last executing test programs:

2.913285429s ago: executing program 0 (id=852):
r0 = gettid()
timer_create(0x2, &(0x7f000049efa0)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000044000))
exit(0x6)
timer_settime(0x0, 0xe54aef35e9c2845d, &(0x7f000006b000)={{}, {0x0, 0x9}}, 0x0)

2.630024526s ago: executing program 3 (id=857):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x48001, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_GET_MSRS_cpu(r2, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x40000022, 0x0, 0x7}]})

2.431106098s ago: executing program 2 (id=860):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
poll(&(0x7f00000000c0)=[{r0}], 0x1, 0x0)

2.429720338s ago: executing program 1 (id=870):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x1}, 0x1c)
r1 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r1, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x6}, 0x1c)

2.413941539s ago: executing program 3 (id=861):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001680), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000016c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_DEAUTHENTICATE(r0, &(0x7f0000001a40)={0x0, 0x0, &(0x7f0000001a00)={&(0x7f0000001840)={0x1c, r1, 0x1, 0x70bd2b, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000)

2.322494004s ago: executing program 2 (id=863):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, &(0x7f0000000400)={r0, r0, 0x6, 0x5, &(0x7f00000006c0)="3e8a4f2ed5", 0x9, 0x1, 0xc45, 0x1010, 0xc3, 0x0, 0x7, 'syz0\x00'})

2.297024816s ago: executing program 3 (id=865):
r0 = syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x1204408, &(0x7f0000000080)={[{@compress_force}, {@clear_cache}, {@nodatasum}, {@ref_verify}, {}, {@skip_balance}]}, 0x0, 0x51ab, &(0x7f000000a440)="$eJzs3V9oVFceB/Az+aPxDyY+xV32wX1YWcUFWRF2UdggGF2Whdn1YVnYrFlZxT+7JUgDwb5YS2lBxGCgthSKD33pS0mlUFqqBAsthYogVloUW0teWiiESsGXlpK590xmzvVmxlQbq5+PJHfO/d1z7pnhPsx3zLkTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIIRwcM3Kv+xaPb2urD7dP3bq6LLt507vP3ljaGjLlRAqtf2VvL5n+66/79+95689scPw37JtX1/ZkFnXz7PGkqads/2af/4TQuhOBujMtzs6G/pW0hOEI8UB53XgZv/o5u7BaxN3zmy8eP3QhuJTZ1bPYk9gseTX1fTctTRQ+92RHFFvN1x6laZLNOufXnA/yZMAAO7JpmptU387mr/FrbePpfWkPZC0x5N2fIcw3thYiGzcJWXzXJvWF2meA1lUWFo6z6Sev/71djXtn7STqHEP82w+NI80PWXzHEnqizVPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIfJqx9euvTcy+u3ldWn+8dOHV22/dzp/SdvDA1tuRJCX21/JStXlv+q8w+fLtt57fiRN36zr+ftk515v7jtajg4fBIf/LE3hL0Nlek47JerQqg2F2rN8FKxcLD24M+xAAAAwKPkF7XfHfV2Fge7m9qVWpqs1P5FWVg8cLN/dHP34LWJO2c2Xrx+aMPCx6uWjDdw1/Hq7b65n0pDMI7xNx1vrh4PPVIYZ37piGme/2zmyVsXJn7777L+hfzfN3/+j6+c/A8AAMCPIf+n48yvVf6/+s7zT3UN7n2vrH8h/69tOmUh/8cZx/zfERaW/wEAAOBh9qDz/0BhnPm1yv/fnZ86f/nb46+U9S/k/03t5f+uxmnHnR/FCR/uDWFTq6kDAAAAJeL/u899tBDzevbJQZrXO2ZGe6d6blwtG6+Q/wfay//d9/2ZAQAAAAv1v7F/Hb8wNn6zrF7I/9X28v/SBz5zAAAAoF37Tvz/3PoNIyvL6oX8P9xe/l+eb/OVD1mn9+NfIUz0htAz+2AkK3wQxv9ULwAAAAD3SczpX41u/f7jwel3y44r5P+R+e//H+90ENf/N93/r7D+v6GQ3fVvqxsDAAAA8DgqruePt8fPvrmg7Pv3213/f+uXO3b9d+c/vig7fyH/H2sv/3c2bu/n9/8BAADAAvzcvv/vn4Vx5tfq/v/fDN36et3hZwfL+hfy/3h7+T9uVzQ+van4+jzTG8Ka2Qf53QRfi6c7nBQmuxsK2Quf9Ngde+SFyaUNhZqRpMfve0P49eyDY0lhdSyMJ4WZVXnhbFK4HAv59VAvvJ4UpuKV9sKqfLpp4a1YyBdYTMYVFCvqSyKSHrfLeswW7trjev3kAAAAj5UYnvMs293cDGmUnay0OmB5qwM6Wh3Q2eqAruSA9MCy/WG4uRD3v7jtd7evPPHm06FEIf+fbS//x5diSbYpW/8f4vr//HsN6+v/h2OhLylMxkI1vWNANZ4jC7sn4jn6qnmPmTX1AgAAADzS4ucCnYs8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5g7/6D7KrqA4Cf/f0jm91FHAFJNYqA6ZDNJjFKK1MC1UFxpi4OdZw60UR2g9ssJCZhICnthEA7U5hUVKa1o0NDHUdpkUY6jlK1pEyBcaRTm7ZMxWhl/EFtaxnGSodSm87be8/d+87dm/dCdiFLP58/9p33vufnfT/2nXvvOxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/h38ZWPMb+1f89Py6+PfPuOHDewcuve+jWw8c3bRpw5EQJmYf78jCHYMrui785sBlj+3f+flzp/rvP9Cbl8vjYVnjT2d+55ai1uUhfLEjhO40sHooC/Tk94difSuGQjgtzAWKElODWYm04fDQQAgHw1ygqOr+gRCGSoErjzz4wIFG4o6BEM4NIfSlbXy7L2tjIA2c15sFBtPA9u4s8F/HMkXgS51ZAE5afDMUL/pDE80ZRucvV/P661mwjr240uF1xcRofb4fX7LInSrpTR+YOKmnrVIdi6Ly9jjs3bYE3m2V7Xy7p638RSr/hnJsLtQXOientm65bmZ3fKQzjI111dW0SM/z40/feNWJpJfM6zB2YHRBXofP3vme68+afMuNt24/54m177vg6Ml2s27zLra+kL/mlszzGG30ebIE3n6Vb0krfekKIfzcB7tv6vrtI5+qi1fm/6PHn//Hl3O87WzKHWt9bjibm8dHhmLiqeFsbg4AAABLxlLYa/qjs1/xe6s61zxeV19l/r+yveP/8ZB/PpnPRns4hI2ziZtHQjhz9vEscHds7gMjIbxmNjXRHLgkCRwO4azZxKqiqqREfyyxMgk8OZwHNiaBh2NgIgl8OgZuTwK3xMChJHBVDBxOApfGQJhuHsfPD+fjaDswEAObs414KJ6F8JPh2Fqyrb5VVAUAALBA8tlhT/Pd0rkOJ5shTi8PDbTKEM/Ars3Ql9SQzmCLaVVtDd2tauhsVUMx7n3HH36l5o5WNVdOw+hoznDpK/7w/BVfu+ELoUZl/j9+/Pl/3zwd6agc/w/hitm/MXdnHpkp4psnmjIAAAAAJ2HtG2a+9idnv+nNdfHK/H9je+f/x30iXaXM4dG4G2LbSAjjzYGs2jdXA9lR72V5AAAAAJaC4nh8cSx8Or/NTtFO59PV/BMnmD8e+N84b/5fCpOnb/vBUxvq+luZ/0+0d/7/YPNt1omHYy8+NhJCfynwSOxlIzBrZQx89+LmQD7+h+MGuC1WlZ+YUFR1WyyxOQbGk8DBuhLfKEqc2RzIn6yi8ZuLcUznJUoBAAAAeMHF3QHxuHw8///Ctd/70KaP7/1cXbnK/H/ziZ3/PzsPrpzeP7MshDXdIXSlPwx4dDBbGDAGhjryxFcHs7q60qpuGgzhosbA0qqeyNf/707XGDwykFUVA2e+9rNPn9dIfGoghDXlwGPvvWt2x8juJFA0/qsDIby6Mdq08S/0Z433pI3/QX8IryoFiqo+0B9Co7HetKoH+/LrGKRV/VlfCKeXAkVVb+wLYU8AYImK/0onyw/u2rN325aZmamdi5iI+/AHwtbpmamxq7bPTPbV9Gky6XPTMkY3VcfU2ebYj+ZLFN1z+dhIO+nid4Lj5b7k+/ErJw7m9+N3oZ7Zca7rabq7Ph3y68+pNpEO6cUY8mC5krknsVJ/zN8bloX+63ZN7Ry7Ycvu3TvXZn/bzb4u+xsPM2Xbam26rQbn61sbL492F0N/vtuq6TJXa3Zfs2PNrj17V09fs+Xqqaunrn3D+LrxdevHN7zpwjWNUY1nf1sM9fz5qk6Geuyu6hDavQbU8x3qK7tLlbwQnxoSEhJLLbHl4q/+5b1nfWJZ3cdPZf6/4/jz//ipEz/58/UZ6o7/j8bD/Nnjc4f5N8fAwXaP/4/WHc0vTgxYmQT2xcA+h/kBAAB4aYi7G+PezLhXuuem1WN//MlHnqwrV5n/72vv9/8LtP5/sXT95XXL/K+KJcbr1v9Pl/kv1v/fV7f+f7rMf7H+/8EXYf3/64pAskl+Yv1/AADgpeCFW/+/5fL+6QUCKhlaLu+fXiCgkqHlMv7tXiDghNf/f/tzr+u55iOvviXUqMz/b29v/m/hfgAAADh13HVkQ8eD//o/D9XFK/P/g+3N/1/49f9C3fn/K+sCE3ULA1r/DwAAgCWqbv2/9a/78ebP/WzFD+vKVeb/h9qb/8fTLjqbcsdanxvO1rQL6Zp2Tw0XPxkAAACApaEzjI21u6Jp08qolzz/Nh/PlwI9Xrrsr758zT8+8tb39tfVV5n/H25v/t/0u4xn73zP9WdNvuXG527dfs4Ta993wdG54/8AAADA4ml3vwQAAAAAAAAAAAAAAPDie3rv5Lv++ew7P1MXr/z+P1wx+3jd7//jdf/i7wte3pQ71tp6/b/8/pXvuHfP7JKFjw6HcE45sG3/ttNCfm3+88uBBzatOqOR2J+W+Mp3Lv1BI/H+NPC21S97ppG4KAlsjosknpUG4lUVn1meBOLyin+fBuL2OJQGevPA7y7PxtGRbqsfDWXbqiPdVo8PhTBSChTb6otDWRsd6QDvSALFAD+UBuIAfyUPdKa9undZ1qsYGIpF/2hZ1isAAE5Z8VtgT9g6PTM1Hr/Cx9tXdjffRk1Llt1UrbajzeaP5kuT3XP52Eg76a70u+jctcZ7Ql9jCGsrX1fLWTpmR7kwtbTYdC+vGXKr1d7a/XX2iW663voRDWQjGrtq+8xkT8uBr2+dZV13yyxrK5OdcpbO2U3aRi1t9KWNEbW5bdrocrzfGcbGupJcvxiDo6HJQr0iyuv81b0Kynn2Tb7xb75x7Nihuvoq8//R9ub/feVxPZNfDGBfvLLezSMhnNnmiAAAAIB2fevL/7Ru+yd+55709ort1956weCPLq4rV5n/r2xv/h93jOWHgrO9HYfj9f+L+f9oFrg7NveBkRBeM5uaiCWyC+pfHkuMZ4G74w6TVbHE5onmqvpj4FASeHI4DxxOAg/HQL6X4rMh35XzkeEQNsymrmgusSOWGE0C74yBlUlgLAbGk8DyGNiYBP59eR6YSAJfj4Ew3byt/ny5vSsAAMDzkM+zeprvhnSed6i7VYaOVhkGW2XobJWhr1WGulHE+/fFDD3JySsdpUw9aa0DSS2VDPFi+Cfcr0qG8I3mnGnBStPx/IPifIOO5gz/dtnrv33erlXtX/9/vL35/2Dzbdb6w3H+P3f9vyzwSOzex+Kp4ytj4LsXNwfyHQMPx8nubUVVE3mJfNJ+WyyxMQZWJoEdMbAxCWy+Ig8cPKM5kM+0i8ZvLhqfzkuUAgAAAPCCizsI4m6aOP//0/+++3MH/uHav64rV5n/b2xv/h/bW1Zu7Jai1uUhfLFjrjdFYPVQFoj7MYbiz+NXDIVwWmkHR1FiajAr0Zs0HB4ayH6h3ptWdf9AtsZAvH/lkQcfONBI3DEQwrmlvS9FG9/uy9oYSAPn9WaBwTSwvTsLxD0/ReBLnVkATlqxVzC+oPJTXQqj85eref29VK4Jmg6vsg90nnzz/eZqsfSlD+T7VAsn9rRVqmNRVN4eh73bluK7bdS7rfxFKv+Gcmwu1Bc6J6e2brluZnd8pPxL1opFep7Lv1JtJ70Ar8N9z7+3rfWlHRhPPj7G5y83/+uwI1b37J3vuf6sybfceOv2c55Y+74LjrbdjRrxh8Lv/uTLRsubd7H1hfw1t+Q+TyZ8nizFfwMrPW2NGexTv//V//jp4z+ri1fm/xPtzf+7k9tZz8aNuWskhNeXNu6jcfP/8kj2OVgKZJ+Sp1cD2SH37w3XfnICAADAQit2dxT7C6bz2+yE8HSeXM0/cYL54/6KjfPmb7ffW29+aP8P/+6Or9TFK/P/zcef//cn3XT83/F/Fonj//M61XdF96cP7DupXdGV6lgUjv/P61R/tzn+Py/H/x3/n4/j/y04/j+vU/1pq3xL2uFLVwjh6++/8+33bP+18+rilfn/jvbm/9b/m3/RvmL9v8116//tqFv/b5/1/wAAgEVVs9BcOs+rrN5XyZCu3lfJ0HKBwJZLDFr/74TX/3vrO//3+mOvuGRnqFGZ/+9rb/4fXw7Lyq0vlfX/Vl5RU9XtMbDDwoAAAACciup2EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDievcvPLl8029eOF0X//4ZN3x478Cl931064GjmzZtOBJClrUjC3cMrui68JsDlz22f+fnz53qv/9AX16uJ789uyl3rPW54RAOlh4Ziomnhht35gJXvuPePd2NxKPDIZxTDmzbv+20RuLTwyGcXw48sGnVGY3E/rTEV75z6Q8aifengbetftkzjcRFeaAj7e4nl2fd7Ui7e2B5CCOlQNHdX1/eXFXRxmV5oDNt4zNDWRsxMBSLfnwoayMGZmKJ6f4Q1nSH0JVW9bW+rKqutKq/6Muq6kqr+q2+EC4KIXSnVX2nN6uqOx353/ZmVcXAma/97NPnNRIHe0NYUw489t67NjQSH0oCRePv6g3h1Y2XTNr4fT1Z4z1p43f0hPCqEEJvWuI/u7MSvWmJJ7pDOL0UKBr/YHcIewIvCfHDZ7L84K49e7dtmZmZ2rmIid68rYGwdXpmauyq7TOTfUmf6nSU0sduOn78eI4+feNVjdt7Lh8baSfdnZfrme3yup6mu+sXqvftOtHex34NliuZez4q9cf8vWFZ6L9u19TOsRu27N69c232t93s67K/XXk021ZrF2pbdbYoHz3fbXV+uZI1u6/ZsWbXnr2rp6/ZcvXU1VPXvmF83fi69eMb3nThmsaoxrO/CzHUu44fX4yhvrK7VMkL8QEgISGx1BKdTZ9u46f6P73KF/25jvaEvtkP6Mq0opylY3aUCzHoS6rxrkUadGVKUhnR2srEoZJlXess6yuTibksA1mW2e91lclhuabO2U0a73eGsbHazTLafLe8eX88z+Zt1+P5pms3DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/B87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAsAAAAACPO3DqNnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBSAAAA//+3Rsqd")
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
ioctl$BTRFS_IOC_INO_PATHS(r0, 0xc0389423, 0x0)
lsetxattr$trusted_overlay_upper(0x0, 0x0, 0x0, 0x0, 0x2)

2.275420827s ago: executing program 1 (id=866):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x2, &(0x7f0000000080)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001240)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)="0300ffff0000", 0x6}])

2.091387077s ago: executing program 2 (id=867):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x28000, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000001480)=0x2)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x19)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

2.066803189s ago: executing program 2 (id=868):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000740)={0x1c, &(0x7f0000000540)={0x20, 0xc}, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r1, 0x5b24, 0x0)

1.959444575s ago: executing program 0 (id=869):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010028bd7000ffdbdf254400000008000300", @ANYRES32=r2, @ANYBLOB="08002600a309000008002700030000080a0018"], 0x38}, 0x1, 0x0, 0x0, 0x881}, 0x4c040)

1.959067275s ago: executing program 1 (id=871):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f00000000c0)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000040)={@host})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, &(0x7f0000000000)={&(0x7f0000000540)={{@host=0x10}, {@host, 0xffffffff}, 0x400, "d49e0b1f09a3e05cb898141464441748655937bb34d22f02362479246bb6372d891a3b5dafa58a6abc5a678d6874fc8fb5f8a529c6e30103484f2667c174fb6cda19ea0a9301bc3238eb816e9c3882f243bcd4bd7115b26dacf5923f060498d471cb4f789562fcda119739dd1a5b0e4e1a4a64dbd7b398bd4e7a247d81f968f2e945f293fc3860bf11f0424193fce743067d27f0ac187b44b128a4999547f73d8c35d3c2bd8b51bbc9a31123f773be89e109cc71b8ec29a539083c0cba15b0899c7181ba154c28b3c4e2ebe360ac44f942a703b9a3a37fbbefe9ae0de04a32336a6eba07b2fb6ad426d56e17291bb1a9d1fcdaa939378bab6dd2eac37b369ef163c9e0fc8039352c24d8147fcc2e2559b47066abd21a3a5f83f239a2227d17d4ca90f60ed9acc243ed38818e3883a985106b54dc157b67022525a74e8f9cb99852760359278d5d22294a70433ba4cec5147fbb09b1d0008ba76257f1c5af6b8d6bf3bcfd5a468a566a4e98fe5f264f2663b72cb421c90d8b7883ddfb5749b27a3e146f9d8538706fea61b07c6e064446337439b9d5a5dc82f6c63c57d6ba0e709b7c1b15fa8367f8e6df2cf59b0b30740ef47c5cccffce5911569591ce4ab62275964cd147e87a30cc6e71f7e40e161997cdbadcfbfb6c54e0289ac137508b7b5339414e4ab7afcc420148e37d49b664cc07c8178a3b50f566c5bdd3aa9217ef909805972bd63ee1d729b282cd866c183744b20da3227f9d43843236b571c8d3237408c266e08d0699ebd30e0820362664ab323b15d3ae9896d6120aae6ef9085f53a2b39cc31238b031476c86e6b16d7703fcbacc7269ce8622eab1cfdf82a364209ec4ac912db924bb76bc35ddf8d0e7a3aff0d08a48c07be47303b59653d9409f14dc59ac33cae5e010466f54d86772e43e3680863bb9bf10c971f16a731e601d7fcdbb91d7146e7834d89059ad522d70398c2bacf113ed791e32f933dfa23f5d6d11bfc9d9e0f04a34b0eddd99d16cd9712485e0a5c9aaf1ebf3f14d00005f8960b6145cbb7d4522692ebe1f9491f87a29ed67c5fb60f5e69bde2a758742999fc986a2dbf6199977e9b446691bf9f95d0abd84557c77ea13356c977d0f098ab9fec85acbd6447f2e6893e2fa6a0a7b272dab66e69b7def48f8b3583a53a0941fb3e4367fa8d56e05ee3b265f17ca0439fcdcea276f7f0a9bf4c2a324d7143658007cf4019e8da69ba1b7dff4383714cbcb71dfe6f1b1ac5d5e99394cb2c360ddb1889d92cd36f8fc72ac865f1c6445957b2a57c1af59ef8d2e9fe328ec2bde763d65c4dea965042f540515bf2f879d1b26309ebc1d7f76c569fa88fbe61845e96e93d3b6025b6285777e59495943596c128fdacc545263ce458bf99f57d7e5dc77f65cf650902b5b6d5af9359334759843365bf0dfb244817a40e8cc9030"}, 0x418, 0x1})

