page write
[  251.203877][ T3013] kworker/u8:9: attempt to access beyond end of device
[  251.203877][ T3013] loop4: rw=1, sector=238, nr_sectors = 1 limit=64
[  251.226713][ T3013] Buffer I/O error on dev loop4, logical block 238, lost async page write
[  251.238325][ T3013] kworker/u8:9: attempt to access beyond end of device
[  251.238325][ T3013] loop4: rw=1, sector=239, nr_sectors = 1 limit=64
[  251.289863][ T3013] Buffer I/O error on dev loop4, logical block 239, lost async page write
[  251.373138][ T5871] Bluetooth: hci0: command tx timeout
[  251.380263][ T3013] kworker/u8:9: attempt to access beyond end of device
[  251.380263][ T3013] loop4: rw=1, sector=240, nr_sectors = 1 limit=64
[  251.384409][ T9106] 8021q: adding VLAN 0 to HW filter on device batadv0
[  251.396466][ T3013] Buffer I/O error on dev loop4, logical block 240, lost async page write
[  251.410628][ T3013] kworker/u8:9: attempt to access beyond end of device
[  251.410628][ T3013] loop4: rw=1, sector=241, nr_sectors = 1 limit=64
[  251.425390][ T3013] Buffer I/O error on dev loop4, logical block 241, lost async page write
[  251.445367][ T3013] kworker/u8:9: attempt to access beyond end of device
[  251.445367][ T3013] loop4: rw=1, sector=242, nr_sectors = 3928 limit=64
[  251.462045][ T3013] kworker/u8:9: attempt to access beyond end of device
[  251.462045][ T3013] loop4: rw=1, sector=4170, nr_sectors = 1 limit=64
[  251.499992][ T3013] Buffer I/O error on dev loop4, logical block 4170, lost async page write
[  251.537675][ T3013] Buffer I/O error on dev loop4, logical block 4172, lost async page write
[  252.346648][ T9106] veth0_vlan: entered promiscuous mode
[  252.383338][ T9106] veth1_vlan: entered promiscuous mode
[  252.496480][ T9106] veth0_macvtap: entered promiscuous mode
[  252.527672][ T9106] veth1_macvtap: entered promiscuous mode
[  252.603527][ T9106] batman_adv: batadv0: Interface activated: batadv_slave_0
[  252.655641][ T9106] batman_adv: batadv0: Interface activated: batadv_slave_1
[  252.725528][   T61] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  252.760515][   T61] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  252.813126][   T61] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  252.838586][   T61] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  253.010018][ T3013] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  253.027375][ T9339] loop4: detected capacity change from 0 to 32768
[  253.034429][ T3013] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  253.047686][ T9339] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1178 (9339)
[  253.084061][ T9339] BTRFS info (device loop4): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  253.125927][ T9339] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  253.146850][ T9339] BTRFS info (device loop4): disk space caching is enabled
[  253.176994][ T9339] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  253.195023][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  253.220078][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  253.272255][ T9337] loop1: detected capacity change from 0 to 40427
[  253.327901][ T9337] F2FS-fs (loop1): Invalid log sectors per block(0) log sectorsize(9)
[  253.328043][ T9339] BTRFS info (device loop4): rebuilding free space tree
[  253.354610][ T9337] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  253.402023][ T9337] F2FS-fs (loop1): invalid crc value
[  253.474108][ T9339] BTRFS info (device loop4): disabling free space tree
[  253.528976][ T9339] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  253.538688][ T9339] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  253.693271][ T9337] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  253.721742][ T9337] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  253.743192][ T9337] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  253.765249][ T5873] BTRFS info (device loop4): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  253.846909][   T30] audit: type=1800 audit(1754647297.000:73): pid=9337 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1190" name="file1" dev="loop1" ino=10 res=0 errno=0
[  253.931373][   T30] audit: type=1800 audit(1754647297.030:74): pid=9337 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1190" name="file1" dev="loop1" ino=10 res=0 errno=0
[  254.061009][ T5879] CPU: 0 UID: 0 PID: 5879 Comm: syz-executor Not tainted 6.16.0-next-20250808-syzkaller #0 PREEMPT(full) 
[  254.061043][ T5879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  254.061056][ T5879] Call Trace:
[  254.061065][ T5879]  <TASK>
[  254.061074][ T5879]  dump_stack_lvl+0x189/0x250
[  254.061121][ T5879]  ? __pfx_dump_stack_lvl+0x10/0x10
[  254.061146][ T5879]  ? __pfx_queue_work_on+0x10/0x10
[  254.061166][ T5879]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  254.061193][ T5879]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  254.061231][ T5879]  f2fs_handle_critical_error+0x37c/0x540
[  254.061268][ T5879]  f2fs_write_end_io+0x886/0xb60
[  254.061307][ T5879]  __submit_merged_bio+0x27a/0x6a0
[  254.061342][ T5879]  __submit_merged_write_cond+0x255/0x530
[  254.061378][ T5879]  f2fs_write_data_pages+0x261d/0x3000
[  254.061408][ T5879]  ? __lock_acquire+0xab9/0xd20
[  254.061471][ T5879]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  254.061546][ T5879]  ? __pfx_stack_trace_save+0x10/0x10
[  254.061592][ T5879]  ? kthread_stop+0x194/0x5c0
[  254.061613][ T5879]  ? kill_f2fs_super+0x137/0x6c0
[  254.061630][ T5879]  ? deactivate_locked_super+0xb9/0x130
[  254.061665][ T5879]  ? __lock_acquire+0xab9/0xd20
[  254.061711][ T5879]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  254.061743][ T5879]  do_writepages+0x32b/0x550
[  254.061783][ T5879]  ? do_raw_spin_unlock+0x122/0x240
[  254.061813][ T5879]  filemap_fdatawrite+0x199/0x240
[  254.061842][ T5879]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  254.061948][ T5879]  ? do_raw_spin_unlock+0x122/0x240
[  254.061980][ T5879]  f2fs_sync_dirty_inodes+0x31f/0x830
[  254.062019][ T5879]  f2fs_write_checkpoint+0x95a/0x1df0
[  254.062068][ T5879]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  254.062144][ T5879]  ? kill_f2fs_super+0x298/0x6c0
[  254.062171][ T5879]  kill_f2fs_super+0x2c3/0x6c0
[  254.062200][ T5879]  ? __pfx_kill_f2fs_super+0x10/0x10
[  254.062219][ T5879]  ? radix_tree_delete_item+0x2b6/0x400
[  254.062255][ T5879]  ? shrinker_free+0x2ce/0x3e0
[  254.062282][ T5879]  deactivate_locked_super+0xb9/0x130
[  254.062310][ T5879]  cleanup_mnt+0x425/0x4c0
[  254.062335][ T5879]  ? lockdep_hardirqs_on+0x9c/0x150
[  254.062367][ T5879]  task_work_run+0x1d1/0x260
[  254.062399][ T5879]  ? __pfx_task_work_run+0x10/0x10
[  254.062425][ T5879]  ? __x64_sys_umount+0x122/0x160
[  254.062461][ T5879]  ? exit_to_user_mode_loop+0x40/0x110
[  254.062498][ T5879]  exit_to_user_mode_loop+0xec/0x110
[  254.062529][ T5879]  do_syscall_64+0x2bd/0x3b0
[  254.062559][ T5879]  ? lockdep_hardirqs_on+0x9c/0x150
[  254.062588][ T5879]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.062609][ T5879]  ? clear_bhb_loop+0x60/0xb0
[  254.062636][ T5879]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.062657][ T5879] RIP: 0033:0x7f2f5458ff17
[  254.062676][ T5879] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  254.062694][ T5879] RSP: 002b:00007ffe5965fbf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  254.062718][ T5879] RAX: 0000000000000000 RBX: 00007f2f54611c05 RCX: 00007f2f5458ff17
[  254.062733][ T5879] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe5965fcb0
[  254.062746][ T5879] RBP: 00007ffe5965fcb0 R08: 0000000000000000 R09: 0000000000000000
[  254.062759][ T5879] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe59660d40
[  254.062773][ T5879] R13: 00007f2f54611c05 R14: 000000000003dfc2 R15: 00007ffe59660d80
[  254.062808][ T5879]  </TASK>
[  254.062817][ T5879] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  254.577568][ T9397] bridge0: port 3(veth0_to_bridge) entered blocking state
[  254.592994][ T9397] bridge0: port 3(veth0_to_bridge) entered disabled state
[  254.600378][ T9397] veth0_to_bridge: entered allmulticast mode
[  254.608317][ T9397] veth0_to_bridge: entered promiscuous mode
[  254.614443][ T9397] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  254.678803][ T9397] bridge0: port 3(veth0_to_bridge) entered blocking state
[  254.686316][ T9397] bridge0: port 3(veth0_to_bridge) entered forwarding state
[  255.123976][ T9412] ipvlan2: entered allmulticast mode
[  255.142623][ T9412] syz_tun: entered allmulticast mode
[  255.358637][ T9395] loop5: detected capacity change from 0 to 32768
[  255.410907][ T9395] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  255.548769][ T9395] XFS (loop5): Ending clean mount
[  255.561326][ T9395] XFS (loop5): Quotacheck needed: Please wait.
