last executing test programs:

2.62642155s ago: executing program 3 (id=7348):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fallocate(0xffffffffffffffff, 0x0, 0xf400100000000000, 0x1000f4)

2.462306835s ago: executing program 3 (id=7352):
r0 = socket(0x2c, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000100)={'ip6_vti0\x00', &(0x7f0000000080)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty}})

2.229387147s ago: executing program 3 (id=7357):
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6)

1.873268609s ago: executing program 4 (id=7363):
r0 = syz_open_dev$video4linux(&(0x7f0000002980), 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r0, 0xc040564a, &(0x7f00000029c0)={0x6})

1.775883918s ago: executing program 4 (id=7365):
syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file2\x00', 0x10000, &(0x7f00000001c0), 0x1, 0x557, &(0x7f0000000e80)="$eJzs3d1rZGcZAPDnnGSym91oovaiCv3AFnaLNtl0bRu8aCuIdwWlXgpryE5C2ElmyUxqE4pm8VoEES3e9cobwT9AkN55K0JBb7wSFaXoVi+KqEfORzZNcmZ34s6HZn4/eHPe8/k875mZM2fmvJkTwMR6MiJeiYipiHgmIuar6WlV4qAs+XLv331zLS9JZNlrf0kiqabliyVVyV2uVrtYDmp19vZvrbZazZ1qfKm7dXups7f/7ObW6kZzo7l9/fryCysvrjy/cq1m7ek+Wnbn2Fjerpe++McffPfHX3rp55/9xu9u/PnqN/N856r5h+0YtHKfNPJ9cU+e/c4wgo3BVNWeRq8F0tHmAwDA/eWnZx+PiE8X5//zMdXXuXUpGWpmAAAAwKBkL8/FP5OIDAAAADi30qIPbJIuVn0B5iJNFxfLPryPxKW01e50P7Pe3t2+WfaVXYhGur7Zal6bKfvULkQjyceXi/rR+HP3xpNjfYC/Pz9bzF9ca7duju9rDwAAAJgol098/v/7fPn5/z7uZFmWjSxBAAAAYDAWxp0AAAAAMHSnP/+/PZY8AAAAgOFx/R8AAADOtS+/+mpessP7X998fW/3Vvv1X0Szc2txa3dtca29c3txo93eaGUXIrYetL1Wu337c7G9+8ZSt9npLnX29m9stXe3uzc2j90CGwAAABihjz3xzm+SiDj4/GxRcjP5n6keK5R9BdLRZQgMy5leyH8YXh7A6PV6mz9teqh5AKPnVQ2Tq1EOkgcv+Q+/+Q/nVFLe3rOnnp13fjmUdAAAgCG48sn66//TR98NAOeUjjwwufq//g+cN67/w+RqOAOAiTbbxzInrv8f9Rfq+/p/VvUfmvFDIAAAMCZzRUnSxepa4FykH2SlWIhGsr7Zal6LiI9GxK/nGxfy8eVizaSffxoAAAAAAAAAAAAAAAAAAAAAAAAAAIpf5U4iAwAAAM61iPRPSXVDryvzT8+d/H5gJvlgvhgWdwd47YdvrHa7O8v59L9W0yO6b1XTnzvLNw/uPA4AAADDUnxO/041XB53NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcN+/ffXPtsIwy7ntfiIiFuvjTcbEYXoxGRFz6WxLThys9EZFExNQA4h/ciYhH6+IneVqxUGVxLH5EpBExW2Qx9PiPZVlWG//yQ0eHyfZOfvx5pe71l8aTxbD+9T9dlYfV+/iX3jv+TdXEz488H+kzxqfe/elS/ZwL5fzp+uPPYfzkVPypYtpTdZus2Slf/+r+fq/csrcjrtS+/xwdW/PaUnfr9lJnb//Zza3VjeZGc/v69eUXVl5ceX7l2tL6ZqtZ/a2N8b3HfvbvXvHfuxNx6XT89a9Vx98PtX/15P5/Oq80em35yL/enb37ibLaOLGJIv7Vp+of/0ePxz+2a6fiW9VS5YauHNYPyvqHPf6TXz1+v/bf7LH/ez/+ZcyrD2564ZmvfPv3VTXrcxUAYIg6e/u3Vlut5s7ZK7NnW+utLMv+61hnrORnzD1m/fZHZcMHECs/PxpAzo/0SvV/ufLyWRbOLtQ92QbxEPx/VqYf/mmT9n6GD6gy1sMSAAAwBEcn/ePOBAAAAAAAAAAAAAAAAAAAACbXKH7w7GTMg3IwM4bmAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD09J8AAAD//+BH20w=")
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)

1.729059132s ago: executing program 3 (id=7367):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRES32], 0x5c}}, 0x0)

1.655103649s ago: executing program 1 (id=7368):
prctl$PR_MCE_KILL(0x21, 0x1, 0x0)
prctl$PR_MCE_KILL_GET(0x22)

1.472118265s ago: executing program 1 (id=7370):
r0 = socket(0x10, 0x803, 0x0)
fcntl$lock(r0, 0x5, &(0x7f0000000700)={0x2, 0x2, 0x5, 0x4})

1.435062419s ago: executing program 1 (id=7371):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_DELDEST(r0, 0x0, 0x488, &(0x7f0000000380)={{0x11, @private, 0x0, 0x0, 'nq\x00'}}, 0x44)

1.331337169s ago: executing program 3 (id=7373):
futex_waitv(&(0x7f0000000180)=[{0x0, &(0x7f0000000000), 0x2}, {0x3, &(0x7f0000000040)=0x3, 0x2}], 0x2, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x5, 0x0, 0x0, &(0x7f0000000000), 0x0)

1.236157777s ago: executing program 4 (id=7374):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000180081064e81f782db44b904021d080006007c09e8fe55a10a0015000500142603600e1208000f0000000401a8001600a000014001000000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe10000000001001000730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)

1.177950582s ago: executing program 1 (id=7376):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x13, 0x5, 0x0, 0x5, 0x0, 0x70bd27, 0x25dfdbfe, [@sadb_address={0x3, 0x17, 0xff, 0xa0, 0x0, @in={0x2, 0x4e20, @loopback}}]}, 0x28}}, 0x0)

1.103901199s ago: executing program 3 (id=7378):
r0 = syz_usb_connect$uac1(0x0, 0x71, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x3, 0x1, 0x0, 0x0, 0x0, {{}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}}}}]}}, 0x0)
syz_usb_control_io$uac1(r0, &(0x7f00000005c0)={0x14, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="00033a0000003a0308f7b5ab469af8d740d4714f24d433e3eab9a949f6"]}, 0x0)