1.87133702s ago: executing program 0 (id=872):
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000180)='./bus\x00', 0x0, &(0x7f0000000340)=ANY=[], 0x3, 0x1cf, &(0x7f0000000780)="$eJzsmL/L00AYx793ydtap84iKFiwDqZJqiKIYKcOLoK/cBGLTUs1tZJmsJ3qX+Df4F8g4uSiDl3dBMFJO7l0FNxO7nJtzpY2pT9EeJ/PcO/nLk/ufe5J+hQKgiCOLZMfv75/fD/+fQSggBLyyfK3n1Yaw4346O3N8unPde/Dw/G1r+/qXxb3OwtAiE3+sz23TzULsXYh/r67pP/eAUcJBeV3wXFBr98Hg6P9ETjuaQ/A8ED7k8QZMEJPxjtOqxMGzuNe2JTiysGTgy+H6mKW05cMTSM/ZlzvD4ZPG2EYRMuSW31ptaBorrxRklXFaY3jOiD0IxPm85rVxlX1S/DA4WmvguG29qvI69rwpfOfstPzW5udP1Mm2DhYvp5rY15tn0aW2Nhxn9mbvnUagkV9toeCr5MTev/D1HB3wSiRvJEhP1g1/onIcv8HaRxI0v4hXjOcN/qnbfSPStx9fqM/GF7sdBvtoB088/3qFfeS6172Ky07DNyK6tBr+l9B9aeTxv5HK2JzLIcXjTiOvGScz/1kTA9g3KP6H0f5XDJnes1EfTSLTH71oWzpOUEQBEEQBEEQBEEQBEEQxN45A6Z+Bc3Av6Wi/wQAAP///O1kPw==")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x8880, 0x85)
lseek(r0, 0xfc, 0x1)
getdents64(r0, 0x0, 0x8f8db2886a7918c7)

1.842244962s ago: executing program 1 (id=873):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
getsockopt$TIPC_NODE_RECVQ_DEPTH(r0, 0x10f, 0x83, &(0x7f0000000180), &(0x7f00000001c0)=0x4)

1.218739399s ago: executing program 3 (id=874):
r0 = socket(0x10, 0x80003, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xf, "0000000000000000000100000e000081"}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x2000000}, 0x0)

1.217904399s ago: executing program 0 (id=882):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)="11212e", 0x3}, 0x1, 0x0, 0x0, 0x24008011}, 0x8080)
recvmmsg(r0, &(0x7f0000009880)=[{{0x0, 0x0, 0x0}, 0x7fffffff}], 0x1, 0x63, 0x0)

752.005826ms ago: executing program 3 (id=875):
mount$9p_fd(0x0, 0x0, &(0x7f0000000040), 0x0, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x8000, 0x1000}, 0x1c)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

751.200076ms ago: executing program 0 (id=884):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000d00)=0x205a, 0x4)
setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f00000007c0)=0x57, 0x4)
recvfrom$packet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

662.469761ms ago: executing program 1 (id=876):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x4e25, @dev={0xac, 0x14, 0x14, 0x12}}], 0x10)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000200), 0x4)
listen(r0, 0xfff)

646.733542ms ago: executing program 3 (id=877):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000600)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c257f9ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e375812eb0bc448e68eda4c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x1, 0x442d, &(0x7f0000004480)="$eJzs3c9rVNceAPBzb/KeiU998cfCBw/ewBPeoy0hcdU2QjVGY6KpxVYp3YyTZNS0k4wkk9KFi3QndFXoQrqQFrrLSrLo1v4J3XRp10K76KZQkKbMzJ0492aGTCXXVPl8wJzc8zvznXvmzOJ64kTt1sJKYWGlUFoqVOdurJwsfFytrC6WQ/yc7PX49CaPOIn93rl89vy7106G8N38D483Nzc3Q11/6Gi07fdff7kz1562xJk29X4797ZbPgghHNs2r7q+EML734YQhRDOJHnjSToYQjgUmmXX7nx2vbBLs3nwqHyq+GTm7sbYien1+xvd//YohC8r/3rt5uJP/+0b+/GVXRoeAAAAAAAAAAAAAAAAAIAX3OSVy1ffGRkND6PQvx5tf153Mkm7PR+7uWv+k/8fCwAAAAAAAAAAAAAAAAAAAH9RT5//L0RHOjz/P5Gkp7u033wr/zmSn6m3L0+cGxlNzn+PtpW/nmT9fKYvHO5w7nv2/Pczmfadz3/fPs6zas2vNe5QiOLh1HUcDw+H8HVy8PvxaH9cqa7UXr1RXV2a37VpvLDS8W+e3p+KTnKgf6/xH8/0n//5/0e3vZvq19d37y32UkvHv69rvW8+jXqK/9l0s3s5TbvN0fyHeIml49/fyBtsr7CvmdTj/3n/zvGfyPSf1/1/KIRQiOpzLaRWgPoepp7fbb9CWjr+f2vkpZbO5IXsdv//lon/uUz/e7X+r2U/iOgoHf+/N/IGUjWaG4BG/OOd7//zmf73Iv71+a/5/O9JOv7JYt+fqtJ4JXtd/ycz/ecV/6txMs9DUeodsB4187v9f3WkpeM/sK386fe/uKf934VM++f1/a81buv7X2v5/3/U/P5HZ+n4D3at1+v9P5Vpl/f6f7qx/+NZpeO/v5GX3jsPNX72Gv/pTP95xb+xKxloxf/pevL7vmb+V/Z/PUnH/x/NzLi9xlrjZ2P/F+28/7+Y6X8v9n/1+a/F+Y76skjH/0DXevX4f9/D5/+lTLv84x/CiL3+M0vH/2DXeo37f2Dn+M9k2uUd///l2TkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAC2A8SYdCFA+nruN4eDiEs8n18bA/mi3NF2cr1bmPVkKYSPIL4Uh0s1KdLVWKC0vV+XKxVKlU50I4l5QfCwPRSqVaKy6Wbp/f6mswulUuLddmy6VaCGEyyf93ONjqa3ahtli6HUK4sFX2z7i6fPtWaak4v7D85sjIyEiY2prD4aj8Sa28VGuO3iwNYXqr7VDUNrlG8cWtuRyIPqyuLi+VKo38S21tKtW5UqWtzUxS9kU4HNWWV5fmSrVysVK92RpvL51O0ompK+9duTS6rfx61EzHn++0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiTHo69cS+E0N+8ikMIhSj5JUr+pTx4VD5VfDJzd2PsxPT6/Y3HneoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAH+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhl/5RIgaiOAC/GQUtPYZVSDrbiCJaGBE8gR7Dw+hRvIR3sLCwtVgWdiew5A+EwHbf1zyYH2/ewDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgubvn7uWpbiJSnG/OIr7evn8O84dSP66n+09WzDxd0cNx3D92N7d1U/49jfKrcvTb5l36//f+GhO19znYk+E+7Y3nDM3t29z7+rkXkXIVEW3JL1POVbXsLgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDLDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgWAAAAABAmL91FH0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwKAAD//4w3HM8=")
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x141a42, 0x1c2)
lsetxattr$trusted_overlay_origin(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000240), 0x0, 0x0, 0x1)
setxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x0)

586.704506ms ago: executing program 0 (id=878):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000280)='./file0\x00', 0x200841a, &(0x7f0000000f40)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5c2b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0193acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417bb7f527c0bfebec112d57fc69fabb9b31ef97b2147930ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c8426803000000005c000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a3332978da70e9050417087c5ae034a735e8b448dd97014043159cbaacebfc912cf05f608e6214c04099fa311b747c37af702d134fb8eec487cfaea91150d1980464ff31cf86e3f3b950b204f6f67810c0826e4e5467c1588de9816bc627fb4662ac5fc8e38f19ec065550e5f9b16f72a91144a2e52ba9f2c6a7e2afbabc533ac731bb7ec51b8c585c2749469da331006ca4d49e136189d21ae50455834b2e75efd81c9d6352e5a814cf002f294475dab27a10d87516e405eff30", @ANYRESOCT], 0x1, 0x553b, &(0x7f00000024c0)="$eJzs3EtvG1UUAOA7TtPSJxFiwa4jVUiJVFt12lSwC9CKh0gV8ViwAsd2LLe2J4odJ2SFBEvEgn+CQGLFkt/AgjU7xALEDgnkuWNKKI9WduKk/T5pfGbujM+cO7ISnRnLAXhiLaS//pyES+FsCGEuhHAhCfl6Uiy51RieCyFcDiGU/rIkxfifA6dDCOdCCJdGyWPOpNj1+dXhlZWf3vjlm+/OnDr/xdffz27WwKw9H0LobsX13W6MWSvGu8V4bdjOY/fGsIhxR/desZ3FuNvcyDPs1sbH1fJ4vRWPz7Z2+qO42anVR7HV3szHt3rxhP1ha5wnf8Pd2na+3Whu5LHdz/LY2o917e3Hv237/UHM0yjyfZinD4PBOMbx5l4zzmfrXh7rvUExHvNmjebeKA6LWJwu1LNOI69jY5Irfby92e7t7KXD5na/nfXSlUr1hUr1Zrm6nTWag+aNcq3buHkjXWx1RoeVB81ad7WVZa1Os1LPukvpYqteL1er6eKt5ka71kur1cr1yrXyylKxdjV99c67aaeRLo7iy+3ezul2p59uZttpfMdSuly5/uJSeqWavr22nq6/dfv22vo77996785La6+/Uhz0QFnp4vK15eVy9Vp5ubp0DOY/+r/7kPMfTDL/T4qiH2H+yWSXB/6bDxjAI3ug/w/6f+DwnfT+P0yz/x+1VPr//+9/S5P3/xP1v8e1/z/B84eJ6P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5YP8x/+Vq+shC3zxfjF4uhZ4rtJIRQCiH8/g/mwukDOeeKPPP/cvz832r4Ngl5htE5zhTLuRDCarH89vRhXwUAAAB4fH310eXPYrceXxZmXRBHKd60KV34YEr5khDC/MKPU8pWGr08O6Vk+ef7VNibUrb8BtZTU0oWb7mdmla2hzI3Dh9fvD+YTyiJoXSk5QAAAEdi7kA42i4EAACAo/TprAtgNpIwfpQ5fhacf/P+/qPNswf2AQAAACdQMusCAAAAgEOX9/9+/w8AAAAeb/H3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4g537uU0ciOIA/GwwsP+0aLX3bWVvUEZKyDHHQAFpghJIC2mAGsgtJUQQYY+QHIEUiXGsoO+TPM7Y0W9mgMsbSwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NJztZ4/3v97uDRnt79MntUAAAAAp2yr9bz+Y9r0f6Trv9KlP6lfREQZEadq90GMWpmDlFOd+f/q3RyeIuqEwxjjdHyPiP/peP3d9acAAAAA12uzXM2aar1ppn1PiM/UbNqUP28y5RURUU1fMqWVh+ZvprD69z2Mu0xp9QbWJFNYs+U2PH1vlGuQtkHrlFYyWdRfYt0ruxkXAADoU7sSOFOFAAAAcAVu+54A/SiOzfE547g5pQeC31o9AAAA4Asq+p4AAAAA0Lm6/vf+PwAAALhuzfv/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NK2Ws83y9Xs3P3FB3N2+8vkWxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBv7844CIRAGYbB3fWcy9z+sNGhobFIFwsffGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzPSwqEQBBEwZzxv5O+/2ElQc8gQgQ0PKqoRQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzcP28cRRQA8Hd7t5c/gDAGuTCgIFFAQ+xLSEgJBcii4CMgWc45GC4EEhckskBuoEKu0yAoEUICmS7fIXUspQldChdGogbt3u5lkxhyiszuEv9+0uy8Pa9m3uydLD/P2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAafedeCkp4m52mBnH5Wu39jZWsn7ngT5zY+v2fNayuPOoib55++CTb7eXqycn5ionX9WfDAAAAIdDt6zvI+JOur2U9clMXv+n5TVZzf/9M+O4rOcfrPt39jaOFl+aL+v/3369+8JkopnxPNmgq2uj4eLDqfT+oyW23rOPvKKX3/n8dy/d/A1J3t98fjfN72fn25s33+3n4ZE6sgUAHsfJsi+C8uehrB80mRgAh0avUniX9X93ptmcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqwuxlPlXEnIuZ79+LMzt7Gyn79ja3b82U7e/36VnXMbIg0IlbXRsO0xrW03ZWr1z5ZHo2Gl+sPTkREc7MXwYdTXBPx79cUH89obhX/HHTakUajQVK8P23J5yCD8rN38CM39A0JAIAnVlq0rK6/k24vZa91ZiP++uH++v+1ShxT1v93Pzp7qzpXtf4f1LbC9ltYv/jZwpWr195Yu7h8YXhh+OmbpwZvDU6fO3Pm3EJ2rxYXViMZLjadJgAAAP9j/aJV6/9k9uH9/+OVOKas/z//bvBlda6u+n9f9zb9ms4EAADgMOpPoude+fOPzj5XdPr9+GJ5ff3yYHycnJ8aH2tN9zEdKVq1/u/ONp0VAAAAUIfdzc59+//nK3FMuf//9I8v/lwdsxsRxyIuRcTw5Mql0fn6ltNqdfyhcj5Rv+mVAgAA0JRjRavu/6f58//J5JGHJCJef3Ucl//rapr6v/ve1z9V56o+/3+6viW2UjI3vh95PxfRm2s6IwAAAJ5kR4uWFfu/p9tLH/9y/IO+5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6vZ3AAAA//+pzDYD")
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
lsetxattr$system_posix_acl(&(0x7f0000003340)='./file0\x00', &(0x7f0000003380)='system.posix_acl_access\x00', &(0x7f00000002c0)={{}, {0x1, 0x2}, [], {}, [], {0x10, 0x1}}, 0x24, 0x0)
lchown(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)

471.287642ms ago: executing program 1 (id=879):
syz_mount_image$reiserfs(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0x8488, &(0x7f0000000780), 0xfe, 0x10fd, &(0x7f0000001140)="$eJzs2T9rFEEYBvBnds8/3cqmXwQtLCQknF8ghcK1ttqIpDJVrlL8OH4cTWUf0msRsF9Zb/dO5UTwTm1+PzjmvYd9Z2fKmQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMZsmnkhxUSTtlVZKSdN3F4ipJN+V33tdVSp6eLpaPz+dPlknqb4+XZ0kZuoa2tMf3brfzdt4et48OTu5/WL5+8+rF2dnp+ThNSZfL6/1vpYzrAQAAAH7U76z5z+8HAAAAfmdvFwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf6hvNnU7FVWSknTdxeIqSbel78Y/Wh8AAACwu5Iqz5tt+eoaYONhPjZlnQ/jlzLUR3m3pR8AAAD4pf7WWHz/fb3c3JzHH2S2PpcP2d3Mcni4+j8O+XyS1EmOfpr88vrty+lX+vpv7wUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK/swLEAAAAAgDB/6zQ6NgAAAAAAAAAAAAAAAAAAAPYKAAD///F61s8=")
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000000)='.\x00', 0x18424bc, &(0x7f00000001c0)=ANY=[@ANYRES16, @ANYRESDEC, @ANYRES32=r0, @ANYRESOCT=r0, @ANYRESOCT, @ANYRES16=r0, @ANYRESDEC=r0, @ANYRES16], 0x0, 0x0, &(0x7f0000000000))
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200)

258.656385ms ago: executing program 2 (id=880):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r0, &(0x7f00000007c0)={0x1f, 0x0, @any, 0x4}, 0xe)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000100)={0x36, 0x8001, 0xc445, 0x3, 0xfa, 0x4}, 0xc)
listen(r0, 0x80000000)