[  255.661080][ T9395] XFS (loop5): Quotacheck: Done.
[  255.758404][ T9395] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  255.768990][ T5950] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  255.907954][ T9434] netlink: 'syz.4.1222': attribute type 21 has an invalid length.
[  255.915864][ T9434] netlink: 'syz.4.1222': attribute type 6 has an invalid length.
[  255.952904][ T9434] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1222'.
[  255.979263][ T5950] usb 3-1: config 0 has an invalid interface number: 255 but max is 0
[  256.008270][ T5950] usb 3-1: config 0 has no interface number 0
[  256.015664][ T5950] usb 3-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30
[  256.047433][ T5950] usb 3-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  256.097685][ T5950] usb 3-1: config 0 interface 255 has no altsetting 0
[  256.133036][ T5950] usb 3-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b
[  256.147532][ T5950] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.205874][ T5950] usb 3-1: config 0 descriptor??
[  256.215161][ T5950] ums-realtek 3-1:0.255: USB Mass Storage device detected
[  256.434389][ T5984] usb 3-1: USB disconnect, device number 10
[  256.784663][ T9464] hugetlbfs: syz.5.1236 (9464): Using mlock ulimits for SHM_HUGETLB is obsolete
[  256.955339][ T5950] kernel write not supported for file /sequencer (pid: 5950 comm: kworker/0:5)
[  257.407554][ T9477] Bluetooth: MGMT ver 1.23
[  259.008531][ T9462] loop1: detected capacity change from 0 to 262144
[  259.035127][ T9462] F2FS-fs (loop1): invalid crc value
[  259.127191][ T9462] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  259.137883][ T9462] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  259.354272][ T9519] loop5: detected capacity change from 0 to 1024
[  259.607688][ T3025] hfsplus: b-tree write err: -5, ino 4
[  259.635667][   T30] audit: type=1804 audit(1754647302.793:75): pid=9523 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1261" name="/newroot/264/bus" dev="tmpfs" ino=1396 res=1 errno=0
[  260.115592][ T5870] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  260.316027][ T5870] usb 5-1: Using ep0 maxpacket: 32
[  260.325660][ T5870] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  260.344428][ T5870] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  260.371199][ T5870] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  260.389857][ T5870] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  260.412963][ T5870] usb 5-1: config 0 descriptor??
[  260.430046][ T5870] hub 5-1:0.0: USB hub found
[  260.550724][ T3013] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  260.641575][ T5870] hub 5-1:0.0: config failed, can't read hub descriptor (err -90)
[  260.772255][ T3013] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.053628][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  261.064849][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  261.084848][ T3013] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.126060][ T5870] hid-generic 0003:046D:C31C.0007: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.4-1/input0
[  261.144613][ T9539] loop2: detected capacity change from 0 to 1024
[  261.235931][ T3013] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.248137][ T9539] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  261.295718][ T9539] ext4 filesystem being mounted at /272/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  261.375186][ T5870] usb 5-1: USB disconnect, device number 6
[  261.509712][ T5866] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.652421][ T5886] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  261.663361][ T5886] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  261.671652][ T5886] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  261.681026][ T5886] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  261.688792][ T5886] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  261.733538][ T3013] bridge_slave_1: left allmulticast mode
[  261.758630][ T3013] bridge_slave_1: left promiscuous mode
[  261.764471][ T3013] bridge0: port 2(bridge_slave_1) entered disabled state
[  261.804273][ T3013] bridge_slave_0: left allmulticast mode
[  261.823218][ T3013] bridge_slave_0: left promiscuous mode
[  261.864153][ T3013] bridge0: port 1(bridge_slave_0) entered disabled state
[  262.014722][ T5993] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  262.134408][ T5871] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  262.146504][ T5871] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  262.156034][ T5871] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  262.167585][ T5871] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  262.168488][ T5993] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  262.175793][ T5871] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  262.225560][ T5993] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  262.238457][ T5993] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  262.252364][ T5993] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  262.273550][ T5993] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  262.283039][ T5993] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  262.304607][ T5993] usb 3-1: config 0 descriptor??
[  262.310433][ T9547] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  262.808710][ T5993] plantronics 0003:047F:FFFF.0008: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  262.981152][ T5993] usb 3-1: USB disconnect, device number 11
[  263.042820][ T3013] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  263.082764][ T3013] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  263.111302][ T3013] bond0 (unregistering): Released all slaves
[  263.385543][ T9561] loop4: detected capacity change from 0 to 32768
[  263.432875][ T9561] XFS (loop4): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  263.520166][ T9565] loop1: detected capacity change from 0 to 32768
[  263.530968][ T9561] XFS (loop4): Ending clean mount
[  263.574091][ T9565] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1279 (9565)
[  263.630228][ T9565] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  263.646109][ T5873] XFS (loop4): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  263.658976][ T9565] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  263.674557][ T9565] BTRFS info (device loop1): disk space caching is enabled
[  263.727207][ T9565] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  263.754428][ T5886] Bluetooth: hci0: command tx timeout
[  264.018184][ T9595] loop4: detected capacity change from 0 to 1024
[  264.024713][ T9565] BTRFS info (device loop1): rebuilding free space tree
[  264.033242][ T9595] EXT4-fs: Ignoring removed oldalloc option
[  264.050919][ T9565] BTRFS info (device loop1): disabling free space tree
[  264.059438][ T9595] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  264.091717][ T9565] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  264.112480][ T9565] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  264.132874][ T9595] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  264.146109][ T3013] hsr_slave_0: left promiscuous mode
[  264.157543][ T3013] hsr_slave_1: left promiscuous mode
[  264.181854][ T3013] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  264.207524][ T3013] batman_adv: batadv0: Removing interface: batadv_slave_0
[  264.231091][ T3013] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  264.240282][ T5886] Bluetooth: hci2: command tx timeout
[  264.247265][ T9577] loop2: detected capacity change from 0 to 32768
[  264.260839][ T3013] batman_adv: batadv0: Removing interface: batadv_slave_1
[  264.261983][ T5873] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.319335][ T3013] veth1_macvtap: left promiscuous mode
[  264.322579][ T5879] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  264.326738][ T3013] veth0_macvtap: left promiscuous mode
[  264.365794][ T3013] veth1_vlan: left promiscuous mode
[  264.371564][ T3013] veth0_vlan: left promiscuous mode
[  264.812780][ T9602] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  264.989302][ T9608] loop1: detected capacity change from 0 to 512
[  265.003571][ T9608] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  265.094588][ T9608] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF
[  265.840661][ T5886] Bluetooth: hci0: command tx timeout
[  266.265824][ T3013] team0 (unregistering): Port device team_slave_1 removed
[  266.317161][ T5886] Bluetooth: hci2: command tx timeout
[  266.330301][ T3013] team0 (unregistering): Port device team_slave_0 removed
[  266.665716][ T9618] loop1: detected capacity change from 0 to 32768
[  266.673169][ T9618] XFS: ikeep mount option is deprecated.