959.807032ms ago: executing program 1 (id=7381):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x1200084, &(0x7f0000001c80)=ANY=[@ANYBLOB="696f636861727365743d6d616363726f617469616e2c646973636172643d3078303030303030303030303030303030332c6e6f646973636172642c6572726f72733d636f6e74696e75652c696f636861727365743d6d6163637972696c6c69632c0067add4ceec7cb8702b1b4a0ff322839e69b507d7478e0706b00408dc59283f5c0159b8e3c0289dcb182504844ef8e6972cdb3f50680fcb602ed27c1f6b47a91f941f154ae205d34a9b7a7c67efa0c0e2a70251d664fce12ae64a5a521aa83080b7672c4e1566a61a0ade4b6c9d78151053d9fb31fd2cfc77f269f873e14e5fe3c46c0acbb22d40391ae31d2025dcd947adf76739ae4ecbe3b630040b37e2b09d7816e0b93981de1147532cf2f46d4d4904f68fb43cd165b9", @ANYBLOB="3db1bd3c9389ce300f92cc8091d7dfbdcfffeed8bb90e543382e29209562d6483c6fcfdf79d0b465e6bc8ea70762049054a683ca4394e098765d85fa3b798fc191119debc7d45cce724609d275eabc974abf88d2270db005808488efc289084aff3069b2b0a78cdfa1f780c10f6c51d7c9ced6ab3e8a7aa716d5ebe1e8cb6255366a32ca4bfad14e3b1315ec", @ANYRESHEX, @ANYRES64, @ANYRES16, @ANYRESHEX=0x0], 0x1, 0x620f, &(0x7f000000cb40)="$eJzs3cuOHFcZB/Cv+jYXE8fKIgoWQpPEXEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRLNhwUOAkFgCYsmKB8iCLTseAEs2EiirFKqZc8Y1nW73+DJdPT6/nzSu+vpUTZ/yv6svU1V9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIH/7gx2eqiLj0q3TDsYjPRT+iF7HS1GsRsbJ2LC8/iIgXYrs5no+I4VJElRufjXg9Ij4+GnH33q315qaz++zH9//yzz/85MiP/vGn4an//fVG/41py928+dv//u32o28vAAAAlKiu67pKH/OPp8/3va47BQDMRX79r5N8u3rh6s0F649arVarD2HdVk92u11ExGZ7neY9g8PxAHDIbMYnXXeBDsm/aIOIONJ1J4CFVnXdAQ7E3Xu31quUb9V+PVjbac/nguzJf7Pavb5j2nSW8XNM5vX42op+PDelPytz6sMiyfn3xvO/tNM+SssddP7zMi3/0c6lT8XJ+ffH8x/z9OTfm5h/qXL+g4fKvy9/AAAAAABYYPnv/8c6Pv679Pibsi8POv67Nqc+AAAAAAAAAMCT9rjj/+2qjP8HAAAAi6r5rN743dH7t037Lrbm9otVxDNjywOFSRfLrHbdDwAAAAAAAAAAAAAoyWDnHN6LVcQwIp5ZXa3ruvlpG68f1uOuf9iVvv1Qsq6f5AEAYMfHR8eu5a8iliPiYvquv+Hq6mpdL6+s1qv1ylJ+PztaWq5XWp9r87S5bWm0jzfEg1Hd/LLl1nptsz4vz2of/33NfY3q/j46Nh8dBg4AEbHzanTXK9JTpq6fja7f5XA4TNr/+908bHlC7P/sR9ePUwAAAODg1XVdV+nrvI+nY/69rjsFAMxFfv0fPy6gVqvVarX66avb6slut4uI2Gyv07xnMBw/ABwym/FJ112gQ/Iv2iAiXui6E8BCq7ruAAfi7r1b61XKt2q/HqTx3fO5IHvy36y218vrT5rOMn6OybweX1vRj+em9Of5OfVhkeT8e+P5X9ppH6XlDjr/eZmWf7OdxzroT9dy/v3x/Mc8Pfn3JuZfqpz/4KHy78sfAAAAAAAWWP77/7GFOv47etTNmelBx3/XDuxeAQAAAAAAAOBg3b13az1f95qP/39hwnKu/3w65fwr+Rcp598by/+rY8u1xwO+8/b9/P9z79b6H2/8+/N5ut/8l/JMlR5ZVXpEVOmeqkGaPs7WfdbWsD9q7mlY9fqDdM5PPXw3rsTV2IjTe5btpf+P++1n9rQ3PR1ut9f9nfaze9oHu+15/XN72ofpTKd6JbefjPX4eVyNd7bbm7alGdu/PKO9ntGe8+/b/4uU8x+0fpr8V1N7NTZt3Pmo95n9vj2ddD9vXfnib04f/ObMtBX93W1ra7bvpQ76s/1/cmQUv7y+ce3kzcs3blw7E2my59azkSZPWM5/mH52n/9f3mnPz/vt/fXOR6OHzn9RbMVgav4vt+ab7X1lzn3rQs5/lH5y/u+k9sn7/2HOf/r+/2oH/QEAAAAAAAAAAAAAAIAHqet6+xLRtyLifLr+p6trMwGA+cqv/3WSb59X3X/U9f+8dzu66r9aPee6WrD+zLX+tF6s/qjVh7Fuqyd7s11ExN/b6zTvGX496ZcBAIvs04j4V9edoDPyL1j+vr9meqLrzgBzdf2DD396+erVjWvXu+4JAAAAAAAAAPCo8vifa63xn0/UdX17bLk947++HWuPO/7nIM/sDjA6ZaDq/sNv04Ns9Ub9Xmu48Rdj2vjfw925B43/PZhxf8MZ7aMZ7Usz2pdntE+80KMl5/9ia7zzExFxfGz49RLGfx0f874EOf+XWo/nJv+vjC3Xzr/+/WHOv7cn/1M33v/FqesffPjalfcvv7fx3sbPzp05c/rc+fMXLlw49e6Vqxund/7tsMcHK+efx752HmhZcv45c/mXJef/pVTLvyw5/y+nWv5lyfnn93vyL0vOP3/2kX9Zcv6vpFr+Zcn5fy3V8i9Lzv/VVMu/LDn/r6da/mXJ+b+WavmXJed/MtXyL0vO/1Sq95n/ykH3i/nI+ecjXPb/suT885kN8i9Lzv9squVflpz/uVTLvyw5/9dTLf+y5Py/kWr5lyXnfz7V8i9Lzv+bqZZ/WXL+F1It/7Lk/L+VavmXJef/7VTLvyw5/zdSLf+y5Py/k2r5lyXn/91Uy78sOf/vpVr+Zcn5v5lq+Zfl/vf/mzFjxkye6fqZCQAAAAAAAAAAAAAYN4/TibveRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+D87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsLe3cXIddb3Az+zb147kBgI+Tv5m7B2jDHOJrt+iV9oXUx4bXgrCaHQF2zXuzYLfsNrl0Cj2lGgRMKoqKJtuGgLCLW5qbAqLmgFKBeoVaVKpL2gN4gKlYuoCiggVaIVZKuZ8zzPzszOzqy9482Zcz4fify8M2fmnDnzzOx+bb47AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0GzLm2Y/U8uyrFar5RdszLKX1Of6iY2NS17/4h4fAAAAsHq/bPz3+VvSBYdXcKOmbf7pzu9+fWFhYSH7wPCfjn5hYSFdMZFlo+uyrHFddPWHH6w1bxM8no3Xhpq+Huqx++Ee14/0uH60x/VjPa5f1+P68R7XLzkBS6zPaunOtjX+uDE/pdmt2Wjjum0dbvV4bd1Q/dyl22a1xm0WRk9kc9mpbDabbtk+37bW2P6bW+r7ensW9zXUtK/N9RXy00ePx2OohXO8rWVfi/cZ/fiN2cTPfvro8b++8NztnWbP09Byf/lx7thaP85PhUvyY61l69I5icc51HScmzs8J8Mtx1lr3K7+5/bjfH6Fxzm8eJhrqv05H8+GGn9+pnGeRmpZh/O0OVz287uyLLu8eNjt2yzZVzaUbWi5ZGjx+RnPV2T9PupL6eXZyDWt0y0rWKf1ObOtdZ22vybi878l3G5kmWNofpp+/NhY0/P+i4XrWadR/VEv91ppX4P9fq0UZQ3GdfFM40E/0XENbguP/9Hty6/BjmunwxpMj7tpDW7ttQaHxoYbx5yehFrjNotrcFfL9sONPdUa89nt3dfg1IXT56bmP/HJe+ZOHzs5e3L2zJ5du6b37Nt34MCBqRNzp2an8/9e59kuvg3ZUHoNbA3nLr4GXtu2bfNSXfjy2JL33+t9HY53eR1ubNu236/DkfYHV1ubF+TSNZ2/Nt5XP+njV4ayZV5jjedn5+pfh+lxN70OR5pehx2/p3R4HY6s4HVY3+bczpX9zDLS9L9Ox7D894LVrcGNTWuw/eeR9jXY759HirIGx8O6+P7O5b8XbA7H+8Tktf48MrxkDaaHG9576pekn/fHDzRGp3V5R/2Km8ayi/Oz5+995NiFC+d3ZWGsiVc0rZX29bqh6TFlS9br0DWv18Nzdz5xR4fLN4ZzNX5P/T/jyz5X9W323tv9uWp8d+t8Plsu3Z2F0WdrfT47fTevn8+xLPvidx578FuPfvFNy57Pet781NTqfxZPubTp/Xd0mfffmPtfyPeX7urx4dGR/PU7nM7OaMv7cetTNdJ476o19v381Mrej0fD/9b6/fjWLu/Hm9q27ff78Wj7g4vvx7Vef9uxOu3P53hYJ6emu78f17fZtPta1+RI1/fju8KshfP/upAUUi5qWjvLrdu0r5GR0fC4RuIeWtfpnpbt43qr7+up3de3Tnfcld/XcHp0i9ZqnU60bdvvdZr+7mu5dVrr9bdv16f9+RwP6+LWPd3XaX2bp/eu/r1zffxj03vnWK81ODo8Vj/m0bQIG+/32cL6uAbvzY5nZ7NT2Uzj2rHGeqo19jV538rW4Fj431q/V27qsgZ3tG3b7zWYvo8tt/ZqI0sffB+0P5/jYV08eV/3NVjf5s37+/uz645wSdqm6WfX9r9fW+7vvO5oO003aq2MhOP8zv7ufzdb3+bUgWvNmd3P093hkps6nKf21+9yr6mZbG3O06ZwnM8dWP481Y+nvs0XDq5wPR3OsuzSx+5v/H1v+PeVv7v4va+3/LtLp3/TufSx+3/y0hP/eC3HD8DgeyEfG/LvdU3/MrWSf/8HAAAABkLM/UNhJvI/AAAAlEbM/fH/FZ7I/wAAAFAaMfePhJlUJP9vevNzcy9cylIzfyGI16fT8EC+Xey4ToevJxYW1S+//6uz//0Pl1a276Esy37xwB903H7TA/G4chPhOK++pfXyJb5+z4r2ffThS2m/zf31L4X7j49npcugUwV3Osuyb97yucZ+Jj54pTGffuBoYz54+YnH69s8fzD/Ot7+2Vfk2/9FKP8ePnGs5fbPhvPwozCn39H5fMTbfe3K6zbvf//i/uLtaltvbjzsJz+U32/8PTmffzzfPp7n5Y7/W5996mv17R95TefjvzTU+fifCvf71TD/51X59s3PQf3reLtPh+OP+4u3u/cr3+54/Fc/k29/7q35dkfDjPvfEb7e9tbn5prP1yO1Yy2PK3tbvl3c//T3/rhxfby/eP/txz9+5ErL+WhfH0//W34/U23bx8vjfqK/b9t//X6a12fc/1N/dLTlPPfa/9UHn31V/X7b939323bnPrazsf/F+2v9jU1/+enPddxfPJ7Df3uu5fEcfm94HYf9P/mhsB7D9f97Nb+/9t+ucPS9re8/cfsvbbzU8niit/8s3//VN5xszHXj6zfc9JKX3nz51fVzl2XPrMvvr9f+T/7V2Zbj//Jt+fmI18eOfvv+lxP3f/7jk2fOzl+cm0ln9dFbGr8755358cTjvSW8t7Z/feTshQ/Pnp+YnpjOsony/gq96/aVMH+Sj8vdt15Y8g668+HwfN7x59/csP1fPxsv//f35ZdfeUf+feu1YbvPh8s3hufv2va/1JNbbmu8vmtPhyNcWPr7gldj87b/OrCiDcPjb/+5IK73c6/8cOM81K9rfN+Ir+tVHv8PZvL7+UY4rwvhNzNvvW1xf83bx9+NcOWh/PW+6vMX3ubi8/o34fl+14/y+4/HFR/vD8LPMd/e1Pp+F9fHNy4Ntd9/47d4XA7vJ9nl/Pq4VTzfV56/rePhxd9Dkl2+vfH1n6T7uf2aHuZy5j8xP3Vq7szFR6YuzM5fmJr/xCePnD578cyFI43f5XnkI71uv/j+tKHx/jQzu29v1ni3OpuPG+zFPv5zDx+f2T+9fWb2xLGLJy48fG72/Mnj8/PHZ2fmtx87cWL2471uPzdzaNfug3v27548OTdz6MDBg3sOTs6dOVs/jPygetg3/dHJM+ePNG4yf2jvwV333bd3evL02ZnZQ/unpycv9rp943vTZP3Wvz95fvbUsQtzp2cn5+c+OXto18F9+3b3/G2Ap8+dmJ+YOn/xzNTF+dnzU/ljmbjQuLj+va/X7Smn+f/If55tV8t/EV/2nrv3pd/PWvfVx5a9q3yTtl8g+lz4XTT//LJzB1bydcz9o2EmFcn/AAAAUAUx94+Fmcj/AAAAUBox968LM5H/AQAAoDRi7h8PM6lI/i9d/3/TpRXtX/9f/7/5fOn/V6z//1DR+v/5+4X+f3+stn+v/x/o/+v/6//r/+v/0wdF6//H3L8+yyqZ/wEAAKAKYu7fEGYi/wMAAEBpxNx/U5iJ/A8AAAClEXP/S8JMKpL/9f/1//X/9f/1/zvvX/9/MOn/d6f/34P+/1RWrf7/5X4ev/6//j9LFa3/H3P/S8NMKpL/AQAAoApi7r85zET+BwAAgNKIuf+WMBP5HwAAAEoj5v6NYSYVyf/6//r/+v/6//r/nfev/z+Y9P+70//vQf/f5//r/+v/01dF6//H3P+yMJOK5H8AAACogpj7Xx5mIv8DAABA8Yxc381i7n9FmMmS/H+dOwAAAABedDH335q1FcEr8u//+v/6/8Xv/69L1+n/6/9nhez/D2f6/8Wh/9+d/n8P+v/6//r/+v/0VdH6/43cn41nrwwzqUj+BwAAgCqIuf+2MBP5HwAAAEoj5v7/F2Yi/wMAAEBpxNy/KcykIvlf/1//v/j9f5//r/9f9P6/z/8vEv3/7vT/e9D/1//X/9f/p6+K1v+Puf/2MJOK5H8AAACogpj77wgzkf8BAACgNGLu//9hJvI/AAAAlEbM/ZvDTCqS//X/C97/j81R/X/9f/1//X/9/xXR/+9O/78H/X/9f/1//X/6qmj9/5j7XxVmUpH8DwAAAFUQc/+dYSbyPwAAAJRGzP2vDjOR/wEAAKA0Yu6fCDOpSP7X/y94/z/vwY/5/H/9f/1//X/9/5XR/+9O/78H/X/9/770/xcu6f/r/5MrWv8/5v4tYSYVyf8AAABQBTH3bw0zkf8BAACgNGLuvyvMRP4HAACA0oi5f1uYSUXyv/7/QPT/M/1//X/9f/1//f+V0f/vTv+/B/1//X+f/6//T18Vrf8fc/9rwkwqkv8BAACgCmLu3x5mIv8DAABAacTc/9owE/kfAAAASiPm/h1hJhXJ//r/+v/6//r/+v+d96//P5j0/7vT/+9B/1//X/9f/5++Klr/P+b+14WZVCT/AwAAQBXE3L8zzET+BwAAgNKIuf/uMBP5HwAAAEoj5v7JMJOK5H/9f/1//X/9f/3/zvvX/x9M+v/d6f/3oP/fr/78sP6//r/+P1kB+/8x998TZlKR/A8AAABVEHP/vWEm8j8AAACURsz9U2Em8j8AAACURsz902EmFcn/+v/6/6vu/zc9eP3/CvT/X714v/r/Of3/YtH/707/v4f+9f9Hsmr3/33+/3X3/0f1/ymVovX/Y+7fFWZSkfwPAAAAVRBz/+4wE/kfAAAASiPm/j1hJvI/AAAAlEbM/XvDTCqS//X/9f99/r/+v8//77x//f/BpP/fXf/7//Eh6v/7/H/9f5//r//PUkXr/8fcf1+YSUXyPwAAAFRBzP37wkzkfwAAACiNmPv3h5nI/wAAAFAaMfcfCDOpSP7X/9f/1//X/9f/77x//f/BpP/fXdU//39jrwPQ/9f/1//X/2eVHvrD5q+K1v+Puf9gmElF8j8AAABUQcz9rw8zkf8BAACgNGLu/5UwE/kfAAAASiPm/l8NMylL/u/RPNT/1//X/9f/1//vvH/9/8Gk/99d1fv/Pen/6//r/+v/01dF6//H3H8ozKQs+R8AAABIuf/XwkzkfwAAACiNmPvfEGYi/wMAAEBpxNx/OMykIvlf/1//X/9f/1//v/P+17r/PxbvV/9/VfT/u9P/70H/X/9f/1//n74qWv8/5v43hplUJP8DAABAFcTcf3+YifwPAAAApRFz/5vCTOR/AAAAKI2Y+98cZlKR/K//r/+v/6//r//fef8+/38w6f93txb9/2H9f/1//X/9f/1/gqL1/2Puf0uYSUXyPwAAAFRBzP1vDTOR/wEAAKA0Yu5/W5iJ/A8AAAClEXP/28NMKpL/9f/1//X/9f/1/zvvX/9/MOn/d+fz/3vQ/9f/1//X/6evitb/j7n/18NMKpL/AQAAoApi7n8gzET+BwAAgNKIuf8dYSbyPwAAAJRGzP3vDDOpSP7X/9f/1//X/9f/77x//f/BpP/f3YD1/395c7hc/z+n/1/s47/W/v9I29c3pP//w+X6/wvr2m+v/8+NULT+f8z97wozqUj+BwAAgCqIuf/dYSbyPwAAAJRGzP3vCTOR/wEAAKA0Yu7/jTCTiuR//f/6cSy2l/X/y9r/H9L/1//X/68I/f/uBqz/7/P/2+j/F/v4ff6//j9LFa3/H3P/e8NMKpL/AQAAoApi7n8wzET+BwAAgNKIuf+hMBP5HwAAAEoj5v73hZlUJP/r//v8/2r0/33+f6b/r/9fEfr/3en/96D/r/9ftP7/f+r/M9iK1v+Puf/hMJOK5H8AAACogpj73x9mIv8DAABAacTc/5thJvI/AAAAlEbM/R8IM6lI/tf/H5T+/8SA9v8f0/+/gf3/O2/Ot9P/1/9nkf5/d/r/Pej/6/8Xrf/v8/8ZcEXr/8fc/8Ewk5Xn//EVbwkAAAC8KGLu/60wk4r8+z8AAABUQcz9vx1mIv8DAABAacTc/zthJhXJ//r/N6T/3/jS5//7/P/29eHz//X/9f9vvLXr/8d3Hv1//X/9/0j/v0D9/4v6/xRD0fr/Mff/bphJRfI/AAAAVEHM/R8KM5H/AQAAYCB0+ky2djH3Hwkzkf8BAACgNGLuPxpmUpH8r/8/KJ//r/+fVa3//2db/+X733330V36//r/+v/XZE0//7/+4vf5//r/+v+J/n+B+v8+/5+CKFr/P+b+Y2EmFcn/AAAAUAUx9/9emIn8DwAAAKURc//xMBP5HwAAAEoj5v6ZMJOK5H/9f/1//f+C9v8H+PP/4/nQ/2/Vt/5/fNPV/+8o79+nVXRj+//vX+yJ6/9fa/9/rOOl+v/6/4N8/Pr/+v8sVbT+f8z9s2EmFcn/AAAAUAUh9w+dyOfiFfI/AAAAlEbM/SfDTOR/AAAAKI2Y+z8cZlKR/K//r/+v/6//7/P/O++/W/+/NuLz/4sq9e9/3nih6P+3KU7/vzP9f/3/QT5+/X/9f5YqWv8/5v65MJOK5H8AAACogpj7PxJmIv8DAABAacTc/9EwE/kfAAAASiPm/lNhJhXJ//r/+v/6//r/+v+d91/Yz//X/+9qtf17/f9A/1//X/9f/1//nz4oWv8/5v7TYSYVyf8AAABQBTH3nwkzkf8B/o+9O2myqz7vOH47SKVWwSK7LLJJVZZ5CSySdfICssgmi6QqlUVIQhIyIzKPJNjGs43B84AHMBhjGzwP4Akbz2Abz/OAJ4xNyUX38zxS3z59bnfrdvc5///ns+CJOjT3Qqkk/dT6+gAAQDNy918Vt9j/AAAA0Izc/X8at3Sy//X/+v9m+//f1P/v9fr6f/1/y/T/4/T/K+j/9f/6f/0/azW1/j93/5/FLZ3sfwAAAOhB7v4/j1vsfwAAAGhG7v6r4xb7HwAAAJqRu/8v4pZO9v9S/7+xmFj/n33tEff/+TL6/5b6f8//3/P19f/6/5Ydb/9/3ZM/8un/9f/6/6D/31f/f2avz9f/06Kp9f+5+/8ybulk/wMAAEAPcvf/Vdxi/wMAAEAzcvdfE7fY/wAAANCM3P1/Hbd0sv/X9/z/s1sf9/z/C/T/+v/l7x/6f/2//v/oef7/uJ76/6sfvPxPHr3zV+86yOvr//X/nv+v/2e9ptb/5+7/m7ilk/0PAAAAPcjd/7dxi/0PAAAAzcjd/3dxi/0PAAAAzcjd//dxSyf7f339/9E8/z/p//X/C/2//n/p30f/r/8fov8fN/X+/7Tn/+v/Z/z+9f/6f3abWv+fu/8f4pZO9j8AAAD0IHf/P8Yt9j8AAAA0I3f/tXGL/Q8AAADNyN1/Lm7pZP/r/4++/39C/6//j6v/1//r/4+e/n/c1Pv/dT7//zCvr//X/+v/9f+s19T6/9z918Utnex/AAAA6EHu/n+KW+x/AAAAaEbu/n+OW+x/AAAAaEbu/n+JWzrZ//p/z//X/+v/9f/Dr6//nyf9/zj9/wr6/0vt50/r//X/+n8udsD+//GRH7bX0v/n7v/XuKWT/Q8AAAA9yN3/b3GL/Q8AAADNyN3/73GL/Q8AAADNyN3/H3FLJ/tf/6//1//r/w/d/+/+rrdF/z9M/3889P/jJtP/b5wa/HC3/f9j22+0gf7f8//1//p/dpja8/9z9/9n3NLJ/gcAAIAe5O7/r7hlZP8f+DfzAQAAgBOVu/+/4xZf/wcAAIDZy+osd///xC2d7H/9v/5f/6//9/z/4dcf6//vuuj96f+nRf8/bjL9/x667f8XF96v/n++71//r/9nt6n1/7n7/zdu6WT/AwAAQA9y918ft9j/AAAA0Izc/f8Xt9j/AAAA0Izc/f8ft3Sy/4f7/wv/f/3//uj/d75//f/w94919f/5T9T/j/b/v+X5/33S/487/v7/jP5/5z9f/3+ETvr9N97/n131+fp/hkyt/8/df0Pc0sn+BwAAgB7k7n9K3GL/AwAAQDNy9z81brH/AQAAoBm5+58Wt3Sy/z3/X/+v/59f/7/8/P+k/992HM//Xxx7/39K/79P+v9xnv+/gv5f/6//9/x/1mpq/X/u/hvjlk72PwAAAPTgxscWW7v/6YuF/Q8AAABzdPGfHVj+A6Uhd/8z4hb7HwAAAJqRu/+ZcUsn+1//r//X/8+///f8/x76f8//3y/9/zj9/wr6/6Po50811v/ftNfnT6H/v1b/z8Ts6P/vufDxk+r/c/c/K27pZP8DAABAD3L3Pztusf8BAACgGbn7nxO32P8AAADQjNz9z41bOtn/R97/n937tfX/+n/9v/5f/6//Xzf9/zj9/wr6f8//9/x//T9rtaP/v8hJ9f+5+58Xt3Sy/wEAAKAHufufH7fY/wAAANCM3P03xS32PwAAADQjd/8L4pZO9r/n/+v/9f/6f/3/8Ovr/+dJ/z9O/7+C/l//r//X/7NWU+v/c/ffHLd0sv8BAACgB7n7b4lb7H8AAABoRu7+F8Yt9j8AAAA0I3f/i+KWTva//v9o+//8uP5f/7/Q/+v/9f/Hotv+f2PoZ6Ld9uj/7/+jc7+z8yP6f/2//l//r/9nDSbR/5+/8KvL3P0vjls62f8AAADQg9z9L4lb7H8AAABoRu7+l8Yt9j8AAAA0I3f/y+KWA+7/X17ruzo++n/P/9f/6//1/8Ovr/+fp9n1/6d3ftPz//X/+v/5vn/9v/6f3SbR/1/07dz9L49bfP0fAAAAmpG7/xVxi/0PAAAAzcjd/8q4xf4HAACAZuTuf1Xc0sn+1//r//X/+n/9//DrH7b/31wM0/8fj9n1/0v0//p//f9837/+X//PblPr/3P33xq3dLL/AQAAoAe5+18dt9j/AAAA0Izc/a+JW+x/AAAAaEbu/tfGLZ3sf/2//l//r//X/w+/vuf/z5P+f5z+f7FY3DbyBob6//Nn9P/6f/2//p9Dmlr/n7v/dXFLJ/sfAAAAepC7/7a4xf4HAACAZuTuvz1usf8BAACgGbn7Xx+3dLL/9f/6f/2//l//P/z6+v950v+P0/+v4Pn/+n/9v/6ftZpa/5+7/464pZP9DwAAAD3I3X9n3GL/AwAAQDNy978hbrH/AQAAoBm5+++KWzrZ//p//b/+X/9/JP3/Of3/Mv3/8Ti6/n+h/9f/6/9X0P/r//X/LDuu/v/x+PF+Vf+fu/+NcUsn+x8AAAB6kLv/7rjF/gcAAIBm5O5/U9xi/wMAAEAzcve/OW7pZP/r//X/+n/9v+f/D7++/n+ePP9/nP5/Bf2//l//r/9nrY6r/9+r91/+du7+t8Qtnex/AAAA6EHu/nviFvsfAAAAmpG7/964xf4HAACAZuTuf2vc0sn+1//r/3f2/4uF/l//r//fdgz9/+ZC/792+v9x+v8V9P9t9v+/tGio/z+75+fr/5miqfX/ufvfFrd0sv8BAACgB7n73x632P8AAADQjNz974hb7H8AAABoRu7+d8YtLe3/J/ZO3+bf/59Z+kT9/2KxeOgaz//X/4+8vv5/Mv1//VfV/6+P/n+c/n8F/X+b/b/n/+v/OTFT6/9z978rbmlp/wMAAEDncve/O26x/wEAAKAZufvfE7fY/wAAANCM3P3vjVs62f/z7/+XP1H/v7ik5//r/7c+oP/X/+v/Z+tS+/ubN+PnNP2//l//P9jPb+zx656F/l//r/9nwNT6/9z974tbOtn/AAAA0IPc/ffFLfY/AAAANCN3//1xi/0PAAAAzcjd//64pZP9r//X/+v/59n/b+r/9f/6/0F79vdX7O/z1/X8/yuv/O0H9P/6/xb7/zH6f/2//p9lU+v/c/d/IG7pZP8DAABAD3L3fzBusf8BAACgGbn7PxS32P8AAADQjNz9H45bOtn/u/v/04vtQnXbUP8fjZr+/yL6/53vX/8//P3D8//1//r/o3epz99fV//v+f+He//6f/3/nN//gfr/X9v9+fp/WjS1/j93/wNxy8jw2/stAQAAAFOUu/8jcUsnX/8HAACAHuTu/2jcYv8DAABAM3L3Pxi3dLL/Pf9f/6//1//r/4dfX/8/T/r/cfr/FfT/+n/P/7/qDy7T/7M+U+v/c/d/LG7ZGn6/fsUh/zUBAACACcnd//G4pZOv/wMAAEAPcvd/Im6x/wEAAKAZufs/Gbd0sv/1//p//b/+X/8//Pr6/3nS/4/T/6/QT/+/OfTBk+7nL9VJv/9m+n/P/2eNptb/5+7/VNzSyf4HAACAHuTu/3TcYv8DAABAM3L3fyZusf8BAACgGbn7H4pbOtn/+n/9f/v9/+/r/5deX/+v/2+Z/j9/Rh+m/1+hn/5/0En383N///r/sf7/4D8e0oap9f+5+x+OWzrZ/wAAANCD3P2fjVvsfwAAAGhG7v7PxS32PwAAADQjd//n45ZO9r/+v6/+f2PRY//v+f/6f/1/T+bT/99yauijnv+v/9f/z/f96/89/5/dptb/5+5/ZONUl/sfAAAA5up3f+OPH97v3/vI1l83F1+IW+x/AAAAaEbu/i/GLfY/AAAANCN3/5filk72v/6/r/6/z+f/6//1//r/nsyn/x+m/9f/6//n+/71//p/dpta/5+7/8txy0XDb/B/oAcAAACYjdz9X4lbOvn6PwAAAPQgd/9X45Zd+//8Pv9UOwAAADA1ufu/Frd08vV//f/E+//FEfX/8ffp/7fp//X/Q6+v/58n/f+4S+z/z2/o//X/I/T/+n/9P8um1v/n7r/7jkWX+x8AAAAateN3FL6+9dfNxTfiFvsfAAAAmpG7/5txi/0PAAAAzcjd/624pZP9r/+feP9/qOf/n63/y/P/O+//r98cfH39v/6/Zfr/cZ7/v4L+X/+v/9f/s1YH6P+3BulR9/+5+78dt3Sy/wEAAKAHufu/E7fY/wAAANCM3P3fjVvsfwAAAGhG7v7vxS2d7H/9/wn0/zecWSyOtP/fx/P/9f999P97vH47/f+vXH7uvt/7w9tv1f9zwXH2//l9Qf+v/9f/b9P/6//1/yyb2vP/c/d/P27pZP8DAABAD3L3Pxq32P8AAADQjNz9P4hbntz/957UuwIAAADWKXf/D+OWTr7+r/9v8fn/8+z/87/1CfT/5+bX/2dT3Hv/7/n/+v/dPP9/nP5/Bf2//l//r/9nrabW/+fu/1Hc0sn+BwAAgB7k7v9x3JL7f+PAv3UPAAAATEzu/p/ELb7+DwAAAM3I3f9Y3NLJ/tf/6/8P2/+f9fx/z//X/2/R/0+L/n+c/n8F/b/+X/+v/2etptb/5+7/adzSyf4HAACAHuTufzxusf8BAACgGbn7fxa32P8AAADQjNz9P49bOtn/+n/9/1Se/5/0/xc+T/+/Tf+v/z8I/f+4g/T/lw38ukD/r/8fo//X/+v/WTa1/j93/y8CAAD//zJLcR4=")
truncate(&(0x7f00000000c0)='./file1\x00', 0xefff)

950.169713ms ago: executing program 2 (id=7382):
r0 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f0000000140)={0x2, 0x0, @multicast2}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000180)="080027226da0d6c1", 0x8}], 0x1, &(0x7f0000000200)=ANY=[@ANYBLOB="140000000000000001"], 0x48}, 0x0)

911.289297ms ago: executing program 4 (id=7383):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000001040)={'gre0\x00', &(0x7f0000000000)={'syztnl2\x00', 0x0, 0x2000, 0x80, 0x4, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x3, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}}}})

885.954669ms ago: executing program 0 (id=7384):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000200)={0x1c, 0x28, 0x1, 0x0, 0x0, "", [@nested={0x4}, @typed={0x8, 0x17, 0x0, 0x0, @uid=0xffffffffffffffff}]}, 0x1c}], 0x1}, 0x0)

784.304898ms ago: executing program 2 (id=7385):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x8, 0x3, 0x0, 0x1, [@CTA_NAT_PROTO={0x4}]}]}, 0x6c}}, 0x0)

743.278892ms ago: executing program 4 (id=7386):
r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000480)={0x0, "a13af44834554fd2dd6ba86c57a6c49246dfb680786178e94f01da81cbc0e283", 0x4, 0x80, 0x8, 0x4, 0x4, 0x9fb3f6164d11537f, 0x6, 0xfffffffd})

730.139543ms ago: executing program 0 (id=7387):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_G_SLICED_VBI_CAP(r0, 0xc0745645, &(0x7f0000000240)={0x0, [], 0x4})

669.402979ms ago: executing program 2 (id=7388):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001180)=@newtaction={0xe68, 0x30, 0x25, 0x0, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)

587.643727ms ago: executing program 4 (id=7389):
r0 = syz_mount_image$btrfs(&(0x7f0000000080), &(0x7f00000015c0)='./file0\x00', 0x0, &(0x7f0000001600), 0x0, 0x559e, &(0x7f000000ac40)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
ioctl$BTRFS_IOC_GET_FEATURES(r0, 0x80189439, &(0x7f0000000000))

587.404197ms ago: executing program 0 (id=7390):
r0 = syz_open_dev$video4linux(&(0x7f0000000040), 0xaa7, 0x0)
ioctl$VIDIOC_SUBDEV_G_CROP(r0, 0xc0585604, &(0x7f0000000000))

503.978704ms ago: executing program 0 (id=7391):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="200000000f14010000000000000000000d0040"], 0x20}}, 0x0)

487.946986ms ago: executing program 2 (id=7392):
r0 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r0, &(0x7f0000000400)=@in6={0x21, 0x0, 0x2, 0xfffffffffffffee6, {0x2, 0xffff, 0x20000002, @loopback, 0x5}}, 0x24)

320.028361ms ago: executing program 2 (id=7393):
r0 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$netlink(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000580)=ANY=[@ANYBLOB="2c02000010000b0500000200000000006f6d8864d22a3e2f00a46c887c090200002b0e13e735a3184f1b3d6da2f1acfac0ee50d2b184b27db1f302de337c0004060000000000bf852c89867f6691b01b2d44e4ff2d2828"], 0x22c}], 0x1}, 0x0)

304.078262ms ago: executing program 0 (id=7394):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
sendto$inet(r0, &(0x7f0000000000)='\x00', 0x1, 0x2000c850, &(0x7f0000000140)={0x2, 0x4e24, @dev}, 0x10)

77.584953ms ago: executing program 0 (id=7395):
r0 = memfd_secret(0x0)
fremovexattr(r0, &(0x7f0000000400)=ANY=[@ANYBLOB='s'])

548.51µs ago: executing program 1 (id=7396):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000e00), 0x2, 0x0)
writev(r0, &(0x7f0000000080)=[{&(0x7f0000000280)="660667c4356b97ecbc65047daacc7dc7fc240236c56eea4c550c45db51a539e94b2f995fff5070f3afb9536ac25cba1f8b32a03b8603b950585bbe0d", 0x3c}], 0x1)