0s ago: executing program 2 (id=881):
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
setsockopt$inet_mreqsrc(r0, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)

kernel console output (not intermixed with test programs):

 active
[   83.910307][ T5766] team0: Port device team_slave_1 added
[   83.970412][ T5767] team0: Port device team_slave_0 added
[   83.979240][ T5767] team0: Port device team_slave_1 added
[   84.009980][ T5769] hsr_slave_0: entered promiscuous mode
[   84.016232][ T5769] hsr_slave_1: entered promiscuous mode
[   84.024015][ T5766] batman_adv: batadv0: Adding interface: batadv_slave_0
[   84.033792][ T5766] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.060302][ T5766] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   84.082444][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_0
[   84.091066][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.121800][ T5767] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   84.134254][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_1
[   84.141457][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.167518][ T5767] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   84.181676][ T5766] batman_adv: batadv0: Adding interface: batadv_slave_1
[   84.188876][ T5766] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.214877][ T5766] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   84.279778][ T5768] hsr_slave_0: entered promiscuous mode
[   84.286018][ T5768] hsr_slave_1: entered promiscuous mode
[   84.293072][ T5768] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   84.300954][ T5768] Cannot create hsr debugfs directory
[   84.408774][ T5767] hsr_slave_0: entered promiscuous mode
[   84.415157][ T5767] hsr_slave_1: entered promiscuous mode
[   84.421538][ T5767] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   84.429176][ T5767] Cannot create hsr debugfs directory
[   84.444402][ T5766] hsr_slave_0: entered promiscuous mode
[   84.450773][ T5766] hsr_slave_1: entered promiscuous mode
[   84.456807][ T5766] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   84.465005][ T5766] Cannot create hsr debugfs directory
[   84.500570][ T5773] Bluetooth: hci2: command tx timeout
[   84.500582][ T5779] Bluetooth: hci1: command tx timeout
[   84.512131][ T5082] Bluetooth: hci0: command tx timeout
[   84.577792][ T5082] Bluetooth: hci3: command tx timeout
[   84.747990][ T5768] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   84.768842][ T5768] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   84.779013][ T5768] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   84.800640][ T5768] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   84.876884][ T5769] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   84.897413][ T5769] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   84.907040][ T5769] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   84.925289][ T5769] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   85.003425][ T5766] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   85.013349][ T5766] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   85.023036][ T5766] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   85.033572][ T5766] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   85.113504][ T5767] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   85.124969][ T5767] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   85.134492][ T5767] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   85.146227][ T5767] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   85.178987][ T5768] 8021q: adding VLAN 0 to HW filter on device bond0
[   85.262140][ T5768] 8021q: adding VLAN 0 to HW filter on device team0
[   85.310135][ T5769] 8021q: adding VLAN 0 to HW filter on device bond0
[   85.336533][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.343928][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[   85.356136][ T4739] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.363256][ T4739] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.426381][ T5769] 8021q: adding VLAN 0 to HW filter on device team0
[   85.444424][ T5766] 8021q: adding VLAN 0 to HW filter on device bond0
[   85.461853][ T4739] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.468993][ T4739] bridge0: port 1(bridge_slave_0) entered forwarding state
[   85.481130][ T5767] 8021q: adding VLAN 0 to HW filter on device bond0
[   85.505383][ T4739] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.512539][ T4739] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.550734][ T5767] 8021q: adding VLAN 0 to HW filter on device team0
[   85.594215][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.601399][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[   85.635026][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.642176][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.664366][ T5766] 8021q: adding VLAN 0 to HW filter on device team0
[   85.682509][ T5769] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   85.693487][ T5769] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   85.746313][ T1132] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.753488][ T1132] bridge0: port 1(bridge_slave_0) entered forwarding state
[   85.795422][ T1132] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.802702][ T1132] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.946987][ T5766] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   86.059235][ T5768] 8021q: adding VLAN 0 to HW filter on device batadv0
[   86.192001][ T5768] veth0_vlan: entered promiscuous mode
[   86.226616][ T5769] 8021q: adding VLAN 0 to HW filter on device batadv0
[   86.303986][ T5768] veth1_vlan: entered promiscuous mode
[   86.391766][ T5766] 8021q: adding VLAN 0 to HW filter on device batadv0
[   86.401586][ T5767] 8021q: adding VLAN 0 to HW filter on device batadv0
[   86.416338][ T5769] veth0_vlan: entered promiscuous mode
[   86.426711][ T5768] veth0_macvtap: entered promiscuous mode
[   86.449994][ T5768] veth1_macvtap: entered promiscuous mode
[   86.457153][ T5769] veth1_vlan: entered promiscuous mode
[   86.503919][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_0
[   86.540782][ T5767] veth0_vlan: entered promiscuous mode
[   86.551125][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_1
[   86.578232][ T5082] Bluetooth: hci0: command tx timeout
[   86.583913][ T5768] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.587839][ T5773] Bluetooth: hci2: command tx timeout
[   86.594680][ T5779] Bluetooth: hci1: command tx timeout
[   86.606492][ T5768] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.615252][ T5768] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.626393][ T5768] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.639055][ T5769] veth0_macvtap: entered promiscuous mode
[   86.653318][ T5767] veth1_vlan: entered promiscuous mode
[   86.668075][ T5779] Bluetooth: hci3: command tx timeout
[   86.677044][ T5769] veth1_macvtap: entered promiscuous mode
[   86.734892][ T5766] veth0_vlan: entered promiscuous mode
[   86.754328][ T5766] veth1_vlan: entered promiscuous mode
[   86.791422][ T5766] veth0_macvtap: entered promiscuous mode
[   86.801623][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.812781][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.824927][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_0
[   86.854883][ T5766] veth1_macvtap: entered promiscuous mode
[   86.865343][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.876369][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.890389][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_1
[   86.917050][ T2956] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.926058][ T2956] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.937201][ T5769] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.955905][ T5769] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.965340][ T5769] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.974238][ T5769] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   87.002981][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   87.016599][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.029047][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   87.039662][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.050830][ T5766] batman_adv: batadv0: Interface activated: batadv_slave_0
[   87.062209][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   87.072877][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.082965][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   87.093513][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.105650][ T5766] batman_adv: batadv0: Interface activated: batadv_slave_1
[   87.127354][ T5767] veth0_macvtap: entered promiscuous mode
[   87.165961][ T5766] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   87.176492][ T5766] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   87.185875][ T5766] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   87.196488][ T5766] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   87.227013][ T5767] veth1_macvtap: entered promiscuous mode
[   87.229661][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.247994][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.294097][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.306688][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   87.325228][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.328373][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.345658][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   87.356345][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.366568][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   87.377399][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.394643][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_0
[   87.443325][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   87.460159][ T2956] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.463382][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.469491][ T2956] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.478251][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   87.500760][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.511940][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   87.546275][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.550398][ T5858] syz.2.3[5858]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   87.574103][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_1
[   87.577076][ T5858] loop2: detected capacity change from 0 to 512
[   87.620965][ T5767] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   87.636521][ T5858] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[   87.645526][ T5858] UDF-fs: Scanning with blocksize 512 failed
[   87.657358][ T5858] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[   87.658352][ T5767] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   87.666985][ T5858] UDF-fs: Scanning with blocksize 1024 failed
[   87.674542][ T5767] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   87.689401][ T5767] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   87.690507][ T5858] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[   87.720822][ T5858] UDF-fs: Scanning with blocksize 2048 failed
[   87.730234][ T5858] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[   87.777413][ T5858] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   87.807449][ T2956] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.830739][ T2956] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.950914][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.967918][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.011966][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.046371][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.193944][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.221446][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.256364][ T5867] capability: warning: `syz.3.6' uses 32-bit capabilities (legacy support in use)
[   88.474627][ T5870] loop3: detected capacity change from 0 to 1764
[   88.476221][ T5873] loop0: detected capacity change from 0 to 164
[   88.496442][ T5870] =======================================================
[   88.496442][ T5870] WARNING: The mand mount option has been deprecated and
[   88.496442][ T5870]          and is ignored by this kernel. Remove the mand
[   88.496442][ T5870]          option from the mount to silence this warning.
[   88.496442][ T5870] =======================================================
[   88.658296][ T5779] Bluetooth: hci2: command tx timeout
[   88.663815][ T5082] Bluetooth: hci1: command tx timeout
[   88.666463][ T5773] Bluetooth: hci0: command tx timeout
[   88.738244][ T5773] Bluetooth: hci3: command tx timeout
[   88.922335][ T5881] loop0: detected capacity change from 0 to 256
[   88.970960][ T5881] exfat: Deprecated parameter 'utf8'
[   88.976342][ T5881] exfat: Deprecated parameter 'namecase'
[   89.007227][ T5881] exfat: Deprecated parameter 'namecase'
[   89.054971][ T5881] exfat: Deprecated parameter 'utf8'
[   89.157075][ T5881] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012153, chksum : 0x6a70c931, utbl_chksum : 0xe619d30d)
[   89.708503][ T5836] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   89.759811][ T5885] loop1: detected capacity change from 0 to 40427
[   89.791205][ T5885] F2FS-fs (loop1): build fault injection attr: rate: 690, type: 0x7ffff
[   89.817247][ T5885] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x35f7
[   89.846509][ T5885] F2FS-fs (loop1): Image doesn't support compression
[   89.863639][ T5885] F2FS-fs (loop1): invalid crc value
[   89.882479][ T5885] F2FS-fs (loop1): Found nat_bits in checkpoint
[   89.933524][ T5836] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   89.961470][ T5836] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[   89.978020][ T5885] F2FS-fs (loop1): Start checkpoint disabled!
[   89.985044][ T5836] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   89.993345][ T5879] loop3: detected capacity change from 0 to 65536
[   90.003835][ T5836] usb 3-1: config 0 descriptor??
[   90.028879][   T23] kernel read not supported for file /dsp (pid: 23 comm: kworker/1:0)
[   90.043383][ T5885] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[   90.072382][ T5836] pwc: Askey VC010 type 2 USB webcam detected.
[   90.170120][ T5879] XFS (loop3): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[   90.331554][ T5905] loop0: detected capacity change from 0 to 128
[   90.413432][ T5879] XFS (loop3): Ending clean mount
[   90.465957][ T5836] pwc: recv_control_msg error -32 req 02 val 2b00
[   90.529091][ T5879] XFS (loop3): syz.3.11 should use fallocate; XFS_IOC_{ALLOC,FREE}SP ioctl unsupported
[   90.611408][ T5769] XFS (loop3): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[   90.683229][ T5905] syz.0.19: attempt to access beyond end of device
[   90.683229][ T5905] loop0: rw=2049, sector=169, nr_sectors = 872 limit=128
[   90.687179][   T11] kworker/u4:0: attempt to access beyond end of device
[   90.687179][   T11] loop1: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[   90.705984][ T5836] pwc: recv_control_msg error -71 req 02 val 2c00
[   90.740368][ T5836] pwc: recv_control_msg error -71 req 04 val 1000
[   90.741007][ T5773] Bluetooth: hci2: command tx timeout
[   90.750682][   T11] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[   90.752550][ T5779] Bluetooth: hci1: command tx timeout
[   90.760862][ T5082] Bluetooth: hci0: command tx timeout
[   90.784079][   T11] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[   90.809968][ T5836] pwc: recv_control_msg error -71 req 04 val 1300
[   90.817985][ T5773] Bluetooth: hci3: command tx timeout
[   90.861863][   T11] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[   90.866095][ T5836] pwc: recv_control_msg error -71 req 04 val 1400
[   90.876679][ T5836] pwc: recv_control_msg error -71 req 02 val 2000
[   90.907863][ T5836] pwc: recv_control_msg error -71 req 02 val 2100
[   90.936081][ T5836] pwc: recv_control_msg error -71 req 04 val 1500
[   90.977535][ T5836] pwc: recv_control_msg error -71 req 02 val 2500
[   90.993093][ T5836] pwc: recv_control_msg error -71 req 02 val 2400
[   91.020426][ T5836] pwc: recv_control_msg error -71 req 02 val 2600
[   91.037542][ T5836] pwc: recv_control_msg error -71 req 02 val 2900
[   91.048996][ T5836] pwc: recv_control_msg error -71 req 02 val 2800
[   91.073250][ T5836] pwc: recv_control_msg error -71 req 04 val 1100
[   91.091538][ T5836] pwc: recv_control_msg error -71 req 04 val 1200
[   91.144306][ T5836] pwc: Registered as video103.
[   91.167387][ T5836] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input7
[   91.263942][ T5836] usb 3-1: USB disconnect, device number 2
[   91.585125][  T789] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   91.638980][  T789] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   91.728362][ T5921] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   91.756484][ T5919] warning: `syz.2.24' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   92.065383][ T5929] netlink: 8 bytes leftover after parsing attributes in process `syz.1.28'.
[   92.159090][ T5932] loop2: detected capacity change from 0 to 2048
[   92.268293][ T5935] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   92.458508][ T5935] NILFS (loop2): vblocknr = 15 has abnormal lifetime: start cno (= 1407374883553282) > current cno (= 3)
[   92.458616][ T5935] NILFS error (device loop2): nilfs_bmap_propagate: broken bmap (inode number=16)
[   92.478879][ T5935] Remounting filesystem read-only
[   92.485150][ T5940] NILFS (loop2): error -2 truncating bmap (ino=16)
[   92.578116][ T5932] syz.2.29 (5932) used greatest stack depth: 19856 bytes left
[   92.614437][ T5768] NILFS (loop2): disposed unprocessed dirty file(s) when stopping log writer
[   92.638908][ T5768] NILFS (loop2): discard dirty page: offset=4096, ino=6
[   92.656181][ T5768] NILFS (loop2): discard dirty block: blocknr=39, size=1024
[   92.672580][ T5768] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[   92.688472][ T5836] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   92.701449][ T5768] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[   92.720729][ T5768] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[   92.732593][ T5768] NILFS (loop2): discard dirty page: offset=0, ino=5
[   92.741470][ T5768] NILFS (loop2): discard dirty block: blocknr=41, size=1024
[   92.749090][ T5768] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[   92.755398][ T5946] loop0: detected capacity change from 0 to 512
[   92.758417][ T5768] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[   92.789171][ T5768] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[   92.809398][ T5768] NILFS (loop2): discard dirty page: offset=0, ino=3
[   92.810262][ T5946] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.36: invalid indirect mapped block 256 (level 2)
[   92.826405][ T5768] NILFS (loop2): discard dirty block: blocknr=42, size=1024
[   92.840111][ T5768] NILFS (loop2): discard dirty block: blocknr=43, size=1024
[   92.847559][ T5768] NILFS (loop2): discard dirty block: blocknr=44, size=1024
[   92.855354][ T5768] NILFS (loop2): discard dirty block: blocknr=0, size=1024
[   92.863020][ T5768] NILFS (loop2): discard dirty page: offset=4096, ino=3
[   92.870059][ T5768] NILFS (loop2): discard dirty block: blocknr=0, size=1024
[   92.885176][ T5768] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[   92.895702][ T5836] usb 2-1: Using ep0 maxpacket: 16
[   92.901481][ T5768] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[   92.911124][ T5768] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[   92.926931][ T5836] usb 2-1: config 0 has an invalid interface number: 214 but max is 0
[   92.935297][ T5946] EXT4-fs (loop0): 2 truncates cleaned up
[   92.955546][ T5836] usb 2-1: config 0 has no interface number 0
[   92.970286][ T5946] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   92.986618][ T5836] usb 2-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64
[   93.025912][ T5836] usb 2-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[   93.041213][ T5836] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   93.070073][ T5836] usb 2-1: Product: syz
[   93.077976][ T5836] usb 2-1: Manufacturer: syz
[   93.092882][ T5836] usb 2-1: SerialNumber: syz
[   93.104042][ T5836] usb 2-1: config 0 descriptor??
[   93.250086][ T5958] EXT4-fs error (device loop0): ext4_validate_block_bitmap:430: comm syz.0.36: bg 0: block 5: invalid block bitmap
[   93.253943][ T5957] loop2: detected capacity change from 0 to 512
[   93.267870][ T5948] EXT4-fs error (device loop0): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[   93.321079][ T2956] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   93.324532][ T5957] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   93.346475][ T5957] ext4 filesystem being mounted at /9/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   93.386553][ T2956] EXT4-fs (loop0): This should not happen!! Data will be lost