[  266.695090][ T9618] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  266.744044][ T9618] XFS (loop1): Ending clean mount
[  266.839336][ T5879] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  267.248096][ T9552] chnl_net:caif_netlink_parms(): no params data found
[  267.275393][ T5984] kernel write not supported for file /amidi2 (pid: 5984 comm: kworker/1:4)
[  267.486222][ T9544] chnl_net:caif_netlink_parms(): no params data found
[  267.819223][ T9552] bridge0: port 1(bridge_slave_0) entered blocking state
[  267.830143][ T9552] bridge0: port 1(bridge_slave_0) entered disabled state
[  267.857363][ T9552] bridge_slave_0: entered allmulticast mode
[  267.879632][ T9552] bridge_slave_0: entered promiscuous mode
[  267.918578][ T9552] bridge0: port 2(bridge_slave_1) entered blocking state
[  267.921809][ T5886] Bluetooth: hci0: command tx timeout
[  267.931494][ T9552] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.946384][ T9552] bridge_slave_1: entered allmulticast mode
[  267.954480][ T9552] bridge_slave_1: entered promiscuous mode
[  268.017919][ T9641] loop1: detected capacity change from 0 to 32768
[  268.039967][ T9641] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  268.090552][ T9641] XFS (loop1): Ending clean mount
[  268.160877][ T9552] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  268.187327][ T9544] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.208113][ T9544] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.209879][ T5879] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  268.218678][ T9544] bridge_slave_0: entered allmulticast mode
[  268.261720][ T9544] bridge_slave_0: entered promiscuous mode
[  268.291166][ T9544] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.292002][   T43] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  268.316836][ T9544] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.337127][ T9544] bridge_slave_1: entered allmulticast mode
[  268.348916][ T9544] bridge_slave_1: entered promiscuous mode
[  268.373195][ T9552] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  268.392183][ T5886] Bluetooth: hci2: command tx timeout
[  268.477555][ T9671] loop1: detected capacity change from 0 to 256
[  268.488352][ T9671] exfat: Deprecated parameter 'utf8'
[  268.488866][   T43] usb 5-1: unable to get BOS descriptor or descriptor too short
[  268.532377][   T43] usb 5-1: unable to read config index 0 descriptor/start: -71
[  268.537975][ T9671] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  268.540114][   T43] usb 5-1: can't read configurations, error -71
[  268.667937][ T9544] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  268.706165][ T9544] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  268.779799][ T9552] team0: Port device team_slave_0 added
[  268.854777][ T3013] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.884032][ T9669] loop2: detected capacity change from 0 to 32768
[  268.896077][ T9669] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1304 (9669)
[  268.926852][ T9669] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  268.927205][ T9552] team0: Port device team_slave_1 added
[  268.943899][ T9669] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  268.954940][ T9544] team0: Port device team_slave_0 added
[  268.956386][ T9669] BTRFS info (device loop2): using free-space-tree
[  269.029914][ T9544] team0: Port device team_slave_1 added
[  269.091239][ T9552] batman_adv: batadv0: Adding interface: batadv_slave_0
[  269.118122][ T9552] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  269.155344][ T9552] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  269.323234][ T5866] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  269.511291][ T3013] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.546739][ T9686] loop1: detected capacity change from 0 to 32768
[  269.587351][ T9552] batman_adv: batadv0: Adding interface: batadv_slave_1
[  269.606960][ T9686] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[  269.611109][ T9552] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  269.697978][ T9552] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  269.698409][ T9686] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  269.738879][ T9544] batman_adv: batadv0: Adding interface: batadv_slave_0
[  269.749381][ T9544] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  269.775348][    C1] vkms_vblank_simulate: vblank timer overrun
[  269.782863][ T9544] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  269.795847][ T9544] batman_adv: batadv0: Adding interface: batadv_slave_1
[  269.810706][ T9544] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  269.836647][    C1] vkms_vblank_simulate: vblank timer overrun
[  269.866770][ T9544] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  269.883393][ T5879] ocfs2: Unmounting device (7,1) on (node local)
[  269.900857][ T9705] loop2: detected capacity change from 0 to 24
[  269.908134][ T9705] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  269.941958][ T3013] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.951712][ T9705] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  269.989181][ T9704] bridge_slave_0: default FDB implementation only supports local addresses
[  270.008824][ T5886] Bluetooth: hci0: command tx timeout
[  270.176507][ T3013] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.279709][ T9713] loop2: detected capacity change from 0 to 1024
[  270.288249][ T9707] netlink: 'syz.1.1314': attribute type 2 has an invalid length.
[  270.296373][ T9707] netlink: 'syz.1.1314': attribute type 1 has an invalid length.
[  270.440240][ T9552] hsr_slave_0: entered promiscuous mode
[  270.459573][ T9552] hsr_slave_1: entered promiscuous mode
[  270.471039][ T5886] Bluetooth: hci2: command tx timeout
[  270.478221][ T9552] debugfs: 'hsr0' already exists in 'hsr'
[  270.486839][ T9552] Cannot create hsr debugfs directory
[  270.526622][ T9544] hsr_slave_0: entered promiscuous mode
[  270.573070][ T9544] hsr_slave_1: entered promiscuous mode
[  270.579553][ T9544] debugfs: 'hsr0' already exists in 'hsr'
[  270.599688][ T9544] Cannot create hsr debugfs directory
[  270.618674][ T9719] loop1: detected capacity change from 0 to 128
[  270.644185][ T9719] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  270.661757][ T9711] loop4: detected capacity change from 0 to 32768
[  270.682942][ T9717] loop2: detected capacity change from 0 to 4096
[  270.706901][ T9711] (syz.4.1317,9711,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  270.740995][ T9719] UDF-fs: error (device loop1): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  270.762393][ T9711] (syz.4.1317,9711,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  270.778176][ T9720] UDF-fs: error (device loop1): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  270.848459][ T9711] JBD2: Ignoring recovery information on journal
[  270.947401][ T9711] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  271.091044][ T5873] ocfs2: Unmounting device (7,4) on (node local)
[  271.160661][ T5950] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  271.273738][ T3013] veth0_to_bridge: left allmulticast mode
[  271.279528][ T3013] veth0_to_bridge: left promiscuous mode
[  271.295721][ T3013] bridge0: port 3(veth0_to_bridge) entered disabled state
[  271.318530][ T3013] bridge_slave_1: left allmulticast mode
[  271.324529][ T5950] usb 2-1: Using ep0 maxpacket: 16
[  271.326415][ T9726] loop2: detected capacity change from 0 to 256
[  271.340377][ T3013] bridge_slave_1: left promiscuous mode
[  271.344603][ T9726] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  271.348039][ T5950] usb 2-1: config 0 has an invalid interface number: 68 but max is 0
[  271.370919][ T3013] bridge0: port 2(bridge_slave_1) entered disabled state
[  271.371344][ T9726] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  271.389084][ T5950] usb 2-1: config 0 has no interface number 0
[  271.400995][ T3013] bridge_slave_0: left allmulticast mode
[  271.406690][ T3013] bridge_slave_0: left promiscuous mode
[  271.408239][ T9726] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  271.416867][ T3013] bridge0: port 1(bridge_slave_0) entered disabled state
[  271.444483][ T5950] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=dc.c4
[  271.453621][   T43] hid-generic 0005:0004:A9D3.0009: unknown main item tag 0x0
[  271.453700][   T43] hid-generic 0005:0004:A9D3.0009: unknown main item tag 0x0
[  271.469311][ T5950] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  271.479635][ T5950] usb 2-1: Product: syz
[  271.500040][   T43] hid-generic 0005:0004:A9D3.0009: unknown main item tag 0x0
[  271.506026][ T5950] usb 2-1: Manufacturer: syz
[  271.509205][ T9728] loop4: detected capacity change from 0 to 512
[  271.514749][ T5950] usb 2-1: SerialNumber: syz
[  271.550631][   T43] hid-generic 0005:0004:A9D3.0009: hidraw0: BLUETOOTH HID v0.00 Device [syz0] on syz1
[  271.558074][ T5950] usb 2-1: config 0 descriptor??
[  271.567699][ T9728] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  271.584261][ T9728] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  271.652208][ T5950] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  271.686345][ T9728] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended
[  271.705342][ T9728] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  271.716943][ T9728] System zones: 0-2, 18-18, 34-34
[  271.759094][ T9728] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.1322: iget: bad i_size value: 360287970189639680
[  271.805076][ T9728] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1322: couldn't read orphan inode 15 (err -117)
[  271.843817][ T5950] usb 2-1: USB disconnect, device number 12
[  271.848623][ T9728] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  271.857521][ T3025] usb 2-1: Failed to submit usb control message: -71
[  271.871779][ T3025] usb 2-1: unable to send the bmi data to the device: -71
[  271.878947][ T3025] usb 2-1: unable to get target info from device
[  271.885519][ T3025] usb 2-1: could not get target info (-71)
[  271.891791][ T3025] usb 2-1: could not probe fw (-71)
[  272.035729][ T5873] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.192515][ T9733] loop2: detected capacity change from 0 to 32768
[  272.204129][ T9733] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1324 (9733)
[  272.219292][ T9739] loop4: detected capacity change from 0 to 16
[  272.226893][ T9739] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  272.228986][ T9733] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  272.243941][ T9733] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  272.252897][ T9733] BTRFS info (device loop2): using free-space-tree
[  272.345732][ T9733] BTRFS info (device loop2): rebuilding free space tree
[  272.597036][ T3013] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  272.637452][ T3013] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  272.656764][ T3013] bond0 (unregistering): Released all slaves
[  272.665726][ T5866] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  272.822469][ T3013] tipc: Disabling bearer <udp:s>
[  272.841190][ T3013] tipc: Left network mode
[  273.300881][ T9759] loop4: detected capacity change from 0 to 32768
[  273.315650][ T9552] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  273.332373][ T9759] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  273.349319][ T9759] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  273.394552][ T9759] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms
[  273.415236][ T5993] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  273.424565][ T9552] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  273.437833][ T5993] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  273.445830][ T9552] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  273.466174][ T9552] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  273.594056][ T9773] loop1: detected capacity change from 0 to 512
[  273.602373][ T9773] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  273.641617][ T9773] EXT4-fs (loop1): 1 truncate cleaned up
[  273.652864][ T5993] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 215ms
[  273.653755][ T9773] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  273.679077][ T3013] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  273.687107][ T3013] batman_adv: batadv0: Removing interface: batadv_slave_0
[  273.687410][ T5993] gfs2: fsid=syz:syz.0: jid=0: Done
[  273.700356][ T9759] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  273.715019][ T3013] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  273.730500][ T3013] batman_adv: batadv0: Removing interface: batadv_slave_1
[  273.761500][ T5879] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  273.822770][ T3013] hsr0: left allmulticast mode
[  273.833043][ T3013] veth1_macvtap: left promiscuous mode
[  273.841442][ T9759] gfs2: fsid=syz:syz.0: found 1 quota changes
[  273.847735][ T3013] veth0_macvtap: left promiscuous mode
[  273.856231][ T3013] veth1_vlan: left promiscuous mode
[  273.861716][ T3013] veth0_vlan: left promiscuous mode
[  274.048687][ T9784] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1336'.