0s ago: executing program 2 (id=7397):
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x2000084d, &(0x7f00000000c0)=ANY=[], 0xc1, 0x14f5, &(0x7f0000000640)="$eJzs3AuYjlXXOPC99t43Y5r0NMlh2GuvmycNtkmSHBJySJIkSXJKSJokSUgMOSUNSchxkhyGkBymMWmcz4eckyavNEkSklPY/0vv+33e9+v9vr7v//b/u65v1u+69jV7zf2s9ax71lzz3PdzXfP80HNUvRb1azcjIvEvgb9+SRFCxAghhgkhbhBCBEKISvGV4q8cL6Ag5V97EvbnejT9WnfAriWef97G88/beP55G88/b+P55208/7yN55+38fwZy8u2zyl2I6+8u/j9/7yMX///F8ktP/mbjeVv7vU/SOH55208/7yN55+38fzzNp5/3sbz/9+v1n9xjOeft/H8GcvLrvX7z7yu7brWv3+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxvKGc/4qLYT4t/217osxxhhjjDHGGGN/Hp//WnfAGGOMMcYYY4yx//dASKGEFoHIJ/KLGFFAxIrrRJy4XhQUN4iIuFHEi5tEIXGzKCyKiKKimEgQxUUJYQQKK0iEoqQoJaLiFlFa3CoSRRlRVpQTTpQXSeI2UUHcLiqKO0QlcaeoLO4SVURVUU1UF3eLGuIeUVPUErXFvaKOqCvqifriPtFA3C8aigdEI/GgaCweEk3Ew6KpeEQ0E4+K5uIx0UI8LlqKJ0Qr0Vq0EW1Fu/+r/FdEX/Gq6Cf6ixQxQAwUr4lBYrAYIoaKYeJ1MVy8IUaIN0WqGClGibfEaPG2GCPeEWPFODFevCsmiIlikpgspoipIk28J6aJ98V08YGYIWaKWWK2SBdzxFzxoZgn5osF4iOxUHwsFonFYolYKjLEJyJTLBNZ4lOxXHwmssUKsVKsEqvFGrFWrBPrxQaxUWwSm8UWsVVsE9vF52KH2Cl2id1ij9gr9okvxH7xpTggvhI54uv/Yf7Z/5DfCwQIkCBBg4Z8kA9iIAZiIRbiIA4KQkGIQATiIR4KQSEoDIWhKBSFBEiAElACEBAICEpCSYhCFEpDaUiERCgLZcGBgyRIggpwO1SEilAJKkFlqAxVoCpUhepQHWpADagJNaE21IY6UAfqQT24D+6D+6EhNIRG0AgaQ2NoAk2gKTSFZtAMmkNzaAEtoCW0hFbQCtpAG2gH7aA9tIcO0AE6QSfoDJ2hC3SBZEiGrtAVukE36A7doQf0gJ7QE3pBb+gNr8Ar8Cq8Cv2hjhwAA2EgDIJBMASGwlB4HYbDG/AGvAmpMBJGwVvwFrwNY+AMjIVxMB7GQw05ESbBZCA5FdIgDabBNJgO02EGzISZMBvSYQ7MhbkwD+bDfPgIFsLH8DEshsWwFDIgAzJhGWRBFiyHs5ANK2AlrILVsAZWwzpYD+tgI2yCjbAFtsA22Aafw+ewE3bCbtgNe2EvfAFfwJfwJaRCDuTAQTgIh+AQHIbDkAu5cASOwFE4CsfgGByH43ACTsIpOAmn4TScgbNwDs7BBbgAF+GlhO+a7y2zIVXIK7TUMp/MJ2NkjIyVsTJOxsmCsqCMyIiMl/GykCwkC8vCsqgsKhNkgiwhS0iUKEmGsqQsKaMyKkvL0jJRJsqysqx00skkmSQryAqyoqwoK8k7ZWV5l6wiq8qOrrqsLmvITq6mrCVry9qyjqwr68n6sr5sIBvIhrKhbCQbycaysWwiH5ZN5QAYAo/KK5NpIUdCSzkKWsnWso1sK9+GJ2V7OQY6yI6yk3xajoOx0EW2d8nyOdlVToJu8gU5GV6UPeRU6Clflr1kb9lHviL7yg6un+wvZ8AAOVDOhkFysBwih8p5UFdemVg9+aZMlSPlKPmWXApvyzHyHTlWjpPj5btygpwoJ8nJcoqcKtPke3KafF9Olx/IGXKmnCVny3Q5R86VH8p5cr5cID+SC+XHcpFcLJfIpTJDfiIz5TKZJT+Vy+VnMluukCvlKrlarpFr5Tq5Xm6QG+UmuVlukVvlNrldfi53yJ1yl9wt98i9cp/8Qu6XX8oD8iuZI7+WB+Vf5CH5jTwsv5W58jt5RH4vj8of5DH5ozwuf5In5El5Sv4sT8tf5Bl5Vp6T5+UF+au8KC/Jy9JLoUBJpZRWgcqn8qsYVUDFqutUnLpeFVQ3qIi6UcWrm1QhdbMqrIqooqqYSlDFVQllFCqrSIWqpCqlouoWVVrdqhJVGVVWlVNOlVdJ6jZVQd2uKqo7VCV1p6qs7lJVVFVVTVVXd6sa6h5VU9VStdW9qo6qq+qp+uo+1UDdrxqqB1Qj9aBqrB5STdTDqql6RDVTj6rm6jHVQj2uWqonVCvVWrVRbVU79aRqr55SHVRH1Uk9rTqrZ1QX9axKVs+prup51U29oLqrF1UP9ZLqqV5WvVRv1UddUpeVV/1Uf5WiBqiB6jU1SA1WQ9RQNUy9roarN9QI9aZKVSPVKPWWGq3eVmPUO2qsGqfGq3fVBDVRTVKT1RQ1VaWp99Q09b6arj5QM9RMNUvNVulqjhryt0oL/hv57/+T/BG/Pfs2tV19rnaonWqX2q32qL1qn9qn9qv96oA6oHJUjjqoDqpD6pA6rA6rXJWrjqgj6qg6qo6pY+q4Oq5OqJPqvPpZnVa/qDPqrDqrzqsL6oK6+LefgdCgpVZa60Dn0/l1jC6gY/V1Ok5frwvqG3RE36jj9U26kL5ZF9ZFdFFdTCfo4rqENhq11aRDXVKX0lF9iy6tb9WJuowuq8tpp8vrJH3bv5z/R/210+10e91ed9AddCfdSXfWnXUX3UUn62TdVXfV3XQ33V131z10D91T99S9dC/dR/fRfXVf3U/30yk6RQ/Ur+lBerAeoofqYfp1PVwP1yP0CJ2qU/UoPUqP1qP1GD1Gj9Vj9Xg9Xk/QE/QkPUlP0VN0mk7T0/Q0PV1P1zP0DD1Lz9LpOl3P1XP1PD1PL9AL9EK9UC/Si/QSvURn6AydqTN1ls7Sy/Vyna1X6BV6lV6l1+g1ep1epzfoDXqT3qS36C06W2/X2/UOvUPv0rv0Hr1H79P79H69Xx/QB3SOztEH9UF9SB/Sh/Vhnatz9RF9RB/VR/UxfUwf18f1CX1Cn9Kn9Gl9Wp/RZ/Q5fU5f0Bf0RX1RX9aXr1z2BTKQgQ50kC/IF8QEMUFsEBvEBXFBwaBgEAkiQXwQHxQKbg4KB0WCokGxICEoHpQITICBDSgIg5JBqSAa3BKUDm4NEoMyQdmgXOCC8kFScFtQIbg9qBjcEVQK7gwqB3cFVYKqQbWgenB3UCO4J6gZ1ApqB/cGdYK6Qb2gfnBf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmwSNBs+DRoHnwWNAieDxoGTwRtApaB22CtkG7P7W+92eKPOX6mf4mxQwwA81rZpAZbIaYoWaYed0MN2+YEeZNk2pGmlHmLTPavG3GmHfMWDPOjDfvmglmoplkJpspZqpJM++ZaeZ9M918YGaYmWaWmW3SzRwz13xo5pn5ZoH5yCw0H5tFZrFZYpaaDPOJyTTLTJb51Cw3n5lss8KsNKvMarPGrDXrzHqzwWw0m8xms8VsNdvMdvO52WF2ml1mt9lj9pp95guz33xpDpivTI752hw0fzGHzDfmsPnW5JrvzBHzvTlqfjDHzI/muPnJnDAnzSnzszltfjFnzFlzzpw3F8yv5qK5ZC4bf+Xi/srLO2rUmA/zYQzGYCzGYhzGYUEsiBGMYDzGYyEshIWxMBbFopiACVgCS+AVhIQlsSRGMYqlsTQmYiKWxbLo0GESJmEFrIAVsSJWwkpYGStjFayC1bAa3o134z14D9bCWngv3ot1sS7Wx/rYABtgQ2yIjbARNsbG2ASbYFNsis2wGTbH5tgCW2BLbImtsBW2wTbYDtthe2yPHbADdsJO2Bk7YxfsgsmYjF2xK3bDbtgdu2MP7IE9sSf2wl7YB/tgX+yL/bAfpmAKDsSBOAgH4RAcgsNwGA7H4TgCR2AqpuIoHIWjcTSOwTE4FsfheHwXJ+BEnISTcQpOxTRMw2k4DafjdJyBM3AWzsJ0TMe5OBfn4TxcgAtwIS7ERbgIl+ASzMAMzMRMzMIsXI7LMRuzcSWuxNW4GtfiWlyP63EjbsTNuBm34lbcjttxB+7AXbgL9+Ae3If7cD/uxwN4AHMwBw/iQTyEh/AwHsZczMUjeASP4lE8hsfwOB7HE3gCT+EpPI2n8QyewXN4Di/gr3gRL+Fl9BhjpYi119k4e70taG+wMbaA/fu4qC1mE2xxW8IaW9gW+YcYrbWJtowta8tZZ8vbJHvb7+IqtqqtZqvbu20Ne4+t+bu4gb3fNrQP2Eb2QVvf3vcPcWP7kG1iH7dN7RO2mW1tm9u2toV93La0T9hWtrVtY9vazvYZ28U+a5Ptc7arff53caZdZtfbDXaj3WT32y/tOXveHrU/2Av2V9vP9rfD7Ot2uH3DjrBv2lQ78nfxePuunWAn2kl2sp1ip/4unmVn23Q7x861H9p5dv7v4gz7iV1os+wiu9gusUt/i6/0lGU/tcvtZzbbrrAr7Sq72q6xa+26f+91ld1it9ptdp/9wu6wO+0uu9vusXt/i6+cxwH7lc2xX9sj9nt7yH5jD9tjNtd+91t85fyO2R/tcfuTPWFP2lP2Z3va/mLP2LO/nf+Vc//ZXrKXrbeCgCQp0hRQPspPMVSAYuk6iqPrqSDdQBG6keLpJipEN1NhKkJFqRglUHEqQYaQLBGFVJJKUZRuodJ0KyVSGSpL5chReUqi26gC3U4V6Q6qRHdSZbqLqlBVqkbV6W6qQfdQTapFteleqkN1qR7Vp/uoAd1PDekBakQPUmN6iJrQw9SUHqFm9Cg1p8eoBT1OLekJakWtqQ21pXb0JLWnp6gDdaRO9DR1pmeoCz1LyfQcdaXnqRu9QN3pRepBL1FPepl6UW/qQ69QX3qV+lF/SqEBNJBeo0E0mIbQUBpGr9NweoNG0JuUSiNpFL1Fo+ltGkPv0FgaR+PpXZpAE2kSTaYpNJXS6D2aRu/TdPqAZtBMmkWzKZ3m0Fz6kObRfFpAH9FC+pgW0WJaQkspgz6hTFpGWfQpLafPKJtW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nT6nHbSTdtFu2kN7aR99QfvpSzpAX1EOfU0H6S90iL6hw/Qt5dJ3dIS+p6P0Ax2jH+k4/UQn6CSdop/pNP1CZ+gsnaPzdIF+pYt0iS6TJxFCKEMV6jAI84X5w5iwQBgbXhfGhdeHBcMbwkh4Yxgf3hQWCm8OC4dFwqJhsTAhLB6WCE2IoQ0pDMOSYakwGt4Slg5vDRPDMmHZsFzowvJhUnhbWCG8PawY3hFWCu8MK4d3hVXCquHjD1YP7w5rhPeENcNaYe3w3rBOWDesF9YP7wsbhPeHDcMHwkbhg2HF8KGwSfhw2DR8JGwWPho2Dx8LW4SPhy3DJ8JWYeuwTdg2bBc+GbYPnwo7hB3DTuHTYefwmbBL+GyYHD4Xdg2f/8PjKeGAcGD4Wvha6P0Dakl0aTQj+kk0M7osmhX9NLo8+lk0O7oiujK6Kro6uia6Nrouuj66Iboxuim6ObolujW6Lep9/fzCgZNOOe0Cl8/ldzGugIt117k4d70r6G5wEXeji3c3uULuZlfYFXFFXTGX4Iq7Es44dNaRC11JV8pF3S2utLvVJboyrqwr55wr75JcW9fOtXPt3VOug+voOrmn3dPuGfeMe9Y9655zXd3zrpt7wXV3L7oe7iX3knvZ9XK9XR/3iuvrXnX9XH+X4lLcQDfQDXKD3BA3xA1zw9xwN9yNcCNcqkt1o9woN9qNdmPcGDfWjXXj3Xg3wU1wk9wkN8VNcWkuzU1z09x0N93NcDPcLDfLpbt0N9fNdfPcPLfALXALExe6RW6RW+KWuAyX4TJdpstyWW65W+6yXbZb6Va61W61W+vWuvVuvdvoNrrNbrPb6ra67W672+F2uF1ul9vj9rh9bp/b7/a7A+6Ay3E57qA76A65Q+6w+9bluu/cEfe9O+p+cMfcj+64+8mdcCfdKfezO+1+cWfcWXfOnXcX3K/uorvkLjvv0iLvRaZF3o9Mj3wQmRGZGZkVmR1Jj8yJzI18GJkXmR9ZEPkosjDycWRRZHFkSWRpJCPySSQzsiySFfk0sjzyWSQ7siKyMrIqsjqyJuJ98R2hL+lL+ai/xZf2t/pEX8aX9eW88+V9kr/NV/C3+4r+Dl/J3+kr+7t8FV/VV/NP+Fa+tW/j2/p2/knf3j/lO/iOvpN/2nf2z/gu/lmf7J/zXf3zvpt/wXf3L/oe/iXf07/se/nevo9/xff1r/p+vr9P8QP8QP+aH+QH+yF+qB/mX/fD/Rt+hH/Tp/qRfpR/y4/2b/sx/h0/1o/z4/27foKf6Cf5yX6Kn+rT/Ht+mn/fT/cf+Bl+pp/lZ/t0P8fP9R/6eX6+X+A/8gv9x36RX+yX+KU+w3/iM/0yn+U/9cv9Zz7br/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3X/ud/idfpff7ff4vX6f/8Lv91/6A/4rn+O/9gf9X/wh/40/7L/1uf47f8R/74/6H/wx/6M/7n/yJ/xJf8r/7E/7X/wZf9af8+f9Bf+rv+gv+cv8P2uMMcYYY/8t6g+OD/gn35N/W1cMFEJcv7NY7n+subnwX/eDZULniBDiuf49H/23VadOSkrK3x6brURQarEQInI1P5+4Gq8QncQzIll0FBX+aX+DZe8L9Af1o3cKEft3OTHiany1/u3/Sf0nnx6fWTk8F/9f1F8sRGKpqzkFxNX4av2K/0n9Iu3/oP8C36QJ0eHvcuLE1fhq/STxlHheJP/DIxljjDHGGGOMsb8aLKt1/6P75yv35wn6ak5+cTX+o/tzxhhjjDHGGGOMXXsv9u7z7JPJyR2784Y3vOHNv2+u9V8mxhhjjDHG2J/t6kX/te6EMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLu/5/fJzYtT5HxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7Fr7PwEAAP//SOc8Mw==")
mount$afs(&(0x7f0000000040)=ANY=[@ANYBLOB='*'], &(0x7f0000000080)='./file0\x00', 0x0, 0x181000, 0x0)

kernel console output (not intermixed with test programs):