[   93.386553][ T2956] 
[   93.396757][    T8] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   93.411764][ T2956] EXT4-fs (loop0): Total free blocks count 0
[   93.419366][ T2956] EXT4-fs (loop0): Free/Dirty block details
[   93.425422][ T2956] EXT4-fs (loop0): free_blocks=0
[   93.435871][ T5957] EXT4-fs error (device loop2): ext4_get_first_dir_block:3592: inode #12: block 32: comm syz.2.39: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   93.436966][ T2956] EXT4-fs (loop0): dirty_blocks=549
[   93.464636][ T2956] EXT4-fs (loop0): Block reservation details
[   93.470730][ T2956] EXT4-fs (loop0): i_reserved_data_blocks=549
[   93.471096][ T5957] EXT4-fs (loop2): Remounting filesystem read-only
[   93.536028][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.563798][   T49] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 36 with max blocks 548 with error 28
[   93.586215][    T8] usb 4-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[   93.609937][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   93.620608][    T8] usb 4-1: Product: syz
[   93.624818][    T8] usb 4-1: Manufacturer: syz
[   93.637878][    T8] usb 4-1: SerialNumber: syz
[   93.784039][ T5836] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.214/input/input8
[   94.067183][ T5770] usb 2-1: USB disconnect, device number 2
[   94.357972][    T8] rtl8150 4-1:1.0: eth1: rtl8150 is detected
[   94.623737][ T5770] usb 4-1: USB disconnect, device number 2
[   94.968838][    T8] usb 3-1: new low-speed USB device number 3 using dummy_hcd
[   95.073066][    T9] cfg80211: failed to load regulatory.db
[   95.113745][ T6001] loop1: detected capacity change from 0 to 128
[   95.126738][ T6001] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   95.152741][ T6001] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   95.202016][    T8] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[   95.227726][    T8] usb 3-1: config 0 has no interface number 0
[   95.247452][    T8] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[   95.287726][    T8] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[   95.322493][    T8] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[   95.348737][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.369581][    T8] usb 3-1: config 0 descriptor??
[   95.375372][ T5988] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   95.442724][    T8] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[   95.469502][ T6009] netlink: 'syz.1.57': attribute type 29 has an invalid length.
[   95.505895][ T6009] netlink: 'syz.1.57': attribute type 29 has an invalid length.
[   95.526758][ T6012] loop0: detected capacity change from 0 to 764
[   95.537913][ T6010] netlink: 'syz.3.56': attribute type 7 has an invalid length.
[   95.551332][ T6009] netlink: 'syz.1.57': attribute type 29 has an invalid length.
[   95.574144][ T6009] netlink: 'syz.1.57': attribute type 29 has an invalid length.
[   95.778180][ T5770] usb 3-1: USB disconnect, device number 3
[   95.833627][ T6016] bond0: entered promiscuous mode
[   95.858195][ T6016] bond_slave_0: entered promiscuous mode
[   95.877626][ T6016] bond_slave_1: entered promiscuous mode
[   95.913592][ T6019] loop1: detected capacity change from 0 to 256
[   95.923755][ T6016] batadv0: entered promiscuous mode
[   95.954192][ T6016] 8021q: adding VLAN 0 to HW filter on device hsr1
[   96.044855][ T6019] FAT-fs (loop1): Directory bread(block 64) failed
[   96.066410][ T6019] FAT-fs (loop1): Directory bread(block 65) failed
[   96.103412][ T6019] FAT-fs (loop1): Directory bread(block 66) failed
[   96.131988][ T6019] FAT-fs (loop1): Directory bread(block 67) failed
[   96.142192][ T6019] FAT-fs (loop1): Directory bread(block 68) failed
[   96.162508][ T6019] FAT-fs (loop1): Directory bread(block 69) failed
[   96.183593][ T6019] FAT-fs (loop1): Directory bread(block 70) failed
[   96.204427][ T6019] FAT-fs (loop1): Directory bread(block 71) failed
[   96.228144][ T6019] FAT-fs (loop1): Directory bread(block 72) failed
[   96.239117][ T6019] FAT-fs (loop1): Directory bread(block 73) failed
[   96.898389][ T6040] loop1: detected capacity change from 0 to 2048
[   96.975457][ T6040] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   97.597659][    C1] sched: RT throttling activated
[   97.672002][ T6037] loop2: detected capacity change from 0 to 131072
[   97.681333][ T6037] F2FS-fs (loop2): Invalid log sectorsize (67108873)
[   97.688160][ T6037] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   97.704114][ T6037] F2FS-fs (loop2): invalid crc value
[   97.745070][ T6037] F2FS-fs (loop2): Found nat_bits in checkpoint
[   97.793365][ T6037] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   97.800537][ T6037] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[   97.900462][ T6037] F2FS-fs (loop2): sanity_check_inode: inode (ino=4, mode=1773) should not have inline_dentry, run fsck to fix
[   98.548625][ T6077] netlink: 16 bytes leftover after parsing attributes in process `syz.1.79'.
[   99.613874][ T6106] netlink: 44 bytes leftover after parsing attributes in process `syz.1.93'.
[   99.844013][ T6110] loop2: detected capacity change from 0 to 2048
[   99.882883][ T6110] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[   99.941935][ T6114] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  100.344323][ T6125] loop1: detected capacity change from 0 to 128
[  100.380940][ T6125] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  100.456871][ T6125] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  100.504409][ T6092] loop0: detected capacity change from 0 to 32768
[  100.717297][ T6092] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  100.859730][ T6136] loop1: detected capacity change from 0 to 512
[  100.883850][ T6136] EXT4-fs: Ignoring removed oldalloc option
[  100.936403][ T6136] EXT4-fs (loop1): 1 truncate cleaned up
[  100.959154][ T6136] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.006049][ T6092] OCFS2: ERROR (device loop0): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 73 has invalid next free chain record 12, but only 1 total
[  101.096967][ T6092] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  101.168369][ T6092] OCFS2: File system is now read-only.
[  101.173895][ T6092] (syz.0.85,6092,1):ocfs2_claim_suballoc_bits:1993 ERROR: status = -30
[  101.208537][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.227853][ T6092] (syz.0.85,6092,1):ocfs2_claim_metadata:2018 ERROR: status = -30
[  101.268403][ T6092] (syz.0.85,6092,1):ocfs2_claim_metadata:2031 ERROR: status = -30
[  101.328105][ T6092] (syz.0.85,6092,1):ocfs2_dx_dir_attach_index:2330 ERROR: status = -30
[  101.365771][ T6092] (syz.0.85,6092,1):ocfs2_expand_inline_dir:3023 ERROR: status = -30
[  101.373933][ T6143] loop3: detected capacity change from 0 to 8192
[  101.403579][ T6143] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  101.420044][ T6092] (syz.0.85,6092,1):ocfs2_extend_dir:3205 ERROR: status = -30
[  101.431268][ T6092] (syz.0.85,6092,1):ocfs2_prepare_dir_for_insert:4326 ERROR: status = -30
[  101.441466][ T6092] (syz.0.85,6092,1):ocfs2_mknod:298 ERROR: status = -30
[  101.448893][ T6092] (syz.0.85,6092,1):ocfs2_mknod:502 ERROR: status = -30
[  101.470039][ T6143] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  101.479921][ T6143] REISERFS (device loop3): using ordered data mode
[  101.486455][ T6143] reiserfs: using flush barriers
[  101.489981][ T6152] loop2: detected capacity change from 0 to 16
[  101.499205][ T6143] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  101.518366][ T6092] (syz.0.85,6092,1):ocfs2_create:676 ERROR: status = -30
[  101.529382][ T6153] autofs4:pid:6153:autofs_fill_super: pipe file descriptor does not contain proper ops
[  101.550733][ T6092] syz.0.85 (6092) used greatest stack depth: 17712 bytes left
[  101.563053][ T6143] REISERFS (device loop3): checking transaction log (loop3)
[  101.568532][ T6152] erofs: (device loop2): mounted with root inode @ nid 36.
[  101.599591][ T6143] REISERFS (device loop3): Using r5 hash to sort names
[  101.615464][ T6143] REISERFS (device loop3): using 3.5.x disk format
[  101.624673][ T6143] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  101.693648][ T5766] ocfs2: Unmounting device (7,0) on (node local)
[  101.941020][ T6158] sctp: [Deprecated]: syz.2.112 (pid 6158) Use of int in max_burst socket option deprecated.
[  101.941020][ T6158] Use struct sctp_assoc_value instead
[  102.258236][ T5773] Bluetooth: hci0: command tx timeout
[  102.740666][    T8] usb 2-1: new full-speed USB device number 3 using dummy_hcd
[  102.941181][    T8] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  102.957314][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  102.974350][    T8] usb 2-1: config 0 descriptor??
[  103.163348][ T6189] loop0: detected capacity change from 0 to 2048
[  103.210454][ T6189] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  103.438696][    T8] [drm] Initialized udl 0.0.1 20120220 for 2-1:0.0 on minor 2
[  103.450709][    T8] [drm] Initialized udl on minor 2
[  103.814572][    T8] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9
[  103.824643][ T6192] loop3: detected capacity change from 0 to 32768
[  103.834299][    T8] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  103.853150][ T5834] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  103.873921][    T8] usb 2-1: USB disconnect, device number 3
[  103.882344][ T5834] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  103.886310][ T6192] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  104.056747][ T6192] XFS (loop3): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  104.136342][ T6192] XFS (loop3): Starting recovery (logdev: internal)
[  104.264848][ T6192] XFS (loop3): Ending recovery (logdev: internal)
[  104.330053][ T6192] XFS (loop3): Quotacheck needed: Please wait.
[  104.352187][ T5773] Bluetooth: hci0: command tx timeout
[  104.443157][ T6192] XFS (loop3): Quotacheck: Done.
[  104.598803][ T5769] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  104.925125][ T6222] loop2: detected capacity change from 0 to 512
[  104.949115][ T6222] EXT4-fs: Ignoring removed mblk_io_submit option
[  105.009290][ T6222] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.137: invalid indirect mapped block 10 (level 1)
[  105.094875][ T6222] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.137: invalid indirect mapped block 8 (level 1)
[  105.158551][ T6222] EXT4-fs (loop2): 1 truncate cleaned up
[  105.180493][ T6222] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.218183][ T6220] loop1: detected capacity change from 0 to 32768
[  105.363512][ T6220] ERROR: (device loop1): dtSearch: DT_GETPAGE: dtree page corrupt
[  105.363512][ T6220] 
[  105.384119][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.409303][ T6220] ERROR: (device loop1): remounting filesystem as read-only
[  105.429076][ T6220] jfs_lookup: dtSearch returned -5
[  105.459060][ T6220] ERROR: (device loop1): dtReadFirst: DT_GETPAGE: dtree page corrupt
[  105.459060][ T6220] 
[  106.192246][ T6248] netlink: 12 bytes leftover after parsing attributes in process `syz.1.147'.
[  106.212710][ T6248] netlink: 8 bytes leftover after parsing attributes in process `syz.1.147'.
[  106.619090][ T6267] process 'syz.2.156' launched '/dev/fd/3' with NULL argv: empty string added
[  106.622492][ T6266] loop3: detected capacity change from 0 to 2048
[  106.691276][ T6269] loop0: detected capacity change from 0 to 2048
[  106.691546][ T6266] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  106.752295][ T6273] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  107.060892][ T6279] binder: 6278:6279 ioctl c018620c 200000000000 returned -1
[  107.423610][ T6295] loop2: detected capacity change from 0 to 256
[  107.452451][ T6295] exfat: Deprecated parameter 'utf8'
[  107.468426][ T6295] exfat: Deprecated parameter 'utf8'
[  107.509261][ T6299] netlink: 28 bytes leftover after parsing attributes in process `syz.0.171'.
[  107.522190][ T6295] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  107.714626][ T6306] loop1: detected capacity change from 0 to 512
[  107.755478][ T6306] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  107.833782][ T6310] loop3: detected capacity change from 0 to 64
[  107.844493][ T6306] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  107.876907][ T6306] EXT4-fs (loop1): orphan cleanup on readonly fs
[  107.960499][ T6314] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  107.963606][ T6306] EXT4-fs error (device loop1): ext4_do_update_inode:5248: inode #16: comm syz.1.174: corrupted inode contents
[  107.968081][ T6314] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  107.986545][ T6314] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  107.995648][ T6314] comedi comedi3: 8255: I/O port conflict (0x5c952399,4)
[  108.003725][ T6314] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  108.010516][ T6314] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  108.047757][ T6306] EXT4-fs (loop1): Remounting filesystem read-only
[  108.060983][ T6306] EXT4-fs (loop1): 1 truncate cleaned up
[  108.077141][  T136] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  108.133986][  T136] Quota error (device loop1): write_blk: dquota write failed
[  108.142013][  T136] Quota error (device loop1): remove_free_dqentry: Can't write block (5) with free entries
[  108.169554][  T136] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  108.210565][  T136] Quota error (device loop1): write_blk: dquota write failed
[  108.231089][  T136] Quota error (device loop1): free_dqentry: Can't move quota data block (5) to free list
[  108.269760][  T136] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  108.310907][  T136] Quota error (device loop1): v2_write_file_info: Can't write info structure
[  108.347293][  T136] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  108.369500][ T6306] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  108.578363][ T6331] loop0: detected capacity change from 0 to 128
[  108.594921][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.633351][ T6331] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  108.666142][ T6331] ext4 filesystem being mounted at /45/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  108.768268][ T6340] program syz.1.188 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  108.854955][ T5766] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  109.357892][    T8] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  109.576818][    T8] usb 1-1: unable to get BOS descriptor or descriptor too short
[  109.589141][    T8] usb 1-1: config 6 has an invalid interface number: 200 but max is 0
[  109.597346][    T8] usb 1-1: config 6 has no interface number 0
[  109.627865][    T8] usb 1-1: config 6 interface 200 has no altsetting 0
[  109.645618][    T8] usb 1-1: New USB device found, idVendor=05d8, idProduct=810c, bcdDevice=18.5f
[  109.668988][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  109.677034][    T8] usb 1-1: Product: syz
[  109.691756][    T8] usb 1-1: Manufacturer: syz
[  109.696383][    T8] usb 1-1: SerialNumber: syz
[  109.866537][ T6373] loop3: detected capacity change from 0 to 2048
[  109.868172][ T6374] capability: warning: `syz.2.202' uses deprecated v2 capabilities in a way that may be insecure
[  109.895207][ T6373] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  110.136716][    T8] dvb-usb: found a 'Artec T14 - USB2.0 DVB-T' in warm state.
[  110.351163][    T8] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  110.385701][    T8] dvbdev: DVB: registering new adapter (Artec T14 - USB2.0 DVB-T)
[  110.413042][    T8] usb 1-1: media controller created
[  110.469585][    T8] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  110.510998][    T8] dvb-usb: bulk message failed: -71 (6/0)
[  110.528736][    T8] dvb-usb: bulk message failed: -71 (6/0)
[  110.534624][    T8] dvb-usb: no frontend was attached by 'Artec T14 - USB2.0 DVB-T'
[  110.558254][    T8] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input9
[  110.598850][    T8] dvb-usb: schedule remote query interval to 150 msecs.
[  110.605863][    T8] dvb-usb: Artec T14 - USB2.0 DVB-T successfully initialized and connected.
[  110.671769][    T8] usb 1-1: USB disconnect, device number 2
[  110.700644][ T6392] netlink: 'syz.3.211': attribute type 2 has an invalid length.
[  110.734707][ T6392] netlink: 12 bytes leftover after parsing attributes in process `syz.3.211'.
[  110.778177][ T6392] Zero length message leads to an empty skb
[  110.874176][    T8] dvb-usb: Artec T14 - USB2.0 DVB-T successfully deinitialized and disconnected.
[  110.918109][ T6395] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  110.972711][ T6395] netlink: 8 bytes leftover after parsing attributes in process `syz.2.213'.
[  111.639101][ T6416] loop0: detected capacity change from 0 to 128
[  111.692050][ T6416] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  111.788381][ T6416] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  112.323045][ T6423] loop0: detected capacity change from 0 to 128
[  112.451996][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  112.516916][ T6426] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  112.564793][ T6423] FAT-fs (loop0): Filesystem has been set read-only
[  112.603372][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  112.661044][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  112.717830][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  112.741530][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  112.776091][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  112.817036][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  112.853037][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  112.885816][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  112.945714][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  112.993742][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.027989][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.053010][ T6415] loop2: detected capacity change from 0 to 32768
[  113.067829][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.096739][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.177572][ T6415] XFS (loop2): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  113.197249][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.272081][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.333672][ T6408] loop3: detected capacity change from 0 to 262144
[  113.337856][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.344363][ T6408] F2FS-fs (loop3): invalid crc value
[  113.359541][ T6415] XFS (loop2): Ending clean mount
[  113.373679][ T6408] F2FS-fs (loop3): Found nat_bits in checkpoint
[  113.407148][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.423560][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.436554][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.445898][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.454659][ T6408] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  113.467806][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.507836][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.546038][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.560278][ T6408] F2FS-fs (loop3): recover xattr in inode (7), error(0)
[  113.587902][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.611061][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.638247][ T5768] XFS (loop2): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  113.641378][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.678460][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.687040][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.695631][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.704935][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.713609][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.722997][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.732604][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.754485][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.801104][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.827852][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.837321][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.892276][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.927862][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.948899][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.959019][ T6423] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  113.978446][   T28] audit: type=1800 audit(1771260485.562:2): pid=6423 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.224" name="file1" dev="loop0" ino=1048600 res=0 errno=0
[  114.228454][ T6454] loop1: detected capacity change from 0 to 128
[  114.337603][ T6456] loop2: detected capacity change from 0 to 736