[  274.393441][ T9788] loop2: detected capacity change from 0 to 2048
[  274.408086][ T9788] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  274.448209][ T9789] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  274.618651][ T9789] NILFS (loop2): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  274.625343][ T9791] loop4: detected capacity change from 0 to 64
[  274.631645][ T9789] NILFS error (device loop2): nilfs_bmap_propagate: broken bmap (inode number=4)
[  274.663740][ T9789] Remounting filesystem read-only
[  274.671653][ T5866] NILFS (loop2): disposed unprocessed dirty file(s) when stopping log writer
[  274.773451][ T5873] hfs: node 4:3 still has 1 user(s)!
[  274.788590][ T9793] loop2: detected capacity change from 0 to 2048
[  274.856447][ T9793] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  274.883904][ T9793] ext4 filesystem being mounted at /294/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  275.039681][ T3013] team0 (unregistering): Port device team_slave_1 removed
[  275.053143][ T9793] overlayfs: failed to verify upper (/file0, ino=12, err=-28)
[  275.066121][ T9793] overlayfs: failed to verify index dir 'upper' xattr
[  275.074898][ T9793] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index.
[  275.139750][ T3013] team0 (unregistering): Port device team_slave_0 removed
[  275.159669][ T5866] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  275.182416][ T9801] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1342'.
[  275.810368][ T9544] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  275.882185][ T9544] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  275.961025][ T9544] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  276.018649][ T9544] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  276.322727][ T9552] 8021q: adding VLAN 0 to HW filter on device bond0
[  276.335411][ T9828] loop1: detected capacity change from 0 to 512
[  276.384516][ T9828] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  276.428940][ T9552] 8021q: adding VLAN 0 to HW filter on device team0
[  276.504391][   T61] bridge0: port 1(bridge_slave_0) entered blocking state
[  276.511596][   T61] bridge0: port 1(bridge_slave_0) entered forwarding state
[  276.566815][   T61] bridge0: port 2(bridge_slave_1) entered blocking state
[  276.574093][   T61] bridge0: port 2(bridge_slave_1) entered forwarding state
[  276.644651][ T9544] 8021q: adding VLAN 0 to HW filter on device bond0
[  276.664920][ T5879] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.754583][ T9544] 8021q: adding VLAN 0 to HW filter on device team0
[  276.820387][ T3025] bridge0: port 1(bridge_slave_0) entered blocking state
[  276.827617][ T3025] bridge0: port 1(bridge_slave_0) entered forwarding state
[  276.849185][ T3025] bridge0: port 2(bridge_slave_1) entered blocking state
[  276.856380][ T3025] bridge0: port 2(bridge_slave_1) entered forwarding state
[  276.866337][ T9812] loop2: detected capacity change from 0 to 32768
[  276.958324][ T9812] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  277.147876][ T9812] XFS (loop2): Ending clean mount
[  277.194033][ T9812] XFS (loop2): Quotacheck needed: Please wait.
[  277.342067][ T9812] XFS (loop2): Quotacheck: Done.
[  277.485718][ T9552] 8021q: adding VLAN 0 to HW filter on device batadv0
[  277.541767][ T5866] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  277.800904][ T9544] 8021q: adding VLAN 0 to HW filter on device batadv0
[  277.953168][ T9871] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1361'.
[  277.964553][ T9869] loop4: detected capacity change from 0 to 512
[  278.108110][ T9869] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  278.176834][ T9869] ext4 filesystem being mounted at /297/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  278.347186][ T9869] EXT4-fs error (device loop4): ext4_get_first_dir_block:3539: inode #12: block 32: comm syz.4.1360: bad entry in directory: rec_len is too small for name_len - offset=0, inode=12, rec_len=12, size=2048 fake=0
[  278.385670][ T9552] veth0_vlan: entered promiscuous mode
[  278.412540][ T9869] EXT4-fs (loop4): Remounting filesystem read-only
[  278.424550][ T9552] veth1_vlan: entered promiscuous mode
[  278.509207][ T9552] veth0_macvtap: entered promiscuous mode
[  278.522418][ T5873] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  278.550937][ T9552] veth1_macvtap: entered promiscuous mode
[  278.614248][ T9552] batman_adv: batadv0: Interface activated: batadv_slave_0
[  278.651198][ T9552] batman_adv: batadv0: Interface activated: batadv_slave_1
[  278.703399][   T36] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  278.753762][   T36] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  278.772028][   T36] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  278.811020][   T36] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  278.834062][ T9544] veth0_vlan: entered promiscuous mode
[  278.922257][ T9544] veth1_vlan: entered promiscuous mode
[  279.014155][   T74] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  279.034730][   T74] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  279.055488][ T9898] loop1: detected capacity change from 0 to 4096
[  279.114736][ T3013] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  279.115340][ T9544] veth0_macvtap: entered promiscuous mode
[  279.133581][ T3013] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  279.150882][ T9544] veth1_macvtap: entered promiscuous mode
[  279.224926][ T9544] batman_adv: batadv0: Interface activated: batadv_slave_0
[  279.258375][ T9544] batman_adv: batadv0: Interface activated: batadv_slave_1
[  279.310654][   T12] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  279.342112][   T12] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  279.446967][   T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  279.478455][   T12] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  279.661347][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  279.695945][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  279.797187][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  279.817336][ T9923] loop2: detected capacity change from 0 to 16
[  279.834156][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  279.871543][ T9923] erofs (device loop2): mounted with root inode @ nid 36.
[  279.907835][ T9918] loop1: detected capacity change from 0 to 4096
[  279.923727][ T9923] erofs (device loop2): readahead error at folio 12 @ nid 36
[  279.946307][ T9923] erofs (device loop2): readahead error at folio 9 @ nid 36
[  279.974900][ T9923] bio_check_eod: 88 callbacks suppressed
[  279.974921][ T9923] syz.2.1377: attempt to access beyond end of device
[  279.974921][ T9923] loop2: rw=524288, sector=67108872, nr_sectors = 16 limit=16
[  280.054564][ T9923] syz.2.1377: attempt to access beyond end of device
[  280.054564][ T9923] loop2: rw=524288, sector=720, nr_sectors = 8 limit=16
[  280.519568][ T9942] loop4: detected capacity change from 0 to 256
[  280.547219][ T9942] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  280.567795][ T9942] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  280.629956][ T9942] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  280.852757][ T9950] netlink: 136 bytes leftover after parsing attributes in process `syz.7.1390'.
[  280.885463][ T9950] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  281.113670][ T9934] loop2: detected capacity change from 0 to 32768
[  281.166494][ T9934] XFS (loop2): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  281.256418][ T9934] XFS (loop2): Ending clean mount
[  281.392593][ T9971] loop7: detected capacity change from 0 to 512
[  281.485441][ T5866] XFS (loop2): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  281.500976][ T9975] program syz.4.1398 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  281.523592][ T9971] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002]
[  281.538790][ T9971] System zones: 1-12
[  281.567991][ T9971] EXT4-fs error (device loop7): dx_probe:791: inode #2: comm syz.7.1395: Directory hole found for htree index block 0
[  281.598374][ T9971] EXT4-fs (loop7): Remounting filesystem read-only
[  281.631004][ T9971] EXT4-fs (loop7): Cannot turn on journaled quota: type 0: error -117
[  281.704994][ T9971] EXT4-fs (loop7): Cannot turn on journaled quota: type 1: error -117
[  281.745971][ T9971] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  281.769694][ T9981] input: syz0 as /devices/virtual/input/input19
[  281.889200][ T9971] EXT4-fs (loop7): can't enable nombcache during remount
[  281.946394][ T9971] EXT4-fs (loop7): can't enable nombcache during remount
[  282.056933][ T9552] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.331921][T10006] loop7: detected capacity change from 0 to 512
[  282.340066][T10007] loop6: detected capacity change from 0 to 128
[  282.372445][T10006] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[  282.377590][T10007] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  282.410628][T10007] ext4 filesystem being mounted at /9/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  282.486821][T10006] EXT4-fs (loop7): invalid journal inode
[  282.509592][T10006] EXT4-fs (loop7): can't get journal size
[  282.576595][T10006] EXT4-fs (loop7): 1 truncate cleaned up
[  282.607142][ T9997] loop2: detected capacity change from 0 to 32768
[  282.614440][ T9997] btrfs: Deprecated parameter 'usebackuproot'
[  282.621584][ T9997] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  282.634850][ T9997] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1408 (9997)
[  282.648213][T10006] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  282.688219][ T9997] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  282.714313][ T9997] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  282.714629][ T9544] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  282.723897][ T9997] BTRFS info (device loop2): using free-space-tree
[  282.749818][T10006] EXT4-fs warning (device loop7): ext4_group_add:1736: No reserved GDT blocks, can't resize
[  282.850131][   T12] BTRFS warning (device loop2): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0x26333c6f level 0
[  282.891631][ T9997] BTRFS warning (device loop2): couldn't read tree root
[  282.897002][ T9552] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.904651][T10036] sctp: [Deprecated]: syz.1.1418 (pid 10036) Use of int in maxseg socket option.