for writing: No such file or directory
[  725.893385][T17976] ntfs: (device loop4): ntfs_read_locked_inode(): $DATA attribute is missing.
[  725.951403][T17976] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0x1 as bad.  Run chkdsk.
[  725.990702][T17976] ntfs: (device loop4): load_system_files(): Failed to load $MFTMirr.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  726.036761][T17951] loop1: detected capacity change from 0 to 32768
[  726.056150][ T3683] usb 4-1: USB disconnect, device number 83
[  726.081513][T17976] ntfs: volume version 3.1.
[  726.160306][T17951] XFS (loop1): Mounting V5 Filesystem
[  726.175644][   T26] audit: type=1800 audit(2685035.391:69): pid=17986 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.2.6071" name="/newroot/1194/file0" dev="tmpfs" ino=6279 res=0 errno=0
[  726.197746][    C0] vkms_vblank_simulate: vblank timer overrun
[  726.285204][T14773] usb 1-1: new high-speed USB device number 90 using dummy_hcd
[  726.435162][T17951] XFS (loop1): Ending clean mount
[  726.473922][T17951] XFS (loop1): Quotacheck needed: Please wait.
[  726.521061][T17951] XFS (loop1): Quotacheck: Done.
[  726.552077][T14773] usb 1-1: Using ep0 maxpacket: 32
[  726.589358][T18016] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6080'.
[  726.654874][ T3637] XFS (loop1): Unmounting Filesystem
[  726.666454][T14773] usb 1-1: config 1 interface 0 altsetting 127 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  726.700893][T14773] usb 1-1: config 1 interface 0 has no altsetting 0
[  726.910404][T18027] loop4: detected capacity change from 0 to 2048
[  726.917265][T14773] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  726.935198][T14773] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  726.948048][T18027] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  726.961275][T14773] usb 1-1: Product: syz
[  726.968672][T14773] usb 1-1: Manufacturer: syz
[  726.980417][T14773] usb 1-1: SerialNumber: syz
[  727.320025][T14773] cdc_ether: probe of 1-1:1.0 failed with error -22
[  727.350008][T14773] usb 1-1: USB disconnect, device number 90
[  727.434851][T18044] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6093'.
[  727.641834][T18051] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6097'.
[  727.663793][T18053] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  727.683315][T18031] loop3: detected capacity change from 0 to 32768
[  728.268050][T18079] loop2: detected capacity change from 0 to 8
[  728.373622][T18084] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6112'.
[  728.420341][T18088] loop3: detected capacity change from 0 to 256
[  728.457076][T18088] exfat: Deprecated parameter 'utf8'
[  728.475481][T18088] exfat: Deprecated parameter 'utf8'
[  728.509463][T18088] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x818efa41, utbl_chksum : 0xe619d30d)
[  728.593382][T18095] netlink: 'syz.1.6117': attribute type 14 has an invalid length.
[  728.608888][T18095] (unnamed net_device) (uninitialized): option xmit_hash_policy: invalid value (204)
[  728.906783][T18110] netlink: 40 bytes leftover after parsing attributes in process `syz.1.6123'.
[  728.918780][T18109] loop0: detected capacity change from 0 to 512
[  728.998938][T18109] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  729.008136][   T26] audit: type=1326 audit(2685038.352:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18118 comm="syz.4.6128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36a377def9 code=0x7ffc0000
[  729.038480][T18122] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  729.046234][T18122] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub
[  729.162306][T18109] EXT4-fs error (device loop0): ext4_xattr_block_list:719: inode #15: comm syz.0.6125: corrupted xattr block 33
[  729.264989][ T3635] EXT4-fs (loop0): unmounting filesystem.
[  729.357877][T18138] loop0: detected capacity change from 0 to 128
[  729.394189][T18138] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  729.434448][T18138] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  729.485616][T18138] FAT-fs (loop0): error, corrupted directory (invalid entries)
[  729.504731][T18138] FAT-fs (loop0): Filesystem has been set read-only
[  729.561795][ T4691] usb 4-1: new high-speed USB device number 84 using dummy_hcd
[  729.582517][T18145] loop1: detected capacity change from 0 to 22
[  729.589294][T18145] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  729.627521][T18145] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  729.789970][ T4691] usb 4-1: Using ep0 maxpacket: 16
[  729.874500][T18154] loop0: detected capacity change from 0 to 736
[  729.890298][T18157] netlink: 'syz.1.6143': attribute type 10 has an invalid length.
[  729.962772][T18157] team0: Port device vlan0 added
[  730.056876][ T4691] usb 4-1: New USB device found, idVendor=1a0a, idProduct=0104, bcdDevice=dd.d4
[  730.085913][ T4691] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  730.123862][ T4691] usb 4-1: Product: syz
[  730.128051][ T4691] usb 4-1: Manufacturer: syz
[  730.149715][ T4691] usb 4-1: SerialNumber: syz
[  730.179436][ T4691] usb 4-1: config 0 descriptor??
[  730.226143][T18166] loop2: detected capacity change from 0 to 2048
[  730.248814][ T4691] usb_ehset_test: probe of 4-1:0.0 failed with error -32
[  730.260334][T18166] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  730.428241][T14769] usb 5-1: new low-speed USB device number 85 using dummy_hcd
[  730.460356][ T4691] usb 4-1: USB disconnect, device number 84
[  730.671884][T18184] tmpfs: Bad value for 'mpol'
[  730.740595][T18170] loop0: detected capacity change from 0 to 32768
[  730.762992][T18170] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.6150 (18170)
[  730.824836][T18170] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  730.845822][T18170] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  730.862873][T18170] BTRFS info (device loop0): using free space tree
[  731.058981][T14769] usb 5-1: string descriptor 0 read error: -22
[  731.066968][T14769] usb 5-1: New USB device found, idVendor=04b4, idProduct=8613, bcdDevice=95.8f
[  731.095540][T18170] BTRFS info (device loop0): enabling ssd optimizations
[  731.112593][T14769] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  731.130967][T18220] autofs4:pid:18220:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(1.2), cmd(0xc0189374)
[  731.164678][T14769] usb 5-1: config 0 descriptor??
[  731.182555][T18222] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6166'.
[  731.203822][ T3635] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  731.220885][T18220] autofs4:pid:18220:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc0189374)
[  731.234198][T14769] usbtest 5-1:0.0: FX2 device
[  731.251340][T14769] usbtest 5-1:0.0: low-speed {control intr-in intr-out} tests (+alt)
[  731.439614][ T4691] usb 5-1: USB disconnect, device number 85
[  731.612561][T18235] netlink: 'syz.3.6172': attribute type 10 has an invalid length.
[  731.677855][T18239] loop1: detected capacity change from 0 to 47
[  731.678737][T18238] loop2: detected capacity change from 0 to 736
[  731.976311][T18246] xt_l2tp: v2 tid > 0xffff: 2013396992
[  731.985315][T18249] loop3: detected capacity change from 0 to 256
[  731.988341][T18251] loop2: detected capacity change from 0 to 512
[  732.016473][T18251] EXT4-fs: Ignoring removed mblk_io_submit option
[  732.024554][T18251] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  732.076862][T18251] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c118, mo2=0002]
[  732.084862][T18251] System zones: 1-12
[  732.138753][T18251] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2186: inode #15: comm syz.2.6180: corrupted in-inode xattr
[  732.194833][T18251] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.6180: couldn't read orphan inode 15 (err -117)
[  732.253573][T18251] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  732.389157][ T3636] EXT4-fs (loop2): unmounting filesystem.
[  732.439072][T18268] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6188'.
[  732.543527][T18272] loop3: detected capacity change from 0 to 512
[  732.578086][T18272] EXT4-fs (loop3): Test dummy encryption mode enabled
[  732.616071][T18272] EXT4-fs error (device loop3): ext4_find_inline_data_nolock:164: inode #12: comm syz.3.6190: inline data xattr refers to an external xattr inode
[  732.655854][T18272] EXT4-fs (loop3): Remounting filesystem read-only
[  732.663018][T18272] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.6190: couldn't read orphan inode 12 (err -117)
[  732.695530][T18272] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  732.734825][T18280] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6193'.
[  732.781683][T18285] loop2: detected capacity change from 0 to 8
[  732.866701][ T4692] usb 2-1: new low-speed USB device number 92 using dummy_hcd
[  732.939912][T18294] loop0: detected capacity change from 0 to 128
[  732.940388][T18272] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  732.943909][T18293] IPv6: sit1: Disabled Multicast RS
[  732.978988][T18294] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2
[  732.979343][T18272] EXT4-fs error (device loop3): ext4_add_entry:2484: inode #2: comm syz.3.6190: Directory hole found for htree leaf block 0
[  733.082380][T18296] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  733.092412][T18272] EXT4-fs (loop3): Remounting filesystem read-only
[  733.214029][ T3644] EXT4-fs (loop3): unmounting filesystem.
[  733.229419][ T4692] usb 2-1: config index 0 descriptor too short (expected 1307, got 27)
[  733.256564][ T4692] usb 2-1: config 0 has an invalid interface number: 0 but max is -1
[  733.299501][ T4692] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 0
[  733.332979][ T4692] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  733.353829][T18308] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6204'.
[  733.371318][ T4692] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  733.462403][T18316] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6209'.
[  733.477461][T18316] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6209'.
[  733.490226][T18316] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6209'.
[  733.624765][T18320] loop3: detected capacity change from 0 to 1024
[  733.631545][ T4692] usb 2-1: string descriptor 0 read error: -22
[  733.634881][T18323] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6212'.
[  733.637771][ T4692] usb 2-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=c3.de
[  733.637799][ T4692] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  733.678780][ T4692] usb 2-1: config 0 descriptor??
[  733.704929][T18320] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  733.708748][T18324] loop4: detected capacity change from 0 to 4096
[  733.720037][ T4692] hub 2-1:0.0: bad descriptor, ignoring hub
[  733.727760][ T4692] hub: probe of 2-1:0.0 failed with error -5
[  733.746917][ T4692] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input92
[  733.762007][T18320] EXT4-fs (loop3): orphan cleanup on readonly fs
[  733.772927][T18320] __quota_error: 1 callbacks suppressed
[  733.772941][T18320] Quota error (device loop3): v2_read_header: Failed header read: expected=8 got=2
[  733.825848][T18320] EXT4-fs warning (device loop3): ext4_enable_quotas:7035: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix.
[  733.846482][T18320] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  733.867260][T18320] EXT4-fs (loop3): 1 truncate cleaned up
[  733.872931][T18320] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  733.907583][T18330] IPVS: sync thread started: state = BACKUP, mcast_ifn = batadv0, syncid = 0, id = 0
[  733.955648][T18332] netlink: 40 bytes leftover after parsing attributes in process `syz.0.6216'.
[  734.010499][T18332] netlink: 40 bytes leftover after parsing attributes in process `syz.0.6216'.
[  734.033113][ T4692] usb 2-1: USB disconnect, device number 92
[  734.067772][ T3644] EXT4-fs (loop3): unmounting filesystem.
[  734.082547][T18334] loop4: detected capacity change from 0 to 1024
[  734.177199][T18338] IPv6: sit1: Disabled Multicast RS
[  734.515508][ T4691] usb 5-1: new low-speed USB device number 86 using dummy_hcd
[  734.657297][T18358] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6229'.
[  734.919637][T18336] loop2: detected capacity change from 0 to 40427
[  734.948357][T18336] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  734.956578][ T4691] usb 5-1: config 1 interface 0 altsetting 6 endpoint 0x81 has invalid maxpacket 32, setting to 8
[  734.977029][ T4691] usb 5-1: config 1 interface 0 altsetting 6 endpoint 0x2 has invalid maxpacket 1024, setting to 8
[  734.997776][T18336] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  735.038147][ T4691] usb 5-1: config 1 interface 0 has no altsetting 0
[  735.051769][T18336] F2FS-fs (loop2): invalid crc value
[  735.082448][T18376] loop1: detected capacity change from 0 to 64
[  735.092586][T18336] F2FS-fs (loop2): Found nat_bits in checkpoint
[  735.129109][T18381] loop3: detected capacity change from 0 to 8
[  735.217985][T18381] SQUASHFS error: lzo decompression failed, data probably corrupt
[  735.235932][T18381] SQUASHFS error: Failed to read block 0x144: -5
[  735.249214][T18336] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  735.256286][T18336] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  735.274443][T18381] SQUASHFS error: Unable to read metadata cache entry [142]
[  735.285468][T18381] SQUASHFS error: Unable to read directory block [142:26]
[  735.296602][ T4691] usb 5-1: string descriptor 0 read error: -22
[  735.302855][ T4691] usb 5-1: New USB device found, idVendor=07b5, idProduct=0312, bcdDevice= 0.40
[  735.341956][ T4691] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  735.409935][T18342] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  735.417153][T18342] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  735.531212][T18394] netlink: 'syz.1.6246': attribute type 30 has an invalid length.
[  735.549339][T18394] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  735.577467][T18394] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  735.688772][T18342] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  735.711575][T18342] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  735.850388][ T4691] usbhid 5-1:1.0: can't add hid device: -71
[  735.856391][ T4691] usbhid: probe of 5-1:1.0 failed with error -71
[  735.903583][ T4691] usb 5-1: USB disconnect, device number 86
[  736.052313][T18411] loop2: detected capacity change from 0 to 512
[  736.088884][T18411] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  736.151004][T18411] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  736.155421][T18390] loop0: detected capacity change from 0 to 40427
[  736.173504][T18390] F2FS-fs (loop0): build fault injection attr: rate: 4, type: 0x3ffff
[  736.179148][T18411] EXT4-fs: Cannot specify journal on remount
[  736.184980][T18390] F2FS-fs (loop0): build fault injection attr: rate: 0, type: 0x4
[  736.199422][T18390] F2FS-fs (loop0): invalid crc value
[  736.221702][T14771] usb 2-1: new high-speed USB device number 93 using dummy_hcd
[  736.245791][T18390] F2FS-fs (loop0) : inject page alloc in f2fs_grab_cache_page of __get_meta_page+0x289/0x590
[  736.286868][ T3636] EXT4-fs (loop2): unmounting filesystem.
[  736.295400][T18390] F2FS-fs (loop0) : inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x4d6/0xb70
[  736.339764][T18390] F2FS-fs (loop0): Found nat_bits in checkpoint
[  736.450806][T18390] F2FS-fs (loop0) : inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x4d6/0xb70
[  736.482304][T18390] F2FS-fs (loop0) : inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x4d6/0xb70
[  736.498077][T18420] loop3: detected capacity change from 0 to 4096
[  736.516298][T18390] F2FS-fs (loop0) : inject page alloc in f2fs_grab_cache_page of __get_meta_page+0x289/0x590
[  736.542708][T18420] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512)
[  736.604923][T18429] loop2: detected capacity change from 0 to 64
[  736.611412][T18420] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  736.618556][T18390] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  736.642834][T18390] F2FS-fs (loop0) : inject page alloc in f2fs_grab_cache_page of f2fs_get_read_data_page+0xf6/0x8c0
[  736.667273][T18420] ntfs3: loop3: ino=5, "/" directory corrupted
[  736.667719][T18429] Trying to free block not in datazone
[  736.689427][T18429] minix_free_block (loop2:21): bit already cleared
[  736.755946][ T3635] F2FS-fs (loop0) : inject page alloc in f2fs_grab_cache_page of f2fs_grab_meta_page+0x65/0x210
[  736.838750][T14771] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  736.857987][T14771] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  736.900494][T14771] usb 2-1: Product: syz
[  736.904686][T14771] usb 2-1: Manufacturer: syz
[  736.939448][T14771] usb 2-1: SerialNumber: syz
[  737.016089][T14771] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  737.130051][T18444] loop3: detected capacity change from 0 to 1764
[  737.173965][T18444] iso9660: Corrupted directory entry in block 2 of inode 1920
[  737.568020][T18462] __nla_validate_parse: 1 callbacks suppressed
[  737.568037][T18462] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6275'.
[  737.610183][T18462] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6275'.
[  737.637923][T18462] netlink: 5 bytes leftover after parsing attributes in process `syz.3.6275'.
[  737.746365][T18470] loop4: detected capacity change from 0 to 512
[  737.767688][T18448] loop2: detected capacity change from 0 to 32768
[  737.790834][T14764] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  737.801758][T18448] JBD2: Ignoring recovery information on journal
[  737.854585][T18470] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  737.914239][T18448] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  738.031840][ T3648] EXT4-fs (loop4): unmounting filesystem.
[  738.056746][ T3636] ocfs2: Unmounting device (7,2) on (node local)
[  738.206890][T14761] usb 2-1: USB disconnect, device number 93
[  738.377228][T18468] loop0: detected capacity change from 0 to 32768
[  738.444419][T18468] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  738.476339][T15210] usb 5-1: new high-speed USB device number 87 using dummy_hcd
[  738.494443][T18468] OCFS2: ERROR (device loop0): int ocfs2_reserve_suballoc_bits(struct ocfs2_super *, struct ocfs2_alloc_context *, int, u32, u64 *, int): Invalid chain allocator 74
[  738.553303][T18468] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  738.553355][T18468] OCFS2: File system is now read-only.
[  738.553366][T18468] (syz.0.6278,18468,1):ocfs2_reserve_suballoc_bits:850 ERROR: status = -30
[  738.553394][T18468] (syz.0.6278,18468,1):ocfs2_reserve_new_inode:1091 ERROR: status = -30
[  738.553432][T18468] (syz.0.6278,18468,1):ocfs2_reserve_new_inode:1114 ERROR: status = -30
[  738.553524][T18468] (syz.0.6278,18468,1):ocfs2_mknod:304 ERROR: status = -30
[  738.553549][T18468] (syz.0.6278,18468,1):ocfs2_mknod:500 ERROR: status = -30
[  738.553577][T18468] (syz.0.6278,18468,1):ocfs2_create:674 ERROR: status = -30
[  738.584474][T18481] loop3: detected capacity change from 0 to 32768
[  738.619993][T18481] XFS (loop3): Mounting V5 Filesystem
[  738.668794][ T3635] ocfs2: Unmounting device (7,0) on (node local)
[  738.812984][T14764] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive
[  738.823532][T14764] ath9k_htc: Failed to initialize the device
[  738.830227][T15210] usb 5-1: config 0 has an invalid interface number: 117 but max is 0
[  738.842948][T15210] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  738.853364][T14761] usb 2-1: ath9k_htc: USB layer deinitialized
[  738.859586][T15210] usb 5-1: config 0 has no interface number 0
[  738.865694][T15210] usb 5-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  738.875120][T18481] XFS (loop3): Ending clean mount
[  738.876863][T15210] usb 5-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  738.908580][T18481] XFS (loop3): Quotacheck needed: Please wait.
[  738.985377][T18481] XFS (loop3): Quotacheck: Done.
[  739.038624][T15210] usb 5-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[  739.057584][T15210] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  739.065602][T15210] usb 5-1: Product: syz
[  739.075086][T18507] loop2: detected capacity change from 0 to 4096
[  739.085402][T15210] usb 5-1: Manufacturer: syz
[  739.090142][T15210] usb 5-1: SerialNumber: syz
[  739.096963][T15210] usb 5-1: config 0 descriptor??
[  739.104576][T18507] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512)
[  739.155878][ T3644] XFS (loop3): Unmounting Filesystem
[  739.204581][T18513] [U] vÔ3¸Âfù¾"SçÁ/Éê4:ÃXTz“W¡t‘’lWµ«=
[  739.229498][T18513] [U] J"—e:ÀÆ"