[  114.431580][ T6454] syz.1.234: attempt to access beyond end of device
[  114.431580][ T6454] loop1: rw=2049, sector=129, nr_sectors = 37 limit=128
[  115.399423][ T6460] loop0: detected capacity change from 0 to 40427
[  115.424682][ T6460] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  115.453419][ T6460] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  115.477779][ T5834] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  115.497342][ T6460] F2FS-fs (loop0): invalid crc value
[  115.529127][ T6460] F2FS-fs (loop0): Found nat_bits in checkpoint
[  115.677748][ T5834] usb 2-1: Using ep0 maxpacket: 16
[  115.698035][ T5834] usb 2-1: New USB device found, idVendor=0db0, idProduct=5581, bcdDevice=f9.22
[  115.713392][ T6460] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  115.721546][ T5834] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.736656][ T6460] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  115.747321][ T5834] usb 2-1: Product: syz
[  115.754456][ T5834] usb 2-1: Manufacturer: syz
[  115.773965][ T5834] usb 2-1: SerialNumber: syz
[  116.025800][ T5834] usb 2-1: dvb_usb_v2: found a 'MSI Mega Sky 55801 DVB-T USB2.0' in warm state
[  116.068976][ T5834] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  116.098342][ T5834] dvbdev: DVB: registering new adapter (MSI Mega Sky 55801 DVB-T USB2.0)
[  116.106906][ T5834] usb 2-1: media controller created
[  116.164904][ T5834] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  116.429870][ T5834] zl10353_read_register: readreg error (reg=127, ret==-110)
[  116.539689][ T5834] dvb_usb_gl861: probe of 2-1:157.0 failed with error -5
[  116.582828][ T5834] usb 2-1: USB disconnect, device number 4
[  116.796809][ T6505] syzkaller1: tun_chr_ioctl cmd 1074025677
[  116.824765][ T6505] syzkaller1: linktype set to 0
[  116.855672][ T6508] hub 9-0:1.0: USB hub found
[  116.864751][ T6508] hub 9-0:1.0: 1 port detected
[  117.159887][ T6521] erspan0: entered promiscuous mode
[  117.347476][ T6530] netlink: 23 bytes leftover after parsing attributes in process `syz.2.265'.
[  117.375796][ T6530] netlink: 20 bytes leftover after parsing attributes in process `syz.2.265'.
[  117.711957][    T9] usb 2-1: new full-speed USB device number 5 using dummy_hcd
[  117.802343][ T6544] loop0: detected capacity change from 0 to 256
[  117.919797][    T9] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  117.940163][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[  117.955346][ T6536] loop2: detected capacity change from 0 to 32768
[  117.966165][    T9] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  117.989013][    T9] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  118.023546][    T9] usb 2-1: Product: syz
[  118.035683][    T9] usb 2-1: Manufacturer: syz
[  118.047994][    T9] usb 2-1: SerialNumber: syz
[  118.063571][    T9] usb 2-1: config 0 descriptor??
[  118.097099][    T9] usb 2-1: selecting invalid altsetting 0
[  118.304901][ T6549] loop3: detected capacity change from 0 to 1024
[  118.359389][ T6549] EXT4-fs: Ignoring removed nomblk_io_submit option
[  118.390695][ T6549] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  118.453023][ T6549] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  118.471471][ T5836] usb 2-1: USB disconnect, device number 5
[  118.480965][ T6549] System zones: 0-1, 3-36
[  118.530309][ T6549] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  118.570951][ T6554] syz.0.274 uses obsolete (PF_INET,SOCK_PACKET)
[  118.820427][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.620987][ T6577] loop1: detected capacity change from 0 to 4096
[  119.682476][ T6577] ntfs3: loop1: ino=3, Correct links count -> 2.
[  119.838156][ T6584] netlink: 8 bytes leftover after parsing attributes in process `syz.3.285'.
[  119.850878][ T6584] netlink: 28 bytes leftover after parsing attributes in process `syz.3.285'.
[  119.868512][ T6577] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  120.042590][ T6586] tun0: tun_chr_ioctl cmd 2147767507
[  120.229732][ T6592] 9p: Unknown uid 00000000004294967295
[  120.384765][ T6598] loop0: detected capacity change from 0 to 128
[  120.512631][ T6602] loop3: detected capacity change from 0 to 64
[  120.937893][ T5834] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  121.137831][ T5834] usb 1-1: Using ep0 maxpacket: 8
[  121.153241][ T5834] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  121.171708][ T5834] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  121.187841][ T5834] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  121.218907][ T5834] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  121.237776][ T5834] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  121.267749][ T5834] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  121.276876][ T5834] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.408379][ T6611] loop3: detected capacity change from 0 to 32768
[  121.416121][ T6611] XFS: ikeep mount option is deprecated.
[  121.498119][ T6611] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  121.524707][ T5834] usb 1-1: GET_CAPABILITIES returned 0
[  121.532597][ T5834] usbtmc 1-1:16.0: can't read capabilities
[  121.594340][ T6611] XFS (loop3): Ending clean mount
[  121.644767][ T6611] XFS (loop3): Quotacheck needed: Please wait.
[  121.763386][ T6611] XFS (loop3): Quotacheck: Done.
[  121.824958][ T5836] usb 1-1: USB disconnect, device number 3
[  122.030810][ T5769] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  122.507826][    T9] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[  122.588640][ T6661] loop0: detected capacity change from 0 to 32768
[  122.610586][ T6661] (syz.0.314,6661,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  122.627583][ T6661] (syz.0.314,6661,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  122.665367][ T6661] JBD2: Ignoring recovery information on journal
[  122.713263][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  122.737633][ T6661] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  122.737792][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  122.757617][    T9] usb 2-1: New USB device found, idVendor=28bd, idProduct=0075, bcdDevice= 0.00
[  122.766823][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.801413][    T9] usb 2-1: config 0 descriptor??
[  122.960135][ T5766] ocfs2: Unmounting device (7,0) on (node local)
[  123.257278][    T9] uclogic 0003:28BD:0075.0002: interface is invalid, ignoring
[  123.494172][ T5834] usb 2-1: USB disconnect, device number 6
[  123.564796][ T6673] loop3: detected capacity change from 0 to 1024
[  123.635757][ T6673] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  123.722477][ T6667] loop2: detected capacity change from 0 to 32768
[  123.798706][ T6667] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  123.959718][ T6667] XFS (loop2): Ending clean mount
[  123.986299][ T6667] XFS (loop2): Quotacheck needed: Please wait.
[  124.027802][ T6675] loop0: detected capacity change from 0 to 32768
[  124.055320][ T6675] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 scanned by syz.0.319 (6675)
[  124.132173][ T6675] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  124.157442][ T6667] XFS (loop2): Quotacheck: Done.
[  124.202686][ T6675] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  124.217832][ T6675] BTRFS info (device loop0): using free space tree
[  124.345813][   T28] audit: type=1800 audit(1771260495.932:3): pid=6667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.317" name="file1" dev="loop2" ino=6150 res=0 errno=0
[  124.423741][ T5768] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  124.466490][ T6675] BTRFS info (device loop0): enabling ssd optimizations
[  124.488671][ T6675] BTRFS info (device loop0): auto enabling async discard
[  124.888319][ T5766] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  124.992312][ T6689] loop1: detected capacity change from 0 to 32768
[  125.040261][ T6689] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  125.130024][ T6689] XFS (loop1): Ending clean mount
[  125.153848][ T6689] XFS (loop1): Quotacheck needed: Please wait.
[  125.279264][ T6689] XFS (loop1): Quotacheck: Done.
[  125.391384][ T5767] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  125.548051][    T9] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  125.768293][    T9] usb 1-1: Using ep0 maxpacket: 32
[  125.807729][    T9] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2
[  125.827887][    T9] usb 1-1: too many endpoints for config 0 interface 0 altsetting 5: 69, using maximum allowed: 30
[  125.857736][    T9] usb 1-1: config 0 interface 0 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 69
[  125.888325][    T9] usb 1-1: config 0 interface 0 has no altsetting 1
[  125.913808][    T9] usb 1-1: New USB device found, idVendor=152d, idProduct=0539, bcdDevice= 0.00
[  125.947733][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  125.947829][ T5836] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  125.955749][    T9] usb 1-1: SerialNumber: syz
[  125.980254][    T9] usb 1-1: config 0 descriptor??
[  126.002607][    T9] usb-storage 1-1:0.0: USB Mass Storage device detected
[  126.058833][    T9] usb-storage 1-1:0.0: Quirks match for vid 152d pid 0539: 4000000
[  126.234717][    T9] usb 1-1: USB disconnect, device number 4
[  126.243316][ T5836] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  126.265803][ T5836] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  126.290534][ T5836] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  126.330553][ T5836] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  126.351446][ T5836] usb 4-1: SerialNumber: syz
[  126.503269][ T6753] loop1: detected capacity change from 0 to 128
[  126.515998][ T6753] EXT4-fs: Ignoring removed nobh option
[  126.548109][ T6753] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  126.597619][ T5836] usb 4-1: 0:2 : does not exist
[  126.615383][ T6753] ext4 filesystem being mounted at /86/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  126.632442][ T5836] usb 4-1: USB disconnect, device number 3
[  126.715437][ T6753] fscrypt (loop1, inode 12): Reserved bits set in encryption policy
[  126.717077][ T5757] udevd[5757]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  126.792111][ T5767] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  127.138824][ T6770] netlink: 28 bytes leftover after parsing attributes in process `syz.1.345'.
[  127.464929][ T6772] loop1: detected capacity change from 0 to 32768
[  127.487851][ T6772] 
[  127.487851][ T6772]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  127.487851][ T6772] 
[  127.549780][ T5767] 
[  127.549780][ T5767]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  127.549780][ T5767] 
[  127.571182][ T5767] 
[  127.571182][ T5767]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  127.571182][ T5767] 
[  127.647773][    T9] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  127.813260][ T6780] loop1: detected capacity change from 0 to 2048
[  127.866539][    T9] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  127.881216][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.914006][ T6780] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  127.934189][    T9] usb 4-1: config 0 descriptor??
[  127.941600][ T6780] ext4 filesystem being mounted at /92/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  128.044582][ T6780] fs-verity: sha512 using implementation "sha512-avx2"
[  128.174421][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.192122][    T9] [drm] vendor descriptor length:6 data:06 5f 01 ff 00 00 00 00 00 00 00
[  128.214941][    T9] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  128.398189][    T9] [drm:udl_init] *ERROR* Selecting channel failed
[  128.434859][    T9] [drm] Initialized udl 0.0.1 20120220 for 4-1:0.0 on minor 2
[  128.474508][    T9] [drm] Initialized udl on minor 2
[  128.513702][ T6795] 8021q: adding VLAN 0 to HW filter on device bond1
[  128.523373][ T6795] bond0: (slave bond1): Enslaving as an active interface with an up link
[  128.531662][    T9] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  128.553527][    T9] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  128.562988][ T5834] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  128.588058][    T9] usb 4-1: USB disconnect, device number 4
[  128.598874][ T5834] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  128.606874][ T5834] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  128.708101][    T8] usb 1-1: new full-speed USB device number 5 using dummy_hcd
[  128.899678][    T8] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  128.908299][    T8] usb 1-1: config 0 has no interface number 0
[  128.914444][    T8] usb 1-1: config 0 interface 1 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  128.942146][    T8] usb 1-1: config 0 interface 1 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0
[  128.953555][    T8] usb 1-1: config 0 interface 1 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  128.996048][    T8] usb 1-1: config 0 interface 1 has no altsetting 0
[  129.008178][    T8] usb 1-1: New USB device found, idVendor=145f, idProduct=0212, bcdDevice= 0.00
[  129.020246][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.048472][    T8] usb 1-1: config 0 descriptor??
[  129.617885][ T6816] loop1: detected capacity change from 0 to 32768
[  129.648114][ T6814] loop2: detected capacity change from 0 to 40427
[  129.663386][ T6816] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  129.678929][ T6814] F2FS-fs (loop2): Invalid segment count (1)
[  129.692084][ T6814] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  129.705321][    T8] uclogic 0003:145F:0212.0003: pen parameters not found
[  129.713098][    T8] uclogic 0003:145F:0212.0003: interface is invalid, ignoring
[  129.723283][ T6814] F2FS-fs (loop2): heap/no_heap options were deprecated
[  129.756194][ T6814] F2FS-fs (loop2): invalid crc value
[  129.773467][ T6816] XFS (loop1): Ending clean mount
[  129.790287][ T6814] F2FS-fs (loop2): Found nat_bits in checkpoint
[  129.815356][ T6816] XFS (loop1): Quotacheck needed: Please wait.
[  129.864533][ T6814] F2FS-fs (loop2): Try to recover 1th superblock, ret: -30
[  129.873080][ T6814] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  129.904587][ T6816] XFS (loop1): Quotacheck: Done.
[  129.956462][ T5834] usb 1-1: USB disconnect, device number 5
[  130.116174][ T5767] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  130.392146][ T6835] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.369'.
[  130.525249][ T6839] netlink: 12 bytes leftover after parsing attributes in process `syz.2.372'.
[  130.631837][ T6841] loop3: detected capacity change from 0 to 4096
[  130.668266][ T6841] ntfs: (device loop3): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  130.718177][ T6841] ntfs: (device loop3): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk.
[  130.733915][ T6841] ntfs: (device loop3): ntfs_read_locked_inode(): $DATA attribute is missing.
[  130.743203][ T6843] Bluetooth: MGMT ver 1.22
[  130.753061][ T6841] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0x1 as bad.  Run chkdsk.
[  130.786014][ T6841] ntfs: (device loop3): load_system_files(): Failed to load $MFTMirr.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  130.829761][ T6841] ntfs: volume version 3.1.
[  130.851811][ T6841] ntfs: (device loop3): load_and_init_quota(): Failed to find inode number for $Quota.
[  130.864769][ T6841] ntfs: (device loop3): load_system_files(): Failed to load $Quota.  Will not be able to remount read-write.  Run chkdsk.
[  130.987885][    T8] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  131.155626][ T6852] loop3: detected capacity change from 0 to 512
[  131.197915][    T8] usb 3-1: Using ep0 maxpacket: 8
[  131.211963][ T6852] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.238538][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  131.288029][ T6852] ext4 filesystem being mounted at /92/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  131.294663][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  131.383375][    T8] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  131.403914][ T6852] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  131.412428][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  131.434184][    T8] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  131.447195][    T8] usb 3-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  131.456632][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.468225][    T8] usb 3-1: config 0 descriptor??
[  131.488372][ T6859] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  131.510405][ T5773] Bluetooth: hci4: urb ffff88802d323500 submission failed (90)
[  131.632247][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.799601][   T27] usb 3-1: USB disconnect, device number 4
[  131.901753][ T6856] loop0: detected capacity change from 0 to 40427
[  131.924178][ T6867] vivid-003: disconnect
[  131.933699][ T6856] F2FS-fs (loop0): invalid crc value
[  131.935463][ T6865] vivid-003: reconnect
[  131.964660][ T6856] F2FS-fs (loop0): Found nat_bits in checkpoint
[  132.067416][ T6856] F2FS-fs (loop0): Start checkpoint disabled!
[  132.094880][ T6856] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  132.144658][ T6872] loop1: detected capacity change from 0 to 2048
[  132.183765][ T6872] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  132.259359][ T6875] loop3: detected capacity change from 0 to 512
[  132.283821][ T6875] EXT4-fs: Ignoring removed orlov option
[  132.318678][ T6875] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  132.436670][ T6875] EXT4-fs (loop3): 1 orphan inode deleted
[  132.461292][ T6878] loop2: detected capacity change from 0 to 512
[  132.470402][ T6875] EXT4-fs (loop3): 1 truncate cleaned up
[  132.493085][ T6875] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.513999][ T6878] FAT-fs (loop2): Directory bread(block 199916) failed
[  132.558032][ T6878] FAT-fs (loop2): Directory bread(block 199917) failed
[  132.564977][ T6878] FAT-fs (loop2): Directory bread(block 199918) failed
[  132.599154][ T6878] FAT-fs (loop2): Directory bread(block 199919) failed
[  132.606088][ T6878] FAT-fs (loop2): Directory bread(block 199920) failed
[  132.643216][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.647806][ T6878] FAT-fs (loop2): Directory bread(block 199921) failed
[  132.690010][ T6878] FAT-fs (loop2): Directory bread(block 199922) failed
[  132.728800][ T6878] FAT-fs (loop2): Directory bread(block 199923) failed
[  132.927179][ T6886] netlink: 'syz.3.392': attribute type 11 has an invalid length.
[  132.942182][ T6878] FAT-fs (loop2): FAT read failed (blocknr 128)
[  132.949204][ T6886] netlink: 12 bytes leftover after parsing attributes in process `syz.3.392'.
[  133.465474][ T6901] loop2: detected capacity change from 0 to 1024
[  133.494576][ T6880] loop1: detected capacity change from 0 to 32768
[  133.586387][   T28] audit: type=1800 audit(1771260505.172:4): pid=6880 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.390" name="file1" dev="loop1" ino=4 res=0 errno=0
[  134.296260][ T6924] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  134.841686][ T6941] set_capacity_and_notify: 1 callbacks suppressed
[  134.841712][ T6941] loop1: detected capacity change from 0 to 4096
[  134.860476][ T6941] ntfs: (device loop1): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  134.902223][ T6941] ntfs: (device loop1): read_ntfs_boot_sector(): Primary boot sector is invalid.
[  134.931786][ T6941] ntfs: volume version 3.1.
[  135.103502][ T6953] loop3: detected capacity change from 0 to 4096
[  135.126994][ T6953] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512).
[  135.274559][ T6953] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  135.953047][ T6976] loop0: detected capacity change from 0 to 256
[  135.991736][ T6976] exfat: Deprecated parameter 'utf8'
[  136.028614][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  136.035412][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  136.072443][ T6976] exfat: Deprecated parameter 'namecase'
[  136.087374][ T6976] exfat: Deprecated parameter 'namecase'
[  136.128162][ T6976] exfat: Deprecated parameter 'utf8'
[  136.189023][ T6976] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffad0, utbl_chksum : 0xe619d30d)
[  136.566219][ T6988] netlink: 'syz.0.436': attribute type 2 has an invalid length.
[  136.729467][ T6974] loop1: detected capacity change from 0 to 32768
[  136.770573][ T6974] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.430 (6974)
[  136.810325][ T6974] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  136.826384][ T6974] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  136.839240][ T6974] BTRFS info (device loop1): metadata ratio 2
[  136.845356][ T6974] BTRFS info (device loop1): allowing degraded mounts
[  136.856663][ T6974] BTRFS info (device loop1): force zlib compression, level 3