[  282.904651][T10036] Use struct sctp_assoc_value instead
[  282.930249][ T9997] BTRFS warning (device loop2): try to load backup roots slot 1
[  282.957343][   T61] BTRFS warning (device loop2): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x78ca8373 level 0
[  283.009103][ T9997] BTRFS warning (device loop2): couldn't read tree root
[  283.018781][ T9997] BTRFS warning (device loop2): try to load backup roots slot 2
[  283.060401][   T12] BTRFS error (device loop2): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  283.090230][ T9997] BTRFS warning (device loop2): couldn't read tree root
[  283.110081][ T9997] BTRFS warning (device loop2): try to load backup roots slot 3
[  283.111753][T10041] kvm: kvm [10040]: vcpu0, guest rIP: 0xfff0 Unhandled RDMSR(0x4000005d)
[  283.158930][ T9997] BTRFS info (device loop2): rebuilding free space tree
[  283.171213][T10047] netlink: 72 bytes leftover after parsing attributes in process `syz.6.1422'.
[  283.219464][ T9997] BTRFS info (device loop2): checking UUID tree
[  283.304375][   T10] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  283.421125][ T5866] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  283.494183][   T10] usb 5-1: Using ep0 maxpacket: 32
[  283.526231][   T10] usb 5-1: config 0 has an invalid interface number: 126 but max is 0
[  283.543893][   T10] usb 5-1: config 0 has no interface number 0
[  283.553116][   T10] usb 5-1: config 0 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023
[  283.589923][   T10] usb 5-1: config 0 interface 126 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 8
[  283.637303][   T10] usb 5-1: config 0 interface 126 has no altsetting 0
[  283.664317][   T10] usb 5-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c
[  283.678003][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  283.686212][   T10] usb 5-1: Product: syz
[  283.708119][   T10] usb 5-1: Manufacturer: syz
[  283.712989][   T10] usb 5-1: SerialNumber: syz
[  283.752233][   T10] usb 5-1: config 0 descriptor??
[  283.768839][T10039] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  283.792376][T10067] mac80211_hwsim hwsim5 wlan0: entered promiscuous mode
[  283.800317][T10039] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  283.827690][T10067] macsec1: entered promiscuous mode
[  283.836603][T10067] macsec1: entered allmulticast mode
[  283.853747][T10067] mac80211_hwsim hwsim5 wlan0: entered allmulticast mode
[  284.143845][T10077] loop7: detected capacity change from 0 to 512
[  284.184203][T10077] EXT4-fs: Ignoring removed oldalloc option
[  284.252054][T10077] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  284.277496][   T10] ir_usb 5-1:0.126: IR Dongle converter detected
[  284.305496][T10077] ext4 filesystem being mounted at /15/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  284.485371][   T10] usb 5-1: IR Dongle converter now attached to ttyUSB0
[  284.557060][T10077] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.1435: bg 0: block 217: padding at end of block bitmap is not set
[  284.622675][T10077] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  284.690473][   T43] usb 5-1: USB disconnect, device number 9
[  284.714121][   T43] ir-usb ttyUSB0: IR Dongle converter now disconnected from ttyUSB0
[  284.722823][   T43] ir_usb 5-1:0.126: device disconnected
[  284.770813][T10100] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  284.778653][T10100] IPv6: NLM_F_CREATE should be set when creating new route
[  284.786075][T10100] IPv6: NLM_F_CREATE should be set when creating new route
[  284.793417][T10100] IPv6: NLM_F_CREATE should be set when creating new route
[  284.831915][ T9552] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.987979][T10105] syz.7.1445 uses obsolete (PF_INET,SOCK_PACKET)
[  285.119138][T10087] loop1: detected capacity change from 0 to 32768
[  285.135323][T10087] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  285.202357][T10087] XFS (loop1): Ending clean mount
[  285.351958][ T5879] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  285.853003][ T5950] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  285.964008][T10133] loop6: detected capacity change from 0 to 1024
[  286.004191][T10134] loop1: detected capacity change from 0 to 4096
[  286.035518][ T5950] usb 8-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  286.052709][ T5943] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  286.070378][T10133] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  286.090998][ T5950] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  286.103050][T10133] ext4 filesystem being mounted at /22/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  286.122220][ T5950] usb 8-1: config 0 descriptor??
[  286.132216][ T5950] cp210x 8-1:0.0: cp210x converter detected
[  286.246943][ T9544] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.263162][ T5943] usb 3-1: Using ep0 maxpacket: 16
[  286.270698][ T5943] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  286.291856][ T5943] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  286.311317][ T5943] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  286.338738][ T5943] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  286.351109][ T5943] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  286.363900][ T5943] usb 3-1: config 0 descriptor??
[  286.432526][T10145] netlink: 'syz.6.1459': attribute type 21 has an invalid length.
[  286.445699][T10145] netlink: 128 bytes leftover after parsing attributes in process `syz.6.1459'.
[  286.455338][T10145] netlink: 'syz.6.1459': attribute type 4 has an invalid length.
[  286.463927][T10145] netlink: 'syz.6.1459': attribute type 3 has an invalid length.
[  286.479423][T10145] netlink: 3 bytes leftover after parsing attributes in process `syz.6.1459'.
[  286.517853][T10145] netlink: 'syz.6.1459': attribute type 21 has an invalid length.
[  286.536799][ T5950] cp210x 8-1:0.0: failed to get vendor val 0x000e size 3: -32
[  286.547538][T10145] netlink: 128 bytes leftover after parsing attributes in process `syz.6.1459'.
[  286.557432][ T5950] usb 8-1: cp210x converter now attached to ttyUSB0
[  286.579659][T10145] netlink: 'syz.6.1459': attribute type 4 has an invalid length.
[  286.610416][T10145] netlink: 'syz.6.1459': attribute type 5 has an invalid length.
[  286.620546][T10145] netlink: 3 bytes leftover after parsing attributes in process `syz.6.1459'.
[  286.751062][ T5950] usb 8-1: USB disconnect, device number 2
[  286.789852][ T5950] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  286.816005][ T5943] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.000A/input/input20
[  286.833029][ T5950] cp210x 8-1:0.0: device disconnected
[  286.848774][T10155] loop6: detected capacity change from 0 to 256
[  286.874279][T10155] exfat: Deprecated parameter 'namecase'
[  286.898284][T10155] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  286.933033][ T5943] microsoft 0003:045E:07DA.000A: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  287.015862][   T43] usb 3-1: USB disconnect, device number 12
[  287.080484][T10147] loop4: detected capacity change from 0 to 32768
[  287.112913][T10147] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  287.189780][T10147] XFS (loop4): Ending clean mount
[  287.387928][ T5873] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  287.438311][T10178] loop7: detected capacity change from 0 to 1024
[  287.637469][ T9552] hfsplus: bad catalog entry type
[  287.948884][T10187] loop1: detected capacity change from 0 to 4096
[  287.972262][T10187] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  287.997742][T10193] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  288.067638][ T3013] hfsplus: b-tree write err: -5, ino 4
[  288.070334][T10187] ntfs3(loop1): ino=1a, mi_enum_attr
[  288.084076][T10187] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  288.110584][T10195] loop4: detected capacity change from 0 to 512
[  288.120500][T10187] ntfs3(loop1): ino=1a, mi_enum_attr
[  288.137729][T10187] ntfs3(loop1): Failed to initialize $Extend/$Reparse.
[  288.140649][T10195] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #17: comm syz.4.1481: iget: bogus i_mode (0)
[  288.241876][T10195] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1481: couldn't read orphan inode 17 (err -117)
[  288.278357][T10198] loop6: detected capacity change from 0 to 1764
[  288.293460][T10195] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  288.364612][T10195] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1481: bg 0: block 7: invalid block bitmap
[  288.427161][   T61] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.455728][T10195] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2848: Unable to expand inode 12. Delete some EAs or run e2fsck.
[  288.600066][T10201] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1486'.