[  739.346929][T18515] netlink: 96 bytes leftover after parsing attributes in process `syz.0.6296'.
[  739.406974][T18517] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  739.414303][T18517] IPv6: NLM_F_CREATE should be set when creating new route
[  739.421589][T18517] IPv6: NLM_F_CREATE should be set when creating new route
[  739.577532][T15210] usb 5-1: USB disconnect, device number 87
[  739.912526][T18531] bridge0: port 3(veth0_to_bridge) entered blocking state
[  739.929584][T18531] bridge0: port 3(veth0_to_bridge) entered disabled state
[  739.968866][T18531] device veth0_to_bridge entered promiscuous mode
[  739.980960][T18531] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  740.000928][T18531] bridge0: port 3(veth0_to_bridge) entered blocking state
[  740.008612][T18531] bridge0: port 3(veth0_to_bridge) entered forwarding state
[  740.129894][T18542] netlink: 76 bytes leftover after parsing attributes in process `syz.2.6309'.
[  740.150363][T18542] netlink: 76 bytes leftover after parsing attributes in process `syz.2.6309'.
[  740.175500][T18547] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6310'.
[  740.476535][T18564] netlink: 132 bytes leftover after parsing attributes in process `syz.3.6318'.
[  740.594755][T18567] bridge0: port 3(veth0_to_bridge) entered blocking state
[  740.641436][T18574] netlink: 44 bytes leftover after parsing attributes in process `syz.0.6324'.
[  740.665925][T18567] bridge0: port 3(veth0_to_bridge) entered disabled state
[  740.685372][T18574] netlink: 43 bytes leftover after parsing attributes in process `syz.0.6324'.
[  740.698556][T18567] device veth0_to_bridge entered promiscuous mode
[  740.709012][T18567] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  740.726678][T18574] netlink: 'syz.0.6324': attribute type 6 has an invalid length.
[  740.738107][T18574] netlink: 'syz.0.6324': attribute type 5 has an invalid length.
[  740.748624][T18567] bridge0: port 3(veth0_to_bridge) entered blocking state
[  740.755876][T18567] bridge0: port 3(veth0_to_bridge) entered forwarding state
[  741.052910][T18589] loop2: detected capacity change from 0 to 256
[  741.125378][T18589] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  741.241110][T18598] loop0: detected capacity change from 0 to 512
[  741.293765][T18598] EXT4-fs: Ignoring removed mblk_io_submit option
[  741.331866][T18598] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  741.362312][T18601] loop2: detected capacity change from 0 to 8
[  741.384152][T18599] loop4: detected capacity change from 0 to 4096
[  741.396482][T18598] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c118, mo2=0002]
[  741.443021][T18598] System zones: 1-12
[  741.450462][T18601] SQUASHFS error: zlib decompression failed, data probably corrupt
[  741.493387][T18599] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512)
[  741.525906][T18598] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2186: inode #15: comm syz.0.6337: corrupted in-inode xattr
[  741.546707][T18601] SQUASHFS error: Failed to read block 0x4e8: -5
[  741.564436][   T26] audit: type=1800 audit(2685051.549:72): pid=18601 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.6338" name="file1" dev="loop2" ino=5 res=0 errno=0
[  741.583868][T18598] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.6337: couldn't read orphan inode 15 (err -117)
[  741.636142][T18598] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  741.802324][ T3635] EXT4-fs (loop0): unmounting filesystem.
[  742.151430][T18622] loop1: detected capacity change from 0 to 64
[  742.253762][T18595] loop3: detected capacity change from 0 to 40427
[  742.313817][T18595] F2FS-fs (loop3): Found nat_bits in checkpoint
[  742.320810][ T3683] usb 5-1: new high-speed USB device number 88 using dummy_hcd
[  742.433753][T18595] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2
[  742.465251][T18639] loop2: detected capacity change from 0 to 256
[  742.471030][T18595] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  742.548643][T18639] FAT-fs (loop2): Directory bread(block 64) failed
[  742.562405][ T3683] usb 5-1: Using ep0 maxpacket: 32
[  742.568048][T18639] FAT-fs (loop2): Directory bread(block 65) failed
[  742.587058][T18639] FAT-fs (loop2): Directory bread(block 66) failed
[  742.613300][T18639] FAT-fs (loop2): Directory bread(block 67) failed
[  742.630048][T18639] FAT-fs (loop2): Directory bread(block 68) failed
[  742.643614][T18639] FAT-fs (loop2): Directory bread(block 69) failed
[  742.658092][T18639] FAT-fs (loop2): Directory bread(block 70) failed
[  742.673095][T18639] FAT-fs (loop2): Directory bread(block 71) failed
[  742.680330][ T3683] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  742.680960][T18639] FAT-fs (loop2): Directory bread(block 72) failed
[  742.714405][T18639] FAT-fs (loop2): Directory bread(block 73) failed
[  742.749362][T18642] loop0: detected capacity change from 0 to 8192
[  742.791884][T18642] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  742.845867][   T26] audit: type=1800 audit(2685052.893:73): pid=18639 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.6356" name="file1" dev="loop2" ino=1048620 res=0 errno=0
[  742.866793][ T3683] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  742.886422][ T3683] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  742.889920][T18642] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000001)
[  742.894408][ T3683] usb 5-1: Product: syz
[  742.894426][ T3683] usb 5-1: Manufacturer: syz
[  742.894441][ T3683] usb 5-1: SerialNumber: syz
[  742.906222][ T3683] usb 5-1: config 0 descriptor??
[  742.932704][T18642] FAT-fs (loop0): Filesystem has been set read-only
[  742.963056][ T3683] hub 5-1:0.0: bad descriptor, ignoring hub
[  742.968994][ T3683] hub: probe of 5-1:0.0 failed with error -5
[  743.012008][ T3683] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input94
[  743.041266][ T3683] usbtouchscreen 5-1:0.0: usbtouch_probe - usb_submit_urb failed with result: -22
[  743.167897][ T3683] usbtouchscreen: probe of 5-1:0.0 failed with error -22
[  743.215762][T18659] __nla_validate_parse: 1 callbacks suppressed
[  743.215777][T18659] netlink: 32 bytes leftover after parsing attributes in process `syz.1.6365'.
[  743.229938][ T3683] usb 5-1: USB disconnect, device number 88
[  743.639416][T18679] loop0: detected capacity change from 0 to 256
[  743.729567][   T26] audit: type=1326 audit(2685053.817:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18682 comm="syz.3.6376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0aa557def9 code=0x7ffc0000
[  743.836936][   T26] audit: type=1326 audit(2685053.849:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18682 comm="syz.3.6376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0aa557def9 code=0x7ffc0000
[  743.915333][   T26] audit: type=1326 audit(2685053.849:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18682 comm="syz.3.6376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7f0aa557def9 code=0x7ffc0000
[  744.038542][   T26] audit: type=1326 audit(2685053.849:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18682 comm="syz.3.6376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0aa557def9 code=0x7ffc0000
[  744.149284][T18701] loop4: detected capacity change from 0 to 2048
[  744.176720][   T26] audit: type=1326 audit(2685053.849:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18682 comm="syz.3.6376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0aa557def9 code=0x7ffc0000
[  744.198721][    C0] vkms_vblank_simulate: vblank timer overrun
[  744.258736][T18701]  loop4: p4 < >
[  744.287859][T18701] (syz.4.6383,18701,0):ocfs2_get_sector:1763 ERROR: status = -12
[  744.303601][T18701] (syz.4.6383,18701,0):ocfs2_sb_probe:786 ERROR: status = -12
[  744.321536][T18701] (syz.4.6383,18701,0):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  744.341377][T18701] (syz.4.6383,18701,0):ocfs2_fill_super:1176 ERROR: status = -12
[  744.382792][T18715] loop0: detected capacity change from 0 to 256
[  744.496721][ T3648] __loop_clr_fd: partition scan of loop4 failed (rc=-16)
[  744.506024][ T3975] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  744.553319][ T3975] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  744.562471][ T3975] Buffer I/O error on dev loop4p4, logical block 0, async page read
[  744.605830][ T3975] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  744.664891][ T3975] Buffer I/O error on dev loop4p4, logical block 0, async page read
[  744.675817][ T3975] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  744.743656][ T3975] Buffer I/O error on dev loop4p4, logical block 0, async page read
[  744.751786][ T3975] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  744.805872][T18732] loop4: detected capacity change from 0 to 8
[  744.819686][ T3975] Buffer I/O error on dev loop4p4, logical block 0, async page read
[  744.828712][ T3975] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  744.840392][ T1271] ieee802154 phy0 wpan0: encryption failed: -22
[  744.846679][ T1271] ieee802154 phy1 wpan1: encryption failed: -22
[  744.900282][T18735] netlink: 256 bytes leftover after parsing attributes in process `syz.1.6399'.
[  744.916606][T18732] SQUASHFS error: zlib decompression failed, data probably corrupt
[  744.930054][ T3975] Buffer I/O error on dev loop4p4, logical block 0, async page read
[  744.947578][T18741] kAFS: No cell specified
[  744.964142][T18732] SQUASHFS error: Failed to read block 0x4e8: -5
[  744.997190][   T26] audit: type=1800 audit(2685055.150:79): pid=18732 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.6398" name="file1" dev="loop4" ino=5 res=0 errno=0
[  745.128619][ T3975] udevd[3975]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  745.220501][ T3975] udevd[3975]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  745.307734][T18755] loop1: detected capacity change from 0 to 16
[  745.352672][ T3975] udevd[3975]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  745.370052][T18755] erofs: (device loop1): mounted with root inode @ nid 36.
[  745.477276][T18763] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6413'.
[  745.534641][T18763] netlink: 'syz.4.6413': attribute type 1 has an invalid length.
[  745.647109][T18769] loop1: detected capacity change from 0 to 24
[  745.856772][T18775] netlink: 32 bytes leftover after parsing attributes in process `syz.3.6419'.
[  746.002923][T18779] loop4: detected capacity change from 0 to 2048
[  746.061983][T18779] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  746.744801][T18765] loop0: detected capacity change from 0 to 32768
[  746.833123][T18765] I/O error, dev loop14, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  746.864018][T18765] lbmIODone: I/O error in JFS log
[  746.889062][T18809] netlink: 32 bytes leftover after parsing attributes in process `syz.1.6436'.
[  746.902491][T18765] *** Log Format Error ! ***
[  746.920947][T18765] lmLogInit: exit(-22)
[  746.948402][T18765] lmLogOpen: exit(-22)
[  746.969323][T18783] loop3: detected capacity change from 0 to 32768
[  747.021632][   T26] audit: type=1326 audit(2685057.282:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18812 comm="syz.2.6438" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88c597def9 code=0x0
[  747.106756][T18820] netlink: 'syz.1.6442': attribute type 5 has an invalid length.
[  747.140305][T18783] JBD2: Ignoring recovery information on journal
[  747.313212][T18783] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  747.361067][T18830] loop4: detected capacity change from 0 to 128
[  747.490575][T18836] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6448'.
[  747.501804][ T3644] ocfs2: Unmounting device (7,3) on (node local)
[  747.658068][ T3683] usb 2-1: new high-speed USB device number 94 using dummy_hcd
[  747.896365][ T3683] usb 2-1: Using ep0 maxpacket: 32
[  748.016275][ T3683] usb 2-1: config index 0 descriptor too short (expected 35577, got 27)
[  748.034837][ T3683] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  748.073460][ T3683] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  748.091769][ T3683] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92
[  748.101837][ T3683] usb 2-1: config 1 has no interface number 0
[  748.126919][ T3683] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  748.138216][ T3683] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  748.153015][T18834] loop2: detected capacity change from 0 to 32768
[  748.160169][T18834] XFS: noikeep mount option is deprecated.
[  748.193646][ T3683] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found
[  748.287745][T18834] XFS (loop2): Mounting V5 Filesystem
[  748.391879][ T3683] snd_usb_pod 2-1:1.1: set_interface failed
[  748.398468][ T3683] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected
[  748.402714][T18834] XFS (loop2): Ending clean mount
[  748.435157][ T3683] snd_usb_pod: probe of 2-1:1.1 failed with error -71
[  748.463370][ T3683] usb 2-1: USB disconnect, device number 94
[  748.483825][T18834] XFS (loop2): Quotacheck needed: Please wait.
[  748.559095][T18874] loop3: detected capacity change from 0 to 8192
[  748.572165][T18834] XFS (loop2): Quotacheck: Done.
[  748.580380][T18874] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  748.635517][ T3636] XFS (loop2): Unmounting Filesystem
[  748.682358][T18874] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000001)
[  748.692816][T18874] FAT-fs (loop3): Filesystem has been set read-only
[  748.829909][ T4692] usb 5-1: new high-speed USB device number 89 using dummy_hcd
[  748.914047][T18886] loop3: detected capacity change from 0 to 4096
[  748.924743][T14761] usb 1-1: new high-speed USB device number 91 using dummy_hcd
[  748.947077][T18886] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  748.964884][T18886] ntfs3: loop3: Failed to load $MFTMirr.
[  749.010461][ T3975] I/O error, dev loop3, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  749.058340][ T4692] usb 5-1: Using ep0 maxpacket: 32
[  749.122201][T18886] loop3: detected capacity change from 0 to 4096
[  749.133634][T18886] ntfs: (device loop3): parse_options(): Unrecognized mount option discard.
[  749.145894][T18886] ntfs: (device loop3): parse_options(): Unrecognized mount option sparse.
[  749.159290][T18886] ntfs: (device loop3): parse_options(): Option iocharset is deprecated. Please use option nls=<charsetname> in the future.
[  749.182075][ T4692] usb 5-1: config 0 has an invalid descriptor of length 83, skipping remainder of the config
[  749.190061][T18886] ntfs: (device loop3): parse_options(): Unrecognized mount option nohidden.
[  749.206977][T18886] ntfs: (device loop3): parse_options(): Option iocharset is deprecated. Please use option nls=<charsetname> in the future.
[  749.221450][T18886] ntfs: (device loop3): parse_options(): Option iocharset is deprecated. Please use option nls=<charsetname> in the future.
[  749.249363][T18886] ntfs: (device loop3): parse_options(): Option iocharset is deprecated. Please use option nls=<charsetname> in the future.
[  749.263020][T18886] ntfs: (device loop3): parse_options(): Unrecognized mount option .
[  749.277429][ T3683] usb 2-1: new high-speed USB device number 95 using dummy_hcd
[  749.340606][T14761] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  749.353433][ T4692] usb 5-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[  749.368228][ T4692] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  749.382632][T14761] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  749.395097][ T4692] usb 5-1: Product: syz
[  749.401917][T14761] usb 1-1: config 0 descriptor??
[  749.409336][ T4692] usb 5-1: Manufacturer: syz
[  749.419346][ T4692] usb 5-1: SerialNumber: syz
[  749.447439][ T4692] usb 5-1: config 0 descriptor??
[  749.463462][T14761] cp210x 1-1:0.0: cp210x converter detected
[  749.501247][ T4692] usb 5-1: bad CDC descriptors
[  749.513278][ T4692] usb 5-1: unsupported MDLM descriptors
[  749.523385][ T3683] usb 2-1: Using ep0 maxpacket: 32
[  749.638930][ T3683] usb 2-1: config 0 has an invalid interface number: 111 but max is 1
[  749.647129][ T3683] usb 2-1: config 0 has no interface number 1
[  749.653993][ T3683] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  749.692594][T15210] usb 5-1: USB disconnect, device number 89
[  749.781777][T14771] usb 4-1: new high-speed USB device number 85 using dummy_hcd
[  749.810742][ T3683] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=4a.83
[  749.820318][ T3683] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  749.828323][ T3683] usb 2-1: Product: syz
[  749.833037][ T3683] usb 2-1: Manufacturer: syz
[  749.837649][ T3683] usb 2-1: SerialNumber: syz
[  749.857874][ T3683] usb 2-1: config 0 descriptor??
[  749.876719][T14761] usb 1-1: cp210x converter now attached to ttyUSB0
[  749.907528][T14761] usb 1-1: USB disconnect, device number 91
[  749.924340][T14761] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  749.936564][T14761] cp210x 1-1:0.0: device disconnected
[  750.115412][ T3683] snd-usb-6fire 2-1:0.111: unable to receive device firmware state.
[  750.123690][ T3683] snd-usb-6fire: probe of 2-1:0.111 failed with error -71
[  750.150810][ T3683] usb 2-1: USB disconnect, device number 95
[  750.169363][T14771] usb 4-1: config 0 has an invalid interface number: 16 but max is 0
[  750.177719][T14771] usb 4-1: config 0 has no interface number 0
[  750.190553][T14771] usb 4-1: New USB device found, idVendor=1235, idProduct=0018, bcdDevice=f0.ee
[  750.215921][T14771] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  750.237812][T14771] usb 4-1: config 0 descriptor??
[  750.423416][T18930] loop2: detected capacity change from 0 to 32768
[  750.465605][T18930] find_entry called with index = 0
[  750.485774][T18930] read_mapping_page failed!
[  750.502295][T14771] usb 4-1: USB disconnect, device number 85
[  750.517538][T18930] ERROR: (device loop2): txCommit: 
[  750.517538][T18930] 
[  750.542632][T18930] ERROR: (device loop2): remounting filesystem as read-only
[  750.586087][T18937] loop0: detected capacity change from 0 to 4096
[  750.593960][T18937] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[  750.647923][T18937] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  751.248508][T18964] loop2: detected capacity change from 0 to 2048
[  751.338921][T18964] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  751.409863][T18975] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  751.467863][T18964] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  751.512138][T18964] NILFS error (device loop2): nilfs_bmap_last_key: broken bmap (inode number=16)
[  751.592783][T18964] Remounting filesystem read-only
[  751.597846][T18964] NILFS (loop2): error -5 truncating bmap (ino=16)
[  751.737599][ T3636] NILFS (loop2): discard dirty page: offset=4096, ino=6
[  751.752411][ T3636] NILFS (loop2): discard dirty block: blocknr=39, size=1024
[  751.798535][ T3636] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  751.826177][ T3636] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  751.861223][ T3636] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  751.870554][T18998] loop0: detected capacity change from 0 to 2048
[  751.907433][ T3636] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer
[  751.935008][T19002] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  751.987077][T18998] NILFS (loop0): vblocknr = 12 has abnormal lifetime: start cno (= 150994946) > current cno (= 3)
[  752.044502][T19008] tmpfs: Bad value for 'mpol'
[  752.046986][T18998] NILFS error (device loop0): nilfs_bmap_truncate: broken bmap (inode number=16)
[  752.096893][T18998] Remounting filesystem read-only
[  752.102055][T18998] NILFS (loop0): error -5 truncating bmap (ino=16)
[  752.197884][T19009] loop3: detected capacity change from 0 to 4096
[  752.237047][T19009] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512)
[  752.247986][ T3635] NILFS (loop0): discard dirty page: offset=4096, ino=6
[  752.262603][ T3635] NILFS (loop0): discard dirty block: blocknr=39, size=1024
[  752.280047][T19017] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6533'.
[  752.299453][ T3635] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  752.335267][ T3635] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  752.354619][ T3635] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  752.401536][ T3635] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer
[  752.439746][T19009] ntfs3: loop3: failed to convert "c46c" to macroman
[  752.440663][ T3635] NILFS (loop0): discard dirty page: offset=0, ino=3
[  752.475989][ T3635] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  752.490053][ T3635] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  752.505536][ T3635] NILFS (loop0): discard dirty block: blocknr=44, size=1024
[  752.522478][ T3635] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  752.755448][T14771] usb 5-1: new high-speed USB device number 90 using dummy_hcd
[  752.895545][T19037] loop0: detected capacity change from 0 to 4096
[  752.905047][T19037] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[  752.979521][T19037] ntfs3: loop0: failed to convert "c46c" to iso8859-4
[  753.020658][T14764] usb 3-1: new high-speed USB device number 89 using dummy_hcd
[  753.028410][T14771] usb 5-1: Using ep0 maxpacket: 8
[  753.181958][T14771] usb 5-1: New USB device found, idVendor=06cd, idProduct=011c, bcdDevice=d7.cc
[  753.191027][T14771] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  753.199526][T14761] usb 2-1: new high-speed USB device number 96 using dummy_hcd
[  753.242195][T14771] usb 5-1: config 0 descriptor??
[  753.288287][T14771] keyspan 5-1:0.0: Keyspan 1 port adapter converter detected
[  753.298784][T14771] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 84
[  753.304140][T19058] loop3: detected capacity change from 0 to 4096
[  753.312700][T14771] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 81
[  753.321439][T14771] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 82
[  753.343160][T14771] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 1
[  753.352075][T19058] ntfs: volume version 3.1.
[  753.352812][T14771] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 2
[  753.365937][T14771] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 83
[  753.374638][T14771] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 3
[  753.393007][T14771] usb 5-1: Keyspan 1 port adapter converter now attached to ttyUSB0
[  753.510937][ T4692] usb 5-1: USB disconnect, device number 90
[  753.517166][ T3683] usb 1-1: new high-speed USB device number 92 using dummy_hcd
[  753.544632][ T4692] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0
[  753.559761][ T4692] keyspan 5-1:0.0: device disconnected
[  753.573343][T14764] usb 3-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[  753.582560][T14761] usb 2-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  753.600409][T14764] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  753.613618][T14761] usb 2-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  753.624534][T14764] usb 3-1: Product: syz
[  753.628746][T14764] usb 3-1: Manufacturer: syz
[  753.633963][T14761] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  753.642376][T14764] usb 3-1: SerialNumber: syz
[  753.652126][T14764] r8152-cfgselector 3-1: config 0 descriptor??
[  753.699508][T14761] gspca_main: stv0680-2.14.0 probing 041e:4007
[  753.753832][ T3683] usb 1-1: Using ep0 maxpacket: 32
[  753.774023][T19071] loop3: detected capacity change from 0 to 4096
[  753.781797][T19071] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512)
[  753.815956][T19071] ntfs3: loop3: failed to convert "c46c" to cp869
[  754.023934][ T3683] usb 1-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  754.043696][ T3683] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  754.058642][ T3683] usb 1-1: Product: syz
[  754.062964][ T3683] usb 1-1: Manufacturer: syz
[  754.067572][ T3683] usb 1-1: SerialNumber: syz
[  754.080525][ T3683] usb 1-1: config 0 descriptor??
[  754.106141][T14764] r8152-cfgselector 3-1: Unknown version 0x0000
[  754.121531][T19079] loop3: detected capacity change from 0 to 4096
[  754.126301][T14764] r8152-cfgselector 3-1: USB disconnect, device number 89
[  754.138035][T19079] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512)
[  754.544362][ T3683] airspy 1-1:0.0: usb_control_msg() failed -71 request 0a
[  754.553686][ T3683] airspy 1-1:0.0: Could not detect board
[  754.559397][ T3683] airspy: probe of 1-1:0.0 failed with error -71
[  754.594327][ T3683] usb 1-1: USB disconnect, device number 92
[  754.665244][T19100] loop4: detected capacity change from 0 to 1764
[  754.679845][T19100] iso9660: Corrupted directory entry in block 2 of inode 1920
[  754.782440][T14761] stv0680 2-1:4.0: STV(e): camera ping failed!!
[  754.949321][T19106] loop4: detected capacity change from 0 to 4096
[  754.984706][T19106] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512)
[  754.994979][T14761] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[  755.009654][T14761] stv0680 2-1:4.0: last error: 81,  command = 0xab
[  755.041659][T14761] usb 2-1: USB disconnect, device number 96
[  755.154377][T19106] ntfs3: loop4: failed to convert "c46c" to macroman
[  755.235992][   T26] audit: type=1326 audit(2685065.902:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19116 comm="syz.2.6581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88c597def9 code=0x7ffc0000
[  755.360704][   T26] audit: type=1326 audit(2685065.902:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19116 comm="syz.2.6581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88c597def9 code=0x7ffc0000
[  755.398550][T19119] bridge0: port 3(veth0_to_bridge) entered disabled state
[  755.401831][   T26] audit: type=1326 audit(2685065.933:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19116 comm="syz.2.6581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=148 compat=0 ip=0x7f88c597def9 code=0x7ffc0000
[  755.405858][T19119] bridge0: port 2(bridge_slave_1) entered disabled state
[  755.435004][T19119] bridge0: port 1(bridge_slave_0) entered disabled state
[  755.462665][   T26] audit: type=1326 audit(2685065.933:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19116 comm="syz.2.6581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88c597def9 code=0x7ffc0000
[  755.496453][   T26] audit: type=1326 audit(2685065.933:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19116 comm="syz.2.6581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f88c597def9 code=0x7ffc0000
[  756.139781][T19113] loop0: detected capacity change from 0 to 32768
[  756.166686][T19113] gfs2: fsid=(œ[{{{+: Trying to join cluster "lock_nolock", "(œ[{{{+"