[  136.865675][ T6974] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  136.924230][ T6974] BTRFS info (device loop1): use zstd compression, level 3
[  136.939874][ T6974] BTRFS info (device loop1): force clearing of disk cache
[  136.947103][ T6974] BTRFS info (device loop1): turning on flush-on-commit
[  136.961312][ T6974] BTRFS warning (device loop1): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  136.977419][ T6974] BTRFS info (device loop1): trying to use backup root at mount time
[  137.000917][ T6974] BTRFS info (device loop1): using free space tree
[  137.185326][ T6974] BTRFS info (device loop1): enabling ssd optimizations
[  137.208933][ T6974] BTRFS info (device loop1): rebuilding free space tree
[  137.708967][ T5767] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  138.027529][ T7033] loop2: detected capacity change from 0 to 1024
[  138.089946][ T7033] EXT4-fs: Ignoring removed oldalloc option
[  138.095931][ T7033] EXT4-fs: Ignoring removed orlov option
[  138.159932][ T7033] EXT4-fs (loop2): stripe (1570) is not aligned with cluster size (16), stripe is disabled
[  138.217128][ T7018] loop0: detected capacity change from 0 to 40427
[  138.248526][ T7033] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.272467][ T7018] F2FS-fs (loop0): build fault injection attr: rate: 0, type: 0x35f7
[  138.302968][ T7018] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x7ffff
[  138.313580][ T7042] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  138.318956][ T7018] F2FS-fs (loop0): Image doesn't support compression
[  138.380586][ T7018] F2FS-fs (loop0): invalid crc value
[  138.389372][ T7033] EXT4-fs error (device loop2): ext4_xattr_inode_iget:446: comm syz.2.448: error while reading EA inode 32 err=-116
[  138.436346][ T7018] F2FS-fs (loop0): Found nat_bits in checkpoint
[  138.468814][ T7033] EXT4-fs (loop2): Remounting filesystem read-only
[  138.493280][ T7033] EXT4-fs warning (device loop2): ext4_xattr_inode_inc_ref_all:1135: inode #18: comm syz.2.448: cleanup dec ref error -5
[  138.557839][ T7033] EXT4-fs warning (device loop2): ext4_xattr_block_set:2195: inode #18: comm syz.2.448: dec ref error=-5
[  138.600243][ T7018] F2FS-fs (loop0): Start checkpoint disabled!
[  138.646690][ T7018] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  138.700357][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.769820][   T28] kauditd_printk_skb: 18 callbacks suppressed
[  138.769844][   T28] audit: type=1800 audit(1771260510.352:5): pid=7018 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.444" name="file1" dev="loop0" ino=10 res=0 errno=0
[  139.012360][   T49] kworker/u4:3: attempt to access beyond end of device
[  139.012360][   T49] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  139.057884][   T49] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  139.064825][   T49] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  139.381272][ T7059] overlayfs: invalid origin (0000005e40a88832162e012d21233a2c2826000000ca8a0000000000)
[  139.559245][ T7064] loop0: detected capacity change from 0 to 16
[  139.577516][ T7064] erofs: (device loop0): mounted with root inode @ nid 36.
[  139.629237][ T7064] erofs: (device loop0): erofs_map_blocks_flatmode: inline data cross block boundary @ nid 46
[  139.654050][ T7064] erofs: (device loop0): erofs_readdir: fail to readdir of logical block 0 of nid 46
[  139.680390][ T7066] netlink: 4 bytes leftover after parsing attributes in process `syz.3.461'.
[  139.758485][ T7068] netlink: 12 bytes leftover after parsing attributes in process `syz.2.462'.
[  140.314566][ T7092] loop0: detected capacity change from 0 to 1024
[  140.427986][   T27] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  140.637917][   T27] usb 2-1: Using ep0 maxpacket: 8
[  140.643025][ T7104] loop0: detected capacity change from 0 to 8
[  140.652779][   T27] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  140.673319][   T27] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.684790][   T27] usb 2-1: Product: syz
[  140.689665][   T27] usb 2-1: Manufacturer: syz
[  140.694470][   T27] usb 2-1: SerialNumber: syz
[  140.705529][   T27] usb 2-1: config 0 descriptor??
[  140.721976][   T27] gspca_main: se401-2.14.0 probing 047d:5003
[  140.776884][ T7104] SQUASHFS error: Failed to read block 0x2fc: -5
[  140.785008][ T7104] SQUASHFS error: Unable to read metadata cache entry [2fa]
[  140.793072][ T7104] SQUASHFS error: Unable to read directory block [2fa:0]
[  140.976990][    T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  141.002063][    T9] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  141.194698][ T7102] loop3: detected capacity change from 0 to 32768
[  141.271419][ T7102] XFS (loop3): DAX unsupported by block device. Turning off DAX.
[  141.310711][ T7102] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  141.369845][   T27] usb 2-1: reset high-speed USB device number 7 using dummy_hcd
[  141.417098][ T7102] XFS (loop3): Ending clean mount
[  141.434345][ T7118] loop2: detected capacity change from 0 to 4096
[  141.441248][ T7102] XFS (loop3): Quotacheck needed: Please wait.
[  141.521197][ T7102] XFS (loop3): Quotacheck: Done.
[  141.708524][ T5769] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  142.310267][ T7124] loop2: detected capacity change from 0 to 32768
[  142.322884][   T27] gspca_se401: write req failed req 0x57 val 0x00 error -71
[  142.332883][   T27] se401: probe of 2-1:0.0 failed with error -71
[  142.377373][ T7124] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  142.386278][ T7124] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  142.416029][   T27] usb 2-1: USB disconnect, device number 7
[  142.443106][ T7131] loop3: detected capacity change from 0 to 512
[  142.460284][ T7131] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  142.473059][ T7124] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 1ms
[  142.486621][  T789] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  142.498825][  T789] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  142.528167][  T789] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 29ms
[  142.536440][  T789] gfs2: fsid=syz:syz.0: jid=0: Done
[  142.543783][ T7124] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  142.610921][ T7131] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  142.644323][ T7131] EXT4-fs (loop3): 1 truncate cleaned up
[  142.653484][ T7131] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.682645][ T7131] EXT4-fs (loop3): shut down requested (1)
[  142.737559][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.841071][ T7124] gfs2: fsid=syz:syz.0: found 1 quota changes
[  142.851650][  T789] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  142.951974][ T7124] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[  142.951974][ T7124]   inode = 11 2339
[  142.951974][ T7124]   function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 472
[  142.971256][ T7124] gfs2: fsid=syz:syz.0: G:  s:EX n:2/923 f:qobnN t:EX d:EX/0 a:0 v:0 r:3 m:20 p:1
[  142.981216][ T7124] gfs2: fsid=syz:syz.0:  H: s:EX f:H e:0 p:7124 [syz.2.485] gfs2_quota_sync+0x411/0x5a0
[  142.991950][ T7124] gfs2: fsid=syz:syz.0:  I: n:11/2339 t:0 f:0x00 d:0x00000000 s:0 p:0
[  143.000230][ T7124] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  143.017084][ T7124] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  143.025954][ T7124] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  143.034760][ T7124] gfs2: fsid=syz:syz.0: File system withdrawn
[  143.040912][ T7124] CPU: 1 PID: 7124 Comm: syz.2.485 Not tainted syzkaller #0
[  143.048209][ T7124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  143.058298][ T7124] Call Trace:
[  143.061611][ T7124]  <TASK>
[  143.064571][ T7124]  dump_stack_lvl+0x18c/0x250
[  143.069289][ T7124]  ? kobject_uevent_env+0x363/0x8b0
[  143.074532][ T7124]  ? show_regs_print_info+0x20/0x20
[  143.079766][ T7124]  ? load_image+0x400/0x400
[  143.084305][ T7124]  ? kobject_uevent_env+0x363/0x8b0
[  143.089542][ T7124]  gfs2_withdraw+0xb24/0x13d0
[  143.094270][ T7124]  ? gfs2_lm+0x240/0x240
[  143.098559][ T7124]  ? gfs2_consist_inode_i+0xf5/0x110
[  143.103883][ T7124]  gfs2_inode_refresh+0xb89/0x1000
[  143.109034][ T7124]  ? gfs2_inode_metasync+0xf0/0xf0
[  143.114182][ T7124]  ? gfs2_glock_nq+0xd4f/0x1420
[  143.119074][ T7124]  gfs2_instantiate+0x162/0x220
[  143.123966][ T7124]  gfs2_glock_wait+0x1d4/0x2a0
[  143.128770][ T7124]  do_sync+0x4c6/0xe50
[  143.132869][ T7124]  ? gfs2_quota_sync+0x411/0x5a0
[  143.137851][ T7124]  ? bh_get+0x760/0x760
[  143.142028][ T7124]  ? gfs2_quota_sync+0x31a/0x5a0
[  143.146989][ T7124]  ? gfs2_quota_sync+0x411/0x5a0
[  143.151948][ T7124]  ? do_raw_spin_unlock+0x121/0x230
[  143.157173][ T7124]  ? do_raw_spin_unlock+0x121/0x230
[  143.162395][ T7124]  gfs2_quota_sync+0x411/0x5a0
[  143.167187][ T7124]  gfs2_sync_fs+0x4c/0xb0
[  143.171543][ T7124]  sync_filesystem+0xea/0x220
[  143.176333][ T7124]  gfs2_reconfigure+0xbb/0xb10
[  143.181142][ T7124]  reconfigure_super+0x21e/0x8a0
[  143.186110][ T7124]  path_mount+0xd2f/0xff0
[  143.190484][ T7124]  __se_sys_mount+0x2e7/0x3d0
[  143.195184][ T7124]  ? __x64_sys_mount+0xc0/0xc0
[  143.199971][ T7124]  ? lockdep_hardirqs_on+0x98/0x150
[  143.205193][ T7124]  ? __x64_sys_mount+0x20/0xc0
[  143.209978][ T7124]  do_syscall_64+0x55/0xa0
[  143.214421][ T7124]  ? clear_bhb_loop+0x40/0x90
[  143.219114][ T7124]  ? clear_bhb_loop+0x40/0x90
[  143.223817][ T7124]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  143.229739][ T7124] RIP: 0033:0x7f40c239bf79
[  143.234194][ T7124] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  143.253835][ T7124] RSP: 002b:00007f40c3173028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  143.262284][ T7124] RAX: ffffffffffffffda RBX: 00007f40c2615fa0 RCX: 00007f40c239bf79
[  143.270276][ T7124] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000000
[  143.278265][ T7124] RBP: 00007f40c24327e0 R08: 0000000000000000 R09: 0000000000000000
[  143.286256][ T7124] R10: 0000000002390024 R11: 0000000000000246 R12: 0000000000000000
[  143.294247][ T7124] R13: 00007f40c2616038 R14: 00007f40c2615fa0 R15: 00007ffd04a5ea58
[  143.302257][ T7124]  </TASK>
[  143.305370][    C1] vkms_vblank_simulate: vblank timer overrun
[  143.315230][ T7124] gfs2: unable to remount read-write
[  143.370186][  T789] usb 1-1: config 220 has an invalid interface number: 76 but max is 2
[  143.381858][  T789] usb 1-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  143.393948][  T789] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  143.404454][  T789] usb 1-1: config 220 has no interface number 2
[  143.410838][  T789] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  143.425219][  T789] usb 1-1: config 220 interface 0 has no altsetting 0
[  143.432596][  T789] usb 1-1: config 220 interface 76 has no altsetting 0
[  143.439921][  T789] usb 1-1: config 220 interface 1 has no altsetting 0
[  143.475605][  T789] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  143.500398][  T789] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.546253][  T789] usb 1-1: Product: syz
[  143.563194][  T789] usb 1-1: Manufacturer: syz
[  143.573304][  T789] usb 1-1: SerialNumber: syz
[  143.826057][  T789] usb 1-1: Found UVC 7.01 device syz (8086:0b07)
[  143.835415][  T789] usb 1-1: No valid video chain found.
[  143.842146][  T789] usb 1-1: selecting invalid altsetting 0
[  143.864290][  T789] usb 1-1: selecting invalid altsetting 0
[  143.887718][  T789] usbtest: probe of 1-1:220.1 failed with error -22
[  143.908160][  T789] usb 1-1: USB disconnect, device number 6
[  144.234198][ T7166] loop2: detected capacity change from 0 to 1024
[  144.251621][ T7168] netlink: 884 bytes leftover after parsing attributes in process `syz.3.501'.
[  144.403231][ T7158] loop1: detected capacity change from 0 to 32768
[  144.418464][ T7158] BTRFS: device fsid c6b85f58-0c7e-41ca-a553-c8d9f94f6663 devid 1 transid 8 /dev/loop1 scanned by syz.1.497 (7158)
[  144.444455][ T7158] BTRFS info (device loop1): first mount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663
[  144.456264][ T7158] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  144.469946][ T7158] BTRFS info (device loop1): using free space tree
[  144.658159][ T7158] BTRFS info (device loop1): enabling ssd optimizations
[  144.665269][ T7158] BTRFS info (device loop1): auto enabling async discard
[  144.877348][ T7193] loop3: detected capacity change from 0 to 4096
[  145.204666][ T7205] loop2: detected capacity change from 0 to 164
[  145.225114][ T5767] BTRFS info (device loop1): last unmount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663
[  145.271267][ T5757] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  146.277747][ T5834] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  146.478761][ T7236] loop1: detected capacity change from 0 to 4096
[  146.479742][ T5834] usb 1-1: Using ep0 maxpacket: 16
[  146.498532][ T7236] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512).
[  146.503351][ T5834] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 8
[  146.525314][ T5834] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  146.535374][ T5834] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.544521][ T5834] usb 1-1: Product: syz
[  146.566833][ T5834] usb 1-1: Manufacturer: syz
[  146.592149][ T5834] usb 1-1: SerialNumber: syz
[  146.596936][ T7236] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  146.606099][ T5834] usb 1-1: config 0 descriptor??
[  146.625527][ T5834] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected
[  146.645851][ T5834] usb 1-1: Detected FT232R
[  146.866603][ T5834] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  147.110742][ T7240] loop1: detected capacity change from 0 to 4096
[  147.123411][ T5834] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  147.139798][ T7240] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512).
[  147.274058][ T7240] ntfs3: loop1: ino=1e, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" failed to parse mft record
[  147.360241][  T136] ntfs3: loop1: ino=1e, failed to parse mft record
[  147.431402][    T9] usb 1-1: USB disconnect, device number 7
[  147.482598][    T9] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  147.523224][    T9] ftdi_sio 1-1:0.0: device disconnected
[  147.636827][ T7253] loop3: detected capacity change from 0 to 1024
[  147.760029][ T7255] netlink: 12 bytes leftover after parsing attributes in process `syz.3.536'.
[  147.769388][ T7255] tipc: Started in network mode
[  147.774366][ T7255] tipc: Node identity 7, cluster identity 4711
[  147.781279][ T7255] tipc: Node number set to 7
[  148.014286][ T7264] netlink: 4 bytes leftover after parsing attributes in process `syz.0.540'.
[  148.014389][   T27] kernel read not supported for file /dsp (pid: 27 comm: kworker/1:1)
[  148.025743][ T7264] netlink: 16 bytes leftover after parsing attributes in process `syz.0.540'.
[  148.179653][ T7269] loop1: detected capacity change from 0 to 128
[  148.367412][ T7269] syz.1.541: attempt to access beyond end of device
[  148.367412][ T7269] loop1: rw=2049, sector=169, nr_sectors = 872 limit=128
[  148.512421][ T7276] loop0: detected capacity change from 0 to 1024
[  148.697584][   T11] hfsplus: b-tree write err: -5, ino 4
[  149.022266][ T7288] netlink: 8 bytes leftover after parsing attributes in process `syz.2.551'.
[  149.193616][ T7293] loop0: detected capacity change from 0 to 2048
[  149.202058][ T7295] loop2: detected capacity change from 0 to 256
[  149.224059][ T7295] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  149.246459][ T7297] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  149.392747][ T7300] NILFS (loop0): error -2 truncating bmap (ino=16)
[  149.422054][ T7297] NILFS (loop0): vblocknr = 15 has abnormal lifetime: start cno (= 1407374883553282) > current cno (= 3)
[  149.443523][ T7297] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=16)
[  149.466506][ T7297] Remounting filesystem read-only
[  149.577589][ T5766] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer
[  149.598946][ T5766] NILFS (loop0): discard dirty page: offset=4096, ino=6
[  149.606527][ T5766] NILFS (loop0): discard dirty block: blocknr=39, size=1024
[  149.622093][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  149.636528][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  149.659908][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  149.683663][ T5766] NILFS (loop0): discard dirty page: offset=0, ino=5
[  149.707788][ T5766] NILFS (loop0): discard dirty block: blocknr=41, size=1024
[  149.730807][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  149.749002][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  149.765863][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  149.779718][ T5766] NILFS (loop0): discard dirty page: offset=0, ino=3
[  149.786535][ T5766] NILFS (loop0): discard dirty block: blocknr=42, size=1024
[  149.795272][ T5766] NILFS (loop0): discard dirty block: blocknr=43, size=1024
[  149.803127][ T5766] NILFS (loop0): discard dirty block: blocknr=44, size=1024
[  149.820728][ T5766] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  149.837727][ T5766] NILFS (loop0): discard dirty page: offset=4096, ino=3
[  149.858016][ T5766] NILFS (loop0): discard dirty block: blocknr=0, size=1024
[  149.865258][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  149.888324][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  149.897232][ T5766] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  149.920069][ T7307] loop2: detected capacity change from 0 to 64
[  150.279143][ T7315] loop0: detected capacity change from 0 to 512
[  150.337633][ T7315] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  150.350918][ T7315] ext4 filesystem being mounted at /131/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  150.393228][ T7315] EXT4-fs error (device loop0): ext4_get_first_dir_block:3592: inode #12: block 32: comm syz.0.563: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  150.467741][ T7315] EXT4-fs (loop0): Remounting filesystem read-only
[  150.575668][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.904466][ T7334] loop3: detected capacity change from 0 to 4096
[  150.930092][ T7334] ntfs: (device loop3): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  150.995622][ T7334] ntfs: (device loop3): read_ntfs_boot_sector(): Primary boot sector is invalid.
[  151.029352][ T7334] ntfs: (device loop3): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy.
[  151.102929][ T7334] ntfs: (device loop3): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  151.137871][ T7334] ntfs: (device loop3): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5).
[  151.192841][ T7334] ntfs: (device loop3): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  151.215223][ T7334] ntfs: (device loop3): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5).
[  151.231796][ T7322] F2FS-fs (loop2): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288)
[  151.242935][ T7334] ntfs: (device loop3): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  151.265270][ T7322] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  151.285502][ T7322] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x35f7
[  151.318622][ T7334] ntfs: (device loop3): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5).
[  151.337180][ T7322] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x7ffff
[  151.352351][ T7334] ntfs: (device loop3): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  151.364600][ T7322] F2FS-fs (loop2): Image doesn't support compression
[  151.386050][ T7346] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  151.412249][ T7322] F2FS-fs (loop2): invalid crc value
[  151.413024][ T7334] ntfs: volume version 3.1.
[  151.437768][ T7322] F2FS-fs (loop2): Found nat_bits in checkpoint
[  151.508418][ T7346] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  151.613228][ T7322] F2FS-fs (loop2): Start checkpoint disabled!
[  151.627855][ T5836] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  151.657766][ T7322] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  151.687716][ T7322] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  151.814120][ T7322] syz.2.562: attempt to access beyond end of device
[  151.814120][ T7322] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  151.844663][ T5836] usb 2-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[  151.863264][ T5836] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.870257][ T7352] F2FS-fs (loop2): inject no more block in inc_valid_node_count of f2fs_new_node_page+0x187/0x910
[  151.874506][ T5836] usb 2-1: Product: syz
[  151.886619][ T5836] usb 2-1: Manufacturer: syz
[  151.895680][ T5836] usb 2-1: SerialNumber: syz
[  152.116555][ T1132] kworker/u4:6: attempt to access beyond end of device
[  152.116555][ T1132] loop2: rw=1, sector=45104, nr_sectors = 8 limit=40427
[  152.129168][ T7354] set_capacity_and_notify: 2 callbacks suppressed