[  288.624481][T10201] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1486'.
[  288.641811][ T5873] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.738305][   T61] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.818094][T10186] loop2: detected capacity change from 0 to 32768
[  288.866876][T10205] 8021q: adding VLAN 0 to HW filter on device bond1
[  288.893769][T10186] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  288.903806][T10205] bond0: (slave bond1): Enslaving as an active interface with an up link
[  289.049188][T10186] XFS (loop2): Ending clean mount
[  289.075963][   T61] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.090164][T10186] XFS (loop2): Quotacheck needed: Please wait.
[  289.178789][ T5871] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  289.191409][ T5871] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  289.201845][ T5871] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  289.209939][ T5871] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  289.220532][ T5871] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  289.265884][T10186] XFS (loop2): Quotacheck: Done.
[  289.342221][T10231] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1493'.
[  289.389369][ T5866] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  289.915562][T10237] loop4: detected capacity change from 0 to 512
[  289.939803][T10237] EXT4-fs (loop4): blocks per group (95) and clusters per group (32768) inconsistent
[  290.049819][   T61] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  290.286537][T10225] loop1: detected capacity change from 0 to 131072
[  290.298429][T10225] F2FS-fs (loop1): Invalid log sectors per block(570425347) log sectorsize(9)
[  290.307448][T10225] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  290.323122][T10225] F2FS-fs (loop1): invalid crc value
[  290.440594][T10225] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=3000000, run fsck to fix.
[  290.463857][T10225] F2FS-fs (loop1): Bad quota inode 2:50331648
[  290.470000][T10225] F2FS-fs (loop1): Failed to enable quota tracking (type=2, err=-22). Please run fsck to fix.
[  290.480654][T10225] F2FS-fs (loop1): Cannot turn on quotas: error -22
[  290.487289][T10225] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  290.506666][T10225] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  290.514276][T10225] F2FS-fs (loop1): Mounted with checkpoint version = 753bd00b
[  290.714493][T10257] loop2: detected capacity change from 0 to 256
[  290.727110][T10257] exfat: Deprecated parameter 'utf8'
[  290.738539][T10257] exfat: Deprecated parameter 'namecase'
[  290.764722][T10257] exfat: Deprecated parameter 'namecase'
[  290.783587][T10257] exfat: Deprecated parameter 'utf8'
[  290.814778][T10257] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffc20, utbl_chksum : 0xe619d30d)
[  291.097515][T10227] chnl_net:caif_netlink_parms(): no params data found
[  291.177820][   T61] bridge_slave_1: left allmulticast mode
[  291.185794][   T61] bridge_slave_1: left promiscuous mode
[  291.225860][   T61] bridge0: port 2(bridge_slave_1) entered disabled state
[  291.260421][ T5886] Bluetooth: hci2: command tx timeout
[  291.281291][   T61] bridge_slave_0: left allmulticast mode
[  291.287000][   T61] bridge_slave_0: left promiscuous mode
[  291.295601][   T61] bridge0: port 1(bridge_slave_0) entered disabled state
[  291.381996][T10255] loop4: detected capacity change from 0 to 32768
[  291.400094][T10255] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1502 (10255)
[  291.426207][T10255] BTRFS info (device loop4): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  291.460297][T10255] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  291.490001][T10255] BTRFS info (device loop4): using free-space-tree
[  291.737253][ T5873] BTRFS info (device loop4): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  292.054627][T10261] loop2: detected capacity change from 0 to 32768
[  292.108891][T10261] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1504 (10261)
[  292.147577][T10261] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  292.169338][T10261] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  292.196208][T10261] BTRFS info (device loop2): using free-space-tree
[  292.285953][T10265] loop1: detected capacity change from 0 to 32768
[  292.301638][T10265] XFS: ikeep mount option is deprecated.
[  292.397524][T10265] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  292.455596][T10261] BTRFS info (device loop2): rebuilding free space tree
[  292.464720][   T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  292.485750][   T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  292.498796][   T61] bond0 (unregistering): Released all slaves
[  292.550551][T10265] XFS (loop1): Ending clean mount
[  292.566823][   T30] audit: type=1800 audit(1754647335.739:76): pid=10261 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1504" name="file1" dev="loop2" ino=260 res=0 errno=0
[  292.598574][T10265] XFS (loop1): Quotacheck needed: Please wait.
[  292.733898][T10265] XFS (loop1): Quotacheck: Done.
[  292.978762][ T5879] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  293.004718][ T5866] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  293.091405][T10322] netlink: 'syz.4.1515': attribute type 9 has an invalid length.
[  293.158617][T10322] bond_slave_0: entered promiscuous mode
[  293.164714][T10322] bond_slave_1: entered promiscuous mode
[  293.211402][T10322] macvlan2: entered promiscuous mode
[  293.216772][T10322] bond0: entered promiscuous mode
[  293.238729][T10322] bond1: entered promiscuous mode
[  293.252051][T10322] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  293.289477][T10227] bridge0: port 1(bridge_slave_0) entered blocking state
[  293.296680][T10227] bridge0: port 1(bridge_slave_0) entered disabled state
[  293.329227][T10227] bridge_slave_0: entered allmulticast mode
[  293.337291][T10227] bridge_slave_0: entered promiscuous mode
[  293.349406][ T5886] Bluetooth: hci2: command tx timeout
[  293.388504][T10227] bridge0: port 2(bridge_slave_1) entered blocking state
[  293.409639][T10227] bridge0: port 2(bridge_slave_1) entered disabled state
[  293.438940][T10227] bridge_slave_1: entered allmulticast mode
[  293.446952][T10227] bridge_slave_1: entered promiscuous mode
[  293.650187][T10332] ipvlan2: entered promiscuous mode
[  293.667514][T10332] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  293.711806][T10332] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  293.715449][ T5950] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  293.888101][T10227] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  293.911373][ T5950] usb 5-1: Using ep0 maxpacket: 16
[  293.918108][   T61] hsr_slave_0: left promiscuous mode
[  293.927022][ T5950] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  293.944983][T10338] loop6: detected capacity change from 0 to 256
[  293.958427][ T5950] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  293.978618][   T61] hsr_slave_1: left promiscuous mode
[  293.984824][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  293.992353][ T5950] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  294.002506][   T61] batman_adv: batadv0: Removing interface: batadv_slave_0
[  294.029649][ T5950] usb 5-1: config 0 descriptor??
[  294.044110][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  294.059712][   T61] batman_adv: batadv0: Removing interface: batadv_slave_1
[  294.120466][   T61] veth1_macvtap: left promiscuous mode
[  294.126124][   T61] veth0_macvtap: left promiscuous mode
[  294.141498][   T61] veth1_vlan: left promiscuous mode
[  294.151213][   T61] veth0_vlan: left promiscuous mode
[  294.426987][T10334] loop1: detected capacity change from 0 to 32768
[  294.455723][ T5950] mcp2221 0003:04D8:00DD.000B: item fetching failed at offset 3/5
[  294.472790][ T5950] mcp2221 0003:04D8:00DD.000B: can't parse reports
[  294.483138][ T5950] mcp2221 0003:04D8:00DD.000B: probe with driver mcp2221 failed with error -22
[  294.533487][T10334] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  294.584273][T10334] XFS (loop1): Ending clean mount
[  294.607114][T10334] XFS (loop1): Quotacheck needed: Please wait.
[  294.677369][   T43] usb 5-1: USB disconnect, device number 10
[  294.716706][T10334] XFS (loop1): Quotacheck: Done.
[  294.793475][ T5879] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  295.045438][T10359] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1527'.
[  295.055546][T10359] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1527'.
[  295.070949][T10359] netlink: 'syz.1.1527': attribute type 14 has an invalid length.
[  295.079065][T10359] netlink: 'syz.1.1527': attribute type 11 has an invalid length.
[  295.201681][   T61] team0 (unregistering): Port device team_slave_1 removed
[  295.281446][   T61] team0 (unregistering): Port device team_slave_0 removed
[  295.429470][ T5886] Bluetooth: hci2: command tx timeout
[  295.769901][T10363] loop4: detected capacity change from 0 to 32768
[  295.800815][T10363] JBD2: Ignoring recovery information on journal
[  295.878979][T10363] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  295.910982][T10363] OCFS2: ERROR (device loop4): int ocfs2_xattr_find_entry(struct inode *, int, const char *, struct ocfs2_xattr_search *): corrupted xattr entries
[  295.911082][T10363] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  295.939504][T10363] OCFS2: File system is now read-only.