[  756.197843][T19113] gfs2: fsid=(œ[{{{+: Now mounting FS (format 0)...
[  756.270145][T19113] gfs2: fsid=(œ[{{{+.0: journal 0 mapped with 22 extents in 0ms
[  756.305873][ T3683] gfs2: fsid=(œ[{{{+.0: jid=0, already locked for use
[  756.315114][ T3683] gfs2: fsid=(œ[{{{+.0: jid=0: Looking at journal...
[  756.435719][ T3683] gfs2: fsid=(œ[{{{+.0: jid=0: Journal head lookup took 126ms
[  756.439446][T19127] loop4: detected capacity change from 0 to 32768
[  756.459966][ T3683] gfs2: fsid=(œ[{{{+.0: jid=0: Done
[  756.473780][T19126] loop1: detected capacity change from 0 to 32768
[  756.482643][T19113] gfs2: fsid=(œ[{{{+.0: first mount done, others may mount
[  756.502933][T19126] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.6585 (19126)
[  756.552704][T19127] JBD2: Ignoring recovery information on journal
[  756.573255][T19126] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  756.631466][T19126] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  756.679295][T19152] loop2: detected capacity change from 0 to 4096
[  756.686967][T19126] BTRFS info (device loop1): using free space tree
[  756.688757][T19152] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512)
[  756.714054][T19127] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  756.809373][T19152] ntfs3: loop2: failed to convert "c46c" to iso8859-4
[  756.892478][ T3648] ocfs2: Unmounting device (7,4) on (node local)
[  757.099919][T19126] BTRFS info (device loop1): enabling ssd optimizations
[  757.248511][T19181] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6603'.
[  757.293089][ T3637] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  757.339587][T19185] loop3: detected capacity change from 0 to 1024
[  757.520805][ T3644] hfsplus: bad catalog entry type
[  757.805777][T19200] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6612'.
[  757.849220][T19200] netlink: 31 bytes leftover after parsing attributes in process `syz.4.6612'.
[  757.897026][T19200] netlink: 'syz.4.6612': attribute type 2 has an invalid length.
[  757.921150][T19200] netlink: 'syz.4.6612': attribute type 2 has an invalid length.
[  757.921194][T19200] netlink: 31 bytes leftover after parsing attributes in process `syz.4.6612'.
[  757.929102][   T11] hfsplus: b-tree write err: -5, ino 4
[  758.101324][T19208] loop2: detected capacity change from 0 to 2048
[  758.164664][   T46] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  758.164736][   T46] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 40768 - 0
[  758.173940][T19213] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  758.217090][T19208] NILFS error (device loop2): nilfs_check_page: bad entry in directory #2: directory entry across blocks - offset=16, inode=2, rec_len=33040, name_len=2
[  758.236929][T19208] Remounting filesystem read-only
[  758.267467][T19208] NILFS error (device loop2): nilfs_check_page: bad entry in directory #2: directory entry across blocks - offset=16, inode=2, rec_len=33040, name_len=2
[  758.336728][   T46] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  758.336761][   T46] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 40768 - 0
[  758.379210][ T3636] NILFS (loop2): discard dirty page: offset=268697600, ino=6
[  758.379239][ T3636] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  758.379257][ T3636] NILFS (loop2): discard dirty block: blocknr=0, size=1024
[  758.379273][ T3636] NILFS (loop2): discard dirty block: blocknr=0, size=1024
[  758.379288][ T3636] NILFS (loop2): discard dirty block: blocknr=0, size=1024
[  758.380689][ T3636] NILFS (loop2): discard dirty page: offset=0, ino=3
[  758.380708][ T3636] NILFS (loop2): discard dirty block: blocknr=42, size=1024
[  758.380724][ T3636] NILFS (loop2): discard dirty block: blocknr=43, size=1024
[  758.380739][ T3636] NILFS (loop2): discard dirty block: blocknr=44, size=1024
[  758.380754][ T3636] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  758.380775][ T3636] NILFS (loop2): discard dirty page: offset=196608, ino=3
[  758.380791][ T3636] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  758.380808][ T3636] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  758.380824][ T3636] NILFS (loop2): discard dirty block: blocknr=49, size=1024
[  758.380844][ T3636] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  758.531366][T19220] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.6624'.
[  758.546694][   T46] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  758.546731][   T46] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 40768 - 0
[  758.634979][   T46] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  758.635014][   T46] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 40768 - 0
[  758.806519][T19226] loop4: detected capacity change from 0 to 1024
[  758.869842][T19226] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  758.878985][T19226] EXT4-fs warning (device loop4): ext4_empty_dir:3154: inode #11: comm syz.4.6625: directory missing '..'
[  759.059474][ T3648] EXT4-fs (loop4): unmounting filesystem.
[  759.197717][   T48] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  759.203360][   T48] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  759.207365][   T48] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  759.219535][   T48] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  759.221088][   T48] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  759.221442][   T48] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  759.237260][T19246] libceph: resolve 'c' (ret=-3): failed
[  759.784945][T19269] x_tables: unsorted entry at hook 3
[  759.801759][T19272] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6640'.
[  760.046270][T19282] loop0: detected capacity change from 0 to 256
[  760.087327][T19282] exfat: Deprecated parameter 'utf8'
[  760.120164][T19282] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[  760.346546][T19295] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6649'.
[  760.408090][T19297] device ip6tnl2 entered promiscuous mode
[  760.599023][T19237] chnl_net:caif_netlink_parms(): no params data found
[  760.839375][T19314] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6657'.
[  760.858419][T19315] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6658'.
[  760.986630][T19326] netlink: 'syz.1.6661': attribute type 1 has an invalid length.
[  761.135724][   T48] Bluetooth: hci3: command tx timeout
[  761.500380][T19237] bridge0: port 1(bridge_slave_0) entered blocking state
[  761.530305][T19318] loop4: detected capacity change from 0 to 32768
[  761.546776][T19237] bridge0: port 1(bridge_slave_0) entered disabled state
[  761.572251][T19237] device bridge_slave_0 entered promiscuous mode
[  761.598567][T19318] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.6659 (19318)
[  761.639883][  T945] usb 2-1: new high-speed USB device number 97 using dummy_hcd
[  761.659730][T19237] bridge0: port 2(bridge_slave_1) entered blocking state
[  761.666850][T19237] bridge0: port 2(bridge_slave_1) entered disabled state
[  761.728001][T19318] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  761.730298][T19237] device bridge_slave_1 entered promiscuous mode
[  761.768926][T19318] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  761.805369][T19318] BTRFS info (device loop4): using free space tree
[  761.868764][  T945] usb 2-1: Using ep0 maxpacket: 32
[  762.036302][T19370] loop2: detected capacity change from 0 to 4096
[  762.046598][T19370] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512)
[  762.135535][  T945] usb 2-1: New USB device found, idVendor=0d81, idProduct=1900, bcdDevice=b9.a0
[  762.135566][  T945] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  762.135586][  T945] usb 2-1: Product: syz
[  762.135600][  T945] usb 2-1: Manufacturer: syz
[  762.135615][  T945] usb 2-1: SerialNumber: syz
[  762.140938][  T945] usb 2-1: config 0 descriptor??
[  762.175928][T19318] BTRFS info (device loop4): enabling ssd optimizations
[  762.176224][  T945] pwc: Visionite VCS-UC300 USB webcam detected.
[  762.259414][   T46] device hsr_slave_0 left promiscuous mode
[  762.265847][   T46] device hsr_slave_1 left promiscuous mode
[  762.266617][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  762.266676][   T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[  762.267836][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  762.267859][   T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[  762.268358][   T46] device bridge_slave_1 left promiscuous mode
[  762.272315][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  762.305967][ T3648] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  762.306694][   T46] device bridge_slave_0 left promiscuous mode
[  762.306828][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  762.426920][  T945] pwc: Failed to set LED on/off time (-71)
[  762.446430][  T945] pwc: send_video_command error -71
[  762.446448][  T945] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  762.446526][  T945] Philips webcam: probe of 2-1:0.0 failed with error -71
[  762.450861][  T945] usb 2-1: USB disconnect, device number 97
[  762.568467][   T46] device veth1_macvtap left promiscuous mode
[  762.568699][   T46] device veth0_macvtap left promiscuous mode
[  762.570563][   T46] device veth1_vlan left promiscuous mode
[  762.570800][   T46] device veth0_vlan left promiscuous mode
[  763.117215][   T48] Bluetooth: hci3: command tx timeout
[  763.668432][T19426] loop0: detected capacity change from 0 to 2048
[  763.744165][T19431] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  763.779181][T19426] NILFS error (device loop0): nilfs_check_page: bad entry in directory #2: directory entry across blocks - offset=16, inode=2, rec_len=33040, name_len=2
[  763.810019][T19426] Remounting filesystem read-only
[  763.825087][T19426] NILFS error (device loop0): nilfs_check_page: bad entry in directory #2: directory entry across blocks - offset=16, inode=2, rec_len=33040, name_len=2
[  763.891470][ T3635] NILFS (loop0): discard dirty page: offset=268697600, ino=6
[  763.893341][T19412] loop1: detected capacity change from 0 to 32768
[  763.900274][ T3635] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  763.918740][ T3635] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  763.933054][ T3635] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  763.941232][ T3635] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  763.949998][ T3635] NILFS (loop0): discard dirty page: offset=0, ino=3
[  763.957313][ T3635] NILFS (loop0): discard dirty block: blocknr=42, size=1024
[  763.967353][ T3635] NILFS (loop0): discard dirty block: blocknr=43, size=1024
[  763.974962][ T3635] NILFS (loop0): discard dirty block: blocknr=44, size=1024
[  763.982515][ T3635] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  763.999286][ T3635] NILFS (loop0): discard dirty page: offset=196608, ino=3
[  764.003391][T19412] XFS (loop1): Mounting V5 filesystem in no-recovery mode. Filesystem will be inconsistent.
[  764.008701][ T3635] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  764.025179][  T945] XFS (loop1): Metadata CRC error detected at xfs_agf_read_verify+0x1df/0x2a0, xfs_agf block 0x1 
[  764.038987][ T3635] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  764.049378][  T945] XFS (loop1): Unmount and run xfs_repair
[  764.055242][ T3635] NILFS (loop0): discard dirty block: blocknr=49, size=1024
[  764.055521][  T945] XFS (loop1): First 128 bytes of corrupted metadata buffer:
[  764.068299][ T3635] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  764.071160][  T945] 00000000: 58 41 47 46 00 00 00 00 00 00 00 00 00 00 10 00  XAGF............
[  764.088405][  T945] 00000010: 00 00 00 01 00 00 00 02 00 00 00 00 00 00 00 01  ................
[  764.097518][  T945] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  764.107066][  T945] 00000030: 00 00 00 04 00 00 0b a2 00 00 0b a0 00 00 00 00  ................
[  764.115982][  T945] 00000040: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[  764.125426][  T945] 00000050: 00 00 00 00 00 00 00 01 00 00 00 05 00 00 00 01  ................
[  764.135617][  T945] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  764.144538][  T945] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  764.153861][T19412] XFS (loop1): metadata I/O error in "xfs_read_agf+0x2e2/0x680" at daddr 0x1 len 1 error 74
[  764.380656][   T46] team0 (unregistering): Port device team_slave_1 removed
[  764.441911][   T46] team0 (unregistering): Port device team_slave_0 removed
[  764.523835][   T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  764.569106][   T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  765.010601][   T46] bond0 (unregistering): Released all slaves
[  765.087586][T19237] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  765.097203][   T48] Bluetooth: hci3: command tx timeout
[  765.130009][T19445] netlink: 5 bytes leftover after parsing attributes in process `syz.1.6700'.
[  765.186360][T19237] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  765.407987][T19237] team0: Port device team_slave_0 added
[  765.433864][T19237] team0: Port device team_slave_1 added
[  765.600137][T19237] batman_adv: batadv0: Adding interface: batadv_slave_0
[  765.610784][T19237] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  765.755182][T19237] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  765.792240][T19237] batman_adv: batadv0: Adding interface: batadv_slave_1
[  765.831207][T19237] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  765.857125][    C0] vkms_vblank_simulate: vblank timer overrun
[  765.961240][T19237] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  766.156498][T19237] device hsr_slave_0 entered promiscuous mode
[  766.192922][T19237] device hsr_slave_1 entered promiscuous mode
[  766.199679][T19237] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  766.232455][T19237] Cannot create hsr debugfs directory
[  766.397141][T19450] loop0: detected capacity change from 0 to 32768
[  766.442438][ T5494] usb 3-1: new high-speed USB device number 90 using dummy_hcd
[  766.450110][T19450] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.6701 (19450)
[  766.508768][T19450] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  766.515271][T19495] loop1: detected capacity change from 0 to 128
[  766.553007][T19450] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  766.580419][T19450] BTRFS info (device loop0): using free space tree
[  766.597048][ T6497] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  766.678336][ T5494] usb 3-1: Using ep0 maxpacket: 16
[  766.792763][ T5494] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  766.807877][ T5494] usb 3-1: config 0 has no interface number 0
[  766.888548][T19450] BTRFS info (device loop0): enabling ssd optimizations
[  766.974233][ T5494] usb 3-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88
[  766.983311][ T5494] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  767.012056][ T5494] usb 3-1: Product: syz
[  767.017270][T19489] loop4: detected capacity change from 0 to 32768
[  767.023801][ T5494] usb 3-1: Manufacturer: syz
[  767.042178][ T5494] usb 3-1: SerialNumber: syz
[  767.047779][ T3635] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  767.078289][T19522] netlink: 'syz.1.6722': attribute type 1 has an invalid length.
[  767.086482][T19522] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6722'.
[  767.086824][   T48] Bluetooth: hci3: command tx timeout
[  767.107437][ T5494] usb 3-1: config 0 descriptor??
[  767.328628][T19489] XFS (loop4): Mounting V5 Filesystem
[  767.377967][ T5494] usb 3-1: selecting invalid altsetting 1
[  767.386375][ T5494] speedtch 3-1:0.1: speedtch_bind: setting interface to  1 failed (-22)!
[  767.432031][T19533] netlink: 'syz.1.6725': attribute type 21 has an invalid length.
[  767.437587][ T5494] speedtch 3-1:0.1: usbatm_usb_probe: bind failed: -22!
[  767.449962][T19533] netlink: 132 bytes leftover after parsing attributes in process `syz.1.6725'.
[  767.510012][ T5494] speedtch: probe of 3-1:0.1 failed with error -22
[  767.533053][T19489] XFS (loop4): Ending clean mount
[  767.543351][ T5494] usb 3-1: USB disconnect, device number 90
[  767.599791][T19489] XFS (loop4): Quotacheck needed: Please wait.
[  767.666053][T19489] XFS (loop4): Quotacheck: Done.
[  767.816048][ T3648] XFS (loop4): Unmounting Filesystem
[  767.831470][T19237] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  767.921214][T19237] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  767.962089][T19553] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  767.995309][T19237] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  768.032465][T19237] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  768.355360][T19237] 8021q: adding VLAN 0 to HW filter on device bond0
[  768.419760][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  768.469888][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  768.502260][T19237] 8021q: adding VLAN 0 to HW filter on device team0
[  768.559734][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  768.589318][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  768.633412][   T33] bridge0: port 1(bridge_slave_0) entered blocking state
[  768.640517][   T33] bridge0: port 1(bridge_slave_0) entered forwarding state
[  768.667630][T19581] netlink: 'syz.0.6740': attribute type 30 has an invalid length.
[  768.681298][T19582] xt_bpf: check failed: parse error
[  768.694794][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  768.737814][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  768.756976][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  768.790600][   T33] bridge0: port 2(bridge_slave_1) entered blocking state
[  768.797871][   T33] bridge0: port 2(bridge_slave_1) entered forwarding state
[  768.847021][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  768.880337][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  768.923646][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  768.974300][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  769.020214][T19237] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  769.069208][T19237] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  769.127536][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  769.148376][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  769.205448][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  769.234643][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  769.253547][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  769.262824][T19610] loop1: detected capacity change from 0 to 512
[  769.273660][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  769.282817][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  769.308502][T19610] EXT4-fs error (device loop1): __ext4_fill_super:5399: inode #2: comm syz.1.6752: casefold flag without casefold feature
[  769.310192][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  769.337792][T19598] netlink: 'syz.2.6749': attribute type 8 has an invalid length.
[  769.339391][T19610] EXT4-fs (loop1): get root inode failed
[  769.351756][T19610] EXT4-fs (loop1): mount failed
[  769.618436][T19623] netlink: 72 bytes leftover after parsing attributes in process `syz.2.6756'.
[  769.848736][T19633] loop4: detected capacity change from 0 to 1764
[  769.859530][T19637] x_tables: unsorted underflow at hook 4
[  770.002899][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  770.010346][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  770.063410][T19237] 8021q: adding VLAN 0 to HW filter on device batadv0
[  770.172987][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  770.183048][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  770.270637][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  770.290139][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  770.328071][T19237] device veth0_vlan entered promiscuous mode
[  770.341123][T19237] device veth1_vlan entered promiscuous mode
[  770.366936][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  770.384363][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  770.422205][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  770.479825][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  770.510113][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  770.537348][T19237] device veth0_macvtap entered promiscuous mode
[  770.586418][T19237] device veth1_macvtap entered promiscuous mode
[  770.633234][T19237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  770.669243][T19237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  770.707548][T19237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  770.756183][T19237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  770.783696][T19237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  770.822450][T19237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  770.850424][T19237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  770.880420][T19237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  770.904723][T19641] loop0: detected capacity change from 0 to 32768
[  770.920423][T19237] batman_adv: batadv0: Interface activated: batadv_slave_0
[  770.950702][T19237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  770.971559][T19237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  770.992257][T19237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  771.003050][T19237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  771.018908][T19237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  771.029741][T19237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  771.034758][T19641] XFS (loop0): Mounting V5 Filesystem
[  771.040528][T19237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  771.056056][T19237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  771.071016][T19237] batman_adv: batadv0: Interface activated: batadv_slave_1
[  771.078527][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  771.087979][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  771.089322][T19651] loop2: detected capacity change from 0 to 32768
[  771.096330][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  771.111822][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  771.121426][T19652] loop1: detected capacity change from 0 to 32768
[  771.126720][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  771.148744][T19652] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.6767 (19652)
[  771.173241][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  771.183355][T19651] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.6766 (19651)
[  771.224032][T19237] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  771.248645][T19641] XFS (loop0): Ending clean mount
[  771.258725][T19237] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  771.269101][T19652] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  771.280764][T19651] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  771.295898][T19652] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  771.304671][T19651] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  771.313583][T19237] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  771.322580][T19651] BTRFS info (device loop2): using free space tree
[  771.329392][T19652] BTRFS info (device loop1): doing ref verification
[  771.339497][T19237] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  771.350167][T19652] BTRFS info (device loop1): max_inline at 0
[  771.357222][T19652] BTRFS info (device loop1): using free space tree
[  771.458810][ T3635] XFS (loop0): Unmounting Filesystem
[  771.676216][   T33] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  771.699837][   T33] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  771.713049][ T3707] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  771.744436][T19652] BTRFS info (device loop1): enabling ssd optimizations
[  771.755383][T19651] BTRFS info (device loop2): enabling ssd optimizations
[  771.802541][ T3707] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  771.847285][ T3707] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  771.905273][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  772.005513][ T3636] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  772.022503][ T3637] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  772.561308][T19739] loop4: detected capacity change from 0 to 1024
[  772.883047][T19752] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6783'.
[  773.059250][T19758] loop2: detected capacity change from 0 to 256
[  773.134950][T19758] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  773.145602][ T4690] usb 2-1: new full-speed USB device number 98 using dummy_hcd
[  773.399773][T19773] netlink: 'syz.0.6791': attribute type 21 has an invalid length.
[  773.488756][ T4690] usb 2-1: config 4 has an invalid interface number: 231 but max is 0
[  773.517871][T19778] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6792'.
[  773.526911][ T4690] usb 2-1: config 4 has no interface number 0
[  773.654509][T19735] loop3: detected capacity change from 0 to 40427
[  773.673464][T19735] F2FS-fs (loop3): Invalid segment/section count (31 != 24 * 1)
[  773.679500][ T4690] usb 2-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d
[  773.707905][ T4690] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  773.715931][ T4690] usb 2-1: Product: syz
[  773.732028][T19735] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  773.736319][ T4690] usb 2-1: Manufacturer: syz
[  773.762031][ T4690] usb 2-1: SerialNumber: syz
[  773.781857][T19789] loop0: detected capacity change from 0 to 64
[  773.792940][T19735] F2FS-fs (loop3): invalid crc value
[  773.797788][T19785] loop2: detected capacity change from 0 to 2048
[  773.819739][   T26] audit: type=1800 audit(2685085.409:86): pid=19789 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.6796" name="bus" dev="loop0" ino=21 res=0 errno=0
[  773.849712][ T4690] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state.
[  773.867622][T19735] F2FS-fs (loop3): Found nat_bits in checkpoint
[  773.888272][T19785] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found!
[  773.944226][T19785] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  774.034467][T19735] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  774.071680][ T4690] vp7045: USB control message 'out' went wrong.
[  774.077939][ T4690] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  774.087216][ T3636] UDF-fs: error (device loop2): udf_read_inode: (ino 1440) failed !bh
[  774.103165][T19735] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  774.125110][ T4690] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19)