[  152.129183][ T7354] loop0: detected capacity change from 0 to 4096
[  152.167434][ T7354] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512).
[  152.187145][ T1132] kworker/u4:6: attempt to access beyond end of device
[  152.187145][ T1132] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  152.209132][ T1132] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  152.217378][ T1132] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  152.277102][ T7354] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  152.555571][ T5836] rtl8150 2-1:1.0: eth1: rtl8150 is detected
[  152.850409][    T9] usb 2-1: USB disconnect, device number 8
[  153.247810][ T5834] usb 4-1: new low-speed USB device number 5 using dummy_hcd
[  153.461555][ T5834] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  153.490580][ T5834] usb 4-1: config 0 has no interface number 0
[  153.510598][ T5834] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  153.538117][ T5834] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  153.584242][ T5834] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  153.603719][ T5834] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  153.639246][ T5834] usb 4-1: config 0 descriptor??
[  153.649645][ T7373] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  153.679747][ T5834] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  153.958218][ T5834] usb 4-1: USB disconnect, device number 5
[  154.398288][ T7434] netlink: 16 bytes leftover after parsing attributes in process `syz.2.602'.
[  155.094988][ T7464] netlink: 44 bytes leftover after parsing attributes in process `syz.2.616'.
[  155.327550][ T7476] loop1: detected capacity change from 0 to 2048
[  155.370206][ T7476] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  155.428896][ T7481] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  156.617909][ T7507] loop0: detected capacity change from 0 to 128
[  156.648565][ T7507] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  156.680413][ T7507] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  156.863736][ T7517] loop0: detected capacity change from 0 to 16
[  156.910216][ T7517] erofs: (device loop0): mounted with root inode @ nid 36.
[  156.952806][ T7519] loop3: detected capacity change from 0 to 1024
[  156.989195][ T7519] EXT4-fs: Ignoring removed oldalloc option
[  156.995176][ T7519] EXT4-fs: Ignoring removed orlov option
[  157.066280][ T7519] EXT4-fs (loop3): stripe (1570) is not aligned with cluster size (16), stripe is disabled
[  157.114775][ T7519] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.204750][ T7519] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.637: error while reading EA inode 32 err=-116
[  157.234750][ T7519] EXT4-fs (loop3): Remounting filesystem read-only
[  157.241538][ T7519] EXT4-fs warning (device loop3): ext4_xattr_inode_inc_ref_all:1135: inode #18: comm syz.3.637: cleanup dec ref error -5
[  157.255283][ T7519] EXT4-fs warning (device loop3): ext4_xattr_block_set:2195: inode #18: comm syz.3.637: dec ref error=-5
[  157.297225][ T7521] loop1: detected capacity change from 0 to 8192
[  157.322494][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.379925][ T7521] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  157.454239][ T7521] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal
[  157.464696][ T7521] REISERFS (device loop1): using ordered data mode
[  157.471989][ T7521] reiserfs: using flush barriers
[  157.483907][ T7521] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  157.513302][ T7521] REISERFS (device loop1): checking transaction log (loop1)
[  157.524911][ T7521] REISERFS (device loop1): Using r5 hash to sort names
[  157.533132][ T7521] REISERFS (device loop1): using 3.5.x disk format
[  157.545443][ T7521] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[  157.791694][ T7540] sctp: [Deprecated]: syz.1.645 (pid 7540) Use of int in max_burst socket option deprecated.
[  157.791694][ T7540] Use struct sctp_assoc_value instead
[  158.759420][ T7559] loop2: detected capacity change from 0 to 512
[  158.766662][ T7559] EXT4-fs: Ignoring removed oldalloc option
[  158.845538][ T7559] EXT4-fs (loop2): 1 truncate cleaned up
[  158.878789][ T7559] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  158.973981][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.203016][ T7606] loop2: detected capacity change from 0 to 32768
[  160.233862][ T7606] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  160.326319][ T7606] XFS (loop2): Ending clean mount
[  160.364112][ T7606] XFS (loop2): Quotacheck needed: Please wait.
[  160.424945][ T7606] XFS (loop2): Quotacheck: Done.
[  160.569434][ T5768] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  160.703899][ T7627] loop0: detected capacity change from 0 to 512
[  160.711654][ T7627] EXT4-fs: Ignoring removed mblk_io_submit option
[  160.744814][ T7627] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 2: comm syz.0.679: invalid block
[  160.765099][ T7627] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.679: invalid indirect mapped block 10 (level 1)
[  160.783631][ T7627] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.679: invalid indirect mapped block 8 (level 1)
[  160.800417][ T7627] EXT4-fs (loop0): 1 truncate cleaned up
[  160.809105][ T7627] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  160.894038][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.225925][ T7646] loop3: detected capacity change from 0 to 32768
[  162.266559][ T7646] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  162.371100][ T7646] XFS (loop3): Ending clean mount
[  162.397074][ T7646] XFS (loop3): Quotacheck needed: Please wait.
[  162.462888][ T7646] XFS (loop3): Quotacheck: Done.
[  162.708307][ T5769] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  163.484033][ T7693] loop2: detected capacity change from 0 to 2048
[  163.558987][ T7697] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  163.745784][ T7705] binder: 7704:7705 ioctl c018620c 200000000000 returned -1
[  164.124598][ T7719] loop3: detected capacity change from 0 to 8
[  164.237789][    T9] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  164.282123][ T7719] SQUASHFS error: Failed to read block 0x2fc: -5
[  164.297840][ T7719] SQUASHFS error: Unable to read metadata cache entry [2fa]
[  164.305177][ T7719] SQUASHFS error: Unable to read directory block [2fa:0]
[  164.426465][ T7709] loop1: detected capacity change from 0 to 32768
[  164.442261][    T9] usb 3-1: Using ep0 maxpacket: 8
[  164.457485][    T9] usb 3-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  164.471318][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.490928][ T7709] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  164.501723][    T9] usb 3-1: Product: syz
[  164.505926][    T9] usb 3-1: Manufacturer: syz
[  164.527884][    T9] usb 3-1: SerialNumber: syz
[  164.550224][    T9] usb 3-1: config 0 descriptor??
[  164.558488][ T7729] loop3: detected capacity change from 0 to 256
[  164.571841][    T9] gspca_main: se401-2.14.0 probing 047d:5003
[  164.588928][ T7729] exfat: Deprecated parameter 'utf8'
[  164.599197][ T7729] exfat: Deprecated parameter 'utf8'
[  164.729614][ T7709] XFS (loop1): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  164.743186][ T7729] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  164.780032][ T7709] XFS (loop1): Starting recovery (logdev: internal)
[  164.834501][ T7709] XFS (loop1): Ending recovery (logdev: internal)
[  164.860244][ T7709] XFS (loop1): Quotacheck needed: Please wait.
[  164.936786][ T7709] XFS (loop1): Quotacheck: Done.
[  165.147791][    T9] usb 3-1: reset high-speed USB device number 5 using dummy_hcd
[  165.158786][ T5767] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  165.388379][ T7739] loop0: detected capacity change from 0 to 32768
[  165.492186][ T7739] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[  165.531840][ T7752] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  165.537060][ T7739] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  165.538713][ T7752] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  165.568470][ T7752] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  165.575081][ T7752] comedi comedi3: 8255: I/O port conflict (0x5c952399,4)
[  165.584598][ T7752] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  165.594034][ T7752] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  165.693448][ T7739] XFS (loop0): Ending clean mount
[  165.730425][ T7739] XFS (loop0): Quotacheck needed: Please wait.
[  165.772491][    T9] gspca_se401: write req failed req 0x57 val 0x00 error -71
[  165.802317][    T9] se401: probe of 3-1:0.0 failed with error -71
[  165.823231][    T9] usb 3-1: USB disconnect, device number 5
[  165.844572][ T7739] XFS (loop0): Quotacheck: Done.
[  165.971623][ T5766] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  166.326697][ T7770] loop1: detected capacity change from 0 to 128
[  166.413187][ T7770] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  166.521140][ T7770] ext4 filesystem being mounted at /184/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  166.719340][ T5767] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  166.729981][ T7772] loop0: detected capacity change from 0 to 32768
[  166.804231][ T7783] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  166.814092][ T7783] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  166.822060][ T7783] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  166.832204][ T7783] comedi comedi3: 8255: I/O port conflict (0x5c952399,4)
[  166.840855][ T7783] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  166.847433][ T7783] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  166.863200][ T7772] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  167.071520][ T7772] XFS (loop0): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  167.158782][ T7803] loop2: detected capacity change from 0 to 128
[  167.182939][ T7772] XFS (loop0): Starting recovery (logdev: internal)
[  167.196043][ T7803] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  167.244103][ T7772] XFS (loop0): Ending recovery (logdev: internal)
[  167.258019][  T789] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  167.261377][ T7803] ext4 filesystem being mounted at /191/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  167.294449][ T7772] XFS (loop0): Quotacheck needed: Please wait.
[  167.372422][ T7772] XFS (loop0): Quotacheck: Done.
[  167.474510][  T789] usb 2-1: config 220 has an invalid interface number: 76 but max is 2
[  167.497770][  T789] usb 2-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  167.500685][ T5768] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  167.506652][  T789] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  167.506680][  T789] usb 2-1: config 220 has no interface number 2
[  167.555007][ T5766] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  167.564366][  T789] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  167.586577][  T789] usb 2-1: config 220 interface 0 has no altsetting 0
[  167.597544][  T789] usb 2-1: config 220 interface 76 has no altsetting 0
[  167.605395][  T789] usb 2-1: config 220 interface 1 has no altsetting 0
[  167.616049][  T789] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  167.628735][  T789] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.647460][  T789] usb 2-1: Product: syz
[  167.652914][  T789] usb 2-1: Manufacturer: syz
[  167.657630][  T789] usb 2-1: SerialNumber: syz
[  167.938408][  T789] usb 2-1: Found UVC 7.01 device syz (8086:0b07)
[  167.947715][  T789] usb 2-1: No valid video chain found.
[  167.953265][  T789] usb 2-1: selecting invalid altsetting 0
[  167.986907][  T789] usb 2-1: selecting invalid altsetting 0
[  168.000430][  T789] usbtest: probe of 2-1:220.1 failed with error -22
[  168.019140][  T789] usb 2-1: USB disconnect, device number 9
[  168.188161][ T7825] loop0: detected capacity change from 0 to 2048
[  168.212320][ T7825] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  168.996883][ T7849] netlink: 'syz.1.764': attribute type 2 has an invalid length.
[  169.045374][ T7849] netlink: 12 bytes leftover after parsing attributes in process `syz.1.764'.
[  169.318421][ T7845] loop2: detected capacity change from 0 to 32768
[  169.435621][ T7843] loop3: detected capacity change from 0 to 32768
[  169.448047][ T7845] ocfs2: Slot 0 on device (7,2) was already allocated to this node!
[  169.493028][ T7845] JBD2: Ignoring recovery information on journal
[  169.568437][ T7843] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  169.590537][ T7851] loop1: detected capacity change from 0 to 32768
[  169.610737][ T7851] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  169.619335][ T7851] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  169.638527][ T7851] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  169.651158][ T5836] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  169.659242][ T5836] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  169.686221][ T5836] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 26ms
[  169.718139][ T7845] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  169.733725][ T5836] gfs2: fsid=syz:syz.0: jid=0: Done
[  169.769431][ T7851] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  169.794511][ T7843] XFS (loop3): Ending clean mount
[  169.884513][ T7843] XFS (loop3): Quotacheck needed: Please wait.
[  170.025775][ T7843] XFS (loop3): Quotacheck: Done.
[  170.105110][ T5768] ocfs2: Unmounting device (7,2) on (node local)
[  170.142078][ T7866] netlink: 8 bytes leftover after parsing attributes in process `syz.0.767'.
[  170.151658][ T7851] gfs2: fsid=syz:syz.0: found 1 quota changes
[  170.254346][ T5769] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  170.318551][ T7851] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[  170.318551][ T7851]   inode = 11 2339
[  170.318551][ T7851]   function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 472
[  170.337452][ T7851] gfs2: fsid=syz:syz.0: G:  s:EX n:2/923 f:qobnN t:EX d:EX/0 a:0 v:0 r:4 m:20 p:1
[  170.346821][ T7851] gfs2: fsid=syz:syz.0:  H: s:EX f:H e:0 p:7851 [syz.1.765] gfs2_quota_sync+0x411/0x5a0
[  170.357320][ T7851] gfs2: fsid=syz:syz.0:  I: n:11/2339 t:0 f:0x00 d:0x00000000 s:0 p:0
[  170.365645][ T7851] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  170.378603][ T7851] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  170.387409][ T7851] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  170.394330][ T7851] gfs2: fsid=syz:syz.0: File system withdrawn
[  170.400504][ T7851] CPU: 1 PID: 7851 Comm: syz.1.765 Not tainted syzkaller #0
[  170.407900][ T7851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  170.417977][ T7851] Call Trace:
[  170.421276][ T7851]  <TASK>
[  170.424222][ T7851]  dump_stack_lvl+0x18c/0x250
[  170.428937][ T7851]  ? kobject_uevent_env+0x363/0x8b0
[  170.434164][ T7851]  ? show_regs_print_info+0x20/0x20
[  170.439408][ T7851]  ? load_image+0x400/0x400
[  170.443982][ T7851]  ? kobject_uevent_env+0x363/0x8b0
[  170.449309][ T7851]  gfs2_withdraw+0xb24/0x13d0
[  170.454040][ T7851]  ? gfs2_lm+0x240/0x240
[  170.458334][ T7851]  ? gfs2_consist_inode_i+0xf5/0x110
[  170.463653][ T7851]  gfs2_inode_refresh+0xb89/0x1000
[  170.468803][ T7851]  ? gfs2_inode_metasync+0xf0/0xf0
[  170.473952][ T7851]  ? gfs2_glock_nq+0xd4f/0x1420
[  170.478849][ T7851]  gfs2_instantiate+0x162/0x220
[  170.483739][ T7851]  gfs2_glock_wait+0x1d4/0x2a0
[  170.488542][ T7851]  do_sync+0x4c6/0xe50
[  170.492633][ T7851]  ? gfs2_quota_sync+0x411/0x5a0
[  170.497608][ T7851]  ? bh_get+0x760/0x760
[  170.501790][ T7851]  ? gfs2_quota_sync+0x31a/0x5a0
[  170.506756][ T7851]  ? gfs2_quota_sync+0x411/0x5a0
[  170.511713][ T7851]  ? do_raw_spin_unlock+0x121/0x230
[  170.516948][ T7851]  ? do_raw_spin_unlock+0x121/0x230
[  170.522184][ T7851]  gfs2_quota_sync+0x411/0x5a0
[  170.526993][ T7851]  gfs2_sync_fs+0x4c/0xb0
[  170.531360][ T7851]  sync_filesystem+0xea/0x220
[  170.536072][ T7851]  gfs2_reconfigure+0xbb/0xb10
[  170.540889][ T7851]  reconfigure_super+0x21e/0x8a0
[  170.545871][ T7851]  path_mount+0xd2f/0xff0
[  170.550245][ T7851]  __se_sys_mount+0x2e7/0x3d0
[  170.554961][ T7851]  ? __x64_sys_mount+0xc0/0xc0
[  170.559751][ T7851]  ? lockdep_hardirqs_on+0x98/0x150
[  170.564977][ T7851]  ? __x64_sys_mount+0x20/0xc0
[  170.569771][ T7851]  do_syscall_64+0x55/0xa0
[  170.574257][ T7851]  ? clear_bhb_loop+0x40/0x90
[  170.578979][ T7851]  ? clear_bhb_loop+0x40/0x90
[  170.583690][ T7851]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  170.589610][ T7851] RIP: 0033:0x7fbc4bf9bf79
[  170.594055][ T7851] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  170.598249][ T7870] loop0: detected capacity change from 0 to 1024
[  170.613670][ T7851] RSP: 002b:00007fbc4cdc7028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  170.613735][ T7851] RAX: ffffffffffffffda RBX: 00007fbc4c215fa0 RCX: 00007fbc4bf9bf79
[  170.613747][ T7851] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000000
[  170.613756][ T7851] RBP: 00007fbc4c0327e0 R08: 0000000000000000 R09: 0000000000000000
[  170.613765][ T7851] R10: 0000000002390024 R11: 0000000000000246 R12: 0000000000000000
[  170.613774][ T7851] R13: 00007fbc4c216038 R14: 00007fbc4c215fa0 R15: 00007ffe3fa07dc8
[  170.613801][ T7851]  </TASK>
[  170.614692][ T7851] gfs2: unable to remount read-write
[  170.958559][   T49] hfsplus: b-tree write err: -5, ino 4
[  171.595156][ T7874] loop2: detected capacity change from 0 to 40427
[  171.620795][ T7874] F2FS-fs (loop2): Invalid SB checksum offset: 0
[  171.647537][ T7874] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  171.683485][ T7874] F2FS-fs (loop2): invalid crc value
[  171.829504][ T7884] loop0: detected capacity change from 0 to 32768
[  171.877475][ T7884] ocfs2: Slot 0 on device (7,0) was already allocated to this node!
[  171.905703][ T7884] JBD2: Ignoring recovery information on journal
[  171.918613][ T7874] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  171.944112][ T7882] loop1: detected capacity change from 0 to 32768
[  171.957379][ T7874] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  171.957521][ T7884] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  172.005647][ T7882] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[  172.071196][ T7882] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  172.276661][ T5766] ocfs2: Unmounting device (7,0) on (node local)
[  172.299844][ T7882] XFS (loop1): Ending clean mount
[  172.321281][ T7882] XFS (loop1): Quotacheck needed: Please wait.
[  172.339536][ T7900] loop3: detected capacity change from 0 to 128
[  172.380559][ T7900] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  172.420930][ T7882] XFS (loop1): Quotacheck: Done.
[  172.448000][ T7900] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  172.650491][ T5767] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  172.725188][ T7903] netlink: 8 bytes leftover after parsing attributes in process `syz.0.787'.
[  173.655086][ T7908] loop2: detected capacity change from 0 to 32768
[  173.668301][ T7929] loop3: detected capacity change from 0 to 736
[  173.723022][ T7908] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  173.767358][ T7908] XFS (loop2): Ending clean mount
[  173.777239][ T7908] XFS (loop2): Quotacheck needed: Please wait.
[  173.949278][ T7908] XFS (loop2): Quotacheck: Done.
[  174.146888][ T5768] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  174.576578][ T7949] loop2: detected capacity change from 0 to 1024
[  174.695867][ T7941] loop1: detected capacity change from 0 to 40427
[  174.715470][ T7941] F2FS-fs (loop1): Invalid SB checksum offset: 0
[  174.728966][ T7941] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  174.746352][ T7943] loop0: detected capacity change from 0 to 32768
[  174.753340][ T2956] hfsplus: b-tree write err: -5, ino 4
[  174.809951][ T7941] F2FS-fs (loop1): invalid crc value
[  174.824646][ T7943] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[  174.875431][ T7943] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  175.099895][ T7941] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  175.129532][ T7941] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  175.219020][ T7943] XFS (loop0): Ending clean mount
[  175.262181][ T7943] XFS (loop0): Quotacheck needed: Please wait.
[  175.365754][ T7943] XFS (loop0): Quotacheck: Done.
[  175.591019][ T5766] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  176.474344][ T7981] loop1: detected capacity change from 0 to 40427
[  176.507993][ T7997] netlink: 8 bytes leftover after parsing attributes in process `syz.2.812'.
[  176.518872][ T7981] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  176.526641][ T7981] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  176.552638][ T7981] F2FS-fs (loop1): invalid crc value
[  176.567817][   T27] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  176.592226][ T7981] F2FS-fs (loop1): Found nat_bits in checkpoint