[  295.945013][T10363] (syz.4.1529,10363,0):ocfs2_setattr:1299 ERROR: status = -117
[  296.026185][ T5873] ocfs2: Unmounting device (7,4) on (node local)
[  296.082501][T10227] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  296.263189][T10227] team0: Port device team_slave_0 added
[  296.309500][T10227] team0: Port device team_slave_1 added
[  296.428754][T10375] loop2: detected capacity change from 0 to 2048
[  296.440763][T10375] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  296.459031][T10375] NILFS (loop2): mounting unchecked fs
[  296.464540][T10375] NILFS (loop2): recovery required for readonly filesystem
[  296.471906][T10227] batman_adv: batadv0: Adding interface: batadv_slave_0
[  296.471924][T10227] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  296.471953][T10227] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  296.507578][T10227] batman_adv: batadv0: Adding interface: batadv_slave_1
[  296.528604][T10375] NILFS (loop2): write access will be enabled during recovery
[  296.537207][T10227] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  296.577533][T10375] NILFS (loop2): norecovery option specified, skipping roll-forward recovery
[  296.604540][T10227] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  296.696508][T10381] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1535'.
[  296.816530][T10227] hsr_slave_0: entered promiscuous mode
[  296.824046][T10383] loop4: detected capacity change from 0 to 512
[  296.835769][T10227] hsr_slave_1: entered promiscuous mode
[  296.846088][T10227] debugfs: 'hsr0' already exists in 'hsr'
[  296.865360][T10227] Cannot create hsr debugfs directory
[  296.865392][T10383] EXT4-fs (loop4): 1 truncate cleaned up
[  296.878828][T10383] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  296.917417][T10383] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.1536: invalid indirect mapped block 234881024 (level 0)
[  297.071912][ T5873] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.193697][   T30] audit: type=1326 audit(1754647340.372:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10369 comm="syz.6.1532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf7b58ebe9 code=0x7fc00000
[  297.226093][   T36] Bluetooth: hci5: Frame reassembly failed (-84)
[  297.499455][ T5871] Bluetooth: hci2: command tx timeout
[  297.625495][T10227] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  297.665647][T10227] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  297.697603][T10227] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  297.723471][T10227] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  297.859255][T10413] loop2: detected capacity change from 0 to 1024
[  297.920479][T10413] hfsplus: trying to free free bnode 0(1)
[  297.957770][T10227] 8021q: adding VLAN 0 to HW filter on device bond0
[  298.005140][ T3025] hfsplus: b-tree write err: -5, ino 4
[  298.008592][T10227] 8021q: adding VLAN 0 to HW filter on device team0
[  298.024947][   T61] bridge0: port 1(bridge_slave_0) entered blocking state
[  298.032179][   T61] bridge0: port 1(bridge_slave_0) entered forwarding state
[  298.063046][ T3025] bridge0: port 2(bridge_slave_1) entered blocking state
[  298.070301][ T3025] bridge0: port 2(bridge_slave_1) entered forwarding state
[  298.122206][T10416] loop6: detected capacity change from 0 to 1024
[  298.297435][T10399] hfsplus: request for non-existent node 16777216 in B*Tree
[  298.305831][   T30] audit: type=1800 audit(1754647341.472:78): pid=10399 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1541" name="file1" dev="loop6" ino=20 res=0 errno=0
[  298.332427][T10399] hfsplus: request for non-existent node 16777216 in B*Tree
[  298.568750][T10227] 8021q: adding VLAN 0 to HW filter on device batadv0
[  298.884446][ T5993] kernel read not supported for file /dsp (pid: 5993 comm: kworker/1:5)
[  299.144283][T10227] veth0_vlan: entered promiscuous mode
[  299.176609][ T5886] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  299.197956][ T5871] Bluetooth: hci5: command 0x1003 tx timeout
[  299.218813][T10227] veth1_vlan: entered promiscuous mode
[  299.266918][T10227] veth0_macvtap: entered promiscuous mode
[  299.330626][T10227] veth1_macvtap: entered promiscuous mode
[  299.388936][T10437] loop6: detected capacity change from 0 to 32768
[  299.419715][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[  299.451106][T10437] 
[  299.451106][T10437]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  299.451106][T10437] 
[  299.492305][T10227] batman_adv: batadv0: Interface activated: batadv_slave_0
[  299.505027][T10450] loop2: detected capacity change from 0 to 128
[  299.526398][T10437] non-latin1 character 0x3ff found in JFS file name
[  299.551437][T10227] batman_adv: batadv0: Interface activated: batadv_slave_1
[  299.563108][T10437] mount with iocharset=utf8 to access
[  299.574749][T10450] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  299.590401][T10437] non-latin1 character 0x3ff found in JFS file name
[  299.610537][ T3025] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  299.615922][T10437] mount with iocharset=utf8 to access
[  299.641014][ T3025] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  299.727074][ T3025] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  299.756685][ T3013] 
[  299.756685][ T3013]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  299.756685][ T3013] 
[  299.757177][T10456] loop1: detected capacity change from 0 to 1024
[  299.799292][ T3013] 
[  299.799292][ T3013]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  299.799292][ T3013] 
[  299.811390][ T9544] 
[  299.811390][ T9544]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  299.811390][ T9544] 
[  299.847999][ T3025] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  299.856744][ T9544] 
[  299.856744][ T9544]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  299.856744][ T9544] 
[  299.867843][  T113] ==================================================================
[  299.875939][  T113] BUG: KASAN: slab-use-after-free in __mutex_lock+0x7fc/0x1360
[  299.883609][  T113] Read of size 8 at addr ffff888077ac3908 by task jfsCommit/113
[  299.891279][  T113] 
[  299.893628][  T113] CPU: 1 UID: 0 PID: 113 Comm: jfsCommit Not tainted 6.16.0-next-20250808-syzkaller #0 PREEMPT(full) 
[  299.893656][  T113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  299.893670][  T113] Call Trace:
[  299.893678][  T113]  <TASK>
[  299.893687][  T113]  dump_stack_lvl+0x189/0x250
[  299.893715][  T113]  ? __kasan_check_byte+0x12/0x40
[  299.893749][  T113]  ? __pfx_dump_stack_lvl+0x10/0x10
[  299.893774][  T113]  ? lock_release+0x4b/0x3e0
[  299.893809][  T113]  ? __virt_addr_valid+0x4a5/0x5c0
[  299.893838][  T113]  print_report+0xca/0x240
[  299.893859][  T113]  ? __mutex_lock+0x7fc/0x1360
[  299.893889][  T113]  kasan_report+0x118/0x150
[  299.893922][  T113]  ? __mutex_lock+0x7fc/0x1360
[  299.893956][  T113]  __mutex_lock+0x7fc/0x1360
[  299.893988][  T113]  ? __mutex_lock+0x5b6/0x1360
[  299.894020][  T113]  ? jfs_syncpt+0x25/0x90
[  299.894042][  T113]  ? __pfx___mutex_lock+0x10/0x10
[  299.894070][  T113]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  299.894098][  T113]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  299.894135][  T113]  jfs_syncpt+0x25/0x90
[  299.894155][  T113]  txEnd+0x2e5/0x530
[  299.894179][  T113]  jfs_lazycommit+0x5ba/0xa90
[  299.894213][  T113]  ? __pfx_jfs_lazycommit+0x10/0x10
[  299.894239][  T113]  ? __pfx_default_wake_function+0x10/0x10
[  299.894271][  T113]  ? __kthread_parkme+0x7b/0x200
[  299.894293][  T113]  ? __kthread_parkme+0x1a1/0x200
[  299.894319][  T113]  kthread+0x711/0x8a0
[  299.894347][  T113]  ? __pfx_jfs_lazycommit+0x10/0x10
[  299.894371][  T113]  ? __pfx_kthread+0x10/0x10
[  299.894398][  T113]  ? _raw_spin_unlock_irq+0x23/0x50
[  299.894424][  T113]  ? lockdep_hardirqs_on+0x9c/0x150
[  299.894452][  T113]  ? __pfx_kthread+0x10/0x10
[  299.894478][  T113]  ret_from_fork+0x3f9/0x770
[  299.894501][  T113]  ? __pfx_ret_from_fork+0x10/0x10
[  299.894526][  T113]  ? __switch_to_asm+0x39/0x70
[  299.894553][  T113]  ? __switch_to_asm+0x33/0x70