[  774.134301][T19798] program syz.0.6799 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  774.151534][ T3636] UDF-fs: error (device loop2): udf_read_inode: (ino 1440) failed !bh
[  774.158770][T19791] loop4: detected capacity change from 0 to 8192
[  774.184282][ T4690] usb 2-1: USB disconnect, device number 98
[  774.191951][ T3975] udevd[3975]: setting owner of /dev/bus/usb/002/098 to uid=0, gid=0 failed: No such file or directory
[  774.204824][T19791] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  774.243966][T19735] syz.3.6779: attempt to access beyond end of device
[  774.243966][T19735] loop3: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  774.282390][T19791] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000001)
[  774.318972][T19791] FAT-fs (loop4): Filesystem has been set read-only
[  774.382329][ T3648] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000001)
[  774.448319][T19237] syz-executor: attempt to access beyond end of device
[  774.448319][T19237] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  774.782585][T19814] loop1: detected capacity change from 0 to 1024
[  774.972426][T19814] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:477: comm syz.1.6807: Invalid block bitmap block 0 in block_group 0
[  774.993771][   T33] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  774.997584][T19814] Quota error (device loop1): write_blk: dquota write failed
[  775.047048][T19814] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  775.078975][T19814] EXT4-fs error (device loop1): ext4_acquire_dquot:6800: comm syz.1.6807: Failed to acquire dquot type 0
[  775.120034][T19814] EXT4-fs error (device loop1): ext4_free_blocks:6212: comm syz.1.6807: Freeing blocks not in datazone - block = 0, count = 4096
[  775.185202][T19814] EXT4-fs error (device loop1): ext4_read_inode_bitmap:140: comm syz.1.6807: Invalid inode bitmap blk 0 in block_group 0
[  775.215581][    T9] Quota error (device loop1): do_check_range: Getting block 0 out of range 1-8
[  775.218189][   T33] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  775.249898][    T9] EXT4-fs error (device loop1): ext4_release_dquot:6823: comm kworker/u4:0: Failed to release dquot type 0
[  775.253334][T19814] EXT4-fs error (device loop1) in ext4_free_inode:362: Corrupt filesystem
[  775.336379][T19814] EXT4-fs (loop1): 1 orphan inode deleted
[  775.342185][T19814] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  775.408315][   T33] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  775.488221][T19827] netlink: 'syz.0.6810': attribute type 21 has an invalid length.
[  775.517222][T19827] IPv6: NLM_F_CREATE should be specified when creating new route
[  775.625162][   T33] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  775.629860][ T3637] EXT4-fs (loop1): unmounting filesystem.
[  775.657210][ T3650] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  775.669861][ T3650] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  775.677883][ T3650] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  775.696487][ T3650] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  775.704153][ T3650] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  775.715456][ T3650] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  776.128775][T19845] loop0: detected capacity change from 0 to 4096
[  776.216878][T19845] ntfs: (device loop0): check_mft_mirror(): $MFT and $MFTMirr (record 0) do not match.  Run ntfsfix or chkdsk.
[  776.252401][T19845] ntfs: (device loop0): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  776.354913][T19845] ntfs: volume version 3.1.
[  776.367951][T19845] ntfs: (device loop0): ntfs_read_locked_attr_inode(): Failed with error code -2 while reading attribute inode (mft_no 0x1a, type 0x80, name_len 4).  Marking corrupt inode and base inode 0x1a as bad.  Run chkdsk.
[  776.422068][T19845] ntfs: (device loop0): load_and_init_usnjrnl(): Failed to load $UsnJrnl/$DATA/$Max attribute.
[  776.447376][T19845] ntfs: (device loop0): load_system_files(): Failed to load $UsnJrnl.  Will not be able to remount read-write.  Run chkdsk.
[  776.469541][T19830] chnl_net:caif_netlink_parms(): no params data found
[  776.534913][T19866] loop3: detected capacity change from 0 to 64
[  776.589382][T19866] hfs: filesystem is marked locked, mounting read-only.
[  776.656801][T19866] hfs: filesystem is marked locked, leaving read-only.
[  776.671239][T19821] loop4: detected capacity change from 0 to 32768
[  776.732713][T19821] ERROR: (device loop4): xtTruncate: XT_GETPAGE: xtree page corrupt
[  776.732713][T19821] 
[  776.780663][T19821] ERROR: (device loop4): remounting filesystem as read-only
[  777.083293][T19830] bridge0: port 1(bridge_slave_0) entered blocking state
[  777.103065][T19830] bridge0: port 1(bridge_slave_0) entered disabled state
[  777.107360][T19883] netlink: 'syz.4.6827': attribute type 1 has an invalid length.
[  777.119741][T19830] device bridge_slave_0 entered promiscuous mode
[  777.141777][T19883] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6827'.
[  777.211772][T19830] bridge0: port 2(bridge_slave_1) entered blocking state
[  777.262514][T19830] bridge0: port 2(bridge_slave_1) entered disabled state
[  777.301385][T19830] device bridge_slave_1 entered promiscuous mode
[  777.358648][T19895] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6834'.
[  777.393989][T19895] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6834'.
[  777.533932][T19900] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6836'.
[  777.566963][T19830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  777.635097][T19906] loop1: detected capacity change from 0 to 256
[  777.656029][T19830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  777.670056][   T48] Bluetooth: hci0: command tx timeout
[  777.819580][T19906] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF
[  777.843018][T19906] FAT-fs (loop1): Filesystem has been set read-only
[  777.886968][T19830] team0: Port device team_slave_0 added
[  778.055212][T19926] loop0: detected capacity change from 0 to 65
[  778.067360][T19830] team0: Port device team_slave_1 added
[  778.125488][T19926] BFS-fs: bfs_fill_super(): NOTE: filesystem loop0 was created with 512 inodes, the real maximum is 511, mounting anyway
[  778.157211][T19922] loop4: detected capacity change from 0 to 4096
[  778.208703][T19929] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6846'.
[  778.231220][T19929] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6846'.
[  778.251590][   T33] IPVS: stopping backup sync thread 18330 ...
[  778.316500][T19830] batman_adv: batadv0: Adding interface: batadv_slave_0
[  778.346005][T19830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  778.469771][T19830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  778.512976][T19830] batman_adv: batadv0: Adding interface: batadv_slave_1
[  778.539910][T19830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  778.643679][T19830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  778.973989][T19830] device hsr_slave_0 entered promiscuous mode
[  779.023101][T19830] device hsr_slave_1 entered promiscuous mode
[  779.039855][T19830] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  779.066993][T19830] Cannot create hsr debugfs directory
[  779.484464][T19982] I/O error, dev loop0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  779.484915][   T33] device hsr_slave_0 left promiscuous mode
[  779.517722][T19982] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  779.562831][   T33] device hsr_slave_1 left promiscuous mode
[  779.565978][T19982] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  779.611924][T19984] loop4: detected capacity change from 0 to 4096
[  779.621977][   T33] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  779.622029][T19982] I/O error, dev loop0, sector 18 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  779.644014][   T33] batman_adv: batadv0: Removing interface: batadv_slave_0
[  779.650957][T19982] I/O error, dev loop0, sector 30 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  779.660720][   T48] Bluetooth: hci0: command tx timeout
[  779.667521][T19984] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512)
[  779.678202][T19982] I/O error, dev loop0, sector 36 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  779.688026][T19982] VFS: unable to find oldfs superblock on device loop0
[  779.707099][   T33] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  779.717631][   T33] batman_adv: batadv0: Removing interface: batadv_slave_1
[  779.741621][T19984] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  779.765980][   T33] device bridge_slave_1 left promiscuous mode
[  779.772186][   T33] bridge0: port 2(bridge_slave_1) entered disabled state
[  779.853814][   T33] device bridge_slave_0 left promiscuous mode
[  779.860092][   T33] bridge0: port 1(bridge_slave_0) entered disabled state
[  780.035636][T20002] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6878'.
[  780.039167][   T33] device veth0_macvtap left promiscuous mode
[  780.093726][   T33] device veth1_vlan left promiscuous mode
[  780.125422][   T33] device veth0_vlan left promiscuous mode
[  780.274790][T20015] netlink: 'syz.3.6882': attribute type 2 has an invalid length.
[  780.298703][T20015] netlink: 44 bytes leftover after parsing attributes in process `syz.3.6882'.
[  780.485828][T20027] ax25_connect(): syz.3.6887 uses autobind, please contact jreuter@yaina.de
[  780.608327][T20032] loop3: detected capacity change from 0 to 256
[  780.619096][   T33] bond2 (unregistering): Released all slaves
[  780.675773][T20032] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF
[  780.701778][   T33] bond1 (unregistering): Released all slaves
[  780.710191][T20032] FAT-fs (loop3): Filesystem has been set read-only
[  780.868980][T20037] loop3: detected capacity change from 0 to 1024
[  780.907271][T20037] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:477: comm syz.3.6890: Invalid block bitmap block 0 in block_group 0
[  780.974279][T20037] Quota error (device loop3): write_blk: dquota write failed
[  781.000632][T20037] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  781.020877][T20037] EXT4-fs error (device loop3): ext4_acquire_dquot:6800: comm syz.3.6890: Failed to acquire dquot type 0
[  781.054091][T20037] EXT4-fs error (device loop3): ext4_free_blocks:6212: comm syz.3.6890: Freeing blocks not in datazone - block = 0, count = 4096
[  781.083249][T20037] EXT4-fs error (device loop3): ext4_read_inode_bitmap:140: comm syz.3.6890: Invalid inode bitmap blk 0 in block_group 0
[  781.107018][ T3707] Quota error (device loop3): do_check_range: Getting block 0 out of range 1-8
[  781.108714][T20037] EXT4-fs error (device loop3) in ext4_free_inode:362: Corrupt filesystem
[  781.126383][ T3707] EXT4-fs error (device loop3): ext4_release_dquot:6823: comm kworker/u4:6: Failed to release dquot type 0
[  781.136994][T20037] EXT4-fs (loop3): 1 orphan inode deleted
[  781.164377][T20037] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  781.276358][T20035] loop1: detected capacity change from 0 to 40427
[  781.305882][T19237] EXT4-fs (loop3): unmounting filesystem.
[  781.346862][T20035] F2FS-fs (loop1): invalid crc value
[  781.352201][T20035] F2FS-fs (loop1): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root
[  781.383647][T20035] F2FS-fs (loop1): Found nat_bits in checkpoint
[  781.485392][T20035] F2FS-fs (loop1): recover fsync data on readonly fs
[  781.507946][T20035] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0
[  781.521083][T20035] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1
[  781.538638][T20035] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  781.623203][   T33] team0 (unregistering): Port device team_slave_1 removed
[  781.632094][   T48] Bluetooth: hci0: command tx timeout
[  781.756748][   T33] team0 (unregistering): Port device team_slave_0 removed
[  781.827475][   T33] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  781.949412][T20044] loop3: detected capacity change from 0 to 32768
[  781.954539][T20046] xt_socket: unknown flags 0x2
[  782.004929][T20044] ERROR: (device loop3): xtTruncate: XT_GETPAGE: xtree page corrupt
[  782.004929][T20044] 
[  782.023998][T20044] ERROR: (device loop3): remounting filesystem as read-only
[  782.813288][ T4688] usb 2-1: new high-speed USB device number 99 using dummy_hcd
[  782.880854][   T33] bond0 (unregistering): Released all slaves
[  783.000593][T20066] loop3: detected capacity change from 0 to 32768
[  783.088851][T20066] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  783.159568][T19237] ocfs2: Unmounting device (7,3) on (node local)
[  783.166324][ T4688] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  783.203934][ T4688] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  783.238604][ T4688] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0
[  783.261850][ T4688] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  783.263399][T20076] loop0: detected capacity change from 0 to 256
[  783.432772][ T4688] usb 2-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=9e.7f
[  783.441849][ T4688] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  783.466534][ T4688] usb 2-1: Product: syz
[  783.478678][ T4688] usb 2-1: Manufacturer: syz
[  783.483638][ T4688] usb 2-1: SerialNumber: syz
[  783.519229][ T4688] usb 2-1: config 0 descriptor??
[  783.557868][ T4688] redrat3 2-1:0.0: Couldn't find all endpoints
[  783.613461][   T48] Bluetooth: hci0: command tx timeout
[  783.797923][ T4688] usb 2-1: USB disconnect, device number 99
[  784.420101][T20113] loop4: detected capacity change from 0 to 1764
[  784.444775][T19830] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  784.527153][T19830] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  784.567609][T19830] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  784.659346][T19830] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  784.984851][T19830] 8021q: adding VLAN 0 to HW filter on device bond0
[  785.025556][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  785.035322][T20125] loop3: detected capacity change from 0 to 32768
[  785.053402][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  785.083347][T19830] 8021q: adding VLAN 0 to HW filter on device team0
[  785.097683][T20125] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.6924 (20125)
[  785.124571][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  785.175824][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  785.192699][T20125] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  785.197413][   T33] bridge0: port 1(bridge_slave_0) entered blocking state
[  785.209912][   T33] bridge0: port 1(bridge_slave_0) entered forwarding state
[  785.240869][T20125] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  785.281681][T20125] BTRFS info (device loop3): using free space tree
[  785.300190][   T26] audit: type=1326 audit(2685097.473:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20144 comm="syz.4.6932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36a377def9 code=0x7ffc0000
[  785.300342][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  785.413903][   T26] audit: type=1326 audit(2685097.504:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20144 comm="syz.4.6932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7f36a377def9 code=0x7ffc0000
[  785.541410][   T26] audit: type=1326 audit(2685097.504:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20144 comm="syz.4.6932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36a377def9 code=0x7ffc0000
[  785.564644][   T26] audit: type=1326 audit(2685097.504:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20144 comm="syz.4.6932" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36a377def9 code=0x7ffc0000
[  785.589590][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  785.615169][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  785.633496][   T33] bridge0: port 2(bridge_slave_1) entered blocking state
[  785.640603][   T33] bridge0: port 2(bridge_slave_1) entered forwarding state
[  785.653767][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  785.662819][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  785.673099][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  785.683472][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  785.692516][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  785.703067][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  785.719763][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  785.730077][T20125] BTRFS info (device loop3): enabling ssd optimizations
[  785.738302][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  785.793709][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  785.831928][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  785.859752][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  785.869660][T19237] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  785.896986][T20179] netlink: 'syz.0.6938': attribute type 10 has an invalid length.
[  785.931930][T20179] netlink: 40 bytes leftover after parsing attributes in process `syz.0.6938'.
[  785.952825][T20137] loop1: detected capacity change from 0 to 32768
[  785.982153][T20179] bridge0: port 4(syz_tun) entered blocking state
[  786.040443][T20179] bridge0: port 4(syz_tun) entered disabled state
[  786.062573][T20137] JBD2: Ignoring recovery information on journal
[  786.128912][T20179] device syz_tun entered promiscuous mode
[  786.135139][T20179] bridge0: port 4(syz_tun) entered blocking state
[  786.141877][T20179] bridge0: port 4(syz_tun) entered forwarding state
[  786.201596][T19830] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  786.260319][T20137] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  786.611090][ T3637] ocfs2: Unmounting device (7,1) on (node local)
[  786.928460][ T3707] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  786.939454][ T3707] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  787.006835][T19830] 8021q: adding VLAN 0 to HW filter on device batadv0
[  787.127708][T13905] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  787.144644][T13905] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  787.174240][T20220] loop0: detected capacity change from 0 to 1024
[  787.218758][T13905] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  787.239533][T13905] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  787.277470][T19830] device veth0_vlan entered promiscuous mode
[  787.308118][T13905] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  787.334945][ T3707] hfsplus: b-tree write err: -5, ino 4
[  787.345765][T13905] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  787.382002][T19830] device veth1_vlan entered promiscuous mode
[  787.480800][ T3707] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  787.499672][ T3707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  787.511221][T19830] device veth0_macvtap entered promiscuous mode
[  787.549222][T19830] device veth1_macvtap entered promiscuous mode
[  787.586043][T20239] netlink: 52 bytes leftover after parsing attributes in process `syz.3.6956'.
[  787.601993][T19830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  787.614000][T19830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  787.624094][T20241] ieee802154 phy0 wpan0: encryption failed: -22
[  787.635908][T19830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  787.661029][T19830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  787.699050][T19830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  787.761456][T19830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  787.794797][T19830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  787.820698][T19830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  787.856259][T19830] batman_adv: batadv0: Interface activated: batadv_slave_0
[  787.898274][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  787.939978][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  787.999722][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  788.038683][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  788.098955][T19830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  788.101847][T20267] loop1: detected capacity change from 0 to 1024
[  788.135338][T19830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  788.201425][T19830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  788.202162][T20267] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  788.222005][T20265] netlink: 40 bytes leftover after parsing attributes in process `syz.0.6966'.
[  788.233179][T19830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  788.254052][T19830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  788.275861][T19830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  788.309750][T19830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  788.343349][T19830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  788.384185][T19830] batman_adv: batadv0: Interface activated: batadv_slave_1
[  788.411072][ T3707] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  788.447910][ T3707] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  788.457204][ T3637] EXT4-fs (loop1): unmounting filesystem.
[  788.477874][T19830] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  788.530556][T19830] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  788.559949][T19830] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  788.602586][T19830] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  788.619451][T20285] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6971'.
[  788.659057][T20288] netlink: 224 bytes leftover after parsing attributes in process `syz.4.6973'.
[  788.960704][T20305] sctp: [Deprecated]: syz.0.6979 (pid 20305) Use of int in max_burst socket option.
[  788.960704][T20305] Use struct sctp_assoc_value instead
[  788.977351][T13905] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  789.005232][T13905] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  789.083720][ T3707] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  789.085427][T20308] xt_nfacct: accounting object `syz1' does not exists
[  789.135065][ T3707] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  789.145710][ T3707] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  789.220210][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  789.699783][T14766] usb 3-1: new full-speed USB device number 91 using dummy_hcd
[  790.050654][T20356] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  790.073321][T20356] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  790.105464][T14766] usb 3-1: config index 0 descriptor too short (expected 35577, got 27)
[  790.128126][T14766] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  790.152414][T20360] loop3: detected capacity change from 0 to 1764
[  790.153618][T14766] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92
[  790.194569][T14766] usb 3-1: config 1 has no interface number 0
[  790.204080][ T5494] usb 2-1: new high-speed USB device number 100 using dummy_hcd
[  790.211208][T14766] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  790.238011][T14766] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  790.276108][T14766] usb 3-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  790.295555][T14766] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d6.01
[  790.304974][T14766] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  790.370805][T14766] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found
[  790.394697][T20369] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7006'.
[  790.454357][ T5494] usb 2-1: Using ep0 maxpacket: 32
[  790.542049][T20375] netlink: 24 bytes leftover after parsing attributes in process `syz.0.7008'.
[  790.559474][T14766] snd_usb_pod 3-1:1.1: cannot start listening: -90
[  790.579913][T14766] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected
[  790.597535][T14766] snd_usb_pod: probe of 3-1:1.1 failed with error -90
[  790.747607][ T5494] usb 2-1: New USB device found, idVendor=06a2, idProduct=0003, bcdDevice=7c.49
[  790.759802][ T5494] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  790.768497][ T5494] usb 2-1: Product: syz
[  790.772696][ T5494] usb 2-1: Manufacturer: syz
[  790.777984][ T5494] usb 2-1: SerialNumber: syz
[  790.798590][ T5494] usb 2-1: config 0 descriptor??
[  790.824680][T14766] usb 3-1: USB disconnect, device number 91
[  790.853846][ T5494] gspca_main: gspca_topro-2.14.0 probing 06a2:0003
[  790.871409][T20391] loop0: detected capacity change from 0 to 764
[  790.901776][T20391] Symlink component flag not implemented
[  790.907869][T20391] Symlink component flag not implemented
[  790.919807][T20391] Symlink component flag not implemented (112)
[  790.948561][T20395] siw: device registration error -23
[  790.955216][T20391] Symlink component flag not implemented (22)
[  790.989797][T20394] device bond2 entered promiscuous mode
[  790.997165][T20394] 8021q: adding VLAN 0 to HW filter on device bond2
[  791.204458][T20402] loop3: detected capacity change from 0 to 2048
[  791.213009][T20402] EXT4-fs warning (device loop3): ext4_multi_mount_protect:298: Invalid MMP block in superblock
[  791.261448][ T5494] gspca_topro: reg_w err -71
[  791.305466][ T5494] gspca_topro: Sensor soi763a
[  791.328367][ T5494] usb 2-1: USB disconnect, device number 100
[  791.430053][T20413] netlink: 'syz.4.7027': attribute type 9 has an invalid length.
[  791.454351][T20415] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7028'.
[  791.547179][T14766] usb 4-1: new high-speed USB device number 86 using dummy_hcd
[  791.646799][T20423] siw: device registration error -23
[  791.792873][T20429] netlink: 1 bytes leftover after parsing attributes in process `syz.0.7034'.
[  791.802192][T14766] usb 4-1: Using ep0 maxpacket: 8
[  791.834091][T20429] netlink: 1 bytes leftover after parsing attributes in process `syz.0.7034'.
[  791.846036][T20433] loop1: detected capacity change from 0 to 2048
[  791.876460][T20433] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  791.968265][T14766] usb 4-1: config 135 has an invalid interface number: 230 but max is 0
[  791.980966][T14766] usb 4-1: config 135 has an invalid descriptor of length 196, skipping remainder of the config
[  792.004857][T14766] usb 4-1: config 135 has no interface number 0
[  792.011203][T14766] usb 4-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  792.039199][T20440] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7040'.
[  792.206522][T20449] siw: device registration error -23