[  176.730586][ T7981] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  176.749770][   T27] usb 4-1: Using ep0 maxpacket: 16
[  176.755092][ T7981] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  176.773172][   T27] usb 4-1: New USB device found, idVendor=0db0, idProduct=5581, bcdDevice=f9.22
[  176.797788][   T27] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.806457][   T27] usb 4-1: Product: syz
[  176.827724][   T27] usb 4-1: Manufacturer: syz
[  176.841258][   T27] usb 4-1: SerialNumber: syz
[  176.936467][ T8012] erspan0: entered promiscuous mode
[  177.100457][   T27] usb 4-1: dvb_usb_v2: found a 'MSI Mega Sky 55801 DVB-T USB2.0' in warm state
[  177.116946][   T27] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  177.138076][   T27] dvbdev: DVB: registering new adapter (MSI Mega Sky 55801 DVB-T USB2.0)
[  177.146623][   T27] usb 4-1: media controller created
[  177.176354][   T27] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  177.262297][ T8019] netlink: 23 bytes leftover after parsing attributes in process `syz.0.822'.
[  177.271687][ T8019] netlink: 20 bytes leftover after parsing attributes in process `syz.0.822'.
[  177.438731][   T27] zl10353_read_register: readreg error (reg=127, ret==-110)
[  177.540301][   T27] dvb_usb_gl861: probe of 4-1:157.0 failed with error -5
[  177.577323][   T27] usb 4-1: USB disconnect, device number 6
[  177.584433][ T8025] loop0: detected capacity change from 0 to 256
[  177.688277][ T5760] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  177.835340][ T8032] loop1: detected capacity change from 0 to 256
[  178.423344][ T8051] loop2: detected capacity change from 0 to 16
[  178.442323][ T8051] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  178.498337][  T789] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  178.530259][ T8034] loop0: detected capacity change from 0 to 32768
[  178.687793][  T789] usb 4-1: Using ep0 maxpacket: 32
[  178.714322][  T789] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  178.748916][  T789] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  178.768695][  T789] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  178.777020][  T789] usb 4-1: Product: syz
[  178.787740][  T789] usb 4-1: Manufacturer: syz
[  178.792382][  T789] usb 4-1: SerialNumber: syz
[  178.810504][  T789] usb 4-1: config 0 descriptor??
[  178.816250][ T8043] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  178.852550][  T789] hub 4-1:0.0: bad descriptor, ignoring hub
[  178.861484][  T789] hub: probe of 4-1:0.0 failed with error -5
[  178.908296][   T27] usb 3-1: new full-speed USB device number 6 using dummy_hcd
[  179.012657][ T8065] loop1: detected capacity change from 0 to 512
[  179.022987][ T8065] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  179.075516][ T8065] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e02c, mo2=0102]
[  179.087996][ T8065] System zones: 1-12
[  179.092274][ T8065] EXT4-fs (loop1): orphan cleanup on readonly fs
[  179.124897][   T27] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  179.148569][   T27] usb 3-1: config 0 interface 0 has no altsetting 0
[  179.157068][ T8065] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.841: bg 0: block 361: padding at end of block bitmap is not set
[  179.198907][   T27] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  179.213782][   T27] usb 3-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  179.236609][ T8065] EXT4-fs (loop1): Remounting filesystem read-only
[  179.245984][   T27] usb 3-1: Product: syz
[  179.256237][ T8065] EXT4-fs (loop1): 1 truncate cleaned up
[  179.264584][   T27] usb 3-1: Manufacturer: syz
[  179.271461][ T8065] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  179.283600][   T27] usb 3-1: SerialNumber: syz
[  179.291909][   T27] usb 3-1: config 0 descriptor??
[  179.298194][ T5836] usb 4-1: USB disconnect, device number 7
[  179.323265][   T27] usb 3-1: selecting invalid altsetting 0
[  179.443048][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  179.612907][   T27] usb 3-1: USB disconnect, device number 6
[  179.818997][ T8078] netlink: 8 bytes leftover after parsing attributes in process `syz.0.846'.
[  179.835865][ T8078] netlink: 28 bytes leftover after parsing attributes in process `syz.0.846'.
[  180.890420][    T8] hid-generic 0005:0C45:1010.0005: item fetching failed at offset 3/5
[  180.908397][    T8] hid-generic: probe of 0005:0C45:1010.0005 failed with error -22
[  181.269580][ T8136] loop0: detected capacity change from 0 to 16
[  181.286405][ T8136] erofs: (device loop0): mounted with root inode @ nid 36.
[  181.309246][    T8] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  181.331069][ T8122] loop3: detected capacity change from 0 to 32768
[  181.345325][ T8122] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 scanned by syz.3.865 (8122)
[  181.422048][ T8122] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  181.458690][ T8122] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm
[  181.469590][ T8122] BTRFS info (device loop3): force zlib compression, level 3
[  181.498071][ T8122] BTRFS info (device loop3): force clearing of disk cache
[  181.505246][ T8122] BTRFS info (device loop3): setting nodatasum
[  181.521345][    T8] usb 3-1: Using ep0 maxpacket: 8
[  181.527852][ T8122] BTRFS info (device loop3): doing ref verification
[  181.532702][    T8] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  181.534465][ T8122] BTRFS info (device loop3): allowing degraded mounts
[  181.548923][    T8] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  181.567893][ T8122] BTRFS info (device loop3): using free space tree
[  181.582004][    T8] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  181.607700][    T8] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  181.636089][    T8] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  181.653801][    T8] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  181.667004][ T8122] BTRFS info (device loop3): enabling ssd optimizations
[  181.668878][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  181.697858][ T8122] BTRFS info (device loop3): auto enabling async discard
[  181.722328][ T8122] BTRFS info (device loop3): rebuilding free space tree
[  181.863375][ T5769] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  181.916530][    T8] usb 3-1: GET_CAPABILITIES returned 0
[  181.927262][    T8] usbtmc 3-1:16.0: can't read capabilities
[  182.235347][ T5836] usb 3-1: USB disconnect, device number 7
[  182.767568][ T8176] loop1: detected capacity change from 0 to 8192
[  182.867788][ T8176] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  182.909737][ T8172] loop3: detected capacity change from 0 to 32768
[  182.945568][ T8176] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal
[  182.992223][ T8172] JBD2: Ignoring recovery information on journal
[  183.007866][ T8176] REISERFS (device loop1): using ordered data mode
[  183.048041][ T8176] reiserfs: using flush barriers
[  183.099646][ T8176] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  183.148904][ T8176] REISERFS (device loop1): checking transaction log (loop1)
[  183.164362][ T8172] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  183.182457][ T8176] REISERFS (device loop1): Using r5 hash to sort names
[  183.199362][ T8176] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[  183.278080][ T8172] 
[  183.280462][ T8172] ======================================================
[  183.287511][ T8172] WARNING: possible circular locking dependency detected
[  183.294547][ T8172] syzkaller #0 Not tainted
[  183.298967][ T8172] ------------------------------------------------------
[  183.305991][ T8172] syz.3.877/8172 is trying to acquire lock:
[  183.311891][ T8172] ffff88807715df58 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2){+.+.}-{3:3}, at: ocfs2_reserve_suballoc_bits+0x16e/0x44c0
[  183.325166][ T8172] 
[  183.325166][ T8172] but task is already holding lock:
[  183.332544][ T8172] ffff88805d8d6ab8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x476/0x13e0
[  183.342081][ T8172] 
[  183.342081][ T8172] which lock already depends on the new lock.
[  183.342081][ T8172] 
[  183.352504][ T8172] 
[  183.352504][ T8172] the existing dependency chain (in reverse order) is:
[  183.361613][ T8172] 
[  183.361613][ T8172] -> #4 (&oi->ip_xattr_sem){++++}-{3:3}:
[  183.369475][ T8172]        down_read+0x46/0x2e0
[  183.374179][ T8172]        ocfs2_init_acl+0x30a/0x770
[  183.379393][ T8172]        ocfs2_mknod+0x140f/0x2300
[  183.384529][ T8172]        ocfs2_mkdir+0x196/0x430
[  183.389484][ T8172]        vfs_mkdir+0x296/0x440
[  183.394265][ T8172]        do_mkdirat+0x1dc/0x450
[  183.399214][ T8172]        __x64_sys_mkdirat+0x89/0xa0
[  183.404516][ T8172]        do_syscall_64+0x55/0xa0
[  183.409471][ T8172]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  183.415904][ T8172] 
[  183.415904][ T8172] -> #3 (&journal->j_trans_barrier){.+.+}-{3:3}:
[  183.424443][ T8172]        down_read+0x46/0x2e0
[  183.429149][ T8172]        ocfs2_start_trans+0x3a8/0x6f0
[  183.434623][ T8172]        ocfs2_reserve_suballoc_bits+0x7ad/0x44c0
[  183.441058][ T8172]        ocfs2_reserve_new_metadata_blocks+0x416/0x9a0
[  183.447933][ T8172]        ocfs2_extend_dir+0xcca/0x48b0
[  183.453406][ T8172]        ocfs2_prepare_dir_for_insert+0x315b/0x56b0
[  183.460011][ T8172]        ocfs2_mknod+0x81b/0x2300
[  183.465054][ T8172]        ocfs2_create+0x196/0x430
[  183.470093][ T8172]        path_openat+0x12a0/0x3230
[  183.475213][ T8172]        do_filp_open+0x1f5/0x430
[  183.480246][ T8172]        do_sys_openat2+0x134/0x1d0
[  183.485459][ T8172]        __x64_sys_creat+0x90/0xb0
[  183.490583][ T8172]        do_syscall_64+0x55/0xa0
[  183.495538][ T8172]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  183.501961][ T8172] 
[  183.501961][ T8172] -> #2 (sb_internal#3){.+.+}-{0:0}:
[  183.506809][ T8174] loop0: detected capacity change from 0 to 40427
[  183.509431][ T8172]        ocfs2_start_trans+0x2a9/0x6f0
[  183.509451][ T8172]        ocfs2_reserve_suballoc_bits+0x7ad/0x44c0
[  183.509474][ T8172]        ocfs2_reserve_new_metadata_blocks+0x416/0x9a0
[  183.534650][ T8172]        ocfs2_extend_dir+0xcca/0x48b0
[  183.539537][ T8174] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  183.540109][ T8172]        ocfs2_prepare_dir_for_insert+0x315b/0x56b0
[  183.550526][ T8174] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  183.554365][ T8172]        ocfs2_mknod+0x81b/0x2300
[  183.567640][ T8172]        ocfs2_create+0x196/0x430
[  183.568954][ T8176] REISERFS warning (device loop1): super-6502 reiserfs_getopt: unknown mount option "ÿÿ18446744073709551615ÿÿÿÿ0177777777777777777777701777777777777777777777ÿÿ18446744073709551615ÿÿ"
[  183.572661][ T8172]        path_openat+0x12a0/0x3230
[  183.595728][ T8172]        do_filp_open+0x1f5/0x430
[  183.600767][ T8172]        do_sys_openat2+0x134/0x1d0
[  183.605980][ T8172]        __x64_sys_creat+0x90/0xb0
[  183.611107][ T8172]        do_syscall_64+0x55/0xa0
[  183.616061][ T8172]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  183.622491][ T8172] 
[  183.622491][ T8172] -> #1 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3){+.+.}-{3:3}:
[  183.633031][ T8172]        down_write+0x97/0x200
[  183.637820][ T8172]        ocfs2_reserve_suballoc_bits+0x16e/0x44c0
[  183.644255][ T8172]        ocfs2_reserve_clusters_with_limit+0x3bd/0xc20
[  183.651125][ T8172]        ocfs2_reserve_suballoc_bits+0x78b/0x44c0
[  183.657559][ T8172]        ocfs2_reserve_new_metadata_blocks+0x416/0x9a0
[  183.664433][ T8172]        ocfs2_extend_dir+0xcca/0x48b0
[  183.669908][ T8172]        ocfs2_prepare_dir_for_insert+0x315b/0x56b0
[  183.676513][ T8172]        ocfs2_mknod+0x81b/0x2300
[  183.681544][ T8172]        ocfs2_create+0x196/0x430
[  183.686575][ T8172]        path_openat+0x12a0/0x3230
[  183.691693][ T8172]        do_filp_open+0x1f5/0x430
[  183.696725][ T8172]        do_sys_openat2+0x134/0x1d0
[  183.701928][ T8172]        __x64_sys_creat+0x90/0xb0
[  183.707040][ T8172]        do_syscall_64+0x55/0xa0
[  183.711983][ T8172]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  183.718395][ T8172] 
[  183.718395][ T8172] -> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2){+.+.}-{3:3}:
[  183.728932][ T8172]        __lock_acquire+0x2df1/0x7d40
[  183.734340][ T8172]        lock_acquire+0x19e/0x420
[  183.739376][ T8172]        down_write+0x97/0x200
[  183.744155][ T8172]        ocfs2_reserve_suballoc_bits+0x16e/0x44c0
[  183.750596][ T8172]        ocfs2_reserve_new_metadata_blocks+0x416/0x9a0
[  183.757461][ T8172]        ocfs2_init_xattr_set_ctxt+0x30b/0x710
[  183.763629][ T8172]        ocfs2_xattr_set+0xc3f/0x13e0
[  183.769049][ T8172]        __vfs_setxattr+0x431/0x470
[  183.774260][ T8172]        __vfs_setxattr_noperm+0x12d/0x5e0
[  183.780086][ T8172]        vfs_setxattr+0x16b/0x2f0
[  183.785120][ T8172]        path_setxattr+0x3f3/0x5d0
[  183.790247][ T8172]        __x64_sys_lsetxattr+0xb8/0xd0
[  183.795717][ T8172]        do_syscall_64+0x55/0xa0
[  183.800674][ T8172]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  183.807102][ T8172] 
[  183.807102][ T8172] other info that might help us debug this:
[  183.807102][ T8172] 
[  183.817339][ T8172] Chain exists of:
[  183.817339][ T8172]   &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2 --> &journal->j_trans_barrier --> &oi->ip_xattr_sem
[  183.817339][ T8172] 
[  183.834312][ T8172]  Possible unsafe locking scenario:
[  183.834312][ T8172] 
[  183.834993][ T8187] loop2: detected capacity change from 0 to 32768
[  183.841745][ T8172]        CPU0                    CPU1
[  183.841750][ T8172]        ----                    ----
[  183.841753][ T8172]   lock(&oi->ip_xattr_sem);
[  183.841766][ T8172]                                lock(&journal->j_trans_barrier);
[  183.841788][ T8172]                                lock(&oi->ip_xattr_sem);
[  183.841799][ T8172]   lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2);
[  183.841815][ T8172] 
[  183.841815][ T8172]  *** DEADLOCK ***
[  183.841815][ T8172] 
[  183.841819][ T8172] 3 locks held by syz.3.877/8172:
[  183.841827][ T8172]  #0: ffff88805b6d6418 (sb_writers#18){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  183.908067][ T8172]  #1: ffff88805d8d6d98 (&sb->s_type->i_mutex_key#34){+.+.}-{3:3}, at: vfs_setxattr+0x144/0x2f0
[  183.918543][ T8172]  #2: ffff88805d8d6ab8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x476/0x13e0
[  183.928454][ T8172] 
[  183.928454][ T8172] stack backtrace:
[  183.929958][ T8174] F2FS-fs (loop0): Found nat_bits in checkpoint
[  183.934329][ T8172] CPU: 1 PID: 8172 Comm: syz.3.877 Not tainted syzkaller #0
[  183.947846][ T8172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  183.957908][ T8172] Call Trace:
[  183.961194][ T8172]  <TASK>
[  183.964126][ T8172]  dump_stack_lvl+0x18c/0x250
[  183.968824][ T8172]  ? load_image+0x400/0x400
[  183.973337][ T8172]  ? show_regs_print_info+0x20/0x20
[  183.977910][ T8174] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  183.978536][ T8172]  ? print_circular_bug+0x12b/0x1a0
[  183.985616][ T8174] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  183.990719][ T8172]  check_noncircular+0x2fc/0x400
[  183.990754][ T8172]  ? print_deadlock_bug+0x5d0/0x5d0
[  183.990771][ T8172]  ? lockdep_lock+0xf5/0x230
[  183.990790][ T8172]  ? _find_first_zero_bit+0xd3/0x100
[  183.990809][ T8172]  __lock_acquire+0x2df1/0x7d40
[  183.990834][ T8172]  ? __lock_acquire+0x7d40/0x7d40
[  184.028190][ T8172]  ? verify_lock_unused+0x140/0x140
[  184.033416][ T8172]  ? __mutex_unlock_slowpath+0x1b4/0x6c0
[  184.039075][ T8172]  ? do_raw_spin_lock+0x11f/0x2c0
[  184.044116][ T8172]  ? mutex_unlock+0x10/0x10
[  184.048644][ T8172]  lock_acquire+0x19e/0x420
[  184.053424][ T8172]  ? ocfs2_reserve_suballoc_bits+0x16e/0x44c0
[  184.059513][ T8172]  ? ocfs2_get_system_file_inode+0x202/0x850
[  184.065505][ T8172]  ? __might_sleep+0xe0/0xe0
[  184.070113][ T8172]  ? read_lock_is_recursive+0x20/0x20
[  184.074985][ T8187] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  184.075489][ T8172]  ? ocfs2_fast_symlink_read_folio+0x550/0x550
[  184.090217][ T8172]  ? verify_lock_unused+0x140/0x140
[  184.095428][ T8172]  down_write+0x97/0x200
[  184.099443][ T8187] XFS (loop2): Ending clean mount
[  184.099676][ T8172]  ? ocfs2_reserve_suballoc_bits+0x16e/0x44c0
[  184.106651][ T8187] XFS (loop2): Quotacheck needed: Please wait.
[  184.110724][ T8172]  ? down_read_killable+0x340/0x340
[  184.110755][ T8172]  ocfs2_reserve_suballoc_bits+0x16e/0x44c0
[  184.125362][ T8187] XFS (loop2): Quotacheck: Done.
[  184.127950][ T8172]  ? mark_lock+0x94/0x320
[  184.127977][ T8172]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  184.127996][ T8172]  ? lock_chain_count+0x20/0x20
[  184.148079][ T8172]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  184.153986][ T8172]  ? lockdep_hardirqs_on+0x98/0x150
[  184.159201][ T8172]  ? ocfs2_block_group_search+0x470/0x470
[  184.164937][ T8172]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  184.170847][ T8172]  ? _raw_spin_unlock+0x40/0x40
[  184.175712][ T8172]  ? stack_trace_save+0xaa/0x100
[  184.180669][ T8172]  ? stack_trace_snprint+0xf0/0xf0
[  184.185796][ T8172]  ? __stack_depot_save+0x560/0x630
[  184.191013][ T8172]  ? kasan_set_track+0x5f/0x70
[  184.195790][ T8172]  ? kasan_set_track+0x4e/0x70
[  184.200568][ T8172]  ? __kasan_kmalloc+0x8f/0xa0
[  184.205351][ T8172]  ? ocfs2_reserve_new_metadata_blocks+0x10d/0x9a0
[  184.211871][ T8172]  ? ocfs2_init_xattr_set_ctxt+0x30b/0x710
[  184.217693][ T8172]  ? ocfs2_xattr_set+0xc3f/0x13e0
[  184.222735][ T8172]  ? __vfs_setxattr+0x431/0x470
[  184.227615][ T8172]  ? __vfs_setxattr_noperm+0x12d/0x5e0
[  184.233090][ T8172]  ? vfs_setxattr+0x16b/0x2f0
[  184.237762][ T8172]  ? path_setxattr+0x3f3/0x5d0
[  184.242526][ T8172]  ? __x64_sys_lsetxattr+0xb8/0xd0
[  184.247617][ T8172]  ? do_syscall_64+0x55/0xa0
[  184.252195][ T8172]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  184.258251][ T8172]  ocfs2_reserve_new_metadata_blocks+0x416/0x9a0
[  184.264565][ T8172]  ? ocfs2_init_steal_slots+0x160/0x160
[  184.270093][ T8172]  ? ocfs2_xattr_block_set+0x2e30/0x2e30
[  184.275712][ T8172]  ocfs2_init_xattr_set_ctxt+0x30b/0x710
[  184.281335][ T8172]  ? ocfs2_xattr_set+0xc05/0x13e0
[  184.286362][ T8172]  ? ocfs2_prepare_refcount_xattr+0xff0/0xff0
[  184.292419][ T8172]  ? ocfs2_truncate_log_needs_flush+0x130/0x310
[  184.298644][ T8172]  ? ocfs2_remove_btree_range+0x15e0/0x15e0
[  184.304518][ T8172]  ? down_write+0x16e/0x200
[  184.309003][ T8172]  ? down_read_killable+0x340/0x340
[  184.314182][ T8172]  ? up_write+0x1c3/0x410
[  184.318492][ T8172]  ocfs2_xattr_set+0xc3f/0x13e0
[  184.323332][ T8172]  ? __ocfs2_xattr_set_handle+0xf40/0xf40
[  184.329034][ T8172]  ? __lock_acquire+0x1347/0x7d40
[  184.334040][ T8172]  ? verify_lock_unused+0x140/0x140
[  184.339237][ T8172]  ? ____kasan_slab_free+0x126/0x1e0
[  184.344516][ T8172]  ? aa_get_newest_label+0xfd/0x5c0
[  184.349711][ T8172]  ? end_current_label_crit_section+0x170/0x170
[  184.355951][ T8172]  ? posix_xattr_acl+0x93/0xb0
[  184.360701][ T8172]  ? ocfs2_xattr_trusted_get+0x40/0x40
[  184.366152][ T8172]  __vfs_setxattr+0x431/0x470
[  184.370821][ T8172]  __vfs_setxattr_noperm+0x12d/0x5e0
[  184.376099][ T8172]  vfs_setxattr+0x16b/0x2f0
[  184.380586][ T8172]  ? xattr_permission+0x470/0x470
[  184.385598][ T8172]  ? __mnt_want_write+0x223/0x2a0
[  184.390631][ T8172]  ? path_setxattr+0x3a1/0x5d0
[  184.395388][ T8172]  path_setxattr+0x3f3/0x5d0
[  184.399966][ T8172]  ? simple_xattrs_free+0x150/0x150
[  184.405156][ T8172]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  184.411119][ T8172]  ? lock_chain_count+0x20/0x20
[  184.415955][ T8172]  __x64_sys_lsetxattr+0xb8/0xd0
[  184.420877][ T8172]  do_syscall_64+0x55/0xa0
[  184.425280][ T8172]  ? clear_bhb_loop+0x40/0x90
[  184.429937][ T8172]  ? clear_bhb_loop+0x40/0x90
[  184.434594][ T8172]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  184.440472][ T8172] RIP: 0033:0x7f0502f9bf79
[  184.444870][ T8172] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  184.464489][ T8172] RSP: 002b:00007f0503dcf028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  184.472888][ T8172] RAX: ffffffffffffffda RBX: 00007f0503215fa0 RCX: 00007f0502f9bf79
[  184.480839][ T8172] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 00002000000001c0
[  184.488807][ T8172] RBP: 00007f05030327e0 R08: 0000000000000001 R09: 0000000000000000
[  184.496784][ T8172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  184.504757][ T8172] R13: 00007f0503216038 R14: 00007f0503215fa0 R15: 00007fff5dcbf678
[  184.512714][ T8172]  </TASK>
[  184.540004][ T5768] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  184.693549][ T8202] netlink: 'syz.1.886': attribute type 4 has an invalid length.
[  184.710913][ T5769] ocfs2: Unmounting device (7,3) on (node local)