[  299.894580][  T113]  ? __pfx_kthread+0x10/0x10
[  299.894607][  T113]  ret_from_fork_asm+0x1a/0x30
[  299.894644][  T113]  </TASK>
[  299.894652][  T113] 
[  300.092228][  T113] Allocated by task 10437:
[  300.096666][  T113]  kasan_save_track+0x3e/0x80
[  300.101362][  T113]  __kasan_kmalloc+0x93/0xb0
[  300.105969][  T113]  __kmalloc_cache_noprof+0x230/0x3d0
[  300.111359][  T113]  lmLogOpen+0x2d1/0xfb0
[  300.115623][  T113]  jfs_mount_rw+0xe9/0x670
[  300.120047][  T113]  jfs_fill_super+0x754/0xd80
[  300.124737][  T113]  get_tree_bdev_flags+0x40e/0x4d0
[  300.129865][  T113]  vfs_get_tree+0x8f/0x2b0
[  300.134321][  T113]  do_new_mount+0x2a2/0x9e0
[  300.138839][  T113]  __se_sys_mount+0x317/0x410
[  300.143517][  T113]  do_syscall_64+0xfa/0x3b0
[  300.148031][  T113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.153936][  T113] 
[  300.156264][  T113] Freed by task 9544:
[  300.160241][  T113]  kasan_save_track+0x3e/0x80
[  300.164927][  T113]  kasan_save_free_info+0x46/0x50
[  300.169955][  T113]  __kasan_slab_free+0x5b/0x80
[  300.174738][  T113]  kfree+0x18e/0x440
[  300.178642][  T113]  lmLogClose+0x297/0x520
[  300.182971][  T113]  jfs_umount+0x2ef/0x3c0
[  300.187312][  T113]  jfs_put_super+0x8c/0x190
[  300.191821][  T113]  generic_shutdown_super+0x135/0x2c0
[  300.197196][  T113]  kill_block_super+0x44/0x90
[  300.201882][  T113]  deactivate_locked_super+0xb9/0x130
[  300.207260][  T113]  cleanup_mnt+0x425/0x4c0
[  300.211682][  T113]  task_work_run+0x1d1/0x260
[  300.216275][  T113]  exit_to_user_mode_loop+0xec/0x110
[  300.221572][  T113]  do_syscall_64+0x2bd/0x3b0
[  300.226180][  T113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.232076][  T113] 
[  300.234399][  T113] The buggy address belongs to the object at ffff888077ac3800
[  300.234399][  T113]  which belongs to the cache kmalloc-1k of size 1024
[  300.248463][  T113] The buggy address is located 264 bytes inside of
[  300.248463][  T113]  freed 1024-byte region [ffff888077ac3800, ffff888077ac3c00)
[  300.262358][  T113] 
[  300.264696][  T113] The buggy address belongs to the physical page:
[  300.271201][  T113] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x77ac0
[  300.279962][  T113] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  300.288456][  T113] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  300.296443][  T113] page_type: f5(slab)
[  300.300444][  T113] raw: 00fff00000000040 ffff88801a441dc0 0000000000000000 dead000000000001
[  300.309033][  T113] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  300.317613][  T113] head: 00fff00000000040 ffff88801a441dc0 0000000000000000 dead000000000001
[  300.326285][  T113] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  300.334960][  T113] head: 00fff00000000003 ffffea0001deb001 00000000ffffffff 00000000ffffffff
[  300.343628][  T113] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  300.352298][  T113] page dumped because: kasan: bad access detected
[  300.358722][  T113] page_owner tracks the page as allocated
[  300.364433][  T113] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 3013, tgid 3013 (kworker/u8:9), ts 234002297903, free_ts 233914441086
[  300.383882][  T113]  post_alloc_hook+0x240/0x2a0
[  300.388665][  T113]  get_page_from_freelist+0x21e4/0x22c0
[  300.394301][  T113]  __alloc_frozen_pages_noprof+0x181/0x370
[  300.400108][  T113]  alloc_pages_mpol+0x232/0x4a0
[  300.404967][  T113]  allocate_slab+0x8a/0x370
[  300.409468][  T113]  ___slab_alloc+0xbeb/0x1410
[  300.414148][  T113]  __kmalloc_noprof+0x305/0x4f0
[  300.419019][  T113]  ieee802_11_parse_elems_full+0x152/0x2ab0
[  300.424917][  T113]  ieee80211_inform_bss+0x10c/0x10a0
[  300.430216][  T113]  cfg80211_inform_single_bss_data+0xd02/0x1ac0
[  300.436500][  T113]  cfg80211_inform_bss_data+0x1fb/0x3b30
[  300.442145][  T113]  cfg80211_inform_bss_frame_data+0x3d7/0x730
[  300.448213][  T113]  ieee80211_bss_info_update+0x746/0x9e0
[  300.453867][  T113]  ieee80211_ibss_rx_queued_mgmt+0xa36/0x2ae0
[  300.459942][  T113]  ieee80211_iface_work+0x85f/0x12d0
[  300.465232][  T113]  cfg80211_wiphy_work+0x2bb/0x470
[  300.470354][  T113] page last free pid 5868 tgid 5868 stack trace:
[  300.476683][  T113]  __free_frozen_pages+0xbc4/0xd30
[  300.481803][  T113]  __slab_free+0x303/0x3c0
[  300.486222][  T113]  qlist_free_all+0x97/0x140
[  300.490828][  T113]  kasan_quarantine_reduce+0x148/0x160
[  300.496288][  T113]  __kasan_slab_alloc+0x22/0x80
[  300.501163][  T113]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  300.506630][  T113]  getname_flags+0xb8/0x540
[  300.511145][  T113]  user_path_at+0x24/0x60
[  300.515506][  T113]  __x64_sys_umount+0xee/0x160
[  300.520273][  T113]  do_syscall_64+0xfa/0x3b0
[  300.524780][  T113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.530673][  T113] 
[  300.533009][  T113] Memory state around the buggy address:
[  300.538637][  T113]  ffff888077ac3800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  300.546699][  T113]  ffff888077ac3880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  300.554868][  T113] >ffff888077ac3900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  300.562955][  T113]                       ^
[  300.567277][  T113]  ffff888077ac3980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  300.575342][  T113]  ffff888077ac3a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  300.583406][  T113] ==================================================================
[  300.593273][  T113] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  300.600495][  T113] CPU: 1 UID: 0 PID: 113 Comm: jfsCommit Not tainted 6.16.0-next-20250808-syzkaller #0 PREEMPT(full) 
[  300.611442][  T113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  300.621505][  T113] Call Trace:
[  300.624789][  T113]  <TASK>
[  300.627719][  T113]  dump_stack_lvl+0x99/0x250
[  300.632323][  T113]  ? __asan_memcpy+0x40/0x70
[  300.636922][  T113]  ? __pfx_dump_stack_lvl+0x10/0x10
[  300.642134][  T113]  ? __pfx__printk+0x10/0x10
[  300.646746][  T113]  vpanic+0x281/0x750
[  300.650760][  T113]  ? __pfx_vpanic+0x10/0x10
[  300.655269][  T113]  ? irqentry_exit+0x74/0x90
[  300.659876][  T113]  panic+0xb9/0xc0
[  300.663601][  T113]  ? __pfx_panic+0x10/0x10
[  300.668018][  T113]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  300.673923][  T113]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  300.679823][  T113]  ? __mutex_lock+0x7fc/0x1360
[  300.684588][  T113]  check_panic_on_warn+0x89/0xb0
[  300.689528][  T113]  ? __mutex_lock+0x7fc/0x1360
[  300.694303][  T113]  end_report+0x78/0x160
[  300.698553][  T113]  kasan_report+0x129/0x150
[  300.703088][  T113]  ? __mutex_lock+0x7fc/0x1360
[  300.707869][  T113]  __mutex_lock+0x7fc/0x1360
[  300.712474][  T113]  ? __mutex_lock+0x5b6/0x1360
[  300.717271][  T113]  ? jfs_syncpt+0x25/0x90
[  300.721607][  T113]  ? __pfx___mutex_lock+0x10/0x10
[  300.726643][  T113]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  300.732629][  T113]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  300.738971][  T113]  jfs_syncpt+0x25/0x90
[  300.743139][  T113]  txEnd+0x2e5/0x530
[  300.747041][  T113]  jfs_lazycommit+0x5ba/0xa90
[  300.751748][  T113]  ? __pfx_jfs_lazycommit+0x10/0x10
[  300.756956][  T113]  ? __pfx_default_wake_function+0x10/0x10
[  300.762801][  T113]  ? __kthread_parkme+0x7b/0x200
[  300.767747][  T113]  ? __kthread_parkme+0x1a1/0x200
[  300.772780][  T113]  kthread+0x711/0x8a0
[  300.776863][  T113]  ? __pfx_jfs_lazycommit+0x10/0x10
[  300.782067][  T113]  ? __pfx_kthread+0x10/0x10
[  300.786674][  T113]  ? _raw_spin_unlock_irq+0x23/0x50
[  300.791899][  T113]  ? lockdep_hardirqs_on+0x9c/0x150
[  300.797107][  T113]  ? __pfx_kthread+0x10/0x10
[  300.801748][  T113]  ret_from_fork+0x3f9/0x770
[  300.806341][  T113]  ? __pfx_ret_from_fork+0x10/0x10
[  300.811457][  T113]  ? __switch_to_asm+0x39/0x70
[  300.816230][  T113]  ? __switch_to_asm+0x33/0x70
[  300.821000][  T113]  ? __pfx_kthread+0x10/0x10
[  300.825598][  T113]  ret_from_fork_asm+0x1a/0x30
[  300.830377][  T113]  </TASK>
[  300.833748][  T113] Kernel Offset: disabled
[  300.838079][  T113] Rebooting in 86400 seconds..