[  792.233147][T14766] usb 4-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[  792.252276][T14766] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  792.280939][T14766] usb 4-1: Product: syz
[  792.285128][T14766] usb 4-1: Manufacturer: syz
[  792.312086][T14766] usb 4-1: SerialNumber: syz
[  792.354794][T20451] openvswitch: netlink: Unknown key attributes 1
[  792.390840][T20456] sctp: [Deprecated]: syz.4.7047 (pid 20456) Use of int in maxseg socket option.
[  792.390840][T20456] Use struct sctp_assoc_value instead
[  792.614447][T14766] usb 4-1: Found UVC 0.00 device syz (18ec:3288)
[  792.620862][T14766] usb 4-1: No valid video chain found.
[  792.633782][T20441] loop0: detected capacity change from 0 to 32768
[  792.666921][T14766] usb 4-1: USB disconnect, device number 86
[  792.668280][T20441] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.7041 (20441)
[  792.750559][T20441] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  792.791972][T20441] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  792.832706][T20441] BTRFS info (device loop0): using free space tree
[  792.872653][T20474] syz.1.7056 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  793.069256][T20490] netlink: 24 bytes leftover after parsing attributes in process `syz.4.7059'.
[  793.374831][ T3635] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  793.745878][T20525] netlink: 'syz.0.7069': attribute type 1 has an invalid length.
[  793.923029][T20531] x_tables: unsorted underflow at hook 3
[  794.201365][T20543] openvswitch: netlink: Missing key (keys=40, expected=100)
[  794.562450][T20563] libceph: resolve '40.' (ret=-3): failed
[  794.728875][T20572] netlink: 'syz.4.7096': attribute type 6 has an invalid length.
[  794.781572][T20572] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7096'.
[  795.528191][T20614] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7117'.
[  795.593065][T20618] netlink: 24 bytes leftover after parsing attributes in process `syz.3.7119'.
[  795.702766][T20622] loop4: detected capacity change from 0 to 64
[  795.710796][T20621] netlink: 'syz.1.7121': attribute type 8 has an invalid length.
[  795.739388][T20621] netlink: 'syz.1.7121': attribute type 4 has an invalid length.
[  795.768603][T20621] netlink: 194488 bytes leftover after parsing attributes in process `syz.1.7121'.
[  795.794465][T20622] Trying to free block not in datazone
[  795.801202][T20622] Trying to free block not in datazone
[  795.812952][T20622] Trying to free block not in datazone
[  795.838723][T20622] Trying to free block not in datazone
[  795.848571][T20622] Trying to free block not in datazone
[  795.861017][T20622] minix_free_block (loop4:6): bit already cleared
[  795.882122][T20622] Trying to free block not in datazone
[  795.884533][T20598] loop0: detected capacity change from 0 to 32768
[  795.966430][T20598] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  796.002918][T20598] (syz.0.7107,20598,0):ocfs2_parse_options:1458 ERROR: Invalid heartbeat mount options
[  796.207300][ T3635] ocfs2: Unmounting device (7,0) on (node local)
[  796.641715][T20658] loop2: detected capacity change from 0 to 512
[  796.814759][T20658] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  796.900063][T20658] Quota error (device loop2): do_check_range: Getting block 1541 out of range 1-5
[  796.914869][T20673] netlink: 40 bytes leftover after parsing attributes in process `syz.0.7145'.
[  796.920837][T20658] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[  796.943734][T20677] loop4: detected capacity change from 0 to 164
[  796.952537][T20673] netlink: 40 bytes leftover after parsing attributes in process `syz.0.7145'.
[  796.972543][T20673] netlink: 17 bytes leftover after parsing attributes in process `syz.0.7145'.
[  796.994997][T20658] EXT4-fs error (device loop2): ext4_acquire_dquot:6800: comm syz.2.7138: Failed to acquire dquot type 1
[  797.001322][T20677] syz.4.7144: attempt to access beyond end of device
[  797.001322][T20677] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  797.084411][T20677] syz.4.7144: attempt to access beyond end of device
[  797.084411][T20677] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  797.114044][   T26] audit: type=1800 audit(2685109.872:91): pid=20677 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.7144" name="file0" dev="loop4" ino=1862 res=0 errno=0
[  797.192952][T20684] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  797.193664][T19830] EXT4-fs (loop2): unmounting filesystem.
[  797.539554][T20701] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7158'.
[  797.739167][T20713] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7164'.
[  797.777891][T20717] cgroup: none used incorrectly
[  797.963430][T20725] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  798.763959][T20763] 8021q: adding VLAN 0 to HW filter on device bond0
[  798.806835][T20763] bond0: (slave ip6tnl0): The slave device specified does not support setting the MAC address
[  798.857773][T20763] bond0: (slave ip6tnl0): Error -95 calling set_mac_address
[  799.017368][T20780] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7195'.
[  799.083771][T20780] netlink: 84 bytes leftover after parsing attributes in process `syz.0.7195'.
[  799.926592][T20826] loop0: detected capacity change from 0 to 512
[  800.002005][T20826] EXT4-fs error (device loop0): ext4_validate_block_bitmap:429: comm syz.0.7213: bg 0: block 5: invalid block bitmap
[  800.068158][T20826] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6172: Corrupt filesystem
[  800.138245][T20826] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.7213: invalid indirect mapped block 3 (level 2)
[  800.177847][T20826] EXT4-fs (loop0): 1 orphan inode deleted
[  800.183635][T20826] EXT4-fs (loop0): 1 truncate cleaned up
[  800.220200][T20826] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  800.417510][ T3635] EXT4-fs (loop0): unmounting filesystem.
[  800.625598][T20854] loop4: detected capacity change from 0 to 1024
[  800.689440][T20854] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  800.771243][T20854] EXT4-fs error (device loop4): ext4_empty_dir:3164: inode #11: block 623: comm syz.4.7223: Attempting to read directory block (623) that is past i_size (638464)
[  800.811845][T20798] loop2: detected capacity change from 0 to 32768
[  800.874041][T20798] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  800.908143][T20867] netlink: 'syz.1.7227': attribute type 10 has an invalid length.
[  800.937185][T20798] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  800.961284][ T3648] EXT4-fs (loop4): unmounting filesystem.
[  800.983761][T20798] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[  800.985078][T20867] 8021q: adding VLAN 0 to HW filter on device batadv0
[  801.052846][T20867] team0: Port device batadv0 added
[  801.079677][ T4687] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  801.124280][ T4687] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  801.295646][ T4687] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 179ms
[  801.319815][ T4687] gfs2: fsid=syz:syz.0: jid=0: Done
[  801.338959][T20798] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  801.425831][T20886] netlink: 'syz.0.7234': attribute type 8 has an invalid length.
[  801.433612][T20886] netlink: 'syz.0.7234': attribute type 4 has an invalid length.
[  801.498137][T20886] netlink: 194488 bytes leftover after parsing attributes in process `syz.0.7234'.
[  802.043488][T14766] usb 5-1: new high-speed USB device number 91 using dummy_hcd
[  802.089214][T20918] netlink: 112 bytes leftover after parsing attributes in process `syz.2.7249'.
[  802.093437][T20921] netlink: 120 bytes leftover after parsing attributes in process `syz.1.7248'.
[  802.443661][T14766] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  802.481747][T14766] usb 5-1: New USB device found, idVendor=0421, idProduct=026c, bcdDevice=1f.2f
[  802.490821][T14766] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  802.563398][T14766] usb 5-1: config 0 descriptor??
[  802.660820][T14766] rndis_wlan: probe of 5-1:0.0 failed with error -22
[  802.677189][T14766] rndis_host: probe of 5-1:0.0 failed with error -22
[  802.724255][T14766] cdc_acm 5-1:0.0: Control and data interfaces are not separated!
[  802.760232][T14766] cdc_acm 5-1:0.0: This needs exactly 3 endpoints
[  802.766713][T14766] cdc_acm: probe of 5-1:0.0 failed with error -22
[  802.840556][ T4687] usb 5-1: USB disconnect, device number 91
[  803.165796][T20976] loop2: detected capacity change from 0 to 128
[  803.253977][ T3684] usb 2-1: new high-speed USB device number 101 using dummy_hcd
[  803.296735][T20982] loop0: detected capacity change from 0 to 256
[  803.349860][ T1271] ieee802154 phy0 wpan0: encryption failed: -22
[  803.356218][ T1271] ieee802154 phy1 wpan1: encryption failed: -22
[  803.438817][T20988] netlink: 116 bytes leftover after parsing attributes in process `syz.4.7276'.
[  803.504539][ T3684] usb 2-1: Using ep0 maxpacket: 16
[  803.755677][T21002] loop4: detected capacity change from 0 to 256
[  803.777280][ T3684] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  803.790121][T21004] loop2: detected capacity change from 0 to 256
[  803.796254][ T3684] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  803.820555][T21002] exfat: Deprecated parameter 'utf8'
[  803.833827][ T3684] usb 2-1: Product: syz
[  803.838032][ T3684] usb 2-1: Manufacturer: syz
[  803.842638][ T3684] usb 2-1: SerialNumber: syz
[  803.881229][T21002] exFAT-fs (loop4): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  803.908667][ T3684] r8152-cfgselector 2-1: config 0 descriptor??
[  803.990273][T21010] netlink: 'syz.0.7287': attribute type 4 has an invalid length.
[  804.023430][T21010] netlink: 168 bytes leftover after parsing attributes in process `syz.0.7287'.
[  804.376851][ T3684] r8152-cfgselector 2-1: Unknown version 0x0000
[  804.383215][ T3684] r8152-cfgselector 2-1: bad CDC descriptors
[  804.444554][ T3684] r8152-cfgselector 2-1: Unknown version 0x0000
[  804.478487][ T3684] r8152-cfgselector 2-1: USB disconnect, device number 101
[  805.201040][T21018] loop3: detected capacity change from 0 to 32768
[  805.252993][T21018] 
[  805.252993][T21018]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  805.252993][T21018] 
[  805.301059][T14766] usb 5-1: new high-speed USB device number 92 using dummy_hcd
[  805.337818][T21064] netlink: 72 bytes leftover after parsing attributes in process `syz.1.7314'.
[  805.349880][T19237] 
[  805.349880][T19237]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  805.349880][T19237] 
[  805.363931][T21064] netlink: 72 bytes leftover after parsing attributes in process `syz.1.7314'.
[  805.386300][T19237] 
[  805.386300][T19237]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  805.386300][T19237] 
[  805.558009][T14766] usb 5-1: Using ep0 maxpacket: 16
[  805.701139][T14766] usb 5-1: New USB device found, idVendor=061d, idProduct=c1a0, bcdDevice=a9.3c
[  805.720202][T14766] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  805.735894][T21082] netlink: 24 bytes leftover after parsing attributes in process `syz.2.7323'.
[  805.742900][T14766] usb 5-1: config 0 descriptor??
[  805.806843][T14766] quatech2 5-1:0.0: Quatech 2nd gen USB to Serial Driver converter detected
[  805.970526][T21093] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7329'.
[  806.005710][T14766] usb 5-1: qt2_setup_urbs - submit read urb failed -8
[  806.022833][T14766] quatech2: probe of 5-1:0.0 failed with error -8
[  806.254036][T14766] usb 5-1: USB disconnect, device number 92
[  806.468394][T21117] loop3: detected capacity change from 0 to 1024
[  806.492046][T21117] hfsplus: unable to parse mount options
[  806.542056][ T3975] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  806.568002][T21117] erofs: (device loop3): erofs_read_superblock: cannot find valid erofs superblock
[  806.805141][T21098] loop0: detected capacity change from 0 to 32768
[  806.906361][T21132] loop1: detected capacity change from 0 to 512
[  807.012823][T21132] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  807.041127][T21098] XFS (loop0): Mounting V5 Filesystem
[  807.073481][T21132] EXT4-fs error (device loop1): ext4_xattr_block_list:719: inode #15: comm syz.1.7347: corrupted xattr block 33
[  807.210401][T21098] XFS (loop0): Ending clean mount
[  807.214599][ T3637] EXT4-fs (loop1): unmounting filesystem.
[  807.265047][T21157] loop4: detected capacity change from 0 to 64
[  807.284248][T21098] XFS (loop0): Quotacheck needed: Please wait.
[  807.442156][T21098] XFS (loop0): Quotacheck: Done.
[  807.549993][ T3635] XFS (loop0): Unmounting Filesystem
[  807.762649][T21177] loop4: detected capacity change from 0 to 512
[  807.816713][T21177] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  807.867659][T21177] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #15: comm syz.4.7365: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0)
[  807.894238][T21177] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.7365: couldn't read orphan inode 15 (err -117)
[  807.920405][T21177] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  808.041257][T21177] EXT4-fs error (device loop4): ext4_add_entry:2484: inode #2: comm syz.4.7365: Directory hole found for htree leaf block 0
[  808.204190][ T3648] EXT4-fs (loop4): unmounting filesystem.
[  808.347046][T21201] netlink: 'syz.4.7374': attribute type 21 has an invalid length.
[  808.392715][T21201] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7374'.
[  808.639637][T14766] usb 4-1: new high-speed USB device number 87 using dummy_hcd
[  808.900850][T14766] usb 4-1: Using ep0 maxpacket: 8
[  809.014611][T21233] netlink: 'syz.0.7391': attribute type 64 has an invalid length.
[  809.043837][T14766] usb 4-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  809.052555][T14766] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  809.089714][T14766] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  809.117836][T21235] netlink: 332 bytes leftover after parsing attributes in process `syz.2.7393'.
[  809.162069][T21212] loop1: detected capacity change from 0 to 32768
[  809.193810][T21212] 
[  809.193810][T21212]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  809.193810][T21212] 
[  809.254567][T21212] 
[  809.254567][T21212]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  809.254567][T21212] 
[  809.281099][T21212] 
[  809.281099][T21212]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  809.281099][T21212] 
[  809.311091][  T132] 
[  809.311091][  T132]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  809.311091][  T132] 
[  809.339212][T14766] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  809.362953][T14766] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  809.396302][T14766] usb 4-1: Product: syz
[  809.411745][T14766] usb 4-1: Manufacturer: syz
[  809.422679][T14766] usb 4-1: SerialNumber: syz
[  809.440882][   T33] 
[  809.440882][   T33]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  809.440882][   T33] 
[  809.463537][   T33] 
[  809.463537][   T33]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  809.463537][   T33] 
[  809.491876][ T3637] 
[  809.491876][ T3637]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  809.491876][ T3637] 
[  809.505804][ T3637] 
[  809.505804][ T3637]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  809.505804][ T3637] 
[  809.507431][T21244] loop2: detected capacity change from 0 to 256
[  809.523228][  T132] 
[  809.523228][  T132]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  809.523228][  T132] 
[  809.556621][T21244] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  809.568708][  T132] ==================================================================
[  809.568720][  T132] BUG: KASAN: use-after-free in lmLogSync+0xa2f/0xad0
[  809.568741][  T132] Write of size 4 at addr ffff88805ac5aa20 by task jfsCommit/132
[  809.568756][  T132] 
[  809.568762][  T132] CPU: 1 PID: 132 Comm: jfsCommit Not tainted 6.1.111-syzkaller #0
[  809.568779][  T132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  809.568788][  T132] Call Trace:
[  809.568794][  T132]  <TASK>
[  809.568801][  T132]  dump_stack_lvl+0x1e3/0x2cb
[  809.568829][  T132]  ? nf_tcp_handle_invalid+0x642/0x642
[  809.568854][  T132]  ? panic+0x764/0x764
[  809.568873][  T132]  ? _printk+0xd1/0x111
[  809.568892][  T132]  ? __virt_addr_valid+0x17f/0x530
[  809.568914][  T132]  ? __virt_addr_valid+0x17f/0x530
[  809.568937][  T132]  print_report+0x15f/0x4f0
[  809.568955][  T132]  ? __virt_addr_valid+0x17f/0x530
[  809.568977][  T132]  ? __virt_addr_valid+0x17f/0x530
[  809.660985][  T132]  ? __virt_addr_valid+0x45b/0x530
[  809.666105][  T132]  ? __phys_addr+0xb6/0x170
[  809.670617][  T132]  ? lmLogSync+0xa2f/0xad0
[  809.675035][  T132]  kasan_report+0x136/0x160
[  809.679549][  T132]  ? lmLogSync+0xa2f/0xad0
[  809.683972][  T132]  lmLogSync+0xa2f/0xad0
[  809.688222][  T132]  ? lmWriteRecord+0x12e0/0x12e0
[  809.693167][  T132]  ? do_raw_spin_unlock+0x137/0x8a0
[  809.698370][  T132]  jfs_syncpt+0x79/0x90
[  809.702532][  T132]  txEnd+0x30b/0x560
[  809.703042][T21225] loop4: detected capacity change from 0 to 32768
[  809.706415][  T132]  jfs_lazycommit+0x610/0xb60
[  809.706435][  T132]  ? _raw_spin_unlock_irqrestore+0x8b/0x130
[  809.706456][  T132]  ? lockdep_hardirqs_on+0x94/0x130
[  809.728573][  T132]  ? txFreelock+0x580/0x580
[  809.733082][  T132]  ? do_task_dead+0xd0/0xd0
[  809.737592][  T132]  ? _raw_spin_unlock+0x40/0x40
[  809.741286][T21225] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.7389 (21225)
[  809.742434][  T132]  ? __kthread_parkme+0x168/0x1c0
[  809.742464][  T132]  kthread+0x28d/0x320
[  809.763734][  T132]  ? txFreelock+0x580/0x580
[  809.768236][  T132]  ? kthread_blkcg+0xd0/0xd0
[  809.772829][  T132]  ret_from_fork+0x1f/0x30
[  809.777257][  T132]  </TASK>
[  809.780275][  T132] 
[  809.782596][  T132] Allocated by task 21212:
[  809.787005][  T132]  kasan_set_track+0x4b/0x70
[  809.791602][  T132]  __kasan_kmalloc+0x97/0xb0
[  809.796193][  T132]  lmLogOpen+0x314/0x1030
[  809.800525][  T132]  jfs_mount_rw+0xe3/0x640
[  809.804950][  T132]  jfs_fill_super+0x67d/0xc40
[  809.809634][  T132]  mount_bdev+0x2c9/0x3f0
[  809.813970][  T132]  legacy_get_tree+0xeb/0x180
[  809.818652][  T132]  vfs_get_tree+0x88/0x270
[  809.823072][  T132]  do_new_mount+0x2ba/0xb40
[  809.827580][  T132]  __se_sys_mount+0x2d5/0x3c0
[  809.832258][  T132]  do_syscall_64+0x3b/0xb0
[  809.836684][  T132]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  809.842586][  T132] 
[  809.844907][  T132] Freed by task 3637:
[  809.848881][  T132]  kasan_set_track+0x4b/0x70
[  809.853477][  T132]  kasan_save_free_info+0x27/0x40
[  809.858498][  T132]  ____kasan_slab_free+0xd6/0x120
[  809.863522][  T132]  __kmem_cache_free+0x25c/0x3c0
[  809.868462][  T132]  lmLogClose+0x29d/0x530
[  809.872801][  T132]  jfs_umount+0x298/0x370
[  809.877135][  T132]  jfs_put_super+0x86/0x180
[  809.881641][  T132]  generic_shutdown_super+0x130/0x340
[  809.887020][  T132]  kill_block_super+0x7a/0xe0
[  809.891701][  T132]  deactivate_locked_super+0xa0/0x110
[  809.897075][  T132]  cleanup_mnt+0x490/0x520
[  809.901497][  T132]  task_work_run+0x246/0x300
[  809.906092][  T132]  exit_to_user_mode_loop+0xde/0x100
[  809.911377][  T132]  exit_to_user_mode_prepare+0xb1/0x140
[  809.916919][  T132]  syscall_exit_to_user_mode+0x60/0x270
[  809.922470][  T132]  do_syscall_64+0x47/0xb0
[  809.926895][  T132]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  809.932793][  T132] 
[  809.935116][  T132] Last potentially related work creation:
[  809.940830][  T132]  kasan_save_stack+0x3b/0x60
[  809.945514][  T132]  __kasan_record_aux_stack+0xb0/0xc0
[  809.950891][  T132]  kvfree_call_rcu+0x116/0x8c0
[  809.955654][  T132]  neigh_remove_one+0x5c6/0x6d0
[  809.960507][  T132]  ___neigh_create+0x459/0x24b0
[  809.965365][  T132]  ndisc_router_discovery+0x57b/0x3a20
[  809.970826][  T132]  ndisc_rcv+0x439/0x670
[  809.975072][  T132]  icmpv6_rcv+0xf5c/0x1770
[  809.979494][  T132]  ip6_protocol_deliver_rcu+0xb1a/0x1340
[  809.985131][  T132]  ip6_input_finish+0x183/0x2c0
[  809.989987][  T132]  NF_HOOK+0x39d/0x450
[  809.994058][  T132]  ip6_mc_input+0x96b/0xbd0
[  809.998564][  T132]  NF_HOOK+0x39d/0x450
[  810.002636][  T132]  __netif_receive_skb+0x1c6/0x530
[  810.005957][T14766] usb 4-1: 0:2 : does not exist
[  810.007732][  T132]  netif_receive_skb+0x1f4/0x890
[  810.017493][  T132]  tun_rx_batched+0x1b3/0x8e0
[  810.022175][  T132]  tun_get_user+0x2c03/0x42d0
[  810.026859][  T132]  tun_chr_write_iter+0x10c/0x1f0
[  810.031901][  T132]  vfs_write+0x857/0xbc0
[  810.033808][T14766] usb 4-1: USB disconnect, device number 87
[  810.036134][  T132]  ksys_write+0x19c/0x2c0
[  810.036153][  T132]  do_syscall_64+0x3b/0xb0
[  810.036173][  T132]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  810.036193][  T132] 
[  810.036198][  T132] The buggy address belongs to the object at ffff88805ac5a800
[  810.036198][  T132]  which belongs to the cache kmalloc-1k of size 1024
[  810.072996][  T132] The buggy address is located 544 bytes inside of
[  810.072996][  T132]  1024-byte region [ffff88805ac5a800, ffff88805ac5ac00)
[  810.086356][  T132] 
[  810.088674][  T132] The buggy address belongs to the physical page:
[  810.095085][  T132] page:ffffea00016b1600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5ac58
[  810.105237][  T132] head:ffffea00016b1600 order:3 compound_mapcount:0 compound_pincount:0
[  810.113566][  T132] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  810.121559][  T132] raw: 00fff00000010200 dead000000000100 dead000000000122 ffff888017c41dc0
[  810.130145][  T132] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[  810.137532][T21249] loop0: detected capacity change from 0 to 2048
[  810.138704][  T132] page dumped because: kasan: bad access detected
[  810.138722][  T132] page_owner tracks the page as allocated
[  810.138728][  T132] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 3644, tgid 3644 (syz-executor), ts 51371925497, free_ts 10769496862
[  810.174222][T21249] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  810.177818][  T132]  post_alloc_hook+0x18d/0x1b0
[  810.177841][  T132]  get_page_from_freelist+0x322e/0x33b0
[  810.177858][  T132]  __alloc_pages+0x28d/0x770
[  810.177872][  T132]  alloc_slab_page+0x6a/0x150
[  810.177890][  T132]  new_slab+0x84/0x2d0
[  810.210179][  T132]  ___slab_alloc+0xc20/0x1270
[  810.214851][  T132]  __kmem_cache_alloc_node+0x19f/0x260
[  810.220308][  T132]  __kmalloc_node_track_caller+0xa0/0x220
[  810.226033][  T132]  __alloc_skb+0x135/0x670
[  810.230452][  T132]  inet6_rt_notify+0xdc/0x280
[  810.235132][  T132]  fib6_add+0x1db2/0x3c80
[  810.239469][  T132]  ip6_ins_rt+0x102/0x170
[  810.243799][  T132]  __ipv6_ifa_notify+0x5bc/0x11d0
[  810.248825][  T132]  add_addr+0x2ca/0x480
[  810.252982][  T132]  add_v4_addrs+0x8cf/0x1180
[  810.257572][  T132]  addrconf_init_auto_addrs+0x1ff/0xe60
[  810.259880][ T3975] udevd[3975]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  810.263101][  T132] page last free stack trace:
[  810.263109][  T132]  free_unref_page_prepare+0xf63/0x1120
[  810.263127][  T132]  free_unref_page+0x33/0x3e0
[  810.263141][  T132]  free_contig_range+0x9a/0x150
[  810.298494][  T132]  destroy_args+0xfe/0x997
[  810.302909][  T132]  debug_vm_pgtable+0x416/0x46b
[  810.307737][  T132]  do_one_initcall+0x265/0x8f0
[  810.312481][  T132]  do_initcall_level+0x157/0x207
[  810.317397][  T132]  do_initcalls+0x49/0x86
[  810.321706][  T132]  kernel_init_freeable+0x45c/0x60f
[  810.326883][  T132]  kernel_init+0x19/0x290
[  810.331196][  T132]  ret_from_fork+0x1f/0x30
[  810.335614][  T132] 
[  810.337914][  T132] Memory state around the buggy address:
[  810.343520][  T132]  ffff88805ac5a900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  810.351557][  T132]  ffff88805ac5a980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  810.359603][  T132] >ffff88805ac5aa00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  810.367654][  T132]                                ^
[  810.372747][  T132]  ffff88805ac5aa80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  810.380792][  T132]  ffff88805ac5ab00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  810.388838][  T132] ==================================================================
[  810.396907][    C1] vkms_vblank_simulate: vblank timer overrun
[  810.405989][  T132] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  810.413184][  T132] CPU: 1 PID: 132 Comm: jfsCommit Not tainted 6.1.111-syzkaller #0
[  810.415867][T21225] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  810.415937][T21225] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  810.415986][T21225] BTRFS info (device loop4): using free space tree
[  810.446125][  T132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  810.456163][  T132] Call Trace:
[  810.459426][  T132]  <TASK>
[  810.462339][  T132]  dump_stack_lvl+0x1e3/0x2cb
[  810.467012][  T132]  ? nf_tcp_handle_invalid+0x642/0x642
[  810.472460][  T132]  ? panic+0x764/0x764
[  810.476512][  T132]  ? preempt_schedule_common+0xa6/0xd0
[  810.481959][  T132]  ? vscnprintf+0x59/0x80
[  810.486273][  T132]  panic+0x318/0x764
[  810.490150][  T132]  ? check_panic_on_warn+0x1d/0xa0
[  810.495244][  T132]  ? memcpy_page_flushcache+0xfc/0xfc
[  810.500596][  T132]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[  810.506560][  T132]  ? _raw_spin_unlock+0x40/0x40
[  810.511394][  T132]  ? print_report+0x4a3/0x4f0
[  810.516055][  T132]  check_panic_on_warn+0x7e/0xa0
[  810.520974][  T132]  ? lmLogSync+0xa2f/0xad0
[  810.525373][  T132]  end_report+0x66/0x110
[  810.529596][  T132]  kasan_report+0x143/0x160
[  810.534080][  T132]  ? lmLogSync+0xa2f/0xad0
[  810.538479][  T132]  lmLogSync+0xa2f/0xad0
[  810.542706][  T132]  ? lmWriteRecord+0x12e0/0x12e0
[  810.547625][  T132]  ? do_raw_spin_unlock+0x137/0x8a0
[  810.552804][  T132]  jfs_syncpt+0x79/0x90
[  810.556939][  T132]  txEnd+0x30b/0x560
[  810.560817][  T132]  jfs_lazycommit+0x610/0xb60
[  810.565471][  T132]  ? _raw_spin_unlock_irqrestore+0x8b/0x130
[  810.571346][  T132]  ? lockdep_hardirqs_on+0x94/0x130
[  810.576528][  T132]  ? txFreelock+0x580/0x580
[  810.581012][  T132]  ? do_task_dead+0xd0/0xd0
[  810.585503][  T132]  ? _raw_spin_unlock+0x40/0x40
[  810.590338][  T132]  ? __kthread_parkme+0x168/0x1c0
[  810.595350][  T132]  kthread+0x28d/0x320
[  810.599398][  T132]  ? txFreelock+0x580/0x580
[  810.603881][  T132]  ? kthread_blkcg+0xd0/0xd0
[  810.608453][  T132]  ret_from_fork+0x1f/0x30
[  810.612858][  T132]  </TASK>
[  810.616080][  T132] Kernel Offset: disabled
[  810.620387][  T132] Rebooting in 86400 seconds..